diff options
| -rw-r--r-- | source4/scripting/libjs/provision.js | 84 | ||||
| -rwxr-xr-x | source4/setup/newuser | 73 |
2 files changed, 86 insertions, 71 deletions
diff --git a/source4/scripting/libjs/provision.js b/source4/scripting/libjs/provision.js index bf39bcb992..c7fb1b5fc5 100644 --- a/source4/scripting/libjs/provision.js +++ b/source4/scripting/libjs/provision.js @@ -226,4 +226,88 @@ function provision_guess() return subobj; } +/* + search for one attribute as a string + */ +function searchone(ldb, expression, attribute) +{ + var attrs = new Array(attribute); + res = ldb.search(expression, attrs); + if (res.length != 1 || + res[0][attribute] == undefined) { + return undefined; + } + return res[0][attribute]; +} + +/* + add a new user record +*/ +function newuser(username, unixname, password, message) +{ + var samdb = lpGet("sam database"); + var ldb = ldb_init(); + + /* connect to the sam */ + var ok = ldb.connect(samdb); + assert(ok); + + /* find the DNs for the domain and the domain users group */ + var domain_dn = searchone(ldb, "objectClass=domainDNS", "dn"); + assert(domain_dn != undefined); + var dom_users = searchone(ldb, "name=Domain Users", "dn"); + assert(dom_users != undefined); + + var user_dn = sprintf("CN=%s,CN=Users,%s", username, domain_dn); + + + /* + the new user record. note the reliance on the samdb module to fill + in a sid, guid etc + */ + var ldif = sprintf(" +dn: %s +sAMAccountName: %s +name: %s +memberOf: %s +unixName: %s +objectGUID: %s +unicodePwd: %s +objectClass: user +", + user_dn, username, username, dom_users, + unixname, randguid(), password); + /* + add the user to the users group as well + */ + var modgroup = sprintf(" +dn: %s +changetype: modify +add: member +member: %s +", + dom_users, user_dn); + + + /* + now the real work + */ + message("Adding user %s\n", user_dn); + ok = ldb.add(ldif); + if (ok != true) { + message("Failed to add %s - %s\n", user_dn, ldb.errstring()); + return false; + } + + message("Modifying group %s\n", dom_users); + ok = ldb.modify(modgroup); + if (ok != true) { + message("Failed to modify %s - %s\n", dom_users, ldb.errstring()); + return false; + } + + return true; +} + + return 0; diff --git a/source4/setup/newuser b/source4/setup/newuser index 5c426e3848..4471e70919 100755 --- a/source4/setup/newuser +++ b/source4/setup/newuser @@ -21,8 +21,8 @@ if (ok == false) { } libinclude("base.js"); +libinclude("provision.js"); -var samdb = lpGet("sam database"); /* print a message if quiet is not set @@ -35,20 +35,6 @@ function message() } /* - search for one attribute as a string - */ -function search(db, expression, attribute) -{ - var attrs = new Array(attribute); - res = ldbSearch(db, expression, attrs); - if (res.length != 1 || - res[0][attribute] == undefined) { - return undefined; - } - return res[0][attribute]; -} - -/* show some help */ function ShowHelp() @@ -82,61 +68,6 @@ if (getpwnam(options.unixname) == undefined) { exit(1); } -if (search(samdb, "name=" + options.username, "dn") != undefined) { - printf("ERROR: User '%s' already exists\n", options.username); - exit(1); -} - -var domain_dn = search(samdb, "objectClass=domainDNS", "dn"); -assert(domain_dn != undefined); -var dom_users = search(samdb, "name=Domain Users", "dn"); -assert(dom_users != undefined); - -var user_dn = sprintf("CN=%s,CN=Users,%s", options.username, domain_dn); - -/* - the new user record. note the reliance on the samdb module to fill - in a sid, guid etc - */ -var ldif = sprintf(" -dn: %s -sAMAccountName: %s -name: %s -memberOf: %s -unixName: %s -objectGUID: %s -unicodePwd: %s -objectClass: user -", - user_dn, options.username, options.username, dom_users, - options.unixname, randguid(), options.password); - -/* - add the user to the users group as well -*/ -var modgroup = sprintf(" -dn: %s -changetype: modify -add: member -member: %s -", dom_users, user_dn); - -/* - now the real work - */ -message("Adding user %s\n", user_dn); -ok = ldbAdd(samdb, ldif); -if (ok != true) { - message("Failed to add %s\n", user_dn); - exit(1); -} - -message("Modifying group %s\n", dom_users); -ok = ldbModify(samdb, modgroup); -if (ok != true) { - message("Failed to modify %s\n", dom_users); - exit(1); -} +newuser(options.username, options.unixname, options.password, message); -message("All OK\n"); return 0; |