summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--source3/libads/ldap.c8
-rw-r--r--source3/utils/net_ads.c34
2 files changed, 32 insertions, 10 deletions
diff --git a/source3/libads/ldap.c b/source3/libads/ldap.c
index 2fe97ebb1a..09498b4384 100644
--- a/source3/libads/ldap.c
+++ b/source3/libads/ldap.c
@@ -181,14 +181,14 @@ int ads_gen_add(ADS_STRUCT *ads, const char *new_dn, ...)
/*
add a machine account to the ADS server
*/
-static int ads_add_machine_acct(ADS_STRUCT *ads, const char *hostname)
+static int ads_add_machine_acct(ADS_STRUCT *ads, const char *hostname, const char *org_unit)
{
int ret;
char *host_spn, *host_upn, *new_dn, *samAccountName, *controlstr;
asprintf(&host_spn, "HOST/%s", hostname);
asprintf(&host_upn, "%s@%s", host_spn, ads->realm);
- asprintf(&new_dn, "cn=%s,cn=Computers,%s", hostname, ads->bind_path);
+ asprintf(&new_dn, "cn=%s,cn=%s,%s", hostname, org_unit, ads->bind_path);
asprintf(&samAccountName, "%s$", hostname);
asprintf(&controlstr, "%u",
UF_DONT_EXPIRE_PASSWD | UF_WORKSTATION_TRUST_ACCOUNT |
@@ -300,7 +300,7 @@ int ads_count_replies(ADS_STRUCT *ads, void *res)
join a machine to a realm, creating the machine account
and setting the machine password
*/
-int ads_join_realm(ADS_STRUCT *ads, const char *hostname)
+int ads_join_realm(ADS_STRUCT *ads, const char *hostname, const char *org_unit)
{
int rc;
LDAPMessage *res;
@@ -316,7 +316,7 @@ int ads_join_realm(ADS_STRUCT *ads, const char *hostname)
return LDAP_SUCCESS;
}
- rc = ads_add_machine_acct(ads, host);
+ rc = ads_add_machine_acct(ads, host, org_unit);
if (rc != LDAP_SUCCESS) {
DEBUG(0, ("ads_add_machine_acct: %s\n", ads_errstr(rc)));
return rc;
diff --git a/source3/utils/net_ads.c b/source3/utils/net_ads.c
index c67fbda2c8..8d41c09208 100644
--- a/source3/utils/net_ads.c
+++ b/source3/utils/net_ads.c
@@ -26,7 +26,7 @@
int net_ads_usage(int argc, const char **argv)
{
d_printf(
-"\nnet ads join"\
+"\nnet ads join <org_unit>"\
"\n\tjoins the local machine to a ADS realm\n"\
"\nnet ads leave"\
"\n\tremoves the local machine from a ADS realm\n"\
@@ -169,11 +169,13 @@ static int net_ads_status(int argc, const char **argv)
static int net_ads_leave(int argc, const char **argv)
{
- ADS_STRUCT *ads;
+ ADS_STRUCT *ads = NULL;
int rc;
extern pstring global_myname;
- if (!(ads = ads_startup())) return -1;
+ if (!(ads = ads_startup())) {
+ return -1;
+ }
if (!secrets_init()) {
DEBUG(1,("Failed to initialise secrets database\n"));
@@ -200,19 +202,39 @@ static int net_ads_join(int argc, const char **argv)
char *tmp_password;
extern pstring global_myname;
NTSTATUS status;
+ const char *org_unit = "Computers";
+ char *dn;
+ void *res;
+
+ if (argc > 0) org_unit = argv[0];
if (!secrets_init()) {
DEBUG(1,("Failed to initialise secrets database\n"));
return -1;
}
-
-
+
tmp_password = generate_random_str(DEFAULT_TRUST_ACCOUNT_PASSWORD_LENGTH);
password = strdup(tmp_password);
if (!(ads = ads_startup())) return -1;
- rc = ads_join_realm(ads, global_myname);
+ asprintf(&dn, "cn=%s,%s", org_unit, ads->bind_path);
+
+ rc = ads_search_dn(ads, &res, dn, NULL);
+ free(dn);
+ ads_msgfree(ads, res);
+
+ if (rc == LDAP_NO_SUCH_OBJECT) {
+ d_printf("ads_join_realm: organisational unit %s does not exist\n", org_unit);
+ return rc;
+ }
+
+ if (rc) {
+ d_printf("ads_join_realm: %s\n", ads_errstr(rc));
+ return -1;
+ }
+
+ rc = ads_join_realm(ads, global_myname, org_unit);
if (rc) {
d_printf("ads_join_realm: %s\n", ads_errstr(rc));
return -1;