summaryrefslogtreecommitdiff
path: root/source3/nsswitch/wbinfo.c
diff options
context:
space:
mode:
Diffstat (limited to 'source3/nsswitch/wbinfo.c')
-rw-r--r--source3/nsswitch/wbinfo.c264
1 files changed, 237 insertions, 27 deletions
diff --git a/source3/nsswitch/wbinfo.c b/source3/nsswitch/wbinfo.c
index 61c54b3738..f533799370 100644
--- a/source3/nsswitch/wbinfo.c
+++ b/source3/nsswitch/wbinfo.c
@@ -103,7 +103,7 @@ static BOOL parse_wbinfo_domain_user(const char *domuser, fstring domain,
fstrcpy(user, p+1);
fstrcpy(domain, domuser);
domain[PTR_DIFF(p, domuser)] = 0;
- strupper(domain);
+ strupper_m(domain);
return True;
}
@@ -511,6 +511,175 @@ static BOOL wbinfo_auth_crap(char *username)
return result == NSS_STATUS_SUCCESS;
}
+/******************************************************************
+ create a winbindd user
+******************************************************************/
+
+static BOOL wbinfo_create_user(char *username)
+{
+ struct winbindd_request request;
+ struct winbindd_response response;
+ NSS_STATUS result;
+
+ /* Send off request */
+
+ ZERO_STRUCT(request);
+ ZERO_STRUCT(response);
+
+ request.flags = WBFLAG_ALLOCATE_RID;
+ fstrcpy(request.data.acct_mgt.username, username);
+
+ result = winbindd_request(WINBINDD_CREATE_USER, &request, &response);
+
+ if ( result == NSS_STATUS_SUCCESS )
+ d_printf("New RID is %d\n", response.data.rid);
+
+ return result == NSS_STATUS_SUCCESS;
+}
+
+/******************************************************************
+ remove a winbindd user
+******************************************************************/
+
+static BOOL wbinfo_delete_user(char *username)
+{
+ struct winbindd_request request;
+ struct winbindd_response response;
+ NSS_STATUS result;
+
+ /* Send off request */
+
+ ZERO_STRUCT(request);
+ ZERO_STRUCT(response);
+
+ fstrcpy(request.data.acct_mgt.username, username);
+
+ result = winbindd_request(WINBINDD_DELETE_USER, &request, &response);
+
+ return result == NSS_STATUS_SUCCESS;
+}
+
+/******************************************************************
+ create a winbindd group
+******************************************************************/
+
+static BOOL wbinfo_create_group(char *groupname)
+{
+ struct winbindd_request request;
+ struct winbindd_response response;
+ NSS_STATUS result;
+
+ /* Send off request */
+
+ ZERO_STRUCT(request);
+ ZERO_STRUCT(response);
+
+ fstrcpy(request.data.acct_mgt.groupname, groupname);
+
+ result = winbindd_request(WINBINDD_CREATE_GROUP, &request, &response);
+
+ return result == NSS_STATUS_SUCCESS;
+}
+
+/******************************************************************
+ remove a winbindd group
+******************************************************************/
+
+static BOOL wbinfo_delete_group(char *groupname)
+{
+ struct winbindd_request request;
+ struct winbindd_response response;
+ NSS_STATUS result;
+
+ /* Send off request */
+
+ ZERO_STRUCT(request);
+ ZERO_STRUCT(response);
+
+ fstrcpy(request.data.acct_mgt.groupname, groupname);
+
+ result = winbindd_request(WINBINDD_DELETE_GROUP, &request, &response);
+
+ return result == NSS_STATUS_SUCCESS;
+}
+
+/******************************************************************
+ parse a string in the form user:group
+******************************************************************/
+
+static BOOL parse_user_group( const char *string, fstring user, fstring group )
+{
+ char *p;
+
+ if ( !string )
+ return False;
+
+ if ( !(p = strchr( string, ':' )) )
+ return False;
+
+ *p = '\0';
+ p++;
+
+ fstrcpy( user, string );
+ fstrcpy( group, p );
+
+ return True;
+}
+
+/******************************************************************
+ add a user to a winbindd group
+******************************************************************/
+
+static BOOL wbinfo_add_user_to_group(char *string)
+{
+ struct winbindd_request request;
+ struct winbindd_response response;
+ NSS_STATUS result;
+
+ /* Send off request */
+
+ ZERO_STRUCT(request);
+ ZERO_STRUCT(response);
+
+ if ( !parse_user_group( string, request.data.acct_mgt.username,
+ request.data.acct_mgt.groupname))
+ {
+ d_printf("Can't parse user:group from %s\n", string);
+ return False;
+ }
+
+ result = winbindd_request(WINBINDD_ADD_USER_TO_GROUP, &request, &response);
+
+ return result == NSS_STATUS_SUCCESS;
+}
+
+/******************************************************************
+ remove a user from a winbindd group
+******************************************************************/
+
+static BOOL wbinfo_remove_user_from_group(char *string)
+{
+ struct winbindd_request request;
+ struct winbindd_response response;
+ NSS_STATUS result;
+
+ /* Send off request */
+
+ ZERO_STRUCT(request);
+ ZERO_STRUCT(response);
+
+ if ( !parse_user_group( string, request.data.acct_mgt.username,
+ request.data.acct_mgt.groupname))
+ {
+ d_printf("Can't parse user:group from %s\n", string);
+ return False;
+ }
+
+ result = winbindd_request(WINBINDD_REMOVE_USER_FROM_GROUP, &request, &response);
+
+ return result == NSS_STATUS_SUCCESS;
+}
+
/* Print domain users */
static BOOL print_domain_users(void)
@@ -705,12 +874,18 @@ int main(int argc, char **argv)
{ "gid-to-sid", 'G', POPT_ARG_INT, &int_arg, 'G', "Converts gid to sid", "GID" },
{ "sid-to-uid", 'S', POPT_ARG_STRING, &string_arg, 'S', "Converts sid to uid", "SID" },
{ "sid-to-gid", 'Y', POPT_ARG_STRING, &string_arg, 'Y', "Converts sid to gid", "SID" },
+ { "create-user", 'c', POPT_ARG_STRING, &string_arg, 'c', "Create a local user account", "name" },
+ { "delete-user", 'x', POPT_ARG_STRING, &string_arg, 'x', "Delete a local user account", "name" },
+ { "create-group", 'C', POPT_ARG_STRING, &string_arg, 'C', "Create a local group", "name" },
+ { "delete-group", 'X', POPT_ARG_STRING, &string_arg, 'X', "Delete a local group", "name" },
+ { "add-to-group", 'o', POPT_ARG_STRING, &string_arg, 'o', "Add user to group", "user:group" },
+ { "del-from-group", 'O', POPT_ARG_STRING, &string_arg, 'O', "Remove user from group", "user:group" },
{ "check-secret", 't', POPT_ARG_NONE, 0, 't', "Check shared secret" },
{ "trusted-domains", 'm', POPT_ARG_NONE, 0, 'm', "List trusted domains" },
{ "sequence", 0, POPT_ARG_NONE, 0, OPT_SEQUENCE, "Show sequence numbers of all domains" },
{ "user-groups", 'r', POPT_ARG_STRING, &string_arg, 'r', "Get user groups", "USER" },
{ "authenticate", 'a', POPT_ARG_STRING, &string_arg, 'a', "authenticate user", "user%password" },
- { "set-auth-user", 'A', POPT_ARG_STRING, &string_arg, OPT_SET_AUTH_USER, "Store user and password used by winbindd (root only)", "user%password" },
+ { "set-auth-user", 0, POPT_ARG_STRING, &string_arg, OPT_SET_AUTH_USER, "Store user and password used by winbindd (root only)", "user%password" },
{ "get-auth-user", 0, POPT_ARG_NONE, NULL, OPT_GET_AUTH_USER, "Retrieve user and password used by winbindd (root only)", NULL },
{ "ping", 'p', POPT_ARG_NONE, 0, 'p', "Ping winbindd to see if it is alive" },
POPT_COMMON_VERSION
@@ -845,31 +1020,66 @@ int main(int argc, char **argv)
}
break;
case 'a': {
- BOOL got_error = False;
-
- if (!wbinfo_auth(string_arg)) {
- d_printf("Could not authenticate user %s with "
- "plaintext password\n", string_arg);
- got_error = True;
- }
-
- if (!wbinfo_auth_crap(string_arg)) {
- d_printf("Could not authenticate user %s with "
- "challenge/response\n", string_arg);
- got_error = True;
- }
-
- if (got_error)
- goto done;
- break;
- }
- case 'p': {
- if (!wbinfo_ping()) {
- d_printf("could not ping winbindd!\n");
- goto done;
- }
- break;
- }
+ BOOL got_error = False;
+
+ if (!wbinfo_auth(string_arg)) {
+ d_printf("Could not authenticate user %s with "
+ "plaintext password\n", string_arg);
+ got_error = True;
+ }
+
+ if (!wbinfo_auth_crap(string_arg)) {
+ d_printf("Could not authenticate user %s with "
+ "challenge/response\n", string_arg);
+ got_error = True;
+ }
+
+ if (got_error)
+ goto done;
+ break;
+ }
+ case 'c':
+ if ( !wbinfo_create_user(string_arg) ) {
+ d_printf("Could not create user account\n");
+ goto done;
+ }
+ break;
+ case 'C':
+ if ( !wbinfo_create_group(string_arg) ) {
+ d_printf("Could not create group\n");
+ goto done;
+ }
+ break;
+ case 'o':
+ if ( !wbinfo_add_user_to_group(string_arg) ) {
+ d_printf("Could not add user to group\n");
+ goto done;
+ }
+ break;
+ case 'O':
+ if ( !wbinfo_remove_user_from_group(string_arg) ) {
+ d_printf("Could not remove user kfrom group\n");
+ goto done;
+ }
+ break;
+ case 'x':
+ if ( !wbinfo_delete_user(string_arg) ) {
+ d_printf("Could not delete user account\n");
+ goto done;
+ }
+ break;
+ case 'X':
+ if ( !wbinfo_delete_group(string_arg) ) {
+ d_printf("Could not delete group\n");
+ goto done;
+ }
+ break;
+ case 'P':
+ if (!wbinfo_ping()) {
+ d_printf("could not ping winbindd!\n");
+ goto done;
+ }
+ break;
case OPT_SET_AUTH_USER:
wbinfo_set_auth_user(string_arg);
break;
generated by cgit (git 2.34.1) at 2024-07-15 09:13:56 +0000