summaryrefslogtreecommitdiff
path: root/source3/utils/pdbedit.c
diff options
context:
space:
mode:
Diffstat (limited to 'source3/utils/pdbedit.c')
-rw-r--r--source3/utils/pdbedit.c46
1 files changed, 37 insertions, 9 deletions
diff --git a/source3/utils/pdbedit.c b/source3/utils/pdbedit.c
index c88c0d7579..dacaa1e26f 100644
--- a/source3/utils/pdbedit.c
+++ b/source3/utils/pdbedit.c
@@ -119,6 +119,27 @@ static int export_groups (struct pdb_context *in, struct pdb_context *out) {
}
/*********************************************************
+ Add all currently available account policy from tdb to one backend
+ ********************************************************/
+
+static int export_account_policies (struct pdb_context *in, struct pdb_context *out)
+{
+ int i;
+
+ for (i=1; decode_account_policy_name(i) != NULL; i++) {
+ uint32 policy_value;
+ if (NT_STATUS_IS_ERR(in->pdb_get_account_policy(in, i, &policy_value))) {
+ fprintf(stderr, "Can't get account policy from tdb\n");
+ return -1;
+ }
+ out->pdb_set_account_policy(out, i, policy_value);
+ }
+
+ return 0;
+}
+
+
+/*********************************************************
Print info from sam structure
**********************************************************/
@@ -652,6 +673,7 @@ int main (int argc, char **argv)
static char *backend_in = NULL;
static char *backend_out = NULL;
static BOOL transfer_groups = False;
+ static BOOL transfer_account_policies = False;
static BOOL force_initialised_password = False;
static char *logon_script = NULL;
static char *profile_path = NULL;
@@ -683,8 +705,8 @@ int main (int argc, char **argv)
{"drive", 'D', POPT_ARG_STRING, &home_drive, 0, "set home drive", NULL},
{"script", 'S', POPT_ARG_STRING, &logon_script, 0, "set logon script", NULL},
{"profile", 'p', POPT_ARG_STRING, &profile_path, 0, "set profile path", NULL},
- {"user-SID", 'U', POPT_ARG_STRING, &user_sid, 0, "set user SID or RID", NULL},
- {"group-SID", 'G', POPT_ARG_STRING, &group_sid, 0, "set group SID or RID", NULL},
+ {"user SID", 'U', POPT_ARG_STRING, &user_sid, 0, "set user SID or RID", NULL},
+ {"group SID", 'G', POPT_ARG_STRING, &group_sid, 0, "set group SID or RID", NULL},
{"create", 'a', POPT_ARG_NONE, &add_user, 0, "create user", NULL},
{"modify", 'r', POPT_ARG_NONE, &modify_user, 0, "modify user", NULL},
{"machine", 'm', POPT_ARG_NONE, &machine, 0, "account is a machine account", NULL},
@@ -693,6 +715,7 @@ int main (int argc, char **argv)
{"import", 'i', POPT_ARG_STRING, &backend_in, 0, "import user accounts from this backend", NULL},
{"export", 'e', POPT_ARG_STRING, &backend_out, 0, "export user accounts to this backend", NULL},
{"group", 'g', POPT_ARG_NONE, &transfer_groups, 0, "use -i and -e for groups", NULL},
+ {"policies", 'y', POPT_ARG_NONE, &transfer_account_policies, 0, "use -i and -e to move account policies between backends", NULL},
{"account-policy", 'P', POPT_ARG_STRING, &account_policy, 0,"value of an account policy (like maximum password age)",NULL},
{"value", 'C', POPT_ARG_LONG, &account_policy_value, 'C',"set the account policy to this value", NULL},
{"account-control", 'c', POPT_ARG_STRING, &account_control, 0, "Values of account control", NULL},
@@ -792,20 +815,22 @@ int main (int argc, char **argv)
SAFE_FREE(apn);
exit(1);
}
- if (!account_policy_get(field, &value)) {
+ if (!pdb_get_account_policy(field, &value)) {
fprintf(stderr, "valid account policy, but unable to fetch value!\n");
- exit(1);
+ if (!account_policy_value_set)
+ exit(1);
}
+ printf("account policy \"%s\" description: %s\n", account_policy, account_policy_get_desc(field));
if (account_policy_value_set) {
- printf("account policy value for %s was %u\n", account_policy, value);
- if (!account_policy_set(field, account_policy_value)) {
+ printf("account policy \"%s\" value was: %u\n", account_policy, value);
+ if (!pdb_set_account_policy(field, account_policy_value)) {
fprintf(stderr, "valid account policy, but unable to set value!\n");
exit(1);
}
- printf("account policy value for %s is now %lu\n", account_policy, account_policy_value);
+ printf("account policy \"%s\" value is now: %lu\n", account_policy, account_policy_value);
exit(0);
} else {
- printf("account policy value for %s is %u\n", account_policy, value);
+ printf("account policy \"%s\" value is: %u\n", account_policy, value);
exit(0);
}
}
@@ -829,7 +854,10 @@ int main (int argc, char **argv)
} else {
bout = bdef;
}
- if (transfer_groups) {
+ if (transfer_account_policies) {
+ if (!(checkparms & BIT_USER))
+ return export_account_policies(bin, bout);
+ } else if (transfer_groups) {
if (!(checkparms & BIT_USER))
return export_groups(bin, bout);
} else {