diff options
Diffstat (limited to 'source3/utils/smbpasswd.c')
-rw-r--r-- | source3/utils/smbpasswd.c | 42 |
1 files changed, 41 insertions, 1 deletions
diff --git a/source3/utils/smbpasswd.c b/source3/utils/smbpasswd.c index e076687c4f..7086fbff37 100644 --- a/source3/utils/smbpasswd.c +++ b/source3/utils/smbpasswd.c @@ -56,6 +56,9 @@ static void usage(void) printf(" -e enable user\n"); printf(" -n set no password\n"); printf(" -m machine trust account\n"); +#ifdef WITH_LDAP_SAM + printf(" -w ldap admin password\n"); +#endif exit(1); } @@ -170,6 +173,21 @@ static BOOL password_change(const char *remote_machine, char *user_name, return ret; } +#ifdef WITH_LDAP_SAM +/******************************************************************* + Store the LDAP admin password in secrets.tdb + ******************************************************************/ +static BOOL store_ldap_admin_pw (char* pw) +{ + if (!pw) + return False; + + if (!secrets_init()) + return False; + + return secrets_store_ldap_pw(lp_ldap_admin_dn(), pw); +} +#endif /************************************************************* Handle password changing for root. @@ -186,13 +204,16 @@ static int process_root(int argc, char *argv[]) char *new_passwd = NULL; char *old_passwd = NULL; char *remote_machine = NULL; +#ifdef WITH_LDAP_SAM + fstring ldap_secret; +#endif ZERO_STRUCT(user_name); ZERO_STRUCT(user_password); user_name[0] = '\0'; - while ((ch = getopt(argc, argv, "axdehmnjr:sR:D:U:L")) != EOF) { + while ((ch = getopt(argc, argv, "axdehmnjr:swR:D:U:L")) != EOF) { switch(ch) { case 'L': local_mode = True; @@ -228,6 +249,15 @@ static int process_root(int argc, char *argv[]) set_line_buffering(stderr); stdin_passwd_get = True; break; + case 'w': +#ifdef WITH_LDAP_SAM + local_flags |= LOCAL_SET_LDAP_ADMIN_PW; + fstrcpy(ldap_secret, optarg); + break; +#else + printf("-w not available unless configured --with-ldap\n"); + goto done; +#endif case 'R': lp_set_name_resolve_order(optarg); break; @@ -259,6 +289,16 @@ static int process_root(int argc, char *argv[]) argc -= optind; argv += optind; +#ifdef WITH_LDAP_SAM + if (local_flags & LOCAL_SET_LDAP_ADMIN_PW) + { + printf("Setting stored password for \"%s\" in secrets.tdb\n", + lp_ldap_admin_dn()); + if (!store_ldap_admin_pw(ldap_secret)) + DEBUG(0,("ERROR: Failed to store the ldap admin password!\n")); + goto done; + } +#endif /* * Ensure both add/delete user are not set * Ensure add/delete user and either remote machine or join domain are |