diff options
Diffstat (limited to 'source3')
-rw-r--r-- | source3/utils/smbpasswd.c | 70 |
1 files changed, 38 insertions, 32 deletions
diff --git a/source3/utils/smbpasswd.c b/source3/utils/smbpasswd.c index e9360651da..d9a5dc4bbd 100644 --- a/source3/utils/smbpasswd.c +++ b/source3/utils/smbpasswd.c @@ -64,6 +64,7 @@ static void usage(void) if (getuid() == 0) { printf(" -R ORDER name resolve order\n"); printf(" -j DOMAIN join domain name\n"); + printf(" -S synchronise with PDC (if we are BDC)\n"); printf(" -a add user\n"); printf(" -d disable user\n"); printf(" -e enable user\n"); @@ -89,13 +90,6 @@ static int join_domain(char *domain, char *remote) BOOL ret; uint16 sec_chan; - DEBUG(5,("join_domain: domain %s remote %s\n", domain, remote)); - - pstrcpy(remote_machine, remote ? remote : ""); - fstrcpy(trust_passwd, global_myname); - strlower(trust_passwd); - E_md4hash( (uchar *)trust_passwd, orig_trust_passwd_hash); - switch (lp_server_role()) { case ROLE_DOMAIN_PDC: @@ -116,6 +110,18 @@ static int join_domain(char *domain, char *remote) } } + pstrcpy(remote_machine, remote ? remote : lp_passwordserver()); + + if (!remote_machine[0]) + { + fprintf(stderr, "You must specify the PDC via 'password server' or -r."); + return 1; + } + + fstrcpy(trust_passwd, global_myname); + strlower(trust_passwd); + E_md4hash( (uchar *)trust_passwd, orig_trust_passwd_hash); + /* * Create the machine account password file. */ @@ -138,36 +144,16 @@ machine %s in domain %s.\n", global_myname, domain); return 1; } - /* - * If we are given a remote machine assume this is the PDC. - */ - - if(remote == NULL) - { - pstrcpy(remote_machine, lp_passwordserver()); - } - - if(!*remote_machine) { - fprintf(stderr, "No password server list given in smb.conf - \ -unable to join domain.\n"); - trust_password_unlock(); - return 1; - } - ret = change_trust_account_password(domain, remote_machine, sec_chan); trust_password_unlock(); if(!ret) { fprintf(stderr,"Unable to join domain %s.\n",domain); - } else { - printf("Joined domain %s.\n",domain); + return 1; } - -#if 0 - trust_password_delete( domain, global_myname); -#endif - return (int)ret; + printf("Joined domain %s.\n",domain); + return 0; } @@ -303,6 +289,7 @@ static int process_root(int argc, char *argv[]) uint16 acb_info = 0; uint16 acb_mask = 0; BOOL joining_domain = False; + BOOL sam_sync = False; BOOL wks_trust_account = False; BOOL srv_trust_account = False; BOOL dom_trust_account = False; @@ -318,8 +305,9 @@ static int process_root(int argc, char *argv[]) char *new_passwd = NULL; char *old_passwd = NULL; char *remote_machine = NULL; + int ret; - while ((ch = getopt(argc, argv, "abdehimnpxj:r:sR:D:U:")) != EOF) + while ((ch = getopt(argc, argv, "abdehimnpxj:Sr:sR:D:U:")) != EOF) { switch(ch) { @@ -389,6 +377,11 @@ static int process_root(int argc, char *argv[]) joining_domain = True; break; } + case 'S': + { + sam_sync = True; + break; + } case 'U': { user_name = optarg; @@ -422,11 +415,24 @@ static int process_root(int argc, char *argv[]) { usage(); } + + if (sam_sync && lp_server_role() != ROLE_DOMAIN_BDC) { + fprintf(stderr, "The -S option can only be used on a Backup Domain Controller.\n"); + return 1; + } if (joining_domain) { if (argc != 0) usage(); - return join_domain(new_domain, remote_machine); + ret = join_domain(new_domain, remote_machine); + + if ((ret != 0) || (!sam_sync)) + return ret; + } + + if (sam_sync) + { + return synchronise_passdb(); } /* |