summaryrefslogtreecommitdiff
path: root/source3/utils/smbpasswd.c
AgeCommit message (Collapse)AuthorFilesLines
2004-02-25(merge from 3.0)Andrew Bartlett1-0/+6
I *hate* global variables... OK, what was happening here was that we would invalidate global_sam_sid when we set the sid into secrets.tdb, to force a re-read. The problem was, we would do *two* writes into the TDB, and the second one (in the PDC/BDC case) would be of a NULL pointer. This caused smbd startups to fail, on a blank TDB. By using a local variable in the pdb_generate_sam_sid() code, we avoid this particular trap. I've also added better debugging for the case where this all matters, which is particularly for LDAP, where it finds out a domain SID from the sambaDomain object. Andrew Bartlett (This used to be commit f3ecdea56d9ea6d562ace84f0e653a641eb96f6e)
2004-02-23Fix "unable to initialize" bug when smbd hasn't been run withJeremy Allison1-2/+4
new system and a user is being added via pdbedit/smbpasswd. Found at Connectathon setup. Jeremy. (This used to be commit 93580927dc255f205283b64c72fb95be990d2216)
2003-09-15fix online helpSimo Sorce1-1/+1
-w option need the password on the command line (This used to be commit 0b8f32b7f53b145fb51f5537a7f42d11d69ed4c3)
2003-08-02port latest changes from SAMBA_3_0 treeSimo Sorce1-15/+0
(This used to be commit 3101c236b8241dc0183995ffceed551876427de4)
2003-07-16trying to get HEAD building again. If you want the codeGerald Carter1-3/+18
prior to this merge, checkout HEAD_PRE_3_0_0_BETA_3_MERGE (This used to be commit adb98e7b7cd0f025b52c570e4034eebf4047b1ad)
2003-05-10Reverse previous patch from Stefan and me after comments by Andrew Bartlett.Jelmer Vernooij1-3/+0
(This used to be commit d31509fe88da8727521586dced1da2c73bfee2bc)
2003-05-10Patch from metze and me that adds dummy smb_register_*() functionsJelmer Vernooij1-0/+3
(This used to be commit 367a5cad1edf6a49783806d5a8b59a62d8856706)
2003-01-02BIG patch...Andrew Bartlett1-2/+2
This patch makes Samba compile cleanly with -Wwrite-strings. - That is, all string literals are marked as 'const'. These strings are always read only, this just marks them as such for passing to other functions. What is most supprising is that I didn't need to change more than a few lines of code (all in 'net', which got a small cleanup of net.h and extern variables). The rest is just adding a lot of 'const'. As far as I can tell, I have not added any new warnings - apart from making all of tdbutil.c's function const (so they warn for adding that const string to struct). Andrew Bartlett (This used to be commit 92a777d0eaa4fb3a1c7835816f93c6bdd456816d)
2002-12-12merge of smbpasswd segfault from SAMBA_2_2Gerald Carter1-7/+10
(This used to be commit 8311c4bf8d9697f5a65a00300b60dfde12e46ae7)
2002-11-12Removed global_myworkgroup, global_myname, global_myscope. Added liberalJeremy Allison1-8/+2
dashes of const. This is a rather large check-in, some things may break. It does compile though :-). Jeremy. (This used to be commit 82b8f749a36b42e22186297482aad2abb04fab8a)
2002-11-08Make smbpasswd tell people to use 'net join', not 'net rpc join' now we haveAndrew Bartlett1-1/+1
the automagic detection. (This used to be commit a066bed5a4855dac955bf0bd7630939220314cfe)
2002-09-10removing compiler warnings about shadowed globalsGerald Carter1-18/+18
(This used to be commit 6f0561acadd139e37f86e30a2bbf10f428178eaf)
2002-07-26Mimir has been busy with patches again, and sent in the followingAndrew Bartlett1-2/+4
patches: Andrew Bartlett From his e-mail: Below I attach the following patches as a result of my work on trusted domains support: 1) srv_samr_nt.c.diff This fixes a bug which caused to return null string as the first entry of enumerated accounts list (no matter what entry, it was always null string and rid) and possibly spoiled further names, depeding on their length. I found that while testing my 'net rpc trustdom list' against nt servers and samba server. 2) libsmb.diff Now, fallback to anonymous connection works correctly. 3) smbpasswd.c.diff Just a little fix which actually allows one to create a trusting domain account using smbpasswd 4) typos.diff As the name suggests, it's just a few typos fix :) (This used to be commit 888d595fab4f6b28318b743f47378cb7ca35d479)
2002-05-22Add a bit more const, and kill of (finally!) sys_getpwnam and sys_getpwuid.Andrew Bartlett1-2/+4
These might be reimplmented as simple pass-through functions, but all users really should be doing 'getpwnam_alloc' or 'getpwuid_alloc' to ensure that there are not shared static buffers. I don't beleive we actually need a getpw*() cache inside samba - if we do then I think we should look at our code design first. (some of these changes are for platforms I don't have access to, but they look sane) Andrew Bartlett (This used to be commit 9d8431b04f41dceffe4c45cc969472ee59f7282f)
2002-05-18Make smbpasswd at least slightly sane. This kills off some of theAndrew Bartlett1-43/+43
silly global variables, and makes it come closer to a clean compile. I'm still not convinced what was wrong with the previous code, at least it didn't cause a gush of warnings... In any case, we now don't need to spegetti code gotos etc. This should really be redone with popt. Andrew Bartlett (This used to be commit d9330f10447f199a5a73803579ce3b1253f4d02c)
2002-05-17Make --with-ldapsam 'go away'. This is now a standard, stable, featureAndrew Bartlett1-13/+0
and there is no real reason for it to depend on more than the abilty to compile the code. (This used to be commit 64aaec137e39595e6e61b55eb525615683a1393c)
2002-04-03reorder useage message a little. -L is not a root-only or local mode option.Herb Lewis1-7/+8
(This used to be commit 020d6fa2f780099d662de1a456838ec0ac4d3ca7)
2002-04-02readd -c config file change from 2.2 - works with -L mode now as well.Herb Lewis1-180/+178
(This used to be commit af4c3734b5d617352597b1b964745f5b0d334b2d)
2002-04-01reverted Herbs smbpasswd commit as it completely broke setting aAndrew Tridgell1-178/+181
password (This used to be commit a5807d5784dc903f1ea38a9825240a505688b7be)
2002-03-30merge from 2.2 - allow -c option to specify smb.conf fileHerb Lewis1-181/+178
(This used to be commit fc15b56d29b4474032f4d9136313afee60e70cbf)
2002-03-27merge from 2.2 - don't check local passdb if -r option usedHerb Lewis1-1/+3
(This used to be commit 15df51e8def01009f2ec1e2d08c3129ac39dabdf)
2002-01-30Removed version number from file header.Tim Potter1-1/+1
Changed "SMB/Netbios" to "SMB/CIFS" in file header. (This used to be commit 6a58c9bd06d0d7502a24bf5ce5a2faf0a146edfa)
2002-01-20This is another *BIG* change...Andrew Bartlett1-5/+0
Samba now features a pluggable passdb interface, along the same lines as the one in use in the auth subsystem. In this case, only one backend may be active at a time by the 'normal' interface, and only one backend per passdb_context is permitted outside that. This pluggable interface is designed to allow any number of passdb backends to be compiled in, with the selection at runtime. The 'passdb backend' paramater has been created (and documented!) to support this. As such, configure has been modfied to allow (for example) --with-ldap and the old smbpasswd to be selected at the same time. This patch also introduces two new backends: smbpasswd_nua and tdbsam_nua. These two backends accept 'non unix accounts', where the user does *not* exist in /etc/passwd. These accounts' don't have UIDs in the unix sense, but to avoid conflicts in the algroitmic mapping of RIDs, they use the values specified in the 'non unix account range' paramter - in the same way as the winbind ranges are specifed. While I was at it, I cleaned up some of the code in pdb_tdb (code copied directly from smbpasswd and not really considered properly). Most of this was to do with % macro expansion on stored data. It isn't easy to get the macros into the tdb, and the first password change will 'expand' them. tdbsam needs to use a similar system to pdb_ldap in this regard. This patch only makes minor adjustments to pdb_nisplus and pdb_ldap, becouse I don't have the test facilities for these. I plan to incoroprate at least pdb_ldap into this scheme after consultation with Jerry. Each (converted) passdb module now no longer has any 'static' variables, and only exports 1 init function outside its .c file. The non-unix-account support in this patch has been proven! It is now possible to join a win2k machine to a Samba PDC without an account in /etc/passwd! Other changes: Minor interface adjustments: pdb_delete_sam_account() now takes a SAM_ACCOUNT, not a char*. pdb_update_sam_account() no longer takes the 'override' argument that was being ignored so often (every other passdb backend). Extra checks have been added in some places. Minor code changes: smbpasswd no longer attempts to initialise the passdb at startup, this is now done on first use. pdbedit has lost some of its 'machine account' logic, as this behaviour is now controlled by the passdb subsystem directly. The samr subsystem no longer calls 'local password change', but does the pdb interactions directly. This allow the ACB_ flags specifed to be transferred direct to the backend, without interference. Doco: I've updated the doco to reflect some of the changes, and removed some paramters no longer applicable to HEAD. (This used to be commit ff354c99c585068af6dc1ff35a1f109a806b326b)
2002-01-07merge changes from 2.2 branch to prevent smb.conf from changing debug levelHerb Lewis1-0/+3
of commands when specified on command line. (This used to be commit 39d6b31e14144a3ff4b992d4286b706147e58566)
2002-01-07sync getopt() args with 2.2Gerald Carter1-1/+1
(This used to be commit 2fcdc520cee051631bbc2a0c06466d231390f8d5)
2001-12-14Rafal (mimir) patch for trusts r.Jean-François Micouleau1-1/+21
(This used to be commit c26623671e2b0b2e80c6d6383a99880c4f439f04)
2001-12-13update the ldap support code. it compiles.Jean-François Micouleau1-1/+41
Ignacio you can update your howto ;-) samsync: a small patch to try chaning challenges. J.F. (This used to be commit c99bc305599698f2291efbfe20024355cb2bcde0)
2001-12-05OK. Smbpasswd -j is DEAD.Andrew Bartlett1-139/+40
This moves the rest of the functionality into the 'net rpc join' code. Futhermore, this moves that entire area over to the libsmb codebase, rather than the crufty old rpc_client stuff. I have also fixed up the smbpasswd -a -m bug in the process. We also have a new 'net rpc changetrustpw' that can be called from a cron-job to regularly change the trust account password, for sites that run winbind but not smbd. With a little more work, we can kill rpc_client from smbd entirly! (It is mostly the domain auth stuff - which I can rework - and the spoolss stuff that sombody else will need to look over). Andrew Bartlett (This used to be commit 575897e879fc175ba702adf245384033342c903d)
2001-12-04moved init_account_policy() to the right placeAndrew Tridgell1-2/+0
(This used to be commit e908f304a26b9f1100e301610151a9334bf117b0)
2001-12-04smbpasswd is *ugly*!Andrew Bartlett1-0/+2
However this looks like the best spot to init the account policy db... (fix segfaults on all local smbpasswd ops) Andrew Bartlett (This used to be commit 3f3bb62ba63373c3cdf2495f97c7461ed5b373ef)
2001-12-04Add 'net rpc join' to match the ADS equiv.Andrew Bartlett1-294/+3
This kills off the offending code in smbpasswd -j -Uab%c In the process we have changed from unsing compelatly random passwords to random, 15 char ascii strings. While this does produce a decrese in entropy, it is still vastly greater than we need, considering the application. In the meantime this allows us to actually *type* the machine account password duruign debugging. This code also adds a 'check' step to the join, confirming that the stored password does indeed do somthing of value :-) Andrew Bartlett (This used to be commit c0b7ee6ee547dc7ff798eaf8cb63fbe344073029)
2001-11-23Removed TimeInit() call from every client program (except for one placeTim Potter1-2/+0
in smbd/process.c where the timezone is reinitialised. Was replaced with check for a static is_initialised boolean. (This used to be commit 8fc772c9e5770cd3a8857670214dcff033ebae32)
2001-11-20Rename xmalloc, xmemdup, xstrdup to smb_$1 to avoid conflicts with theMartin Pool1-8/+8
versions defined by libreadline on SCO (!). (This used to be commit 32480d7aff21ce1c14991e242aaf8a4e14ec6f2a)
2001-11-19Make the smbpasswd options/usage message a little less bizarre: it nowMartin Pool1-22/+20
shows all the available options, but explains that you must be root to use them. Surely this is less confusing? (This used to be commit 19f5f813995d1cf3874df705ab5e71aa5eb14ae6)
2001-11-19Store some path names in global variables initialized to configureMartin Pool1-4/+2
default, rather than in preprocessor macros. (This used to be commit 79ec88f0da40faebe1e587f1b3e87b5f2b184f58)
2001-10-31Parionia to ensure people don't install libsmb based programs setuid root.Andrew Bartlett1-1/+1
libsmb has not been written to be setuid, with things like LIBSMB_PROG allowing all sort of fun and games. Andrew Bartlett (This used to be commit 0c8e9339d8238de92e9146d04091694b62874c33)
2001-10-30Fix up smbpasswd -e/-d so that it doesn't change the password under you anyAndrew Bartlett1-11/+13
more. (Previously it set them to 'XXXX' or similar when only the flags were being changed - a bug I must have introduced when I reworked the passdb end of things a few weeks back.) Adds a new local flag: LOCAL_SET_PASSWORD to specify that the password is actually to be changed. Andrew Bartlett (This used to be commit cea6b6cb228c7e1f0c2d45951590e0d8fb8b315c)
2001-10-22Added xstrdup, removed static version from smbpasswd.cJeremy Allison1-14/+0
Jeremy. (This used to be commit d01a9e5974d80ee8be2f7a20aeaae5826325d035)
2001-10-02Removed 'extern int DEBUGLEVEL' as it is now in the smb.h header.Tim Potter1-1/+0
(This used to be commit 2d0922b0eabfdc0aaf1d0797482fef47ed7fde8e)
2001-09-29Fix up a number of intertwined issues:Andrew Bartlett1-4/+4
The big one is a global change to allow us to NULLify the free'ed pointer to a former passdb object. This was done to allow idra's SAFE_FREE() macro to do its magic, and to satisfy the input test in pdb_init_sam() for a NULL pointer to start with. This NULL pointer test was what was breaking the adding of accounts up until now, and this code has been reworked to avoid duplicating work - I hope this will avoid a similar mess-up in future. Finally, I fixed a few nasty bugs where the pdb_ fuctions's return codes were being ignored. Some of these functions malloc() and are permitted to fail. Also, this caught a nasty bug where pdb_set_lanman_password(sam, NULL) acheived precisely didilly-squat, just returning False. Now that we check the returns this bug was spotted. This could allow different LM and NT passwords. - the pdbedit code needs to start checking these too, but I havn't had a chance to fix it. I have also fixed up where some of the password changing code was using the pdb_set functions to store *internal* data. I assume this is from a previous lot of mass conversion work... Most likally (and going on past experience) I have missed somthing, probably in the LanMan password change code which I havn't yet been able to test, but this lot is in much better shape than it was before. If all this is too much to swallow (particularly for 2.2.2) then just adding a sam_pass = NULL to the particular line of passdb.c should do the trick for the ovbious bug. Andrew Bartlett (This used to be commit 762c8758a7869809d89b4da9c2a5249678942930)
2001-09-17move to SAFE_FREE()Simo Sorce1-6/+6
(This used to be commit 67db8f03c5c9e81e11b5f3276b50ee23e09a2659)
2001-09-12Fixed problems with arg parsing as root with smbpasswd.Jeremy Allison1-8/+11
Jeremy. (This used to be commit 6399cf490dffbd162afa06f18cdd6e0364db567d)
2001-09-04the next stage in the NTSTATUS/WERROR change. smbd and nmbd now compile, but ↵Andrew Tridgell1-5/+5
the client code still needs some work (This used to be commit dcd6e735f709a9231860ceb9682db40ff26c9a66)
2001-08-31Set acb_info to ACB_SVRTRUST if we are joining the domain as a BDC withoutTim Potter1-2/+6
going through the server manager. (This used to be commit 52f5abae4667d841be7ca8f5ff0f25ba6d027067)
2001-08-30merge from 2.2Gerald Carter1-0/+3
(This used to be commit d31e1b63b5a13ec585da18971e85c9eaa941ed33)
2001-08-29Fix uninitialised variables. Spotted by "Esh, Andrew" <AEsh@tricord.com>Tim Potter1-0/+3
(This used to be commit 9081af4fe584d222c00587d6d3c81e12d6611222)
2001-08-27converted another bunch of stuff to NTSTATUSAndrew Tridgell1-3/+3
(This used to be commit 1d36250e338ae0ff9fbbf86019809205dd97d05e)
2001-08-24get rid of compiler warningsHerb Lewis1-3/+3
(This used to be commit 0768991d04ea03e774ca8662c9cae5e1951b88e0)
2001-08-02Allow smbpasswd to join a W2K hosted AD domain.Jeremy Allison1-3/+10
Jeremy. (This used to be commit c51cfc7f0d3ad1614ca1e0330c8707f7b263b8e6)
2001-07-25Held a shoot-out between NT_STATUS_NO_PROBLEMO and NT_STATUS_NOPROBLEMO.Tim Potter1-2/+2
According to the incorruptible judges find and grep, the latter won. Mmm - procrastination. (-: (This used to be commit 2e339403605177b15d5185a8fdd1b06f3f043168)