From 03d5867d529f126da368ebda70bf2d997aa602e0 Mon Sep 17 00:00:00 2001 From: Gerald Carter Date: Fri, 11 Jul 2003 05:33:40 +0000 Subject: moving more code around. * move rid allocation into IDMAP. See comments in _api_samr_create_user() * add winbind delete user/group functions I'm checking this in to sync up with everyone. But I'm going to split the add a separate winbindd_allocate_rid() function for systems that have an 'add user script' but need idmap to give them a RID. Life would be so much simplier without 'enable rid algorithm'. The current RID allocation is horrible due to this one fact. Tested idmap_tdb but not idmap_ldap yet. Will do that tomorrow. Nothing has changed in the way a samba domain is represented, stored, or search in the directory so things should be ok with previous installations. going to bed now. (This used to be commit 0463045cc7ff177fab44b25faffad5bf7140244d) --- source3/nsswitch/wbinfo.c | 82 ++++++++++++++++++++++++++++++++++------------- 1 file changed, 60 insertions(+), 22 deletions(-) (limited to 'source3/nsswitch/wbinfo.c') diff --git a/source3/nsswitch/wbinfo.c b/source3/nsswitch/wbinfo.c index 6ebf6effa7..f533799370 100644 --- a/source3/nsswitch/wbinfo.c +++ b/source3/nsswitch/wbinfo.c @@ -526,16 +526,36 @@ static BOOL wbinfo_create_user(char *username) ZERO_STRUCT(request); ZERO_STRUCT(response); + request.flags = WBFLAG_ALLOCATE_RID; fstrcpy(request.data.acct_mgt.username, username); result = winbindd_request(WINBINDD_CREATE_USER, &request, &response); - if (response.data.auth.nt_status) - d_printf("error code was %s (0x%x)\nerror messsage was: %s\n", - response.data.auth.nt_status_string, - response.data.auth.nt_status, - response.data.auth.error_string); + if ( result == NSS_STATUS_SUCCESS ) + d_printf("New RID is %d\n", response.data.rid); + + return result == NSS_STATUS_SUCCESS; +} +/****************************************************************** + remove a winbindd user +******************************************************************/ + +static BOOL wbinfo_delete_user(char *username) +{ + struct winbindd_request request; + struct winbindd_response response; + NSS_STATUS result; + + /* Send off request */ + + ZERO_STRUCT(request); + ZERO_STRUCT(response); + + fstrcpy(request.data.acct_mgt.username, username); + + result = winbindd_request(WINBINDD_DELETE_USER, &request, &response); + return result == NSS_STATUS_SUCCESS; } @@ -558,12 +578,28 @@ static BOOL wbinfo_create_group(char *groupname) result = winbindd_request(WINBINDD_CREATE_GROUP, &request, &response); - if (response.data.auth.nt_status) - d_printf("error code was %s (0x%x)\nerror messsage was: %s\n", - response.data.auth.nt_status_string, - response.data.auth.nt_status, - response.data.auth.error_string); + return result == NSS_STATUS_SUCCESS; +} +/****************************************************************** + remove a winbindd group +******************************************************************/ + +static BOOL wbinfo_delete_group(char *groupname) +{ + struct winbindd_request request; + struct winbindd_response response; + NSS_STATUS result; + + /* Send off request */ + + ZERO_STRUCT(request); + ZERO_STRUCT(response); + + fstrcpy(request.data.acct_mgt.groupname, groupname); + + result = winbindd_request(WINBINDD_DELETE_GROUP, &request, &response); + return result == NSS_STATUS_SUCCESS; } @@ -614,12 +650,6 @@ static BOOL wbinfo_add_user_to_group(char *string) result = winbindd_request(WINBINDD_ADD_USER_TO_GROUP, &request, &response); - if (response.data.auth.nt_status) - d_printf("error code was %s (0x%x)\nerror messsage was: %s\n", - response.data.auth.nt_status_string, - response.data.auth.nt_status, - response.data.auth.error_string); - return result == NSS_STATUS_SUCCESS; } @@ -647,12 +677,6 @@ static BOOL wbinfo_remove_user_from_group(char *string) result = winbindd_request(WINBINDD_REMOVE_USER_FROM_GROUP, &request, &response); - if (response.data.auth.nt_status) - d_printf("error code was %s (0x%x)\nerror messsage was: %s\n", - response.data.auth.nt_status_string, - response.data.auth.nt_status, - response.data.auth.error_string); - return result == NSS_STATUS_SUCCESS; } @@ -851,7 +875,9 @@ int main(int argc, char **argv) { "sid-to-uid", 'S', POPT_ARG_STRING, &string_arg, 'S', "Converts sid to uid", "SID" }, { "sid-to-gid", 'Y', POPT_ARG_STRING, &string_arg, 'Y', "Converts sid to gid", "SID" }, { "create-user", 'c', POPT_ARG_STRING, &string_arg, 'c', "Create a local user account", "name" }, + { "delete-user", 'x', POPT_ARG_STRING, &string_arg, 'x', "Delete a local user account", "name" }, { "create-group", 'C', POPT_ARG_STRING, &string_arg, 'C', "Create a local group", "name" }, + { "delete-group", 'X', POPT_ARG_STRING, &string_arg, 'X', "Delete a local group", "name" }, { "add-to-group", 'o', POPT_ARG_STRING, &string_arg, 'o', "Add user to group", "user:group" }, { "del-from-group", 'O', POPT_ARG_STRING, &string_arg, 'O', "Remove user from group", "user:group" }, { "check-secret", 't', POPT_ARG_NONE, 0, 't', "Check shared secret" }, @@ -1036,6 +1062,18 @@ int main(int argc, char **argv) goto done; } break; + case 'x': + if ( !wbinfo_delete_user(string_arg) ) { + d_printf("Could not delete user account\n"); + goto done; + } + break; + case 'X': + if ( !wbinfo_delete_group(string_arg) ) { + d_printf("Could not delete group\n"); + goto done; + } + break; case 'P': if (!wbinfo_ping()) { d_printf("could not ping winbindd!\n"); -- cgit