From cab298856ab1179cdaec2ef89121f7c66c6b6d76 Mon Sep 17 00:00:00 2001 From: Günther Deschner Date: Wed, 22 Feb 2006 10:28:02 +0000 Subject: r13622: Allow to rename machine accounts in a Samba Domain. This still uses the "rename user script" to do the rename of the posix machine account (this might be changed later). Fixes #2331. Guenther (This used to be commit b2eac2e6eb6ddd1bcb4ed5172e7cd64144c18d16) --- source3/rpc_server/srv_samr_nt.c | 38 ++++++++++++++++++++++++++++++++++++-- 1 file changed, 36 insertions(+), 2 deletions(-) (limited to 'source3/rpc_server') diff --git a/source3/rpc_server/srv_samr_nt.c b/source3/rpc_server/srv_samr_nt.c index 5c2950b491..33de292d22 100644 --- a/source3/rpc_server/srv_samr_nt.c +++ b/source3/rpc_server/srv_samr_nt.c @@ -3071,13 +3071,47 @@ static BOOL set_user_info_20(SAM_USER_INFO_20 *id20, struct samu *pwd) static NTSTATUS set_user_info_21(TALLOC_CTX *mem_ctx, SAM_USER_INFO_21 *id21, struct samu *pwd) { + fstring new_name; NTSTATUS status; - + if (id21 == NULL) { DEBUG(5, ("set_user_info_21: NULL id21\n")); return NT_STATUS_INVALID_PARAMETER; } - + + /* we need to separately check for an account rename first */ + if (rpcstr_pull(new_name, id21->uni_user_name.buffer, + sizeof(new_name), id21->uni_user_name.uni_str_len*2, 0) && + (!strequal(new_name, pdb_get_username(pwd)))) { + + /* check to see if the new username already exists. Note: we can't + reliably lock all backends, so there is potentially the + possibility that a user can be created in between this check and + the rename. The rename should fail, but may not get the + exact same failure status code. I think this is small enough + of a window for this type of operation and the results are + simply that the rename fails with a slightly different status + code (like UNSUCCESSFUL instead of ALREADY_EXISTS). */ + + status = can_create(mem_ctx, new_name); + if (!NT_STATUS_IS_OK(status)) { + return status; + } + + status = pdb_rename_sam_account(pwd, new_name); + + if (!NT_STATUS_IS_OK(status)) { + DEBUG(0,("set_user_info_21: failed to rename account: %s\n", + nt_errstr(status))); + TALLOC_FREE(pwd); + return status; + } + + /* set the new username so that later + functions can work on the new account */ + pdb_set_username(pwd, new_name, PDB_SET); + } + copy_id21_to_sam_passwd(pwd, id21); /* -- cgit