From 0f961cb6db0486239e68b625e743c08b075b05e9 Mon Sep 17 00:00:00 2001 From: Jim McDonough Date: Wed, 20 Sep 2006 23:56:07 +0000 Subject: r18758: Update net sam to use calculated times and force change password properly. (This used to be commit fb269ca0afe57651a6fa0d8f8ba5c014e902c3d3) --- source3/utils/net_sam.c | 56 ++++++++++++------------------------------------- 1 file changed, 13 insertions(+), 43 deletions(-) (limited to 'source3/utils/net_sam.c') diff --git a/source3/utils/net_sam.c b/source3/utils/net_sam.c index 00289d3bd3..03e0ff0a9c 100644 --- a/source3/utils/net_sam.c +++ b/source3/utils/net_sam.c @@ -206,23 +206,20 @@ static int net_sam_set_pwnoexp(int argc, const char **argv) } /* - * Set a user's time field + * Set pass last change time, based on force pass change now */ -static int net_sam_set_time(int argc, const char **argv, const char *field, - BOOL (*fn)(struct samu *, time_t, - enum pdb_value_state)) +static int net_sam_set_pwdmustchangenow(int argc, const char **argv) { struct samu *sam_acct = NULL; DOM_SID sid; enum lsa_SidType type; const char *dom, *name; NTSTATUS status; - time_t new_time; - if (argc != 2) { - d_fprintf(stderr, "usage: net sam set %s " - "[now|YYYY-MM-DD HH:MM]\n", field); + if ((argc != 2) || (!strequal(argv[1], "yes") && + !strequal(argv[1], "no"))) { + d_fprintf(stderr, "usage: net sam set pwdmustchangenow [yes|no]\n"); return -1; } @@ -238,22 +235,6 @@ static int net_sam_set_time(int argc, const char **argv, const char *field, return -1; } - if (strequal(argv[1], "now")) { - new_time = time(NULL); - } else { - struct tm tm; - char *end; - ZERO_STRUCT(tm); - end = strptime(argv[1], "%Y-%m-%d %H:%M", &tm); - new_time = mktime(&tm); - if ((end == NULL) || (*end != '\0') || (new_time == -1)) { - d_fprintf(stderr, "Could not parse time string %s\n", - argv[1]); - return -1; - } - } - - if ( !(sam_acct = samu_new( NULL )) ) { d_fprintf(stderr, "Internal error\n"); return -1; @@ -264,9 +245,10 @@ static int net_sam_set_time(int argc, const char **argv, const char *field, return -1; } - if (!fn(sam_acct, new_time, PDB_CHANGED)) { - d_fprintf(stderr, "Internal error\n"); - return -1; + if (strequal(argv[1], "yes")) { + pdb_set_pass_last_set_time(sam_acct, 0, PDB_CHANGED); + } else { + pdb_set_pass_last_set_time(sam_acct, time(NULL), PDB_CHANGED); } status = pdb_update_sam_account(sam_acct); @@ -278,21 +260,11 @@ static int net_sam_set_time(int argc, const char **argv, const char *field, TALLOC_FREE(sam_acct); - d_printf("Updated %s for %s\\%s to %s\n", field, dom, name, argv[1]); + d_fprintf(stderr, "Updated 'user must change password at next logon' for %s\\%s to %s\n", dom, + name, argv[1]); return 0; } -static int net_sam_set_pwdmustchange(int argc, const char **argv) -{ - return net_sam_set_time(argc, argv, "pwdmustchange", - pdb_set_pass_must_change_time); -} - -static int net_sam_set_pwdcanchange(int argc, const char **argv) -{ - return net_sam_set_time(argc, argv, "pwdcanchange", - pdb_set_pass_can_change_time); -} /* * Set a user's or a group's comment @@ -376,10 +348,8 @@ static int net_sam_set(int argc, const char **argv) "Disable/Enable a user's lockout flag" }, { "pwnoexp", net_sam_set_pwnoexp, "Disable/Enable whether a user's pw does not expire" }, - { "pwdmustchange", net_sam_set_pwdmustchange, - "Set a users password must change time" }, - { "pwdcanchange", net_sam_set_pwdcanchange, - "Set a users password can change time" }, + { "pwdmustchangenow", net_sam_set_pwdmustchangenow, + "Force users password must change at next logon" }, {NULL, NULL} }; -- cgit