From b6e03bf737a559364c9916cee53cfe73473911d5 Mon Sep 17 00:00:00 2001 From: Gerald Carter Date: Wed, 6 Dec 2000 18:18:48 +0000 Subject: added passdb editor (rough form with a few bugs) Should work with all backends. --jerry (This used to be commit fc43c63f481cdf22c3515cc0f0d744c662b4f83d) --- source3/utils/pdbedit.c | 692 ++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 692 insertions(+) create mode 100644 source3/utils/pdbedit.c (limited to 'source3/utils/pdbedit.c') diff --git a/source3/utils/pdbedit.c b/source3/utils/pdbedit.c new file mode 100644 index 0000000000..cd77cbc436 --- /dev/null +++ b/source3/utils/pdbedit.c @@ -0,0 +1,692 @@ +/* + * Unix SMB/Netbios implementation. Version 1.9. tdbedit module. Copyright + * (C) Simo Sorce 2000 + * + * This program is free software; you can redistribute it and/or modify it under + * the terms of the GNU General Public License as published by the Free + * Software Foundation; either version 2 of the License, or (at your option) + * any later version. + * + * This program is distributed in the hope that it will be useful, but WITHOUT + * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or + * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for + * more details. + * + * You should have received a copy of the GNU General Public License along with + * this program; if not, write to the Free Software Foundation, Inc., 675 + * Mass Ave, Cambridge, MA 02139, USA. + */ + +/* base uid for trust accounts is set to 60000 ! + * May be we should add the defines in smb.h to make it possible having + * different values on different platforms? + */ + +#define BASE_MACHINE_UID 60000 +#define MAX_MACHINE_UID 65500 /* 5500 trust acconts aren't enough? */ + +#include "includes.h" + +extern pstring global_myname; +extern int DEBUGLEVEL; + +/* + * Next two lines needed for SunOS and don't + * hurt anything else... + */ +extern char *optarg; +extern int optind; + +/********************************************************* + Print command usage on stderr and die. +**********************************************************/ +static void usage(void) +{ + if (getuid() == 0) { + printf("tdbedit options\n"); + } else { + printf("You need to be root to use this tool!\n"); + } + printf("(actually to add a user you need to use smbpasswd)\n"); + printf("options:\n"); + printf(" -l list usernames\n"); + printf(" -v verbose output\n"); + printf(" -w smbpasswd file style\n"); + printf(" -u username print user's info\n"); + printf(" -f fullname set Full Name\n"); + printf(" -h homedir set home directory\n"); + printf(" -d drive set home dir drive\n"); + printf(" -s script set logon script\n"); + printf(" -p profile set profile path\n"); + printf(" -a create new account\n"); + printf(" -m it is a machine trust\n"); + printf(" -x delete this user\n"); + printf(" -i file import account from file (smbpasswd style)\n"); + exit(1); +} +/********************************************************* + Print info from sam structure +**********************************************************/ +static int print_sam_info (SAM_ACCOUNT *sam_pwent, BOOL verbosity, BOOL smbpwdstyle) +{ + /* TODO: chaeck if entry is a user or a workstation */ + if (!sam_pwent) return -1; + + if (verbosity) + { + printf ("username: %s\n", sam_pwent->username); + printf ("user ID/Group: %d/%d\n", sam_pwent->uid, + sam_pwent->gid); + printf ("user RID/GRID: %d/%d\n", sam_pwent->user_rid, + sam_pwent->group_rid); + printf ("Full Name: %s\n", sam_pwent->full_name); + printf ("Home Directory: %s\n", sam_pwent->home_dir); + printf ("HomeDir Drive: %s\n", sam_pwent->dir_drive); + printf ("Logon Script: %s\n", sam_pwent->logon_script); + printf ("Profile Path: %s\n", sam_pwent->profile_path); + } + else if (smbpwdstyle) + { + char lm_passwd[33]; + char nt_passwd[33]; + pdb_gethexpwd(pdb_get_lanman_passwd(sam_pwent), lm_passwd); + pdb_gethexpwd(pdb_get_nt_passwd(sam_pwent), nt_passwd); + + printf ("%s:%d:%s:%s:%s:LCT-%08x:\n", + pdb_get_username(sam_pwent), + pdb_get_uid(sam_pwent), + lm_passwd, + nt_passwd, + pdb_encode_acct_ctrl(pdb_get_acct_ctrl(sam_pwent),NEW_PW_FORMAT_SPACE_PADDED_LEN), + (uint32)pdb_get_pass_last_set_time(sam_pwent)); + } + else + { + printf ("%s:%d:%s\n", sam_pwent->username, sam_pwent->uid, sam_pwent->full_name); + } + + return 0; +} + +/********************************************************* + Get an Print User Info +**********************************************************/ +static int print_user_info (char *username, BOOL verbosity, BOOL smbpwdstyle) +{ + SAM_ACCOUNT *sam_pwent; + + sam_pwent = pdb_getsampwnam (username); + if (sam_pwent) return print_sam_info (sam_pwent, verbosity, smbpwdstyle); + else fprintf (stderr, "Username not found!\n"); + return -1; +} + +/********************************************************* + List Users +**********************************************************/ +static int print_users_list (BOOL verbosity, BOOL smbpwdstyle) +{ + SAM_ACCOUNT *sam_pwent; + BOOL ret; + + ret = pdb_setsampwent(False); + if (ret && errno == ENOENT) { + fprintf (stderr,"Password database not found!\n"); + exit(1); + } + + while ((sam_pwent = pdb_getsampwent ())) + { + if (verbosity) printf ("---------------\n"); + print_sam_info (sam_pwent, verbosity, smbpwdstyle); + } + + pdb_endsampwent (); + return 0; +} + +/********************************************************* + Set User Info +**********************************************************/ +static int set_user_info (char *username, char *fullname, char *homedir, char *drive, char *script, char *profile) +{ + SAM_ACCOUNT *sam_pwent; + + sam_pwent = pdb_getsampwnam (username); + if (!sam_pwent) + { + fprintf (stderr, "Username not found!\n"); + return -1; + } + + if (fullname) sam_pwent->full_name = fullname; + if (homedir) sam_pwent->home_dir = homedir; + if (drive) sam_pwent->dir_drive = drive; + if (script) sam_pwent->logon_script = script; + if (profile) sam_pwent->profile_path = profile; + + if (pdb_update_sam_account (sam_pwent, TRUE)) print_user_info (username, TRUE, FALSE); + else + { + fprintf (stderr, "Unable to modify entry!\n"); + return -1; + } + return 0; +} + +/********************************************************* + Add New User +**********************************************************/ +static int new_user (char *username, char *fullname, char *homedir, char *drive, char *script, char *profile) +{ + SAM_ACCOUNT sam_pwent; + struct passwd *pwd = NULL; + uchar new_p16[16]; + uchar new_nt_p16[16]; + char *password1, *password2; + + if (pdb_getsampwnam (username)) + { + fprintf (stderr, "Username already exist in database!\n"); + return -1; + } + + if (!(pwd = sys_getpwnam(username))) + { + fprintf (stderr, "User %s does not exist in system passwd!\n", username); + return -1; + } + + password1 = getpass("new password:"); + password2 = getpass("retype new password:"); + if (strcmp (password1, password2)) + { + fprintf (stderr, "Passwords does not match!\n"); + return -1; + } + nt_lm_owf_gen (password1, new_nt_p16, new_p16); + + sam_pwent.username = username; + if (fullname) sam_pwent.full_name = fullname; + if (homedir) sam_pwent.home_dir = homedir; + if (drive) sam_pwent.dir_drive = drive; + if (script) sam_pwent.logon_script = script; + if (profile) sam_pwent.profile_path = profile; + + /* TODO: Check uid not being in MACHINE UID range!! */ + sam_pwent.uid = pwd->pw_uid; + sam_pwent.gid = pwd->pw_gid; + sam_pwent.user_rid = pdb_uid_to_user_rid (pwd->pw_uid); + sam_pwent.group_rid = pdb_gid_to_group_rid (pwd->pw_gid); + sam_pwent.lm_pw = new_p16; + sam_pwent.nt_pw = new_nt_p16; + sam_pwent.acct_ctrl = ACB_NORMAL; + + if (pdb_add_sam_account (&sam_pwent)) print_user_info (username, TRUE, FALSE); + else + { + fprintf (stderr, "Unable to add user!\n"); + return -1; + } + return 0; +} + +/********************************************************* + Add New Machine +**********************************************************/ +static int new_machine (char *machinename) +{ + SAM_ACCOUNT sam_pwent; + uchar new_p16[16]; + uchar new_nt_p16[16]; + char name[16]; + char *password = NULL; + uid_t uid; + + if (machinename[strlen (machinename) -1] == '$') machinename[strlen (machinename) -1] = '\0'; + + safe_strcpy (name, machinename, 16); + safe_strcat (name, "$", 16); + + string_set (&password, machinename); + strlower(password); + nt_lm_owf_gen (password, new_nt_p16, new_p16); + + sam_pwent.username = name; + + for (uid=BASE_MACHINE_UID; uid<=MAX_MACHINE_UID; uid++) if (!(pdb_getsampwuid (uid))) break; + if (uid>MAX_MACHINE_UID) + { + fprintf (stderr, "No more free UIDs available to Machine accounts!\n"); + return -1; + } + sam_pwent.uid = uid; + sam_pwent.gid = BASE_MACHINE_UID; /* TODO: set there more appropriate value!! */ + sam_pwent.user_rid = pdb_uid_to_user_rid (uid); + sam_pwent.group_rid = pdb_gid_to_group_rid (BASE_MACHINE_UID); + sam_pwent.lm_pw = new_p16; + sam_pwent.nt_pw = new_nt_p16; + sam_pwent.acct_ctrl = ACB_WSTRUST; + + if (pdb_add_sam_account (&sam_pwent)) print_user_info (name, TRUE, FALSE); + else + { + fprintf (stderr, "Unable to add machine!\n"); + return -1; + } + return 0; +} + +/********************************************************* + Delete user entry +**********************************************************/ +static int delete_user_entry (char *username) +{ + return pdb_delete_sam_account (username); +} + +/********************************************************* + Delete machine entry +**********************************************************/ +static int delete_machine_entry (char *machinename) +{ + char name[16]; + + safe_strcpy (name, machinename, 16); + if (name[strlen(name)] != '$') + { + safe_strcat (name, "$", 16); + } + return pdb_delete_sam_account (name); +} + +/********************************************************* + Import smbpasswd style file +**********************************************************/ +static int import_users (char *filename) +{ + FILE *fp = NULL; + SAM_ACCOUNT sam_pwent; + static pstring user_name; + static unsigned char smbpwd[16]; + static unsigned char smbntpwd[16]; + char linebuf[256]; + size_t linebuf_len; + unsigned char c; + unsigned char *p; + long uidval; + int line = 0; + int good = 0; + + if((fp = sys_fopen(filename, "rb")) == NULL) + { + fprintf (stderr, "%s\n", strerror (ferror (fp))); + return -1; + } + + while (!feof(fp)) + { + /*Get a new line*/ + linebuf[0] = '\0'; + fgets(linebuf, 256, fp); + if (ferror(fp)) + { + fprintf (stderr, "%s\n", strerror (ferror (fp))); + return -1; + } + if ((linebuf_len = strlen(linebuf)) == 0) + { + line++; + continue; + } + if (linebuf[linebuf_len - 1] != '\n') + { + c = '\0'; + while (!ferror(fp) && !feof(fp)) + { + c = fgetc(fp); + if (c == '\n') break; + } + } + else linebuf[linebuf_len - 1] = '\0'; + linebuf[linebuf_len] = '\0'; + if ((linebuf[0] == 0) && feof(fp)) + { + /*end of file!!*/ + return 0; + } + line++; + if (linebuf[0] == '#' || linebuf[0] == '\0') continue; + + pdb_init_sam (&sam_pwent); + sam_pwent.acct_ctrl = ACB_NORMAL; + + /* Get user name */ + p = (unsigned char *) strchr(linebuf, ':'); + if (p == NULL) + { + fprintf (stderr, "Error: malformed password entry at line %d !!\n", line); + continue; + } + strncpy(user_name, linebuf, PTR_DIFF(p, linebuf)); + user_name[PTR_DIFF(p, linebuf)] = '\0'; + + /* Get smb uid. */ + p++; + if(*p == '-') + { + fprintf (stderr, "Error: negative uid at line %d\n", line); + continue; + } + if (!isdigit(*p)) + { + fprintf (stderr, "Error: malformed password entry at line %d (uid not number)\n", line); + continue; + } + uidval = atoi((char *) p); + while (*p && isdigit(*p)) p++; + if (*p != ':') + { + fprintf (stderr, "Error: malformed password entry at line %d (no : after uid)\n", line); + continue; + } + + sam_pwent.username = user_name; + sam_pwent.uid = uidval; + + /* Get passwords */ + p++; + if (*p == '*' || *p == 'X') + { + /* Password deliberately invalid */ + fprintf (stderr, "Warning: entry invalidated for user %s\n", user_name); + sam_pwent.lm_pw = NULL; + sam_pwent.nt_pw = NULL; + sam_pwent.acct_ctrl |= ACB_DISABLED; + } + else + { + if (linebuf_len < (PTR_DIFF(p, linebuf) + 33)) + { + fprintf (stderr, "Error: malformed password entry at line %d (password too short)\n",line); + continue; + } + if (p[32] != ':') + { + fprintf (stderr, "Error: malformed password entry at line %d (no terminating :)\n",line); + continue; + } + if (!strncasecmp((char *) p, "NO PASSWORD", 11)) + { + sam_pwent.lm_pw = NULL; + sam_pwent.acct_ctrl |= ACB_PWNOTREQ; + } + else + { + if (!pdb_gethexpwd((char *)p, smbpwd)) + { + fprintf (stderr, "Error: malformed Lanman password entry at line %d (non hex chars)\n", line); + continue; + } + sam_pwent.lm_pw = smbpwd; + } + /* NT password */ + sam_pwent.nt_pw = NULL; + p += 33; + if ((linebuf_len >= (PTR_DIFF(p, linebuf) + 33)) && (p[32] == ':')) + { + if (*p != '*' && *p != 'X') + { + if (pdb_gethexpwd((char *)p,smbntpwd)) + { + sam_pwent.nt_pw = smbntpwd; + } + } + p += 33; + } + } + + /* Get ACCT_CTRL field if any */ + if (*p == '[') + { + unsigned char *end_p = (unsigned char *)strchr((char *)p, ']'); + + sam_pwent.acct_ctrl = pdb_decode_acct_ctrl((char*)p); + if(sam_pwent.acct_ctrl == 0) sam_pwent.acct_ctrl = ACB_NORMAL; + + /* Get last change time */ + if(end_p) p = end_p + 1; + if(*p == ':') + { + p++; + if(*p && (StrnCaseCmp((char *)p, "LCT-", 4)==0)) + { + int i; + + p += 4; + for(i = 0; i < 8; i++) + { + if(p[i] == '\0' || !isxdigit(p[i])) break; + } + if(i == 8) + { + sam_pwent.pass_last_set_time = (time_t)strtol((char *)p, NULL, 16); + } + } + } + } + + /* Test if workstation */ + else + { + if(sam_pwent.username[strlen(sam_pwent.username) - 1] == '$') + { + sam_pwent.acct_ctrl &= ~ACB_NORMAL; + sam_pwent.acct_ctrl |= ACB_WSTRUST; + } + } + if (sam_pwent.acct_ctrl & ACB_WSTRUST) + { + if (!(BASE_MACHINE_UID <= uidval <= MAX_MACHINE_UID)) + { + fprintf (stderr, "Warning: Machine UID out of normal range %d-%d\n", + BASE_MACHINE_UID, + MAX_MACHINE_UID); + } + sam_pwent.gid = BASE_MACHINE_UID; + } + + /* Test if user is valid */ + if (sam_pwent.acct_ctrl & ACB_NORMAL) + { + struct passwd *pwd = NULL; + + if (pdb_getsampwnam (user_name)) + { + fprintf (stderr, "Error: Username already exist in database!\n"); + continue; + } + if (!(pwd = sys_getpwnam(user_name))) + { + fprintf (stderr, "Error: User %s does not exist in system passwd!\n", user_name); + continue; + } + sam_pwent.gid = pwd->pw_gid; + } + + /* Fill in sam_pwent structure */ + sam_pwent.user_rid = pdb_uid_to_user_rid (sam_pwent.uid); + sam_pwent.group_rid = pdb_gid_to_group_rid (sam_pwent.gid); + /* TODO: set also full_name, home_dir, dir_drive, logon_script, profile_path, ecc... + * when defaults will be available (after passdb redesign) + * let them blank just now they are not used anyway + */ + + /* Now ADD the entry */ + if (!(pdb_add_sam_account (&sam_pwent))) + { + fprintf (stderr, "Unable to add user entry!\n"); + continue; + } + printf ("%s imported!\n", user_name); + good++; + } + printf ("%d lines read.\n%d entryes imported\n", line, good); + + return 0; +} + +/********************************************************* + Start here. +**********************************************************/ +int main (int argc, char **argv) +{ + int ch; + static pstring servicesf = CONFIGFILE; + BOOL list_users = FALSE; + BOOL verbose = FALSE; + BOOL spstyle = FALSE; + BOOL setparms = FALSE; + BOOL machine = FALSE; + BOOL add_user = FALSE; + BOOL delete_user = FALSE; + BOOL import = FALSE; + char *user_name = NULL; + char *full_name = NULL; + char *home_dir = NULL; + char *home_drive = NULL; + char *logon_script = NULL; + char *profile_path = NULL; + char *smbpasswd = NULL; + + TimeInit(); + + setup_logging("tdbedit", True); + + charset_initialise(); + + if (argc < 2) + + { + usage(); + return 0; + } + + if(!initialize_password_db(True)) { + fprintf(stderr, "Can't setup password database vectors.\n"); + exit(1); + } + + if (!lp_load(servicesf,True,False,False)) { + fprintf(stderr, "Can't load %s - run testparm to debug it\n", + servicesf); + exit(1); + } + + while ((ch = getopt(argc, argv, "ad:f:h:i:lmp:s:u:vwx")) != EOF) { + switch(ch) { + case 'a': + add_user = TRUE; + break; + case 'm': + machine = TRUE; + break; + case 'l': + list_users = TRUE; + break; + case 'v': + verbose = TRUE; + break; + case 'w': + spstyle = TRUE; + break; + case 'u': + user_name = optarg; + break; + case 'f': + setparms = TRUE; + full_name = optarg; + break; + case 'h': + setparms = TRUE; + home_dir = optarg; + break; + case 'd': + setparms = TRUE; + home_drive = optarg; + break; + case 's': + setparms = TRUE; + logon_script = optarg; + break; + case 'p': + setparms = TRUE; + profile_path = optarg; + break; + case 'x': + delete_user = TRUE; + break; + case 'i': + import = TRUE; + smbpasswd = optarg; + break; + default: + usage(); + } + } + if (((add_user?1:0) + (delete_user?1:0) + (list_users?1:0) + (import?1:0) + (setparms?1:0)) > 1) + { + fprintf (stderr, "Incompatible options on command line!\n"); + usage(); + exit(1); + } + + if (add_user) + { + if (!user_name) + { + fprintf (stderr, "Username not specified! (use -u option)\n"); + return -1; + } + if (machine) return new_machine (user_name); + else return new_user (user_name, full_name, home_dir, home_drive, logon_script, profile_path); + } + + if (delete_user) + { + if (!user_name) + { + fprintf (stderr, "Username not specified! (use -u option)\n"); + return -1; + } + if (machine) return delete_machine_entry (user_name); + else return delete_user_entry (user_name); + } + + if (user_name) + { + if (setparms) set_user_info ( user_name, + full_name, + home_dir, + home_drive, + logon_script, + profile_path); + + else return print_user_info (user_name, verbose, spstyle); + + return 0; + } + + + if (list_users) + return print_users_list (verbose, spstyle); + + if (import) + return import_users (smbpasswd); + + usage(); + + return 0; +} + + -- cgit From 762c6e3f84141a1c7ef697f1b0a3339d655c86ad Mon Sep 17 00:00:00 2001 From: Gerald Carter Date: Wed, 14 Mar 2001 20:17:27 +0000 Subject: patches from Simo. Couple of snity things (This used to be commit af3f2a30c657fc42171bbf7da2354bc4cc7b088d) --- source3/utils/pdbedit.c | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) (limited to 'source3/utils/pdbedit.c') diff --git a/source3/utils/pdbedit.c b/source3/utils/pdbedit.c index cd77cbc436..a86ea2ef5f 100644 --- a/source3/utils/pdbedit.c +++ b/source3/utils/pdbedit.c @@ -50,8 +50,8 @@ static void usage(void) printf("(actually to add a user you need to use smbpasswd)\n"); printf("options:\n"); printf(" -l list usernames\n"); - printf(" -v verbose output\n"); - printf(" -w smbpasswd file style\n"); + printf(" -v verbose output\n"); + printf(" -w smbpasswd file style\n"); printf(" -u username print user's info\n"); printf(" -f fullname set Full Name\n"); printf(" -h homedir set home directory\n"); @@ -89,8 +89,8 @@ static int print_sam_info (SAM_ACCOUNT *sam_pwent, BOOL verbosity, BOOL smbpwdst { char lm_passwd[33]; char nt_passwd[33]; - pdb_gethexpwd(pdb_get_lanman_passwd(sam_pwent), lm_passwd); - pdb_gethexpwd(pdb_get_nt_passwd(sam_pwent), nt_passwd); + pdb_sethexpwd(lm_passwd, pdb_get_lanman_passwd(sam_pwent), pdb_get_acct_ctrl(sam_pwent)); + pdb_sethexpwd(nt_passwd, pdb_get_nt_passwd(sam_pwent), pdb_get_acct_ctrl(sam_pwent)); printf ("%s:%d:%s:%s:%s:LCT-%08x:\n", pdb_get_username(sam_pwent), -- cgit From da8805b377e361a7cab399b3c786a25f7175e7cf Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Fri, 23 Mar 2001 02:14:08 +0000 Subject: groupdb/mapping.c: include/proto.h: Fix missing (void) in proto. rpc_server/srv_samr_nt.c: Fix user private group problem by filtering out groups that clash with users. smbd/posix_acls.c: Ensure default ACE's are sensible. utils/pdbedit.c: Fix from Simo Sorce. Jeremy. (This used to be commit 29414fe0d6665642d9b5f88a35e712426376c47f) --- source3/utils/pdbedit.c | 2 ++ 1 file changed, 2 insertions(+) (limited to 'source3/utils/pdbedit.c') diff --git a/source3/utils/pdbedit.c b/source3/utils/pdbedit.c index a86ea2ef5f..6022f9aef2 100644 --- a/source3/utils/pdbedit.c +++ b/source3/utils/pdbedit.c @@ -185,6 +185,8 @@ static int new_user (char *username, char *fullname, char *homedir, char *drive, uchar new_nt_p16[16]; char *password1, *password2; + ZERO_STRUCT(sam_pwent); + if (pdb_getsampwnam (username)) { fprintf (stderr, "Username already exist in database!\n"); -- cgit From f35157f39293f9fa240a28642c41708b55d301c8 Mon Sep 17 00:00:00 2001 From: Jean-François Micouleau Date: Fri, 4 May 2001 15:44:27 +0000 Subject: Big cleanup of passdb and backends. I did some basic tests but I have probably broken something. Notably the password changing. So don't cry ;-) J.F. (This used to be commit a4a4c02b12f030a3b9e6225b999c90689dfc4719) --- source3/utils/pdbedit.c | 93 +++++++++++++++++++++++++++++++------------------ 1 file changed, 60 insertions(+), 33 deletions(-) (limited to 'source3/utils/pdbedit.c') diff --git a/source3/utils/pdbedit.c b/source3/utils/pdbedit.c index 6022f9aef2..9a545fbb45 100644 --- a/source3/utils/pdbedit.c +++ b/source3/utils/pdbedit.c @@ -113,12 +113,23 @@ static int print_sam_info (SAM_ACCOUNT *sam_pwent, BOOL verbosity, BOOL smbpwdst **********************************************************/ static int print_user_info (char *username, BOOL verbosity, BOOL smbpwdstyle) { - SAM_ACCOUNT *sam_pwent; + SAM_ACCOUNT *sam_pwent=NULL; + BOOL ret; + + pdb_init_sam(&sam_pwent); - sam_pwent = pdb_getsampwnam (username); - if (sam_pwent) return print_sam_info (sam_pwent, verbosity, smbpwdstyle); - else fprintf (stderr, "Username not found!\n"); - return -1; + ret = pdb_getsampwnam (sam_pwent, username); + + if (ret==False) { + fprintf (stderr, "Username not found!\n"); + pdb_clear_sam(sam_pwent); + return -1; + } + + ret=print_sam_info (sam_pwent, verbosity, smbpwdstyle); + pdb_clear_sam(sam_pwent); + + return ret; } /********************************************************* @@ -126,22 +137,26 @@ static int print_user_info (char *username, BOOL verbosity, BOOL smbpwdstyle) **********************************************************/ static int print_users_list (BOOL verbosity, BOOL smbpwdstyle) { - SAM_ACCOUNT *sam_pwent; + SAM_ACCOUNT *sam_pwent=NULL; BOOL ret; + pdb_init_sam(&sam_pwent); + ret = pdb_setsampwent(False); if (ret && errno == ENOENT) { fprintf (stderr,"Password database not found!\n"); + pdb_clear_sam(sam_pwent); exit(1); } - while ((sam_pwent = pdb_getsampwent ())) + while ((ret = pdb_getsampwent (sam_pwent))) { if (verbosity) printf ("---------------\n"); print_sam_info (sam_pwent, verbosity, smbpwdstyle); } pdb_endsampwent (); + pdb_clear_sam(sam_pwent); return 0; } @@ -150,27 +165,33 @@ static int print_users_list (BOOL verbosity, BOOL smbpwdstyle) **********************************************************/ static int set_user_info (char *username, char *fullname, char *homedir, char *drive, char *script, char *profile) { - SAM_ACCOUNT *sam_pwent; + SAM_ACCOUNT *sam_pwent=NULL; + BOOL ret; + + pdb_init_sam(&sam_pwent); - sam_pwent = pdb_getsampwnam (username); - if (!sam_pwent) + ret = pdb_getsampwnam (sam_pwent, username); + if (ret==False) { fprintf (stderr, "Username not found!\n"); + pdb_clear_sam(sam_pwent); return -1; } - if (fullname) sam_pwent->full_name = fullname; - if (homedir) sam_pwent->home_dir = homedir; - if (drive) sam_pwent->dir_drive = drive; - if (script) sam_pwent->logon_script = script; - if (profile) sam_pwent->profile_path = profile; + if (fullname) pdb_set_fullname(sam_pwent, fullname); + if (homedir) pdb_set_homedir(sam_pwent, homedir); + if (drive) pdb_set_dir_drive(sam_pwent,drive); + if (script) pdb_set_logon_script(sam_pwent, script); + if (profile) pdb_set_profile_path (sam_pwent, profile); if (pdb_update_sam_account (sam_pwent, TRUE)) print_user_info (username, TRUE, FALSE); else { fprintf (stderr, "Unable to modify entry!\n"); + pdb_clear_sam(sam_pwent); return -1; } + pdb_clear_sam(sam_pwent); return 0; } @@ -180,6 +201,7 @@ static int set_user_info (char *username, char *fullname, char *homedir, char *d static int new_user (char *username, char *fullname, char *homedir, char *drive, char *script, char *profile) { SAM_ACCOUNT sam_pwent; + BOOL ret; struct passwd *pwd = NULL; uchar new_p16[16]; uchar new_nt_p16[16]; @@ -187,7 +209,7 @@ static int new_user (char *username, char *fullname, char *homedir, char *drive, ZERO_STRUCT(sam_pwent); - if (pdb_getsampwnam (username)) + if (pdb_getsampwnam (&sam_pwent, username)) { fprintf (stderr, "Username already exist in database!\n"); return -1; @@ -208,12 +230,12 @@ static int new_user (char *username, char *fullname, char *homedir, char *drive, } nt_lm_owf_gen (password1, new_nt_p16, new_p16); - sam_pwent.username = username; - if (fullname) sam_pwent.full_name = fullname; - if (homedir) sam_pwent.home_dir = homedir; - if (drive) sam_pwent.dir_drive = drive; - if (script) sam_pwent.logon_script = script; - if (profile) sam_pwent.profile_path = profile; + pdb_set_username(&sam_pwent, username); + if (fullname) pdb_set_fullname(&sam_pwent, fullname); + if (homedir) pdb_set_homedir (&sam_pwent, homedir); + if (drive) pdb_set_dir_drive (&sam_pwent, drive); + if (script) pdb_set_logon_script(&sam_pwent, script); + if (profile) pdb_set_profile_path (&sam_pwent, profile); /* TODO: Check uid not being in MACHINE UID range!! */ sam_pwent.uid = pwd->pw_uid; @@ -239,6 +261,7 @@ static int new_user (char *username, char *fullname, char *homedir, char *drive, static int new_machine (char *machinename) { SAM_ACCOUNT sam_pwent; + SAM_ACCOUNT sam_trust; uchar new_p16[16]; uchar new_nt_p16[16]; char name[16]; @@ -254,14 +277,17 @@ static int new_machine (char *machinename) strlower(password); nt_lm_owf_gen (password, new_nt_p16, new_p16); - sam_pwent.username = name; + pdb_set_username(&sam_pwent, name); + + for (uid=BASE_MACHINE_UID; uid<=MAX_MACHINE_UID; uid++) + if (!(pdb_getsampwuid (&sam_trust, uid))) + break; - for (uid=BASE_MACHINE_UID; uid<=MAX_MACHINE_UID; uid++) if (!(pdb_getsampwuid (uid))) break; - if (uid>MAX_MACHINE_UID) - { + if (uid>MAX_MACHINE_UID) { fprintf (stderr, "No more free UIDs available to Machine accounts!\n"); return -1; } + sam_pwent.uid = uid; sam_pwent.gid = BASE_MACHINE_UID; /* TODO: set there more appropriate value!! */ sam_pwent.user_rid = pdb_uid_to_user_rid (uid); @@ -270,9 +296,9 @@ static int new_machine (char *machinename) sam_pwent.nt_pw = new_nt_p16; sam_pwent.acct_ctrl = ACB_WSTRUST; - if (pdb_add_sam_account (&sam_pwent)) print_user_info (name, TRUE, FALSE); - else - { + if (pdb_add_sam_account (&sam_pwent)) + print_user_info (name, TRUE, FALSE); + else { fprintf (stderr, "Unable to add machine!\n"); return -1; } @@ -309,6 +335,7 @@ static int import_users (char *filename) { FILE *fp = NULL; SAM_ACCOUNT sam_pwent; + SAM_ACCOUNT sam_test; static pstring user_name; static unsigned char smbpwd[16]; static unsigned char smbntpwd[16]; @@ -360,7 +387,7 @@ static int import_users (char *filename) line++; if (linebuf[0] == '#' || linebuf[0] == '\0') continue; - pdb_init_sam (&sam_pwent); + /*pdb_init_sam (&sam_pwent);*/ sam_pwent.acct_ctrl = ACB_NORMAL; /* Get user name */ @@ -393,8 +420,8 @@ static int import_users (char *filename) continue; } - sam_pwent.username = user_name; - sam_pwent.uid = uidval; + pdb_set_username(&sam_pwent, user_name); + pdb_set_uid (&sam_pwent, uidval); /* Get passwords */ p++; @@ -503,7 +530,7 @@ static int import_users (char *filename) { struct passwd *pwd = NULL; - if (pdb_getsampwnam (user_name)) + if (pdb_getsampwnam (&sam_test,user_name)) { fprintf (stderr, "Error: Username already exist in database!\n"); continue; -- cgit From 050b0307f086037ec9c21d7125fd2a86cf218339 Mon Sep 17 00:00:00 2001 From: Tim Potter Date: Mon, 7 May 2001 06:05:30 +0000 Subject: Removed unused variable. (This used to be commit 6bd197714a6f51e43efb8fb72bb51e83c6991c79) --- source3/utils/pdbedit.c | 1 - 1 file changed, 1 deletion(-) (limited to 'source3/utils/pdbedit.c') diff --git a/source3/utils/pdbedit.c b/source3/utils/pdbedit.c index 9a545fbb45..da57dbd8c8 100644 --- a/source3/utils/pdbedit.c +++ b/source3/utils/pdbedit.c @@ -201,7 +201,6 @@ static int set_user_info (char *username, char *fullname, char *homedir, char *d static int new_user (char *username, char *fullname, char *homedir, char *drive, char *script, char *profile) { SAM_ACCOUNT sam_pwent; - BOOL ret; struct passwd *pwd = NULL; uchar new_p16[16]; uchar new_nt_p16[16]; -- cgit From 30c4c04c2f584857633ce7605555dcfb37a3e1af Mon Sep 17 00:00:00 2001 From: Gerald Carter Date: Mon, 7 May 2001 14:04:46 +0000 Subject: Patch from Simo: o sed 's/pdb_clear_sam/pdb_free_sam/g' o add pdb_reset_sam() o password changing should be ok now as well. (This used to be commit 96d0e7c3301ad990f6c83b9c216720cb32661fb5) --- source3/utils/pdbedit.c | 15 ++++++++------- 1 file changed, 8 insertions(+), 7 deletions(-) (limited to 'source3/utils/pdbedit.c') diff --git a/source3/utils/pdbedit.c b/source3/utils/pdbedit.c index da57dbd8c8..ef62fe32df 100644 --- a/source3/utils/pdbedit.c +++ b/source3/utils/pdbedit.c @@ -122,12 +122,12 @@ static int print_user_info (char *username, BOOL verbosity, BOOL smbpwdstyle) if (ret==False) { fprintf (stderr, "Username not found!\n"); - pdb_clear_sam(sam_pwent); + pdb_free_sam(sam_pwent); return -1; } ret=print_sam_info (sam_pwent, verbosity, smbpwdstyle); - pdb_clear_sam(sam_pwent); + pdb_free_sam(sam_pwent); return ret; } @@ -145,7 +145,7 @@ static int print_users_list (BOOL verbosity, BOOL smbpwdstyle) ret = pdb_setsampwent(False); if (ret && errno == ENOENT) { fprintf (stderr,"Password database not found!\n"); - pdb_clear_sam(sam_pwent); + pdb_free_sam(sam_pwent); exit(1); } @@ -153,10 +153,11 @@ static int print_users_list (BOOL verbosity, BOOL smbpwdstyle) { if (verbosity) printf ("---------------\n"); print_sam_info (sam_pwent, verbosity, smbpwdstyle); + pdb_reset_sam(sam_pwent); } pdb_endsampwent (); - pdb_clear_sam(sam_pwent); + pdb_free_sam(sam_pwent); return 0; } @@ -174,7 +175,7 @@ static int set_user_info (char *username, char *fullname, char *homedir, char *d if (ret==False) { fprintf (stderr, "Username not found!\n"); - pdb_clear_sam(sam_pwent); + pdb_free_sam(sam_pwent); return -1; } @@ -188,10 +189,10 @@ static int set_user_info (char *username, char *fullname, char *homedir, char *d else { fprintf (stderr, "Unable to modify entry!\n"); - pdb_clear_sam(sam_pwent); + pdb_free_sam(sam_pwent); return -1; } - pdb_clear_sam(sam_pwent); + pdb_free_sam(sam_pwent); return 0; } -- cgit From 87fbb7092b8f8b2f0db0f361c3d625e19de57cd9 Mon Sep 17 00:00:00 2001 From: Andrew Tridgell Date: Wed, 4 Jul 2001 07:15:53 +0000 Subject: The big character set handling changeover! This commit gets rid of all our old codepage handling and replaces it with iconv. All internal strings in Samba are now in "unix" charset, which may be multi-byte. See internals.doc and my posting to samba-technical for a more complete explanation. (This used to be commit debb471267960e56005a741817ebd227ecfc512a) --- source3/utils/pdbedit.c | 2 -- 1 file changed, 2 deletions(-) (limited to 'source3/utils/pdbedit.c') diff --git a/source3/utils/pdbedit.c b/source3/utils/pdbedit.c index ef62fe32df..2b1dfe9f92 100644 --- a/source3/utils/pdbedit.c +++ b/source3/utils/pdbedit.c @@ -592,8 +592,6 @@ int main (int argc, char **argv) setup_logging("tdbedit", True); - charset_initialise(); - if (argc < 2) { -- cgit From 527e824293ee934ca5da0ef5424efe5ab7757248 Mon Sep 17 00:00:00 2001 From: Andrew Tridgell Date: Wed, 4 Jul 2001 07:36:09 +0000 Subject: strchr and strrchr are macros when compiling with optimisation in gcc, so we can't redefine them. damn. (This used to be commit c41fc06376d1a2b83690612304e85010b5e5f3cf) --- source3/utils/pdbedit.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'source3/utils/pdbedit.c') diff --git a/source3/utils/pdbedit.c b/source3/utils/pdbedit.c index 2b1dfe9f92..ec90e7ff1d 100644 --- a/source3/utils/pdbedit.c +++ b/source3/utils/pdbedit.c @@ -391,7 +391,7 @@ static int import_users (char *filename) sam_pwent.acct_ctrl = ACB_NORMAL; /* Get user name */ - p = (unsigned char *) strchr(linebuf, ':'); + p = (unsigned char *) strchr_m(linebuf, ':'); if (p == NULL) { fprintf (stderr, "Error: malformed password entry at line %d !!\n", line); @@ -478,7 +478,7 @@ static int import_users (char *filename) /* Get ACCT_CTRL field if any */ if (*p == '[') { - unsigned char *end_p = (unsigned char *)strchr((char *)p, ']'); + unsigned char *end_p = (unsigned char *)strchr_m((char *)p, ']'); sam_pwent.acct_ctrl = pdb_decode_acct_ctrl((char*)p); if(sam_pwent.acct_ctrl == 0) sam_pwent.acct_ctrl = ACB_NORMAL; -- cgit From afa73000063d7c3eb94ccc7b423c8a7bea28f9a5 Mon Sep 17 00:00:00 2001 From: Tim Potter Date: Thu, 12 Jul 2001 22:27:00 +0000 Subject: Changed instances of TRUE, FALSE to True, False as some compilers don't have the first set of symbols. (This used to be commit ad0cbfbd790bc5d6003ffcff2835d82fb0140625) --- source3/utils/pdbedit.c | 46 +++++++++++++++++++++++----------------------- 1 file changed, 23 insertions(+), 23 deletions(-) (limited to 'source3/utils/pdbedit.c') diff --git a/source3/utils/pdbedit.c b/source3/utils/pdbedit.c index ec90e7ff1d..a31f83956d 100644 --- a/source3/utils/pdbedit.c +++ b/source3/utils/pdbedit.c @@ -185,7 +185,7 @@ static int set_user_info (char *username, char *fullname, char *homedir, char *d if (script) pdb_set_logon_script(sam_pwent, script); if (profile) pdb_set_profile_path (sam_pwent, profile); - if (pdb_update_sam_account (sam_pwent, TRUE)) print_user_info (username, TRUE, FALSE); + if (pdb_update_sam_account (sam_pwent, True)) print_user_info (username, True, False); else { fprintf (stderr, "Unable to modify entry!\n"); @@ -246,7 +246,7 @@ static int new_user (char *username, char *fullname, char *homedir, char *drive, sam_pwent.nt_pw = new_nt_p16; sam_pwent.acct_ctrl = ACB_NORMAL; - if (pdb_add_sam_account (&sam_pwent)) print_user_info (username, TRUE, FALSE); + if (pdb_add_sam_account (&sam_pwent)) print_user_info (username, True, False); else { fprintf (stderr, "Unable to add user!\n"); @@ -297,7 +297,7 @@ static int new_machine (char *machinename) sam_pwent.acct_ctrl = ACB_WSTRUST; if (pdb_add_sam_account (&sam_pwent)) - print_user_info (name, TRUE, FALSE); + print_user_info (name, True, False); else { fprintf (stderr, "Unable to add machine!\n"); return -1; @@ -572,14 +572,14 @@ int main (int argc, char **argv) { int ch; static pstring servicesf = CONFIGFILE; - BOOL list_users = FALSE; - BOOL verbose = FALSE; - BOOL spstyle = FALSE; - BOOL setparms = FALSE; - BOOL machine = FALSE; - BOOL add_user = FALSE; - BOOL delete_user = FALSE; - BOOL import = FALSE; + BOOL list_users = False; + BOOL verbose = False; + BOOL spstyle = False; + BOOL setparms = False; + BOOL machine = False; + BOOL add_user = False; + BOOL delete_user = False; + BOOL import = False; char *user_name = NULL; char *full_name = NULL; char *home_dir = NULL; @@ -613,48 +613,48 @@ int main (int argc, char **argv) while ((ch = getopt(argc, argv, "ad:f:h:i:lmp:s:u:vwx")) != EOF) { switch(ch) { case 'a': - add_user = TRUE; + add_user = True; break; case 'm': - machine = TRUE; + machine = True; break; case 'l': - list_users = TRUE; + list_users = True; break; case 'v': - verbose = TRUE; + verbose = True; break; case 'w': - spstyle = TRUE; + spstyle = True; break; case 'u': user_name = optarg; break; case 'f': - setparms = TRUE; + setparms = True; full_name = optarg; break; case 'h': - setparms = TRUE; + setparms = True; home_dir = optarg; break; case 'd': - setparms = TRUE; + setparms = True; home_drive = optarg; break; case 's': - setparms = TRUE; + setparms = True; logon_script = optarg; break; case 'p': - setparms = TRUE; + setparms = True; profile_path = optarg; break; case 'x': - delete_user = TRUE; + delete_user = True; break; case 'i': - import = TRUE; + import = True; smbpasswd = optarg; break; default: -- cgit From 5021be2f24c3a1414d834a16f89a3a671aee444c Mon Sep 17 00:00:00 2001 From: Tim Potter Date: Tue, 28 Aug 2001 06:02:51 +0000 Subject: Fixed typo in comment. (This used to be commit b10ad789d6d412ef1d2e0d8b47fc233225861bf9) --- source3/utils/pdbedit.c | 4 +--- 1 file changed, 1 insertion(+), 3 deletions(-) (limited to 'source3/utils/pdbedit.c') diff --git a/source3/utils/pdbedit.c b/source3/utils/pdbedit.c index a31f83956d..1068446905 100644 --- a/source3/utils/pdbedit.c +++ b/source3/utils/pdbedit.c @@ -23,7 +23,7 @@ */ #define BASE_MACHINE_UID 60000 -#define MAX_MACHINE_UID 65500 /* 5500 trust acconts aren't enough? */ +#define MAX_MACHINE_UID 65500 /* 5500 trust accounts aren't enough? */ #include "includes.h" @@ -715,5 +715,3 @@ int main (int argc, char **argv) return 0; } - - -- cgit From 65e35d5d4bf2a35fde52d1fb795c84764009acad Mon Sep 17 00:00:00 2001 From: Tim Potter Date: Thu, 6 Sep 2001 09:10:26 +0000 Subject: Started a cleanup of smbpasswd related stuff. I've created a new file lib/smbpasswd.c which will contain routines related to manipulating smbpasswd entries. - renamed and moved pdb_{get,set}hexpwd() functions - renamed and moved pdb_{decode,encode}acct_ctrl() functions - started hiding references to the cruftalicious NEW_PW_FORMAT_SPACE_PADDED_LEN constant - started gradual rename of references to acct_ctrl to acb_info which is the nomenclature used in MSDN and header files There's still more work to be done. Currently there are several places where smbpasswd entries are iterated etc. Ideally this should all happen through the passdb system. (This used to be commit 4a01e240305fb6fead973beef4937a016b15d744) --- source3/utils/pdbedit.c | 28 ++++++++++++++++------------ 1 file changed, 16 insertions(+), 12 deletions(-) (limited to 'source3/utils/pdbedit.c') diff --git a/source3/utils/pdbedit.c b/source3/utils/pdbedit.c index 1068446905..f09fd4f773 100644 --- a/source3/utils/pdbedit.c +++ b/source3/utils/pdbedit.c @@ -89,16 +89,20 @@ static int print_sam_info (SAM_ACCOUNT *sam_pwent, BOOL verbosity, BOOL smbpwdst { char lm_passwd[33]; char nt_passwd[33]; - pdb_sethexpwd(lm_passwd, pdb_get_lanman_passwd(sam_pwent), pdb_get_acct_ctrl(sam_pwent)); - pdb_sethexpwd(nt_passwd, pdb_get_nt_passwd(sam_pwent), pdb_get_acct_ctrl(sam_pwent)); + smbpasswd_sethexpwd(lm_passwd, + pdb_get_lanman_passwd(sam_pwent), + pdb_get_acct_ctrl(sam_pwent)); + smbpasswd_sethexpwd(nt_passwd, + pdb_get_nt_passwd(sam_pwent), + pdb_get_acct_ctrl(sam_pwent)); - printf ("%s:%d:%s:%s:%s:LCT-%08x:\n", - pdb_get_username(sam_pwent), - pdb_get_uid(sam_pwent), - lm_passwd, - nt_passwd, - pdb_encode_acct_ctrl(pdb_get_acct_ctrl(sam_pwent),NEW_PW_FORMAT_SPACE_PADDED_LEN), - (uint32)pdb_get_pass_last_set_time(sam_pwent)); + printf("%s:%d:%s:%s:%s:LCT-%08x:\n", + pdb_get_username(sam_pwent), + pdb_get_uid(sam_pwent), + lm_passwd, + nt_passwd, + smbpasswd_encode_acb_info(pdb_get_acct_ctrl(sam_pwent)), + (uint32)pdb_get_pass_last_set_time(sam_pwent)); } else { @@ -452,7 +456,7 @@ static int import_users (char *filename) } else { - if (!pdb_gethexpwd((char *)p, smbpwd)) + if (!smbpasswd_gethexpwd((char *)p, smbpwd)) { fprintf (stderr, "Error: malformed Lanman password entry at line %d (non hex chars)\n", line); continue; @@ -466,7 +470,7 @@ static int import_users (char *filename) { if (*p != '*' && *p != 'X') { - if (pdb_gethexpwd((char *)p,smbntpwd)) + if (smbpasswd_gethexpwd((char *)p,smbntpwd)) { sam_pwent.nt_pw = smbntpwd; } @@ -480,7 +484,7 @@ static int import_users (char *filename) { unsigned char *end_p = (unsigned char *)strchr_m((char *)p, ']'); - sam_pwent.acct_ctrl = pdb_decode_acct_ctrl((char*)p); + sam_pwent.acct_ctrl = smbpasswd_decode_acb_info((char*)p); if(sam_pwent.acct_ctrl == 0) sam_pwent.acct_ctrl = ACB_NORMAL; /* Get last change time */ -- cgit From 9b1c40b7a41a4c70fba1f93d69c17689511bea01 Mon Sep 17 00:00:00 2001 From: Andrew Bartlett Date: Wed, 26 Sep 2001 11:28:26 +0000 Subject: Fix up pdbedit to initialise its structures with the standard functions, therfore ensuring sensible defaults for some values, notably account expriries which mean 'locked out' if == 0. This NEEDS to be merged into 2.2.2 or people can get wrongly initilaised TDB records. (which will only fail on future versions of samba). Andrew Bartlett (This used to be commit f0f315f31533bb5dc47d27cd6823ad0b146f1ff9) --- source3/utils/pdbedit.c | 92 ++++++++++++++++++++++++++++--------------------- 1 file changed, 52 insertions(+), 40 deletions(-) (limited to 'source3/utils/pdbedit.c') diff --git a/source3/utils/pdbedit.c b/source3/utils/pdbedit.c index f09fd4f773..7025f38362 100644 --- a/source3/utils/pdbedit.c +++ b/source3/utils/pdbedit.c @@ -205,23 +205,25 @@ static int set_user_info (char *username, char *fullname, char *homedir, char *d **********************************************************/ static int new_user (char *username, char *fullname, char *homedir, char *drive, char *script, char *profile) { - SAM_ACCOUNT sam_pwent; + SAM_ACCOUNT *sam_pwent=NULL; struct passwd *pwd = NULL; - uchar new_p16[16]; - uchar new_nt_p16[16]; char *password1, *password2; ZERO_STRUCT(sam_pwent); - if (pdb_getsampwnam (&sam_pwent, username)) + pdb_init_sam (&sam_pwent); + + if (pdb_getsampwnam (sam_pwent, username)) { fprintf (stderr, "Username already exist in database!\n"); + pdb_free_sam (sam_pwent); return -1; } if (!(pwd = sys_getpwnam(username))) { fprintf (stderr, "User %s does not exist in system passwd!\n", username); + pdb_free_sam (sam_pwent); return -1; } @@ -230,32 +232,35 @@ static int new_user (char *username, char *fullname, char *homedir, char *drive, if (strcmp (password1, password2)) { fprintf (stderr, "Passwords does not match!\n"); + pdb_free_sam (sam_pwent); return -1; } - nt_lm_owf_gen (password1, new_nt_p16, new_p16); - - pdb_set_username(&sam_pwent, username); - if (fullname) pdb_set_fullname(&sam_pwent, fullname); - if (homedir) pdb_set_homedir (&sam_pwent, homedir); - if (drive) pdb_set_dir_drive (&sam_pwent, drive); - if (script) pdb_set_logon_script(&sam_pwent, script); - if (profile) pdb_set_profile_path (&sam_pwent, profile); + + pdb_set_plaintext_passwd(sam_pwent, password1); + + pdb_set_username(sam_pwent, username); + if (fullname) pdb_set_fullname(sam_pwent, fullname); + if (homedir) pdb_set_homedir (sam_pwent, homedir); + if (drive) pdb_set_dir_drive (sam_pwent, drive); + if (script) pdb_set_logon_script(sam_pwent, script); + if (profile) pdb_set_profile_path (sam_pwent, profile); /* TODO: Check uid not being in MACHINE UID range!! */ - sam_pwent.uid = pwd->pw_uid; - sam_pwent.gid = pwd->pw_gid; - sam_pwent.user_rid = pdb_uid_to_user_rid (pwd->pw_uid); - sam_pwent.group_rid = pdb_gid_to_group_rid (pwd->pw_gid); - sam_pwent.lm_pw = new_p16; - sam_pwent.nt_pw = new_nt_p16; - sam_pwent.acct_ctrl = ACB_NORMAL; - - if (pdb_add_sam_account (&sam_pwent)) print_user_info (username, True, False); - else - { + pdb_set_uid (sam_pwent, pwd->pw_uid); + pdb_set_gid (sam_pwent, pwd->pw_gid); + pdb_set_user_rid (sam_pwent, pdb_uid_to_user_rid (pwd->pw_uid)); + pdb_set_group_rid (sam_pwent, pdb_gid_to_group_rid (pwd->pw_gid)); + + pdb_set_acct_ctrl (sam_pwent, ACB_NORMAL); + + if (pdb_add_sam_account (sam_pwent)) { + print_user_info (username, True, False); + } else { fprintf (stderr, "Unable to add user!\n"); + pdb_free_sam (sam_pwent); return -1; } + pdb_free_sam (sam_pwent); return 0; } @@ -264,13 +269,13 @@ static int new_user (char *username, char *fullname, char *homedir, char *drive, **********************************************************/ static int new_machine (char *machinename) { - SAM_ACCOUNT sam_pwent; - SAM_ACCOUNT sam_trust; - uchar new_p16[16]; - uchar new_nt_p16[16]; + SAM_ACCOUNT *sam_pwent=NULL; + SAM_ACCOUNT *sam_trust=NULL; char name[16]; char *password = NULL; uid_t uid; + + pdb_init_sam (&sam_pwent); if (machinename[strlen (machinename) -1] == '$') machinename[strlen (machinename) -1] = '\0'; @@ -279,33 +284,40 @@ static int new_machine (char *machinename) string_set (&password, machinename); strlower(password); - nt_lm_owf_gen (password, new_nt_p16, new_p16); - pdb_set_username(&sam_pwent, name); + pdb_set_plaintext_passwd(sam_pwent, password); + + pdb_set_username(sam_pwent, name); - for (uid=BASE_MACHINE_UID; uid<=MAX_MACHINE_UID; uid++) - if (!(pdb_getsampwuid (&sam_trust, uid))) + for (uid=BASE_MACHINE_UID; uid<=MAX_MACHINE_UID; uid++) { + pdb_init_sam (&sam_trust); + if (pdb_getsampwuid (sam_trust, uid)) { + pdb_free_sam (sam_trust); + } else { break; + } + } if (uid>MAX_MACHINE_UID) { fprintf (stderr, "No more free UIDs available to Machine accounts!\n"); + pdb_free_sam(sam_pwent); return -1; } - sam_pwent.uid = uid; - sam_pwent.gid = BASE_MACHINE_UID; /* TODO: set there more appropriate value!! */ - sam_pwent.user_rid = pdb_uid_to_user_rid (uid); - sam_pwent.group_rid = pdb_gid_to_group_rid (BASE_MACHINE_UID); - sam_pwent.lm_pw = new_p16; - sam_pwent.nt_pw = new_nt_p16; - sam_pwent.acct_ctrl = ACB_WSTRUST; + pdb_set_uid(sam_pwent, uid); + pdb_set_gid(sam_pwent, BASE_MACHINE_UID); /* TODO: set there more appropriate value!! */ + pdb_set_user_rid (sam_pwent,pdb_uid_to_user_rid (uid)); + pdb_set_group_rid (sam_pwent, pdb_gid_to_group_rid (BASE_MACHINE_UID)); + pdb_set_acct_ctrl (sam_pwent, ACB_WSTRUST); - if (pdb_add_sam_account (&sam_pwent)) + if (pdb_add_sam_account (sam_pwent)) { print_user_info (name, True, False); - else { + } else { fprintf (stderr, "Unable to add machine!\n"); + pdb_free_sam (sam_pwent); return -1; } + pdb_free_sam (sam_pwent); return 0; } -- cgit From 415cfe0912ec924e0259003051586ed531ce2d4d Mon Sep 17 00:00:00 2001 From: Andrew Bartlett Date: Thu, 27 Sep 2001 09:36:38 +0000 Subject: Major update to pdbedit's import and export code, in line with reqests for it to use the pdb_ formatting functions. Similarly, it now uses pdb_set...() rather than accessing passdb members directly. Andrew Bartlett (This used to be commit e3b7cac47f4fd9dff289a367ef6649b14c117d17) --- source3/utils/pdbedit.c | 164 ++++++++++++++++++++++++------------------------ 1 file changed, 83 insertions(+), 81 deletions(-) (limited to 'source3/utils/pdbedit.c') diff --git a/source3/utils/pdbedit.c b/source3/utils/pdbedit.c index 7025f38362..f0acf2b0b0 100644 --- a/source3/utils/pdbedit.c +++ b/source3/utils/pdbedit.c @@ -1,21 +1,25 @@ -/* - * Unix SMB/Netbios implementation. Version 1.9. tdbedit module. Copyright - * (C) Simo Sorce 2000 - * - * This program is free software; you can redistribute it and/or modify it under - * the terms of the GNU General Public License as published by the Free - * Software Foundation; either version 2 of the License, or (at your option) - * any later version. - * - * This program is distributed in the hope that it will be useful, but WITHOUT - * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or - * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for - * more details. - * - * You should have received a copy of the GNU General Public License along with - * this program; if not, write to the Free Software Foundation, Inc., 675 - * Mass Ave, Cambridge, MA 02139, USA. - */ +/* + Unix SMB/Netbios implementation. + passdb editing frontend + Version 3.0 + + Copyright (C) Simo Sorce 2000 + Copyright (C) Andrew Bartlett 2001 + + This program is free software; you can redistribute it and/or modify + it under the terms of the GNU General Public License as published by + the Free Software Foundation; either version 2 of the License, or + (at your option) any later version. + + This program is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU General Public License for more details. + + You should have received a copy of the GNU General Public License + along with this program; if not, write to the Free Software + Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. +*/ /* base uid for trust accounts is set to 60000 ! * May be we should add the defines in smb.h to make it possible having @@ -89,19 +93,19 @@ static int print_sam_info (SAM_ACCOUNT *sam_pwent, BOOL verbosity, BOOL smbpwdst { char lm_passwd[33]; char nt_passwd[33]; - smbpasswd_sethexpwd(lm_passwd, - pdb_get_lanman_passwd(sam_pwent), - pdb_get_acct_ctrl(sam_pwent)); - smbpasswd_sethexpwd(nt_passwd, - pdb_get_nt_passwd(sam_pwent), - pdb_get_acct_ctrl(sam_pwent)); + pdb_sethexpwd(lm_passwd, + pdb_get_lanman_passwd(sam_pwent), + pdb_get_acct_ctrl(sam_pwent)); + pdb_sethexpwd(nt_passwd, + pdb_get_nt_passwd(sam_pwent), + pdb_get_acct_ctrl(sam_pwent)); - printf("%s:%d:%s:%s:%s:LCT-%08x:\n", + printf("%s:%d:%s:%s:%s:LCT-%08X:\n", pdb_get_username(sam_pwent), pdb_get_uid(sam_pwent), lm_passwd, nt_passwd, - smbpasswd_encode_acb_info(pdb_get_acct_ctrl(sam_pwent)), + pdb_encode_acct_ctrl(pdb_get_acct_ctrl(sam_pwent),NEW_PW_FORMAT_SPACE_PADDED_LEN), (uint32)pdb_get_pass_last_set_time(sam_pwent)); } else @@ -213,13 +217,6 @@ static int new_user (char *username, char *fullname, char *homedir, char *drive, pdb_init_sam (&sam_pwent); - if (pdb_getsampwnam (sam_pwent, username)) - { - fprintf (stderr, "Username already exist in database!\n"); - pdb_free_sam (sam_pwent); - return -1; - } - if (!(pwd = sys_getpwnam(username))) { fprintf (stderr, "User %s does not exist in system passwd!\n", username); @@ -256,7 +253,7 @@ static int new_user (char *username, char *fullname, char *homedir, char *drive, if (pdb_add_sam_account (sam_pwent)) { print_user_info (username, True, False); } else { - fprintf (stderr, "Unable to add user!\n"); + fprintf (stderr, "Unable to add user! (does it alredy exist?)\n"); pdb_free_sam (sam_pwent); return -1; } @@ -283,11 +280,11 @@ static int new_machine (char *machinename) safe_strcat (name, "$", 16); string_set (&password, machinename); - strlower(password); + strlower_m (password); - pdb_set_plaintext_passwd(sam_pwent, password); + pdb_set_plaintext_passwd (sam_pwent, password); - pdb_set_username(sam_pwent, name); + pdb_set_username (sam_pwent, name); for (uid=BASE_MACHINE_UID; uid<=MAX_MACHINE_UID; uid++) { pdb_init_sam (&sam_trust); @@ -304,8 +301,8 @@ static int new_machine (char *machinename) return -1; } - pdb_set_uid(sam_pwent, uid); - pdb_set_gid(sam_pwent, BASE_MACHINE_UID); /* TODO: set there more appropriate value!! */ + pdb_set_uid (sam_pwent, uid); + pdb_set_gid (sam_pwent, BASE_MACHINE_UID); /* TODO: set there more appropriate value!! */ pdb_set_user_rid (sam_pwent,pdb_uid_to_user_rid (uid)); pdb_set_group_rid (sam_pwent, pdb_gid_to_group_rid (BASE_MACHINE_UID)); pdb_set_acct_ctrl (sam_pwent, ACB_WSTRUST); @@ -313,7 +310,7 @@ static int new_machine (char *machinename) if (pdb_add_sam_account (sam_pwent)) { print_user_info (name, True, False); } else { - fprintf (stderr, "Unable to add machine!\n"); + fprintf (stderr, "Unable to add machine! (does it already exist?)\n"); pdb_free_sam (sam_pwent); return -1; } @@ -350,8 +347,7 @@ static int delete_machine_entry (char *machinename) static int import_users (char *filename) { FILE *fp = NULL; - SAM_ACCOUNT sam_pwent; - SAM_ACCOUNT sam_test; + SAM_ACCOUNT *sam_pwent = NULL; static pstring user_name; static unsigned char smbpwd[16]; static unsigned char smbntpwd[16]; @@ -363,6 +359,10 @@ static int import_users (char *filename) int line = 0; int good = 0; + if (!pdb_init_sam (&sam_pwent)) { + fprintf (stderr, "pdb_init_sam FAILED!\n"); + } + if((fp = sys_fopen(filename, "rb")) == NULL) { fprintf (stderr, "%s\n", strerror (ferror (fp))); @@ -377,6 +377,7 @@ static int import_users (char *filename) if (ferror(fp)) { fprintf (stderr, "%s\n", strerror (ferror (fp))); + pdb_free_sam(sam_pwent); return -1; } if ((linebuf_len = strlen(linebuf)) == 0) @@ -398,19 +399,20 @@ static int import_users (char *filename) if ((linebuf[0] == 0) && feof(fp)) { /*end of file!!*/ + pdb_free_sam(sam_pwent); return 0; } line++; if (linebuf[0] == '#' || linebuf[0] == '\0') continue; - /*pdb_init_sam (&sam_pwent);*/ - sam_pwent.acct_ctrl = ACB_NORMAL; + pdb_set_acct_ctrl (sam_pwent,ACB_NORMAL); /* Get user name */ p = (unsigned char *) strchr_m(linebuf, ':'); if (p == NULL) { fprintf (stderr, "Error: malformed password entry at line %d !!\n", line); + pdb_reset_sam (sam_pwent); continue; } strncpy(user_name, linebuf, PTR_DIFF(p, linebuf)); @@ -421,11 +423,13 @@ static int import_users (char *filename) if(*p == '-') { fprintf (stderr, "Error: negative uid at line %d\n", line); + pdb_reset_sam (sam_pwent); continue; } if (!isdigit(*p)) { fprintf (stderr, "Error: malformed password entry at line %d (uid not number)\n", line); + pdb_reset_sam (sam_pwent); continue; } uidval = atoi((char *) p); @@ -433,11 +437,12 @@ static int import_users (char *filename) if (*p != ':') { fprintf (stderr, "Error: malformed password entry at line %d (no : after uid)\n", line); + pdb_reset_sam (sam_pwent); continue; } - pdb_set_username(&sam_pwent, user_name); - pdb_set_uid (&sam_pwent, uidval); + pdb_set_username(sam_pwent, user_name); + pdb_set_uid (sam_pwent, uidval); /* Get passwords */ p++; @@ -445,46 +450,49 @@ static int import_users (char *filename) { /* Password deliberately invalid */ fprintf (stderr, "Warning: entry invalidated for user %s\n", user_name); - sam_pwent.lm_pw = NULL; - sam_pwent.nt_pw = NULL; - sam_pwent.acct_ctrl |= ACB_DISABLED; + pdb_set_lanman_passwd(sam_pwent, NULL); + pdb_set_nt_passwd(sam_pwent,NULL); + pdb_set_acct_ctrl(sam_pwent, pdb_get_acct_ctrl(sam_pwent) | ACB_DISABLED); } else { if (linebuf_len < (PTR_DIFF(p, linebuf) + 33)) { fprintf (stderr, "Error: malformed password entry at line %d (password too short)\n",line); + pdb_reset_sam (sam_pwent); continue; } if (p[32] != ':') { fprintf (stderr, "Error: malformed password entry at line %d (no terminating :)\n",line); + pdb_reset_sam (sam_pwent); continue; } if (!strncasecmp((char *) p, "NO PASSWORD", 11)) { - sam_pwent.lm_pw = NULL; - sam_pwent.acct_ctrl |= ACB_PWNOTREQ; + pdb_set_lanman_passwd(sam_pwent, NULL); + pdb_set_acct_ctrl(sam_pwent, pdb_get_acct_ctrl(sam_pwent) | ACB_PWNOTREQ); } else { if (!smbpasswd_gethexpwd((char *)p, smbpwd)) { fprintf (stderr, "Error: malformed Lanman password entry at line %d (non hex chars)\n", line); + pdb_reset_sam (sam_pwent); continue; } - sam_pwent.lm_pw = smbpwd; + pdb_set_lanman_passwd(sam_pwent, smbpwd); } /* NT password */ - sam_pwent.nt_pw = NULL; + pdb_set_nt_passwd(sam_pwent, smbpwd); p += 33; if ((linebuf_len >= (PTR_DIFF(p, linebuf) + 33)) && (p[32] == ':')) { if (*p != '*' && *p != 'X') { - if (smbpasswd_gethexpwd((char *)p,smbntpwd)) + if (pdb_gethexpwd((char *)p,smbntpwd)) { - sam_pwent.nt_pw = smbntpwd; + pdb_set_nt_passwd(sam_pwent, smbntpwd); } } p += 33; @@ -494,10 +502,13 @@ static int import_users (char *filename) /* Get ACCT_CTRL field if any */ if (*p == '[') { + uint16 acct_ctrl; unsigned char *end_p = (unsigned char *)strchr_m((char *)p, ']'); - sam_pwent.acct_ctrl = smbpasswd_decode_acb_info((char*)p); - if(sam_pwent.acct_ctrl == 0) sam_pwent.acct_ctrl = ACB_NORMAL; + acct_ctrl = pdb_decode_acct_ctrl((char*)p); + if (acct_ctrl) acct_ctrl = ACB_NORMAL; + + pdb_set_acct_ctrl(sam_pwent, acct_ctrl); /* Get last change time */ if(end_p) p = end_p + 1; @@ -515,69 +526,60 @@ static int import_users (char *filename) } if(i == 8) { - sam_pwent.pass_last_set_time = (time_t)strtol((char *)p, NULL, 16); + pdb_set_pass_last_set_time (sam_pwent, (time_t)strtol((char *)p, NULL, 16)); } } } } - /* Test if workstation */ - else - { - if(sam_pwent.username[strlen(sam_pwent.username) - 1] == '$') - { - sam_pwent.acct_ctrl &= ~ACB_NORMAL; - sam_pwent.acct_ctrl |= ACB_WSTRUST; - } - } - if (sam_pwent.acct_ctrl & ACB_WSTRUST) + /* Old-style workstation account code droped. */ + + if (pdb_get_acct_ctrl(sam_pwent) & ACB_WSTRUST) { - if (!(BASE_MACHINE_UID <= uidval <= MAX_MACHINE_UID)) + if ((uidval < BASE_MACHINE_UID) || (uidval > MAX_MACHINE_UID)) { fprintf (stderr, "Warning: Machine UID out of normal range %d-%d\n", BASE_MACHINE_UID, MAX_MACHINE_UID); } - sam_pwent.gid = BASE_MACHINE_UID; + pdb_set_uid(sam_pwent, BASE_MACHINE_UID); } /* Test if user is valid */ - if (sam_pwent.acct_ctrl & ACB_NORMAL) + if (pdb_get_acct_ctrl(sam_pwent) & ACB_NORMAL) { struct passwd *pwd = NULL; - if (pdb_getsampwnam (&sam_test,user_name)) - { - fprintf (stderr, "Error: Username already exist in database!\n"); - continue; - } if (!(pwd = sys_getpwnam(user_name))) { fprintf (stderr, "Error: User %s does not exist in system passwd!\n", user_name); continue; } - sam_pwent.gid = pwd->pw_gid; + pdb_set_gid(sam_pwent, pwd->pw_gid); } /* Fill in sam_pwent structure */ - sam_pwent.user_rid = pdb_uid_to_user_rid (sam_pwent.uid); - sam_pwent.group_rid = pdb_gid_to_group_rid (sam_pwent.gid); + pdb_set_user_rid(sam_pwent, pdb_uid_to_user_rid (pdb_get_uid(sam_pwent))); + pdb_set_group_rid(sam_pwent, pdb_gid_to_group_rid (pdb_get_gid(sam_pwent))); + /* TODO: set also full_name, home_dir, dir_drive, logon_script, profile_path, ecc... * when defaults will be available (after passdb redesign) * let them blank just now they are not used anyway */ /* Now ADD the entry */ - if (!(pdb_add_sam_account (&sam_pwent))) + if (!(pdb_add_sam_account (sam_pwent))) { fprintf (stderr, "Unable to add user entry!\n"); + pdb_reset_sam (sam_pwent); continue; } printf ("%s imported!\n", user_name); good++; + pdb_reset_sam (sam_pwent); } printf ("%d lines read.\n%d entryes imported\n", line, good); - + pdb_free_sam(sam_pwent); return 0; } -- cgit From a69e900d97194f153afb5c45934820dfb89755eb Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Thu, 27 Sep 2001 21:20:14 +0000 Subject: Sync 2.2.2 and HEAD (I will keep these the same if it kills me :-). Jeremy. (This used to be commit 76fac3eb945c7ced28c5685849d3616bb7c89ca2) --- source3/utils/pdbedit.c | 230 ++++++++++++++++++++++-------------------------- 1 file changed, 103 insertions(+), 127 deletions(-) (limited to 'source3/utils/pdbedit.c') diff --git a/source3/utils/pdbedit.c b/source3/utils/pdbedit.c index f0acf2b0b0..41d66777fd 100644 --- a/source3/utils/pdbedit.c +++ b/source3/utils/pdbedit.c @@ -68,16 +68,17 @@ static void usage(void) printf(" -i file import account from file (smbpasswd style)\n"); exit(1); } + /********************************************************* Print info from sam structure **********************************************************/ + static int print_sam_info (SAM_ACCOUNT *sam_pwent, BOOL verbosity, BOOL smbpwdstyle) { /* TODO: chaeck if entry is a user or a workstation */ if (!sam_pwent) return -1; - if (verbosity) - { + if (verbosity) { printf ("username: %s\n", sam_pwent->username); printf ("user ID/Group: %d/%d\n", sam_pwent->uid, sam_pwent->gid); @@ -88,9 +89,7 @@ static int print_sam_info (SAM_ACCOUNT *sam_pwent, BOOL verbosity, BOOL smbpwdst printf ("HomeDir Drive: %s\n", sam_pwent->dir_drive); printf ("Logon Script: %s\n", sam_pwent->logon_script); printf ("Profile Path: %s\n", sam_pwent->profile_path); - } - else if (smbpwdstyle) - { + } else if (smbpwdstyle) { char lm_passwd[33]; char nt_passwd[33]; pdb_sethexpwd(lm_passwd, @@ -107,9 +106,7 @@ static int print_sam_info (SAM_ACCOUNT *sam_pwent, BOOL verbosity, BOOL smbpwdst nt_passwd, pdb_encode_acct_ctrl(pdb_get_acct_ctrl(sam_pwent),NEW_PW_FORMAT_SPACE_PADDED_LEN), (uint32)pdb_get_pass_last_set_time(sam_pwent)); - } - else - { + } else { printf ("%s:%d:%s\n", sam_pwent->username, sam_pwent->uid, sam_pwent->full_name); } @@ -119,6 +116,7 @@ static int print_sam_info (SAM_ACCOUNT *sam_pwent, BOOL verbosity, BOOL smbpwdst /********************************************************* Get an Print User Info **********************************************************/ + static int print_user_info (char *username, BOOL verbosity, BOOL smbpwdstyle) { SAM_ACCOUNT *sam_pwent=NULL; @@ -157,9 +155,9 @@ static int print_users_list (BOOL verbosity, BOOL smbpwdstyle) exit(1); } - while ((ret = pdb_getsampwent (sam_pwent))) - { - if (verbosity) printf ("---------------\n"); + while ((ret = pdb_getsampwent (sam_pwent))) { + if (verbosity) + printf ("---------------\n"); print_sam_info (sam_pwent, verbosity, smbpwdstyle); pdb_reset_sam(sam_pwent); } @@ -172,6 +170,7 @@ static int print_users_list (BOOL verbosity, BOOL smbpwdstyle) /********************************************************* Set User Info **********************************************************/ + static int set_user_info (char *username, char *fullname, char *homedir, char *drive, char *script, char *profile) { SAM_ACCOUNT *sam_pwent=NULL; @@ -180,22 +179,26 @@ static int set_user_info (char *username, char *fullname, char *homedir, char *d pdb_init_sam(&sam_pwent); ret = pdb_getsampwnam (sam_pwent, username); - if (ret==False) - { + if (ret==False) { fprintf (stderr, "Username not found!\n"); pdb_free_sam(sam_pwent); return -1; } - if (fullname) pdb_set_fullname(sam_pwent, fullname); - if (homedir) pdb_set_homedir(sam_pwent, homedir); - if (drive) pdb_set_dir_drive(sam_pwent,drive); - if (script) pdb_set_logon_script(sam_pwent, script); - if (profile) pdb_set_profile_path (sam_pwent, profile); - - if (pdb_update_sam_account (sam_pwent, True)) print_user_info (username, True, False); - else - { + if (fullname) + pdb_set_fullname(sam_pwent, fullname); + if (homedir) + pdb_set_homedir(sam_pwent, homedir); + if (drive) + pdb_set_dir_drive(sam_pwent,drive); + if (script) + pdb_set_logon_script(sam_pwent, script); + if (profile) + pdb_set_profile_path (sam_pwent, profile); + + if (pdb_update_sam_account (sam_pwent, True)) + print_user_info (username, True, False); + else { fprintf (stderr, "Unable to modify entry!\n"); pdb_free_sam(sam_pwent); return -1; @@ -217,8 +220,7 @@ static int new_user (char *username, char *fullname, char *homedir, char *drive, pdb_init_sam (&sam_pwent); - if (!(pwd = sys_getpwnam(username))) - { + if (!(pwd = sys_getpwnam(username))) { fprintf (stderr, "User %s does not exist in system passwd!\n", username); pdb_free_sam (sam_pwent); return -1; @@ -226,8 +228,7 @@ static int new_user (char *username, char *fullname, char *homedir, char *drive, password1 = getpass("new password:"); password2 = getpass("retype new password:"); - if (strcmp (password1, password2)) - { + if (strcmp (password1, password2)) { fprintf (stderr, "Passwords does not match!\n"); pdb_free_sam (sam_pwent); return -1; @@ -236,11 +237,16 @@ static int new_user (char *username, char *fullname, char *homedir, char *drive, pdb_set_plaintext_passwd(sam_pwent, password1); pdb_set_username(sam_pwent, username); - if (fullname) pdb_set_fullname(sam_pwent, fullname); - if (homedir) pdb_set_homedir (sam_pwent, homedir); - if (drive) pdb_set_dir_drive (sam_pwent, drive); - if (script) pdb_set_logon_script(sam_pwent, script); - if (profile) pdb_set_profile_path (sam_pwent, profile); + if (fullname) + pdb_set_fullname(sam_pwent, fullname); + if (homedir) + pdb_set_homedir (sam_pwent, homedir); + if (drive) + pdb_set_dir_drive (sam_pwent, drive); + if (script) + pdb_set_logon_script(sam_pwent, script); + if (profile) + pdb_set_profile_path (sam_pwent, profile); /* TODO: Check uid not being in MACHINE UID range!! */ pdb_set_uid (sam_pwent, pwd->pw_uid); @@ -264,6 +270,7 @@ static int new_user (char *username, char *fullname, char *homedir, char *drive, /********************************************************* Add New Machine **********************************************************/ + static int new_machine (char *machinename) { SAM_ACCOUNT *sam_pwent=NULL; @@ -274,13 +281,14 @@ static int new_machine (char *machinename) pdb_init_sam (&sam_pwent); - if (machinename[strlen (machinename) -1] == '$') machinename[strlen (machinename) -1] = '\0'; + if (machinename[strlen (machinename) -1] == '$') + machinename[strlen (machinename) -1] = '\0'; safe_strcpy (name, machinename, 16); safe_strcat (name, "$", 16); string_set (&password, machinename); - strlower_m (password); + strlower_m(password); pdb_set_plaintext_passwd (sam_pwent, password); @@ -321,6 +329,7 @@ static int new_machine (char *machinename) /********************************************************* Delete user entry **********************************************************/ + static int delete_user_entry (char *username) { return pdb_delete_sam_account (username); @@ -329,21 +338,21 @@ static int delete_user_entry (char *username) /********************************************************* Delete machine entry **********************************************************/ + static int delete_machine_entry (char *machinename) { char name[16]; safe_strcpy (name, machinename, 16); if (name[strlen(name)] != '$') - { safe_strcat (name, "$", 16); - } return pdb_delete_sam_account (name); } /********************************************************* Import smbpasswd style file **********************************************************/ + static int import_users (char *filename) { FILE *fp = NULL; @@ -363,54 +372,47 @@ static int import_users (char *filename) fprintf (stderr, "pdb_init_sam FAILED!\n"); } - if((fp = sys_fopen(filename, "rb")) == NULL) - { + if((fp = sys_fopen(filename, "rb")) == NULL) { fprintf (stderr, "%s\n", strerror (ferror (fp))); return -1; } - while (!feof(fp)) - { + while (!feof(fp)) { /*Get a new line*/ linebuf[0] = '\0'; fgets(linebuf, 256, fp); - if (ferror(fp)) - { + if (ferror(fp)) { fprintf (stderr, "%s\n", strerror (ferror (fp))); pdb_free_sam(sam_pwent); return -1; } - if ((linebuf_len = strlen(linebuf)) == 0) - { + if ((linebuf_len = strlen(linebuf)) == 0) { line++; continue; } - if (linebuf[linebuf_len - 1] != '\n') - { + if (linebuf[linebuf_len - 1] != '\n') { c = '\0'; - while (!ferror(fp) && !feof(fp)) - { + while (!ferror(fp) && !feof(fp)) { c = fgetc(fp); if (c == '\n') break; } - } - else linebuf[linebuf_len - 1] = '\0'; + } else + linebuf[linebuf_len - 1] = '\0'; linebuf[linebuf_len] = '\0'; - if ((linebuf[0] == 0) && feof(fp)) - { + if ((linebuf[0] == 0) && feof(fp)) { /*end of file!!*/ pdb_free_sam(sam_pwent); return 0; } line++; - if (linebuf[0] == '#' || linebuf[0] == '\0') continue; + if (linebuf[0] == '#' || linebuf[0] == '\0') + continue; pdb_set_acct_ctrl (sam_pwent,ACB_NORMAL); /* Get user name */ p = (unsigned char *) strchr_m(linebuf, ':'); - if (p == NULL) - { + if (p == NULL) { fprintf (stderr, "Error: malformed password entry at line %d !!\n", line); pdb_reset_sam (sam_pwent); continue; @@ -420,22 +422,19 @@ static int import_users (char *filename) /* Get smb uid. */ p++; - if(*p == '-') - { + if(*p == '-') { fprintf (stderr, "Error: negative uid at line %d\n", line); pdb_reset_sam (sam_pwent); continue; } - if (!isdigit(*p)) - { + if (!isdigit(*p)) { fprintf (stderr, "Error: malformed password entry at line %d (uid not number)\n", line); pdb_reset_sam (sam_pwent); continue; } uidval = atoi((char *) p); while (*p && isdigit(*p)) p++; - if (*p != ':') - { + if (*p != ':') { fprintf (stderr, "Error: malformed password entry at line %d (no : after uid)\n", line); pdb_reset_sam (sam_pwent); continue; @@ -446,37 +445,28 @@ static int import_users (char *filename) /* Get passwords */ p++; - if (*p == '*' || *p == 'X') - { + if (*p == '*' || *p == 'X') { /* Password deliberately invalid */ fprintf (stderr, "Warning: entry invalidated for user %s\n", user_name); pdb_set_lanman_passwd(sam_pwent, NULL); pdb_set_nt_passwd(sam_pwent,NULL); pdb_set_acct_ctrl(sam_pwent, pdb_get_acct_ctrl(sam_pwent) | ACB_DISABLED); - } - else - { - if (linebuf_len < (PTR_DIFF(p, linebuf) + 33)) - { + } else { + if (linebuf_len < (PTR_DIFF(p, linebuf) + 33)) { fprintf (stderr, "Error: malformed password entry at line %d (password too short)\n",line); pdb_reset_sam (sam_pwent); continue; } - if (p[32] != ':') - { + if (p[32] != ':') { fprintf (stderr, "Error: malformed password entry at line %d (no terminating :)\n",line); pdb_reset_sam (sam_pwent); continue; } - if (!strncasecmp((char *) p, "NO PASSWORD", 11)) - { + if (!strncasecmp((char *) p, "NO PASSWORD", 11)) { pdb_set_lanman_passwd(sam_pwent, NULL); pdb_set_acct_ctrl(sam_pwent, pdb_get_acct_ctrl(sam_pwent) | ACB_PWNOTREQ); - } - else - { - if (!smbpasswd_gethexpwd((char *)p, smbpwd)) - { + } else { + if (!smbpasswd_gethexpwd((char *)p, smbpwd)) { fprintf (stderr, "Error: malformed Lanman password entry at line %d (non hex chars)\n", line); pdb_reset_sam (sam_pwent); continue; @@ -486,12 +476,9 @@ static int import_users (char *filename) /* NT password */ pdb_set_nt_passwd(sam_pwent, smbpwd); p += 33; - if ((linebuf_len >= (PTR_DIFF(p, linebuf) + 33)) && (p[32] == ':')) - { - if (*p != '*' && *p != 'X') - { - if (pdb_gethexpwd((char *)p,smbntpwd)) - { + if ((linebuf_len >= (PTR_DIFF(p, linebuf) + 33)) && (p[32] == ':')) { + if (*p != '*' && *p != 'X') { + if (pdb_gethexpwd((char *)p,smbntpwd)) { pdb_set_nt_passwd(sam_pwent, smbntpwd); } } @@ -500,32 +487,29 @@ static int import_users (char *filename) } /* Get ACCT_CTRL field if any */ - if (*p == '[') - { + if (*p == '[') { uint16 acct_ctrl; unsigned char *end_p = (unsigned char *)strchr_m((char *)p, ']'); acct_ctrl = pdb_decode_acct_ctrl((char*)p); - if (acct_ctrl) acct_ctrl = ACB_NORMAL; + if (acct_ctrl) + acct_ctrl = ACB_NORMAL; pdb_set_acct_ctrl(sam_pwent, acct_ctrl); /* Get last change time */ - if(end_p) p = end_p + 1; - if(*p == ':') - { + if(end_p) + p = end_p + 1; + if(*p == ':') { p++; - if(*p && (StrnCaseCmp((char *)p, "LCT-", 4)==0)) - { + if(*p && (StrnCaseCmp((char *)p, "LCT-", 4)==0)) { int i; p += 4; - for(i = 0; i < 8; i++) - { + for(i = 0; i < 8; i++) { if(p[i] == '\0' || !isxdigit(p[i])) break; } - if(i == 8) - { + if(i == 8) { pdb_set_pass_last_set_time (sam_pwent, (time_t)strtol((char *)p, NULL, 16)); } } @@ -534,10 +518,8 @@ static int import_users (char *filename) /* Old-style workstation account code droped. */ - if (pdb_get_acct_ctrl(sam_pwent) & ACB_WSTRUST) - { - if ((uidval < BASE_MACHINE_UID) || (uidval > MAX_MACHINE_UID)) - { + if (pdb_get_acct_ctrl(sam_pwent) & ACB_WSTRUST) { + if ((uidval < BASE_MACHINE_UID) || (uidval > MAX_MACHINE_UID)) { fprintf (stderr, "Warning: Machine UID out of normal range %d-%d\n", BASE_MACHINE_UID, MAX_MACHINE_UID); @@ -546,12 +528,10 @@ static int import_users (char *filename) } /* Test if user is valid */ - if (pdb_get_acct_ctrl(sam_pwent) & ACB_NORMAL) - { + if (pdb_get_acct_ctrl(sam_pwent) & ACB_NORMAL) { struct passwd *pwd = NULL; - if (!(pwd = sys_getpwnam(user_name))) - { + if (!(pwd = sys_getpwnam(user_name))) { fprintf (stderr, "Error: User %s does not exist in system passwd!\n", user_name); continue; } @@ -568,8 +548,7 @@ static int import_users (char *filename) */ /* Now ADD the entry */ - if (!(pdb_add_sam_account (sam_pwent))) - { + if (!(pdb_add_sam_account (sam_pwent))) { fprintf (stderr, "Unable to add user entry!\n"); pdb_reset_sam (sam_pwent); continue; @@ -586,6 +565,7 @@ static int import_users (char *filename) /********************************************************* Start here. **********************************************************/ + int main (int argc, char **argv) { int ch; @@ -610,9 +590,7 @@ int main (int argc, char **argv) setup_logging("tdbedit", True); - if (argc < 2) - - { + if (argc < 2) { usage(); return 0; } @@ -679,45 +657,43 @@ int main (int argc, char **argv) usage(); } } - if (((add_user?1:0) + (delete_user?1:0) + (list_users?1:0) + (import?1:0) + (setparms?1:0)) > 1) - { + if (((add_user?1:0) + (delete_user?1:0) + (list_users?1:0) + (import?1:0) + (setparms?1:0)) > 1) { fprintf (stderr, "Incompatible options on command line!\n"); usage(); exit(1); } - if (add_user) - { - if (!user_name) - { + if (add_user) { + if (!user_name) { fprintf (stderr, "Username not specified! (use -u option)\n"); return -1; } - if (machine) return new_machine (user_name); - else return new_user (user_name, full_name, home_dir, home_drive, logon_script, profile_path); + if (machine) + return new_machine (user_name); + else + return new_user (user_name, full_name, home_dir, home_drive, logon_script, profile_path); } - if (delete_user) - { - if (!user_name) - { + if (delete_user) { + if (!user_name) { fprintf (stderr, "Username not specified! (use -u option)\n"); return -1; } - if (machine) return delete_machine_entry (user_name); - else return delete_user_entry (user_name); + if (machine) + return delete_machine_entry (user_name); + else + return delete_user_entry (user_name); } - if (user_name) - { - if (setparms) set_user_info ( user_name, - full_name, + if (user_name) { + if (setparms) + set_user_info ( user_name, full_name, home_dir, home_drive, logon_script, profile_path); - - else return print_user_info (user_name, verbose, spstyle); + else + return print_user_info (user_name, verbose, spstyle); return 0; } -- cgit From 75c50613316140314c89546c45d967bb0201c375 Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Thu, 27 Sep 2001 21:27:12 +0000 Subject: Removed smbpasswd_XX call (how did this get re-added, I removed all these yesterday ?). Jeremy. (This used to be commit e25dc68843ed10d8454cb8166c39ff4b2e6a4159) --- source3/utils/pdbedit.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'source3/utils/pdbedit.c') diff --git a/source3/utils/pdbedit.c b/source3/utils/pdbedit.c index 41d66777fd..d0629fa258 100644 --- a/source3/utils/pdbedit.c +++ b/source3/utils/pdbedit.c @@ -466,7 +466,7 @@ static int import_users (char *filename) pdb_set_lanman_passwd(sam_pwent, NULL); pdb_set_acct_ctrl(sam_pwent, pdb_get_acct_ctrl(sam_pwent) | ACB_PWNOTREQ); } else { - if (!smbpasswd_gethexpwd((char *)p, smbpwd)) { + if (!pdb_gethexpwd((char *)p, smbpwd)) { fprintf (stderr, "Error: malformed Lanman password entry at line %d (non hex chars)\n", line); pdb_reset_sam (sam_pwent); continue; -- cgit From 81697d5ebe33ad95dedfc376118fcdf0367cf052 Mon Sep 17 00:00:00 2001 From: Andrew Bartlett Date: Sat, 29 Sep 2001 13:08:26 +0000 Subject: Fix up a number of intertwined issues: The big one is a global change to allow us to NULLify the free'ed pointer to a former passdb object. This was done to allow idra's SAFE_FREE() macro to do its magic, and to satisfy the input test in pdb_init_sam() for a NULL pointer to start with. This NULL pointer test was what was breaking the adding of accounts up until now, and this code has been reworked to avoid duplicating work - I hope this will avoid a similar mess-up in future. Finally, I fixed a few nasty bugs where the pdb_ fuctions's return codes were being ignored. Some of these functions malloc() and are permitted to fail. Also, this caught a nasty bug where pdb_set_lanman_password(sam, NULL) acheived precisely didilly-squat, just returning False. Now that we check the returns this bug was spotted. This could allow different LM and NT passwords. - the pdbedit code needs to start checking these too, but I havn't had a chance to fix it. I have also fixed up where some of the password changing code was using the pdb_set functions to store *internal* data. I assume this is from a previous lot of mass conversion work... Most likally (and going on past experience) I have missed somthing, probably in the LanMan password change code which I havn't yet been able to test, but this lot is in much better shape than it was before. If all this is too much to swallow (particularly for 2.2.2) then just adding a sam_pass = NULL to the particular line of passdb.c should do the trick for the ovbious bug. Andrew Bartlett (This used to be commit 762c8758a7869809d89b4da9c2a5249678942930) --- source3/utils/pdbedit.c | 36 ++++++++++++++++++------------------ 1 file changed, 18 insertions(+), 18 deletions(-) (limited to 'source3/utils/pdbedit.c') diff --git a/source3/utils/pdbedit.c b/source3/utils/pdbedit.c index d0629fa258..ce5195a810 100644 --- a/source3/utils/pdbedit.c +++ b/source3/utils/pdbedit.c @@ -128,12 +128,12 @@ static int print_user_info (char *username, BOOL verbosity, BOOL smbpwdstyle) if (ret==False) { fprintf (stderr, "Username not found!\n"); - pdb_free_sam(sam_pwent); + pdb_free_sam(&sam_pwent); return -1; } ret=print_sam_info (sam_pwent, verbosity, smbpwdstyle); - pdb_free_sam(sam_pwent); + pdb_free_sam(&sam_pwent); return ret; } @@ -151,7 +151,7 @@ static int print_users_list (BOOL verbosity, BOOL smbpwdstyle) ret = pdb_setsampwent(False); if (ret && errno == ENOENT) { fprintf (stderr,"Password database not found!\n"); - pdb_free_sam(sam_pwent); + pdb_free_sam(&sam_pwent); exit(1); } @@ -163,7 +163,7 @@ static int print_users_list (BOOL verbosity, BOOL smbpwdstyle) } pdb_endsampwent (); - pdb_free_sam(sam_pwent); + pdb_free_sam(&sam_pwent); return 0; } @@ -181,7 +181,7 @@ static int set_user_info (char *username, char *fullname, char *homedir, char *d ret = pdb_getsampwnam (sam_pwent, username); if (ret==False) { fprintf (stderr, "Username not found!\n"); - pdb_free_sam(sam_pwent); + pdb_free_sam(&sam_pwent); return -1; } @@ -200,10 +200,10 @@ static int set_user_info (char *username, char *fullname, char *homedir, char *d print_user_info (username, True, False); else { fprintf (stderr, "Unable to modify entry!\n"); - pdb_free_sam(sam_pwent); + pdb_free_sam(&sam_pwent); return -1; } - pdb_free_sam(sam_pwent); + pdb_free_sam(&sam_pwent); return 0; } @@ -222,7 +222,7 @@ static int new_user (char *username, char *fullname, char *homedir, char *drive, if (!(pwd = sys_getpwnam(username))) { fprintf (stderr, "User %s does not exist in system passwd!\n", username); - pdb_free_sam (sam_pwent); + pdb_free_sam (&sam_pwent); return -1; } @@ -230,7 +230,7 @@ static int new_user (char *username, char *fullname, char *homedir, char *drive, password2 = getpass("retype new password:"); if (strcmp (password1, password2)) { fprintf (stderr, "Passwords does not match!\n"); - pdb_free_sam (sam_pwent); + pdb_free_sam (&sam_pwent); return -1; } @@ -260,10 +260,10 @@ static int new_user (char *username, char *fullname, char *homedir, char *drive, print_user_info (username, True, False); } else { fprintf (stderr, "Unable to add user! (does it alredy exist?)\n"); - pdb_free_sam (sam_pwent); + pdb_free_sam (&sam_pwent); return -1; } - pdb_free_sam (sam_pwent); + pdb_free_sam (&sam_pwent); return 0; } @@ -297,7 +297,7 @@ static int new_machine (char *machinename) for (uid=BASE_MACHINE_UID; uid<=MAX_MACHINE_UID; uid++) { pdb_init_sam (&sam_trust); if (pdb_getsampwuid (sam_trust, uid)) { - pdb_free_sam (sam_trust); + pdb_free_sam (&sam_trust); } else { break; } @@ -305,7 +305,7 @@ static int new_machine (char *machinename) if (uid>MAX_MACHINE_UID) { fprintf (stderr, "No more free UIDs available to Machine accounts!\n"); - pdb_free_sam(sam_pwent); + pdb_free_sam(&sam_pwent); return -1; } @@ -319,10 +319,10 @@ static int new_machine (char *machinename) print_user_info (name, True, False); } else { fprintf (stderr, "Unable to add machine! (does it already exist?)\n"); - pdb_free_sam (sam_pwent); + pdb_free_sam (&sam_pwent); return -1; } - pdb_free_sam (sam_pwent); + pdb_free_sam (&sam_pwent); return 0; } @@ -383,7 +383,7 @@ static int import_users (char *filename) fgets(linebuf, 256, fp); if (ferror(fp)) { fprintf (stderr, "%s\n", strerror (ferror (fp))); - pdb_free_sam(sam_pwent); + pdb_free_sam(&sam_pwent); return -1; } if ((linebuf_len = strlen(linebuf)) == 0) { @@ -401,7 +401,7 @@ static int import_users (char *filename) linebuf[linebuf_len] = '\0'; if ((linebuf[0] == 0) && feof(fp)) { /*end of file!!*/ - pdb_free_sam(sam_pwent); + pdb_free_sam(&sam_pwent); return 0; } line++; @@ -558,7 +558,7 @@ static int import_users (char *filename) pdb_reset_sam (sam_pwent); } printf ("%d lines read.\n%d entryes imported\n", line, good); - pdb_free_sam(sam_pwent); + pdb_free_sam(&sam_pwent); return 0; } -- cgit From 2e3be37878f065b8012e4bb16bede14790f240f0 Mon Sep 17 00:00:00 2001 From: Andrew Bartlett Date: Sun, 30 Sep 2001 14:51:38 +0000 Subject: Don't try to write the LM password in the NT password feild. (This used to be commit 90dcbe16be065e2113fba1d3cee28f40be1bb86c) --- source3/utils/pdbedit.c | 1 - 1 file changed, 1 deletion(-) (limited to 'source3/utils/pdbedit.c') diff --git a/source3/utils/pdbedit.c b/source3/utils/pdbedit.c index ce5195a810..64a152aaa1 100644 --- a/source3/utils/pdbedit.c +++ b/source3/utils/pdbedit.c @@ -474,7 +474,6 @@ static int import_users (char *filename) pdb_set_lanman_passwd(sam_pwent, smbpwd); } /* NT password */ - pdb_set_nt_passwd(sam_pwent, smbpwd); p += 33; if ((linebuf_len >= (PTR_DIFF(p, linebuf) + 33)) && (p[32] == ':')) { if (*p != '*' && *p != 'X') { -- cgit From dc1fc3ee8ec2199bc73bb5d7ec711c6800f61d65 Mon Sep 17 00:00:00 2001 From: Tim Potter Date: Tue, 2 Oct 2001 04:29:50 +0000 Subject: Removed 'extern int DEBUGLEVEL' as it is now in the smb.h header. (This used to be commit 2d0922b0eabfdc0aaf1d0797482fef47ed7fde8e) --- source3/utils/pdbedit.c | 1 - 1 file changed, 1 deletion(-) (limited to 'source3/utils/pdbedit.c') diff --git a/source3/utils/pdbedit.c b/source3/utils/pdbedit.c index 64a152aaa1..6e7458fb4e 100644 --- a/source3/utils/pdbedit.c +++ b/source3/utils/pdbedit.c @@ -32,7 +32,6 @@ #include "includes.h" extern pstring global_myname; -extern int DEBUGLEVEL; /* * Next two lines needed for SunOS and don't -- cgit From 192a8f9a3ec337bc9e97ab395e88ba9e1804e60b Mon Sep 17 00:00:00 2001 From: Simo Sorce Date: Mon, 29 Oct 2001 13:31:01 +0000 Subject: clear errno before a call, tdbsam will not update it. just a hack to make things work. (This used to be commit fd1bc3557a7ba57a983a29d36ce0461085fb6682) --- source3/utils/pdbedit.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'source3/utils/pdbedit.c') diff --git a/source3/utils/pdbedit.c b/source3/utils/pdbedit.c index 6e7458fb4e..3c417eebc3 100644 --- a/source3/utils/pdbedit.c +++ b/source3/utils/pdbedit.c @@ -146,7 +146,7 @@ static int print_users_list (BOOL verbosity, BOOL smbpwdstyle) BOOL ret; pdb_init_sam(&sam_pwent); - + errno = 0; /* testing --simo */ ret = pdb_setsampwent(False); if (ret && errno == ENOENT) { fprintf (stderr,"Password database not found!\n"); -- cgit From f8e2baf39eb864481dd48f61404136b325cd73c2 Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Sat, 3 Nov 2001 23:34:24 +0000 Subject: Added NT_USER_TOKEN into server_info to fix extra groups problem. Got "medieval on our ass" about const warnings (as many as I could :-). Jeremy. (This used to be commit ee5e7ca547eff016818ba5c43b8ea0c9fa69b808) --- source3/utils/pdbedit.c | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) (limited to 'source3/utils/pdbedit.c') diff --git a/source3/utils/pdbedit.c b/source3/utils/pdbedit.c index 3c417eebc3..443aa674eb 100644 --- a/source3/utils/pdbedit.c +++ b/source3/utils/pdbedit.c @@ -79,10 +79,10 @@ static int print_sam_info (SAM_ACCOUNT *sam_pwent, BOOL verbosity, BOOL smbpwdst if (verbosity) { printf ("username: %s\n", sam_pwent->username); - printf ("user ID/Group: %d/%d\n", sam_pwent->uid, - sam_pwent->gid); - printf ("user RID/GRID: %d/%d\n", sam_pwent->user_rid, - sam_pwent->group_rid); + printf ("user ID/Group: %u/%u\n", (unsigned int)sam_pwent->uid, + (unsigned int)sam_pwent->gid); + printf ("user RID/GRID: %u/%u\n", (unsigned int)sam_pwent->user_rid, + (unsigned int)sam_pwent->group_rid); printf ("Full Name: %s\n", sam_pwent->full_name); printf ("Home Directory: %s\n", sam_pwent->home_dir); printf ("HomeDir Drive: %s\n", sam_pwent->dir_drive); -- cgit From 8ae815e31eb1034344448325a72721062f35046d Mon Sep 17 00:00:00 2001 From: Andrew Bartlett Date: Sun, 4 Nov 2001 01:09:04 +0000 Subject: Fix up pdbedit so that it at least compiles without warnings. - Basic functionality intact - Now adds machine accounts without a uid. (using the machine uid range to avoid conflict with real uid based accounts) (This used to be commit 09d2e05d26f71b10ccabe4c6fa168a4923697bae) --- source3/utils/pdbedit.c | 153 +++++++++++++++++++----------------------------- 1 file changed, 61 insertions(+), 92 deletions(-) (limited to 'source3/utils/pdbedit.c') diff --git a/source3/utils/pdbedit.c b/source3/utils/pdbedit.c index 443aa674eb..90067a733b 100644 --- a/source3/utils/pdbedit.c +++ b/source3/utils/pdbedit.c @@ -74,41 +74,54 @@ static void usage(void) static int print_sam_info (SAM_ACCOUNT *sam_pwent, BOOL verbosity, BOOL smbpwdstyle) { + uid_t *puid; + gid_t *pgid; + /* TODO: chaeck if entry is a user or a workstation */ if (!sam_pwent) return -1; if (verbosity) { - printf ("username: %s\n", sam_pwent->username); - printf ("user ID/Group: %u/%u\n", (unsigned int)sam_pwent->uid, - (unsigned int)sam_pwent->gid); + printf ("username: %s\n", pdb_get_username(sam_pwent)); + if ((puid = pdb_get_uid(sam_pwent)) && (pgid = pdb_get_gid(sam_pwent))) { + printf ("user ID/Group: %d/%d\n", (unsigned int)*puid, + (unsigned int)*pgid); + } printf ("user RID/GRID: %u/%u\n", (unsigned int)sam_pwent->user_rid, - (unsigned int)sam_pwent->group_rid); - printf ("Full Name: %s\n", sam_pwent->full_name); - printf ("Home Directory: %s\n", sam_pwent->home_dir); - printf ("HomeDir Drive: %s\n", sam_pwent->dir_drive); - printf ("Logon Script: %s\n", sam_pwent->logon_script); - printf ("Profile Path: %s\n", sam_pwent->profile_path); + (unsigned int)sam_pwent->group_rid); + printf ("Full Name: %s\n", pdb_get_fullname(sam_pwent)); + printf ("Home Directory: %s\n", pdb_get_homedir(sam_pwent)); + printf ("HomeDir Drive: %s\n", pdb_get_dirdrive(sam_pwent)); + printf ("Logon Script: %s\n", pdb_get_logon_script(sam_pwent)); + printf ("Profile Path: %s\n", pdb_get_profile_path(sam_pwent)); } else if (smbpwdstyle) { - char lm_passwd[33]; - char nt_passwd[33]; - pdb_sethexpwd(lm_passwd, - pdb_get_lanman_passwd(sam_pwent), - pdb_get_acct_ctrl(sam_pwent)); - pdb_sethexpwd(nt_passwd, - pdb_get_nt_passwd(sam_pwent), - pdb_get_acct_ctrl(sam_pwent)); - - printf("%s:%d:%s:%s:%s:LCT-%08X:\n", - pdb_get_username(sam_pwent), - pdb_get_uid(sam_pwent), - lm_passwd, - nt_passwd, - pdb_encode_acct_ctrl(pdb_get_acct_ctrl(sam_pwent),NEW_PW_FORMAT_SPACE_PADDED_LEN), - (uint32)pdb_get_pass_last_set_time(sam_pwent)); + if ((puid = pdb_get_uid(sam_pwent))) { + char lm_passwd[33]; + char nt_passwd[33]; + pdb_sethexpwd(lm_passwd, + pdb_get_lanman_passwd(sam_pwent), + pdb_get_acct_ctrl(sam_pwent)); + pdb_sethexpwd(nt_passwd, + pdb_get_nt_passwd(sam_pwent), + pdb_get_acct_ctrl(sam_pwent)); + + printf("%s:%d:%s:%s:%s:LCT-%08X:\n", + pdb_get_username(sam_pwent), + (unsigned int)*puid, + lm_passwd, + nt_passwd, + pdb_encode_acct_ctrl(pdb_get_acct_ctrl(sam_pwent),NEW_PW_FORMAT_SPACE_PADDED_LEN), + (uint32)pdb_get_pass_last_set_time(sam_pwent)); + } else { + fprintf(stderr, "Can't output in smbpasswd format, no uid on this record.\n"); + } } else { - printf ("%s:%d:%s\n", sam_pwent->username, sam_pwent->uid, sam_pwent->full_name); - } - + if ((puid = pdb_get_uid(sam_pwent))) { + printf ("%s:%d:%s\n", pdb_get_username(sam_pwent), *puid, pdb_get_fullname(sam_pwent)); + } else { + printf ("%s:(null):%s\n", pdb_get_username(sam_pwent), pdb_get_fullname(sam_pwent)); + } + } + return 0; } @@ -217,14 +230,13 @@ static int new_user (char *username, char *fullname, char *homedir, char *drive, ZERO_STRUCT(sam_pwent); - pdb_init_sam (&sam_pwent); - if (!(pwd = sys_getpwnam(username))) { fprintf (stderr, "User %s does not exist in system passwd!\n", username); - pdb_free_sam (&sam_pwent); return -1; } + pdb_init_sam_pw (&sam_pwent, pwd); + password1 = getpass("new password:"); password2 = getpass("retype new password:"); if (strcmp (password1, password2)) { @@ -247,12 +259,6 @@ static int new_user (char *username, char *fullname, char *homedir, char *drive, if (profile) pdb_set_profile_path (sam_pwent, profile); - /* TODO: Check uid not being in MACHINE UID range!! */ - pdb_set_uid (sam_pwent, pwd->pw_uid); - pdb_set_gid (sam_pwent, pwd->pw_gid); - pdb_set_user_rid (sam_pwent, pdb_uid_to_user_rid (pwd->pw_uid)); - pdb_set_group_rid (sam_pwent, pdb_gid_to_group_rid (pwd->pw_gid)); - pdb_set_acct_ctrl (sam_pwent, ACB_NORMAL); if (pdb_add_sam_account (sam_pwent)) { @@ -295,7 +301,7 @@ static int new_machine (char *machinename) for (uid=BASE_MACHINE_UID; uid<=MAX_MACHINE_UID; uid++) { pdb_init_sam (&sam_trust); - if (pdb_getsampwuid (sam_trust, uid)) { + if (pdb_getsampwrid (sam_trust, pdb_uid_to_user_rid (uid))) { pdb_free_sam (&sam_trust); } else { break; @@ -308,8 +314,6 @@ static int new_machine (char *machinename) return -1; } - pdb_set_uid (sam_pwent, uid); - pdb_set_gid (sam_pwent, BASE_MACHINE_UID); /* TODO: set there more appropriate value!! */ pdb_set_user_rid (sam_pwent,pdb_uid_to_user_rid (uid)); pdb_set_group_rid (sam_pwent, pdb_gid_to_group_rid (BASE_MACHINE_UID)); pdb_set_acct_ctrl (sam_pwent, ACB_WSTRUST); @@ -366,10 +370,7 @@ static int import_users (char *filename) long uidval; int line = 0; int good = 0; - - if (!pdb_init_sam (&sam_pwent)) { - fprintf (stderr, "pdb_init_sam FAILED!\n"); - } + struct passwd *pwd; if((fp = sys_fopen(filename, "rb")) == NULL) { fprintf (stderr, "%s\n", strerror (ferror (fp))); @@ -382,7 +383,6 @@ static int import_users (char *filename) fgets(linebuf, 256, fp); if (ferror(fp)) { fprintf (stderr, "%s\n", strerror (ferror (fp))); - pdb_free_sam(&sam_pwent); return -1; } if ((linebuf_len = strlen(linebuf)) == 0) { @@ -400,20 +400,16 @@ static int import_users (char *filename) linebuf[linebuf_len] = '\0'; if ((linebuf[0] == 0) && feof(fp)) { /*end of file!!*/ - pdb_free_sam(&sam_pwent); return 0; } line++; if (linebuf[0] == '#' || linebuf[0] == '\0') continue; - pdb_set_acct_ctrl (sam_pwent,ACB_NORMAL); - /* Get user name */ p = (unsigned char *) strchr_m(linebuf, ':'); if (p == NULL) { fprintf (stderr, "Error: malformed password entry at line %d !!\n", line); - pdb_reset_sam (sam_pwent); continue; } strncpy(user_name, linebuf, PTR_DIFF(p, linebuf)); @@ -423,25 +419,30 @@ static int import_users (char *filename) p++; if(*p == '-') { fprintf (stderr, "Error: negative uid at line %d\n", line); - pdb_reset_sam (sam_pwent); continue; } if (!isdigit(*p)) { fprintf (stderr, "Error: malformed password entry at line %d (uid not number)\n", line); - pdb_reset_sam (sam_pwent); continue; } uidval = atoi((char *) p); while (*p && isdigit(*p)) p++; if (*p != ':') { fprintf (stderr, "Error: malformed password entry at line %d (no : after uid)\n", line); - pdb_reset_sam (sam_pwent); continue; } + if(!(pwd = sys_getpwnam(user_name))) { + fprintf(stderr, "User %s does not \ +exist in system password file (usually /etc/passwd). Cannot add \ +account without a valid local system user.\n", user_name); + return False; + } + + if (!pdb_init_sam_pw(&sam_pwent, pwd)) { + fprintf(stderr, "Failed initialise SAM_ACCOUNT for user %s.\n", user_name); + return False; + } - pdb_set_username(sam_pwent, user_name); - pdb_set_uid (sam_pwent, uidval); - /* Get passwords */ p++; if (*p == '*' || *p == 'X') { @@ -453,12 +454,12 @@ static int import_users (char *filename) } else { if (linebuf_len < (PTR_DIFF(p, linebuf) + 33)) { fprintf (stderr, "Error: malformed password entry at line %d (password too short)\n",line); - pdb_reset_sam (sam_pwent); + pdb_free_sam (&sam_pwent); continue; } if (p[32] != ':') { fprintf (stderr, "Error: malformed password entry at line %d (no terminating :)\n",line); - pdb_reset_sam (sam_pwent); + pdb_free_sam (&sam_pwent); continue; } if (!strncasecmp((char *) p, "NO PASSWORD", 11)) { @@ -467,7 +468,7 @@ static int import_users (char *filename) } else { if (!pdb_gethexpwd((char *)p, smbpwd)) { fprintf (stderr, "Error: malformed Lanman password entry at line %d (non hex chars)\n", line); - pdb_reset_sam (sam_pwent); + pdb_free_sam (&sam_pwent); continue; } pdb_set_lanman_passwd(sam_pwent, smbpwd); @@ -514,49 +515,17 @@ static int import_users (char *filename) } } - /* Old-style workstation account code droped. */ - - if (pdb_get_acct_ctrl(sam_pwent) & ACB_WSTRUST) { - if ((uidval < BASE_MACHINE_UID) || (uidval > MAX_MACHINE_UID)) { - fprintf (stderr, "Warning: Machine UID out of normal range %d-%d\n", - BASE_MACHINE_UID, - MAX_MACHINE_UID); - } - pdb_set_uid(sam_pwent, BASE_MACHINE_UID); - } - - /* Test if user is valid */ - if (pdb_get_acct_ctrl(sam_pwent) & ACB_NORMAL) { - struct passwd *pwd = NULL; - - if (!(pwd = sys_getpwnam(user_name))) { - fprintf (stderr, "Error: User %s does not exist in system passwd!\n", user_name); - continue; - } - pdb_set_gid(sam_pwent, pwd->pw_gid); - } - - /* Fill in sam_pwent structure */ - pdb_set_user_rid(sam_pwent, pdb_uid_to_user_rid (pdb_get_uid(sam_pwent))); - pdb_set_group_rid(sam_pwent, pdb_gid_to_group_rid (pdb_get_gid(sam_pwent))); - - /* TODO: set also full_name, home_dir, dir_drive, logon_script, profile_path, ecc... - * when defaults will be available (after passdb redesign) - * let them blank just now they are not used anyway - */ - /* Now ADD the entry */ if (!(pdb_add_sam_account (sam_pwent))) { fprintf (stderr, "Unable to add user entry!\n"); - pdb_reset_sam (sam_pwent); + pdb_free_sam (&sam_pwent); continue; } printf ("%s imported!\n", user_name); good++; - pdb_reset_sam (sam_pwent); + pdb_free_sam (&sam_pwent); } printf ("%d lines read.\n%d entryes imported\n", line, good); - pdb_free_sam(&sam_pwent); return 0; } -- cgit From f741f656737f4ec46cd318e986b6bf412ed309d2 Mon Sep 17 00:00:00 2001 From: Martin Pool Date: Mon, 19 Nov 2001 02:49:53 +0000 Subject: Store some path names in global variables initialized to configure default, rather than in preprocessor macros. (This used to be commit 79ec88f0da40faebe1e587f1b3e87b5f2b184f58) --- source3/utils/pdbedit.c | 5 ++--- 1 file changed, 2 insertions(+), 3 deletions(-) (limited to 'source3/utils/pdbedit.c') diff --git a/source3/utils/pdbedit.c b/source3/utils/pdbedit.c index 90067a733b..749e33958b 100644 --- a/source3/utils/pdbedit.c +++ b/source3/utils/pdbedit.c @@ -536,7 +536,6 @@ account without a valid local system user.\n", user_name); int main (int argc, char **argv) { int ch; - static pstring servicesf = CONFIGFILE; BOOL list_users = False; BOOL verbose = False; BOOL spstyle = False; @@ -567,9 +566,9 @@ int main (int argc, char **argv) exit(1); } - if (!lp_load(servicesf,True,False,False)) { + if (!lp_load(dyn_CONFIGFILE,True,False,False)) { fprintf(stderr, "Can't load %s - run testparm to debug it\n", - servicesf); + dyn_CONFIGFILE); exit(1); } -- cgit From 79b34d1b11e685d068b9c0ac9a0ec06eaa263d82 Mon Sep 17 00:00:00 2001 From: Tim Potter Date: Fri, 23 Nov 2001 00:52:29 +0000 Subject: Removed TimeInit() call from every client program (except for one place in smbd/process.c where the timezone is reinitialised. Was replaced with check for a static is_initialised boolean. (This used to be commit 8fc772c9e5770cd3a8857670214dcff033ebae32) --- source3/utils/pdbedit.c | 2 -- 1 file changed, 2 deletions(-) (limited to 'source3/utils/pdbedit.c') diff --git a/source3/utils/pdbedit.c b/source3/utils/pdbedit.c index 749e33958b..782848d626 100644 --- a/source3/utils/pdbedit.c +++ b/source3/utils/pdbedit.c @@ -552,8 +552,6 @@ int main (int argc, char **argv) char *profile_path = NULL; char *smbpasswd = NULL; - TimeInit(); - setup_logging("tdbedit", True); if (argc < 2) { -- cgit From 2e686c98d1c5f52f285b9595cb6d7790e2de5d66 Mon Sep 17 00:00:00 2001 From: Volker Lendecke Date: Sun, 25 Nov 2001 18:54:04 +0000 Subject: Minor typos (This used to be commit 1c9d951f86609b08e5660b0fc966c5e5058a3ce2) --- source3/utils/pdbedit.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'source3/utils/pdbedit.c') diff --git a/source3/utils/pdbedit.c b/source3/utils/pdbedit.c index 782848d626..73423e0bee 100644 --- a/source3/utils/pdbedit.c +++ b/source3/utils/pdbedit.c @@ -46,7 +46,7 @@ extern int optind; static void usage(void) { if (getuid() == 0) { - printf("tdbedit options\n"); + printf("pdbedit options\n"); } else { printf("You need to be root to use this tool!\n"); } @@ -552,7 +552,7 @@ int main (int argc, char **argv) char *profile_path = NULL; char *smbpasswd = NULL; - setup_logging("tdbedit", True); + setup_logging("pdbedit", True); if (argc < 2) { usage(); -- cgit From 04aff47c716a51a1039b44a81d6ff19eeaa09017 Mon Sep 17 00:00:00 2001 From: Gerald Carter Date: Thu, 27 Dec 2001 06:38:04 +0000 Subject: moving SAM_ACCOUNT to include a bit field for initialized members (such as uid and gid). This way we will be able to keep ourselves from writing out default smb.conf settings when the admin doesn't want to, That part is not done yet. Tested compiles with ldap/tdb/smbpasswd. Tested connection with smbpasswd backend. oh...and smbpasswd doesn'y automatically expire accounts after 21 days from the last password change either now. Just ifdef'd out that code in build_sam_account(). Will merge updates into 2.2 as they are necessary. jerry (This used to be commit f0d43791157d8f04a13a07d029f203ad4384d317) --- source3/utils/pdbedit.c | 18 +++++++++--------- 1 file changed, 9 insertions(+), 9 deletions(-) (limited to 'source3/utils/pdbedit.c') diff --git a/source3/utils/pdbedit.c b/source3/utils/pdbedit.c index 73423e0bee..ce241934a1 100644 --- a/source3/utils/pdbedit.c +++ b/source3/utils/pdbedit.c @@ -74,17 +74,17 @@ static void usage(void) static int print_sam_info (SAM_ACCOUNT *sam_pwent, BOOL verbosity, BOOL smbpwdstyle) { - uid_t *puid; - gid_t *pgid; + uid_t uid; + gid_t gid; /* TODO: chaeck if entry is a user or a workstation */ if (!sam_pwent) return -1; if (verbosity) { printf ("username: %s\n", pdb_get_username(sam_pwent)); - if ((puid = pdb_get_uid(sam_pwent)) && (pgid = pdb_get_gid(sam_pwent))) { - printf ("user ID/Group: %d/%d\n", (unsigned int)*puid, - (unsigned int)*pgid); + if ((uid = pdb_get_uid(sam_pwent)) && (gid = pdb_get_gid(sam_pwent))) { + printf ("user ID/Group: %d/%d\n", (unsigned int)uid, + (unsigned int)gid); } printf ("user RID/GRID: %u/%u\n", (unsigned int)sam_pwent->user_rid, (unsigned int)sam_pwent->group_rid); @@ -94,7 +94,7 @@ static int print_sam_info (SAM_ACCOUNT *sam_pwent, BOOL verbosity, BOOL smbpwdst printf ("Logon Script: %s\n", pdb_get_logon_script(sam_pwent)); printf ("Profile Path: %s\n", pdb_get_profile_path(sam_pwent)); } else if (smbpwdstyle) { - if ((puid = pdb_get_uid(sam_pwent))) { + if ((uid = pdb_get_uid(sam_pwent))) { char lm_passwd[33]; char nt_passwd[33]; pdb_sethexpwd(lm_passwd, @@ -106,7 +106,7 @@ static int print_sam_info (SAM_ACCOUNT *sam_pwent, BOOL verbosity, BOOL smbpwdst printf("%s:%d:%s:%s:%s:LCT-%08X:\n", pdb_get_username(sam_pwent), - (unsigned int)*puid, + (unsigned int)uid, lm_passwd, nt_passwd, pdb_encode_acct_ctrl(pdb_get_acct_ctrl(sam_pwent),NEW_PW_FORMAT_SPACE_PADDED_LEN), @@ -115,8 +115,8 @@ static int print_sam_info (SAM_ACCOUNT *sam_pwent, BOOL verbosity, BOOL smbpwdst fprintf(stderr, "Can't output in smbpasswd format, no uid on this record.\n"); } } else { - if ((puid = pdb_get_uid(sam_pwent))) { - printf ("%s:%d:%s\n", pdb_get_username(sam_pwent), *puid, pdb_get_fullname(sam_pwent)); + if ((uid = pdb_get_uid(sam_pwent))) { + printf ("%s:%d:%s\n", pdb_get_username(sam_pwent), uid, pdb_get_fullname(sam_pwent)); } else { printf ("%s:(null):%s\n", pdb_get_username(sam_pwent), pdb_get_fullname(sam_pwent)); } -- cgit From 7fdb821ef32459b6cdcdf6f7656d14804d4c94ed Mon Sep 17 00:00:00 2001 From: Gerald Carter Date: Mon, 31 Dec 2001 00:06:51 +0000 Subject: some merges from 2.2. Still need to merge in changes from pdb_tdb.c but it will take more time as I don't want to loose any fixes that are only in HEAD. (This used to be commit efcde5d9d8ce44c0613764504d797be54ba21473) --- source3/utils/pdbedit.c | 273 +++++++++++++++++++++++++++++++++++------------- 1 file changed, 199 insertions(+), 74 deletions(-) (limited to 'source3/utils/pdbedit.c') diff --git a/source3/utils/pdbedit.c b/source3/utils/pdbedit.c index ce241934a1..94eb87b6e0 100644 --- a/source3/utils/pdbedit.c +++ b/source3/utils/pdbedit.c @@ -42,7 +42,7 @@ extern int optind; /********************************************************* Print command usage on stderr and die. -**********************************************************/ + **********************************************************/ static void usage(void) { if (getuid() == 0) { @@ -74,27 +74,21 @@ static void usage(void) static int print_sam_info (SAM_ACCOUNT *sam_pwent, BOOL verbosity, BOOL smbpwdstyle) { - uid_t uid; - gid_t gid; - /* TODO: chaeck if entry is a user or a workstation */ if (!sam_pwent) return -1; if (verbosity) { - printf ("username: %s\n", pdb_get_username(sam_pwent)); - if ((uid = pdb_get_uid(sam_pwent)) && (gid = pdb_get_gid(sam_pwent))) { - printf ("user ID/Group: %d/%d\n", (unsigned int)uid, - (unsigned int)gid); - } - printf ("user RID/GRID: %u/%u\n", (unsigned int)sam_pwent->user_rid, - (unsigned int)sam_pwent->group_rid); - printf ("Full Name: %s\n", pdb_get_fullname(sam_pwent)); - printf ("Home Directory: %s\n", pdb_get_homedir(sam_pwent)); - printf ("HomeDir Drive: %s\n", pdb_get_dirdrive(sam_pwent)); - printf ("Logon Script: %s\n", pdb_get_logon_script(sam_pwent)); - printf ("Profile Path: %s\n", pdb_get_profile_path(sam_pwent)); + printf ("username: %s\n", sam_pwent->username); + printf ("user ID/Group: %d/%d\n", sam_pwent->uid, + sam_pwent->gid); + printf ("user RID/GRID: %d/%d\n", sam_pwent->user_rid, + sam_pwent->group_rid); + printf ("Full Name: %s\n", sam_pwent->full_name); + printf ("Home Directory: %s\n", sam_pwent->home_dir); + printf ("HomeDir Drive: %s\n", sam_pwent->dir_drive); + printf ("Logon Script: %s\n", sam_pwent->logon_script); + printf ("Profile Path: %s\n", sam_pwent->profile_path); } else if (smbpwdstyle) { - if ((uid = pdb_get_uid(sam_pwent))) { char lm_passwd[33]; char nt_passwd[33]; pdb_sethexpwd(lm_passwd, @@ -106,20 +100,13 @@ static int print_sam_info (SAM_ACCOUNT *sam_pwent, BOOL verbosity, BOOL smbpwdst printf("%s:%d:%s:%s:%s:LCT-%08X:\n", pdb_get_username(sam_pwent), - (unsigned int)uid, + pdb_get_uid(sam_pwent), lm_passwd, nt_passwd, pdb_encode_acct_ctrl(pdb_get_acct_ctrl(sam_pwent),NEW_PW_FORMAT_SPACE_PADDED_LEN), (uint32)pdb_get_pass_last_set_time(sam_pwent)); } else { - fprintf(stderr, "Can't output in smbpasswd format, no uid on this record.\n"); - } - } else { - if ((uid = pdb_get_uid(sam_pwent))) { - printf ("%s:%d:%s\n", pdb_get_username(sam_pwent), uid, pdb_get_fullname(sam_pwent)); - } else { - printf ("%s:(null):%s\n", pdb_get_username(sam_pwent), pdb_get_fullname(sam_pwent)); - } + printf ("%s:%d:%s\n", sam_pwent->username, sam_pwent->uid, sam_pwent->full_name); } return 0; @@ -159,7 +146,7 @@ static int print_users_list (BOOL verbosity, BOOL smbpwdstyle) BOOL ret; pdb_init_sam(&sam_pwent); - errno = 0; /* testing --simo */ + ret = pdb_setsampwent(False); if (ret && errno == ENOENT) { fprintf (stderr,"Password database not found!\n"); @@ -200,13 +187,13 @@ static int set_user_info (char *username, char *fullname, char *homedir, char *d if (fullname) pdb_set_fullname(sam_pwent, fullname); if (homedir) - pdb_set_homedir(sam_pwent, homedir); + pdb_set_homedir(sam_pwent, homedir, True); if (drive) - pdb_set_dir_drive(sam_pwent,drive); + pdb_set_dir_drive(sam_pwent, drive, True); if (script) - pdb_set_logon_script(sam_pwent, script); + pdb_set_logon_script(sam_pwent, script, True); if (profile) - pdb_set_profile_path (sam_pwent, profile); + pdb_set_profile_path (sam_pwent, profile, True); if (pdb_update_sam_account (sam_pwent, True)) print_user_info (username, True, False); @@ -219,6 +206,91 @@ static int set_user_info (char *username, char *fullname, char *homedir, char *d return 0; } +/********************************************************* + A strdup with exit +**********************************************************/ + +static char *strdup_x(const char *s) +{ + char *new_s = strdup(s); + if (!new_s) { + fprintf(stderr,"out of memory\n"); + exit(1); + } + return new_s; +} + +/************************************************************* + Utility function to prompt for passwords from stdin. Each + password entered must end with a newline. +*************************************************************/ +static char *stdin_new_passwd(void) +{ + static fstring new_passwd; + size_t len; + + ZERO_ARRAY(new_passwd); + + /* + * if no error is reported from fgets() and string at least contains + * the newline that ends the password, then replace the newline with + * a null terminator. + */ + if ( fgets(new_passwd, sizeof(new_passwd), stdin) != NULL) { + if ((len = strlen(new_passwd)) > 0) { + if(new_passwd[len-1] == '\n') + new_passwd[len - 1] = 0; + } + } + return(new_passwd); +} + +/************************************************************* + Utility function to get passwords via tty or stdin + Used if the '-s' option is set to silently get passwords + to enable scripting. + _copied_ from smbpasswd +*************************************************************/ +static char *get_pass( char *prompt, BOOL stdin_get) +{ + char *p; + if (stdin_get) { + p = stdin_new_passwd(); + } else { + p = getpass(prompt); + } + return strdup_x(p); +} + +/************************************************************* + Utility function to prompt for new password. + _copied_ from smbpasswd +*************************************************************/ +static char *prompt_for_new_password(BOOL stdin_get) +{ + char *p; + fstring new_passwd; + + ZERO_ARRAY(new_passwd); + + p = get_pass("New SMB password:", stdin_get); + + fstrcpy(new_passwd, p); + safe_free(p); + + p = get_pass("Retype new SMB password:", stdin_get); + + if (strcmp(p, new_passwd)) { + fprintf(stderr, "Mismatch - password unchanged.\n"); + ZERO_ARRAY(new_passwd); + safe_free(p); + return NULL; + } + + return p; +} + + /********************************************************* Add New User **********************************************************/ @@ -226,38 +298,44 @@ static int new_user (char *username, char *fullname, char *homedir, char *drive, { SAM_ACCOUNT *sam_pwent=NULL; struct passwd *pwd = NULL; - char *password1, *password2; + char *password; ZERO_STRUCT(sam_pwent); + pdb_init_sam (&sam_pwent); + if (!(pwd = sys_getpwnam(username))) { fprintf (stderr, "User %s does not exist in system passwd!\n", username); + pdb_free_sam(&sam_pwent); return -1; } - pdb_init_sam_pw (&sam_pwent, pwd); - - password1 = getpass("new password:"); - password2 = getpass("retype new password:"); - if (strcmp (password1, password2)) { - fprintf (stderr, "Passwords does not match!\n"); - pdb_free_sam (&sam_pwent); + password = prompt_for_new_password(0); + if (!password) { + fprintf (stderr, "Passwords do not match!\n"); + pdb_free_sam(&sam_pwent); return -1; } - pdb_set_plaintext_passwd(sam_pwent, password1); + pdb_set_plaintext_passwd(sam_pwent, password); pdb_set_username(sam_pwent, username); if (fullname) pdb_set_fullname(sam_pwent, fullname); if (homedir) - pdb_set_homedir (sam_pwent, homedir); + pdb_set_homedir (sam_pwent, homedir, True); if (drive) - pdb_set_dir_drive (sam_pwent, drive); + pdb_set_dir_drive (sam_pwent, drive, True); if (script) - pdb_set_logon_script(sam_pwent, script); + pdb_set_logon_script(sam_pwent, script, True); if (profile) - pdb_set_profile_path (sam_pwent, profile); + pdb_set_profile_path (sam_pwent, profile, True); + + /* TODO: Check uid not being in MACHINE UID range!! */ + pdb_set_uid (sam_pwent, pwd->pw_uid); + pdb_set_gid (sam_pwent, pwd->pw_gid); + pdb_set_user_rid (sam_pwent, pdb_uid_to_user_rid (pwd->pw_uid)); + pdb_set_group_rid (sam_pwent, pdb_gid_to_group_rid (pwd->pw_gid)); pdb_set_acct_ctrl (sam_pwent, ACB_NORMAL); @@ -265,10 +343,10 @@ static int new_user (char *username, char *fullname, char *homedir, char *drive, print_user_info (username, True, False); } else { fprintf (stderr, "Unable to add user! (does it alredy exist?)\n"); - pdb_free_sam (&sam_pwent); + pdb_free_sam(&sam_pwent); return -1; } - pdb_free_sam (&sam_pwent); + pdb_free_sam(&sam_pwent); return 0; } @@ -293,7 +371,7 @@ static int new_machine (char *machinename) safe_strcat (name, "$", 16); string_set (&password, machinename); - strlower_m(password); + strlower(password); pdb_set_plaintext_passwd (sam_pwent, password); @@ -301,8 +379,8 @@ static int new_machine (char *machinename) for (uid=BASE_MACHINE_UID; uid<=MAX_MACHINE_UID; uid++) { pdb_init_sam (&sam_trust); - if (pdb_getsampwrid (sam_trust, pdb_uid_to_user_rid (uid))) { - pdb_free_sam (&sam_trust); + if (pdb_getsampwuid (sam_trust, uid)) { + pdb_free_sam(&sam_trust); } else { break; } @@ -314,6 +392,8 @@ static int new_machine (char *machinename) return -1; } + pdb_set_uid (sam_pwent, uid); + pdb_set_gid (sam_pwent, BASE_MACHINE_UID); /* TODO: set there more appropriate value!! */ pdb_set_user_rid (sam_pwent,pdb_uid_to_user_rid (uid)); pdb_set_group_rid (sam_pwent, pdb_gid_to_group_rid (BASE_MACHINE_UID)); pdb_set_acct_ctrl (sam_pwent, ACB_WSTRUST); @@ -322,10 +402,10 @@ static int new_machine (char *machinename) print_user_info (name, True, False); } else { fprintf (stderr, "Unable to add machine! (does it already exist?)\n"); - pdb_free_sam (&sam_pwent); + pdb_free_sam(&sam_pwent); return -1; } - pdb_free_sam (&sam_pwent); + pdb_free_sam(&sam_pwent); return 0; } @@ -370,7 +450,10 @@ static int import_users (char *filename) long uidval; int line = 0; int good = 0; - struct passwd *pwd; + + if (!pdb_init_sam (&sam_pwent)) { + fprintf (stderr, "pdb_init_sam FAILED!\n"); + } if((fp = sys_fopen(filename, "rb")) == NULL) { fprintf (stderr, "%s\n", strerror (ferror (fp))); @@ -383,6 +466,7 @@ static int import_users (char *filename) fgets(linebuf, 256, fp); if (ferror(fp)) { fprintf (stderr, "%s\n", strerror (ferror (fp))); + pdb_free_sam(&sam_pwent); return -1; } if ((linebuf_len = strlen(linebuf)) == 0) { @@ -400,16 +484,20 @@ static int import_users (char *filename) linebuf[linebuf_len] = '\0'; if ((linebuf[0] == 0) && feof(fp)) { /*end of file!!*/ + pdb_free_sam(&sam_pwent); return 0; } line++; if (linebuf[0] == '#' || linebuf[0] == '\0') continue; + pdb_set_acct_ctrl (sam_pwent,ACB_NORMAL); + /* Get user name */ p = (unsigned char *) strchr_m(linebuf, ':'); if (p == NULL) { fprintf (stderr, "Error: malformed password entry at line %d !!\n", line); + pdb_reset_sam (sam_pwent); continue; } strncpy(user_name, linebuf, PTR_DIFF(p, linebuf)); @@ -419,29 +507,24 @@ static int import_users (char *filename) p++; if(*p == '-') { fprintf (stderr, "Error: negative uid at line %d\n", line); + pdb_reset_sam (sam_pwent); continue; } if (!isdigit(*p)) { fprintf (stderr, "Error: malformed password entry at line %d (uid not number)\n", line); + pdb_reset_sam (sam_pwent); continue; } uidval = atoi((char *) p); while (*p && isdigit(*p)) p++; if (*p != ':') { fprintf (stderr, "Error: malformed password entry at line %d (no : after uid)\n", line); + pdb_reset_sam (sam_pwent); continue; } - if(!(pwd = sys_getpwnam(user_name))) { - fprintf(stderr, "User %s does not \ -exist in system password file (usually /etc/passwd). Cannot add \ -account without a valid local system user.\n", user_name); - return False; - } - if (!pdb_init_sam_pw(&sam_pwent, pwd)) { - fprintf(stderr, "Failed initialise SAM_ACCOUNT for user %s.\n", user_name); - return False; - } + pdb_set_username(sam_pwent, user_name); + pdb_set_uid (sam_pwent, uidval); /* Get passwords */ p++; @@ -454,12 +537,12 @@ account without a valid local system user.\n", user_name); } else { if (linebuf_len < (PTR_DIFF(p, linebuf) + 33)) { fprintf (stderr, "Error: malformed password entry at line %d (password too short)\n",line); - pdb_free_sam (&sam_pwent); + pdb_reset_sam (sam_pwent); continue; } if (p[32] != ':') { fprintf (stderr, "Error: malformed password entry at line %d (no terminating :)\n",line); - pdb_free_sam (&sam_pwent); + pdb_reset_sam (sam_pwent); continue; } if (!strncasecmp((char *) p, "NO PASSWORD", 11)) { @@ -468,12 +551,13 @@ account without a valid local system user.\n", user_name); } else { if (!pdb_gethexpwd((char *)p, smbpwd)) { fprintf (stderr, "Error: malformed Lanman password entry at line %d (non hex chars)\n", line); - pdb_free_sam (&sam_pwent); + pdb_reset_sam (sam_pwent); continue; } pdb_set_lanman_passwd(sam_pwent, smbpwd); } /* NT password */ + pdb_set_nt_passwd(sam_pwent, smbpwd); p += 33; if ((linebuf_len >= (PTR_DIFF(p, linebuf) + 33)) && (p[32] == ':')) { if (*p != '*' && *p != 'X') { @@ -515,17 +599,49 @@ account without a valid local system user.\n", user_name); } } + /* Old-style workstation account code droped. */ + + if (pdb_get_acct_ctrl(sam_pwent) & ACB_WSTRUST) { + if ((uidval < BASE_MACHINE_UID) || (uidval > MAX_MACHINE_UID)) { + fprintf (stderr, "Warning: Machine UID out of normal range %d-%d\n", + BASE_MACHINE_UID, + MAX_MACHINE_UID); + } + pdb_set_uid(sam_pwent, BASE_MACHINE_UID); + } + + /* Test if user is valid */ + if (pdb_get_acct_ctrl(sam_pwent) & ACB_NORMAL) { + struct passwd *pwd = NULL; + + if (!(pwd = sys_getpwnam(user_name))) { + fprintf (stderr, "Error: User %s does not exist in system passwd!\n", user_name); + continue; + } + pdb_set_gid(sam_pwent, pwd->pw_gid); + } + + /* Fill in sam_pwent structure */ + pdb_set_user_rid(sam_pwent, pdb_uid_to_user_rid (pdb_get_uid(sam_pwent))); + pdb_set_group_rid(sam_pwent, pdb_gid_to_group_rid (pdb_get_gid(sam_pwent))); + + /* TODO: set also full_name, home_dir, dir_drive, logon_script, profile_path, ecc... + * when defaults will be available (after passdb redesign) + * let them blank just now they are not used anyway + */ + /* Now ADD the entry */ if (!(pdb_add_sam_account (sam_pwent))) { fprintf (stderr, "Unable to add user entry!\n"); - pdb_free_sam (&sam_pwent); + pdb_reset_sam (sam_pwent); continue; } printf ("%s imported!\n", user_name); good++; - pdb_free_sam (&sam_pwent); + pdb_reset_sam (sam_pwent); } - printf ("%d lines read.\n%d entryes imported\n", line, good); + printf ("%d lines read.\n%d entries imported\n", line, good); + pdb_free_sam(&sam_pwent); return 0; } @@ -536,6 +652,7 @@ account without a valid local system user.\n", user_name); int main (int argc, char **argv) { int ch; + static pstring servicesf = CONFIGFILE; BOOL list_users = False; BOOL verbose = False; BOOL spstyle = False; @@ -552,6 +669,8 @@ int main (int argc, char **argv) char *profile_path = NULL; char *smbpasswd = NULL; + TimeInit(); + setup_logging("pdbedit", True); if (argc < 2) { @@ -559,18 +678,21 @@ int main (int argc, char **argv) return 0; } - if(!initialize_password_db(True)) { - fprintf(stderr, "Can't setup password database vectors.\n"); + if (!lp_load(servicesf,True,False,False)) { + fprintf(stderr, "Can't load %s - run testparm to debug it\n", + servicesf); exit(1); } - if (!lp_load(dyn_CONFIGFILE,True,False,False)) { - fprintf(stderr, "Can't load %s - run testparm to debug it\n", - dyn_CONFIGFILE); + secrets_init(); + + if(!initialize_password_db(True)) { + fprintf(stderr, "Can't setup password database vectors.\n"); exit(1); } - while ((ch = getopt(argc, argv, "ad:f:h:i:lmp:s:u:vwx")) != EOF) { + + while ((ch = getopt(argc, argv, "ad:f:h:i:lmp:s:u:vwxD:")) != EOF) { switch(ch) { case 'a': add_user = True; @@ -617,6 +739,9 @@ int main (int argc, char **argv) import = True; smbpasswd = optarg; break; + case 'D': + DEBUGLEVEL = atoi(optarg); + break; default: usage(); } -- cgit From 871f1791c6b32d52bb71cfe9d6529ba62156857c Mon Sep 17 00:00:00 2001 From: Gerald Carter Date: Mon, 31 Dec 2001 02:04:08 +0000 Subject: fix compile error (This used to be commit c946c6bbc8192f5f0f3706d1b4a6cca0a994f36b) --- source3/utils/pdbedit.c | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) (limited to 'source3/utils/pdbedit.c') diff --git a/source3/utils/pdbedit.c b/source3/utils/pdbedit.c index 94eb87b6e0..e80143cc2b 100644 --- a/source3/utils/pdbedit.c +++ b/source3/utils/pdbedit.c @@ -652,7 +652,7 @@ static int import_users (char *filename) int main (int argc, char **argv) { int ch; - static pstring servicesf = CONFIGFILE; + static pstring servicesf; BOOL list_users = False; BOOL verbose = False; BOOL spstyle = False; @@ -669,6 +669,8 @@ int main (int argc, char **argv) char *profile_path = NULL; char *smbpasswd = NULL; + pstrcpy(servicesf, dyn_CONFIGFILE); + TimeInit(); setup_logging("pdbedit", True); -- cgit From a18387851cd3780ad0ddba267d1e6cf2a1b7f0b6 Mon Sep 17 00:00:00 2001 From: Gerald Carter Date: Mon, 31 Dec 2001 14:39:26 +0000 Subject: reverted to 1.24 and manually merged in changes from 2.2 (This used to be commit 466f515240aaeca7b0fe2b7b3474ab23cab687cc) --- source3/utils/pdbedit.c | 265 +++++++++++++----------------------------------- 1 file changed, 71 insertions(+), 194 deletions(-) (limited to 'source3/utils/pdbedit.c') diff --git a/source3/utils/pdbedit.c b/source3/utils/pdbedit.c index e80143cc2b..90c50d7e9f 100644 --- a/source3/utils/pdbedit.c +++ b/source3/utils/pdbedit.c @@ -42,7 +42,7 @@ extern int optind; /********************************************************* Print command usage on stderr and die. - **********************************************************/ +**********************************************************/ static void usage(void) { if (getuid() == 0) { @@ -74,23 +74,32 @@ static void usage(void) static int print_sam_info (SAM_ACCOUNT *sam_pwent, BOOL verbosity, BOOL smbpwdstyle) { + uid_t uid; + gid_t gid; + /* TODO: chaeck if entry is a user or a workstation */ if (!sam_pwent) return -1; if (verbosity) { - printf ("username: %s\n", sam_pwent->username); - printf ("user ID/Group: %d/%d\n", sam_pwent->uid, - sam_pwent->gid); - printf ("user RID/GRID: %d/%d\n", sam_pwent->user_rid, - sam_pwent->group_rid); - printf ("Full Name: %s\n", sam_pwent->full_name); - printf ("Home Directory: %s\n", sam_pwent->home_dir); - printf ("HomeDir Drive: %s\n", sam_pwent->dir_drive); - printf ("Logon Script: %s\n", sam_pwent->logon_script); - printf ("Profile Path: %s\n", sam_pwent->profile_path); + printf ("username: %s\n", pdb_get_username(sam_pwent)); + if (IS_SAM_UNIX_USER(sam_pwent)) { + uid = pdb_get_uid(sam_pwent); + gid = pdb_get_gid(sam_pwent); + printf ("user ID/Group: %d/%d\n", uid, gid); + } + printf ("user RID/GRID: %u/%u\n", (unsigned int)sam_pwent->user_rid, + (unsigned int)sam_pwent->group_rid); + printf ("Full Name: %s\n", pdb_get_fullname(sam_pwent)); + printf ("Home Directory: %s\n", pdb_get_homedir(sam_pwent)); + printf ("HomeDir Drive: %s\n", pdb_get_dirdrive(sam_pwent)); + printf ("Logon Script: %s\n", pdb_get_logon_script(sam_pwent)); + printf ("Profile Path: %s\n", pdb_get_profile_path(sam_pwent)); } else if (smbpwdstyle) { + if (IS_SAM_UNIX_USER(sam_pwent)) { char lm_passwd[33]; char nt_passwd[33]; + + uid = pdb_get_uid(sam_pwent); pdb_sethexpwd(lm_passwd, pdb_get_lanman_passwd(sam_pwent), pdb_get_acct_ctrl(sam_pwent)); @@ -100,13 +109,21 @@ static int print_sam_info (SAM_ACCOUNT *sam_pwent, BOOL verbosity, BOOL smbpwdst printf("%s:%d:%s:%s:%s:LCT-%08X:\n", pdb_get_username(sam_pwent), - pdb_get_uid(sam_pwent), + uid, lm_passwd, nt_passwd, pdb_encode_acct_ctrl(pdb_get_acct_ctrl(sam_pwent),NEW_PW_FORMAT_SPACE_PADDED_LEN), (uint32)pdb_get_pass_last_set_time(sam_pwent)); } else { - printf ("%s:%d:%s\n", sam_pwent->username, sam_pwent->uid, sam_pwent->full_name); + fprintf(stderr, "Can't output in smbpasswd format, no uid on this record.\n"); + } + } else { + if (IS_SAM_UNIX_USER(sam_pwent)) { + printf ("%s:%d:%s\n", pdb_get_username(sam_pwent), pdb_get_uid(sam_pwent), + pdb_get_fullname(sam_pwent)); + } else { + printf ("%s:(null):%s\n", pdb_get_username(sam_pwent), pdb_get_fullname(sam_pwent)); + } } return 0; @@ -146,7 +163,7 @@ static int print_users_list (BOOL verbosity, BOOL smbpwdstyle) BOOL ret; pdb_init_sam(&sam_pwent); - + errno = 0; /* testing --simo */ ret = pdb_setsampwent(False); if (ret && errno == ENOENT) { fprintf (stderr,"Password database not found!\n"); @@ -189,7 +206,7 @@ static int set_user_info (char *username, char *fullname, char *homedir, char *d if (homedir) pdb_set_homedir(sam_pwent, homedir, True); if (drive) - pdb_set_dir_drive(sam_pwent, drive, True); + pdb_set_dir_drive(sam_pwent,drive, True); if (script) pdb_set_logon_script(sam_pwent, script, True); if (profile) @@ -206,91 +223,6 @@ static int set_user_info (char *username, char *fullname, char *homedir, char *d return 0; } -/********************************************************* - A strdup with exit -**********************************************************/ - -static char *strdup_x(const char *s) -{ - char *new_s = strdup(s); - if (!new_s) { - fprintf(stderr,"out of memory\n"); - exit(1); - } - return new_s; -} - -/************************************************************* - Utility function to prompt for passwords from stdin. Each - password entered must end with a newline. -*************************************************************/ -static char *stdin_new_passwd(void) -{ - static fstring new_passwd; - size_t len; - - ZERO_ARRAY(new_passwd); - - /* - * if no error is reported from fgets() and string at least contains - * the newline that ends the password, then replace the newline with - * a null terminator. - */ - if ( fgets(new_passwd, sizeof(new_passwd), stdin) != NULL) { - if ((len = strlen(new_passwd)) > 0) { - if(new_passwd[len-1] == '\n') - new_passwd[len - 1] = 0; - } - } - return(new_passwd); -} - -/************************************************************* - Utility function to get passwords via tty or stdin - Used if the '-s' option is set to silently get passwords - to enable scripting. - _copied_ from smbpasswd -*************************************************************/ -static char *get_pass( char *prompt, BOOL stdin_get) -{ - char *p; - if (stdin_get) { - p = stdin_new_passwd(); - } else { - p = getpass(prompt); - } - return strdup_x(p); -} - -/************************************************************* - Utility function to prompt for new password. - _copied_ from smbpasswd -*************************************************************/ -static char *prompt_for_new_password(BOOL stdin_get) -{ - char *p; - fstring new_passwd; - - ZERO_ARRAY(new_passwd); - - p = get_pass("New SMB password:", stdin_get); - - fstrcpy(new_passwd, p); - safe_free(p); - - p = get_pass("Retype new SMB password:", stdin_get); - - if (strcmp(p, new_passwd)) { - fprintf(stderr, "Mismatch - password unchanged.\n"); - ZERO_ARRAY(new_passwd); - safe_free(p); - return NULL; - } - - return p; -} - - /********************************************************* Add New User **********************************************************/ @@ -298,26 +230,26 @@ static int new_user (char *username, char *fullname, char *homedir, char *drive, { SAM_ACCOUNT *sam_pwent=NULL; struct passwd *pwd = NULL; - char *password; + char *password1, *password2; ZERO_STRUCT(sam_pwent); - pdb_init_sam (&sam_pwent); - if (!(pwd = sys_getpwnam(username))) { fprintf (stderr, "User %s does not exist in system passwd!\n", username); - pdb_free_sam(&sam_pwent); return -1; } - password = prompt_for_new_password(0); - if (!password) { - fprintf (stderr, "Passwords do not match!\n"); - pdb_free_sam(&sam_pwent); + pdb_init_sam_pw (&sam_pwent, pwd); + + password1 = getpass("new password:"); + password2 = getpass("retype new password:"); + if (strcmp (password1, password2)) { + fprintf (stderr, "Passwords does not match!\n"); + pdb_free_sam (&sam_pwent); return -1; } - pdb_set_plaintext_passwd(sam_pwent, password); + pdb_set_plaintext_passwd(sam_pwent, password1); pdb_set_username(sam_pwent, username); if (fullname) @@ -331,22 +263,16 @@ static int new_user (char *username, char *fullname, char *homedir, char *drive, if (profile) pdb_set_profile_path (sam_pwent, profile, True); - /* TODO: Check uid not being in MACHINE UID range!! */ - pdb_set_uid (sam_pwent, pwd->pw_uid); - pdb_set_gid (sam_pwent, pwd->pw_gid); - pdb_set_user_rid (sam_pwent, pdb_uid_to_user_rid (pwd->pw_uid)); - pdb_set_group_rid (sam_pwent, pdb_gid_to_group_rid (pwd->pw_gid)); - pdb_set_acct_ctrl (sam_pwent, ACB_NORMAL); if (pdb_add_sam_account (sam_pwent)) { print_user_info (username, True, False); } else { fprintf (stderr, "Unable to add user! (does it alredy exist?)\n"); - pdb_free_sam(&sam_pwent); + pdb_free_sam (&sam_pwent); return -1; } - pdb_free_sam(&sam_pwent); + pdb_free_sam (&sam_pwent); return 0; } @@ -371,7 +297,7 @@ static int new_machine (char *machinename) safe_strcat (name, "$", 16); string_set (&password, machinename); - strlower(password); + strlower_m(password); pdb_set_plaintext_passwd (sam_pwent, password); @@ -379,8 +305,8 @@ static int new_machine (char *machinename) for (uid=BASE_MACHINE_UID; uid<=MAX_MACHINE_UID; uid++) { pdb_init_sam (&sam_trust); - if (pdb_getsampwuid (sam_trust, uid)) { - pdb_free_sam(&sam_trust); + if (pdb_getsampwrid (sam_trust, pdb_uid_to_user_rid (uid))) { + pdb_free_sam (&sam_trust); } else { break; } @@ -392,8 +318,6 @@ static int new_machine (char *machinename) return -1; } - pdb_set_uid (sam_pwent, uid); - pdb_set_gid (sam_pwent, BASE_MACHINE_UID); /* TODO: set there more appropriate value!! */ pdb_set_user_rid (sam_pwent,pdb_uid_to_user_rid (uid)); pdb_set_group_rid (sam_pwent, pdb_gid_to_group_rid (BASE_MACHINE_UID)); pdb_set_acct_ctrl (sam_pwent, ACB_WSTRUST); @@ -402,10 +326,10 @@ static int new_machine (char *machinename) print_user_info (name, True, False); } else { fprintf (stderr, "Unable to add machine! (does it already exist?)\n"); - pdb_free_sam(&sam_pwent); + pdb_free_sam (&sam_pwent); return -1; } - pdb_free_sam(&sam_pwent); + pdb_free_sam (&sam_pwent); return 0; } @@ -450,10 +374,7 @@ static int import_users (char *filename) long uidval; int line = 0; int good = 0; - - if (!pdb_init_sam (&sam_pwent)) { - fprintf (stderr, "pdb_init_sam FAILED!\n"); - } + struct passwd *pwd; if((fp = sys_fopen(filename, "rb")) == NULL) { fprintf (stderr, "%s\n", strerror (ferror (fp))); @@ -466,7 +387,6 @@ static int import_users (char *filename) fgets(linebuf, 256, fp); if (ferror(fp)) { fprintf (stderr, "%s\n", strerror (ferror (fp))); - pdb_free_sam(&sam_pwent); return -1; } if ((linebuf_len = strlen(linebuf)) == 0) { @@ -484,20 +404,16 @@ static int import_users (char *filename) linebuf[linebuf_len] = '\0'; if ((linebuf[0] == 0) && feof(fp)) { /*end of file!!*/ - pdb_free_sam(&sam_pwent); return 0; } line++; if (linebuf[0] == '#' || linebuf[0] == '\0') continue; - pdb_set_acct_ctrl (sam_pwent,ACB_NORMAL); - /* Get user name */ p = (unsigned char *) strchr_m(linebuf, ':'); if (p == NULL) { fprintf (stderr, "Error: malformed password entry at line %d !!\n", line); - pdb_reset_sam (sam_pwent); continue; } strncpy(user_name, linebuf, PTR_DIFF(p, linebuf)); @@ -507,24 +423,29 @@ static int import_users (char *filename) p++; if(*p == '-') { fprintf (stderr, "Error: negative uid at line %d\n", line); - pdb_reset_sam (sam_pwent); continue; } if (!isdigit(*p)) { fprintf (stderr, "Error: malformed password entry at line %d (uid not number)\n", line); - pdb_reset_sam (sam_pwent); continue; } uidval = atoi((char *) p); while (*p && isdigit(*p)) p++; if (*p != ':') { fprintf (stderr, "Error: malformed password entry at line %d (no : after uid)\n", line); - pdb_reset_sam (sam_pwent); continue; } + if(!(pwd = sys_getpwnam(user_name))) { + fprintf(stderr, "User %s does not \ +exist in system password file (usually /etc/passwd). Cannot add \ +account without a valid local system user.\n", user_name); + return False; + } - pdb_set_username(sam_pwent, user_name); - pdb_set_uid (sam_pwent, uidval); + if (!pdb_init_sam_pw(&sam_pwent, pwd)) { + fprintf(stderr, "Failed initialise SAM_ACCOUNT for user %s.\n", user_name); + return False; + } /* Get passwords */ p++; @@ -537,12 +458,12 @@ static int import_users (char *filename) } else { if (linebuf_len < (PTR_DIFF(p, linebuf) + 33)) { fprintf (stderr, "Error: malformed password entry at line %d (password too short)\n",line); - pdb_reset_sam (sam_pwent); + pdb_free_sam (&sam_pwent); continue; } if (p[32] != ':') { fprintf (stderr, "Error: malformed password entry at line %d (no terminating :)\n",line); - pdb_reset_sam (sam_pwent); + pdb_free_sam (&sam_pwent); continue; } if (!strncasecmp((char *) p, "NO PASSWORD", 11)) { @@ -551,13 +472,12 @@ static int import_users (char *filename) } else { if (!pdb_gethexpwd((char *)p, smbpwd)) { fprintf (stderr, "Error: malformed Lanman password entry at line %d (non hex chars)\n", line); - pdb_reset_sam (sam_pwent); + pdb_free_sam (&sam_pwent); continue; } pdb_set_lanman_passwd(sam_pwent, smbpwd); } /* NT password */ - pdb_set_nt_passwd(sam_pwent, smbpwd); p += 33; if ((linebuf_len >= (PTR_DIFF(p, linebuf) + 33)) && (p[32] == ':')) { if (*p != '*' && *p != 'X') { @@ -599,49 +519,17 @@ static int import_users (char *filename) } } - /* Old-style workstation account code droped. */ - - if (pdb_get_acct_ctrl(sam_pwent) & ACB_WSTRUST) { - if ((uidval < BASE_MACHINE_UID) || (uidval > MAX_MACHINE_UID)) { - fprintf (stderr, "Warning: Machine UID out of normal range %d-%d\n", - BASE_MACHINE_UID, - MAX_MACHINE_UID); - } - pdb_set_uid(sam_pwent, BASE_MACHINE_UID); - } - - /* Test if user is valid */ - if (pdb_get_acct_ctrl(sam_pwent) & ACB_NORMAL) { - struct passwd *pwd = NULL; - - if (!(pwd = sys_getpwnam(user_name))) { - fprintf (stderr, "Error: User %s does not exist in system passwd!\n", user_name); - continue; - } - pdb_set_gid(sam_pwent, pwd->pw_gid); - } - - /* Fill in sam_pwent structure */ - pdb_set_user_rid(sam_pwent, pdb_uid_to_user_rid (pdb_get_uid(sam_pwent))); - pdb_set_group_rid(sam_pwent, pdb_gid_to_group_rid (pdb_get_gid(sam_pwent))); - - /* TODO: set also full_name, home_dir, dir_drive, logon_script, profile_path, ecc... - * when defaults will be available (after passdb redesign) - * let them blank just now they are not used anyway - */ - /* Now ADD the entry */ if (!(pdb_add_sam_account (sam_pwent))) { fprintf (stderr, "Unable to add user entry!\n"); - pdb_reset_sam (sam_pwent); + pdb_free_sam (&sam_pwent); continue; } printf ("%s imported!\n", user_name); good++; - pdb_reset_sam (sam_pwent); + pdb_free_sam (&sam_pwent); } - printf ("%d lines read.\n%d entries imported\n", line, good); - pdb_free_sam(&sam_pwent); + printf ("%d lines read.\n%d entryes imported\n", line, good); return 0; } @@ -652,7 +540,6 @@ static int import_users (char *filename) int main (int argc, char **argv) { int ch; - static pstring servicesf; BOOL list_users = False; BOOL verbose = False; BOOL spstyle = False; @@ -669,10 +556,6 @@ int main (int argc, char **argv) char *profile_path = NULL; char *smbpasswd = NULL; - pstrcpy(servicesf, dyn_CONFIGFILE); - - TimeInit(); - setup_logging("pdbedit", True); if (argc < 2) { @@ -680,21 +563,18 @@ int main (int argc, char **argv) return 0; } - if (!lp_load(servicesf,True,False,False)) { - fprintf(stderr, "Can't load %s - run testparm to debug it\n", - servicesf); - exit(1); - } - - secrets_init(); - if(!initialize_password_db(True)) { fprintf(stderr, "Can't setup password database vectors.\n"); exit(1); } + if (!lp_load(dyn_CONFIGFILE,True,False,False)) { + fprintf(stderr, "Can't load %s - run testparm to debug it\n", + dyn_CONFIGFILE); + exit(1); + } - while ((ch = getopt(argc, argv, "ad:f:h:i:lmp:s:u:vwxD:")) != EOF) { + while ((ch = getopt(argc, argv, "ad:f:h:i:lmp:s:u:vwx")) != EOF) { switch(ch) { case 'a': add_user = True; @@ -741,9 +621,6 @@ int main (int argc, char **argv) import = True; smbpasswd = optarg; break; - case 'D': - DEBUGLEVEL = atoi(optarg); - break; default: usage(); } -- cgit From a3f891dbd2e9ee1681e3c8295cd62a877c727d4f Mon Sep 17 00:00:00 2001 From: Andrew Bartlett Date: Wed, 2 Jan 2002 07:41:54 +0000 Subject: Actually enforce the passdb API. Thou shalt not reference SAM_ACCOUNT members directly - always use pdb_get/pdb_set. This is achived by making the whole of SAM_ACCOUNT have a .private member, where the real members live. This caught a pile of examples, and these have beeen fixed. The pdb_get..() functions are 'const' (have been for some time) and this required a few small changes to constify other functions. I've also added some debugs to the pdb get and set, they can be removed if requested. I've rewritten the copy_id2x_to_sam_pass() functions to use the new passdb interface, but I need the flags info to do it properly. The pdb_free_sam() funciton now blanks out the LM and NT hashes, and as such I have removed many extra 'samr_clear_sam_passwd(smbpass)' calls as a result. Finally, any and all testing is always appriciated - but the basics seem to work. Andrew Bartlett (This used to be commit d3dd28f6c443187b8d820d5a39c7c5b3be2fa95c) --- source3/utils/pdbedit.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'source3/utils/pdbedit.c') diff --git a/source3/utils/pdbedit.c b/source3/utils/pdbedit.c index 90c50d7e9f..ab7c9d6f7c 100644 --- a/source3/utils/pdbedit.c +++ b/source3/utils/pdbedit.c @@ -87,8 +87,8 @@ static int print_sam_info (SAM_ACCOUNT *sam_pwent, BOOL verbosity, BOOL smbpwdst gid = pdb_get_gid(sam_pwent); printf ("user ID/Group: %d/%d\n", uid, gid); } - printf ("user RID/GRID: %u/%u\n", (unsigned int)sam_pwent->user_rid, - (unsigned int)sam_pwent->group_rid); + printf ("user RID/GRID: %u/%u\n", (unsigned int)pdb_get_user_rid(sam_pwent), + (unsigned int)pdb_get_group_rid(sam_pwent)); printf ("Full Name: %s\n", pdb_get_fullname(sam_pwent)); printf ("Home Directory: %s\n", pdb_get_homedir(sam_pwent)); printf ("HomeDir Drive: %s\n", pdb_get_dirdrive(sam_pwent)); -- cgit From f1256e847e6820c29f8bc74db4609d8aa282a1a1 Mon Sep 17 00:00:00 2001 From: Herb Lewis Date: Mon, 7 Jan 2002 21:32:22 +0000 Subject: merge changes from 2.2 branch to prevent smb.conf from changing debug level of commands when specified on command line. (This used to be commit 39d6b31e14144a3ff4b992d4286b706147e58566) --- source3/utils/pdbedit.c | 4 ++++ 1 file changed, 4 insertions(+) (limited to 'source3/utils/pdbedit.c') diff --git a/source3/utils/pdbedit.c b/source3/utils/pdbedit.c index ab7c9d6f7c..046d4a4ad8 100644 --- a/source3/utils/pdbedit.c +++ b/source3/utils/pdbedit.c @@ -32,6 +32,7 @@ #include "includes.h" extern pstring global_myname; +extern BOOL AllowDebugChange; /* * Next two lines needed for SunOS and don't @@ -568,6 +569,9 @@ int main (int argc, char **argv) exit(1); } + DEBUGLEVEL = 1; + AllowDebugChange = False; + if (!lp_load(dyn_CONFIGFILE,True,False,False)) { fprintf(stderr, "Can't load %s - run testparm to debug it\n", dyn_CONFIGFILE); -- cgit From dbee612f7150ee2921c37fa331b38b86d2d63937 Mon Sep 17 00:00:00 2001 From: Andrew Bartlett Date: Tue, 15 Jan 2002 01:02:13 +0000 Subject: Change the passdb interface to use allocated strings. These strings are allocated using talloc(), either using its own memory context stored on the SAM_ACCOUNT or one supplied by the caller. The pdb_init_sam() and pdb_free_sam() function have been modifed so that a call to pdb_free_sam() will either clean up (remove hashes from memory) and destroy the TALLOC_CTX or just clean up depending on who supplied it. The pdb_init_sam and pdb_free_sam functions now also return an NTSTATUS, and I have modified the 3 places that actually checked these returns. The only nasty thing about this patch is the small measure needed to maintin interface compatability - strings set to NULL are actually set to "". This is becouse there are too many places in Samba that do strlen() on these strings without checking if they are NULL pointers. A supp patch will follow to set all strings to "" in pdb_default_sam(). Andrew Bartlett (This used to be commit 144345b41d39a6f68d01f62b7aee64ca0d328085) --- source3/utils/pdbedit.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'source3/utils/pdbedit.c') diff --git a/source3/utils/pdbedit.c b/source3/utils/pdbedit.c index 046d4a4ad8..ae600f6a6a 100644 --- a/source3/utils/pdbedit.c +++ b/source3/utils/pdbedit.c @@ -443,7 +443,7 @@ account without a valid local system user.\n", user_name); return False; } - if (!pdb_init_sam_pw(&sam_pwent, pwd)) { + if (!NT_STATUS_IS_OK(pdb_init_sam_pw(&sam_pwent, pwd))) { fprintf(stderr, "Failed initialise SAM_ACCOUNT for user %s.\n", user_name); return False; } -- cgit From 1a74d8d1f0758d15c5c35d20e33d9868565812cf Mon Sep 17 00:00:00 2001 From: Andrew Bartlett Date: Sun, 20 Jan 2002 14:30:58 +0000 Subject: This is another *BIG* change... Samba now features a pluggable passdb interface, along the same lines as the one in use in the auth subsystem. In this case, only one backend may be active at a time by the 'normal' interface, and only one backend per passdb_context is permitted outside that. This pluggable interface is designed to allow any number of passdb backends to be compiled in, with the selection at runtime. The 'passdb backend' paramater has been created (and documented!) to support this. As such, configure has been modfied to allow (for example) --with-ldap and the old smbpasswd to be selected at the same time. This patch also introduces two new backends: smbpasswd_nua and tdbsam_nua. These two backends accept 'non unix accounts', where the user does *not* exist in /etc/passwd. These accounts' don't have UIDs in the unix sense, but to avoid conflicts in the algroitmic mapping of RIDs, they use the values specified in the 'non unix account range' paramter - in the same way as the winbind ranges are specifed. While I was at it, I cleaned up some of the code in pdb_tdb (code copied directly from smbpasswd and not really considered properly). Most of this was to do with % macro expansion on stored data. It isn't easy to get the macros into the tdb, and the first password change will 'expand' them. tdbsam needs to use a similar system to pdb_ldap in this regard. This patch only makes minor adjustments to pdb_nisplus and pdb_ldap, becouse I don't have the test facilities for these. I plan to incoroprate at least pdb_ldap into this scheme after consultation with Jerry. Each (converted) passdb module now no longer has any 'static' variables, and only exports 1 init function outside its .c file. The non-unix-account support in this patch has been proven! It is now possible to join a win2k machine to a Samba PDC without an account in /etc/passwd! Other changes: Minor interface adjustments: pdb_delete_sam_account() now takes a SAM_ACCOUNT, not a char*. pdb_update_sam_account() no longer takes the 'override' argument that was being ignored so often (every other passdb backend). Extra checks have been added in some places. Minor code changes: smbpasswd no longer attempts to initialise the passdb at startup, this is now done on first use. pdbedit has lost some of its 'machine account' logic, as this behaviour is now controlled by the passdb subsystem directly. The samr subsystem no longer calls 'local password change', but does the pdb interactions directly. This allow the ACB_ flags specifed to be transferred direct to the backend, without interference. Doco: I've updated the doco to reflect some of the changes, and removed some paramters no longer applicable to HEAD. (This used to be commit ff354c99c585068af6dc1ff35a1f109a806b326b) --- source3/utils/pdbedit.c | 61 +++++++++++++++++++++---------------------------- 1 file changed, 26 insertions(+), 35 deletions(-) (limited to 'source3/utils/pdbedit.c') diff --git a/source3/utils/pdbedit.c b/source3/utils/pdbedit.c index ae600f6a6a..33b62ebd42 100644 --- a/source3/utils/pdbedit.c +++ b/source3/utils/pdbedit.c @@ -21,14 +21,6 @@ Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. */ -/* base uid for trust accounts is set to 60000 ! - * May be we should add the defines in smb.h to make it possible having - * different values on different platforms? - */ - -#define BASE_MACHINE_UID 60000 -#define MAX_MACHINE_UID 65500 /* 5500 trust accounts aren't enough? */ - #include "includes.h" extern pstring global_myname; @@ -213,7 +205,7 @@ static int set_user_info (char *username, char *fullname, char *homedir, char *d if (profile) pdb_set_profile_path (sam_pwent, profile, True); - if (pdb_update_sam_account (sam_pwent, True)) + if (pdb_update_sam_account (sam_pwent)) print_user_info (username, True, False); else { fprintf (stderr, "Unable to modify entry!\n"); @@ -284,10 +276,8 @@ static int new_user (char *username, char *fullname, char *homedir, char *drive, static int new_machine (char *machinename) { SAM_ACCOUNT *sam_pwent=NULL; - SAM_ACCOUNT *sam_trust=NULL; char name[16]; char *password = NULL; - uid_t uid; pdb_init_sam (&sam_pwent); @@ -304,23 +294,6 @@ static int new_machine (char *machinename) pdb_set_username (sam_pwent, name); - for (uid=BASE_MACHINE_UID; uid<=MAX_MACHINE_UID; uid++) { - pdb_init_sam (&sam_trust); - if (pdb_getsampwrid (sam_trust, pdb_uid_to_user_rid (uid))) { - pdb_free_sam (&sam_trust); - } else { - break; - } - } - - if (uid>MAX_MACHINE_UID) { - fprintf (stderr, "No more free UIDs available to Machine accounts!\n"); - pdb_free_sam(&sam_pwent); - return -1; - } - - pdb_set_user_rid (sam_pwent,pdb_uid_to_user_rid (uid)); - pdb_set_group_rid (sam_pwent, pdb_gid_to_group_rid (BASE_MACHINE_UID)); pdb_set_acct_ctrl (sam_pwent, ACB_WSTRUST); if (pdb_add_sam_account (sam_pwent)) { @@ -340,7 +313,16 @@ static int new_machine (char *machinename) static int delete_user_entry (char *username) { - return pdb_delete_sam_account (username); + SAM_ACCOUNT *samaccount; + + pdb_init_sam(&samaccount); + + if (!pdb_getsampwnam(samaccount, username)) { + fprintf (stderr, "user %s does not exist in the passdb\n", username); + return -1; + } + + return pdb_delete_sam_account (samaccount); } /********************************************************* @@ -350,11 +332,20 @@ static int delete_user_entry (char *username) static int delete_machine_entry (char *machinename) { char name[16]; + SAM_ACCOUNT *samaccount; safe_strcpy (name, machinename, 16); if (name[strlen(name)] != '$') safe_strcat (name, "$", 16); - return pdb_delete_sam_account (name); + + pdb_init_sam(&samaccount); + + if (!pdb_getsampwnam(samaccount, name)) { + fprintf (stderr, "user %s does not exist in the passdb\n", name); + return -1; + } + + return pdb_delete_sam_account (samaccount); } /********************************************************* @@ -564,11 +555,6 @@ int main (int argc, char **argv) return 0; } - if(!initialize_password_db(True)) { - fprintf(stderr, "Can't setup password database vectors.\n"); - exit(1); - } - DEBUGLEVEL = 1; AllowDebugChange = False; @@ -578,6 +564,11 @@ int main (int argc, char **argv) exit(1); } + if(!initialize_password_db(True)) { + fprintf(stderr, "Can't setup password database vectors.\n"); + exit(1); + } + while ((ch = getopt(argc, argv, "ad:f:h:i:lmp:s:u:vwx")) != EOF) { switch(ch) { case 'a': -- cgit From 158efc3aa2060e21f40e231a1e8aa945b6a3ab71 Mon Sep 17 00:00:00 2001 From: Andrew Bartlett Date: Wed, 23 Jan 2002 12:59:24 +0000 Subject: getpwnam -> getpwnam_alloc. idra has promised not to revert these this time :-) (This used to be commit f556ad67e82518f5a024ffe9184ff9430ab5c541) --- source3/utils/pdbedit.c | 16 ++++++++++------ 1 file changed, 10 insertions(+), 6 deletions(-) (limited to 'source3/utils/pdbedit.c') diff --git a/source3/utils/pdbedit.c b/source3/utils/pdbedit.c index 33b62ebd42..08ba54605f 100644 --- a/source3/utils/pdbedit.c +++ b/source3/utils/pdbedit.c @@ -227,12 +227,17 @@ static int new_user (char *username, char *fullname, char *homedir, char *drive, ZERO_STRUCT(sam_pwent); - if (!(pwd = sys_getpwnam(username))) { - fprintf (stderr, "User %s does not exist in system passwd!\n", username); - return -1; - } + if (pwd = getpwnam_alloc(username)) { - pdb_init_sam_pw (&sam_pwent, pwd); + pdb_init_sam_pw (&sam_pwent, pwd); + passwd_free(&pwd); + } else { + fprintf (stderr, "WARNING: user %s does not exist in system passwd\n", username); + pdb_init_sam(&sam_pwent); + if (!pdb_set_username(sam_pwent, username)) { + return False; + } + } password1 = getpass("new password:"); password2 = getpass("retype new password:"); @@ -244,7 +249,6 @@ static int new_user (char *username, char *fullname, char *homedir, char *drive, pdb_set_plaintext_passwd(sam_pwent, password1); - pdb_set_username(sam_pwent, username); if (fullname) pdb_set_fullname(sam_pwent, fullname); if (homedir) -- cgit From 3e29c28a0bb8e6c1b4f8acba6f9bfeb6b3b983b7 Mon Sep 17 00:00:00 2001 From: Andrew Bartlett Date: Sat, 26 Jan 2002 05:53:07 +0000 Subject: Try to get the compiler not to complain about assignments and truth values... Andrew Bartlett (This used to be commit 6650b21ceabefab037cfd3b135039914fb75e3a9) --- source3/utils/pdbedit.c | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) (limited to 'source3/utils/pdbedit.c') diff --git a/source3/utils/pdbedit.c b/source3/utils/pdbedit.c index 08ba54605f..5202d8d3fe 100644 --- a/source3/utils/pdbedit.c +++ b/source3/utils/pdbedit.c @@ -227,8 +227,7 @@ static int new_user (char *username, char *fullname, char *homedir, char *drive, ZERO_STRUCT(sam_pwent); - if (pwd = getpwnam_alloc(username)) { - + if ((pwd = getpwnam_alloc(username))) { pdb_init_sam_pw (&sam_pwent, pwd); passwd_free(&pwd); } else { -- cgit From 26073c4aec4a45ae58855dd6eecc20cc376c7e8c Mon Sep 17 00:00:00 2001 From: Andrew Bartlett Date: Sun, 27 Jan 2002 03:00:56 +0000 Subject: Give pdbedit a -D paramater for setting the DEBUGLEVEL (makes debugging passdb much saner :-). Change to pdb_init_sam()/pdb_free_sam() loop rather than reset based due to the talloc basis. Andrew Bartlett (This used to be commit e40a0a7f27950bd0484fe7d6b67dce45cd75d25c) --- source3/utils/pdbedit.c | 15 ++++++++++----- 1 file changed, 10 insertions(+), 5 deletions(-) (limited to 'source3/utils/pdbedit.c') diff --git a/source3/utils/pdbedit.c b/source3/utils/pdbedit.c index 5202d8d3fe..4f3ceaf18f 100644 --- a/source3/utils/pdbedit.c +++ b/source3/utils/pdbedit.c @@ -58,6 +58,7 @@ static void usage(void) printf(" -m it is a machine trust\n"); printf(" -x delete this user\n"); printf(" -i file import account from file (smbpasswd style)\n"); + printf(" -D debuglevel set DEBUGELEVEL (default = 1)\n"); exit(1); } @@ -160,19 +161,20 @@ static int print_users_list (BOOL verbosity, BOOL smbpwdstyle) ret = pdb_setsampwent(False); if (ret && errno == ENOENT) { fprintf (stderr,"Password database not found!\n"); - pdb_free_sam(&sam_pwent); exit(1); } + pdb_free_sam(&sam_pwent); - while ((ret = pdb_getsampwent (sam_pwent))) { + while ((NT_STATUS_IS_OK(pdb_init_sam(&sam_pwent)) + && (ret = pdb_getsampwent (sam_pwent)))) { if (verbosity) printf ("---------------\n"); print_sam_info (sam_pwent, verbosity, smbpwdstyle); - pdb_reset_sam(sam_pwent); + pdb_free_sam(&sam_pwent); } + pdb_free_sam(&sam_pwent); pdb_endsampwent (); - pdb_free_sam(&sam_pwent); return 0; } @@ -572,7 +574,7 @@ int main (int argc, char **argv) exit(1); } - while ((ch = getopt(argc, argv, "ad:f:h:i:lmp:s:u:vwx")) != EOF) { + while ((ch = getopt(argc, argv, "ad:f:h:i:lmp:s:u:vwxD:")) != EOF) { switch(ch) { case 'a': add_user = True; @@ -619,6 +621,9 @@ int main (int argc, char **argv) import = True; smbpasswd = optarg; break; + case 'D': + DEBUGLEVEL = atoi(optarg); + break; default: usage(); } -- cgit From cd68afe31256ad60748b34f7318a180cfc2127cc Mon Sep 17 00:00:00 2001 From: Tim Potter Date: Wed, 30 Jan 2002 06:08:46 +0000 Subject: Removed version number from file header. Changed "SMB/Netbios" to "SMB/CIFS" in file header. (This used to be commit 6a58c9bd06d0d7502a24bf5ce5a2faf0a146edfa) --- source3/utils/pdbedit.c | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) (limited to 'source3/utils/pdbedit.c') diff --git a/source3/utils/pdbedit.c b/source3/utils/pdbedit.c index 4f3ceaf18f..bdf499ae47 100644 --- a/source3/utils/pdbedit.c +++ b/source3/utils/pdbedit.c @@ -1,7 +1,6 @@ /* - Unix SMB/Netbios implementation. + Unix SMB/CIFS implementation. passdb editing frontend - Version 3.0 Copyright (C) Simo Sorce 2000 Copyright (C) Andrew Bartlett 2001 -- cgit From f3ee505fcef3baccd508281f81e6ba9b20b83be3 Mon Sep 17 00:00:00 2001 From: Andrew Bartlett Date: Thu, 31 Jan 2002 11:38:47 +0000 Subject: Initialise some SAM_ACCOUNT structs to NULL, and add some more error checking. Andrew Bartlett (This used to be commit f3f375dc6b7175d4dd4ce401815e5dfdd9747083) --- source3/utils/pdbedit.c | 20 ++++++++++++++------ 1 file changed, 14 insertions(+), 6 deletions(-) (limited to 'source3/utils/pdbedit.c') diff --git a/source3/utils/pdbedit.c b/source3/utils/pdbedit.c index bdf499ae47..2ba6de55df 100644 --- a/source3/utils/pdbedit.c +++ b/source3/utils/pdbedit.c @@ -131,7 +131,9 @@ static int print_user_info (char *username, BOOL verbosity, BOOL smbpwdstyle) SAM_ACCOUNT *sam_pwent=NULL; BOOL ret; - pdb_init_sam(&sam_pwent); + if (!NT_STATUS_IS_OK(pdb_init_sam (&sam_pwent))) { + return -1; + } ret = pdb_getsampwnam (sam_pwent, username); @@ -283,7 +285,9 @@ static int new_machine (char *machinename) char name[16]; char *password = NULL; - pdb_init_sam (&sam_pwent); + if (!NT_STATUS_IS_OK(pdb_init_sam (&sam_pwent))) { + return -1; + } if (machinename[strlen (machinename) -1] == '$') machinename[strlen (machinename) -1] = '\0'; @@ -317,9 +321,11 @@ static int new_machine (char *machinename) static int delete_user_entry (char *username) { - SAM_ACCOUNT *samaccount; + SAM_ACCOUNT *samaccount = NULL; - pdb_init_sam(&samaccount); + if (!NT_STATUS_IS_OK(pdb_init_sam (&samaccount))) { + return -1; + } if (!pdb_getsampwnam(samaccount, username)) { fprintf (stderr, "user %s does not exist in the passdb\n", username); @@ -336,13 +342,15 @@ static int delete_user_entry (char *username) static int delete_machine_entry (char *machinename) { char name[16]; - SAM_ACCOUNT *samaccount; + SAM_ACCOUNT *samaccount = NULL; safe_strcpy (name, machinename, 16); if (name[strlen(name)] != '$') safe_strcat (name, "$", 16); - pdb_init_sam(&samaccount); + if (!NT_STATUS_IS_OK(pdb_init_sam (&samaccount))) { + return -1; + } if (!pdb_getsampwnam(samaccount, name)) { fprintf (stderr, "user %s does not exist in the passdb\n", name); -- cgit From 32334bc6553c25b706e60a321f9c16f8931f94c1 Mon Sep 17 00:00:00 2001 From: Simo Sorce Date: Mon, 18 Mar 2002 23:57:14 +0000 Subject: more verbose checking in talloc and util_pw fixed tdbsam memory corruption (and segfault) reducing calls to pdb_uid_to_user_rid and countrary to 0 to move to a non alghoritmic rid allocation with some passdb modules. (This used to be commit 9836af7cd623357feaec07bc49cfb78f0aa01fc3) --- source3/utils/pdbedit.c | 19 ++++++++++--------- 1 file changed, 10 insertions(+), 9 deletions(-) (limited to 'source3/utils/pdbedit.c') diff --git a/source3/utils/pdbedit.c b/source3/utils/pdbedit.c index 2ba6de55df..71abcc74ee 100644 --- a/source3/utils/pdbedit.c +++ b/source3/utils/pdbedit.c @@ -155,27 +155,28 @@ static int print_user_info (char *username, BOOL verbosity, BOOL smbpwdstyle) static int print_users_list (BOOL verbosity, BOOL smbpwdstyle) { SAM_ACCOUNT *sam_pwent=NULL; - BOOL ret; + BOOL check, ret; - pdb_init_sam(&sam_pwent); errno = 0; /* testing --simo */ - ret = pdb_setsampwent(False); - if (ret && errno == ENOENT) { + check = pdb_setsampwent(False); + if (check && errno == ENOENT) { fprintf (stderr,"Password database not found!\n"); exit(1); } - pdb_free_sam(&sam_pwent); - while ((NT_STATUS_IS_OK(pdb_init_sam(&sam_pwent)) - && (ret = pdb_getsampwent (sam_pwent)))) { + check = True; + if (!(NT_STATUS_IS_OK(pdb_init_sam(&sam_pwent)))) return 1; + + while (check && (ret = pdb_getsampwent (sam_pwent))) { if (verbosity) printf ("---------------\n"); print_sam_info (sam_pwent, verbosity, smbpwdstyle); pdb_free_sam(&sam_pwent); + check = NT_STATUS_IS_OK(pdb_init_sam(&sam_pwent)); } - pdb_free_sam(&sam_pwent); + if (check) pdb_free_sam(&sam_pwent); - pdb_endsampwent (); + pdb_endsampwent(); return 0; } -- cgit From 050b80356edea52f1bbb0a27599186ad84c18b73 Mon Sep 17 00:00:00 2001 From: Simo Sorce Date: Tue, 19 Mar 2002 13:57:53 +0000 Subject: second step to gain free uid<->rid mapping we still need to free gid<->rid mapping and few other stuff (This used to be commit aa4b6f8181f34196a28951264dd8b631a5deef7f) --- source3/utils/pdbedit.c | 2 ++ 1 file changed, 2 insertions(+) (limited to 'source3/utils/pdbedit.c') diff --git a/source3/utils/pdbedit.c b/source3/utils/pdbedit.c index 71abcc74ee..1fb1f2355b 100644 --- a/source3/utils/pdbedit.c +++ b/source3/utils/pdbedit.c @@ -305,6 +305,8 @@ static int new_machine (char *machinename) pdb_set_acct_ctrl (sam_pwent, ACB_WSTRUST); + pdb_set_group_rid(sam_pwent, DOMAIN_GROUP_RID_COMPUTERS); + if (pdb_add_sam_account (sam_pwent)) { print_user_info (name, True, False); } else { -- cgit From e90b65284812aaa5ff9e9935ce9bbad7791cbbcd Mon Sep 17 00:00:00 2001 From: Andrew Tridgell Date: Mon, 15 Jul 2002 10:35:28 +0000 Subject: updated the 3.0 branch from the head branch - ready for alpha18 (This used to be commit 03ac082dcb375b6f3ca3d810a6a6367542bc23ce) --- source3/utils/pdbedit.c | 538 +++++++++++++++++------------------------------- 1 file changed, 187 insertions(+), 351 deletions(-) (limited to 'source3/utils/pdbedit.c') diff --git a/source3/utils/pdbedit.c b/source3/utils/pdbedit.c index 1fb1f2355b..b30ab6f38e 100644 --- a/source3/utils/pdbedit.c +++ b/source3/utils/pdbedit.c @@ -4,6 +4,7 @@ Copyright (C) Simo Sorce 2000 Copyright (C) Andrew Bartlett 2001 + Copyright (C) Jelmer Vernooij 2002 This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by @@ -25,40 +26,40 @@ extern pstring global_myname; extern BOOL AllowDebugChange; -/* - * Next two lines needed for SunOS and don't - * hurt anything else... - */ -extern char *optarg; -extern int optind; - /********************************************************* - Print command usage on stderr and die. -**********************************************************/ -static void usage(void) -{ - if (getuid() == 0) { - printf("pdbedit options\n"); - } else { - printf("You need to be root to use this tool!\n"); + Add all currently available users to another db + ********************************************************/ + +int export_database (struct pdb_context *in, char *db){ + struct pdb_context *context; + SAM_ACCOUNT *user = NULL; + + if (!NT_STATUS_IS_OK(make_pdb_context_string(&context, db))){ + fprintf(stderr, "Can't initialize %s.\n", db); + return 1; + } + + if (!in->pdb_setsampwent(in, 0)){ + fprintf(stderr, "Can't sampwent!\n"); + return 1; + } + + if (!NT_STATUS_IS_OK(pdb_init_sam(&user))){ + fprintf(stderr, "Can't initialize new SAM_ACCOUNT!\n"); + return 1; + } + + while (in->pdb_getsampwent(in,user)){ + context->pdb_add_sam_account(context,user); + if (!NT_STATUS_IS_OK(pdb_reset_sam(user))){ + fprintf(stderr, "Can't reset SAM_ACCOUNT!\n"); + return 1; + } } - printf("(actually to add a user you need to use smbpasswd)\n"); - printf("options:\n"); - printf(" -l list usernames\n"); - printf(" -v verbose output\n"); - printf(" -w smbpasswd file style\n"); - printf(" -u username print user's info\n"); - printf(" -f fullname set Full Name\n"); - printf(" -h homedir set home directory\n"); - printf(" -d drive set home dir drive\n"); - printf(" -s script set logon script\n"); - printf(" -p profile set profile path\n"); - printf(" -a create new account\n"); - printf(" -m it is a machine trust\n"); - printf(" -x delete this user\n"); - printf(" -i file import account from file (smbpasswd style)\n"); - printf(" -D debuglevel set DEBUGELEVEL (default = 1)\n"); - exit(1); + + in->pdb_endsampwent(in); + + return 0; } /********************************************************* @@ -69,24 +70,53 @@ static int print_sam_info (SAM_ACCOUNT *sam_pwent, BOOL verbosity, BOOL smbpwdst { uid_t uid; gid_t gid; + time_t tmp; /* TODO: chaeck if entry is a user or a workstation */ if (!sam_pwent) return -1; if (verbosity) { - printf ("username: %s\n", pdb_get_username(sam_pwent)); + printf ("Unix username: %s\n", pdb_get_username(sam_pwent)); + printf ("NT username: %s\n", pdb_get_nt_username(sam_pwent)); + printf ("Account Flags: %s\n", pdb_encode_acct_ctrl(pdb_get_acct_ctrl(sam_pwent), NEW_PW_FORMAT_SPACE_PADDED_LEN)); + if (IS_SAM_UNIX_USER(sam_pwent)) { uid = pdb_get_uid(sam_pwent); gid = pdb_get_gid(sam_pwent); - printf ("user ID/Group: %d/%d\n", uid, gid); + printf ("User ID/Group ID: %d/%d\n", uid, gid); } - printf ("user RID/GRID: %u/%u\n", (unsigned int)pdb_get_user_rid(sam_pwent), - (unsigned int)pdb_get_group_rid(sam_pwent)); - printf ("Full Name: %s\n", pdb_get_fullname(sam_pwent)); - printf ("Home Directory: %s\n", pdb_get_homedir(sam_pwent)); - printf ("HomeDir Drive: %s\n", pdb_get_dirdrive(sam_pwent)); - printf ("Logon Script: %s\n", pdb_get_logon_script(sam_pwent)); - printf ("Profile Path: %s\n", pdb_get_profile_path(sam_pwent)); + printf ("User SID: %s\n", + sid_string_static(pdb_get_user_sid(sam_pwent))); + printf ("Primary Group SID: %s\n", + sid_string_static(pdb_get_group_sid(sam_pwent))); + printf ("Full Name: %s\n", pdb_get_fullname(sam_pwent)); + printf ("Home Directory: %s\n", pdb_get_homedir(sam_pwent)); + printf ("HomeDir Drive: %s\n", pdb_get_dirdrive(sam_pwent)); + printf ("Logon Script: %s\n", pdb_get_logon_script(sam_pwent)); + printf ("Profile Path: %s\n", pdb_get_profile_path(sam_pwent)); + printf ("Domain: %s\n", pdb_get_domain(sam_pwent)); + printf ("Account desc: %s\n", pdb_get_acct_desc(sam_pwent)); + printf ("Workstations: %s\n", pdb_get_workstations(sam_pwent)); + printf ("Munged dial: %s\n", pdb_get_munged_dial(sam_pwent)); + + tmp = pdb_get_logon_time(sam_pwent); + printf ("Logon time: %s\n", tmp ? http_timestring(tmp) : "0"); + + tmp = pdb_get_logoff_time(sam_pwent); + printf ("Logoff time: %s\n", tmp ? http_timestring(tmp) : "0"); + + tmp = pdb_get_kickoff_time(sam_pwent); + printf ("Kickoff time: %s\n", tmp ? http_timestring(tmp) : "0"); + + tmp = pdb_get_pass_last_set_time(sam_pwent); + printf ("Password last set: %s\n", tmp ? http_timestring(tmp) : "0"); + + tmp = pdb_get_pass_can_change_time(sam_pwent); + printf ("Password can change: %s\n", tmp ? http_timestring(tmp) : "0"); + + tmp = pdb_get_pass_must_change_time(sam_pwent); + printf ("Password must change: %s\n", tmp ? http_timestring(tmp) : "0"); + } else if (smbpwdstyle) { if (IS_SAM_UNIX_USER(sam_pwent)) { char lm_passwd[33]; @@ -126,7 +156,7 @@ static int print_sam_info (SAM_ACCOUNT *sam_pwent, BOOL verbosity, BOOL smbpwdst Get an Print User Info **********************************************************/ -static int print_user_info (char *username, BOOL verbosity, BOOL smbpwdstyle) +static int print_user_info (struct pdb_context *in, char *username, BOOL verbosity, BOOL smbpwdstyle) { SAM_ACCOUNT *sam_pwent=NULL; BOOL ret; @@ -135,7 +165,7 @@ static int print_user_info (char *username, BOOL verbosity, BOOL smbpwdstyle) return -1; } - ret = pdb_getsampwnam (sam_pwent, username); + ret = in->pdb_getsampwnam (in, sam_pwent, username); if (ret==False) { fprintf (stderr, "Username not found!\n"); @@ -152,22 +182,20 @@ static int print_user_info (char *username, BOOL verbosity, BOOL smbpwdstyle) /********************************************************* List Users **********************************************************/ -static int print_users_list (BOOL verbosity, BOOL smbpwdstyle) +static int print_users_list (struct pdb_context *in, BOOL verbosity, BOOL smbpwdstyle) { SAM_ACCOUNT *sam_pwent=NULL; BOOL check, ret; - errno = 0; /* testing --simo */ - check = pdb_setsampwent(False); - if (check && errno == ENOENT) { - fprintf (stderr,"Password database not found!\n"); - exit(1); + check = in->pdb_setsampwent(in, False); + if (!check) { + return 1; } check = True; if (!(NT_STATUS_IS_OK(pdb_init_sam(&sam_pwent)))) return 1; - while (check && (ret = pdb_getsampwent (sam_pwent))) { + while (check && (ret = in->pdb_getsampwent (in, sam_pwent))) { if (verbosity) printf ("---------------\n"); print_sam_info (sam_pwent, verbosity, smbpwdstyle); @@ -176,7 +204,7 @@ static int print_users_list (BOOL verbosity, BOOL smbpwdstyle) } if (check) pdb_free_sam(&sam_pwent); - pdb_endsampwent(); + in->pdb_endsampwent(in); return 0; } @@ -184,14 +212,14 @@ static int print_users_list (BOOL verbosity, BOOL smbpwdstyle) Set User Info **********************************************************/ -static int set_user_info (char *username, char *fullname, char *homedir, char *drive, char *script, char *profile) +static int set_user_info (struct pdb_context *in, char *username, char *fullname, char *homedir, char *drive, char *script, char *profile) { SAM_ACCOUNT *sam_pwent=NULL; BOOL ret; pdb_init_sam(&sam_pwent); - ret = pdb_getsampwnam (sam_pwent, username); + ret = in->pdb_getsampwnam (in, sam_pwent, username); if (ret==False) { fprintf (stderr, "Username not found!\n"); pdb_free_sam(&sam_pwent); @@ -209,8 +237,8 @@ static int set_user_info (char *username, char *fullname, char *homedir, char *d if (profile) pdb_set_profile_path (sam_pwent, profile, True); - if (pdb_update_sam_account (sam_pwent)) - print_user_info (username, True, False); + if (in->pdb_update_sam_account (in, sam_pwent)) + print_user_info (in, username, True, False); else { fprintf (stderr, "Unable to modify entry!\n"); pdb_free_sam(&sam_pwent); @@ -223,7 +251,7 @@ static int set_user_info (char *username, char *fullname, char *homedir, char *d /********************************************************* Add New User **********************************************************/ -static int new_user (char *username, char *fullname, char *homedir, char *drive, char *script, char *profile) +static int new_user (struct pdb_context *in, char *username, char *fullname, char *homedir, char *drive, char *script, char *profile) { SAM_ACCOUNT *sam_pwent=NULL; struct passwd *pwd = NULL; @@ -265,8 +293,8 @@ static int new_user (char *username, char *fullname, char *homedir, char *drive, pdb_set_acct_ctrl (sam_pwent, ACB_NORMAL); - if (pdb_add_sam_account (sam_pwent)) { - print_user_info (username, True, False); + if (in->pdb_add_sam_account (in, sam_pwent)) { + print_user_info (in, username, True, False); } else { fprintf (stderr, "Unable to add user! (does it alredy exist?)\n"); pdb_free_sam (&sam_pwent); @@ -280,7 +308,7 @@ static int new_user (char *username, char *fullname, char *homedir, char *drive, Add New Machine **********************************************************/ -static int new_machine (char *machinename) +static int new_machine (struct pdb_context *in, char *machinename) { SAM_ACCOUNT *sam_pwent=NULL; char name[16]; @@ -305,10 +333,10 @@ static int new_machine (char *machinename) pdb_set_acct_ctrl (sam_pwent, ACB_WSTRUST); - pdb_set_group_rid(sam_pwent, DOMAIN_GROUP_RID_COMPUTERS); + pdb_set_group_sid_from_rid(sam_pwent, DOMAIN_GROUP_RID_COMPUTERS); - if (pdb_add_sam_account (sam_pwent)) { - print_user_info (name, True, False); + if (in->pdb_add_sam_account (in, sam_pwent)) { + print_user_info (in, name, True, False); } else { fprintf (stderr, "Unable to add machine! (does it already exist?)\n"); pdb_free_sam (&sam_pwent); @@ -322,7 +350,7 @@ static int new_machine (char *machinename) Delete user entry **********************************************************/ -static int delete_user_entry (char *username) +static int delete_user_entry (struct pdb_context *in, char *username) { SAM_ACCOUNT *samaccount = NULL; @@ -330,19 +358,19 @@ static int delete_user_entry (char *username) return -1; } - if (!pdb_getsampwnam(samaccount, username)) { + if (!in->pdb_getsampwnam(in, samaccount, username)) { fprintf (stderr, "user %s does not exist in the passdb\n", username); return -1; } - return pdb_delete_sam_account (samaccount); + return in->pdb_delete_sam_account (in, samaccount); } /********************************************************* Delete machine entry **********************************************************/ -static int delete_machine_entry (char *machinename) +static int delete_machine_entry (struct pdb_context *in, char *machinename) { char name[16]; SAM_ACCOUNT *samaccount = NULL; @@ -355,189 +383,12 @@ static int delete_machine_entry (char *machinename) return -1; } - if (!pdb_getsampwnam(samaccount, name)) { + if (!in->pdb_getsampwnam(in, samaccount, name)) { fprintf (stderr, "user %s does not exist in the passdb\n", name); return -1; } - return pdb_delete_sam_account (samaccount); -} - -/********************************************************* - Import smbpasswd style file -**********************************************************/ - -static int import_users (char *filename) -{ - FILE *fp = NULL; - SAM_ACCOUNT *sam_pwent = NULL; - static pstring user_name; - static unsigned char smbpwd[16]; - static unsigned char smbntpwd[16]; - char linebuf[256]; - size_t linebuf_len; - unsigned char c; - unsigned char *p; - long uidval; - int line = 0; - int good = 0; - struct passwd *pwd; - - if((fp = sys_fopen(filename, "rb")) == NULL) { - fprintf (stderr, "%s\n", strerror (ferror (fp))); - return -1; - } - - while (!feof(fp)) { - /*Get a new line*/ - linebuf[0] = '\0'; - fgets(linebuf, 256, fp); - if (ferror(fp)) { - fprintf (stderr, "%s\n", strerror (ferror (fp))); - return -1; - } - if ((linebuf_len = strlen(linebuf)) == 0) { - line++; - continue; - } - if (linebuf[linebuf_len - 1] != '\n') { - c = '\0'; - while (!ferror(fp) && !feof(fp)) { - c = fgetc(fp); - if (c == '\n') break; - } - } else - linebuf[linebuf_len - 1] = '\0'; - linebuf[linebuf_len] = '\0'; - if ((linebuf[0] == 0) && feof(fp)) { - /*end of file!!*/ - return 0; - } - line++; - if (linebuf[0] == '#' || linebuf[0] == '\0') - continue; - - /* Get user name */ - p = (unsigned char *) strchr_m(linebuf, ':'); - if (p == NULL) { - fprintf (stderr, "Error: malformed password entry at line %d !!\n", line); - continue; - } - strncpy(user_name, linebuf, PTR_DIFF(p, linebuf)); - user_name[PTR_DIFF(p, linebuf)] = '\0'; - - /* Get smb uid. */ - p++; - if(*p == '-') { - fprintf (stderr, "Error: negative uid at line %d\n", line); - continue; - } - if (!isdigit(*p)) { - fprintf (stderr, "Error: malformed password entry at line %d (uid not number)\n", line); - continue; - } - uidval = atoi((char *) p); - while (*p && isdigit(*p)) p++; - if (*p != ':') { - fprintf (stderr, "Error: malformed password entry at line %d (no : after uid)\n", line); - continue; - } - if(!(pwd = sys_getpwnam(user_name))) { - fprintf(stderr, "User %s does not \ -exist in system password file (usually /etc/passwd). Cannot add \ -account without a valid local system user.\n", user_name); - return False; - } - - if (!NT_STATUS_IS_OK(pdb_init_sam_pw(&sam_pwent, pwd))) { - fprintf(stderr, "Failed initialise SAM_ACCOUNT for user %s.\n", user_name); - return False; - } - - /* Get passwords */ - p++; - if (*p == '*' || *p == 'X') { - /* Password deliberately invalid */ - fprintf (stderr, "Warning: entry invalidated for user %s\n", user_name); - pdb_set_lanman_passwd(sam_pwent, NULL); - pdb_set_nt_passwd(sam_pwent,NULL); - pdb_set_acct_ctrl(sam_pwent, pdb_get_acct_ctrl(sam_pwent) | ACB_DISABLED); - } else { - if (linebuf_len < (PTR_DIFF(p, linebuf) + 33)) { - fprintf (stderr, "Error: malformed password entry at line %d (password too short)\n",line); - pdb_free_sam (&sam_pwent); - continue; - } - if (p[32] != ':') { - fprintf (stderr, "Error: malformed password entry at line %d (no terminating :)\n",line); - pdb_free_sam (&sam_pwent); - continue; - } - if (!strncasecmp((char *) p, "NO PASSWORD", 11)) { - pdb_set_lanman_passwd(sam_pwent, NULL); - pdb_set_acct_ctrl(sam_pwent, pdb_get_acct_ctrl(sam_pwent) | ACB_PWNOTREQ); - } else { - if (!pdb_gethexpwd((char *)p, smbpwd)) { - fprintf (stderr, "Error: malformed Lanman password entry at line %d (non hex chars)\n", line); - pdb_free_sam (&sam_pwent); - continue; - } - pdb_set_lanman_passwd(sam_pwent, smbpwd); - } - /* NT password */ - p += 33; - if ((linebuf_len >= (PTR_DIFF(p, linebuf) + 33)) && (p[32] == ':')) { - if (*p != '*' && *p != 'X') { - if (pdb_gethexpwd((char *)p,smbntpwd)) { - pdb_set_nt_passwd(sam_pwent, smbntpwd); - } - } - p += 33; - } - } - - /* Get ACCT_CTRL field if any */ - if (*p == '[') { - uint16 acct_ctrl; - unsigned char *end_p = (unsigned char *)strchr_m((char *)p, ']'); - - acct_ctrl = pdb_decode_acct_ctrl((char*)p); - if (acct_ctrl) - acct_ctrl = ACB_NORMAL; - - pdb_set_acct_ctrl(sam_pwent, acct_ctrl); - - /* Get last change time */ - if(end_p) - p = end_p + 1; - if(*p == ':') { - p++; - if(*p && (StrnCaseCmp((char *)p, "LCT-", 4)==0)) { - int i; - - p += 4; - for(i = 0; i < 8; i++) { - if(p[i] == '\0' || !isxdigit(p[i])) break; - } - if(i == 8) { - pdb_set_pass_last_set_time (sam_pwent, (time_t)strtol((char *)p, NULL, 16)); - } - } - } - } - - /* Now ADD the entry */ - if (!(pdb_add_sam_account (sam_pwent))) { - fprintf (stderr, "Unable to add user entry!\n"); - pdb_free_sam (&sam_pwent); - continue; - } - printf ("%s imported!\n", user_name); - good++; - pdb_free_sam (&sam_pwent); - } - printf ("%d lines read.\n%d entryes imported\n", line, good); - return 0; + return in->pdb_delete_sam_account (in, samaccount); } /********************************************************* @@ -546,102 +397,85 @@ account without a valid local system user.\n", user_name); int main (int argc, char **argv) { - int ch; - BOOL list_users = False; - BOOL verbose = False; - BOOL spstyle = False; - BOOL setparms = False; - BOOL machine = False; - BOOL add_user = False; - BOOL delete_user = False; - BOOL import = False; - char *user_name = NULL; - char *full_name = NULL; - char *home_dir = NULL; - char *home_drive = NULL; - char *logon_script = NULL; - char *profile_path = NULL; - char *smbpasswd = NULL; + static BOOL list_users = False; + static BOOL verbose = False; + static BOOL spstyle = False; + static BOOL setparms = False; + static BOOL machine = False; + static BOOL add_user = False; + static BOOL delete_user = False; + static BOOL import = False; + int opt; + static char *full_name = NULL; + static char *user_name = NULL; + static char *home_dir = NULL; + static char *home_drive = NULL; + static char *backend_in = NULL; + static char *backend_out = NULL; + static char *logon_script = NULL; + static char *profile_path = NULL; + static char *config_file = dyn_CONFIGFILE; + static char *new_debuglevel = NULL; + + struct pdb_context *in; + poptContext pc; + struct poptOption long_options[] = { + POPT_AUTOHELP + {"list", 'l',POPT_ARG_VAL, &list_users, 1, "list all users", NULL}, + {"verbose", 'v',POPT_ARG_VAL, &verbose, 1, "be verbose", NULL }, + {"smbpasswd-style", 'w',POPT_ARG_VAL, &spstyle, 1, "give output in smbpasswd style", NULL}, + {"user", 'u',POPT_ARG_STRING,&user_name, 0, "use username", "USER" }, + {"fullname", 'f',POPT_ARG_STRING,&full_name, 0, "set full name", NULL}, + {"homedir", 'h',POPT_ARG_STRING,&home_dir, 0, "set home directory", NULL}, + {"drive", 'd',POPT_ARG_STRING,&home_drive, 0, "set home drive", NULL}, + {"script", 's',POPT_ARG_STRING,&logon_script, 0, "set logon script", NULL}, + {"profile", 'p',POPT_ARG_STRING,&profile_path, 0, "set profile path", NULL}, + {"create", 'a',POPT_ARG_VAL,&add_user, 1, "create user", NULL}, + {"machine", 'm',POPT_ARG_VAL,&machine, 1,"account is a machine account",NULL}, + {"delete", 'x',POPT_ARG_VAL,&delete_user,1,"delete user",NULL}, + {"import", 'i',POPT_ARG_STRING,&backend_in,0,"use different passdb backend",NULL}, + {"export", 'e',POPT_ARG_STRING,&backend_out,0,"export user accounts to backend", NULL}, + {"debuglevel",'D', POPT_ARG_STRING, &new_debuglevel,0,"set debuglevel",NULL}, + {"configfile",'c',POPT_ARG_STRING, &config_file,0,"use different configuration file",NULL}, + {0,0,0,0} + }; setup_logging("pdbedit", True); - if (argc < 2) { - usage(); - return 0; + pc = poptGetContext(NULL, argc, (const char **) argv, long_options, + POPT_CONTEXT_KEEP_FIRST); + + while((opt = poptGetNextOpt(pc)) != -1); + + if (new_debuglevel){ + debug_parse_levels(new_debuglevel); + AllowDebugChange = False; } - - DEBUGLEVEL = 1; - AllowDebugChange = False; - if (!lp_load(dyn_CONFIGFILE,True,False,False)) { + if (!lp_load(config_file,True,False,False)) { fprintf(stderr, "Can't load %s - run testparm to debug it\n", - dyn_CONFIGFILE); + config_file); exit(1); } - - if(!initialize_password_db(True)) { - fprintf(stderr, "Can't setup password database vectors.\n"); + + + setparms = (full_name || home_dir || home_drive || logon_script || profile_path); + + if (((add_user?1:0) + (delete_user?1:0) + (list_users?1:0) + (import?1:0) + (setparms?1:0)) + (backend_out?1:0) > 1) { + fprintf (stderr, "Incompatible options on command line!\n"); exit(1); } - - while ((ch = getopt(argc, argv, "ad:f:h:i:lmp:s:u:vwxD:")) != EOF) { - switch(ch) { - case 'a': - add_user = True; - break; - case 'm': - machine = True; - break; - case 'l': - list_users = True; - break; - case 'v': - verbose = True; - break; - case 'w': - spstyle = True; - break; - case 'u': - user_name = optarg; - break; - case 'f': - setparms = True; - full_name = optarg; - break; - case 'h': - setparms = True; - home_dir = optarg; - break; - case 'd': - setparms = True; - home_drive = optarg; - break; - case 's': - setparms = True; - logon_script = optarg; - break; - case 'p': - setparms = True; - profile_path = optarg; - break; - case 'x': - delete_user = True; - break; - case 'i': - import = True; - smbpasswd = optarg; - break; - case 'D': - DEBUGLEVEL = atoi(optarg); - break; - default: - usage(); + + if (!backend_in) { + if (!NT_STATUS_IS_OK(make_pdb_context_list(&in, lp_passdb_backend()))){ + fprintf(stderr, "Can't initialize passdb backend.\n"); + return 1; + } + } else { + if (!NT_STATUS_IS_OK(make_pdb_context_string(&in, backend_in))){ + fprintf(stderr, "Can't initialize passdb backend.\n"); + return 1; } - } - if (((add_user?1:0) + (delete_user?1:0) + (list_users?1:0) + (import?1:0) + (setparms?1:0)) > 1) { - fprintf (stderr, "Incompatible options on command line!\n"); - usage(); - exit(1); } if (add_user) { @@ -650,9 +484,11 @@ int main (int argc, char **argv) return -1; } if (machine) - return new_machine (user_name); + return new_machine (in, user_name); else - return new_user (user_name, full_name, home_dir, home_drive, logon_script, profile_path); + return new_user (in, user_name, full_name, home_dir, + home_drive, logon_script, + profile_path); } if (delete_user) { @@ -661,32 +497,32 @@ int main (int argc, char **argv) return -1; } if (machine) - return delete_machine_entry (user_name); + return delete_machine_entry (in, user_name); else - return delete_user_entry (user_name); + return delete_user_entry (in, user_name); } - + if (user_name) { if (setparms) - set_user_info ( user_name, full_name, - home_dir, - home_drive, - logon_script, - profile_path); + return set_user_info (in, user_name, full_name, + home_dir, + home_drive, + logon_script, + profile_path); else - return print_user_info (user_name, verbose, spstyle); - - return 0; + return print_user_info (in, user_name, verbose, + spstyle); } - if (list_users) - return print_users_list (verbose, spstyle); - - if (import) - return import_users (smbpasswd); - - usage(); + return print_users_list (in, verbose, spstyle); - return 0; + if (backend_out) + return export_database(in, backend_out); + + poptPrintHelp(pc, stderr, 0); + + return 1; } + + -- cgit From f0255b38bc17f4da9a63b2be4c3ce505688e933e Mon Sep 17 00:00:00 2001 From: Jelmer Vernooij Date: Sat, 17 Aug 2002 14:45:04 +0000 Subject: sync 3.0 branch with HEAD (This used to be commit 1b83b78e332b9d28914eff155530e81cf2073a58) --- source3/utils/pdbedit.c | 316 ++++++++++++++++++++++++++++++++++-------------- 1 file changed, 226 insertions(+), 90 deletions(-) (limited to 'source3/utils/pdbedit.c') diff --git a/source3/utils/pdbedit.c b/source3/utils/pdbedit.c index b30ab6f38e..51dbbb98c0 100644 --- a/source3/utils/pdbedit.c +++ b/source3/utils/pdbedit.c @@ -23,6 +23,35 @@ #include "includes.h" +#define BIT_CONFIGFILE 0x00000001 +#define BIT_DEBUGLEVEL 0x00000002 +#define BIT_BACKEND 0x00000004 +#define BIT_VERBOSE 0x00000008 +#define BIT_SPSTYLE 0x00000010 +#define BIT_RESERV_1 0x00000020 +#define BIT_RESERV_2 0x00000040 +#define BIT_RESERV_3 0x00000080 +#define BIT_FULLNAME 0x00000100 +#define BIT_HOMEDIR 0x00000200 +#define BIT_HDIRDRIVE 0x00000400 +#define BIT_LOGSCRIPT 0x00000800 +#define BIT_PROFILE 0x00001000 +#define BIT_MACHINE 0x00002000 +#define BIT_RESERV_4 0x00004000 +#define BIT_USER 0x00008000 +#define BIT_LIST 0x00010000 +#define BIT_MODIFY 0x00020000 +#define BIT_CREATE 0x00040000 +#define BIT_DELETE 0x00080000 +#define BIT_ACCPOLICY 0x00100000 +#define BIT_ACCPOLVAL 0x00200000 +#define BIT_RESERV_6 0x00400000 +#define BIT_RESERV_7 0x00800000 +#define BIT_IMPORT 0x01000000 +#define BIT_EXPORT 0x02000000 + +#define MASK_ALWAYS_GOOD 0x0000001F +#define MASK_USER_GOOD 0x00001F00 extern pstring global_myname; extern BOOL AllowDebugChange; @@ -30,27 +59,21 @@ extern BOOL AllowDebugChange; Add all currently available users to another db ********************************************************/ -int export_database (struct pdb_context *in, char *db){ - struct pdb_context *context; +static int export_database (struct pdb_context *in, struct pdb_context *out) { SAM_ACCOUNT *user = NULL; - if (!NT_STATUS_IS_OK(make_pdb_context_string(&context, db))){ - fprintf(stderr, "Can't initialize %s.\n", db); - return 1; - } - - if (!in->pdb_setsampwent(in, 0)){ + if (!in->pdb_setsampwent(in, 0)) { fprintf(stderr, "Can't sampwent!\n"); return 1; } - if (!NT_STATUS_IS_OK(pdb_init_sam(&user))){ + if (!NT_STATUS_IS_OK(pdb_init_sam(&user))) { fprintf(stderr, "Can't initialize new SAM_ACCOUNT!\n"); return 1; } - while (in->pdb_getsampwent(in,user)){ - context->pdb_add_sam_account(context,user); + while (in->pdb_getsampwent(in, user)) { + out->pdb_add_sam_account(out, user); if (!NT_STATUS_IS_OK(pdb_reset_sam(user))){ fprintf(stderr, "Can't reset SAM_ACCOUNT!\n"); return 1; @@ -91,7 +114,7 @@ static int print_sam_info (SAM_ACCOUNT *sam_pwent, BOOL verbosity, BOOL smbpwdst sid_string_static(pdb_get_group_sid(sam_pwent))); printf ("Full Name: %s\n", pdb_get_fullname(sam_pwent)); printf ("Home Directory: %s\n", pdb_get_homedir(sam_pwent)); - printf ("HomeDir Drive: %s\n", pdb_get_dirdrive(sam_pwent)); + printf ("HomeDir Drive: %s\n", pdb_get_dir_drive(sam_pwent)); printf ("Logon Script: %s\n", pdb_get_logon_script(sam_pwent)); printf ("Profile Path: %s\n", pdb_get_profile_path(sam_pwent)); printf ("Domain: %s\n", pdb_get_domain(sam_pwent)); @@ -255,7 +278,7 @@ static int new_user (struct pdb_context *in, char *username, char *fullname, cha { SAM_ACCOUNT *sam_pwent=NULL; struct passwd *pwd = NULL; - char *password1, *password2; + char *password1, *password2, *staticpass; ZERO_STRUCT(sam_pwent); @@ -270,15 +293,27 @@ static int new_user (struct pdb_context *in, char *username, char *fullname, cha } } - password1 = getpass("new password:"); - password2 = getpass("retype new password:"); + staticpass = getpass("new password:"); + password1 = strdup(staticpass); + memset(staticpass, 0, strlen(staticpass)); + staticpass = getpass("retype new password:"); + password2 = strdup(staticpass); + memset(staticpass, 0, strlen(staticpass)); if (strcmp (password1, password2)) { - fprintf (stderr, "Passwords does not match!\n"); - pdb_free_sam (&sam_pwent); - return -1; + fprintf (stderr, "Passwords does not match!\n"); + memset(password1, 0, strlen(password1)); + SAFE_FREE(password1); + memset(password2, 0, strlen(password2)); + SAFE_FREE(password2); + pdb_free_sam (&sam_pwent); + return -1; } pdb_set_plaintext_passwd(sam_pwent, password1); + memset(password1, 0, strlen(password1)); + SAFE_FREE(password1); + memset(password2, 0, strlen(password2)); + SAFE_FREE(password2); if (fullname) pdb_set_fullname(sam_pwent, fullname); @@ -384,7 +419,7 @@ static int delete_machine_entry (struct pdb_context *in, char *machinename) } if (!in->pdb_getsampwnam(in, samaccount, name)) { - fprintf (stderr, "user %s does not exist in the passdb\n", name); + fprintf (stderr, "machine %s does not exist in the passdb\n", name); return -1; } @@ -400,129 +435,230 @@ int main (int argc, char **argv) static BOOL list_users = False; static BOOL verbose = False; static BOOL spstyle = False; - static BOOL setparms = False; static BOOL machine = False; static BOOL add_user = False; static BOOL delete_user = False; - static BOOL import = False; + static BOOL modify_user = False; + uint32 setparms, checkparms; int opt; static char *full_name = NULL; static char *user_name = NULL; static char *home_dir = NULL; static char *home_drive = NULL; + static char *backend = NULL; static char *backend_in = NULL; static char *backend_out = NULL; static char *logon_script = NULL; static char *profile_path = NULL; static char *config_file = dyn_CONFIGFILE; static char *new_debuglevel = NULL; + static char *account_policy = NULL; + static long int account_policy_value = 0; + BOOL account_policy_value_set = False; - struct pdb_context *in; + struct pdb_context *bin; + struct pdb_context *bout; + struct pdb_context *bdef; poptContext pc; struct poptOption long_options[] = { POPT_AUTOHELP - {"list", 'l',POPT_ARG_VAL, &list_users, 1, "list all users", NULL}, - {"verbose", 'v',POPT_ARG_VAL, &verbose, 1, "be verbose", NULL }, - {"smbpasswd-style", 'w',POPT_ARG_VAL, &spstyle, 1, "give output in smbpasswd style", NULL}, - {"user", 'u',POPT_ARG_STRING,&user_name, 0, "use username", "USER" }, - {"fullname", 'f',POPT_ARG_STRING,&full_name, 0, "set full name", NULL}, - {"homedir", 'h',POPT_ARG_STRING,&home_dir, 0, "set home directory", NULL}, - {"drive", 'd',POPT_ARG_STRING,&home_drive, 0, "set home drive", NULL}, - {"script", 's',POPT_ARG_STRING,&logon_script, 0, "set logon script", NULL}, - {"profile", 'p',POPT_ARG_STRING,&profile_path, 0, "set profile path", NULL}, - {"create", 'a',POPT_ARG_VAL,&add_user, 1, "create user", NULL}, - {"machine", 'm',POPT_ARG_VAL,&machine, 1,"account is a machine account",NULL}, - {"delete", 'x',POPT_ARG_VAL,&delete_user,1,"delete user",NULL}, - {"import", 'i',POPT_ARG_STRING,&backend_in,0,"use different passdb backend",NULL}, - {"export", 'e',POPT_ARG_STRING,&backend_out,0,"export user accounts to backend", NULL}, - {"debuglevel",'D', POPT_ARG_STRING, &new_debuglevel,0,"set debuglevel",NULL}, - {"configfile",'c',POPT_ARG_STRING, &config_file,0,"use different configuration file",NULL}, + {"list", 'l', POPT_ARG_NONE, &list_users, 0, "list all users", NULL}, + {"verbose", 'v', POPT_ARG_NONE, &verbose, 0, "be verbose", NULL }, + {"smbpasswd-style", 'w',POPT_ARG_NONE, &spstyle, 0, "give output in smbpasswd style", NULL}, + {"user", 'u', POPT_ARG_STRING, &user_name, 0, "use username", "USER" }, + {"fullname", 'f', POPT_ARG_STRING, &full_name, 0, "set full name", NULL}, + {"homedir", 'h', POPT_ARG_STRING, &home_dir, 0, "set home directory", NULL}, + {"drive", 'd', POPT_ARG_STRING, &home_drive, 0, "set home drive", NULL}, + {"script", 's', POPT_ARG_STRING, &logon_script, 0, "set logon script", NULL}, + {"profile", 'p', POPT_ARG_STRING, &profile_path, 0, "set profile path", NULL}, + {"create", 'a', POPT_ARG_NONE, &add_user, 0, "create user", NULL}, + {"modify", 'r', POPT_ARG_NONE, &modify_user, 0, "modify user", NULL}, + {"machine", 'm', POPT_ARG_NONE, &machine, 0, "account is a machine account", NULL}, + {"delete", 'x', POPT_ARG_NONE, &delete_user, 0, "delete user", NULL}, + {"backend", 'b', POPT_ARG_STRING, &backend, 0, "use different passdb backend as default backend", NULL}, + {"import", 'i', POPT_ARG_STRING, &backend_in, 0, "import user accounts from this backend", NULL}, + {"export", 'e', POPT_ARG_STRING, &backend_out, 0, "export user accounts to this backend", NULL}, + {"debuglevel", 'D', POPT_ARG_STRING, &new_debuglevel, 0,"set debuglevel",NULL}, + {"configfile", 'c', POPT_ARG_STRING, &config_file, 0,"use different configuration file",NULL}, + {"account-policy", 'P', POPT_ARG_STRING, &account_policy, 0,"value of an account policy (like maximum password age)",NULL}, + {"value", 'V', POPT_ARG_LONG, &account_policy_value, 'V',"set the account policy to this value", NULL}, {0,0,0,0} }; - + setup_logging("pdbedit", True); - + pc = poptGetContext(NULL, argc, (const char **) argv, long_options, - POPT_CONTEXT_KEEP_FIRST); - - while((opt = poptGetNextOpt(pc)) != -1); - - if (new_debuglevel){ + POPT_CONTEXT_KEEP_FIRST); + + while((opt = poptGetNextOpt(pc)) != -1) { + switch (opt) { + case 'V': + account_policy_value_set = True; + break; + } + } + + if (new_debuglevel) { debug_parse_levels(new_debuglevel); AllowDebugChange = False; } - + if (!lp_load(config_file,True,False,False)) { - fprintf(stderr, "Can't load %s - run testparm to debug it\n", - config_file); + fprintf(stderr, "Can't load %s - run testparm to debug it\n", config_file); exit(1); } - - setparms = (full_name || home_dir || home_drive || logon_script || profile_path); - - if (((add_user?1:0) + (delete_user?1:0) + (list_users?1:0) + (import?1:0) + (setparms?1:0)) + (backend_out?1:0) > 1) { - fprintf (stderr, "Incompatible options on command line!\n"); - exit(1); - } - - if (!backend_in) { - if (!NT_STATUS_IS_OK(make_pdb_context_list(&in, lp_passdb_backend()))){ + setparms = (config_file ? BIT_CONFIGFILE : 0) + + (new_debuglevel ? BIT_DEBUGLEVEL : 0) + + (backend ? BIT_BACKEND : 0) + + (verbose ? BIT_VERBOSE : 0) + + (spstyle ? BIT_SPSTYLE : 0) + + (full_name ? BIT_FULLNAME : 0) + + (home_dir ? BIT_HOMEDIR : 0) + + (home_drive ? BIT_HDIRDRIVE : 0) + + (logon_script ? BIT_LOGSCRIPT : 0) + + (profile_path ? BIT_PROFILE : 0) + + (machine ? BIT_MACHINE : 0) + + (user_name ? BIT_USER : 0) + + (list_users ? BIT_LIST : 0) + + (modify_user ? BIT_MODIFY : 0) + + (add_user ? BIT_CREATE : 0) + + (delete_user ? BIT_DELETE : 0) + + (account_policy ? BIT_ACCPOLICY : 0) + + (account_policy_value_set ? BIT_ACCPOLVAL : 0) + + (backend_in ? BIT_IMPORT : 0) + + (backend_out ? BIT_EXPORT : 0); + + if (setparms & BIT_BACKEND) { + if (!NT_STATUS_IS_OK(make_pdb_context_string(&bdef, backend))) { fprintf(stderr, "Can't initialize passdb backend.\n"); return 1; } } else { - if (!NT_STATUS_IS_OK(make_pdb_context_string(&in, backend_in))){ + if (!NT_STATUS_IS_OK(make_pdb_context_list(&bdef, lp_passdb_backend()))) { fprintf(stderr, "Can't initialize passdb backend.\n"); return 1; } } + + /* the lowest bit options are always accepted */ + checkparms = setparms & ~MASK_ALWAYS_GOOD; + + /* accoun tpolicy operations */ + if ((checkparms & BIT_ACCPOLICY) && !(checkparms & ~(BIT_ACCPOLICY + BIT_ACCPOLVAL))) { + uint32 value; + int field = account_policy_name_to_fieldnum(account_policy); + if (field == 0) { + fprintf(stderr, "No account policy by that name\n"); + exit(1); + } + if (!account_policy_get(field, &value)) { + fprintf(stderr, "valid account policy, but unable to fetch value!\n"); + exit(1); + } + if (account_policy_value_set) { + printf("account policy value for %s was %u\n", account_policy, value); + if (!account_policy_set(field, account_policy_value)) { + fprintf(stderr, "valid account policy, but unable to set value!\n"); + exit(1); + } + printf("account policy value for %s is now %lu\n", account_policy, account_policy_value); + exit(0); + } else { + printf("account policy value for %s is %u\n", account_policy, value); + exit(0); + } + } - if (add_user) { - if (!user_name) { - fprintf (stderr, "Username not specified! (use -u option)\n"); - return -1; + /* import and export operations */ + if (((checkparms & BIT_IMPORT) || (checkparms & BIT_EXPORT)) + && !(checkparms & ~(BIT_IMPORT +BIT_EXPORT))) { + if (backend_in) { + if (!NT_STATUS_IS_OK(make_pdb_context_string(&bin, backend_in))) { + fprintf(stderr, "Can't initialize passdb backend.\n"); + return 1; + } + } else { + bin = bdef; } - if (machine) - return new_machine (in, user_name); - else - return new_user (in, user_name, full_name, home_dir, - home_drive, logon_script, - profile_path); + if (backend_out) { + if (!NT_STATUS_IS_OK(make_pdb_context_string(&bout, backend_out))) { + fprintf(stderr, "Can't initialize %s.\n", backend_out); + return 1; + } + } else { + bout = bdef; + } + return export_database(bin, bout); } - if (delete_user) { - if (!user_name) { + /* if BIT_USER is defined but nothing else then threat it as -l -u for compatibility */ + /* fake up BIT_LIST if only BIT_USER is defined */ + if ((checkparms & BIT_USER) && !(checkparms & ~BIT_USER)) { + checkparms += BIT_LIST; + } + + /* modify flag is optional to maintain backwards compatibility */ + /* fake up BIT_MODIFY if BIT_USER and at least one of MASK_USER_GOOD is defined */ + if (!((checkparms & ~MASK_USER_GOOD) & ~BIT_USER) && (checkparms & MASK_USER_GOOD)) { + checkparms += BIT_MODIFY; + } + + /* list users operations */ + if (checkparms & BIT_LIST) { + if (!(checkparms & ~BIT_LIST)) { + return print_users_list (bdef, verbose, spstyle); + } + if (!(checkparms & ~(BIT_USER + BIT_LIST))) { + return print_user_info (bdef, user_name, verbose, spstyle); + } + } + + /* mask out users options */ + checkparms &= ~MASK_USER_GOOD; + + /* account operation */ + if ((checkparms & BIT_CREATE) || (checkparms & BIT_MODIFY) || (checkparms & BIT_DELETE)) { + /* check use of -u option */ + if (!(checkparms & BIT_USER)) { fprintf (stderr, "Username not specified! (use -u option)\n"); return -1; } - if (machine) - return delete_machine_entry (in, user_name); - else - return delete_user_entry (in, user_name); - } - if (user_name) { - if (setparms) - return set_user_info (in, user_name, full_name, + /* account creation operations */ + if (!(checkparms & ~(BIT_CREATE + BIT_USER + BIT_MACHINE))) { + if (checkparms & BIT_MACHINE) { + return new_machine (bdef, user_name); + } else { + return new_user (bdef, user_name, full_name, home_dir, + home_drive, logon_script, + profile_path); + } + } + + /* account deletion operations */ + if (!(checkparms & ~(BIT_DELETE + BIT_USER + BIT_MACHINE))) { + if (checkparms & BIT_MACHINE) { + return delete_machine_entry (bdef, user_name); + } else { + return delete_user_entry (bdef, user_name); + } + } + + /* account modification operations */ + if (!(checkparms & ~(BIT_MODIFY + BIT_USER))) { + return set_user_info (bdef, user_name, full_name, home_dir, home_drive, logon_script, profile_path); - else - return print_user_info (in, user_name, verbose, - spstyle); + } } - if (list_users) - return print_users_list (in, verbose, spstyle); - - if (backend_out) - return export_database(in, backend_out); - + if (setparms >= 0x20) { + fprintf (stderr, "Incompatible or insufficient options on command line!\n"); + } poptPrintHelp(pc, stderr, 0); return 1; } - - -- cgit From a834a73e341059be154426390304a42e4a011f72 Mon Sep 17 00:00:00 2001 From: Gerald Carter Date: Wed, 25 Sep 2002 15:19:00 +0000 Subject: sync'ing up for 3.0alpha20 release (This used to be commit 65e7b5273bb58802bf0c389b77f7fcae0a1f6139) --- source3/utils/pdbedit.c | 13 ++++++++++++- 1 file changed, 12 insertions(+), 1 deletion(-) (limited to 'source3/utils/pdbedit.c') diff --git a/source3/utils/pdbedit.c b/source3/utils/pdbedit.c index 51dbbb98c0..7c61e6d8be 100644 --- a/source3/utils/pdbedit.c +++ b/source3/utils/pdbedit.c @@ -508,6 +508,17 @@ int main (int argc, char **argv) exit(1); } + if (!*global_myname) { + char *p2; + + pstrcpy(global_myname, myhostname()); + p2 = strchr_m(global_myname, '.'); + if (p2) + *p2 = 0; + } + + strupper(global_myname); + setparms = (config_file ? BIT_CONFIGFILE : 0) + (new_debuglevel ? BIT_DEBUGLEVEL : 0) + (backend ? BIT_BACKEND : 0) + @@ -544,7 +555,7 @@ int main (int argc, char **argv) /* the lowest bit options are always accepted */ checkparms = setparms & ~MASK_ALWAYS_GOOD; - /* accoun tpolicy operations */ + /* account policy operations */ if ((checkparms & BIT_ACCPOLICY) && !(checkparms & ~(BIT_ACCPOLICY + BIT_ACCPOLVAL))) { uint32 value; int field = account_policy_name_to_fieldnum(account_policy); -- cgit From 7d1eb6f7b62300e2f0a84f045f5885118c6ffa1b Mon Sep 17 00:00:00 2001 From: Gerald Carter Date: Thu, 26 Sep 2002 18:58:34 +0000 Subject: sync with HEAD (This used to be commit ee9cbf58071adb627a49a94c6340aaba330486b5) --- source3/utils/pdbedit.c | 26 +++++++++++++------------- 1 file changed, 13 insertions(+), 13 deletions(-) (limited to 'source3/utils/pdbedit.c') diff --git a/source3/utils/pdbedit.c b/source3/utils/pdbedit.c index 7c61e6d8be..6942779556 100644 --- a/source3/utils/pdbedit.c +++ b/source3/utils/pdbedit.c @@ -62,7 +62,7 @@ extern BOOL AllowDebugChange; static int export_database (struct pdb_context *in, struct pdb_context *out) { SAM_ACCOUNT *user = NULL; - if (!in->pdb_setsampwent(in, 0)) { + if (NT_STATUS_IS_ERR(in->pdb_setsampwent(in, 0))) { fprintf(stderr, "Can't sampwent!\n"); return 1; } @@ -72,7 +72,7 @@ static int export_database (struct pdb_context *in, struct pdb_context *out) { return 1; } - while (in->pdb_getsampwent(in, user)) { + while (NT_STATUS_IS_OK(in->pdb_getsampwent(in, user))) { out->pdb_add_sam_account(out, user); if (!NT_STATUS_IS_OK(pdb_reset_sam(user))){ fprintf(stderr, "Can't reset SAM_ACCOUNT!\n"); @@ -188,7 +188,7 @@ static int print_user_info (struct pdb_context *in, char *username, BOOL verbosi return -1; } - ret = in->pdb_getsampwnam (in, sam_pwent, username); + ret = NT_STATUS_IS_OK(in->pdb_getsampwnam (in, sam_pwent, username)); if (ret==False) { fprintf (stderr, "Username not found!\n"); @@ -210,7 +210,7 @@ static int print_users_list (struct pdb_context *in, BOOL verbosity, BOOL smbpwd SAM_ACCOUNT *sam_pwent=NULL; BOOL check, ret; - check = in->pdb_setsampwent(in, False); + check = NT_STATUS_IS_OK(in->pdb_setsampwent(in, False)); if (!check) { return 1; } @@ -218,7 +218,7 @@ static int print_users_list (struct pdb_context *in, BOOL verbosity, BOOL smbpwd check = True; if (!(NT_STATUS_IS_OK(pdb_init_sam(&sam_pwent)))) return 1; - while (check && (ret = in->pdb_getsampwent (in, sam_pwent))) { + while (check && (ret = NT_STATUS_IS_OK(in->pdb_getsampwent (in, sam_pwent)))) { if (verbosity) printf ("---------------\n"); print_sam_info (sam_pwent, verbosity, smbpwdstyle); @@ -242,7 +242,7 @@ static int set_user_info (struct pdb_context *in, char *username, char *fullname pdb_init_sam(&sam_pwent); - ret = in->pdb_getsampwnam (in, sam_pwent, username); + ret = NT_STATUS_IS_OK(in->pdb_getsampwnam (in, sam_pwent, username)); if (ret==False) { fprintf (stderr, "Username not found!\n"); pdb_free_sam(&sam_pwent); @@ -260,7 +260,7 @@ static int set_user_info (struct pdb_context *in, char *username, char *fullname if (profile) pdb_set_profile_path (sam_pwent, profile, True); - if (in->pdb_update_sam_account (in, sam_pwent)) + if (NT_STATUS_IS_OK(in->pdb_update_sam_account (in, sam_pwent))) print_user_info (in, username, True, False); else { fprintf (stderr, "Unable to modify entry!\n"); @@ -328,7 +328,7 @@ static int new_user (struct pdb_context *in, char *username, char *fullname, cha pdb_set_acct_ctrl (sam_pwent, ACB_NORMAL); - if (in->pdb_add_sam_account (in, sam_pwent)) { + if (NT_STATUS_IS_OK(in->pdb_add_sam_account (in, sam_pwent))) { print_user_info (in, username, True, False); } else { fprintf (stderr, "Unable to add user! (does it alredy exist?)\n"); @@ -370,7 +370,7 @@ static int new_machine (struct pdb_context *in, char *machinename) pdb_set_group_sid_from_rid(sam_pwent, DOMAIN_GROUP_RID_COMPUTERS); - if (in->pdb_add_sam_account (in, sam_pwent)) { + if (NT_STATUS_IS_OK(in->pdb_add_sam_account (in, sam_pwent))) { print_user_info (in, name, True, False); } else { fprintf (stderr, "Unable to add machine! (does it already exist?)\n"); @@ -393,12 +393,12 @@ static int delete_user_entry (struct pdb_context *in, char *username) return -1; } - if (!in->pdb_getsampwnam(in, samaccount, username)) { + if (NT_STATUS_IS_ERR(in->pdb_getsampwnam(in, samaccount, username))) { fprintf (stderr, "user %s does not exist in the passdb\n", username); return -1; } - return in->pdb_delete_sam_account (in, samaccount); + return NT_STATUS_IS_OK(in->pdb_delete_sam_account (in, samaccount)); } /********************************************************* @@ -418,12 +418,12 @@ static int delete_machine_entry (struct pdb_context *in, char *machinename) return -1; } - if (!in->pdb_getsampwnam(in, samaccount, name)) { + if (NT_STATUS_IS_ERR(in->pdb_getsampwnam(in, samaccount, name))) { fprintf (stderr, "machine %s does not exist in the passdb\n", name); return -1; } - return in->pdb_delete_sam_account (in, samaccount); + return NT_STATUS_IS_OK(in->pdb_delete_sam_account (in, samaccount)); } /********************************************************* -- cgit From 9b6cd7db775891d94f0b7358cb4b4bd0bfd90e53 Mon Sep 17 00:00:00 2001 From: Jelmer Vernooij Date: Mon, 28 Oct 2002 19:48:00 +0000 Subject: sync with head... (This used to be commit 9daaf667543c44f5e6c23f65d39810073bc12211) --- source3/utils/pdbedit.c | 32 +++++++++++++------------------- 1 file changed, 13 insertions(+), 19 deletions(-) (limited to 'source3/utils/pdbedit.c') diff --git a/source3/utils/pdbedit.c b/source3/utils/pdbedit.c index 6942779556..7f8348c65a 100644 --- a/source3/utils/pdbedit.c +++ b/source3/utils/pdbedit.c @@ -23,8 +23,6 @@ #include "includes.h" -#define BIT_CONFIGFILE 0x00000001 -#define BIT_DEBUGLEVEL 0x00000002 #define BIT_BACKEND 0x00000004 #define BIT_VERBOSE 0x00000008 #define BIT_SPSTYLE 0x00000010 @@ -53,7 +51,6 @@ #define MASK_ALWAYS_GOOD 0x0000001F #define MASK_USER_GOOD 0x00001F00 extern pstring global_myname; -extern BOOL AllowDebugChange; /********************************************************* Add all currently available users to another db @@ -450,8 +447,6 @@ int main (int argc, char **argv) static char *backend_out = NULL; static char *logon_script = NULL; static char *profile_path = NULL; - static char *config_file = dyn_CONFIGFILE; - static char *new_debuglevel = NULL; static char *account_policy = NULL; static long int account_policy_value = 0; BOOL account_policy_value_set = False; @@ -468,8 +463,8 @@ int main (int argc, char **argv) {"user", 'u', POPT_ARG_STRING, &user_name, 0, "use username", "USER" }, {"fullname", 'f', POPT_ARG_STRING, &full_name, 0, "set full name", NULL}, {"homedir", 'h', POPT_ARG_STRING, &home_dir, 0, "set home directory", NULL}, - {"drive", 'd', POPT_ARG_STRING, &home_drive, 0, "set home drive", NULL}, - {"script", 's', POPT_ARG_STRING, &logon_script, 0, "set logon script", NULL}, + {"drive", 'D', POPT_ARG_STRING, &home_drive, 0, "set home drive", NULL}, + {"script", 'S', POPT_ARG_STRING, &logon_script, 0, "set logon script", NULL}, {"profile", 'p', POPT_ARG_STRING, &profile_path, 0, "set profile path", NULL}, {"create", 'a', POPT_ARG_NONE, &add_user, 0, "create user", NULL}, {"modify", 'r', POPT_ARG_NONE, &modify_user, 0, "modify user", NULL}, @@ -478,10 +473,10 @@ int main (int argc, char **argv) {"backend", 'b', POPT_ARG_STRING, &backend, 0, "use different passdb backend as default backend", NULL}, {"import", 'i', POPT_ARG_STRING, &backend_in, 0, "import user accounts from this backend", NULL}, {"export", 'e', POPT_ARG_STRING, &backend_out, 0, "export user accounts to this backend", NULL}, - {"debuglevel", 'D', POPT_ARG_STRING, &new_debuglevel, 0,"set debuglevel",NULL}, - {"configfile", 'c', POPT_ARG_STRING, &config_file, 0,"use different configuration file",NULL}, {"account-policy", 'P', POPT_ARG_STRING, &account_policy, 0,"value of an account policy (like maximum password age)",NULL}, {"value", 'V', POPT_ARG_LONG, &account_policy_value, 'V',"set the account policy to this value", NULL}, + { NULL, 0, POPT_ARG_INCLUDE_TABLE, popt_common_debug }, + { NULL, 0, POPT_ARG_INCLUDE_TABLE, popt_common_configfile }, {0,0,0,0} }; @@ -497,14 +492,15 @@ int main (int argc, char **argv) break; } } - - if (new_debuglevel) { - debug_parse_levels(new_debuglevel); - AllowDebugChange = False; + + poptGetArg(pc); /* Drop argv[0], the program name */ + + if (user_name == NULL) { + user_name = poptGetArg(pc); } - - if (!lp_load(config_file,True,False,False)) { - fprintf(stderr, "Can't load %s - run testparm to debug it\n", config_file); + + if (!lp_load(dyn_CONFIGFILE,True,False,False)) { + fprintf(stderr, "Can't load %s - run testparm to debug it\n", dyn_CONFIGFILE); exit(1); } @@ -519,9 +515,7 @@ int main (int argc, char **argv) strupper(global_myname); - setparms = (config_file ? BIT_CONFIGFILE : 0) + - (new_debuglevel ? BIT_DEBUGLEVEL : 0) + - (backend ? BIT_BACKEND : 0) + + setparms = (backend ? BIT_BACKEND : 0) + (verbose ? BIT_VERBOSE : 0) + (spstyle ? BIT_SPSTYLE : 0) + (full_name ? BIT_FULLNAME : 0) + -- cgit From 6d7195d1d79c43f5ccc8dc4a9215c02177d5fa89 Mon Sep 17 00:00:00 2001 From: Andrew Bartlett Date: Sat, 2 Nov 2002 03:47:48 +0000 Subject: Merge passdb from HEAD -> 3.0 The work here includes: - metze' set/changed patch, which avoids making changes to ldap on unmodified attributes. - volker's group mapping in passdb patch - volker's samsync stuff - volkers SAMR changes. - mezte's connection caching patch - my recent changes (fix magic root check, ldap ssl) Andrew Bartlett (This used to be commit 2044d60bbe0043cdbb9aba931115672bde975d2f) --- source3/utils/pdbedit.c | 30 +++++++++++++++--------------- 1 file changed, 15 insertions(+), 15 deletions(-) (limited to 'source3/utils/pdbedit.c') diff --git a/source3/utils/pdbedit.c b/source3/utils/pdbedit.c index 7f8348c65a..1199dec7fb 100644 --- a/source3/utils/pdbedit.c +++ b/source3/utils/pdbedit.c @@ -247,15 +247,15 @@ static int set_user_info (struct pdb_context *in, char *username, char *fullname } if (fullname) - pdb_set_fullname(sam_pwent, fullname); + pdb_set_fullname(sam_pwent, fullname, PDB_CHANGED); if (homedir) - pdb_set_homedir(sam_pwent, homedir, True); + pdb_set_homedir(sam_pwent, homedir, PDB_CHANGED); if (drive) - pdb_set_dir_drive(sam_pwent,drive, True); + pdb_set_dir_drive(sam_pwent,drive, PDB_CHANGED); if (script) - pdb_set_logon_script(sam_pwent, script, True); + pdb_set_logon_script(sam_pwent, script, PDB_CHANGED); if (profile) - pdb_set_profile_path (sam_pwent, profile, True); + pdb_set_profile_path (sam_pwent, profile, PDB_CHANGED); if (NT_STATUS_IS_OK(in->pdb_update_sam_account (in, sam_pwent))) print_user_info (in, username, True, False); @@ -285,7 +285,7 @@ static int new_user (struct pdb_context *in, char *username, char *fullname, cha } else { fprintf (stderr, "WARNING: user %s does not exist in system passwd\n", username); pdb_init_sam(&sam_pwent); - if (!pdb_set_username(sam_pwent, username)) { + if (!pdb_set_username(sam_pwent, username, PDB_CHANGED)) { return False; } } @@ -313,17 +313,17 @@ static int new_user (struct pdb_context *in, char *username, char *fullname, cha SAFE_FREE(password2); if (fullname) - pdb_set_fullname(sam_pwent, fullname); + pdb_set_fullname(sam_pwent, fullname, PDB_CHANGED); if (homedir) - pdb_set_homedir (sam_pwent, homedir, True); + pdb_set_homedir (sam_pwent, homedir, PDB_CHANGED); if (drive) - pdb_set_dir_drive (sam_pwent, drive, True); + pdb_set_dir_drive (sam_pwent, drive, PDB_CHANGED); if (script) - pdb_set_logon_script(sam_pwent, script, True); + pdb_set_logon_script(sam_pwent, script, PDB_CHANGED); if (profile) - pdb_set_profile_path (sam_pwent, profile, True); + pdb_set_profile_path (sam_pwent, profile, PDB_CHANGED); - pdb_set_acct_ctrl (sam_pwent, ACB_NORMAL); + pdb_set_acct_ctrl (sam_pwent, ACB_NORMAL, PDB_CHANGED); if (NT_STATUS_IS_OK(in->pdb_add_sam_account (in, sam_pwent))) { print_user_info (in, username, True, False); @@ -361,11 +361,11 @@ static int new_machine (struct pdb_context *in, char *machinename) pdb_set_plaintext_passwd (sam_pwent, password); - pdb_set_username (sam_pwent, name); + pdb_set_username (sam_pwent, name, PDB_CHANGED); - pdb_set_acct_ctrl (sam_pwent, ACB_WSTRUST); + pdb_set_acct_ctrl (sam_pwent, ACB_WSTRUST, PDB_CHANGED); - pdb_set_group_sid_from_rid(sam_pwent, DOMAIN_GROUP_RID_COMPUTERS); + pdb_set_group_sid_from_rid(sam_pwent, DOMAIN_GROUP_RID_COMPUTERS, PDB_CHANGED); if (NT_STATUS_IS_OK(in->pdb_add_sam_account (in, sam_pwent))) { print_user_info (in, name, True, False); -- cgit From 2f194322d419350f35a48dff750066894d68eccf Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Tue, 12 Nov 2002 23:20:50 +0000 Subject: Removed global_myworkgroup, global_myname, global_myscope. Added liberal dashes of const. This is a rather large check-in, some things may break. It does compile though :-). Jeremy. (This used to be commit f755711df8f74f9b8e8c1a2b0d07d02a931eeb89) --- source3/utils/pdbedit.c | 17 ++++------------- 1 file changed, 4 insertions(+), 13 deletions(-) (limited to 'source3/utils/pdbedit.c') diff --git a/source3/utils/pdbedit.c b/source3/utils/pdbedit.c index 1199dec7fb..6a019e73d7 100644 --- a/source3/utils/pdbedit.c +++ b/source3/utils/pdbedit.c @@ -50,7 +50,6 @@ #define MASK_ALWAYS_GOOD 0x0000001F #define MASK_USER_GOOD 0x00001F00 -extern pstring global_myname; /********************************************************* Add all currently available users to another db @@ -176,7 +175,7 @@ static int print_sam_info (SAM_ACCOUNT *sam_pwent, BOOL verbosity, BOOL smbpwdst Get an Print User Info **********************************************************/ -static int print_user_info (struct pdb_context *in, char *username, BOOL verbosity, BOOL smbpwdstyle) +static int print_user_info (struct pdb_context *in, const char *username, BOOL verbosity, BOOL smbpwdstyle) { SAM_ACCOUNT *sam_pwent=NULL; BOOL ret; @@ -496,7 +495,7 @@ int main (int argc, char **argv) poptGetArg(pc); /* Drop argv[0], the program name */ if (user_name == NULL) { - user_name = poptGetArg(pc); + user_name = strdup(poptGetArg(pc)); } if (!lp_load(dyn_CONFIGFILE,True,False,False)) { @@ -504,16 +503,8 @@ int main (int argc, char **argv) exit(1); } - if (!*global_myname) { - char *p2; - - pstrcpy(global_myname, myhostname()); - p2 = strchr_m(global_myname, '.'); - if (p2) - *p2 = 0; - } - - strupper(global_myname); + if (!init_names()) + exit(1); setparms = (backend ? BIT_BACKEND : 0) + (verbose ? BIT_VERBOSE : 0) + -- cgit From e114e03d3ffe87e29cea3d35232f9527cffb01bf Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Sat, 28 Dec 2002 01:23:38 +0000 Subject: Patch for coredump with missing arg from "Bradley W. Langhorst" Jeremy. (This used to be commit 0958a2ae73345aff42d6cf8ebc248e463949a3ff) --- source3/utils/pdbedit.c | 9 ++++++++- 1 file changed, 8 insertions(+), 1 deletion(-) (limited to 'source3/utils/pdbedit.c') diff --git a/source3/utils/pdbedit.c b/source3/utils/pdbedit.c index 6a019e73d7..e4e3d1fcd6 100644 --- a/source3/utils/pdbedit.c +++ b/source3/utils/pdbedit.c @@ -495,7 +495,14 @@ int main (int argc, char **argv) poptGetArg(pc); /* Drop argv[0], the program name */ if (user_name == NULL) { - user_name = strdup(poptGetArg(pc)); + if (poptPeekArg(pc) == NULL) { + fprintf(stderr, "Can't use pdbedit without a username\n"); + poptPrintHelp(pc, stderr, 0); + exit(1); + } else { + /*Don't try to duplicate a null string */ + user_name = strdup(poptGetArg(pc)); + } } if (!lp_load(dyn_CONFIGFILE,True,False,False)) { -- cgit From af9599e3c4fa203421a34bef91ca4c8c2193077e Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Sat, 28 Dec 2002 19:48:59 +0000 Subject: Revert by Simo's request. HEAD and 3.0 should be in sync for this except for the modules load. Jeremy. (This used to be commit 388cf136488bf92d057d23223dfcda9986681aee) --- source3/utils/pdbedit.c | 12 ++---------- 1 file changed, 2 insertions(+), 10 deletions(-) (limited to 'source3/utils/pdbedit.c') diff --git a/source3/utils/pdbedit.c b/source3/utils/pdbedit.c index e4e3d1fcd6..2b356095c5 100644 --- a/source3/utils/pdbedit.c +++ b/source3/utils/pdbedit.c @@ -494,16 +494,8 @@ int main (int argc, char **argv) poptGetArg(pc); /* Drop argv[0], the program name */ - if (user_name == NULL) { - if (poptPeekArg(pc) == NULL) { - fprintf(stderr, "Can't use pdbedit without a username\n"); - poptPrintHelp(pc, stderr, 0); - exit(1); - } else { - /*Don't try to duplicate a null string */ - user_name = strdup(poptGetArg(pc)); - } - } + if (user_name == NULL) + user_name = poptGetArg(pc); if (!lp_load(dyn_CONFIGFILE,True,False,False)) { fprintf(stderr, "Can't load %s - run testparm to debug it\n", dyn_CONFIGFILE); -- cgit From 634c54310c92c48dd4eceec602e230a021bdcfc5 Mon Sep 17 00:00:00 2001 From: Andrew Bartlett Date: Fri, 3 Jan 2003 08:28:12 +0000 Subject: Merge from HEAD - make Samba compile with -Wwrite-strings without additional warnings. (Adds a lot of const). Andrew Bartlett (This used to be commit 3a7458f9472432ef12c43008414925fd1ce8ea0c) --- source3/utils/pdbedit.c | 28 ++++++++++++++++------------ 1 file changed, 16 insertions(+), 12 deletions(-) (limited to 'source3/utils/pdbedit.c') diff --git a/source3/utils/pdbedit.c b/source3/utils/pdbedit.c index 2b356095c5..3904f25154 100644 --- a/source3/utils/pdbedit.c +++ b/source3/utils/pdbedit.c @@ -231,7 +231,10 @@ static int print_users_list (struct pdb_context *in, BOOL verbosity, BOOL smbpwd Set User Info **********************************************************/ -static int set_user_info (struct pdb_context *in, char *username, char *fullname, char *homedir, char *drive, char *script, char *profile) +static int set_user_info (struct pdb_context *in, const char *username, + const char *fullname, const char *homedir, + const char *drive, const char *script, + const char *profile) { SAM_ACCOUNT *sam_pwent=NULL; BOOL ret; @@ -270,7 +273,7 @@ static int set_user_info (struct pdb_context *in, char *username, char *fullname /********************************************************* Add New User **********************************************************/ -static int new_user (struct pdb_context *in, char *username, char *fullname, char *homedir, char *drive, char *script, char *profile) +static int new_user (struct pdb_context *in, const char *username, const char *fullname, const char *homedir, const char *drive, const char *script, const char *profile) { SAM_ACCOUNT *sam_pwent=NULL; struct passwd *pwd = NULL; @@ -339,26 +342,27 @@ static int new_user (struct pdb_context *in, char *username, char *fullname, cha Add New Machine **********************************************************/ -static int new_machine (struct pdb_context *in, char *machinename) +static int new_machine (struct pdb_context *in, const char *machine_in) { SAM_ACCOUNT *sam_pwent=NULL; + fstring machinename; char name[16]; - char *password = NULL; if (!NT_STATUS_IS_OK(pdb_init_sam (&sam_pwent))) { return -1; } + fstrcpy(machinename, machine_in); + if (machinename[strlen (machinename) -1] == '$') machinename[strlen (machinename) -1] = '\0'; + strlower_m(machinename); + safe_strcpy (name, machinename, 16); safe_strcat (name, "$", 16); - - string_set (&password, machinename); - strlower_m(password); - - pdb_set_plaintext_passwd (sam_pwent, password); + + pdb_set_plaintext_passwd (sam_pwent, machinename); pdb_set_username (sam_pwent, name, PDB_CHANGED); @@ -381,7 +385,7 @@ static int new_machine (struct pdb_context *in, char *machinename) Delete user entry **********************************************************/ -static int delete_user_entry (struct pdb_context *in, char *username) +static int delete_user_entry (struct pdb_context *in, const char *username) { SAM_ACCOUNT *samaccount = NULL; @@ -401,7 +405,7 @@ static int delete_user_entry (struct pdb_context *in, char *username) Delete machine entry **********************************************************/ -static int delete_machine_entry (struct pdb_context *in, char *machinename) +static int delete_machine_entry (struct pdb_context *in, const char *machinename) { char name[16]; SAM_ACCOUNT *samaccount = NULL; @@ -438,7 +442,7 @@ int main (int argc, char **argv) uint32 setparms, checkparms; int opt; static char *full_name = NULL; - static char *user_name = NULL; + static const char *user_name = NULL; static char *home_dir = NULL; static char *home_drive = NULL; static char *backend = NULL; -- cgit From b59dc9ee58f2a496aa82b52ae6e89abbb44648de Mon Sep 17 00:00:00 2001 From: Volker Lendecke Date: Tue, 7 Jan 2003 10:39:23 +0000 Subject: Merge from HEAD. Volker (This used to be commit 7977a025ae698fb91694e3809985b14e35693e92) --- source3/utils/pdbedit.c | 18 ++++++++++++++---- 1 file changed, 14 insertions(+), 4 deletions(-) (limited to 'source3/utils/pdbedit.c') diff --git a/source3/utils/pdbedit.c b/source3/utils/pdbedit.c index 3904f25154..60022d007d 100644 --- a/source3/utils/pdbedit.c +++ b/source3/utils/pdbedit.c @@ -346,12 +346,9 @@ static int new_machine (struct pdb_context *in, const char *machine_in) { SAM_ACCOUNT *sam_pwent=NULL; fstring machinename; + struct passwd *pwd = NULL; char name[16]; - if (!NT_STATUS_IS_OK(pdb_init_sam (&sam_pwent))) { - return -1; - } - fstrcpy(machinename, machine_in); if (machinename[strlen (machinename) -1] == '$') @@ -362,6 +359,19 @@ static int new_machine (struct pdb_context *in, const char *machine_in) safe_strcpy (name, machinename, 16); safe_strcat (name, "$", 16); + if ((pwd = getpwnam_alloc(name))) { + if (!NT_STATUS_IS_OK(pdb_init_sam_pw( &sam_pwent, pwd))) { + fprintf(stderr, "Could not init sam from pw\n"); + passwd_free(&pwd); + return -1; + } + } else { + if (!NT_STATUS_IS_OK(pdb_init_sam (&sam_pwent))) { + fprintf(stderr, "Could not init sam from pw\n"); + return -1; + } + } + pdb_set_plaintext_passwd (sam_pwent, machinename); pdb_set_username (sam_pwent, name, PDB_CHANGED); -- cgit From d034ba5ce18fb7f62060a6eab7b3563c5ff7b859 Mon Sep 17 00:00:00 2001 From: Volker Lendecke Date: Tue, 7 Jan 2003 20:55:43 +0000 Subject: Fix memory leak. Thanks, Herb! Volker (This used to be commit 434e496289ac21e516b22d91c4f52c0a6674214f) --- source3/utils/pdbedit.c | 1 + 1 file changed, 1 insertion(+) (limited to 'source3/utils/pdbedit.c') diff --git a/source3/utils/pdbedit.c b/source3/utils/pdbedit.c index 60022d007d..09493f9a89 100644 --- a/source3/utils/pdbedit.c +++ b/source3/utils/pdbedit.c @@ -365,6 +365,7 @@ static int new_machine (struct pdb_context *in, const char *machine_in) passwd_free(&pwd); return -1; } + passwd_free(&pwd); } else { if (!NT_STATUS_IS_OK(pdb_init_sam (&sam_pwent))) { fprintf(stderr, "Could not init sam from pw\n"); -- cgit From 21ee739b830f35d71c70f3f2428fa189913af4c6 Mon Sep 17 00:00:00 2001 From: Volker Lendecke Date: Thu, 6 Feb 2003 17:10:38 +0000 Subject: merge from HEAD (This used to be commit 4ef6de20cb62fc2b22c288b4452c09eaf007ae5e) --- source3/utils/pdbedit.c | 26 ++++++++++++++++++++++---- 1 file changed, 22 insertions(+), 4 deletions(-) (limited to 'source3/utils/pdbedit.c') diff --git a/source3/utils/pdbedit.c b/source3/utils/pdbedit.c index 09493f9a89..3b7f59ff2a 100644 --- a/source3/utils/pdbedit.c +++ b/source3/utils/pdbedit.c @@ -43,13 +43,13 @@ #define BIT_DELETE 0x00080000 #define BIT_ACCPOLICY 0x00100000 #define BIT_ACCPOLVAL 0x00200000 -#define BIT_RESERV_6 0x00400000 +#define BIT_ACCTCTRL 0x00400000 #define BIT_RESERV_7 0x00800000 #define BIT_IMPORT 0x01000000 #define BIT_EXPORT 0x02000000 #define MASK_ALWAYS_GOOD 0x0000001F -#define MASK_USER_GOOD 0x00001F00 +#define MASK_USER_GOOD 0x00401F00 /********************************************************* Add all currently available users to another db @@ -234,7 +234,7 @@ static int print_users_list (struct pdb_context *in, BOOL verbosity, BOOL smbpwd static int set_user_info (struct pdb_context *in, const char *username, const char *fullname, const char *homedir, const char *drive, const char *script, - const char *profile) + const char *profile, const char *account_control) { SAM_ACCOUNT *sam_pwent=NULL; BOOL ret; @@ -258,6 +258,21 @@ static int set_user_info (struct pdb_context *in, const char *username, pdb_set_logon_script(sam_pwent, script, PDB_CHANGED); if (profile) pdb_set_profile_path (sam_pwent, profile, PDB_CHANGED); + + if (account_control) { + uint16 types = ACB_NORMAL|ACB_MNS|ACB_DOMTRUST|ACB_WSTRUST|ACB_SVRTRUST; + uint16 newflag = pdb_decode_acct_ctrl(account_control); + + if (newflag & types) { + fprintf(stderr, "Can only set [NDHLX] flags\n"); + pdb_free_sam(&sam_pwent); + return -1; + } + + pdb_set_acct_ctrl(sam_pwent, + (pdb_get_acct_ctrl(sam_pwent) & types) | newflag, + PDB_CHANGED); + } if (NT_STATUS_IS_OK(in->pdb_update_sam_account (in, sam_pwent))) print_user_info (in, username, True, False); @@ -461,6 +476,7 @@ int main (int argc, char **argv) static char *backend_out = NULL; static char *logon_script = NULL; static char *profile_path = NULL; + static char *account_control = NULL; static char *account_policy = NULL; static long int account_policy_value = 0; BOOL account_policy_value_set = False; @@ -489,6 +505,7 @@ int main (int argc, char **argv) {"export", 'e', POPT_ARG_STRING, &backend_out, 0, "export user accounts to this backend", NULL}, {"account-policy", 'P', POPT_ARG_STRING, &account_policy, 0,"value of an account policy (like maximum password age)",NULL}, {"value", 'V', POPT_ARG_LONG, &account_policy_value, 'V',"set the account policy to this value", NULL}, + {"account-control", 'c', POPT_ARG_STRING, &account_control, 0, "Values of account control", NULL}, { NULL, 0, POPT_ARG_INCLUDE_TABLE, popt_common_debug }, { NULL, 0, POPT_ARG_INCLUDE_TABLE, popt_common_configfile }, {0,0,0,0} @@ -534,6 +551,7 @@ int main (int argc, char **argv) (modify_user ? BIT_MODIFY : 0) + (add_user ? BIT_CREATE : 0) + (delete_user ? BIT_DELETE : 0) + + (account_control ? BIT_ACCTCTRL : 0) + (account_policy ? BIT_ACCPOLICY : 0) + (account_policy_value_set ? BIT_ACCPOLVAL : 0) + (backend_in ? BIT_IMPORT : 0) + @@ -661,7 +679,7 @@ int main (int argc, char **argv) home_dir, home_drive, logon_script, - profile_path); + profile_path, account_control); } } -- cgit From 13f65125ac8bcbb3b3367ec6feab504272fb388f Mon Sep 17 00:00:00 2001 From: Volker Lendecke Date: Fri, 7 Feb 2003 08:03:37 +0000 Subject: Invert flag testing (This used to be commit 05397c526d2fad63faee781cc68934c58ee97500) --- source3/utils/pdbedit.c | 8 +++++--- 1 file changed, 5 insertions(+), 3 deletions(-) (limited to 'source3/utils/pdbedit.c') diff --git a/source3/utils/pdbedit.c b/source3/utils/pdbedit.c index 3b7f59ff2a..9df10c21a4 100644 --- a/source3/utils/pdbedit.c +++ b/source3/utils/pdbedit.c @@ -260,17 +260,19 @@ static int set_user_info (struct pdb_context *in, const char *username, pdb_set_profile_path (sam_pwent, profile, PDB_CHANGED); if (account_control) { - uint16 types = ACB_NORMAL|ACB_MNS|ACB_DOMTRUST|ACB_WSTRUST|ACB_SVRTRUST; + uint16 not_settable = ~(ACB_DISABLED|ACB_HOMDIRREQ|ACB_PWNOTREQ| + ACB_PWNOEXP|ACB_AUTOLOCK); + uint16 newflag = pdb_decode_acct_ctrl(account_control); - if (newflag & types) { + if (newflag & not_settable) { fprintf(stderr, "Can only set [NDHLX] flags\n"); pdb_free_sam(&sam_pwent); return -1; } pdb_set_acct_ctrl(sam_pwent, - (pdb_get_acct_ctrl(sam_pwent) & types) | newflag, + (pdb_get_acct_ctrl(sam_pwent) & not_settable) | newflag, PDB_CHANGED); } -- cgit From d5ee9b2f480ddbda0b8f69409698d27c99384f9c Mon Sep 17 00:00:00 2001 From: Andrew Bartlett Date: Tue, 18 Mar 2003 11:22:52 +0000 Subject: Jeremy merged across my string parinoia fixes, but forgot to enable them! :-) This patch catches up on the rest of the work - as much string checking as is possible is done at compile time, and the rest at runtime. Lots of code converted to pstrcpy() etc, and other code reworked to correctly call sizeof(). Andrew Bartlett (This used to be commit c5b604e2ee67d74241ae2fa07ae904647d35a2be) --- source3/utils/pdbedit.c | 22 ++++++++++++---------- 1 file changed, 12 insertions(+), 10 deletions(-) (limited to 'source3/utils/pdbedit.c') diff --git a/source3/utils/pdbedit.c b/source3/utils/pdbedit.c index 9df10c21a4..265bda1e5d 100644 --- a/source3/utils/pdbedit.c +++ b/source3/utils/pdbedit.c @@ -363,20 +363,21 @@ static int new_machine (struct pdb_context *in, const char *machine_in) { SAM_ACCOUNT *sam_pwent=NULL; fstring machinename; + fstring machineaccount; struct passwd *pwd = NULL; - char name[16]; fstrcpy(machinename, machine_in); + machinename[15]= '\0'; if (machinename[strlen (machinename) -1] == '$') machinename[strlen (machinename) -1] = '\0'; strlower_m(machinename); - safe_strcpy (name, machinename, 16); - safe_strcat (name, "$", 16); + fstrcpy(machineaccount, machinename); + fstrcat(machineaccount, "$"); - if ((pwd = getpwnam_alloc(name))) { + if ((pwd = getpwnam_alloc(machineaccount))) { if (!NT_STATUS_IS_OK(pdb_init_sam_pw( &sam_pwent, pwd))) { fprintf(stderr, "Could not init sam from pw\n"); passwd_free(&pwd); @@ -392,14 +393,14 @@ static int new_machine (struct pdb_context *in, const char *machine_in) pdb_set_plaintext_passwd (sam_pwent, machinename); - pdb_set_username (sam_pwent, name, PDB_CHANGED); + pdb_set_username (sam_pwent, machineaccount, PDB_CHANGED); pdb_set_acct_ctrl (sam_pwent, ACB_WSTRUST, PDB_CHANGED); pdb_set_group_sid_from_rid(sam_pwent, DOMAIN_GROUP_RID_COMPUTERS, PDB_CHANGED); if (NT_STATUS_IS_OK(in->pdb_add_sam_account (in, sam_pwent))) { - print_user_info (in, name, True, False); + print_user_info (in, machineaccount, True, False); } else { fprintf (stderr, "Unable to add machine! (does it already exist?)\n"); pdb_free_sam (&sam_pwent); @@ -435,12 +436,13 @@ static int delete_user_entry (struct pdb_context *in, const char *username) static int delete_machine_entry (struct pdb_context *in, const char *machinename) { - char name[16]; + fstring name; SAM_ACCOUNT *samaccount = NULL; - safe_strcpy (name, machinename, 16); - if (name[strlen(name)] != '$') - safe_strcat (name, "$", 16); + fstrcpy(name, machinename); + name[15] = '\0'; + if (name[strlen(name)-1] != '$') + fstrcat (name, "$"); if (!NT_STATUS_IS_OK(pdb_init_sam (&samaccount))) { return -1; -- cgit From b8d83f7cdb5aed2bdcc185388f148e2fe4726bf8 Mon Sep 17 00:00:00 2001 From: Volker Lendecke Date: Sun, 23 Mar 2003 11:50:16 +0000 Subject: This does two things: * pdbedit -i -e sets all SAM_ACCOUNT elements to CHANGED to satisfy the new pdb_ldap.c handling * pdbedit -g transfers group mappings. I made this separate from the user database, as current installations have to live with a split backend. So, if you are running 3_0 alphas with LDAP as a backend and upgrade to the next 3_0 alpha, you should call pdbedit -i tdbsam -e ldapsam -g to transfer your group mapping database to LDAP. You certainly have to have all your groups as posixGroup objects in LDAP and adapt the LDAP schema before this call. Volker (This used to be commit 09a3db0ffcbbe578788d3dd5ee7540d27cc7c09a) --- source3/utils/pdbedit.c | 38 +++++++++++++++++++++++++++++++++++++- 1 file changed, 37 insertions(+), 1 deletion(-) (limited to 'source3/utils/pdbedit.c') diff --git a/source3/utils/pdbedit.c b/source3/utils/pdbedit.c index 265bda1e5d..4c97903f51 100644 --- a/source3/utils/pdbedit.c +++ b/source3/utils/pdbedit.c @@ -69,6 +69,12 @@ static int export_database (struct pdb_context *in, struct pdb_context *out) { } while (NT_STATUS_IS_OK(in->pdb_getsampwent(in, user))) { + int i; + + for (i=0; ipdb_add_sam_account(out, user); if (!NT_STATUS_IS_OK(pdb_reset_sam(user))){ fprintf(stderr, "Can't reset SAM_ACCOUNT!\n"); @@ -81,6 +87,30 @@ static int export_database (struct pdb_context *in, struct pdb_context *out) { return 0; } +/********************************************************* + Add all currently available group mappings to another db + ********************************************************/ + +static int export_groups (struct pdb_context *in, struct pdb_context *out) { + GROUP_MAP *maps = NULL; + int i, entries = 0; + + if (NT_STATUS_IS_ERR(in->pdb_enum_group_mapping(in, SID_NAME_UNKNOWN, + &maps, &entries, + False, False))) { + fprintf(stderr, "Can't get group mappings!\n"); + return 1; + } + + for (i=0; ipdb_add_group_mapping_entry(out, &(maps[i])); + } + + SAFE_FREE(maps); + + return 0; +} + /********************************************************* Print info from sam structure **********************************************************/ @@ -478,6 +508,7 @@ int main (int argc, char **argv) static char *backend = NULL; static char *backend_in = NULL; static char *backend_out = NULL; + static BOOL transfer_groups = False; static char *logon_script = NULL; static char *profile_path = NULL; static char *account_control = NULL; @@ -507,6 +538,7 @@ int main (int argc, char **argv) {"backend", 'b', POPT_ARG_STRING, &backend, 0, "use different passdb backend as default backend", NULL}, {"import", 'i', POPT_ARG_STRING, &backend_in, 0, "import user accounts from this backend", NULL}, {"export", 'e', POPT_ARG_STRING, &backend_out, 0, "export user accounts to this backend", NULL}, + {"group", 'g', POPT_ARG_NONE, &transfer_groups, 0, "use -i and -e for groups", NULL}, {"account-policy", 'P', POPT_ARG_STRING, &account_policy, 0,"value of an account policy (like maximum password age)",NULL}, {"value", 'V', POPT_ARG_LONG, &account_policy_value, 'V',"set the account policy to this value", NULL}, {"account-control", 'c', POPT_ARG_STRING, &account_control, 0, "Values of account control", NULL}, @@ -621,7 +653,11 @@ int main (int argc, char **argv) } else { bout = bdef; } - return export_database(bin, bout); + if (transfer_groups) { + return export_groups(bin, bout); + } else { + return export_database(bin, bout); + } } /* if BIT_USER is defined but nothing else then threat it as -l -u for compatibility */ -- cgit From 7d4bfa0eda4f79f55950d4089e636eecc37975f6 Mon Sep 17 00:00:00 2001 From: Volker Lendecke Date: Sun, 23 Mar 2003 14:20:21 +0000 Subject: Implement abartlet's suggestion to add attribs to ldap if they are 'SET' when adding the account. I really don't like passing flags down to inner routines and complicated if/else conditions, but this time he might be right. ;-) Volker (This used to be commit 339c14906802db6ddb59f07a0c71dcc3c73cc3d6) --- source3/utils/pdbedit.c | 6 ------ 1 file changed, 6 deletions(-) (limited to 'source3/utils/pdbedit.c') diff --git a/source3/utils/pdbedit.c b/source3/utils/pdbedit.c index 4c97903f51..99d3e01fd2 100644 --- a/source3/utils/pdbedit.c +++ b/source3/utils/pdbedit.c @@ -69,12 +69,6 @@ static int export_database (struct pdb_context *in, struct pdb_context *out) { } while (NT_STATUS_IS_OK(in->pdb_getsampwent(in, user))) { - int i; - - for (i=0; ipdb_add_sam_account(out, user); if (!NT_STATUS_IS_OK(pdb_reset_sam(user))){ fprintf(stderr, "Can't reset SAM_ACCOUNT!\n"); -- cgit From 63cbbe26923b8f6bbed11428a3a218a88d17ffe7 Mon Sep 17 00:00:00 2001 From: Tim Potter Date: Mon, 14 Apr 2003 03:30:20 +0000 Subject: Merge Jelmer's popt updates from HEAD. (This used to be commit 98e84b3e83d2a365c818ea64f9418edb29d690f2) --- source3/utils/pdbedit.c | 9 ++++----- 1 file changed, 4 insertions(+), 5 deletions(-) (limited to 'source3/utils/pdbedit.c') diff --git a/source3/utils/pdbedit.c b/source3/utils/pdbedit.c index 99d3e01fd2..bf42fb805f 100644 --- a/source3/utils/pdbedit.c +++ b/source3/utils/pdbedit.c @@ -516,7 +516,7 @@ int main (int argc, char **argv) poptContext pc; struct poptOption long_options[] = { POPT_AUTOHELP - {"list", 'l', POPT_ARG_NONE, &list_users, 0, "list all users", NULL}, + {"list", 'L', POPT_ARG_NONE, &list_users, 0, "list all users", NULL}, {"verbose", 'v', POPT_ARG_NONE, &verbose, 0, "be verbose", NULL }, {"smbpasswd-style", 'w',POPT_ARG_NONE, &spstyle, 0, "give output in smbpasswd style", NULL}, {"user", 'u', POPT_ARG_STRING, &user_name, 0, "use username", "USER" }, @@ -534,11 +534,10 @@ int main (int argc, char **argv) {"export", 'e', POPT_ARG_STRING, &backend_out, 0, "export user accounts to this backend", NULL}, {"group", 'g', POPT_ARG_NONE, &transfer_groups, 0, "use -i and -e for groups", NULL}, {"account-policy", 'P', POPT_ARG_STRING, &account_policy, 0,"value of an account policy (like maximum password age)",NULL}, - {"value", 'V', POPT_ARG_LONG, &account_policy_value, 'V',"set the account policy to this value", NULL}, + {"value", 'C', POPT_ARG_LONG, &account_policy_value, 'C',"set the account policy to this value", NULL}, {"account-control", 'c', POPT_ARG_STRING, &account_control, 0, "Values of account control", NULL}, - { NULL, 0, POPT_ARG_INCLUDE_TABLE, popt_common_debug }, - { NULL, 0, POPT_ARG_INCLUDE_TABLE, popt_common_configfile }, - {0,0,0,0} + POPT_COMMON_SAMBA + POPT_TABLEEND }; setup_logging("pdbedit", True); -- cgit From 43b3ea968b0405efebf7c1cb4d5f541b50b388b0 Mon Sep 17 00:00:00 2001 From: Simo Sorce Date: Sat, 26 Apr 2003 01:15:57 +0000 Subject: back port from HEAD (This used to be commit f7cfdf20b7b3b7743c0c3af4ff62fdde00e45fdc) --- source3/utils/pdbedit.c | 79 +++++++++++++++++++++++++++++++++++++++++++++---- 1 file changed, 74 insertions(+), 5 deletions(-) (limited to 'source3/utils/pdbedit.c') diff --git a/source3/utils/pdbedit.c b/source3/utils/pdbedit.c index bf42fb805f..d7de709e21 100644 --- a/source3/utils/pdbedit.c +++ b/source3/utils/pdbedit.c @@ -258,7 +258,8 @@ static int print_users_list (struct pdb_context *in, BOOL verbosity, BOOL smbpwd static int set_user_info (struct pdb_context *in, const char *username, const char *fullname, const char *homedir, const char *drive, const char *script, - const char *profile, const char *account_control) + const char *profile, const char *account_control, + const char *user_sid, const char *group_sid) { SAM_ACCOUNT *sam_pwent=NULL; BOOL ret; @@ -299,6 +300,36 @@ static int set_user_info (struct pdb_context *in, const char *username, (pdb_get_acct_ctrl(sam_pwent) & not_settable) | newflag, PDB_CHANGED); } + if (user_sid) { + DOM_SID u_sid; + if (!string_to_sid(&u_sid, user_sid)) { + /* not a complete sid, may be a RID, try building a SID */ + int u_rid; + + if (sscanf(user_sid, "%d", &u_rid) != 1) { + fprintf(stderr, "Error passed string is not a complete user SID or RID!\n"); + return -1; + } + sid_copy(&u_sid, get_global_sam_sid()); + sid_append_rid(&u_sid, u_rid); + } + pdb_set_user_sid (sam_pwent, &u_sid, PDB_CHANGED); + } + if (group_sid) { + DOM_SID g_sid; + if (!string_to_sid(&g_sid, group_sid)) { + /* not a complete sid, may be a RID, try building a SID */ + int g_rid; + + if (sscanf(group_sid, "%d", &g_rid) != 1) { + fprintf(stderr, "Error passed string is not a complete group SID or RID!\n"); + return -1; + } + sid_copy(&g_sid, get_global_sam_sid()); + sid_append_rid(&g_sid, g_rid); + } + pdb_set_group_sid (sam_pwent, &g_sid, PDB_CHANGED); + } if (NT_STATUS_IS_OK(in->pdb_update_sam_account (in, sam_pwent))) print_user_info (in, username, True, False); @@ -314,7 +345,10 @@ static int set_user_info (struct pdb_context *in, const char *username, /********************************************************* Add New User **********************************************************/ -static int new_user (struct pdb_context *in, const char *username, const char *fullname, const char *homedir, const char *drive, const char *script, const char *profile) +static int new_user (struct pdb_context *in, const char *username, + const char *fullname, const char *homedir, + const char *drive, const char *script, + const char *profile, char *user_sid, char *group_sid) { SAM_ACCOUNT *sam_pwent=NULL; struct passwd *pwd = NULL; @@ -329,7 +363,7 @@ static int new_user (struct pdb_context *in, const char *username, const char *f fprintf (stderr, "WARNING: user %s does not exist in system passwd\n", username); pdb_init_sam(&sam_pwent); if (!pdb_set_username(sam_pwent, username, PDB_CHANGED)) { - return False; + return -1; } } @@ -365,6 +399,36 @@ static int new_user (struct pdb_context *in, const char *username, const char *f pdb_set_logon_script(sam_pwent, script, PDB_CHANGED); if (profile) pdb_set_profile_path (sam_pwent, profile, PDB_CHANGED); + if (user_sid) { + DOM_SID u_sid; + if (!string_to_sid(&u_sid, user_sid)) { + /* not a complete sid, may be a RID, try building a SID */ + int u_rid; + + if (sscanf(user_sid, "%d", &u_rid) != 1) { + fprintf(stderr, "Error passed string is not a complete user SID or RID!\n"); + return -1; + } + sid_copy(&u_sid, get_global_sam_sid()); + sid_append_rid(&u_sid, u_rid); + } + pdb_set_user_sid (sam_pwent, &u_sid, PDB_CHANGED); + } + if (group_sid) { + DOM_SID g_sid; + if (!string_to_sid(&g_sid, group_sid)) { + /* not a complete sid, may be a RID, try building a SID */ + int g_rid; + + if (sscanf(group_sid, "%d", &g_rid) != 1) { + fprintf(stderr, "Error passed string is not a complete group SID or RID!\n"); + return -1; + } + sid_copy(&g_sid, get_global_sam_sid()); + sid_append_rid(&g_sid, g_rid); + } + pdb_set_group_sid (sam_pwent, &g_sid, PDB_CHANGED); + } pdb_set_acct_ctrl (sam_pwent, ACB_NORMAL, PDB_CHANGED); @@ -507,6 +571,8 @@ int main (int argc, char **argv) static char *profile_path = NULL; static char *account_control = NULL; static char *account_policy = NULL; + static char *user_sid = NULL; + static char *group_sid = NULL; static long int account_policy_value = 0; BOOL account_policy_value_set = False; @@ -525,6 +591,8 @@ int main (int argc, char **argv) {"drive", 'D', POPT_ARG_STRING, &home_drive, 0, "set home drive", NULL}, {"script", 'S', POPT_ARG_STRING, &logon_script, 0, "set logon script", NULL}, {"profile", 'p', POPT_ARG_STRING, &profile_path, 0, "set profile path", NULL}, + {"user SID", 'U', POPT_ARG_STRING, &user_sid, 0, "set user SID or RID", NULL}, + {"group SID", 'G', POPT_ARG_STRING, &group_sid, 0, "set group SID or RID", NULL}, {"create", 'a', POPT_ARG_NONE, &add_user, 0, "create user", NULL}, {"modify", 'r', POPT_ARG_NONE, &modify_user, 0, "modify user", NULL}, {"machine", 'm', POPT_ARG_NONE, &machine, 0, "account is a machine account", NULL}, @@ -693,7 +761,7 @@ int main (int argc, char **argv) } else { return new_user (bdef, user_name, full_name, home_dir, home_drive, logon_script, - profile_path); + profile_path, user_sid, group_sid); } } @@ -712,7 +780,8 @@ int main (int argc, char **argv) home_dir, home_drive, logon_script, - profile_path, account_control); + profile_path, account_control, + user_sid, group_sid); } } -- cgit From 281d95e2f35f8276d23d075d6e528d16eda9fadc Mon Sep 17 00:00:00 2001 From: Andrew Bartlett Date: Tue, 29 Apr 2003 09:43:17 +0000 Subject: Use a common function to create the SAM_ACCOUNT being used to add accounts to the system. This means that we always run Get_Pwnam(), and can never add FOO when foo exists on the system (the idea is to instead add foo into the passdb, using it's full name, RID etc). Andrew Bartlett (This used to be commit bb79b127e02cefae13c822fd0fd165f1f214b740) --- source3/utils/pdbedit.c | 16 ++++------------ 1 file changed, 4 insertions(+), 12 deletions(-) (limited to 'source3/utils/pdbedit.c') diff --git a/source3/utils/pdbedit.c b/source3/utils/pdbedit.c index d7de709e21..3a3d06a645 100644 --- a/source3/utils/pdbedit.c +++ b/source3/utils/pdbedit.c @@ -351,20 +351,12 @@ static int new_user (struct pdb_context *in, const char *username, const char *profile, char *user_sid, char *group_sid) { SAM_ACCOUNT *sam_pwent=NULL; - struct passwd *pwd = NULL; + NTSTATUS nt_status; char *password1, *password2, *staticpass; - ZERO_STRUCT(sam_pwent); - - if ((pwd = getpwnam_alloc(username))) { - pdb_init_sam_pw (&sam_pwent, pwd); - passwd_free(&pwd); - } else { - fprintf (stderr, "WARNING: user %s does not exist in system passwd\n", username); - pdb_init_sam(&sam_pwent); - if (!pdb_set_username(sam_pwent, username, PDB_CHANGED)) { - return -1; - } + if (!NT_STATUS_IS_OK(nt_status = pdb_init_sam_new(&sam_pwent, username))) { + DEBUG(0, ("could not create account to add new user %s\n", username)); + return -1; } staticpass = getpass("new password:"); -- cgit From c507ebe56741d773bf6e7ad547863a2da1aee687 Mon Sep 17 00:00:00 2001 From: Jelmer Vernooij Date: Sat, 10 May 2003 10:53:48 +0000 Subject: Patch from metze and me that adds dummy smb_register_*() functions so that is now possible to, for example, load a module which contains an auth method into a binary without the auth/ subsystem built in. (This used to be commit 74d9ecfe2dd7364643d32acb62ade957bd71cd0d) --- source3/utils/pdbedit.c | 3 +++ 1 file changed, 3 insertions(+) (limited to 'source3/utils/pdbedit.c') diff --git a/source3/utils/pdbedit.c b/source3/utils/pdbedit.c index 3a3d06a645..5116855e71 100644 --- a/source3/utils/pdbedit.c +++ b/source3/utils/pdbedit.c @@ -23,6 +23,9 @@ #include "includes.h" +#define HAVE_SMB_REGISTER_PASSDB +#include "module_dummy.h" + #define BIT_BACKEND 0x00000004 #define BIT_VERBOSE 0x00000008 #define BIT_SPSTYLE 0x00000010 -- cgit From 0914e541f5480834c1b0ddc98b5f71f7f7abf9cb Mon Sep 17 00:00:00 2001 From: Jelmer Vernooij Date: Sat, 10 May 2003 11:49:51 +0000 Subject: Reverse previous patch from Stefan and me after comments by Andrew Bartlett (This used to be commit d817eaf0ecca2d878ab1ffcf7a747a02d71c811e) --- source3/utils/pdbedit.c | 3 --- 1 file changed, 3 deletions(-) (limited to 'source3/utils/pdbedit.c') diff --git a/source3/utils/pdbedit.c b/source3/utils/pdbedit.c index 5116855e71..3a3d06a645 100644 --- a/source3/utils/pdbedit.c +++ b/source3/utils/pdbedit.c @@ -23,9 +23,6 @@ #include "includes.h" -#define HAVE_SMB_REGISTER_PASSDB -#include "module_dummy.h" - #define BIT_BACKEND 0x00000004 #define BIT_VERBOSE 0x00000008 #define BIT_SPSTYLE 0x00000010 -- cgit From ca40b71686236ca1b3a219abe8ca36a0895f798a Mon Sep 17 00:00:00 2001 From: Andrew Bartlett Date: Mon, 12 May 2003 00:17:44 +0000 Subject: Make it possible to actually use --user-SID and --group-SID on a standard command line. Andrew Bartlett (This used to be commit dd14da756640ba36834a05b9da4759a809c0bb37) --- source3/utils/pdbedit.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'source3/utils/pdbedit.c') diff --git a/source3/utils/pdbedit.c b/source3/utils/pdbedit.c index 3a3d06a645..e5df6ab038 100644 --- a/source3/utils/pdbedit.c +++ b/source3/utils/pdbedit.c @@ -583,8 +583,8 @@ int main (int argc, char **argv) {"drive", 'D', POPT_ARG_STRING, &home_drive, 0, "set home drive", NULL}, {"script", 'S', POPT_ARG_STRING, &logon_script, 0, "set logon script", NULL}, {"profile", 'p', POPT_ARG_STRING, &profile_path, 0, "set profile path", NULL}, - {"user SID", 'U', POPT_ARG_STRING, &user_sid, 0, "set user SID or RID", NULL}, - {"group SID", 'G', POPT_ARG_STRING, &group_sid, 0, "set group SID or RID", NULL}, + {"user-SID", 'U', POPT_ARG_STRING, &user_sid, 0, "set user SID or RID", NULL}, + {"group-SID", 'G', POPT_ARG_STRING, &group_sid, 0, "set group SID or RID", NULL}, {"create", 'a', POPT_ARG_NONE, &add_user, 0, "create user", NULL}, {"modify", 'r', POPT_ARG_NONE, &modify_user, 0, "modify user", NULL}, {"machine", 'm', POPT_ARG_NONE, &machine, 0, "account is a machine account", NULL}, -- cgit From c823b191ab476fc2583d6d6aaa1e2edb09cbb88e Mon Sep 17 00:00:00 2001 From: Simo Sorce Date: Mon, 12 May 2003 18:12:31 +0000 Subject: And finally IDMAP in 3_0 We really need idmap_ldap to have a good solution with ldapsam, porting it from the prvious code is beeing made, the code is really simple to do so I am confident it is not a problem to commit this code in. Not committing it would have been worst. I really would have been able to finish also the group code, maybe we can put it into a followin release after 3.0.0 even if it may be an upgrade problem. The code has been tested and seem to work right, more testing is needed for corner cases. Currently winbind pdc (working only for users and not for groups) is disabled as I was not able to make a complete group code replacement that works somewhat in a week (I have a complete patch, but there are bugs) Simo. (This used to be commit 0e58085978f984436815114a2ec347cf7899a89d) --- source3/utils/pdbedit.c | 60 +++++++++++++++++++++---------------------------- 1 file changed, 25 insertions(+), 35 deletions(-) (limited to 'source3/utils/pdbedit.c') diff --git a/source3/utils/pdbedit.c b/source3/utils/pdbedit.c index e5df6ab038..13f35e8880 100644 --- a/source3/utils/pdbedit.c +++ b/source3/utils/pdbedit.c @@ -122,12 +122,6 @@ static int print_sam_info (SAM_ACCOUNT *sam_pwent, BOOL verbosity, BOOL smbpwdst printf ("Unix username: %s\n", pdb_get_username(sam_pwent)); printf ("NT username: %s\n", pdb_get_nt_username(sam_pwent)); printf ("Account Flags: %s\n", pdb_encode_acct_ctrl(pdb_get_acct_ctrl(sam_pwent), NEW_PW_FORMAT_SPACE_PADDED_LEN)); - - if (IS_SAM_UNIX_USER(sam_pwent)) { - uid = pdb_get_uid(sam_pwent); - gid = pdb_get_gid(sam_pwent); - printf ("User ID/Group ID: %d/%d\n", uid, gid); - } printf ("User SID: %s\n", sid_string_static(pdb_get_user_sid(sam_pwent))); printf ("Primary Group SID: %s\n", @@ -161,35 +155,25 @@ static int print_sam_info (SAM_ACCOUNT *sam_pwent, BOOL verbosity, BOOL smbpwdst printf ("Password must change: %s\n", tmp ? http_timestring(tmp) : "0"); } else if (smbpwdstyle) { - if (IS_SAM_UNIX_USER(sam_pwent)) { - char lm_passwd[33]; - char nt_passwd[33]; - - uid = pdb_get_uid(sam_pwent); - pdb_sethexpwd(lm_passwd, - pdb_get_lanman_passwd(sam_pwent), - pdb_get_acct_ctrl(sam_pwent)); - pdb_sethexpwd(nt_passwd, - pdb_get_nt_passwd(sam_pwent), - pdb_get_acct_ctrl(sam_pwent)); + char lm_passwd[33]; + char nt_passwd[33]; + + uid = -1; + sid_to_uid(pdb_get_user_sid(sam_pwent), &uid); + pdb_sethexpwd(lm_passwd, pdb_get_lanman_passwd(sam_pwent), pdb_get_acct_ctrl(sam_pwent)); + pdb_sethexpwd(nt_passwd, pdb_get_nt_passwd(sam_pwent), pdb_get_acct_ctrl(sam_pwent)); - printf("%s:%d:%s:%s:%s:LCT-%08X:\n", - pdb_get_username(sam_pwent), - uid, - lm_passwd, - nt_passwd, - pdb_encode_acct_ctrl(pdb_get_acct_ctrl(sam_pwent),NEW_PW_FORMAT_SPACE_PADDED_LEN), - (uint32)pdb_get_pass_last_set_time(sam_pwent)); - } else { - fprintf(stderr, "Can't output in smbpasswd format, no uid on this record.\n"); - } + printf("%s:%d:%s:%s:%s:LCT-%08X:\n", + pdb_get_username(sam_pwent), + uid, + lm_passwd, + nt_passwd, + pdb_encode_acct_ctrl(pdb_get_acct_ctrl(sam_pwent),NEW_PW_FORMAT_SPACE_PADDED_LEN), + (uint32)pdb_get_pass_last_set_time(sam_pwent)); } else { - if (IS_SAM_UNIX_USER(sam_pwent)) { - printf ("%s:%d:%s\n", pdb_get_username(sam_pwent), pdb_get_uid(sam_pwent), - pdb_get_fullname(sam_pwent)); - } else { - printf ("%s:(null):%s\n", pdb_get_username(sam_pwent), pdb_get_fullname(sam_pwent)); - } + uid = -1; + sid_to_uid(pdb_get_user_sid(sam_pwent), &uid); + printf ("%s:%d:%s\n", pdb_get_username(sam_pwent), uid, pdb_get_fullname(sam_pwent)); } return 0; @@ -583,8 +567,8 @@ int main (int argc, char **argv) {"drive", 'D', POPT_ARG_STRING, &home_drive, 0, "set home drive", NULL}, {"script", 'S', POPT_ARG_STRING, &logon_script, 0, "set logon script", NULL}, {"profile", 'p', POPT_ARG_STRING, &profile_path, 0, "set profile path", NULL}, - {"user-SID", 'U', POPT_ARG_STRING, &user_sid, 0, "set user SID or RID", NULL}, - {"group-SID", 'G', POPT_ARG_STRING, &group_sid, 0, "set group SID or RID", NULL}, + {"user SID", 'U', POPT_ARG_STRING, &user_sid, 0, "set user SID or RID", NULL}, + {"group SID", 'G', POPT_ARG_STRING, &group_sid, 0, "set group SID or RID", NULL}, {"create", 'a', POPT_ARG_NONE, &add_user, 0, "create user", NULL}, {"modify", 'r', POPT_ARG_NONE, &modify_user, 0, "modify user", NULL}, {"machine", 'm', POPT_ARG_NONE, &machine, 0, "account is a machine account", NULL}, @@ -626,6 +610,12 @@ int main (int argc, char **argv) if (!init_names()) exit(1); + if (!idmap_init()) + exit(1); + + if (!idmap_init_wellknown_sids()) + exit(1); + setparms = (backend ? BIT_BACKEND : 0) + (verbose ? BIT_VERBOSE : 0) + (spstyle ? BIT_SPSTYLE : 0) + -- cgit From 6abef0810007c317c3ee866eb3933ce2c696085f Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Mon, 12 May 2003 21:27:54 +0000 Subject: Fix obvious compiler warnings. Jeremy. (This used to be commit 2a6d0c2481c3c34351e57c30a85004babdbf99b0) --- source3/utils/pdbedit.c | 1 - 1 file changed, 1 deletion(-) (limited to 'source3/utils/pdbedit.c') diff --git a/source3/utils/pdbedit.c b/source3/utils/pdbedit.c index 13f35e8880..9a45049bc5 100644 --- a/source3/utils/pdbedit.c +++ b/source3/utils/pdbedit.c @@ -112,7 +112,6 @@ static int export_groups (struct pdb_context *in, struct pdb_context *out) { static int print_sam_info (SAM_ACCOUNT *sam_pwent, BOOL verbosity, BOOL smbpwdstyle) { uid_t uid; - gid_t gid; time_t tmp; /* TODO: chaeck if entry is a user or a workstation */ -- cgit From 2153494966453778117eab028b6f44b1574da4a6 Mon Sep 17 00:00:00 2001 From: Jelmer Vernooij Date: Thu, 29 May 2003 22:00:54 +0000 Subject: Setting account policy values is done using -C, not -V. Fixes bug #120 (This used to be commit daf443757b62bd3c254a303d638bfd030b4acd2a) --- source3/utils/pdbedit.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'source3/utils/pdbedit.c') diff --git a/source3/utils/pdbedit.c b/source3/utils/pdbedit.c index 9a45049bc5..d540bf42de 100644 --- a/source3/utils/pdbedit.c +++ b/source3/utils/pdbedit.c @@ -590,7 +590,7 @@ int main (int argc, char **argv) while((opt = poptGetNextOpt(pc)) != -1) { switch (opt) { - case 'V': + case 'C': account_policy_value_set = True; break; } -- cgit From 75a5c0b307a79536316b651273d3f6983323f5ce Mon Sep 17 00:00:00 2001 From: Simo Sorce Date: Wed, 18 Jun 2003 15:24:10 +0000 Subject: Ok, this patch removes the privilege stuff we had in, unused, for some time. The code was nice, but put in the wrong place (group mapping) and not supported by most of the code, thus useless. We will put back most of the code when our infrastructure will be changed so that privileges actually really make sense to be set. This is a first patch of a set to enhance all our mapping code cleaness and stability towards a sane next beta for 3.0 code base Simo. (This used to be commit e341e7c49f8c17a9ee30ca3fab3aa0397c1f0c7e) --- source3/utils/pdbedit.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'source3/utils/pdbedit.c') diff --git a/source3/utils/pdbedit.c b/source3/utils/pdbedit.c index d540bf42de..571775a741 100644 --- a/source3/utils/pdbedit.c +++ b/source3/utils/pdbedit.c @@ -91,7 +91,7 @@ static int export_groups (struct pdb_context *in, struct pdb_context *out) { if (NT_STATUS_IS_ERR(in->pdb_enum_group_mapping(in, SID_NAME_UNKNOWN, &maps, &entries, - False, False))) { + False))) { fprintf(stderr, "Can't get group mappings!\n"); return 1; } -- cgit From f5974dfaae680d98b78d600cd1f1aaece332a085 Mon Sep 17 00:00:00 2001 From: Simo Sorce Date: Sun, 22 Jun 2003 10:09:52 +0000 Subject: Found out a good number of NT_STATUS_IS_ERR used the wrong way. As abartlet rememberd me NT_STATUS_IS_ERR != !NT_STATUS_IS_OK This patch will cure the problem. Working on this one I found 16 functions where I think NT_STATUS_IS_ERR() is used correctly, but I'm not 100% sure, coders should check the use of NT_STATUS_IS_ERR() in samba is ok now. Simo. (This used to be commit c501e84d412563eb3f674f76038ec48c2b458687) --- source3/utils/pdbedit.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'source3/utils/pdbedit.c') diff --git a/source3/utils/pdbedit.c b/source3/utils/pdbedit.c index 571775a741..aa11f2bfdf 100644 --- a/source3/utils/pdbedit.c +++ b/source3/utils/pdbedit.c @@ -485,7 +485,7 @@ static int delete_user_entry (struct pdb_context *in, const char *username) return -1; } - if (NT_STATUS_IS_ERR(in->pdb_getsampwnam(in, samaccount, username))) { + if (!NT_STATUS_IS_OK(in->pdb_getsampwnam(in, samaccount, username))) { fprintf (stderr, "user %s does not exist in the passdb\n", username); return -1; } @@ -511,7 +511,7 @@ static int delete_machine_entry (struct pdb_context *in, const char *machinename return -1; } - if (NT_STATUS_IS_ERR(in->pdb_getsampwnam(in, samaccount, name))) { + if (!NT_STATUS_IS_OK(in->pdb_getsampwnam(in, samaccount, name))) { fprintf (stderr, "machine %s does not exist in the passdb\n", name); return -1; } -- cgit From 0e983b32fd309de24b923a5c4928635c6c03e89f Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Fri, 27 Jun 2003 20:55:48 +0000 Subject: Some const correctness. Stop tdb being used as a remote backend. If an idmap backend is specified cause smbd to ask winbindd (use winbindd if you want a consistant remote backend solution). Should work well enough for next beta now... Jeremy. (This used to be commit 8f830c509af5976d988a30f0b0aee4ec61dd97a3) --- source3/utils/pdbedit.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'source3/utils/pdbedit.c') diff --git a/source3/utils/pdbedit.c b/source3/utils/pdbedit.c index aa11f2bfdf..3fa2751347 100644 --- a/source3/utils/pdbedit.c +++ b/source3/utils/pdbedit.c @@ -609,7 +609,7 @@ int main (int argc, char **argv) if (!init_names()) exit(1); - if (!idmap_init()) + if (!idmap_init(lp_idmap_backend())) exit(1); if (!idmap_init_wellknown_sids()) -- cgit From 4168d61fb22e19a248a6c3d3ad43e2f73e37fc6a Mon Sep 17 00:00:00 2001 From: Andrew Bartlett Date: Fri, 4 Jul 2003 13:29:42 +0000 Subject: This patch cleans up some of our ldap code, for better behaviour: We now always read the Domain SID out of LDAP. If the local secrets.tdb is ever different to LDAP, it is overwritten out of LDAP. We also store the 'algorithmic rid base' into LDAP, and assert if it changes. (This ensures cross-host synchronisation, and allows for possible integration with idmap). If we fail to read/add the domain entry, we just fallback to the old behaviour. We always use an existing DN when adding IDMAP entries to LDAP, unless no suitable entry is available. This means that a user's posixAccount will have a SID added to it, or a user's sambaSamAccount will have a UID added. Where we cannot us an existing DN, we use 'sambaSid=S-x-y-z,....' as the DN. The code now allows modifications to the ID mapping in many cases. Likewise, we now check more carefully when adding new user entires to LDAP, to not duplicate SIDs (for users, at this stage), and to add the sambaSamAccount onto the idmap entry for that user, if it is already established (ensuring we do not duplicate sambaSid entries in the directory). The allocated UID code has been expanded to take into account the space between '1000 - algorithmic rid base'. This much better fits into what an NT4 does - allocating in the bottom part of the RID range. On the code cleanup side of things, we now share as much code as possible between idmap_ldap and pdb_ldap. We also no longer use the race-prone 'enumerate all users' method for finding the next RID to allocate. Instead, we just start at the bottom of the range, and increment again if the user already exists. The first time this is run, it may well take a long time, but next time will just be able to use the next Rid. Thanks to metze and AB for double-checking parts of this. Andrew Bartlett (This used to be commit 9c595c8c2327b92a86901d84c3f2c284dabd597e) --- source3/utils/pdbedit.c | 6 ++++++ 1 file changed, 6 insertions(+) (limited to 'source3/utils/pdbedit.c') diff --git a/source3/utils/pdbedit.c b/source3/utils/pdbedit.c index 3fa2751347..5b702f7591 100644 --- a/source3/utils/pdbedit.c +++ b/source3/utils/pdbedit.c @@ -606,6 +606,12 @@ int main (int argc, char **argv) exit(1); } + /* Initialise the password backed before idmap and the global_sam_sid + to ensure that we fetch from ldap before we make a domain sid up */ + + if(!initialize_password_db(False)) + exit(1); + if (!init_names()) exit(1); -- cgit From 0b18acb841f6a372b3aa285d4734875e5e35fe3b Mon Sep 17 00:00:00 2001 From: Gerald Carter Date: Mon, 7 Jul 2003 05:11:10 +0000 Subject: and so it begins.... * remove idmap_XX_to_XX calls from smbd. Move back to the the winbind_XXX and local_XXX calls used in 2.2 * all uid/gid allocation must involve winbindd now * move flags field around in winbindd_request struct * add WBFLAG_QUERY_ONLY option to winbindd_sid_to_[ug]id() to prevent automatic allocation for unknown SIDs * add 'winbind trusted domains only' parameter to force a domain member server to use matching users names from /etc/passwd for its domain (needed for domain member of a Samba domain) * rename 'idmap only' to 'enable rid algorithm' for better clarity (defaults to "yes") code has been tested on * domain member of native mode 2k domain * ads domain member of native mode 2k domain * domain member of NT4 domain * domain member of Samba domain * Samba PDC running winbindd with trusts Logons tested using 2k clients and smbclient as domain users and trusted users. Tested both 'winbind trusted domains only = [yes|no]' This will be a long week of changes. The next item on the list is winbindd_passdb.c & machine trust accounts not in /etc/passwd (done via winbindd_passdb) (This used to be commit 8266dffab4aedba12a33289ff32880037ce950a8) --- source3/utils/pdbedit.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'source3/utils/pdbedit.c') diff --git a/source3/utils/pdbedit.c b/source3/utils/pdbedit.c index 5b702f7591..2f57470c4a 100644 --- a/source3/utils/pdbedit.c +++ b/source3/utils/pdbedit.c @@ -158,7 +158,7 @@ static int print_sam_info (SAM_ACCOUNT *sam_pwent, BOOL verbosity, BOOL smbpwdst char nt_passwd[33]; uid = -1; - sid_to_uid(pdb_get_user_sid(sam_pwent), &uid); + idmap_sid_to_uid(pdb_get_user_sid(sam_pwent), &uid, 0); pdb_sethexpwd(lm_passwd, pdb_get_lanman_passwd(sam_pwent), pdb_get_acct_ctrl(sam_pwent)); pdb_sethexpwd(nt_passwd, pdb_get_nt_passwd(sam_pwent), pdb_get_acct_ctrl(sam_pwent)); @@ -171,7 +171,7 @@ static int print_sam_info (SAM_ACCOUNT *sam_pwent, BOOL verbosity, BOOL smbpwdst (uint32)pdb_get_pass_last_set_time(sam_pwent)); } else { uid = -1; - sid_to_uid(pdb_get_user_sid(sam_pwent), &uid); + idmap_sid_to_uid(pdb_get_user_sid(sam_pwent), &uid, 0); printf ("%s:%d:%s\n", pdb_get_username(sam_pwent), uid, pdb_get_fullname(sam_pwent)); } -- cgit From 816724fb39ba1d13f553704b2deaa3e8e716c5ab Mon Sep 17 00:00:00 2001 From: Gerald Carter Date: Wed, 9 Jul 2003 03:32:07 +0000 Subject: more compile fixes for become/unbecome_root() (This used to be commit f005f1cf12b839f3985ab00315da63c584ce803e) --- source3/utils/pdbedit.c | 15 +++++++++++++++ 1 file changed, 15 insertions(+) (limited to 'source3/utils/pdbedit.c') diff --git a/source3/utils/pdbedit.c b/source3/utils/pdbedit.c index 2f57470c4a..83f61769e2 100644 --- a/source3/utils/pdbedit.c +++ b/source3/utils/pdbedit.c @@ -51,6 +51,21 @@ #define MASK_ALWAYS_GOOD 0x0000001F #define MASK_USER_GOOD 0x00401F00 +/***************************************************************************** + stubb functions +****************************************************************************/ + +void become_root( void ) +{ + return; +} + +void unbecome_root( void ) +{ + return; +} + + /********************************************************* Add all currently available users to another db ********************************************************/ -- cgit From 7f3f878abb689813c29a7090e5d7707987369590 Mon Sep 17 00:00:00 2001 From: Volker Lendecke Date: Thu, 10 Jul 2003 14:21:43 +0000 Subject: pdbedit should not call idmap anymore. Otherwise pdbedit -L would allocate id's. Volker (This used to be commit 0358cc76757e7ef06dada94ec3a73cd90a525ba9) --- source3/utils/pdbedit.c | 15 ++------------- 1 file changed, 2 insertions(+), 13 deletions(-) (limited to 'source3/utils/pdbedit.c') diff --git a/source3/utils/pdbedit.c b/source3/utils/pdbedit.c index 83f61769e2..b79972aa35 100644 --- a/source3/utils/pdbedit.c +++ b/source3/utils/pdbedit.c @@ -172,8 +172,7 @@ static int print_sam_info (SAM_ACCOUNT *sam_pwent, BOOL verbosity, BOOL smbpwdst char lm_passwd[33]; char nt_passwd[33]; - uid = -1; - idmap_sid_to_uid(pdb_get_user_sid(sam_pwent), &uid, 0); + uid = nametouid(pdb_get_username(sam_pwent)); pdb_sethexpwd(lm_passwd, pdb_get_lanman_passwd(sam_pwent), pdb_get_acct_ctrl(sam_pwent)); pdb_sethexpwd(nt_passwd, pdb_get_nt_passwd(sam_pwent), pdb_get_acct_ctrl(sam_pwent)); @@ -185,8 +184,7 @@ static int print_sam_info (SAM_ACCOUNT *sam_pwent, BOOL verbosity, BOOL smbpwdst pdb_encode_acct_ctrl(pdb_get_acct_ctrl(sam_pwent),NEW_PW_FORMAT_SPACE_PADDED_LEN), (uint32)pdb_get_pass_last_set_time(sam_pwent)); } else { - uid = -1; - idmap_sid_to_uid(pdb_get_user_sid(sam_pwent), &uid, 0); + uid = nametouid(pdb_get_username(sam_pwent)); printf ("%s:%d:%s\n", pdb_get_username(sam_pwent), uid, pdb_get_fullname(sam_pwent)); } @@ -621,21 +619,12 @@ int main (int argc, char **argv) exit(1); } - /* Initialise the password backed before idmap and the global_sam_sid - to ensure that we fetch from ldap before we make a domain sid up */ - if(!initialize_password_db(False)) exit(1); if (!init_names()) exit(1); - if (!idmap_init(lp_idmap_backend())) - exit(1); - - if (!idmap_init_wellknown_sids()) - exit(1); - setparms = (backend ? BIT_BACKEND : 0) + (verbose ? BIT_VERBOSE : 0) + (spstyle ? BIT_SPSTYLE : 0) + -- cgit From 03d5867d529f126da368ebda70bf2d997aa602e0 Mon Sep 17 00:00:00 2001 From: Gerald Carter Date: Fri, 11 Jul 2003 05:33:40 +0000 Subject: moving more code around. * move rid allocation into IDMAP. See comments in _api_samr_create_user() * add winbind delete user/group functions I'm checking this in to sync up with everyone. But I'm going to split the add a separate winbindd_allocate_rid() function for systems that have an 'add user script' but need idmap to give them a RID. Life would be so much simplier without 'enable rid algorithm'. The current RID allocation is horrible due to this one fact. Tested idmap_tdb but not idmap_ldap yet. Will do that tomorrow. Nothing has changed in the way a samba domain is represented, stored, or search in the directory so things should be ok with previous installations. going to bed now. (This used to be commit 0463045cc7ff177fab44b25faffad5bf7140244d) --- source3/utils/pdbedit.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'source3/utils/pdbedit.c') diff --git a/source3/utils/pdbedit.c b/source3/utils/pdbedit.c index b79972aa35..96d0d3c057 100644 --- a/source3/utils/pdbedit.c +++ b/source3/utils/pdbedit.c @@ -350,7 +350,7 @@ static int new_user (struct pdb_context *in, const char *username, NTSTATUS nt_status; char *password1, *password2, *staticpass; - if (!NT_STATUS_IS_OK(nt_status = pdb_init_sam_new(&sam_pwent, username))) { + if (!NT_STATUS_IS_OK(nt_status = pdb_init_sam_new(&sam_pwent, username, 0))) { DEBUG(0, ("could not create account to add new user %s\n", username)); return -1; } -- cgit From 274f1f8806f091a38bbf65363d7edf681459b58d Mon Sep 17 00:00:00 2001 From: Tim Potter Date: Tue, 22 Jul 2003 00:20:53 +0000 Subject: Replace the eight (!) copies of dummy become/unbecome root with a single one. (This used to be commit 8b818ce381595cdcb36631a2440d6aa0038805f1) --- source3/utils/pdbedit.c | 15 --------------- 1 file changed, 15 deletions(-) (limited to 'source3/utils/pdbedit.c') diff --git a/source3/utils/pdbedit.c b/source3/utils/pdbedit.c index 96d0d3c057..c3e063eff0 100644 --- a/source3/utils/pdbedit.c +++ b/source3/utils/pdbedit.c @@ -51,21 +51,6 @@ #define MASK_ALWAYS_GOOD 0x0000001F #define MASK_USER_GOOD 0x00401F00 -/***************************************************************************** - stubb functions -****************************************************************************/ - -void become_root( void ) -{ - return; -} - -void unbecome_root( void ) -{ - return; -} - - /********************************************************* Add all currently available users to another db ********************************************************/ -- cgit From 80c1f1d865b13a63c7a60876b63458119566e044 Mon Sep 17 00:00:00 2001 From: Tim Potter Date: Tue, 22 Jul 2003 04:31:20 +0000 Subject: Fixup a bunch of printf-style functions and debugs to use unsigned long when displaying pid_t, uid_t and gid_t values. This removes a whole lot of warnings on some of the 64-bit build farm machines as well as help us out when 64-bit uid/gid/pid values come along. (This used to be commit f93528ba007c8800a850678f35f499fb7360fb9a) --- source3/utils/pdbedit.c | 7 ++++--- 1 file changed, 4 insertions(+), 3 deletions(-) (limited to 'source3/utils/pdbedit.c') diff --git a/source3/utils/pdbedit.c b/source3/utils/pdbedit.c index c3e063eff0..0f1f6edf08 100644 --- a/source3/utils/pdbedit.c +++ b/source3/utils/pdbedit.c @@ -161,16 +161,17 @@ static int print_sam_info (SAM_ACCOUNT *sam_pwent, BOOL verbosity, BOOL smbpwdst pdb_sethexpwd(lm_passwd, pdb_get_lanman_passwd(sam_pwent), pdb_get_acct_ctrl(sam_pwent)); pdb_sethexpwd(nt_passwd, pdb_get_nt_passwd(sam_pwent), pdb_get_acct_ctrl(sam_pwent)); - printf("%s:%d:%s:%s:%s:LCT-%08X:\n", + printf("%s:%lu:%s:%s:%s:LCT-%08X:\n", pdb_get_username(sam_pwent), - uid, + (unsigned long)uid, lm_passwd, nt_passwd, pdb_encode_acct_ctrl(pdb_get_acct_ctrl(sam_pwent),NEW_PW_FORMAT_SPACE_PADDED_LEN), (uint32)pdb_get_pass_last_set_time(sam_pwent)); } else { uid = nametouid(pdb_get_username(sam_pwent)); - printf ("%s:%d:%s\n", pdb_get_username(sam_pwent), uid, pdb_get_fullname(sam_pwent)); + printf ("%s:%lu:%s\n", pdb_get_username(sam_pwent), (unsigned long)uid, + pdb_get_fullname(sam_pwent)); } return 0; -- cgit From 5def5d2bdb2fdf98a6d518f5f0d00d9955f69890 Mon Sep 17 00:00:00 2001 From: Jelmer Vernooij Date: Sun, 21 Sep 2003 02:58:08 +0000 Subject: Fix typo (This used to be commit 37db75fc95aec2510a0ead0c97f44e80b00696d9) --- source3/utils/pdbedit.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'source3/utils/pdbedit.c') diff --git a/source3/utils/pdbedit.c b/source3/utils/pdbedit.c index 0f1f6edf08..c69b149469 100644 --- a/source3/utils/pdbedit.c +++ b/source3/utils/pdbedit.c @@ -409,7 +409,7 @@ static int new_user (struct pdb_context *in, const char *username, if (NT_STATUS_IS_OK(in->pdb_add_sam_account (in, sam_pwent))) { print_user_info (in, username, True, False); } else { - fprintf (stderr, "Unable to add user! (does it alredy exist?)\n"); + fprintf (stderr, "Unable to add user! (does it already exist?)\n"); pdb_free_sam (&sam_pwent); return -1; } -- cgit From 521104359ec257ca93eb68fdf65b24ed3b3a7f4a Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Thu, 27 Nov 2003 18:34:42 +0000 Subject: Fix for pdbedit error code returns (sorry, forgot who sent in the patch). Jeremy. (This used to be commit 685097bc50a8ef387c5082401858d482329c37bc) --- source3/utils/pdbedit.c | 13 +++++++++++-- 1 file changed, 11 insertions(+), 2 deletions(-) (limited to 'source3/utils/pdbedit.c') diff --git a/source3/utils/pdbedit.c b/source3/utils/pdbedit.c index c69b149469..d72634d78b 100644 --- a/source3/utils/pdbedit.c +++ b/source3/utils/pdbedit.c @@ -489,7 +489,11 @@ static int delete_user_entry (struct pdb_context *in, const char *username) return -1; } - return NT_STATUS_IS_OK(in->pdb_delete_sam_account (in, samaccount)); + if (!NT_STATUS_IS_OK(in->pdb_delete_sam_account (in, samaccount))) { + fprintf (stderr, "Unable to delete user %s\n", username); + return -1; + } + return 0; } /********************************************************* @@ -515,7 +519,12 @@ static int delete_machine_entry (struct pdb_context *in, const char *machinename return -1; } - return NT_STATUS_IS_OK(in->pdb_delete_sam_account (in, samaccount)); + if (!NT_STATUS_IS_OK(in->pdb_delete_sam_account (in, samaccount))) { + fprintf (stderr, "Unable to delete machine %s\n", name); + return -1; + } + + return 0; } /********************************************************* -- cgit From d4420dc9023677461570eaedd1f1ca0e6c0ef758 Mon Sep 17 00:00:00 2001 From: Gerald Carter Date: Thu, 29 Jan 2004 22:16:58 +0000 Subject: more initialization fixes (This used to be commit 9e590d603547ef1e8388bea66eb5d44e4dfd6412) --- source3/utils/pdbedit.c | 41 +++++++++++++++++++++++++++++++++++++++++ 1 file changed, 41 insertions(+) (limited to 'source3/utils/pdbedit.c') diff --git a/source3/utils/pdbedit.c b/source3/utils/pdbedit.c index d72634d78b..f402567b74 100644 --- a/source3/utils/pdbedit.c +++ b/source3/utils/pdbedit.c @@ -47,6 +47,7 @@ #define BIT_RESERV_7 0x00800000 #define BIT_IMPORT 0x01000000 #define BIT_EXPORT 0x02000000 +#define BIT_FIX_INIT 0x04000000 #define MASK_ALWAYS_GOOD 0x0000001F #define MASK_USER_GOOD 0x00401F00 @@ -233,6 +234,39 @@ static int print_users_list (struct pdb_context *in, BOOL verbosity, BOOL smbpwd return 0; } +/********************************************************* + Fix a list of Users for uninitialised passwords +**********************************************************/ +static int fix_users_list (struct pdb_context *in) +{ + SAM_ACCOUNT *sam_pwent=NULL; + BOOL check, ret; + + check = NT_STATUS_IS_OK(in->pdb_setsampwent(in, False)); + if (!check) { + return 1; + } + + check = True; + if (!(NT_STATUS_IS_OK(pdb_init_sam(&sam_pwent)))) return 1; + + while (check && (ret = NT_STATUS_IS_OK(in->pdb_getsampwent (in, sam_pwent)))) { + if (!pdb_update_sam_account(sam_pwent)) { + DEBUG(0, ("Update of user %s failed!\n", pdb_get_username(sam_pwent))); + } + pdb_free_sam(&sam_pwent); + check = NT_STATUS_IS_OK(pdb_init_sam(&sam_pwent)); + if (!check) { + DEBUG(0, ("Failed to initialise new SAM_ACCOUNT structure (out of memory?)\n")); + } + + } + if (check) pdb_free_sam(&sam_pwent); + + in->pdb_endsampwent(in); + return 0; +} + /********************************************************* Set User Info **********************************************************/ @@ -550,6 +584,7 @@ int main (int argc, char **argv) static char *backend_in = NULL; static char *backend_out = NULL; static BOOL transfer_groups = False; + static BOOL force_initialised_password = False; static char *logon_script = NULL; static char *profile_path = NULL; static char *account_control = NULL; @@ -587,6 +622,7 @@ int main (int argc, char **argv) {"account-policy", 'P', POPT_ARG_STRING, &account_policy, 0,"value of an account policy (like maximum password age)",NULL}, {"value", 'C', POPT_ARG_LONG, &account_policy_value, 'C',"set the account policy to this value", NULL}, {"account-control", 'c', POPT_ARG_STRING, &account_control, 0, "Values of account control", NULL}, + {"force-initialized-passwords", 0, POPT_ARG_NONE, &force_initialised_password, 0, "Force initialization of corrupt password strings in a passdb backend", NULL}, POPT_COMMON_SAMBA POPT_TABLEEND }; @@ -631,6 +667,7 @@ int main (int argc, char **argv) (machine ? BIT_MACHINE : 0) + (user_name ? BIT_USER : 0) + (list_users ? BIT_LIST : 0) + + (force_initialised_password ? BIT_FIX_INIT : 0) + (modify_user ? BIT_MODIFY : 0) + (add_user ? BIT_CREATE : 0) + (delete_user ? BIT_DELETE : 0) + @@ -655,6 +692,10 @@ int main (int argc, char **argv) /* the lowest bit options are always accepted */ checkparms = setparms & ~MASK_ALWAYS_GOOD; + if (checkparms & BIT_FIX_INIT) { + return fix_users_list(bdef); + } + /* account policy operations */ if ((checkparms & BIT_ACCPOLICY) && !(checkparms & ~(BIT_ACCPOLICY + BIT_ACCPOLVAL))) { uint32 value; -- cgit From da520049883b7f95e468a73ebb2c2511e794f977 Mon Sep 17 00:00:00 2001 From: Gerald Carter Date: Wed, 11 Feb 2004 21:10:04 +0000 Subject: fix set/getsampwent iterator in tdbsam to use an allocated list (This used to be commit 8734d91cd7681219f1389e3c41979028eadbb7fe) --- source3/utils/pdbedit.c | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) (limited to 'source3/utils/pdbedit.c') diff --git a/source3/utils/pdbedit.c b/source3/utils/pdbedit.c index f402567b74..83663c52b6 100644 --- a/source3/utils/pdbedit.c +++ b/source3/utils/pdbedit.c @@ -251,13 +251,15 @@ static int fix_users_list (struct pdb_context *in) if (!(NT_STATUS_IS_OK(pdb_init_sam(&sam_pwent)))) return 1; while (check && (ret = NT_STATUS_IS_OK(in->pdb_getsampwent (in, sam_pwent)))) { + printf("Updating record for user %s\n", pdb_get_username(sam_pwent)); + if (!pdb_update_sam_account(sam_pwent)) { - DEBUG(0, ("Update of user %s failed!\n", pdb_get_username(sam_pwent))); + printf("Update of user %s failed!\n", pdb_get_username(sam_pwent)); } pdb_free_sam(&sam_pwent); check = NT_STATUS_IS_OK(pdb_init_sam(&sam_pwent)); if (!check) { - DEBUG(0, ("Failed to initialise new SAM_ACCOUNT structure (out of memory?)\n")); + fprintf(stderr, "Failed to initialise new SAM_ACCOUNT structure (out of memory?)\n"); } } -- cgit From f56317baefd12c366f010a4830ceed39727f2c73 Mon Sep 17 00:00:00 2001 From: Jim McDonough Date: Thu, 19 Feb 2004 16:00:29 +0000 Subject: Add bad password reset and display of bad password count/time (This used to be commit 34fe16e445bd9da762cedb0dd0872959f31ecd67) --- source3/utils/pdbedit.c | 28 +++++++++++++++++++++++++--- 1 file changed, 25 insertions(+), 3 deletions(-) (limited to 'source3/utils/pdbedit.c') diff --git a/source3/utils/pdbedit.c b/source3/utils/pdbedit.c index 83663c52b6..733a1289da 100644 --- a/source3/utils/pdbedit.c +++ b/source3/utils/pdbedit.c @@ -48,6 +48,7 @@ #define BIT_IMPORT 0x01000000 #define BIT_EXPORT 0x02000000 #define BIT_FIX_INIT 0x04000000 +#define BIT_BADPWRESET 0x08000000 #define MASK_ALWAYS_GOOD 0x0000001F #define MASK_USER_GOOD 0x00401F00 @@ -153,6 +154,11 @@ static int print_sam_info (SAM_ACCOUNT *sam_pwent, BOOL verbosity, BOOL smbpwdst tmp = pdb_get_pass_must_change_time(sam_pwent); printf ("Password must change: %s\n", tmp ? http_timestring(tmp) : "0"); + + tmp = pdb_get_bad_password_time(sam_pwent); + printf ("Last bad password : %s\n", tmp ? http_timestring(tmp) : "0"); + printf ("Bad password count : %d\n", + pdb_get_bad_password_count(sam_pwent)); } else if (smbpwdstyle) { char lm_passwd[33]; @@ -277,7 +283,8 @@ static int set_user_info (struct pdb_context *in, const char *username, const char *fullname, const char *homedir, const char *drive, const char *script, const char *profile, const char *account_control, - const char *user_sid, const char *group_sid) + const char *user_sid, const char *group_sid, + const BOOL badpw) { SAM_ACCOUNT *sam_pwent=NULL; BOOL ret; @@ -348,6 +355,11 @@ static int set_user_info (struct pdb_context *in, const char *username, } pdb_set_group_sid (sam_pwent, &g_sid, PDB_CHANGED); } + + if (badpw) { + pdb_set_bad_password_count(sam_pwent, 0, PDB_CHANGED); + pdb_set_bad_password_time(sam_pwent, 0, PDB_CHANGED); + } if (NT_STATUS_IS_OK(in->pdb_update_sam_account (in, sam_pwent))) print_user_info (in, username, True, False); @@ -595,6 +607,7 @@ int main (int argc, char **argv) static char *group_sid = NULL; static long int account_policy_value = 0; BOOL account_policy_value_set = False; + static BOOL badpw_reset = False; struct pdb_context *bin; struct pdb_context *bout; @@ -625,6 +638,7 @@ int main (int argc, char **argv) {"value", 'C', POPT_ARG_LONG, &account_policy_value, 'C',"set the account policy to this value", NULL}, {"account-control", 'c', POPT_ARG_STRING, &account_control, 0, "Values of account control", NULL}, {"force-initialized-passwords", 0, POPT_ARG_NONE, &force_initialised_password, 0, "Force initialization of corrupt password strings in a passdb backend", NULL}, + {"bad-password-count-reset", 'z', POPT_ARG_NONE, &badpw_reset, 0, "reset bad password count", NULL}, POPT_COMMON_SAMBA POPT_TABLEEND }; @@ -677,7 +691,8 @@ int main (int argc, char **argv) (account_policy ? BIT_ACCPOLICY : 0) + (account_policy_value_set ? BIT_ACCPOLVAL : 0) + (backend_in ? BIT_IMPORT : 0) + - (backend_out ? BIT_EXPORT : 0); + (backend_out ? BIT_EXPORT : 0) + + (badpw_reset ? BIT_BADPWRESET : 0); if (setparms & BIT_BACKEND) { if (!NT_STATUS_IS_OK(make_pdb_context_string(&bdef, backend))) { @@ -774,6 +789,12 @@ int main (int argc, char **argv) /* mask out users options */ checkparms &= ~MASK_USER_GOOD; + + /* if bad password count is reset, we must be modifying */ + if (checkparms & BIT_BADPWRESET) { + checkparms |= BIT_MODIFY; + checkparms &= ~BIT_BADPWRESET; + } /* account operation */ if ((checkparms & BIT_CREATE) || (checkparms & BIT_MODIFY) || (checkparms & BIT_DELETE)) { @@ -810,7 +831,8 @@ int main (int argc, char **argv) home_drive, logon_script, profile_path, account_control, - user_sid, group_sid); + user_sid, group_sid, + badpw_reset); } } -- cgit From 5fc9dd0be617f20ca848115cea2f754919ff81cc Mon Sep 17 00:00:00 2001 From: Jim McDonough Date: Thu, 19 Feb 2004 21:40:22 +0000 Subject: Enable checking/resetting of account lockout and bad password based on policy (This used to be commit bd2e55399c21707d40199e4b519daefd897aadc7) --- source3/utils/pdbedit.c | 20 +++++++++++++++++--- 1 file changed, 17 insertions(+), 3 deletions(-) (limited to 'source3/utils/pdbedit.c') diff --git a/source3/utils/pdbedit.c b/source3/utils/pdbedit.c index 733a1289da..541dc33a08 100644 --- a/source3/utils/pdbedit.c +++ b/source3/utils/pdbedit.c @@ -192,11 +192,12 @@ static int print_user_info (struct pdb_context *in, const char *username, BOOL v { SAM_ACCOUNT *sam_pwent=NULL; BOOL ret; - + BOOL updated_autolock = False, updated_badpw = False; + if (!NT_STATUS_IS_OK(pdb_init_sam (&sam_pwent))) { return -1; } - + ret = NT_STATUS_IS_OK(in->pdb_getsampwnam (in, sam_pwent, username)); if (ret==False) { @@ -204,7 +205,20 @@ static int print_user_info (struct pdb_context *in, const char *username, BOOL v pdb_free_sam(&sam_pwent); return -1; } - + + if (!pdb_update_autolock_flag(sam_pwent, &updated_autolock)) + DEBUG(2,("pdb_update_autolock_flag failed.\n")); + + if (!pdb_update_bad_password_count(sam_pwent, &updated_badpw)) + DEBUG(2,("pdb_update_bad_password_count failed.\n")); + + if (updated_autolock || updated_badpw) { + become_root(); + if(!pdb_update_sam_account(sam_pwent)) + DEBUG(1, ("Failed to modify entry.\n")); + unbecome_root(); + } + ret=print_sam_info (sam_pwent, verbosity, smbpwdstyle); pdb_free_sam(&sam_pwent); -- cgit From aa4abfb3b589bf5123b5d0d674c3c26ebdabe1a0 Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Mon, 23 Feb 2004 20:12:31 +0000 Subject: Fix "unable to initialize" bug when smbd hasn't been run with new system and a user is being added via pdbedit/smbpasswd. Found at Connectathon setup. Jeremy. (This used to be commit f9c7a42e895f50e15d2f5079bfb2cb389fdf2df4) --- source3/utils/pdbedit.c | 4 ++++ 1 file changed, 4 insertions(+) (limited to 'source3/utils/pdbedit.c') diff --git a/source3/utils/pdbedit.c b/source3/utils/pdbedit.c index 541dc33a08..3f7aba8366 100644 --- a/source3/utils/pdbedit.c +++ b/source3/utils/pdbedit.c @@ -398,6 +398,8 @@ static int new_user (struct pdb_context *in, const char *username, NTSTATUS nt_status; char *password1, *password2, *staticpass; + get_global_sam_sid(); + if (!NT_STATUS_IS_OK(nt_status = pdb_init_sam_new(&sam_pwent, username, 0))) { DEBUG(0, ("could not create account to add new user %s\n", username)); return -1; @@ -490,6 +492,8 @@ static int new_machine (struct pdb_context *in, const char *machine_in) fstring machineaccount; struct passwd *pwd = NULL; + get_global_sam_sid(); + fstrcpy(machinename, machine_in); machinename[15]= '\0'; -- cgit From d4ac326d46faab010eeeb24c893ab13bbbf0337e Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Thu, 8 Jul 2004 21:01:30 +0000 Subject: r1412: Fix password history list in tdbsam. Fix some memory leaks. Add my (C) to a header file that was at least 50% mine :-). Jeremy. (This used to be commit 8ee6060977ec8e65082f3ad09e1e1ccf5b4672ed) --- source3/utils/pdbedit.c | 5 +++++ 1 file changed, 5 insertions(+) (limited to 'source3/utils/pdbedit.c') diff --git a/source3/utils/pdbedit.c b/source3/utils/pdbedit.c index 3f7aba8366..06e9df22c2 100644 --- a/source3/utils/pdbedit.c +++ b/source3/utils/pdbedit.c @@ -736,7 +736,12 @@ int main (int argc, char **argv) uint32 value; int field = account_policy_name_to_fieldnum(account_policy); if (field == 0) { + char *apn = account_policy_names_list(); fprintf(stderr, "No account policy by that name\n"); + if (apn) { + fprintf(stderr, "Account policy names are :\n%s\n", apn); + } + SAFE_FREE(apn); exit(1); } if (!account_policy_get(field, &value)) { -- cgit From 75900ae52615f899c3da56341446c5fedfe1c58f Mon Sep 17 00:00:00 2001 From: Simo Sorce Date: Tue, 13 Jul 2004 12:39:38 +0000 Subject: r1478: Useful patch from Tom Alsberg , to export a single user from a backend. (This used to be commit 083740e74e0790f863c065a20e28f553fdc7d5bd) --- source3/utils/pdbedit.c | 32 ++++++++++++++++++++++++-------- 1 file changed, 24 insertions(+), 8 deletions(-) (limited to 'source3/utils/pdbedit.c') diff --git a/source3/utils/pdbedit.c b/source3/utils/pdbedit.c index 06e9df22c2..16d0d40769 100644 --- a/source3/utils/pdbedit.c +++ b/source3/utils/pdbedit.c @@ -57,9 +57,12 @@ Add all currently available users to another db ********************************************************/ -static int export_database (struct pdb_context *in, struct pdb_context *out) { +static int export_database (struct pdb_context *in, struct pdb_context + *out, const char *username) { SAM_ACCOUNT *user = NULL; + DEBUG(3, ("called with username=\"%s\"\n", username)); + if (NT_STATUS_IS_ERR(in->pdb_setsampwent(in, 0))) { fprintf(stderr, "Can't sampwent!\n"); return 1; @@ -71,10 +74,17 @@ static int export_database (struct pdb_context *in, struct pdb_context *out) { } while (NT_STATUS_IS_OK(in->pdb_getsampwent(in, user))) { - out->pdb_add_sam_account(out, user); - if (!NT_STATUS_IS_OK(pdb_reset_sam(user))){ - fprintf(stderr, "Can't reset SAM_ACCOUNT!\n"); - return 1; + DEBUG(4, ("Processing account %s\n", + user->private.username)); + if (!username || + (strcmp(username, user->private.username) + == 0)) { + out->pdb_add_sam_account(out, user); + if (!NT_STATUS_IS_OK(pdb_reset_sam(user))) { + fprintf(stderr, + "Can't reset SAM_ACCOUNT!\n"); + return 1; + } } } @@ -764,7 +774,7 @@ int main (int argc, char **argv) /* import and export operations */ if (((checkparms & BIT_IMPORT) || (checkparms & BIT_EXPORT)) - && !(checkparms & ~(BIT_IMPORT +BIT_EXPORT))) { + && !(checkparms & ~(BIT_IMPORT +BIT_EXPORT +BIT_USER))) { if (backend_in) { if (!NT_STATUS_IS_OK(make_pdb_context_string(&bin, backend_in))) { fprintf(stderr, "Can't initialize passdb backend.\n"); @@ -782,9 +792,15 @@ int main (int argc, char **argv) bout = bdef; } if (transfer_groups) { - return export_groups(bin, bout); + if (!(checkparms & BIT_USER)) + return export_groups(bin, bout); } else { - return export_database(bin, bout); + if (checkparms & BIT_USER) + return export_database(bin, bout, + user_name); + else + return export_database(bin, bout, + NULL); } } -- cgit From 14ba47482fba59323b37ee5b101e7aa46450a15c Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Sat, 17 Jul 2004 01:06:52 +0000 Subject: r1537: Fix to stop printing accounts from resetting the bas password and account lockout flags. This is set when an account is updated only from smbd or pdbedit. Bug found by "Dunn, Drew A." . Jeremy. (This used to be commit bb3a0fa61f5fb74b8fe421260473c07847baeb2b) --- source3/utils/pdbedit.c | 25 ++++++++++--------------- 1 file changed, 10 insertions(+), 15 deletions(-) (limited to 'source3/utils/pdbedit.c') diff --git a/source3/utils/pdbedit.c b/source3/utils/pdbedit.c index 16d0d40769..1201cf88fc 100644 --- a/source3/utils/pdbedit.c +++ b/source3/utils/pdbedit.c @@ -202,7 +202,6 @@ static int print_user_info (struct pdb_context *in, const char *username, BOOL v { SAM_ACCOUNT *sam_pwent=NULL; BOOL ret; - BOOL updated_autolock = False, updated_badpw = False; if (!NT_STATUS_IS_OK(pdb_init_sam (&sam_pwent))) { return -1; @@ -216,19 +215,6 @@ static int print_user_info (struct pdb_context *in, const char *username, BOOL v return -1; } - if (!pdb_update_autolock_flag(sam_pwent, &updated_autolock)) - DEBUG(2,("pdb_update_autolock_flag failed.\n")); - - if (!pdb_update_bad_password_count(sam_pwent, &updated_badpw)) - DEBUG(2,("pdb_update_bad_password_count failed.\n")); - - if (updated_autolock || updated_badpw) { - become_root(); - if(!pdb_update_sam_account(sam_pwent)) - DEBUG(1, ("Failed to modify entry.\n")); - unbecome_root(); - } - ret=print_sam_info (sam_pwent, verbosity, smbpwdstyle); pdb_free_sam(&sam_pwent); @@ -310,6 +296,7 @@ static int set_user_info (struct pdb_context *in, const char *username, const char *user_sid, const char *group_sid, const BOOL badpw) { + BOOL updated_autolock = False, updated_badpw = False; SAM_ACCOUNT *sam_pwent=NULL; BOOL ret; @@ -322,6 +309,14 @@ static int set_user_info (struct pdb_context *in, const char *username, return -1; } + if (!pdb_update_autolock_flag(sam_pwent, &updated_autolock)) { + DEBUG(2,("pdb_update_autolock_flag failed.\n")); + } + + if (!pdb_update_bad_password_count(sam_pwent, &updated_badpw)) { + DEBUG(2,("pdb_update_bad_password_count failed.\n")); + } + if (fullname) pdb_set_fullname(sam_pwent, fullname, PDB_CHANGED); if (homedir) @@ -384,7 +379,7 @@ static int set_user_info (struct pdb_context *in, const char *username, pdb_set_bad_password_count(sam_pwent, 0, PDB_CHANGED); pdb_set_bad_password_time(sam_pwent, 0, PDB_CHANGED); } - + if (NT_STATUS_IS_OK(in->pdb_update_sam_account (in, sam_pwent))) print_user_info (in, username, True, False); else { -- cgit From 7fd7fbf472d5289e70dbb94dcec93b7c9f970d9a Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Fri, 13 Aug 2004 19:56:19 +0000 Subject: r1812: Fix from Richard Renard to be able to reset a users logon hours restrictions. Jeremy. (This used to be commit 887aa22dc90dd8653a6c9eedf91ce76830d93de6) --- source3/utils/pdbedit.c | 33 ++++++++++++++++++++++++++++++--- 1 file changed, 30 insertions(+), 3 deletions(-) (limited to 'source3/utils/pdbedit.c') diff --git a/source3/utils/pdbedit.c b/source3/utils/pdbedit.c index 1201cf88fc..1eb6a135c5 100644 --- a/source3/utils/pdbedit.c +++ b/source3/utils/pdbedit.c @@ -49,6 +49,7 @@ #define BIT_EXPORT 0x02000000 #define BIT_FIX_INIT 0x04000000 #define BIT_BADPWRESET 0x08000000 +#define BIT_LOGONHOURS 0x10000000 #define MASK_ALWAYS_GOOD 0x0000001F #define MASK_USER_GOOD 0x00401F00 @@ -130,6 +131,9 @@ static int print_sam_info (SAM_ACCOUNT *sam_pwent, BOOL verbosity, BOOL smbpwdst if (!sam_pwent) return -1; if (verbosity) { + pstring temp; + const uint8 *hours; + printf ("Unix username: %s\n", pdb_get_username(sam_pwent)); printf ("NT username: %s\n", pdb_get_nt_username(sam_pwent)); printf ("Account Flags: %s\n", pdb_encode_acct_ctrl(pdb_get_acct_ctrl(sam_pwent), NEW_PW_FORMAT_SPACE_PADDED_LEN)); @@ -170,6 +174,10 @@ static int print_sam_info (SAM_ACCOUNT *sam_pwent, BOOL verbosity, BOOL smbpwdst printf ("Bad password count : %d\n", pdb_get_bad_password_count(sam_pwent)); + hours = pdb_get_hours(sam_pwent); + pdb_sethexhours(temp, (const char *)hours); + printf ("Logon hours : %s\n", temp); + } else if (smbpwdstyle) { char lm_passwd[33]; char nt_passwd[33]; @@ -294,7 +302,7 @@ static int set_user_info (struct pdb_context *in, const char *username, const char *drive, const char *script, const char *profile, const char *account_control, const char *user_sid, const char *group_sid, - const BOOL badpw) + const BOOL badpw, const BOOL hours) { BOOL updated_autolock = False, updated_badpw = False; SAM_ACCOUNT *sam_pwent=NULL; @@ -308,6 +316,16 @@ static int set_user_info (struct pdb_context *in, const char *username, pdb_free_sam(&sam_pwent); return -1; } + + if (hours) { + uint8 hours_array[MAX_HOURS_LEN]; + uint32 hours_len; + + hours_len = pdb_get_hours_len(sam_pwent); + memset(hours_array, 0xff, hours_len); + + pdb_set_hours(sam_pwent, hours_array, PDB_CHANGED); + } if (!pdb_update_autolock_flag(sam_pwent, &updated_autolock)) { DEBUG(2,("pdb_update_autolock_flag failed.\n")); @@ -631,6 +649,7 @@ int main (int argc, char **argv) static long int account_policy_value = 0; BOOL account_policy_value_set = False; static BOOL badpw_reset = False; + static BOOL hours_reset = False; struct pdb_context *bin; struct pdb_context *bout; @@ -662,6 +681,7 @@ int main (int argc, char **argv) {"account-control", 'c', POPT_ARG_STRING, &account_control, 0, "Values of account control", NULL}, {"force-initialized-passwords", 0, POPT_ARG_NONE, &force_initialised_password, 0, "Force initialization of corrupt password strings in a passdb backend", NULL}, {"bad-password-count-reset", 'z', POPT_ARG_NONE, &badpw_reset, 0, "reset bad password count", NULL}, + {"logon-hours-reset", 'Z', POPT_ARG_NONE, &hours_reset, 0, "reset logon hours", NULL}, POPT_COMMON_SAMBA POPT_TABLEEND }; @@ -715,7 +735,8 @@ int main (int argc, char **argv) (account_policy_value_set ? BIT_ACCPOLVAL : 0) + (backend_in ? BIT_IMPORT : 0) + (backend_out ? BIT_EXPORT : 0) + - (badpw_reset ? BIT_BADPWRESET : 0); + (badpw_reset ? BIT_BADPWRESET : 0) + + (hours_reset ? BIT_LOGONHOURS : 0); if (setparms & BIT_BACKEND) { if (!NT_STATUS_IS_OK(make_pdb_context_string(&bdef, backend))) { @@ -829,6 +850,12 @@ int main (int argc, char **argv) checkparms |= BIT_MODIFY; checkparms &= ~BIT_BADPWRESET; } + + /* if logon hours is reset, must modify */ + if (checkparms & BIT_LOGONHOURS) { + checkparms |= BIT_MODIFY; + checkparms &= ~BIT_LOGONHOURS; + } /* account operation */ if ((checkparms & BIT_CREATE) || (checkparms & BIT_MODIFY) || (checkparms & BIT_DELETE)) { @@ -866,7 +893,7 @@ int main (int argc, char **argv) logon_script, profile_path, account_control, user_sid, group_sid, - badpw_reset); + badpw_reset, hours_reset); } } -- cgit From acf9d61421faa6c0055d57fdee7db300dc5431aa Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Tue, 7 Dec 2004 18:25:53 +0000 Subject: r4088: Get medieval on our ass about malloc.... :-). Take control of all our allocation functions so we can funnel through some well known functions. Should help greatly with malloc checking. HEAD patch to follow. Jeremy. (This used to be commit 620f2e608f70ba92f032720c031283d295c5c06a) --- source3/utils/pdbedit.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'source3/utils/pdbedit.c') diff --git a/source3/utils/pdbedit.c b/source3/utils/pdbedit.c index 1eb6a135c5..2e8d0d6d96 100644 --- a/source3/utils/pdbedit.c +++ b/source3/utils/pdbedit.c @@ -429,10 +429,10 @@ static int new_user (struct pdb_context *in, const char *username, } staticpass = getpass("new password:"); - password1 = strdup(staticpass); + password1 = SMB_STRDUP(staticpass); memset(staticpass, 0, strlen(staticpass)); staticpass = getpass("retype new password:"); - password2 = strdup(staticpass); + password2 = SMB_STRDUP(staticpass); memset(staticpass, 0, strlen(staticpass)); if (strcmp (password1, password2)) { fprintf (stderr, "Passwords does not match!\n"); -- cgit From d03c891eaecbc2867bc48d5b4a5bc29afb32efb5 Mon Sep 17 00:00:00 2001 From: Simo Sorce Date: Sat, 11 Dec 2004 17:09:28 +0000 Subject: r4153: port from trunk of pdbedit changes (This used to be commit 9b322f232c450e9525d5aa3b8267881b94ba4052) --- source3/utils/pdbedit.c | 89 +++++++++++++++++++++++++++++++++++++++++++++---- 1 file changed, 82 insertions(+), 7 deletions(-) (limited to 'source3/utils/pdbedit.c') diff --git a/source3/utils/pdbedit.c b/source3/utils/pdbedit.c index 2e8d0d6d96..ff08642f40 100644 --- a/source3/utils/pdbedit.c +++ b/source3/utils/pdbedit.c @@ -26,8 +26,8 @@ #define BIT_BACKEND 0x00000004 #define BIT_VERBOSE 0x00000008 #define BIT_SPSTYLE 0x00000010 -#define BIT_RESERV_1 0x00000020 -#define BIT_RESERV_2 0x00000040 +#define BIT_CAN_CHANGE 0x00000020 +#define BIT_MUST_CHANGE 0x00000040 #define BIT_RESERV_3 0x00000080 #define BIT_FULLNAME 0x00000100 #define BIT_HOMEDIR 0x00000200 @@ -52,7 +52,7 @@ #define BIT_LOGONHOURS 0x10000000 #define MASK_ALWAYS_GOOD 0x0000001F -#define MASK_USER_GOOD 0x00401F00 +#define MASK_USER_GOOD 0x00401F60 /********************************************************* Add all currently available users to another db @@ -302,7 +302,8 @@ static int set_user_info (struct pdb_context *in, const char *username, const char *drive, const char *script, const char *profile, const char *account_control, const char *user_sid, const char *group_sid, - const BOOL badpw, const BOOL hours) + const BOOL badpw, const BOOL hours, + time_t pwd_can_change, time_t pwd_must_change) { BOOL updated_autolock = False, updated_badpw = False; SAM_ACCOUNT *sam_pwent=NULL; @@ -326,7 +327,15 @@ static int set_user_info (struct pdb_context *in, const char *username, pdb_set_hours(sam_pwent, hours_array, PDB_CHANGED); } - + + if (pwd_can_change != -1) { + pdb_set_pass_can_change_time(sam_pwent, pwd_can_change, PDB_CHANGED); + } + + if (pwd_must_change != -1) { + pdb_set_pass_must_change_time(sam_pwent, pwd_must_change, PDB_CHANGED); + } + if (!pdb_update_autolock_flag(sam_pwent, &updated_autolock)) { DEBUG(2,("pdb_update_autolock_flag failed.\n")); } @@ -650,6 +659,9 @@ int main (int argc, char **argv) BOOL account_policy_value_set = False; static BOOL badpw_reset = False; static BOOL hours_reset = False; + static char *pwd_can_change_time = NULL; + static char *pwd_must_change_time = NULL; + static char *pwd_time_format = NULL; struct pdb_context *bin; struct pdb_context *bout; @@ -682,6 +694,9 @@ int main (int argc, char **argv) {"force-initialized-passwords", 0, POPT_ARG_NONE, &force_initialised_password, 0, "Force initialization of corrupt password strings in a passdb backend", NULL}, {"bad-password-count-reset", 'z', POPT_ARG_NONE, &badpw_reset, 0, "reset bad password count", NULL}, {"logon-hours-reset", 'Z', POPT_ARG_NONE, &hours_reset, 0, "reset logon hours", NULL}, + {"pwd-can-change-time", 0, POPT_ARG_STRING, &pwd_can_change_time, 0, "Set password can change time (unix time if time format no provided)", NULL }, + {"pwd-must-change-time", 0, POPT_ARG_STRING, &pwd_must_change_time, 0, "Set password can change time (unix time if time format no provided)", NULL }, + {"time-format", 0, POPT_ARG_STRING, &pwd_time_format, 0, "The time format for time parameters", NULL }, POPT_COMMON_SAMBA POPT_TABLEEND }; @@ -736,7 +751,9 @@ int main (int argc, char **argv) (backend_in ? BIT_IMPORT : 0) + (backend_out ? BIT_EXPORT : 0) + (badpw_reset ? BIT_BADPWRESET : 0) + - (hours_reset ? BIT_LOGONHOURS : 0); + (hours_reset ? BIT_LOGONHOURS : 0) + + (pwd_can_change_time ? BIT_CAN_CHANGE: 0) + + (pwd_must_change_time ? BIT_MUST_CHANGE: 0); if (setparms & BIT_BACKEND) { if (!NT_STATUS_IS_OK(make_pdb_context_string(&bdef, backend))) { @@ -887,13 +904,71 @@ int main (int argc, char **argv) /* account modification operations */ if (!(checkparms & ~(BIT_MODIFY + BIT_USER))) { + time_t pwd_can_change = -1; + time_t pwd_must_change = -1; + char *errstr; + + if (pwd_can_change_time) { + errstr = "can"; + if (pwd_time_format) { + struct tm tm; + char *ret; + + memset(&tm, 0, sizeof(struct tm)); + ret = strptime(pwd_can_change_time, pwd_time_format, &tm); + if (ret == NULL || *ret != '\0') { + goto error; + } + + pwd_can_change = mktime(&tm); + + if (pwd_can_change == -1) { + goto error; + } + } else { /* assume it is unix time */ + errno = 0; + pwd_can_change = strtol(pwd_can_change_time, NULL, 10); + if (errno) { + goto error; + } + } + } + if (pwd_must_change_time) { + errstr = "must"; + if (pwd_time_format) { + struct tm tm; + char *ret; + + memset(&tm, 0, sizeof(struct tm)); + ret = strptime(pwd_must_change_time, pwd_time_format, &tm); + if (ret == NULL || *ret != '\0') { + goto error; + } + + pwd_must_change = mktime(&tm); + + if (pwd_must_change == -1) { + goto error; + } + } else { /* assume it is unix time */ + errno = 0; + pwd_must_change = strtol(pwd_must_change_time, NULL, 10); + if (errno) { + goto error; + } + } + } return set_user_info (bdef, user_name, full_name, home_dir, home_drive, logon_script, profile_path, account_control, user_sid, group_sid, - badpw_reset, hours_reset); + badpw_reset, hours_reset, + pwd_can_change, pwd_must_change); +error: + fprintf (stderr, "Error parsing the time in pwd-%s-change-time!\n", errstr); + return -1; } } -- cgit From 1ed62fde09f382342a396a047975fdeeea7113bb Mon Sep 17 00:00:00 2001 From: Günther Deschner Date: Wed, 19 Jan 2005 16:13:26 +0000 Subject: r4847: Hand over a acb_mask to pdb_setsampwent in load_sampwd_entries(). This allows the ldap-backend to search much more effeciently. Machines will be searched in the ldap_machine_suffix and users in the ldap_users_suffix. (Note that we already use the ldap_group_suffix in ldapsam_setsamgrent for quite some time). Using the specific ldap-bases becomes notably important in large domains: On my testmachine "net rpc trustdom list" has to search through 40k accounts just to list 3 interdomain-trust-accounts, similiar effects show up the non-user query_dispinfo-calls, etc. Also renamed all_machines to only_machines in load_sampwd_entries() since that reflects better what is really meant. Guenther (This used to be commit 6394257cc721ca739bda0e320375f04506913533) --- source3/utils/pdbedit.c | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) (limited to 'source3/utils/pdbedit.c') diff --git a/source3/utils/pdbedit.c b/source3/utils/pdbedit.c index ff08642f40..ea2faebdff 100644 --- a/source3/utils/pdbedit.c +++ b/source3/utils/pdbedit.c @@ -64,7 +64,7 @@ static int export_database (struct pdb_context *in, struct pdb_context DEBUG(3, ("called with username=\"%s\"\n", username)); - if (NT_STATUS_IS_ERR(in->pdb_setsampwent(in, 0))) { + if (NT_STATUS_IS_ERR(in->pdb_setsampwent(in, 0, 0))) { fprintf(stderr, "Can't sampwent!\n"); return 1; } @@ -237,7 +237,7 @@ static int print_users_list (struct pdb_context *in, BOOL verbosity, BOOL smbpwd SAM_ACCOUNT *sam_pwent=NULL; BOOL check, ret; - check = NT_STATUS_IS_OK(in->pdb_setsampwent(in, False)); + check = NT_STATUS_IS_OK(in->pdb_setsampwent(in, False, 0)); if (!check) { return 1; } @@ -266,7 +266,7 @@ static int fix_users_list (struct pdb_context *in) SAM_ACCOUNT *sam_pwent=NULL; BOOL check, ret; - check = NT_STATUS_IS_OK(in->pdb_setsampwent(in, False)); + check = NT_STATUS_IS_OK(in->pdb_setsampwent(in, False, 0)); if (!check) { return 1; } -- cgit From 6f56a5be2e7e9259f020dd20c37d79f8f95c3815 Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Sat, 22 Jan 2005 01:22:39 +0000 Subject: r4917: Merge some of Derrell.Lipman@UnwiredUniverse.com obvious fixes. Added text explaining units in pdbedit time fields. Jeremy. (This used to be commit 3d09c15d8f06ad06fae362291a6c986f7b6107e6) --- source3/utils/pdbedit.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'source3/utils/pdbedit.c') diff --git a/source3/utils/pdbedit.c b/source3/utils/pdbedit.c index ea2faebdff..c12618cd7a 100644 --- a/source3/utils/pdbedit.c +++ b/source3/utils/pdbedit.c @@ -694,8 +694,8 @@ int main (int argc, char **argv) {"force-initialized-passwords", 0, POPT_ARG_NONE, &force_initialised_password, 0, "Force initialization of corrupt password strings in a passdb backend", NULL}, {"bad-password-count-reset", 'z', POPT_ARG_NONE, &badpw_reset, 0, "reset bad password count", NULL}, {"logon-hours-reset", 'Z', POPT_ARG_NONE, &hours_reset, 0, "reset logon hours", NULL}, - {"pwd-can-change-time", 0, POPT_ARG_STRING, &pwd_can_change_time, 0, "Set password can change time (unix time if time format no provided)", NULL }, - {"pwd-must-change-time", 0, POPT_ARG_STRING, &pwd_must_change_time, 0, "Set password can change time (unix time if time format no provided)", NULL }, + {"pwd-can-change-time", 0, POPT_ARG_STRING, &pwd_can_change_time, 0, "Set password can change time (unix time in seconds since 1970 if time format no provided)", NULL }, + {"pwd-must-change-time", 0, POPT_ARG_STRING, &pwd_must_change_time, 0, "Set password can change time (unix time in seconds since 1970 if time format no provided)", NULL }, {"time-format", 0, POPT_ARG_STRING, &pwd_time_format, 0, "The time format for time parameters", NULL }, POPT_COMMON_SAMBA POPT_TABLEEND -- cgit From 686ceda3c3d3510f873d44c7bbb89d9134e0cf88 Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Sat, 22 Jan 2005 01:38:42 +0000 Subject: r4921: Typo. (This used to be commit 033105376ef4ed7d31ef7cab2442719ed57d29b9) --- source3/utils/pdbedit.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'source3/utils/pdbedit.c') diff --git a/source3/utils/pdbedit.c b/source3/utils/pdbedit.c index c12618cd7a..3584ef0367 100644 --- a/source3/utils/pdbedit.c +++ b/source3/utils/pdbedit.c @@ -694,8 +694,8 @@ int main (int argc, char **argv) {"force-initialized-passwords", 0, POPT_ARG_NONE, &force_initialised_password, 0, "Force initialization of corrupt password strings in a passdb backend", NULL}, {"bad-password-count-reset", 'z', POPT_ARG_NONE, &badpw_reset, 0, "reset bad password count", NULL}, {"logon-hours-reset", 'Z', POPT_ARG_NONE, &hours_reset, 0, "reset logon hours", NULL}, - {"pwd-can-change-time", 0, POPT_ARG_STRING, &pwd_can_change_time, 0, "Set password can change time (unix time in seconds since 1970 if time format no provided)", NULL }, - {"pwd-must-change-time", 0, POPT_ARG_STRING, &pwd_must_change_time, 0, "Set password can change time (unix time in seconds since 1970 if time format no provided)", NULL }, + {"pwd-can-change-time", 0, POPT_ARG_STRING, &pwd_can_change_time, 0, "Set password can change time (unix time in seconds since 1970 if time format not provided)", NULL }, + {"pwd-must-change-time", 0, POPT_ARG_STRING, &pwd_must_change_time, 0, "Set password can change time (unix time in seconds since 1970 if time format not provided)", NULL }, {"time-format", 0, POPT_ARG_STRING, &pwd_time_format, 0, "The time format for time parameters", NULL }, POPT_COMMON_SAMBA POPT_TABLEEND -- cgit From b4afdc08d5336e4a337e453443d7af1d8655a31a Mon Sep 17 00:00:00 2001 From: Günther Deschner Date: Sat, 22 Jan 2005 03:37:09 +0000 Subject: r4925: Migrate Account Policies to passdb (esp. replicating ldapsam). Does automated migration from account_policy.tdb v1 and v2 and offers a pdbedit-Migration interface. Jerry, please feel free to revert that if you have other plans. Guenther (This used to be commit 75af83dfcd8ef365b4b1180453060ae5176389f5) --- source3/utils/pdbedit.c | 42 +++++++++++++++++++++++++++++++++++------- 1 file changed, 35 insertions(+), 7 deletions(-) (limited to 'source3/utils/pdbedit.c') diff --git a/source3/utils/pdbedit.c b/source3/utils/pdbedit.c index 3584ef0367..d29b6ea66c 100644 --- a/source3/utils/pdbedit.c +++ b/source3/utils/pdbedit.c @@ -118,6 +118,27 @@ static int export_groups (struct pdb_context *in, struct pdb_context *out) { return 0; } +/********************************************************* + Add all currently available account policy from tdb to one backend + ********************************************************/ + +static int export_account_policies (struct pdb_context *in, struct pdb_context *out) +{ + int i; + + for (i=1; decode_account_policy_name(i) != NULL; i++) { + uint32 policy_value; + if (NT_STATUS_IS_ERR(in->pdb_get_account_policy(in, i, &policy_value))) { + fprintf(stderr, "Can't get account policy from tdb\n"); + return -1; + } + out->pdb_set_account_policy(out, i, policy_value); + } + + return 0; +} + + /********************************************************* Print info from sam structure **********************************************************/ @@ -648,6 +669,7 @@ int main (int argc, char **argv) static char *backend_in = NULL; static char *backend_out = NULL; static BOOL transfer_groups = False; + static BOOL transfer_account_policies = False; static BOOL force_initialised_password = False; static char *logon_script = NULL; static char *profile_path = NULL; @@ -688,6 +710,7 @@ int main (int argc, char **argv) {"import", 'i', POPT_ARG_STRING, &backend_in, 0, "import user accounts from this backend", NULL}, {"export", 'e', POPT_ARG_STRING, &backend_out, 0, "export user accounts to this backend", NULL}, {"group", 'g', POPT_ARG_NONE, &transfer_groups, 0, "use -i and -e for groups", NULL}, + {"policies", 'y', POPT_ARG_NONE, &transfer_account_policies, 0, "use -i and -e to move account policies between backends", NULL}, {"account-policy", 'P', POPT_ARG_STRING, &account_policy, 0,"value of an account policy (like maximum password age)",NULL}, {"value", 'C', POPT_ARG_LONG, &account_policy_value, 'C',"set the account policy to this value", NULL}, {"account-control", 'c', POPT_ARG_STRING, &account_control, 0, "Values of account control", NULL}, @@ -787,20 +810,22 @@ int main (int argc, char **argv) SAFE_FREE(apn); exit(1); } - if (!account_policy_get(field, &value)) { + if (!pdb_get_account_policy(field, &value)) { fprintf(stderr, "valid account policy, but unable to fetch value!\n"); - exit(1); + if (!account_policy_value_set) + exit(1); } + printf("account policy \"%s\" description: %s\n", account_policy, account_policy_get_comment(field)); if (account_policy_value_set) { - printf("account policy value for %s was %u\n", account_policy, value); - if (!account_policy_set(field, account_policy_value)) { + printf("account policy \"%s\" value was: %u\n", account_policy, value); + if (!pdb_set_account_policy(field, account_policy_value)) { fprintf(stderr, "valid account policy, but unable to set value!\n"); exit(1); } - printf("account policy value for %s is now %lu\n", account_policy, account_policy_value); + printf("account policy \"%s\" value is now: %lu\n", account_policy, account_policy_value); exit(0); } else { - printf("account policy value for %s is %u\n", account_policy, value); + printf("account policy \"%s\" value is: %u\n", account_policy, value); exit(0); } } @@ -824,7 +849,10 @@ int main (int argc, char **argv) } else { bout = bdef; } - if (transfer_groups) { + if (transfer_account_policies) { + if (!(checkparms & BIT_USER)) + return export_account_policies(bin, bout); + } else if (transfer_groups) { if (!(checkparms & BIT_USER)) return export_groups(bin, bout); } else { -- cgit From 6c84ecb55657ae28eb739a72164f6d7251dc627f Mon Sep 17 00:00:00 2001 From: Günther Deschner Date: Sat, 12 Feb 2005 00:51:31 +0000 Subject: r5349: After talking with Jerry, reverted the addition of account policies to passdb in 3_0 (they are still in trunk). Guenther (This used to be commit fdf9bdbbac1d8d4f3b3e1fc7e49c1e659b9301b1) --- source3/utils/pdbedit.c | 42 +++++++----------------------------------- 1 file changed, 7 insertions(+), 35 deletions(-) (limited to 'source3/utils/pdbedit.c') diff --git a/source3/utils/pdbedit.c b/source3/utils/pdbedit.c index d29b6ea66c..3584ef0367 100644 --- a/source3/utils/pdbedit.c +++ b/source3/utils/pdbedit.c @@ -118,27 +118,6 @@ static int export_groups (struct pdb_context *in, struct pdb_context *out) { return 0; } -/********************************************************* - Add all currently available account policy from tdb to one backend - ********************************************************/ - -static int export_account_policies (struct pdb_context *in, struct pdb_context *out) -{ - int i; - - for (i=1; decode_account_policy_name(i) != NULL; i++) { - uint32 policy_value; - if (NT_STATUS_IS_ERR(in->pdb_get_account_policy(in, i, &policy_value))) { - fprintf(stderr, "Can't get account policy from tdb\n"); - return -1; - } - out->pdb_set_account_policy(out, i, policy_value); - } - - return 0; -} - - /********************************************************* Print info from sam structure **********************************************************/ @@ -669,7 +648,6 @@ int main (int argc, char **argv) static char *backend_in = NULL; static char *backend_out = NULL; static BOOL transfer_groups = False; - static BOOL transfer_account_policies = False; static BOOL force_initialised_password = False; static char *logon_script = NULL; static char *profile_path = NULL; @@ -710,7 +688,6 @@ int main (int argc, char **argv) {"import", 'i', POPT_ARG_STRING, &backend_in, 0, "import user accounts from this backend", NULL}, {"export", 'e', POPT_ARG_STRING, &backend_out, 0, "export user accounts to this backend", NULL}, {"group", 'g', POPT_ARG_NONE, &transfer_groups, 0, "use -i and -e for groups", NULL}, - {"policies", 'y', POPT_ARG_NONE, &transfer_account_policies, 0, "use -i and -e to move account policies between backends", NULL}, {"account-policy", 'P', POPT_ARG_STRING, &account_policy, 0,"value of an account policy (like maximum password age)",NULL}, {"value", 'C', POPT_ARG_LONG, &account_policy_value, 'C',"set the account policy to this value", NULL}, {"account-control", 'c', POPT_ARG_STRING, &account_control, 0, "Values of account control", NULL}, @@ -810,22 +787,20 @@ int main (int argc, char **argv) SAFE_FREE(apn); exit(1); } - if (!pdb_get_account_policy(field, &value)) { + if (!account_policy_get(field, &value)) { fprintf(stderr, "valid account policy, but unable to fetch value!\n"); - if (!account_policy_value_set) - exit(1); + exit(1); } - printf("account policy \"%s\" description: %s\n", account_policy, account_policy_get_comment(field)); if (account_policy_value_set) { - printf("account policy \"%s\" value was: %u\n", account_policy, value); - if (!pdb_set_account_policy(field, account_policy_value)) { + printf("account policy value for %s was %u\n", account_policy, value); + if (!account_policy_set(field, account_policy_value)) { fprintf(stderr, "valid account policy, but unable to set value!\n"); exit(1); } - printf("account policy \"%s\" value is now: %lu\n", account_policy, account_policy_value); + printf("account policy value for %s is now %lu\n", account_policy, account_policy_value); exit(0); } else { - printf("account policy \"%s\" value is: %u\n", account_policy, value); + printf("account policy value for %s is %u\n", account_policy, value); exit(0); } } @@ -849,10 +824,7 @@ int main (int argc, char **argv) } else { bout = bdef; } - if (transfer_account_policies) { - if (!(checkparms & BIT_USER)) - return export_account_policies(bin, bout); - } else if (transfer_groups) { + if (transfer_groups) { if (!(checkparms & BIT_USER)) return export_groups(bin, bout); } else { -- cgit From 00a62a7f6d880c3788e7211cbbcc95dc6e2aa90e Mon Sep 17 00:00:00 2001 From: John Terpstra Date: Tue, 15 Mar 2005 00:42:38 +0000 Subject: r5790: Added ability to set account description. (This used to be commit df6f0815af0171a47483f2f3d347d350704a012f) --- source3/utils/pdbedit.c | 10 ++++++++-- 1 file changed, 8 insertions(+), 2 deletions(-) (limited to 'source3/utils/pdbedit.c') diff --git a/source3/utils/pdbedit.c b/source3/utils/pdbedit.c index 3584ef0367..c5ba59487c 100644 --- a/source3/utils/pdbedit.c +++ b/source3/utils/pdbedit.c @@ -299,6 +299,7 @@ static int fix_users_list (struct pdb_context *in) static int set_user_info (struct pdb_context *in, const char *username, const char *fullname, const char *homedir, + const char *acct_desc, const char *drive, const char *script, const char *profile, const char *account_control, const char *user_sid, const char *group_sid, @@ -346,6 +347,8 @@ static int set_user_info (struct pdb_context *in, const char *username, if (fullname) pdb_set_fullname(sam_pwent, fullname, PDB_CHANGED); + if (acct_desc) + pdb_set_acct_desc(sam_pwent, acct_desc, PDB_CHANGED); if (homedir) pdb_set_homedir(sam_pwent, homedir, PDB_CHANGED); if (drive) @@ -641,6 +644,7 @@ int main (int argc, char **argv) uint32 setparms, checkparms; int opt; static char *full_name = NULL; + static char *acct_desc = NULL; static const char *user_name = NULL; static char *home_dir = NULL; static char *home_drive = NULL; @@ -673,13 +677,14 @@ int main (int argc, char **argv) {"verbose", 'v', POPT_ARG_NONE, &verbose, 0, "be verbose", NULL }, {"smbpasswd-style", 'w',POPT_ARG_NONE, &spstyle, 0, "give output in smbpasswd style", NULL}, {"user", 'u', POPT_ARG_STRING, &user_name, 0, "use username", "USER" }, + {"account-desc", 'N', POPT_ARG_STRING, &acct_desc, 0, "set account description", NULL}, {"fullname", 'f', POPT_ARG_STRING, &full_name, 0, "set full name", NULL}, {"homedir", 'h', POPT_ARG_STRING, &home_dir, 0, "set home directory", NULL}, {"drive", 'D', POPT_ARG_STRING, &home_drive, 0, "set home drive", NULL}, {"script", 'S', POPT_ARG_STRING, &logon_script, 0, "set logon script", NULL}, {"profile", 'p', POPT_ARG_STRING, &profile_path, 0, "set profile path", NULL}, - {"user SID", 'U', POPT_ARG_STRING, &user_sid, 0, "set user SID or RID", NULL}, - {"group SID", 'G', POPT_ARG_STRING, &group_sid, 0, "set group SID or RID", NULL}, + {"user-SID", 'U', POPT_ARG_STRING, &user_sid, 0, "set user SID or RID", NULL}, + {"group-SID", 'G', POPT_ARG_STRING, &group_sid, 0, "set group SID or RID", NULL}, {"create", 'a', POPT_ARG_NONE, &add_user, 0, "create user", NULL}, {"modify", 'r', POPT_ARG_NONE, &modify_user, 0, "modify user", NULL}, {"machine", 'm', POPT_ARG_NONE, &machine, 0, "account is a machine account", NULL}, @@ -960,6 +965,7 @@ int main (int argc, char **argv) } return set_user_info (bdef, user_name, full_name, home_dir, + acct_desc, home_drive, logon_script, profile_path, account_control, -- cgit From 51d318b47cb332ce40fe7db290b123c0e8edb4aa Mon Sep 17 00:00:00 2001 From: Volker Lendecke Date: Thu, 17 Mar 2005 18:27:32 +0000 Subject: r5862: And some more const (This used to be commit dc442ea7a0eed0a496522dd518bc53bc9304b705) --- source3/utils/pdbedit.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'source3/utils/pdbedit.c') diff --git a/source3/utils/pdbedit.c b/source3/utils/pdbedit.c index c5ba59487c..e0d48edc56 100644 --- a/source3/utils/pdbedit.c +++ b/source3/utils/pdbedit.c @@ -911,7 +911,7 @@ int main (int argc, char **argv) if (!(checkparms & ~(BIT_MODIFY + BIT_USER))) { time_t pwd_can_change = -1; time_t pwd_must_change = -1; - char *errstr; + const char *errstr; if (pwd_can_change_time) { errstr = "can"; -- cgit From 5d88feaaad77bbb8a172c911624ccb07d6050da4 Mon Sep 17 00:00:00 2001 From: Tim Potter Date: Sun, 20 Mar 2005 09:23:37 +0000 Subject: r5909: Remove some unecessary casts. Patch from Jason Mader for bugzill #2468. (This used to be commit ede9fd08cf0ce04528f73c74e2345ba46d26f1e2) --- source3/utils/pdbedit.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'source3/utils/pdbedit.c') diff --git a/source3/utils/pdbedit.c b/source3/utils/pdbedit.c index e0d48edc56..88ec6b1f4f 100644 --- a/source3/utils/pdbedit.c +++ b/source3/utils/pdbedit.c @@ -175,7 +175,7 @@ static int print_sam_info (SAM_ACCOUNT *sam_pwent, BOOL verbosity, BOOL smbpwdst pdb_get_bad_password_count(sam_pwent)); hours = pdb_get_hours(sam_pwent); - pdb_sethexhours(temp, (const char *)hours); + pdb_sethexhours(temp, hours); printf ("Logon hours : %s\n", temp); } else if (smbpwdstyle) { -- cgit From 19ca97a70f6b7b41d251eaa76e4d3c980c6eedff Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Fri, 24 Jun 2005 20:25:18 +0000 Subject: r7882: Looks like a large patch - but what it actually does is make Samba safe for using our headers and linking with C++ modules. Stops us from using C++ reserved keywords in our code. Jeremy (This used to be commit 9506b8e145982b1160a2f0aee5c9b7a54980940a) --- source3/utils/pdbedit.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'source3/utils/pdbedit.c') diff --git a/source3/utils/pdbedit.c b/source3/utils/pdbedit.c index 88ec6b1f4f..7c934cdb6c 100644 --- a/source3/utils/pdbedit.c +++ b/source3/utils/pdbedit.c @@ -76,9 +76,9 @@ static int export_database (struct pdb_context *in, struct pdb_context while (NT_STATUS_IS_OK(in->pdb_getsampwent(in, user))) { DEBUG(4, ("Processing account %s\n", - user->private.username)); + user->private_u.username)); if (!username || - (strcmp(username, user->private.username) + (strcmp(username, user->private_u.username) == 0)) { out->pdb_add_sam_account(out, user); if (!NT_STATUS_IS_OK(pdb_reset_sam(user))) { -- cgit From c188a68effd8524cb98cef943ac0099ba09ffe09 Mon Sep 17 00:00:00 2001 From: Tim Potter Date: Fri, 12 Aug 2005 20:58:56 +0000 Subject: r9272: Patch for fixing unused variables warning from Jason Mader. Fixes bugzilla #2984. (This used to be commit 7d8dd97c3d978a326ab8b1506d327082933eebae) --- source3/utils/pdbedit.c | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) (limited to 'source3/utils/pdbedit.c') diff --git a/source3/utils/pdbedit.c b/source3/utils/pdbedit.c index 7c934cdb6c..c88c0d7579 100644 --- a/source3/utils/pdbedit.c +++ b/source3/utils/pdbedit.c @@ -235,7 +235,7 @@ static int print_user_info (struct pdb_context *in, const char *username, BOOL v static int print_users_list (struct pdb_context *in, BOOL verbosity, BOOL smbpwdstyle) { SAM_ACCOUNT *sam_pwent=NULL; - BOOL check, ret; + BOOL check; check = NT_STATUS_IS_OK(in->pdb_setsampwent(in, False, 0)); if (!check) { @@ -245,7 +245,7 @@ static int print_users_list (struct pdb_context *in, BOOL verbosity, BOOL smbpwd check = True; if (!(NT_STATUS_IS_OK(pdb_init_sam(&sam_pwent)))) return 1; - while (check && (ret = NT_STATUS_IS_OK(in->pdb_getsampwent (in, sam_pwent)))) { + while (check && NT_STATUS_IS_OK(in->pdb_getsampwent (in, sam_pwent))) { if (verbosity) printf ("---------------\n"); print_sam_info (sam_pwent, verbosity, smbpwdstyle); @@ -264,7 +264,7 @@ static int print_users_list (struct pdb_context *in, BOOL verbosity, BOOL smbpwd static int fix_users_list (struct pdb_context *in) { SAM_ACCOUNT *sam_pwent=NULL; - BOOL check, ret; + BOOL check; check = NT_STATUS_IS_OK(in->pdb_setsampwent(in, False, 0)); if (!check) { @@ -274,7 +274,7 @@ static int fix_users_list (struct pdb_context *in) check = True; if (!(NT_STATUS_IS_OK(pdb_init_sam(&sam_pwent)))) return 1; - while (check && (ret = NT_STATUS_IS_OK(in->pdb_getsampwent (in, sam_pwent)))) { + while (check && NT_STATUS_IS_OK(in->pdb_getsampwent (in, sam_pwent))) { printf("Updating record for user %s\n", pdb_get_username(sam_pwent)); if (!pdb_update_sam_account(sam_pwent)) { @@ -430,12 +430,12 @@ static int new_user (struct pdb_context *in, const char *username, const char *profile, char *user_sid, char *group_sid) { SAM_ACCOUNT *sam_pwent=NULL; - NTSTATUS nt_status; + char *password1, *password2, *staticpass; get_global_sam_sid(); - if (!NT_STATUS_IS_OK(nt_status = pdb_init_sam_new(&sam_pwent, username, 0))) { + if (!NT_STATUS_IS_OK(pdb_init_sam_new(&sam_pwent, username, 0))) { DEBUG(0, ("could not create account to add new user %s\n", username)); return -1; } -- cgit From 54abd2aa66069e6baf7769c496f46d9dba18db39 Mon Sep 17 00:00:00 2001 From: Gerald Carter Date: Fri, 30 Sep 2005 17:13:37 +0000 Subject: r10656: BIG merge from trunk. Features not copied over * \PIPE\unixinfo * winbindd's {group,alias}membership new functions * winbindd's lookupsids() functionality * swat (trunk changes to be reverted as per discussion with Deryck) (This used to be commit 939c3cb5d78e3a2236209b296aa8aba8bdce32d3) --- source3/utils/pdbedit.c | 46 +++++++++++++++++++++++++++++++++++++--------- 1 file changed, 37 insertions(+), 9 deletions(-) (limited to 'source3/utils/pdbedit.c') diff --git a/source3/utils/pdbedit.c b/source3/utils/pdbedit.c index c88c0d7579..dacaa1e26f 100644 --- a/source3/utils/pdbedit.c +++ b/source3/utils/pdbedit.c @@ -118,6 +118,27 @@ static int export_groups (struct pdb_context *in, struct pdb_context *out) { return 0; } +/********************************************************* + Add all currently available account policy from tdb to one backend + ********************************************************/ + +static int export_account_policies (struct pdb_context *in, struct pdb_context *out) +{ + int i; + + for (i=1; decode_account_policy_name(i) != NULL; i++) { + uint32 policy_value; + if (NT_STATUS_IS_ERR(in->pdb_get_account_policy(in, i, &policy_value))) { + fprintf(stderr, "Can't get account policy from tdb\n"); + return -1; + } + out->pdb_set_account_policy(out, i, policy_value); + } + + return 0; +} + + /********************************************************* Print info from sam structure **********************************************************/ @@ -652,6 +673,7 @@ int main (int argc, char **argv) static char *backend_in = NULL; static char *backend_out = NULL; static BOOL transfer_groups = False; + static BOOL transfer_account_policies = False; static BOOL force_initialised_password = False; static char *logon_script = NULL; static char *profile_path = NULL; @@ -683,8 +705,8 @@ int main (int argc, char **argv) {"drive", 'D', POPT_ARG_STRING, &home_drive, 0, "set home drive", NULL}, {"script", 'S', POPT_ARG_STRING, &logon_script, 0, "set logon script", NULL}, {"profile", 'p', POPT_ARG_STRING, &profile_path, 0, "set profile path", NULL}, - {"user-SID", 'U', POPT_ARG_STRING, &user_sid, 0, "set user SID or RID", NULL}, - {"group-SID", 'G', POPT_ARG_STRING, &group_sid, 0, "set group SID or RID", NULL}, + {"user SID", 'U', POPT_ARG_STRING, &user_sid, 0, "set user SID or RID", NULL}, + {"group SID", 'G', POPT_ARG_STRING, &group_sid, 0, "set group SID or RID", NULL}, {"create", 'a', POPT_ARG_NONE, &add_user, 0, "create user", NULL}, {"modify", 'r', POPT_ARG_NONE, &modify_user, 0, "modify user", NULL}, {"machine", 'm', POPT_ARG_NONE, &machine, 0, "account is a machine account", NULL}, @@ -693,6 +715,7 @@ int main (int argc, char **argv) {"import", 'i', POPT_ARG_STRING, &backend_in, 0, "import user accounts from this backend", NULL}, {"export", 'e', POPT_ARG_STRING, &backend_out, 0, "export user accounts to this backend", NULL}, {"group", 'g', POPT_ARG_NONE, &transfer_groups, 0, "use -i and -e for groups", NULL}, + {"policies", 'y', POPT_ARG_NONE, &transfer_account_policies, 0, "use -i and -e to move account policies between backends", NULL}, {"account-policy", 'P', POPT_ARG_STRING, &account_policy, 0,"value of an account policy (like maximum password age)",NULL}, {"value", 'C', POPT_ARG_LONG, &account_policy_value, 'C',"set the account policy to this value", NULL}, {"account-control", 'c', POPT_ARG_STRING, &account_control, 0, "Values of account control", NULL}, @@ -792,20 +815,22 @@ int main (int argc, char **argv) SAFE_FREE(apn); exit(1); } - if (!account_policy_get(field, &value)) { + if (!pdb_get_account_policy(field, &value)) { fprintf(stderr, "valid account policy, but unable to fetch value!\n"); - exit(1); + if (!account_policy_value_set) + exit(1); } + printf("account policy \"%s\" description: %s\n", account_policy, account_policy_get_desc(field)); if (account_policy_value_set) { - printf("account policy value for %s was %u\n", account_policy, value); - if (!account_policy_set(field, account_policy_value)) { + printf("account policy \"%s\" value was: %u\n", account_policy, value); + if (!pdb_set_account_policy(field, account_policy_value)) { fprintf(stderr, "valid account policy, but unable to set value!\n"); exit(1); } - printf("account policy value for %s is now %lu\n", account_policy, account_policy_value); + printf("account policy \"%s\" value is now: %lu\n", account_policy, account_policy_value); exit(0); } else { - printf("account policy value for %s is %u\n", account_policy, value); + printf("account policy \"%s\" value is: %u\n", account_policy, value); exit(0); } } @@ -829,7 +854,10 @@ int main (int argc, char **argv) } else { bout = bdef; } - if (transfer_groups) { + if (transfer_account_policies) { + if (!(checkparms & BIT_USER)) + return export_account_policies(bin, bout); + } else if (transfer_groups) { if (!(checkparms & BIT_USER)) return export_groups(bin, bout); } else { -- cgit From 8d7c88667190fe286971ac4fffb64ee5bd9eeeb0 Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Tue, 18 Oct 2005 03:24:00 +0000 Subject: r11137: Compile with only 2 warnings (I'm still working on that code) on a gcc4 x86_64 box. Jeremy. (This used to be commit d720867a788c735e56d53d63265255830ec21208) --- source3/utils/pdbedit.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'source3/utils/pdbedit.c') diff --git a/source3/utils/pdbedit.c b/source3/utils/pdbedit.c index dacaa1e26f..6e08712bc4 100644 --- a/source3/utils/pdbedit.c +++ b/source3/utils/pdbedit.c @@ -100,7 +100,7 @@ static int export_database (struct pdb_context *in, struct pdb_context static int export_groups (struct pdb_context *in, struct pdb_context *out) { GROUP_MAP *maps = NULL; - int i, entries = 0; + size_t i, entries = 0; if (NT_STATUS_IS_ERR(in->pdb_enum_group_mapping(in, SID_NAME_UNKNOWN, &maps, &entries, -- cgit From 275ca6d96e036b1c7c339c60bbf15808d20677cf Mon Sep 17 00:00:00 2001 From: Volker Lendecke Date: Thu, 27 Oct 2005 12:47:06 +0000 Subject: r11327: Make user domain settable by pdbedit (This used to be commit 37267d5ab018bb6df9e297ea68e57deb9a908f28) --- source3/utils/pdbedit.c | 11 +++++++++-- 1 file changed, 9 insertions(+), 2 deletions(-) (limited to 'source3/utils/pdbedit.c') diff --git a/source3/utils/pdbedit.c b/source3/utils/pdbedit.c index 6e08712bc4..e120b8ec64 100644 --- a/source3/utils/pdbedit.c +++ b/source3/utils/pdbedit.c @@ -35,7 +35,7 @@ #define BIT_LOGSCRIPT 0x00000800 #define BIT_PROFILE 0x00001000 #define BIT_MACHINE 0x00002000 -#define BIT_RESERV_4 0x00004000 +#define BIT_USERDOMAIN 0x00004000 #define BIT_USER 0x00008000 #define BIT_LIST 0x00010000 #define BIT_MODIFY 0x00020000 @@ -52,7 +52,7 @@ #define BIT_LOGONHOURS 0x10000000 #define MASK_ALWAYS_GOOD 0x0000001F -#define MASK_USER_GOOD 0x00401F60 +#define MASK_USER_GOOD 0x00405F60 /********************************************************* Add all currently available users to another db @@ -324,6 +324,7 @@ static int set_user_info (struct pdb_context *in, const char *username, const char *drive, const char *script, const char *profile, const char *account_control, const char *user_sid, const char *group_sid, + const char *user_domain, const BOOL badpw, const BOOL hours, time_t pwd_can_change, time_t pwd_must_change) { @@ -378,6 +379,8 @@ static int set_user_info (struct pdb_context *in, const char *username, pdb_set_logon_script(sam_pwent, script, PDB_CHANGED); if (profile) pdb_set_profile_path (sam_pwent, profile, PDB_CHANGED); + if (user_domain) + pdb_set_domain(sam_pwent, user_domain, PDB_CHANGED); if (account_control) { uint16 not_settable = ~(ACB_DISABLED|ACB_HOMDIRREQ|ACB_PWNOTREQ| @@ -677,6 +680,7 @@ int main (int argc, char **argv) static BOOL force_initialised_password = False; static char *logon_script = NULL; static char *profile_path = NULL; + static char *user_domain = NULL; static char *account_control = NULL; static char *account_policy = NULL; static char *user_sid = NULL; @@ -705,6 +709,7 @@ int main (int argc, char **argv) {"drive", 'D', POPT_ARG_STRING, &home_drive, 0, "set home drive", NULL}, {"script", 'S', POPT_ARG_STRING, &logon_script, 0, "set logon script", NULL}, {"profile", 'p', POPT_ARG_STRING, &profile_path, 0, "set profile path", NULL}, + {"domain", 'I', POPT_ARG_STRING, &user_domain, 0, "set a users' domain", NULL}, {"user SID", 'U', POPT_ARG_STRING, &user_sid, 0, "set user SID or RID", NULL}, {"group SID", 'G', POPT_ARG_STRING, &group_sid, 0, "set group SID or RID", NULL}, {"create", 'a', POPT_ARG_NONE, &add_user, 0, "create user", NULL}, @@ -766,6 +771,7 @@ int main (int argc, char **argv) (home_drive ? BIT_HDIRDRIVE : 0) + (logon_script ? BIT_LOGSCRIPT : 0) + (profile_path ? BIT_PROFILE : 0) + + (user_domain ? BIT_USERDOMAIN : 0) + (machine ? BIT_MACHINE : 0) + (user_name ? BIT_USER : 0) + (list_users ? BIT_LIST : 0) + @@ -998,6 +1004,7 @@ int main (int argc, char **argv) logon_script, profile_path, account_control, user_sid, group_sid, + user_domain, badpw_reset, hours_reset, pwd_can_change, pwd_must_change); error: -- cgit From 5ac6b21f097b87657c4a3d2a3b4e32d091833d22 Mon Sep 17 00:00:00 2001 From: Gerald Carter Date: Tue, 20 Dec 2005 15:10:41 +0000 Subject: r12398: adding Guenther's account policy migration fix (This used to be commit be32f10609f2274903cb3b2c6b84c9aa62962151) --- source3/utils/pdbedit.c | 51 ++++++++++++++++++++++++++++++++++++++++++++++++- 1 file changed, 50 insertions(+), 1 deletion(-) (limited to 'source3/utils/pdbedit.c') diff --git a/source3/utils/pdbedit.c b/source3/utils/pdbedit.c index e120b8ec64..9c292bd212 100644 --- a/source3/utils/pdbedit.c +++ b/source3/utils/pdbedit.c @@ -118,6 +118,35 @@ static int export_groups (struct pdb_context *in, struct pdb_context *out) { return 0; } +/********************************************************* + Reset account policies to their default values and remove marker + ********************************************************/ + +static int reinit_account_policies (void) +{ + int i; + + for (i=1; decode_account_policy_name(i) != NULL; i++) { + uint32 policy_value; + if (!account_policy_get_default(i, &policy_value)) { + fprintf(stderr, "Can't get default account policy\n"); + return -1; + } + if (!account_policy_set(i, policy_value)) { + fprintf(stderr, "Can't set account policy in tdb\n"); + return -1; + } + } + + if (!remove_account_policy_migrated()) { + fprintf(stderr, "Can't remove marker from tdb\n"); + return -1; + } + + return 0; +} + + /********************************************************* Add all currently available account policy from tdb to one backend ********************************************************/ @@ -126,13 +155,23 @@ static int export_account_policies (struct pdb_context *in, struct pdb_context * { int i; + if (!account_policy_migrated(True)) { + fprintf(stderr, "Can't set account policy marker in tdb\n"); + return -1; + } + for (i=1; decode_account_policy_name(i) != NULL; i++) { uint32 policy_value; if (NT_STATUS_IS_ERR(in->pdb_get_account_policy(in, i, &policy_value))) { fprintf(stderr, "Can't get account policy from tdb\n"); + remove_account_policy_migrated(); + return -1; + } + if (NT_STATUS_IS_ERR(out->pdb_set_account_policy(out, i, policy_value))) { + fprintf(stderr, "Can't set account policy in passdb\n"); + remove_account_policy_migrated(); return -1; } - out->pdb_set_account_policy(out, i, policy_value); } return 0; @@ -677,6 +716,7 @@ int main (int argc, char **argv) static char *backend_out = NULL; static BOOL transfer_groups = False; static BOOL transfer_account_policies = False; + static BOOL reset_account_policies = False; static BOOL force_initialised_password = False; static char *logon_script = NULL; static char *profile_path = NULL; @@ -721,6 +761,7 @@ int main (int argc, char **argv) {"export", 'e', POPT_ARG_STRING, &backend_out, 0, "export user accounts to this backend", NULL}, {"group", 'g', POPT_ARG_NONE, &transfer_groups, 0, "use -i and -e for groups", NULL}, {"policies", 'y', POPT_ARG_NONE, &transfer_account_policies, 0, "use -i and -e to move account policies between backends", NULL}, + {"policies-reset", 0, POPT_ARG_NONE, &reset_account_policies, 0, "restore default policies", NULL}, {"account-policy", 'P', POPT_ARG_STRING, &account_policy, 0,"value of an account policy (like maximum password age)",NULL}, {"value", 'C', POPT_ARG_LONG, &account_policy_value, 'C',"set the account policy to this value", NULL}, {"account-control", 'c', POPT_ARG_STRING, &account_control, 0, "Values of account control", NULL}, @@ -841,6 +882,14 @@ int main (int argc, char **argv) } } + if (reset_account_policies) { + if (!reinit_account_policies()) { + exit(1); + } + + exit(0); + } + /* import and export operations */ if (((checkparms & BIT_IMPORT) || (checkparms & BIT_EXPORT)) && !(checkparms & ~(BIT_IMPORT +BIT_EXPORT +BIT_USER))) { -- cgit From c8f28c92a7a96e278031b85f04b4671206bf3502 Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Wed, 28 Dec 2005 22:48:54 +0000 Subject: r12555: Fix more load_case_table swegfaults. Arggg. What I'd give for a global constructor... Jeremy. (This used to be commit c970d7d0a5ba225465dfb0980989b8817b17c643) --- source3/utils/pdbedit.c | 2 ++ 1 file changed, 2 insertions(+) (limited to 'source3/utils/pdbedit.c') diff --git a/source3/utils/pdbedit.c b/source3/utils/pdbedit.c index 9c292bd212..ddf0eea169 100644 --- a/source3/utils/pdbedit.c +++ b/source3/utils/pdbedit.c @@ -775,6 +775,8 @@ int main (int argc, char **argv) POPT_TABLEEND }; + load_case_tables(); + setup_logging("pdbedit", True); pc = poptGetContext(NULL, argc, (const char **) argv, long_options, -- cgit From 5301c8b98d437ecdafb042e53c8bd1c4104fedea Mon Sep 17 00:00:00 2001 From: Simo Sorce Date: Wed, 25 Jan 2006 21:24:51 +0000 Subject: r13136: Fix handling user sid and user gid (This used to be commit 65d5abda68fa0cacbff489ea1e4bfeffd58c83cb) --- source3/utils/pdbedit.c | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) (limited to 'source3/utils/pdbedit.c') diff --git a/source3/utils/pdbedit.c b/source3/utils/pdbedit.c index ddf0eea169..53d3b17d06 100644 --- a/source3/utils/pdbedit.c +++ b/source3/utils/pdbedit.c @@ -28,7 +28,7 @@ #define BIT_SPSTYLE 0x00000010 #define BIT_CAN_CHANGE 0x00000020 #define BIT_MUST_CHANGE 0x00000040 -#define BIT_RESERV_3 0x00000080 +#define BIT_USERSIDS 0x00000080 #define BIT_FULLNAME 0x00000100 #define BIT_HOMEDIR 0x00000200 #define BIT_HDIRDRIVE 0x00000400 @@ -52,7 +52,7 @@ #define BIT_LOGONHOURS 0x10000000 #define MASK_ALWAYS_GOOD 0x0000001F -#define MASK_USER_GOOD 0x00405F60 +#define MASK_USER_GOOD 0x00405FE0 /********************************************************* Add all currently available users to another db @@ -819,6 +819,8 @@ int main (int argc, char **argv) (user_name ? BIT_USER : 0) + (list_users ? BIT_LIST : 0) + (force_initialised_password ? BIT_FIX_INIT : 0) + + (user_sid ? BIT_USERSIDS : 0) + + (group_sid ? BIT_USERSIDS : 0) + (modify_user ? BIT_MODIFY : 0) + (add_user ? BIT_CREATE : 0) + (delete_user ? BIT_DELETE : 0) + -- cgit From 9c15bd311db76885b27f30ba92d885833f668550 Mon Sep 17 00:00:00 2001 From: Derrell Lipman Date: Sat, 28 Jan 2006 22:53:04 +0000 Subject: r13212: r12414@cabra: derrell | 2006-01-28 17:52:17 -0500 lp_load() could not be called multiple times to modify parameter settings based on reading from multiple configuration settings. Each time, it initialized all of the settings back to their defaults before reading the specified configuration file. This patch adds a parameter to lp_load() specifying whether the settings should be initialized. It does, however, still force the settings to be initialized the first time, even if the request was to not initialize them. (Not doing so could wreak havoc due to uninitialized values.) (This used to be commit f2a24de769d1b2266e576597c57a8e3b1e2a2b51) --- source3/utils/pdbedit.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'source3/utils/pdbedit.c') diff --git a/source3/utils/pdbedit.c b/source3/utils/pdbedit.c index 53d3b17d06..f41bbb8caa 100644 --- a/source3/utils/pdbedit.c +++ b/source3/utils/pdbedit.c @@ -795,7 +795,7 @@ int main (int argc, char **argv) if (user_name == NULL) user_name = poptGetArg(pc); - if (!lp_load(dyn_CONFIGFILE,True,False,False)) { + if (!lp_load(dyn_CONFIGFILE,True,False,False,True)) { fprintf(stderr, "Can't load %s - run testparm to debug it\n", dyn_CONFIGFILE); exit(1); } -- cgit From 0af1500fc0bafe61019f1b2ab1d9e1d369221240 Mon Sep 17 00:00:00 2001 From: Gerald Carter Date: Fri, 3 Feb 2006 22:19:41 +0000 Subject: r13316: Let the carnage begin.... Sync with trunk as off r13315 (This used to be commit 17e63ac4ed8325c0d44fe62b2442449f3298559f) --- source3/utils/pdbedit.c | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) (limited to 'source3/utils/pdbedit.c') diff --git a/source3/utils/pdbedit.c b/source3/utils/pdbedit.c index f41bbb8caa..0b17d50ad3 100644 --- a/source3/utils/pdbedit.c +++ b/source3/utils/pdbedit.c @@ -337,7 +337,7 @@ static int fix_users_list (struct pdb_context *in) while (check && NT_STATUS_IS_OK(in->pdb_getsampwent (in, sam_pwent))) { printf("Updating record for user %s\n", pdb_get_username(sam_pwent)); - if (!pdb_update_sam_account(sam_pwent)) { + if (!NT_STATUS_IS_OK(pdb_update_sam_account(sam_pwent))) { printf("Update of user %s failed!\n", pdb_get_username(sam_pwent)); } pdb_free_sam(&sam_pwent); @@ -498,7 +498,7 @@ static int new_user (struct pdb_context *in, const char *username, get_global_sam_sid(); - if (!NT_STATUS_IS_OK(pdb_init_sam_new(&sam_pwent, username, 0))) { + if (!NT_STATUS_IS_OK(pdb_init_sam_new(&sam_pwent, username))) { DEBUG(0, ("could not create account to add new user %s\n", username)); return -1; } @@ -603,13 +603,13 @@ static int new_machine (struct pdb_context *in, const char *machine_in) fstrcpy(machineaccount, machinename); fstrcat(machineaccount, "$"); - if ((pwd = getpwnam_alloc(machineaccount))) { + if ((pwd = getpwnam_alloc(NULL, machineaccount))) { if (!NT_STATUS_IS_OK(pdb_init_sam_pw( &sam_pwent, pwd))) { fprintf(stderr, "Could not init sam from pw\n"); - passwd_free(&pwd); + talloc_free(pwd); return -1; } - passwd_free(&pwd); + talloc_free(&pwd); } else { if (!NT_STATUS_IS_OK(pdb_init_sam (&sam_pwent))) { fprintf(stderr, "Could not init sam from pw\n"); -- cgit From 75ef18fa7510d894ccc4540d82616110c3166db3 Mon Sep 17 00:00:00 2001 From: Gerald Carter Date: Sat, 11 Feb 2006 21:27:08 +0000 Subject: r13460: by popular demand.... * remove pdb_context data structure * set default group for DOMAIN_RID_GUEST user as RID 513 (just like Windows) * Allow RID 513 to resolve to always resolve to a name * Remove auto mapping of guest account primary group given the previous 2 changes (This used to be commit 7a2da5f0cc05c1920c664c9a690a23bdf854e285) --- source3/utils/pdbedit.c | 185 +++++++----------------------------------------- 1 file changed, 26 insertions(+), 159 deletions(-) (limited to 'source3/utils/pdbedit.c') diff --git a/source3/utils/pdbedit.c b/source3/utils/pdbedit.c index 0b17d50ad3..7e29c797cb 100644 --- a/source3/utils/pdbedit.c +++ b/source3/utils/pdbedit.c @@ -54,70 +54,6 @@ #define MASK_ALWAYS_GOOD 0x0000001F #define MASK_USER_GOOD 0x00405FE0 -/********************************************************* - Add all currently available users to another db - ********************************************************/ - -static int export_database (struct pdb_context *in, struct pdb_context - *out, const char *username) { - SAM_ACCOUNT *user = NULL; - - DEBUG(3, ("called with username=\"%s\"\n", username)); - - if (NT_STATUS_IS_ERR(in->pdb_setsampwent(in, 0, 0))) { - fprintf(stderr, "Can't sampwent!\n"); - return 1; - } - - if (!NT_STATUS_IS_OK(pdb_init_sam(&user))) { - fprintf(stderr, "Can't initialize new SAM_ACCOUNT!\n"); - return 1; - } - - while (NT_STATUS_IS_OK(in->pdb_getsampwent(in, user))) { - DEBUG(4, ("Processing account %s\n", - user->private_u.username)); - if (!username || - (strcmp(username, user->private_u.username) - == 0)) { - out->pdb_add_sam_account(out, user); - if (!NT_STATUS_IS_OK(pdb_reset_sam(user))) { - fprintf(stderr, - "Can't reset SAM_ACCOUNT!\n"); - return 1; - } - } - } - - in->pdb_endsampwent(in); - - return 0; -} - -/********************************************************* - Add all currently available group mappings to another db - ********************************************************/ - -static int export_groups (struct pdb_context *in, struct pdb_context *out) { - GROUP_MAP *maps = NULL; - size_t i, entries = 0; - - if (NT_STATUS_IS_ERR(in->pdb_enum_group_mapping(in, SID_NAME_UNKNOWN, - &maps, &entries, - False))) { - fprintf(stderr, "Can't get group mappings!\n"); - return 1; - } - - for (i=0; ipdb_add_group_mapping_entry(out, &(maps[i])); - } - - SAFE_FREE(maps); - - return 0; -} - /********************************************************* Reset account policies to their default values and remove marker ********************************************************/ @@ -146,38 +82,6 @@ static int reinit_account_policies (void) return 0; } - -/********************************************************* - Add all currently available account policy from tdb to one backend - ********************************************************/ - -static int export_account_policies (struct pdb_context *in, struct pdb_context *out) -{ - int i; - - if (!account_policy_migrated(True)) { - fprintf(stderr, "Can't set account policy marker in tdb\n"); - return -1; - } - - for (i=1; decode_account_policy_name(i) != NULL; i++) { - uint32 policy_value; - if (NT_STATUS_IS_ERR(in->pdb_get_account_policy(in, i, &policy_value))) { - fprintf(stderr, "Can't get account policy from tdb\n"); - remove_account_policy_migrated(); - return -1; - } - if (NT_STATUS_IS_ERR(out->pdb_set_account_policy(out, i, policy_value))) { - fprintf(stderr, "Can't set account policy in passdb\n"); - remove_account_policy_migrated(); - return -1; - } - } - - return 0; -} - - /********************************************************* Print info from sam structure **********************************************************/ @@ -266,7 +170,7 @@ static int print_sam_info (SAM_ACCOUNT *sam_pwent, BOOL verbosity, BOOL smbpwdst Get an Print User Info **********************************************************/ -static int print_user_info (struct pdb_context *in, const char *username, BOOL verbosity, BOOL smbpwdstyle) +static int print_user_info (struct pdb_methods *in, const char *username, BOOL verbosity, BOOL smbpwdstyle) { SAM_ACCOUNT *sam_pwent=NULL; BOOL ret; @@ -275,7 +179,7 @@ static int print_user_info (struct pdb_context *in, const char *username, BOOL v return -1; } - ret = NT_STATUS_IS_OK(in->pdb_getsampwnam (in, sam_pwent, username)); + ret = NT_STATUS_IS_OK(in->getsampwnam (in, sam_pwent, username)); if (ret==False) { fprintf (stderr, "Username not found!\n"); @@ -292,12 +196,12 @@ static int print_user_info (struct pdb_context *in, const char *username, BOOL v /********************************************************* List Users **********************************************************/ -static int print_users_list (struct pdb_context *in, BOOL verbosity, BOOL smbpwdstyle) +static int print_users_list (struct pdb_methods *in, BOOL verbosity, BOOL smbpwdstyle) { SAM_ACCOUNT *sam_pwent=NULL; BOOL check; - check = NT_STATUS_IS_OK(in->pdb_setsampwent(in, False, 0)); + check = NT_STATUS_IS_OK(in->setsampwent(in, False, 0)); if (!check) { return 1; } @@ -305,7 +209,7 @@ static int print_users_list (struct pdb_context *in, BOOL verbosity, BOOL smbpwd check = True; if (!(NT_STATUS_IS_OK(pdb_init_sam(&sam_pwent)))) return 1; - while (check && NT_STATUS_IS_OK(in->pdb_getsampwent (in, sam_pwent))) { + while (check && NT_STATUS_IS_OK(in->getsampwent (in, sam_pwent))) { if (verbosity) printf ("---------------\n"); print_sam_info (sam_pwent, verbosity, smbpwdstyle); @@ -314,19 +218,19 @@ static int print_users_list (struct pdb_context *in, BOOL verbosity, BOOL smbpwd } if (check) pdb_free_sam(&sam_pwent); - in->pdb_endsampwent(in); + in->endsampwent(in); return 0; } /********************************************************* Fix a list of Users for uninitialised passwords **********************************************************/ -static int fix_users_list (struct pdb_context *in) +static int fix_users_list (struct pdb_methods *in) { SAM_ACCOUNT *sam_pwent=NULL; BOOL check; - check = NT_STATUS_IS_OK(in->pdb_setsampwent(in, False, 0)); + check = NT_STATUS_IS_OK(in->setsampwent(in, False, 0)); if (!check) { return 1; } @@ -334,7 +238,7 @@ static int fix_users_list (struct pdb_context *in) check = True; if (!(NT_STATUS_IS_OK(pdb_init_sam(&sam_pwent)))) return 1; - while (check && NT_STATUS_IS_OK(in->pdb_getsampwent (in, sam_pwent))) { + while (check && NT_STATUS_IS_OK(in->getsampwent (in, sam_pwent))) { printf("Updating record for user %s\n", pdb_get_username(sam_pwent)); if (!NT_STATUS_IS_OK(pdb_update_sam_account(sam_pwent))) { @@ -349,7 +253,7 @@ static int fix_users_list (struct pdb_context *in) } if (check) pdb_free_sam(&sam_pwent); - in->pdb_endsampwent(in); + in->endsampwent(in); return 0; } @@ -357,7 +261,7 @@ static int fix_users_list (struct pdb_context *in) Set User Info **********************************************************/ -static int set_user_info (struct pdb_context *in, const char *username, +static int set_user_info (struct pdb_methods *in, const char *username, const char *fullname, const char *homedir, const char *acct_desc, const char *drive, const char *script, @@ -373,7 +277,7 @@ static int set_user_info (struct pdb_context *in, const char *username, pdb_init_sam(&sam_pwent); - ret = NT_STATUS_IS_OK(in->pdb_getsampwnam (in, sam_pwent, username)); + ret = NT_STATUS_IS_OK(in->getsampwnam (in, sam_pwent, username)); if (ret==False) { fprintf (stderr, "Username not found!\n"); pdb_free_sam(&sam_pwent); @@ -473,7 +377,7 @@ static int set_user_info (struct pdb_context *in, const char *username, pdb_set_bad_password_time(sam_pwent, 0, PDB_CHANGED); } - if (NT_STATUS_IS_OK(in->pdb_update_sam_account (in, sam_pwent))) + if (NT_STATUS_IS_OK(in->update_sam_account (in, sam_pwent))) print_user_info (in, username, True, False); else { fprintf (stderr, "Unable to modify entry!\n"); @@ -487,7 +391,7 @@ static int set_user_info (struct pdb_context *in, const char *username, /********************************************************* Add New User **********************************************************/ -static int new_user (struct pdb_context *in, const char *username, +static int new_user (struct pdb_methods *in, const char *username, const char *fullname, const char *homedir, const char *drive, const char *script, const char *profile, char *user_sid, char *group_sid) @@ -568,7 +472,7 @@ static int new_user (struct pdb_context *in, const char *username, pdb_set_acct_ctrl (sam_pwent, ACB_NORMAL, PDB_CHANGED); - if (NT_STATUS_IS_OK(in->pdb_add_sam_account (in, sam_pwent))) { + if (NT_STATUS_IS_OK(in->add_sam_account (in, sam_pwent))) { print_user_info (in, username, True, False); } else { fprintf (stderr, "Unable to add user! (does it already exist?)\n"); @@ -583,7 +487,7 @@ static int new_user (struct pdb_context *in, const char *username, Add New Machine **********************************************************/ -static int new_machine (struct pdb_context *in, const char *machine_in) +static int new_machine (struct pdb_methods *in, const char *machine_in) { SAM_ACCOUNT *sam_pwent=NULL; fstring machinename; @@ -625,7 +529,7 @@ static int new_machine (struct pdb_context *in, const char *machine_in) pdb_set_group_sid_from_rid(sam_pwent, DOMAIN_GROUP_RID_COMPUTERS, PDB_CHANGED); - if (NT_STATUS_IS_OK(in->pdb_add_sam_account (in, sam_pwent))) { + if (NT_STATUS_IS_OK(in->add_sam_account (in, sam_pwent))) { print_user_info (in, machineaccount, True, False); } else { fprintf (stderr, "Unable to add machine! (does it already exist?)\n"); @@ -640,7 +544,7 @@ static int new_machine (struct pdb_context *in, const char *machine_in) Delete user entry **********************************************************/ -static int delete_user_entry (struct pdb_context *in, const char *username) +static int delete_user_entry (struct pdb_methods *in, const char *username) { SAM_ACCOUNT *samaccount = NULL; @@ -648,12 +552,12 @@ static int delete_user_entry (struct pdb_context *in, const char *username) return -1; } - if (!NT_STATUS_IS_OK(in->pdb_getsampwnam(in, samaccount, username))) { + if (!NT_STATUS_IS_OK(in->getsampwnam(in, samaccount, username))) { fprintf (stderr, "user %s does not exist in the passdb\n", username); return -1; } - if (!NT_STATUS_IS_OK(in->pdb_delete_sam_account (in, samaccount))) { + if (!NT_STATUS_IS_OK(in->delete_sam_account (in, samaccount))) { fprintf (stderr, "Unable to delete user %s\n", username); return -1; } @@ -664,7 +568,7 @@ static int delete_user_entry (struct pdb_context *in, const char *username) Delete machine entry **********************************************************/ -static int delete_machine_entry (struct pdb_context *in, const char *machinename) +static int delete_machine_entry (struct pdb_methods *in, const char *machinename) { fstring name; SAM_ACCOUNT *samaccount = NULL; @@ -678,12 +582,12 @@ static int delete_machine_entry (struct pdb_context *in, const char *machinename return -1; } - if (!NT_STATUS_IS_OK(in->pdb_getsampwnam(in, samaccount, name))) { + if (!NT_STATUS_IS_OK(in->getsampwnam(in, samaccount, name))) { fprintf (stderr, "machine %s does not exist in the passdb\n", name); return -1; } - if (!NT_STATUS_IS_OK(in->pdb_delete_sam_account (in, samaccount))) { + if (!NT_STATUS_IS_OK(in->delete_sam_account (in, samaccount))) { fprintf (stderr, "Unable to delete machine %s\n", name); return -1; } @@ -733,9 +637,7 @@ int main (int argc, char **argv) static char *pwd_must_change_time = NULL; static char *pwd_time_format = NULL; - struct pdb_context *bin; - struct pdb_context *bout; - struct pdb_context *bdef; + struct pdb_methods *bdef = NULL; poptContext pc; struct poptOption long_options[] = { POPT_AUTOHELP @@ -835,12 +737,12 @@ int main (int argc, char **argv) (pwd_must_change_time ? BIT_MUST_CHANGE: 0); if (setparms & BIT_BACKEND) { - if (!NT_STATUS_IS_OK(make_pdb_context_string(&bdef, backend))) { + if (!NT_STATUS_IS_OK(make_pdb_method_name( &bdef, backend ))) { fprintf(stderr, "Can't initialize passdb backend.\n"); return 1; } } else { - if (!NT_STATUS_IS_OK(make_pdb_context_list(&bdef, lp_passdb_backend()))) { + if (!NT_STATUS_IS_OK(make_pdb_method_name(&bdef, lp_passdb_backend()))) { fprintf(stderr, "Can't initialize passdb backend.\n"); return 1; } @@ -894,41 +796,6 @@ int main (int argc, char **argv) exit(0); } - /* import and export operations */ - if (((checkparms & BIT_IMPORT) || (checkparms & BIT_EXPORT)) - && !(checkparms & ~(BIT_IMPORT +BIT_EXPORT +BIT_USER))) { - if (backend_in) { - if (!NT_STATUS_IS_OK(make_pdb_context_string(&bin, backend_in))) { - fprintf(stderr, "Can't initialize passdb backend.\n"); - return 1; - } - } else { - bin = bdef; - } - if (backend_out) { - if (!NT_STATUS_IS_OK(make_pdb_context_string(&bout, backend_out))) { - fprintf(stderr, "Can't initialize %s.\n", backend_out); - return 1; - } - } else { - bout = bdef; - } - if (transfer_account_policies) { - if (!(checkparms & BIT_USER)) - return export_account_policies(bin, bout); - } else if (transfer_groups) { - if (!(checkparms & BIT_USER)) - return export_groups(bin, bout); - } else { - if (checkparms & BIT_USER) - return export_database(bin, bout, - user_name); - else - return export_database(bin, bout, - NULL); - } - } - /* if BIT_USER is defined but nothing else then threat it as -l -u for compatibility */ /* fake up BIT_LIST if only BIT_USER is defined */ if ((checkparms & BIT_USER) && !(checkparms & ~BIT_USER)) { -- cgit From 2f2ab29cc110bebce3804f57c32ee55b691e81de Mon Sep 17 00:00:00 2001 From: Volker Lendecke Date: Wed, 15 Feb 2006 21:54:58 +0000 Subject: r13517: Fix typo -- thanks to Karolin Seeger (This used to be commit d0efb435e51ee4d5454b55aee1596355ecc4a2c6) --- source3/utils/pdbedit.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'source3/utils/pdbedit.c') diff --git a/source3/utils/pdbedit.c b/source3/utils/pdbedit.c index 7e29c797cb..f4d558f07d 100644 --- a/source3/utils/pdbedit.c +++ b/source3/utils/pdbedit.c @@ -671,7 +671,7 @@ int main (int argc, char **argv) {"bad-password-count-reset", 'z', POPT_ARG_NONE, &badpw_reset, 0, "reset bad password count", NULL}, {"logon-hours-reset", 'Z', POPT_ARG_NONE, &hours_reset, 0, "reset logon hours", NULL}, {"pwd-can-change-time", 0, POPT_ARG_STRING, &pwd_can_change_time, 0, "Set password can change time (unix time in seconds since 1970 if time format not provided)", NULL }, - {"pwd-must-change-time", 0, POPT_ARG_STRING, &pwd_must_change_time, 0, "Set password can change time (unix time in seconds since 1970 if time format not provided)", NULL }, + {"pwd-must-change-time", 0, POPT_ARG_STRING, &pwd_must_change_time, 0, "Set password must change time (unix time in seconds since 1970 if time format not provided)", NULL }, {"time-format", 0, POPT_ARG_STRING, &pwd_time_format, 0, "The time format for time parameters", NULL }, POPT_COMMON_SAMBA POPT_TABLEEND -- cgit From 394d1aeb8e2922a261efa78d65fc21defde63448 Mon Sep 17 00:00:00 2001 From: Lars Müller Date: Thu, 16 Feb 2006 16:22:44 +0000 Subject: r13524: Add -t|--password-from-stdin option to pdbedit as we had with Samba 2.2. MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit This fixes bug #1386. The initial changes had been made by Carsten Höger for Samba 2.2 while being at SuSE. *sigh* To not duplicate code from smbpasswd in pdbedit stdin_new_passwd() and get_pass() are moved from smbpasswd to utils/passwd_util.c. (This used to be commit dbdc5ba497c6010dbad47c9d77fc8bec5557a328) --- source3/utils/pdbedit.c | 20 ++++++++++---------- 1 file changed, 10 insertions(+), 10 deletions(-) (limited to 'source3/utils/pdbedit.c') diff --git a/source3/utils/pdbedit.c b/source3/utils/pdbedit.c index f4d558f07d..1423d9486d 100644 --- a/source3/utils/pdbedit.c +++ b/source3/utils/pdbedit.c @@ -394,12 +394,13 @@ static int set_user_info (struct pdb_methods *in, const char *username, static int new_user (struct pdb_methods *in, const char *username, const char *fullname, const char *homedir, const char *drive, const char *script, - const char *profile, char *user_sid, char *group_sid) + const char *profile, char *user_sid, char *group_sid, + BOOL stdin_get) { SAM_ACCOUNT *sam_pwent=NULL; - char *password1, *password2, *staticpass; - + char *password1, *password2; + get_global_sam_sid(); if (!NT_STATUS_IS_OK(pdb_init_sam_new(&sam_pwent, username))) { @@ -407,12 +408,8 @@ static int new_user (struct pdb_methods *in, const char *username, return -1; } - staticpass = getpass("new password:"); - password1 = SMB_STRDUP(staticpass); - memset(staticpass, 0, strlen(staticpass)); - staticpass = getpass("retype new password:"); - password2 = SMB_STRDUP(staticpass); - memset(staticpass, 0, strlen(staticpass)); + password1 = get_pass( "new password:", stdin_get); + password2 = get_pass( "retype new password:", stdin_get); if (strcmp (password1, password2)) { fprintf (stderr, "Passwords does not match!\n"); memset(password1, 0, strlen(password1)); @@ -636,6 +633,7 @@ int main (int argc, char **argv) static char *pwd_can_change_time = NULL; static char *pwd_must_change_time = NULL; static char *pwd_time_format = NULL; + BOOL pw_from_stdin = False; struct pdb_methods *bdef = NULL; poptContext pc; @@ -673,6 +671,7 @@ int main (int argc, char **argv) {"pwd-can-change-time", 0, POPT_ARG_STRING, &pwd_can_change_time, 0, "Set password can change time (unix time in seconds since 1970 if time format not provided)", NULL }, {"pwd-must-change-time", 0, POPT_ARG_STRING, &pwd_must_change_time, 0, "Set password must change time (unix time in seconds since 1970 if time format not provided)", NULL }, {"time-format", 0, POPT_ARG_STRING, &pwd_time_format, 0, "The time format for time parameters", NULL }, + {"password-from-stdin", 't', POPT_ARG_NONE, &pw_from_stdin, 0, "get password from standard in", NULL}, POPT_COMMON_SAMBA POPT_TABLEEND }; @@ -848,7 +847,8 @@ int main (int argc, char **argv) } else { return new_user (bdef, user_name, full_name, home_dir, home_drive, logon_script, - profile_path, user_sid, group_sid); + profile_path, user_sid, group_sid, + pw_from_stdin); } } -- cgit From b1002863e71c88a2b45528f1271677277d5bd6e0 Mon Sep 17 00:00:00 2001 From: Lars Müller Date: Thu, 16 Feb 2006 16:45:58 +0000 Subject: r13525: This is only a cleanup to have the memset() and SAFE_FREE() only one time in the code. Even if we now have an additional if statement after the free I prefer this solution in opposite to the duplicated code we had before. (This used to be commit 4272419b1146b1c03e070655f3a31d027c00ad20) --- source3/utils/pdbedit.c | 17 +++++++++-------- 1 file changed, 9 insertions(+), 8 deletions(-) (limited to 'source3/utils/pdbedit.c') diff --git a/source3/utils/pdbedit.c b/source3/utils/pdbedit.c index 1423d9486d..a098039cd0 100644 --- a/source3/utils/pdbedit.c +++ b/source3/utils/pdbedit.c @@ -400,6 +400,7 @@ static int new_user (struct pdb_methods *in, const char *username, SAM_ACCOUNT *sam_pwent=NULL; char *password1, *password2; + int rc_pwd_cmp; get_global_sam_sid(); @@ -410,22 +411,22 @@ static int new_user (struct pdb_methods *in, const char *username, password1 = get_pass( "new password:", stdin_get); password2 = get_pass( "retype new password:", stdin_get); - if (strcmp (password1, password2)) { - fprintf (stderr, "Passwords does not match!\n"); - memset(password1, 0, strlen(password1)); - SAFE_FREE(password1); - memset(password2, 0, strlen(password2)); - SAFE_FREE(password2); + if ((rc_pwd_cmp = strcmp (password1, password2))) { + fprintf (stderr, "Passwords do not match!\n"); pdb_free_sam (&sam_pwent); - return -1; + } else { + pdb_set_plaintext_passwd(sam_pwent, password1); } - pdb_set_plaintext_passwd(sam_pwent, password1); memset(password1, 0, strlen(password1)); SAFE_FREE(password1); memset(password2, 0, strlen(password2)); SAFE_FREE(password2); + /* pwds do _not_ match? */ + if (rc_pwd_cmp) + return -1; + if (fullname) pdb_set_fullname(sam_pwent, fullname, PDB_CHANGED); if (homedir) -- cgit From fb5362c069b5b6548478b2217a0519c56d856705 Mon Sep 17 00:00:00 2001 From: Gerald Carter Date: Mon, 20 Feb 2006 17:59:58 +0000 Subject: r13571: Replace all calls to talloc_free() with thye TALLOC_FREE() macro which sets the freed pointer to NULL. (This used to be commit b65be8874a2efe5a4b167448960a4fcf6bd995e2) --- source3/utils/pdbedit.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'source3/utils/pdbedit.c') diff --git a/source3/utils/pdbedit.c b/source3/utils/pdbedit.c index a098039cd0..2e7fbc1812 100644 --- a/source3/utils/pdbedit.c +++ b/source3/utils/pdbedit.c @@ -508,10 +508,10 @@ static int new_machine (struct pdb_methods *in, const char *machine_in) if ((pwd = getpwnam_alloc(NULL, machineaccount))) { if (!NT_STATUS_IS_OK(pdb_init_sam_pw( &sam_pwent, pwd))) { fprintf(stderr, "Could not init sam from pw\n"); - talloc_free(pwd); + TALLOC_FREE(pwd); return -1; } - talloc_free(&pwd); + TALLOC_FREE(pwd); } else { if (!NT_STATUS_IS_OK(pdb_init_sam (&sam_pwent))) { fprintf(stderr, "Could not init sam from pw\n"); -- cgit From 2203bed32c84c63737f402accf73452efb76b483 Mon Sep 17 00:00:00 2001 From: Gerald Carter Date: Mon, 20 Feb 2006 20:09:36 +0000 Subject: r13576: This is the beginnings of moving the SAM_ACCOUNT data structure to make full use of the new talloc() interface. Discussed with Volker and Jeremy. * remove the internal mem_ctx and simply use the talloc() structure as the context. * replace the internal free_fn() with a talloc_destructor() function * remove the unnecessary private nested structure * rename SAM_ACCOUNT to 'struct samu' to indicate the current an upcoming changes. Groups will most likely be replaced with a 'struct samg' in the future. Note that there are now passbd API changes. And for the most part, the wrapper functions remain the same. While this code has been tested on tdb and ldap based Samba PDC's as well as Samba member servers, there are probably still some bugs. The code also needs more testing under valgrind to ensure it's not leaking memory. But it's a start...... (This used to be commit 19b7593972480540283c5bf02c02e5ecd8d2c3f0) --- source3/utils/pdbedit.c | 50 ++++++++++++++++++++++++------------------------- 1 file changed, 25 insertions(+), 25 deletions(-) (limited to 'source3/utils/pdbedit.c') diff --git a/source3/utils/pdbedit.c b/source3/utils/pdbedit.c index 2e7fbc1812..d517783e85 100644 --- a/source3/utils/pdbedit.c +++ b/source3/utils/pdbedit.c @@ -86,7 +86,7 @@ static int reinit_account_policies (void) Print info from sam structure **********************************************************/ -static int print_sam_info (SAM_ACCOUNT *sam_pwent, BOOL verbosity, BOOL smbpwdstyle) +static int print_sam_info (struct samu *sam_pwent, BOOL verbosity, BOOL smbpwdstyle) { uid_t uid; time_t tmp; @@ -172,7 +172,7 @@ static int print_sam_info (SAM_ACCOUNT *sam_pwent, BOOL verbosity, BOOL smbpwdst static int print_user_info (struct pdb_methods *in, const char *username, BOOL verbosity, BOOL smbpwdstyle) { - SAM_ACCOUNT *sam_pwent=NULL; + struct samu *sam_pwent=NULL; BOOL ret; if (!NT_STATUS_IS_OK(pdb_init_sam (&sam_pwent))) { @@ -183,12 +183,12 @@ static int print_user_info (struct pdb_methods *in, const char *username, BOOL v if (ret==False) { fprintf (stderr, "Username not found!\n"); - pdb_free_sam(&sam_pwent); + TALLOC_FREE(sam_pwent); return -1; } ret=print_sam_info (sam_pwent, verbosity, smbpwdstyle); - pdb_free_sam(&sam_pwent); + TALLOC_FREE(sam_pwent); return ret; } @@ -198,7 +198,7 @@ static int print_user_info (struct pdb_methods *in, const char *username, BOOL v **********************************************************/ static int print_users_list (struct pdb_methods *in, BOOL verbosity, BOOL smbpwdstyle) { - SAM_ACCOUNT *sam_pwent=NULL; + struct samu *sam_pwent=NULL; BOOL check; check = NT_STATUS_IS_OK(in->setsampwent(in, False, 0)); @@ -213,10 +213,10 @@ static int print_users_list (struct pdb_methods *in, BOOL verbosity, BOOL smbpwd if (verbosity) printf ("---------------\n"); print_sam_info (sam_pwent, verbosity, smbpwdstyle); - pdb_free_sam(&sam_pwent); + TALLOC_FREE(sam_pwent); check = NT_STATUS_IS_OK(pdb_init_sam(&sam_pwent)); } - if (check) pdb_free_sam(&sam_pwent); + if (check) TALLOC_FREE(sam_pwent); in->endsampwent(in); return 0; @@ -227,7 +227,7 @@ static int print_users_list (struct pdb_methods *in, BOOL verbosity, BOOL smbpwd **********************************************************/ static int fix_users_list (struct pdb_methods *in) { - SAM_ACCOUNT *sam_pwent=NULL; + struct samu *sam_pwent=NULL; BOOL check; check = NT_STATUS_IS_OK(in->setsampwent(in, False, 0)); @@ -244,14 +244,14 @@ static int fix_users_list (struct pdb_methods *in) if (!NT_STATUS_IS_OK(pdb_update_sam_account(sam_pwent))) { printf("Update of user %s failed!\n", pdb_get_username(sam_pwent)); } - pdb_free_sam(&sam_pwent); + TALLOC_FREE(sam_pwent); check = NT_STATUS_IS_OK(pdb_init_sam(&sam_pwent)); if (!check) { - fprintf(stderr, "Failed to initialise new SAM_ACCOUNT structure (out of memory?)\n"); + fprintf(stderr, "Failed to initialise new struct samu structure (out of memory?)\n"); } } - if (check) pdb_free_sam(&sam_pwent); + if (check) TALLOC_FREE(sam_pwent); in->endsampwent(in); return 0; @@ -272,7 +272,7 @@ static int set_user_info (struct pdb_methods *in, const char *username, time_t pwd_can_change, time_t pwd_must_change) { BOOL updated_autolock = False, updated_badpw = False; - SAM_ACCOUNT *sam_pwent=NULL; + struct samu *sam_pwent=NULL; BOOL ret; pdb_init_sam(&sam_pwent); @@ -280,7 +280,7 @@ static int set_user_info (struct pdb_methods *in, const char *username, ret = NT_STATUS_IS_OK(in->getsampwnam (in, sam_pwent, username)); if (ret==False) { fprintf (stderr, "Username not found!\n"); - pdb_free_sam(&sam_pwent); + TALLOC_FREE(sam_pwent); return -1; } @@ -333,7 +333,7 @@ static int set_user_info (struct pdb_methods *in, const char *username, if (newflag & not_settable) { fprintf(stderr, "Can only set [NDHLX] flags\n"); - pdb_free_sam(&sam_pwent); + TALLOC_FREE(sam_pwent); return -1; } @@ -381,10 +381,10 @@ static int set_user_info (struct pdb_methods *in, const char *username, print_user_info (in, username, True, False); else { fprintf (stderr, "Unable to modify entry!\n"); - pdb_free_sam(&sam_pwent); + TALLOC_FREE(sam_pwent); return -1; } - pdb_free_sam(&sam_pwent); + TALLOC_FREE(sam_pwent); return 0; } @@ -397,7 +397,7 @@ static int new_user (struct pdb_methods *in, const char *username, const char *profile, char *user_sid, char *group_sid, BOOL stdin_get) { - SAM_ACCOUNT *sam_pwent=NULL; + struct samu *sam_pwent=NULL; char *password1, *password2; int rc_pwd_cmp; @@ -413,7 +413,7 @@ static int new_user (struct pdb_methods *in, const char *username, password2 = get_pass( "retype new password:", stdin_get); if ((rc_pwd_cmp = strcmp (password1, password2))) { fprintf (stderr, "Passwords do not match!\n"); - pdb_free_sam (&sam_pwent); + TALLOC_FREE(sam_pwent); } else { pdb_set_plaintext_passwd(sam_pwent, password1); } @@ -474,10 +474,10 @@ static int new_user (struct pdb_methods *in, const char *username, print_user_info (in, username, True, False); } else { fprintf (stderr, "Unable to add user! (does it already exist?)\n"); - pdb_free_sam (&sam_pwent); + TALLOC_FREE(sam_pwent); return -1; } - pdb_free_sam (&sam_pwent); + TALLOC_FREE(sam_pwent); return 0; } @@ -487,7 +487,7 @@ static int new_user (struct pdb_methods *in, const char *username, static int new_machine (struct pdb_methods *in, const char *machine_in) { - SAM_ACCOUNT *sam_pwent=NULL; + struct samu *sam_pwent=NULL; fstring machinename; fstring machineaccount; struct passwd *pwd = NULL; @@ -531,10 +531,10 @@ static int new_machine (struct pdb_methods *in, const char *machine_in) print_user_info (in, machineaccount, True, False); } else { fprintf (stderr, "Unable to add machine! (does it already exist?)\n"); - pdb_free_sam (&sam_pwent); + TALLOC_FREE(sam_pwent); return -1; } - pdb_free_sam (&sam_pwent); + TALLOC_FREE(sam_pwent); return 0; } @@ -544,7 +544,7 @@ static int new_machine (struct pdb_methods *in, const char *machine_in) static int delete_user_entry (struct pdb_methods *in, const char *username) { - SAM_ACCOUNT *samaccount = NULL; + struct samu *samaccount = NULL; if (!NT_STATUS_IS_OK(pdb_init_sam (&samaccount))) { return -1; @@ -569,7 +569,7 @@ static int delete_user_entry (struct pdb_methods *in, const char *username) static int delete_machine_entry (struct pdb_methods *in, const char *machinename) { fstring name; - SAM_ACCOUNT *samaccount = NULL; + struct samu *samaccount = NULL; fstrcpy(name, machinename); name[15] = '\0'; -- cgit From cd559192633d78a9f06e239c6a448955f6ea0842 Mon Sep 17 00:00:00 2001 From: Gerald Carter Date: Tue, 21 Feb 2006 14:34:11 +0000 Subject: r13590: * replace all pdb_init_sam[_talloc]() calls with samu_new() * replace all pdb_{init,fill}_sam_pw() calls with samu_set_unix() (This used to be commit 6f1afa4acc93a07d0ee9940822d7715acaae634f) --- source3/utils/pdbedit.c | 45 +++++++++++++++++++++++++++++++++------------ 1 file changed, 33 insertions(+), 12 deletions(-) (limited to 'source3/utils/pdbedit.c') diff --git a/source3/utils/pdbedit.c b/source3/utils/pdbedit.c index d517783e85..f1e4fb6542 100644 --- a/source3/utils/pdbedit.c +++ b/source3/utils/pdbedit.c @@ -175,7 +175,7 @@ static int print_user_info (struct pdb_methods *in, const char *username, BOOL v struct samu *sam_pwent=NULL; BOOL ret; - if (!NT_STATUS_IS_OK(pdb_init_sam (&sam_pwent))) { + if ( !(sam_pwent = samu_new( NULL )) ) { return -1; } @@ -207,16 +207,22 @@ static int print_users_list (struct pdb_methods *in, BOOL verbosity, BOOL smbpwd } check = True; - if (!(NT_STATUS_IS_OK(pdb_init_sam(&sam_pwent)))) return 1; + if ( !(sam_pwent = samu_new( NULL )) ) { + return 1; + } while (check && NT_STATUS_IS_OK(in->getsampwent (in, sam_pwent))) { if (verbosity) printf ("---------------\n"); print_sam_info (sam_pwent, verbosity, smbpwdstyle); TALLOC_FREE(sam_pwent); - check = NT_STATUS_IS_OK(pdb_init_sam(&sam_pwent)); + + if ( !(sam_pwent = samu_new( NULL )) ) { + check = False; + } } - if (check) TALLOC_FREE(sam_pwent); + if (check) + TALLOC_FREE(sam_pwent); in->endsampwent(in); return 0; @@ -236,7 +242,9 @@ static int fix_users_list (struct pdb_methods *in) } check = True; - if (!(NT_STATUS_IS_OK(pdb_init_sam(&sam_pwent)))) return 1; + if ( !(sam_pwent = samu_new( NULL )) ) { + return 1; + } while (check && NT_STATUS_IS_OK(in->getsampwent (in, sam_pwent))) { printf("Updating record for user %s\n", pdb_get_username(sam_pwent)); @@ -245,13 +253,16 @@ static int fix_users_list (struct pdb_methods *in) printf("Update of user %s failed!\n", pdb_get_username(sam_pwent)); } TALLOC_FREE(sam_pwent); - check = NT_STATUS_IS_OK(pdb_init_sam(&sam_pwent)); + if ( !(sam_pwent = samu_new( NULL )) ) { + check = False; + } if (!check) { fprintf(stderr, "Failed to initialise new struct samu structure (out of memory?)\n"); } } - if (check) TALLOC_FREE(sam_pwent); + if (check) + TALLOC_FREE(sam_pwent); in->endsampwent(in); return 0; @@ -275,7 +286,9 @@ static int set_user_info (struct pdb_methods *in, const char *username, struct samu *sam_pwent=NULL; BOOL ret; - pdb_init_sam(&sam_pwent); + if ( !(sam_pwent = samu_new( NULL )) ) { + return 1; + } ret = NT_STATUS_IS_OK(in->getsampwnam (in, sam_pwent, username)); if (ret==False) { @@ -506,14 +519,22 @@ static int new_machine (struct pdb_methods *in, const char *machine_in) fstrcat(machineaccount, "$"); if ((pwd = getpwnam_alloc(NULL, machineaccount))) { - if (!NT_STATUS_IS_OK(pdb_init_sam_pw( &sam_pwent, pwd))) { + + if ( !(sam_pwent = samu_new( NULL )) ) { + fprintf(stderr, "Memory allocation error!\n"); + TALLOC_FREE(pwd); + return -1; + } + + if ( !NT_STATUS_IS_OK(samu_set_unix(sam_pwent, pwd)) ) { fprintf(stderr, "Could not init sam from pw\n"); TALLOC_FREE(pwd); return -1; } + TALLOC_FREE(pwd); } else { - if (!NT_STATUS_IS_OK(pdb_init_sam (&sam_pwent))) { + if ( !(sam_pwent = samu_new( NULL )) ) { fprintf(stderr, "Could not init sam from pw\n"); return -1; } @@ -546,7 +567,7 @@ static int delete_user_entry (struct pdb_methods *in, const char *username) { struct samu *samaccount = NULL; - if (!NT_STATUS_IS_OK(pdb_init_sam (&samaccount))) { + if ( !(samaccount = samu_new( NULL )) ) { return -1; } @@ -576,7 +597,7 @@ static int delete_machine_entry (struct pdb_methods *in, const char *machinename if (name[strlen(name)-1] != '$') fstrcat (name, "$"); - if (!NT_STATUS_IS_OK(pdb_init_sam (&samaccount))) { + if ( !(samaccount = samu_new( NULL )) ) { return -1; } -- cgit From b5caff56ec0ecfbdd3f7ddd8b0a1d6bd617886b3 Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Wed, 22 Feb 2006 00:34:35 +0000 Subject: r13607: Fix compile - don't ref auto variable in a structure initialization. Fix from Richard Bollinger . Jeremy. (This used to be commit 02da5189f1c2a07a7ac02cf51e23782f70829f34) --- source3/utils/pdbedit.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'source3/utils/pdbedit.c') diff --git a/source3/utils/pdbedit.c b/source3/utils/pdbedit.c index f1e4fb6542..bd33676547 100644 --- a/source3/utils/pdbedit.c +++ b/source3/utils/pdbedit.c @@ -655,7 +655,7 @@ int main (int argc, char **argv) static char *pwd_can_change_time = NULL; static char *pwd_must_change_time = NULL; static char *pwd_time_format = NULL; - BOOL pw_from_stdin = False; + static BOOL pw_from_stdin = False; struct pdb_methods *bdef = NULL; poptContext pc; -- cgit From d95e13e68f3c7ac517a45877b351849ef4a99b93 Mon Sep 17 00:00:00 2001 From: Gerald Carter Date: Fri, 24 Feb 2006 21:36:40 +0000 Subject: r13679: Commiting the rm_primary_group.patch posted on samba-technical * ignore the primary group SID attribute from struct samu* * generate the primary group SID strictlky from the Unix primary group when dealing with passdb users * Fix memory leak in original patch caused by failing to free a talloc * * add wrapper around samu_set_unix() to prevent exposing the create BOOL to callers. Wrappers are samu_set_unix() and samu-allic_rid_unix() (This used to be commit bcf269e2ec6630b78d909010fabd3b69dd6dda84) --- source3/utils/pdbedit.c | 83 ++++++++++++++----------------------------------- 1 file changed, 24 insertions(+), 59 deletions(-) (limited to 'source3/utils/pdbedit.c') diff --git a/source3/utils/pdbedit.c b/source3/utils/pdbedit.c index bd33676547..471b898877 100644 --- a/source3/utils/pdbedit.c +++ b/source3/utils/pdbedit.c @@ -277,8 +277,7 @@ static int set_user_info (struct pdb_methods *in, const char *username, const char *acct_desc, const char *drive, const char *script, const char *profile, const char *account_control, - const char *user_sid, const char *group_sid, - const char *user_domain, + const char *user_sid, const char *user_domain, const BOOL badpw, const BOOL hours, time_t pwd_can_change, time_t pwd_must_change) { @@ -369,21 +368,6 @@ static int set_user_info (struct pdb_methods *in, const char *username, } pdb_set_user_sid (sam_pwent, &u_sid, PDB_CHANGED); } - if (group_sid) { - DOM_SID g_sid; - if (!string_to_sid(&g_sid, group_sid)) { - /* not a complete sid, may be a RID, try building a SID */ - int g_rid; - - if (sscanf(group_sid, "%d", &g_rid) != 1) { - fprintf(stderr, "Error passed string is not a complete group SID or RID!\n"); - return -1; - } - sid_copy(&g_sid, get_global_sam_sid()); - sid_append_rid(&g_sid, g_rid); - } - pdb_set_group_sid (sam_pwent, &g_sid, PDB_CHANGED); - } if (badpw) { pdb_set_bad_password_count(sam_pwent, 0, PDB_CHANGED); @@ -407,17 +391,28 @@ static int set_user_info (struct pdb_methods *in, const char *username, static int new_user (struct pdb_methods *in, const char *username, const char *fullname, const char *homedir, const char *drive, const char *script, - const char *profile, char *user_sid, char *group_sid, - BOOL stdin_get) + const char *profile, char *user_sid, BOOL stdin_get) { - struct samu *sam_pwent=NULL; - + struct samu *sam_pwent; char *password1, *password2; int rc_pwd_cmp; + struct passwd *pwd; get_global_sam_sid(); - if (!NT_STATUS_IS_OK(pdb_init_sam_new(&sam_pwent, username))) { + if ( !(pwd = getpwnam_alloc( NULL, username )) ) { + DEBUG(0,("Cannot locate Unix account for %s\n", username)); + return -1; + } + + if ( !(sam_pwent = samu_new( NULL )) ) { + DEBUG(0, ("Memory allocation failure!\n")); + return -1; + } + + if (!NT_STATUS_IS_OK(samu_alloc_rid_unix(sam_pwent, pwd ))) { + TALLOC_FREE( sam_pwent ); + TALLOC_FREE( pwd ); DEBUG(0, ("could not create account to add new user %s\n", username)); return -1; } @@ -465,21 +460,6 @@ static int new_user (struct pdb_methods *in, const char *username, } pdb_set_user_sid (sam_pwent, &u_sid, PDB_CHANGED); } - if (group_sid) { - DOM_SID g_sid; - if (!string_to_sid(&g_sid, group_sid)) { - /* not a complete sid, may be a RID, try building a SID */ - int g_rid; - - if (sscanf(group_sid, "%d", &g_rid) != 1) { - fprintf(stderr, "Error passed string is not a complete group SID or RID!\n"); - return -1; - } - sid_copy(&g_sid, get_global_sam_sid()); - sid_append_rid(&g_sid, g_rid); - } - pdb_set_group_sid (sam_pwent, &g_sid, PDB_CHANGED); - } pdb_set_acct_ctrl (sam_pwent, ACB_NORMAL, PDB_CHANGED); @@ -526,7 +506,7 @@ static int new_machine (struct pdb_methods *in, const char *machine_in) return -1; } - if ( !NT_STATUS_IS_OK(samu_set_unix(sam_pwent, pwd)) ) { + if ( !NT_STATUS_IS_OK(samu_set_unix(sam_pwent, pwd )) ) { fprintf(stderr, "Could not init sam from pw\n"); TALLOC_FREE(pwd); return -1; @@ -541,13 +521,9 @@ static int new_machine (struct pdb_methods *in, const char *machine_in) } pdb_set_plaintext_passwd (sam_pwent, machinename); - - pdb_set_username (sam_pwent, machineaccount, PDB_CHANGED); - + pdb_set_username (sam_pwent, machineaccount, PDB_CHANGED); pdb_set_acct_ctrl (sam_pwent, ACB_WSTRUST, PDB_CHANGED); - pdb_set_group_sid_from_rid(sam_pwent, DOMAIN_GROUP_RID_COMPUTERS, PDB_CHANGED); - if (NT_STATUS_IS_OK(in->add_sam_account (in, sam_pwent))) { print_user_info (in, machineaccount, True, False); } else { @@ -647,7 +623,6 @@ int main (int argc, char **argv) static char *account_control = NULL; static char *account_policy = NULL; static char *user_sid = NULL; - static char *group_sid = NULL; static long int account_policy_value = 0; BOOL account_policy_value_set = False; static BOOL badpw_reset = False; @@ -673,7 +648,6 @@ int main (int argc, char **argv) {"profile", 'p', POPT_ARG_STRING, &profile_path, 0, "set profile path", NULL}, {"domain", 'I', POPT_ARG_STRING, &user_domain, 0, "set a users' domain", NULL}, {"user SID", 'U', POPT_ARG_STRING, &user_sid, 0, "set user SID or RID", NULL}, - {"group SID", 'G', POPT_ARG_STRING, &group_sid, 0, "set group SID or RID", NULL}, {"create", 'a', POPT_ARG_NONE, &add_user, 0, "create user", NULL}, {"modify", 'r', POPT_ARG_NONE, &modify_user, 0, "modify user", NULL}, {"machine", 'm', POPT_ARG_NONE, &machine, 0, "account is a machine account", NULL}, @@ -743,7 +717,6 @@ int main (int argc, char **argv) (list_users ? BIT_LIST : 0) + (force_initialised_password ? BIT_FIX_INIT : 0) + (user_sid ? BIT_USERSIDS : 0) + - (group_sid ? BIT_USERSIDS : 0) + (modify_user ? BIT_MODIFY : 0) + (add_user ? BIT_CREATE : 0) + (delete_user ? BIT_DELETE : 0) + @@ -868,9 +841,7 @@ int main (int argc, char **argv) return new_machine (bdef, user_name); } else { return new_user (bdef, user_name, full_name, home_dir, - home_drive, logon_script, - profile_path, user_sid, group_sid, - pw_from_stdin); + home_drive, logon_script, profile_path, user_sid, pw_from_stdin); } } @@ -939,16 +910,10 @@ int main (int argc, char **argv) } } } - return set_user_info (bdef, user_name, full_name, - home_dir, - acct_desc, - home_drive, - logon_script, - profile_path, account_control, - user_sid, group_sid, - user_domain, - badpw_reset, hours_reset, - pwd_can_change, pwd_must_change); + return set_user_info (bdef, user_name, full_name, home_dir, + acct_desc, home_drive, logon_script, profile_path, account_control, + user_sid, user_domain, badpw_reset, hours_reset, pwd_can_change, + pwd_must_change); error: fprintf (stderr, "Error parsing the time in pwd-%s-change-time!\n", errstr); return -1; -- cgit From aeea749548f691fa870a1c0668495973849a235b Mon Sep 17 00:00:00 2001 From: Günther Deschner Date: Thu, 9 Mar 2006 11:01:43 +0000 Subject: r14062: Forgot those in the uint16/32 acb_info switch. Guenther (This used to be commit 0167b6cca80492d8a076da0497d24089f78587dc) --- source3/utils/pdbedit.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'source3/utils/pdbedit.c') diff --git a/source3/utils/pdbedit.c b/source3/utils/pdbedit.c index 471b898877..d34c23193c 100644 --- a/source3/utils/pdbedit.c +++ b/source3/utils/pdbedit.c @@ -338,10 +338,10 @@ static int set_user_info (struct pdb_methods *in, const char *username, pdb_set_domain(sam_pwent, user_domain, PDB_CHANGED); if (account_control) { - uint16 not_settable = ~(ACB_DISABLED|ACB_HOMDIRREQ|ACB_PWNOTREQ| + uint32 not_settable = ~(ACB_DISABLED|ACB_HOMDIRREQ|ACB_PWNOTREQ| ACB_PWNOEXP|ACB_AUTOLOCK); - uint16 newflag = pdb_decode_acct_ctrl(account_control); + uint32 newflag = pdb_decode_acct_ctrl(account_control); if (newflag & not_settable) { fprintf(stderr, "Can only set [NDHLX] flags\n"); -- cgit From 5aa66fd0393318586edb5ee17e5cad2236aa5c8b Mon Sep 17 00:00:00 2001 From: Gerald Carter Date: Mon, 20 Mar 2006 10:18:23 +0000 Subject: r14577: BUG Fixes: * Add back in the import/export support to pdbedit * Fix segv in pam_smbpass * Cleanup some error paths in pdb_tdb and pdb_interface (This used to be commit df53d64910fbb96eb810102e986b3c337d54c463) --- source3/utils/pdbedit.c | 212 +++++++++++++++++++++++++++++++++++++++++++++--- 1 file changed, 199 insertions(+), 13 deletions(-) (limited to 'source3/utils/pdbedit.c') diff --git a/source3/utils/pdbedit.c b/source3/utils/pdbedit.c index d34c23193c..7d95d15bf2 100644 --- a/source3/utils/pdbedit.c +++ b/source3/utils/pdbedit.c @@ -54,6 +54,108 @@ #define MASK_ALWAYS_GOOD 0x0000001F #define MASK_USER_GOOD 0x00405FE0 +/********************************************************* + Add all currently available users to another db + ********************************************************/ + +static int export_database (struct pdb_methods *in, + struct pdb_methods *out, + const char *username) +{ + struct samu *user = NULL; + NTSTATUS status; + + DEBUG(3, ("export_database: username=\"%s\"\n", username ? username : "(NULL)")); + + status = in->setsampwent(in, 0, 0); + if ( NT_STATUS_IS_ERR(status) ) { + fprintf(stderr, "Unable to set account database iterator for %s!\n", + in->name); + return 1; + } + + if ( ( user = samu_new( NULL ) ) == NULL ) { + fprintf(stderr, "export_database: Memory allocation failure!\n"); + return 1; + } + + while ( NT_STATUS_IS_OK(in->getsampwent(in, user)) ) + { + DEBUG(4, ("Processing account %s\n", user->username)); + + /* If we don't have a specific user or if we do and + the login name matches */ + + if ( !username || (strcmp(username, user->username) == 0)) { + struct samu *account; + + if ( (account = samu_new( NULL )) == NULL ) { + fprintf(stderr, "export_database: Memory allocation failure!\n"); + TALLOC_FREE( user ); + in->endsampwent( in ); + return 1; + } + + printf("Importing accout for %s...", user->username); + if ( !NT_STATUS_IS_OK(out->getsampwnam( out, account, user->username )) ) { + status = out->add_sam_account(out, user); + } else { + status = out->update_sam_account( out, user ); + } + + if ( NT_STATUS_IS_OK(status) ) { + printf( "ok\n"); + } else { + printf( "failed\n"); + } + + TALLOC_FREE( account ); + } + + /* clean up and get ready for another run */ + + TALLOC_FREE( user ); + + if ( ( user = samu_new( NULL ) ) == NULL ) { + fprintf(stderr, "export_database: Memory allocation failure!\n"); + return 1; + } + } + + TALLOC_FREE( user ); + + in->endsampwent(in); + + return 0; +} + +/********************************************************* + Add all currently available group mappings to another db + ********************************************************/ + +static int export_groups (struct pdb_methods *in, struct pdb_methods *out) +{ + GROUP_MAP *maps = NULL; + size_t i, entries = 0; + NTSTATUS status; + + status = in->enum_group_mapping(in, get_global_sam_sid(), + SID_NAME_DOM_GRP, &maps, &entries, False); + + if ( NT_STATUS_IS_ERR(status) ) { + fprintf(stderr, "Unable to enumerate group map entries.\n"); + return 1; + } + + for (i=0; iadd_group_mapping_entry(out, &(maps[i])); + } + + SAFE_FREE( maps ); + + return 0; +} + /********************************************************* Reset account policies to their default values and remove marker ********************************************************/ @@ -82,6 +184,45 @@ static int reinit_account_policies (void) return 0; } + +/********************************************************* + Add all currently available account policy from tdb to one backend + ********************************************************/ + +static int export_account_policies (struct pdb_methods *in, struct pdb_methods *out) +{ + int i; + + if (!account_policy_migrated(True)) { + fprintf(stderr, "Unable to set account policy marker in tdb\n"); + return -1; + } + + for ( i=1; decode_account_policy_name(i) != NULL; i++ ) { + uint32 policy_value; + NTSTATUS status; + + status = in->get_account_policy(in, i, &policy_value); + + if ( NT_STATUS_IS_ERR(status) ) { + fprintf(stderr, "Unable to get account policy from %s\n", in->name); + remove_account_policy_migrated(); + return -1; + } + + status = out->set_account_policy(out, i, policy_value); + + if ( NT_STATUS_IS_ERR(status) ) { + fprintf(stderr, "Unable to migrate account policy to %s\n", out->name); + remove_account_policy_migrated(); + return -1; + } + } + + return 0; +} + + /********************************************************* Print info from sam structure **********************************************************/ @@ -175,7 +316,7 @@ static int print_user_info (struct pdb_methods *in, const char *username, BOOL v struct samu *sam_pwent=NULL; BOOL ret; - if ( !(sam_pwent = samu_new( NULL )) ) { + if ( (sam_pwent = samu_new( NULL )) == NULL ) { return -1; } @@ -207,7 +348,7 @@ static int print_users_list (struct pdb_methods *in, BOOL verbosity, BOOL smbpwd } check = True; - if ( !(sam_pwent = samu_new( NULL )) ) { + if ( (sam_pwent = samu_new( NULL )) == NULL ) { return 1; } @@ -217,7 +358,7 @@ static int print_users_list (struct pdb_methods *in, BOOL verbosity, BOOL smbpwd print_sam_info (sam_pwent, verbosity, smbpwdstyle); TALLOC_FREE(sam_pwent); - if ( !(sam_pwent = samu_new( NULL )) ) { + if ( (sam_pwent = samu_new( NULL )) == NULL ) { check = False; } } @@ -242,7 +383,7 @@ static int fix_users_list (struct pdb_methods *in) } check = True; - if ( !(sam_pwent = samu_new( NULL )) ) { + if ( (sam_pwent = samu_new( NULL )) == NULL ) { return 1; } @@ -253,7 +394,7 @@ static int fix_users_list (struct pdb_methods *in) printf("Update of user %s failed!\n", pdb_get_username(sam_pwent)); } TALLOC_FREE(sam_pwent); - if ( !(sam_pwent = samu_new( NULL )) ) { + if ( (sam_pwent = samu_new( NULL )) == NULL ) { check = False; } if (!check) { @@ -285,7 +426,7 @@ static int set_user_info (struct pdb_methods *in, const char *username, struct samu *sam_pwent=NULL; BOOL ret; - if ( !(sam_pwent = samu_new( NULL )) ) { + if ( (sam_pwent = samu_new( NULL )) == NULL ) { return 1; } @@ -405,7 +546,7 @@ static int new_user (struct pdb_methods *in, const char *username, return -1; } - if ( !(sam_pwent = samu_new( NULL )) ) { + if ( (sam_pwent = samu_new( NULL )) == NULL ) { DEBUG(0, ("Memory allocation failure!\n")); return -1; } @@ -500,7 +641,7 @@ static int new_machine (struct pdb_methods *in, const char *machine_in) if ((pwd = getpwnam_alloc(NULL, machineaccount))) { - if ( !(sam_pwent = samu_new( NULL )) ) { + if ( (sam_pwent = samu_new( NULL )) == NULL ) { fprintf(stderr, "Memory allocation error!\n"); TALLOC_FREE(pwd); return -1; @@ -514,7 +655,7 @@ static int new_machine (struct pdb_methods *in, const char *machine_in) TALLOC_FREE(pwd); } else { - if ( !(sam_pwent = samu_new( NULL )) ) { + if ( (sam_pwent = samu_new( NULL )) == NULL ) { fprintf(stderr, "Could not init sam from pw\n"); return -1; } @@ -543,7 +684,7 @@ static int delete_user_entry (struct pdb_methods *in, const char *username) { struct samu *samaccount = NULL; - if ( !(samaccount = samu_new( NULL )) ) { + if ( (samaccount = samu_new( NULL )) == NULL ) { return -1; } @@ -573,7 +714,7 @@ static int delete_machine_entry (struct pdb_methods *in, const char *machinename if (name[strlen(name)-1] != '$') fstrcat (name, "$"); - if ( !(samaccount = samu_new( NULL )) ) { + if ( (samaccount = samu_new( NULL )) == NULL ) { return -1; } @@ -631,8 +772,7 @@ int main (int argc, char **argv) static char *pwd_must_change_time = NULL; static char *pwd_time_format = NULL; static BOOL pw_from_stdin = False; - - struct pdb_methods *bdef = NULL; + struct pdb_methods *bin, *bout, *bdef; poptContext pc; struct poptOption long_options[] = { POPT_AUTOHELP @@ -672,6 +812,8 @@ int main (int argc, char **argv) POPT_TABLEEND }; + bin = bout = bdef = NULL; + load_case_tables(); setup_logging("pdbedit", True); @@ -790,6 +932,50 @@ int main (int argc, char **argv) exit(0); } + /* import and export operations */ + + if ( ((checkparms & BIT_IMPORT) + || (checkparms & BIT_EXPORT)) + && !(checkparms & ~(BIT_IMPORT +BIT_EXPORT +BIT_USER)) ) + { + NTSTATUS status; + + bin = bout = bdef; + + if (backend_in) { + status = make_pdb_method_name(&bin, backend_in); + + if ( !NT_STATUS_IS_OK(status) ) { + fprintf(stderr, "Unable to initialize %s.\n", backend_in); + return 1; + } + } + + if (backend_out) { + status = make_pdb_method_name(&bout, backend_out); + + if ( !NT_STATUS_IS_OK(status) ) { + fprintf(stderr, "Unable to initialize %s.\n", backend_out); + return 1; + } + } + + if (transfer_account_policies) { + + if (!(checkparms & BIT_USER)) + return export_account_policies(bin, bout); + + } else if (transfer_groups) { + + if (!(checkparms & BIT_USER)) + return export_groups(bin, bout); + + } else { + return export_database(bin, bout, + (checkparms & BIT_USER) ? user_name : NULL ); + } + } + /* if BIT_USER is defined but nothing else then threat it as -l -u for compatibility */ /* fake up BIT_LIST if only BIT_USER is defined */ if ((checkparms & BIT_USER) && !(checkparms & ~BIT_USER)) { -- cgit From c56f00252528e236f6e9f4db588ec092c93d9c2a Mon Sep 17 00:00:00 2001 From: Volker Lendecke Date: Thu, 15 Jun 2006 11:44:57 +0000 Subject: r16252: Fix Klocwork ID 1119, 1121. Volker (This used to be commit 678bbcf06109b276d3e4514c3788a9fb31348de0) --- source3/utils/pdbedit.c | 10 ++++++++++ 1 file changed, 10 insertions(+) (limited to 'source3/utils/pdbedit.c') diff --git a/source3/utils/pdbedit.c b/source3/utils/pdbedit.c index 7d95d15bf2..0a6fb7e8be 100644 --- a/source3/utils/pdbedit.c +++ b/source3/utils/pdbedit.c @@ -628,6 +628,11 @@ static int new_machine (struct pdb_methods *in, const char *machine_in) get_global_sam_sid(); + if (strlen(machine_in) == 0) { + fprintf(stderr, "No machine name given\n"); + return -1; + } + fstrcpy(machinename, machine_in); machinename[15]= '\0'; @@ -708,6 +713,11 @@ static int delete_machine_entry (struct pdb_methods *in, const char *machinename { fstring name; struct samu *samaccount = NULL; + + if (strlen(machinename) == 0) { + fprintf(stderr, "No machine name given\n"); + return -1; + } fstrcpy(name, machinename); name[15] = '\0'; -- cgit From 716f7245d99d17b7b3e6bda05dc2edf7334463a5 Mon Sep 17 00:00:00 2001 From: Volker Lendecke Date: Sat, 9 Sep 2006 22:27:06 +0000 Subject: r18313: Nobody said "no" (yet.... gd?), so commit it: Remove the account_policy_migrated() thingy, and make cache_account_policy_set use gencache. Account policies are now handled like groups and users are with respect to "passdb backend". Volker (This used to be commit fa8b2e2a585ab0c00a5fbde7aa790043261caf2e) --- source3/utils/pdbedit.c | 12 ------------ 1 file changed, 12 deletions(-) (limited to 'source3/utils/pdbedit.c') diff --git a/source3/utils/pdbedit.c b/source3/utils/pdbedit.c index 0a6fb7e8be..0ebe022e18 100644 --- a/source3/utils/pdbedit.c +++ b/source3/utils/pdbedit.c @@ -176,11 +176,6 @@ static int reinit_account_policies (void) } } - if (!remove_account_policy_migrated()) { - fprintf(stderr, "Can't remove marker from tdb\n"); - return -1; - } - return 0; } @@ -193,11 +188,6 @@ static int export_account_policies (struct pdb_methods *in, struct pdb_methods * { int i; - if (!account_policy_migrated(True)) { - fprintf(stderr, "Unable to set account policy marker in tdb\n"); - return -1; - } - for ( i=1; decode_account_policy_name(i) != NULL; i++ ) { uint32 policy_value; NTSTATUS status; @@ -206,7 +196,6 @@ static int export_account_policies (struct pdb_methods *in, struct pdb_methods * if ( NT_STATUS_IS_ERR(status) ) { fprintf(stderr, "Unable to get account policy from %s\n", in->name); - remove_account_policy_migrated(); return -1; } @@ -214,7 +203,6 @@ static int export_account_policies (struct pdb_methods *in, struct pdb_methods * if ( NT_STATUS_IS_ERR(status) ) { fprintf(stderr, "Unable to migrate account policy to %s\n", out->name); - remove_account_policy_migrated(); return -1; } } -- cgit From d75003bf6e601ffa2200e1251bc7bc2d149cf1db Mon Sep 17 00:00:00 2001 From: Jim McDonough Date: Wed, 20 Sep 2006 22:55:44 +0000 Subject: r18748: Eliminate set of computed time values (This used to be commit c53d4a8151f3105efa4c0bc340f35ee5c9c97aaf) --- source3/utils/pdbedit.c | 79 ++----------------------------------------------- 1 file changed, 3 insertions(+), 76 deletions(-) (limited to 'source3/utils/pdbedit.c') diff --git a/source3/utils/pdbedit.c b/source3/utils/pdbedit.c index 0ebe022e18..013eab18ce 100644 --- a/source3/utils/pdbedit.c +++ b/source3/utils/pdbedit.c @@ -407,8 +407,7 @@ static int set_user_info (struct pdb_methods *in, const char *username, const char *drive, const char *script, const char *profile, const char *account_control, const char *user_sid, const char *user_domain, - const BOOL badpw, const BOOL hours, - time_t pwd_can_change, time_t pwd_must_change) + const BOOL badpw, const BOOL hours) { BOOL updated_autolock = False, updated_badpw = False; struct samu *sam_pwent=NULL; @@ -435,14 +434,6 @@ static int set_user_info (struct pdb_methods *in, const char *username, pdb_set_hours(sam_pwent, hours_array, PDB_CHANGED); } - if (pwd_can_change != -1) { - pdb_set_pass_can_change_time(sam_pwent, pwd_can_change, PDB_CHANGED); - } - - if (pwd_must_change != -1) { - pdb_set_pass_must_change_time(sam_pwent, pwd_must_change, PDB_CHANGED); - } - if (!pdb_update_autolock_flag(sam_pwent, &updated_autolock)) { DEBUG(2,("pdb_update_autolock_flag failed.\n")); } @@ -766,8 +757,6 @@ int main (int argc, char **argv) BOOL account_policy_value_set = False; static BOOL badpw_reset = False; static BOOL hours_reset = False; - static char *pwd_can_change_time = NULL; - static char *pwd_must_change_time = NULL; static char *pwd_time_format = NULL; static BOOL pw_from_stdin = False; struct pdb_methods *bin, *bout, *bdef; @@ -802,8 +791,6 @@ int main (int argc, char **argv) {"force-initialized-passwords", 0, POPT_ARG_NONE, &force_initialised_password, 0, "Force initialization of corrupt password strings in a passdb backend", NULL}, {"bad-password-count-reset", 'z', POPT_ARG_NONE, &badpw_reset, 0, "reset bad password count", NULL}, {"logon-hours-reset", 'Z', POPT_ARG_NONE, &hours_reset, 0, "reset logon hours", NULL}, - {"pwd-can-change-time", 0, POPT_ARG_STRING, &pwd_can_change_time, 0, "Set password can change time (unix time in seconds since 1970 if time format not provided)", NULL }, - {"pwd-must-change-time", 0, POPT_ARG_STRING, &pwd_must_change_time, 0, "Set password must change time (unix time in seconds since 1970 if time format not provided)", NULL }, {"time-format", 0, POPT_ARG_STRING, &pwd_time_format, 0, "The time format for time parameters", NULL }, {"password-from-stdin", 't', POPT_ARG_NONE, &pw_from_stdin, 0, "get password from standard in", NULL}, POPT_COMMON_SAMBA @@ -866,9 +853,7 @@ int main (int argc, char **argv) (backend_in ? BIT_IMPORT : 0) + (backend_out ? BIT_EXPORT : 0) + (badpw_reset ? BIT_BADPWRESET : 0) + - (hours_reset ? BIT_LOGONHOURS : 0) + - (pwd_can_change_time ? BIT_CAN_CHANGE: 0) + - (pwd_must_change_time ? BIT_MUST_CHANGE: 0); + (hours_reset ? BIT_LOGONHOURS : 0); if (setparms & BIT_BACKEND) { if (!NT_STATUS_IS_OK(make_pdb_method_name( &bdef, backend ))) { @@ -1040,67 +1025,9 @@ int main (int argc, char **argv) /* account modification operations */ if (!(checkparms & ~(BIT_MODIFY + BIT_USER))) { - time_t pwd_can_change = -1; - time_t pwd_must_change = -1; - const char *errstr; - - if (pwd_can_change_time) { - errstr = "can"; - if (pwd_time_format) { - struct tm tm; - char *ret; - - memset(&tm, 0, sizeof(struct tm)); - ret = strptime(pwd_can_change_time, pwd_time_format, &tm); - if (ret == NULL || *ret != '\0') { - goto error; - } - - pwd_can_change = mktime(&tm); - - if (pwd_can_change == -1) { - goto error; - } - } else { /* assume it is unix time */ - errno = 0; - pwd_can_change = strtol(pwd_can_change_time, NULL, 10); - if (errno) { - goto error; - } - } - } - if (pwd_must_change_time) { - errstr = "must"; - if (pwd_time_format) { - struct tm tm; - char *ret; - - memset(&tm, 0, sizeof(struct tm)); - ret = strptime(pwd_must_change_time, pwd_time_format, &tm); - if (ret == NULL || *ret != '\0') { - goto error; - } - - pwd_must_change = mktime(&tm); - - if (pwd_must_change == -1) { - goto error; - } - } else { /* assume it is unix time */ - errno = 0; - pwd_must_change = strtol(pwd_must_change_time, NULL, 10); - if (errno) { - goto error; - } - } - } return set_user_info (bdef, user_name, full_name, home_dir, acct_desc, home_drive, logon_script, profile_path, account_control, - user_sid, user_domain, badpw_reset, hours_reset, pwd_can_change, - pwd_must_change); -error: - fprintf (stderr, "Error parsing the time in pwd-%s-change-time!\n", errstr); - return -1; + user_sid, user_domain, badpw_reset, hours_reset); } } -- cgit From 2941d46b82bc9aa3165190aefe5d429f3b39f5b5 Mon Sep 17 00:00:00 2001 From: Volker Lendecke Date: Fri, 6 Oct 2006 12:19:46 +0000 Subject: r19127: Fix bug 4152 (This used to be commit 70038e8f7b3042c2732e7f8267cab0499972a819) --- source3/utils/pdbedit.c | 6 ++++++ 1 file changed, 6 insertions(+) (limited to 'source3/utils/pdbedit.c') diff --git a/source3/utils/pdbedit.c b/source3/utils/pdbedit.c index 013eab18ce..ceb346d987 100644 --- a/source3/utils/pdbedit.c +++ b/source3/utils/pdbedit.c @@ -797,6 +797,12 @@ int main (int argc, char **argv) POPT_TABLEEND }; + /* we shouldn't have silly checks like this */ + if (getuid() != 0) { + d_fprintf(stderr, "You must be root to use pdbedit\n"); + return -1; + } + bin = bout = bdef = NULL; load_case_tables(); -- cgit From e2bebe486550374978af200232334ddc7757ba8d Mon Sep 17 00:00:00 2001 From: Volker Lendecke Date: Fri, 1 Dec 2006 14:54:31 +0000 Subject: r19978: More "net sam policy" improvements. Thanks to Karolin Seeger Volker (This used to be commit fde042f29e9e9ac19ed3380e8fbe45fa8441e705) --- source3/utils/pdbedit.c | 16 +++++++++++----- 1 file changed, 11 insertions(+), 5 deletions(-) (limited to 'source3/utils/pdbedit.c') diff --git a/source3/utils/pdbedit.c b/source3/utils/pdbedit.c index ceb346d987..d79ab187a3 100644 --- a/source3/utils/pdbedit.c +++ b/source3/utils/pdbedit.c @@ -885,12 +885,18 @@ int main (int argc, char **argv) uint32 value; int field = account_policy_name_to_fieldnum(account_policy); if (field == 0) { - char *apn = account_policy_names_list(); - fprintf(stderr, "No account policy by that name\n"); - if (apn) { - fprintf(stderr, "Account policy names are :\n%s\n", apn); + const char **names; + int count; + int i; + account_policy_names_list(&names, &count); + fprintf(stderr, "No account policy by that name!\n"); + if (count !=0) { + fprintf(stderr, "Account policy names are:\n"); + for (i = 0; i < count ; i++) { + d_fprintf(stderr, "%s\n", names[i]); + } } - SAFE_FREE(apn); + SAFE_FREE(names); exit(1); } if (!pdb_get_account_policy(field, &value)) { -- cgit From aab1dd4ddbe45c625a6e4502cecd20da5762739b Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Wed, 7 Mar 2007 22:29:21 +0000 Subject: r21755: Memory leak fixes from Zack Kirsch . Jeremy. (This used to be commit 02d08ca0be8c374e30c3c0e665853fa9e57f043a) --- source3/utils/pdbedit.c | 1 + 1 file changed, 1 insertion(+) (limited to 'source3/utils/pdbedit.c') diff --git a/source3/utils/pdbedit.c b/source3/utils/pdbedit.c index d79ab187a3..d1a87260fa 100644 --- a/source3/utils/pdbedit.c +++ b/source3/utils/pdbedit.c @@ -573,6 +573,7 @@ static int new_user (struct pdb_methods *in, const char *username, if (sscanf(user_sid, "%d", &u_rid) != 1) { fprintf(stderr, "Error passed string is not a complete user SID or RID!\n"); + TALLOC_FREE(sam_pwent); return -1; } sid_copy(&u_sid, get_global_sam_sid()); -- cgit From 0d91334fe799f6b50a8265f9dc097411c3a29e18 Mon Sep 17 00:00:00 2001 From: Volker Lendecke Date: Sun, 11 Mar 2007 16:49:16 +0000 Subject: r21784: Replace smb_register_idle_event() with event_add_timed(). This fixes winbind who did not run the idle events to drop ldap connections. Volker (This used to be commit af3308ce5a21220ff4c510de356dbaa6cf9ff997) --- source3/utils/pdbedit.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'source3/utils/pdbedit.c') diff --git a/source3/utils/pdbedit.c b/source3/utils/pdbedit.c index d1a87260fa..0e8de82043 100644 --- a/source3/utils/pdbedit.c +++ b/source3/utils/pdbedit.c @@ -831,7 +831,7 @@ int main (int argc, char **argv) exit(1); } - if(!initialize_password_db(False)) + if(!initialize_password_db(False, NULL)) exit(1); if (!init_names()) -- cgit From fe962d2e487994f7969cda3743f2c812df8e1e24 Mon Sep 17 00:00:00 2001 From: Volker Lendecke Date: Sat, 24 Mar 2007 21:29:53 +0000 Subject: r21962: Make pdbedit use the configfile specified by -s (This used to be commit f540c18b2bbf1d3138aea6938c5313ca2e100215) --- source3/utils/pdbedit.c | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-) (limited to 'source3/utils/pdbedit.c') diff --git a/source3/utils/pdbedit.c b/source3/utils/pdbedit.c index 0e8de82043..534dd994fe 100644 --- a/source3/utils/pdbedit.c +++ b/source3/utils/pdbedit.c @@ -761,6 +761,7 @@ int main (int argc, char **argv) static char *pwd_time_format = NULL; static BOOL pw_from_stdin = False; struct pdb_methods *bin, *bout, *bdef; + char *configfile = NULL; poptContext pc; struct poptOption long_options[] = { POPT_AUTOHELP @@ -818,6 +819,9 @@ int main (int argc, char **argv) case 'C': account_policy_value_set = True; break; + case 's': + configfile = optarg; + break; } } @@ -826,7 +830,8 @@ int main (int argc, char **argv) if (user_name == NULL) user_name = poptGetArg(pc); - if (!lp_load(dyn_CONFIGFILE,True,False,False,True)) { + if (!lp_load(configfile?configfile:dyn_CONFIGFILE, + True,False,False,True)) { fprintf(stderr, "Can't load %s - run testparm to debug it\n", dyn_CONFIGFILE); exit(1); } -- cgit From 8cabd9ab925f8768dafd306c01bec73948dff36b Mon Sep 17 00:00:00 2001 From: James Peach Date: Sun, 13 May 2007 20:51:39 +0000 Subject: r22828: Fix typo. Bugzilla #4589. (This used to be commit b8959b172090eef6b40ff1fb012d6ff0d3d732ef) --- source3/utils/pdbedit.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'source3/utils/pdbedit.c') diff --git a/source3/utils/pdbedit.c b/source3/utils/pdbedit.c index 534dd994fe..722c650b85 100644 --- a/source3/utils/pdbedit.c +++ b/source3/utils/pdbedit.c @@ -96,7 +96,7 @@ static int export_database (struct pdb_methods *in, return 1; } - printf("Importing accout for %s...", user->username); + printf("Importing account for %s...", user->username); if ( !NT_STATUS_IS_OK(out->getsampwnam( out, account, user->username )) ) { status = out->add_sam_account(out, user); } else { -- cgit From c15c0f2a47caa61f0575a63d88d1481d34530643 Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Fri, 18 May 2007 23:38:56 +0000 Subject: r23005: If we're running on a system where time_t is 8 bytes we have to take care to preserve the "special" values for Windows of 0x80000000 and 0x7FFFFFFF when casting between time_t and uint32. Add conversion functions (and use them). Jeremy. (This used to be commit 4e1a0b2549f7c11326deed2801de19564af0f16a) --- source3/utils/pdbedit.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'source3/utils/pdbedit.c') diff --git a/source3/utils/pdbedit.c b/source3/utils/pdbedit.c index 722c650b85..a598828d92 100644 --- a/source3/utils/pdbedit.c +++ b/source3/utils/pdbedit.c @@ -285,14 +285,14 @@ static int print_sam_info (struct samu *sam_pwent, BOOL verbosity, BOOL smbpwdst lm_passwd, nt_passwd, pdb_encode_acct_ctrl(pdb_get_acct_ctrl(sam_pwent),NEW_PW_FORMAT_SPACE_PADDED_LEN), - (uint32)pdb_get_pass_last_set_time(sam_pwent)); + (uint32)convert_time_t_to_uint32(pdb_get_pass_last_set_time(sam_pwent))); } else { uid = nametouid(pdb_get_username(sam_pwent)); printf ("%s:%lu:%s\n", pdb_get_username(sam_pwent), (unsigned long)uid, pdb_get_fullname(sam_pwent)); } - return 0; + return 0; } /********************************************************* -- cgit From 6250b82014f463c5683e18b0646bcae8da379ecf Mon Sep 17 00:00:00 2001 From: Simo Sorce Date: Sat, 9 Jun 2007 22:45:21 +0000 Subject: r23407: While verifying a bug I found out that for some reason the code to add a machine was different then the one used to add a user, the old code led to the machine SID not being built out correctly allocationg a new RID out of the passdb but instead by using the old algorithmic method. This may easily end up in creating duplicated SID when the RID counter get close to the values built by the algorithmic method. Simo. (This used to be commit e077142aa39ad927a16e0d04874857bbc171ce07) --- source3/utils/pdbedit.c | 31 ++++++++++++++----------------- 1 file changed, 14 insertions(+), 17 deletions(-) (limited to 'source3/utils/pdbedit.c') diff --git a/source3/utils/pdbedit.c b/source3/utils/pdbedit.c index a598828d92..5dff7e5a93 100644 --- a/source3/utils/pdbedit.c +++ b/source3/utils/pdbedit.c @@ -624,28 +624,25 @@ static int new_machine (struct pdb_methods *in, const char *machine_in) fstrcpy(machineaccount, machinename); fstrcat(machineaccount, "$"); - if ((pwd = getpwnam_alloc(NULL, machineaccount))) { - - if ( (sam_pwent = samu_new( NULL )) == NULL ) { - fprintf(stderr, "Memory allocation error!\n"); - TALLOC_FREE(pwd); - return -1; - } + if ( !(pwd = getpwnam_alloc( NULL, machineaccount )) ) { + DEBUG(0,("Cannot locate Unix account for %s\n", machineaccount)); + return -1; + } - if ( !NT_STATUS_IS_OK(samu_set_unix(sam_pwent, pwd )) ) { - fprintf(stderr, "Could not init sam from pw\n"); - TALLOC_FREE(pwd); - return -1; - } + if ( (sam_pwent = samu_new( NULL )) == NULL ) { + fprintf(stderr, "Memory allocation error!\n"); + TALLOC_FREE(pwd); + return -1; + } + if ( !NT_STATUS_IS_OK(samu_alloc_rid_unix(sam_pwent, pwd )) ) { + fprintf(stderr, "Could not init sam from pw\n"); TALLOC_FREE(pwd); - } else { - if ( (sam_pwent = samu_new( NULL )) == NULL ) { - fprintf(stderr, "Could not init sam from pw\n"); - return -1; - } + return -1; } + TALLOC_FREE(pwd); + pdb_set_plaintext_passwd (sam_pwent, machinename); pdb_set_username (sam_pwent, machineaccount, PDB_CHANGED); pdb_set_acct_ctrl (sam_pwent, ACB_WSTRUST, PDB_CHANGED); -- cgit From d824b98f80ba186030cbb70b3a1e5daf80469ecd Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Mon, 9 Jul 2007 19:25:36 +0000 Subject: r23779: Change from v2 or later to v3 or later. Jeremy. (This used to be commit 407e6e695b8366369b7c76af1ff76869b45347b3) --- source3/utils/pdbedit.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'source3/utils/pdbedit.c') diff --git a/source3/utils/pdbedit.c b/source3/utils/pdbedit.c index 5dff7e5a93..906cc393e0 100644 --- a/source3/utils/pdbedit.c +++ b/source3/utils/pdbedit.c @@ -8,7 +8,7 @@ This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by - the Free Software Foundation; either version 2 of the License, or + the Free Software Foundation; either version 3 of the License, or (at your option) any later version. This program is distributed in the hope that it will be useful, -- cgit From 5e54558c6dea67b56bbfaba5698f3a434d3dffb6 Mon Sep 17 00:00:00 2001 From: Andrew Tridgell Date: Tue, 10 Jul 2007 00:52:41 +0000 Subject: r23784: use the GPLv3 boilerplate as recommended by the FSF and the license text (This used to be commit b0132e94fc5fef936aa766fb99a306b3628e9f07) --- source3/utils/pdbedit.c | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) (limited to 'source3/utils/pdbedit.c') diff --git a/source3/utils/pdbedit.c b/source3/utils/pdbedit.c index 906cc393e0..c5a132a55d 100644 --- a/source3/utils/pdbedit.c +++ b/source3/utils/pdbedit.c @@ -17,8 +17,7 @@ GNU General Public License for more details. You should have received a copy of the GNU General Public License - along with this program; if not, write to the Free Software - Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. + along with this program. If not, see . */ #include "includes.h" -- cgit From faefb22c61568c678476b4dad36bdc5ce3afb499 Mon Sep 17 00:00:00 2001 From: Volker Lendecke Date: Tue, 4 Sep 2007 05:39:06 +0000 Subject: r24943: Some stackframes (This used to be commit cddb9f11d5fafcd3797cb242775c37f0c04d4f15) --- source3/utils/pdbedit.c | 3 +++ 1 file changed, 3 insertions(+) (limited to 'source3/utils/pdbedit.c') diff --git a/source3/utils/pdbedit.c b/source3/utils/pdbedit.c index c5a132a55d..cea2cd7cfa 100644 --- a/source3/utils/pdbedit.c +++ b/source3/utils/pdbedit.c @@ -758,6 +758,7 @@ int main (int argc, char **argv) static BOOL pw_from_stdin = False; struct pdb_methods *bin, *bout, *bdef; char *configfile = NULL; + TALLOC_CTX *frame = talloc_stackframe(); poptContext pc; struct poptOption long_options[] = { POPT_AUTOHELP @@ -798,6 +799,7 @@ int main (int argc, char **argv) /* we shouldn't have silly checks like this */ if (getuid() != 0) { d_fprintf(stderr, "You must be root to use pdbedit\n"); + TALLOC_FREE(frame); return -1; } @@ -1050,5 +1052,6 @@ int main (int argc, char **argv) } poptPrintHelp(pc, stderr, 0); + TALLOC_FREE(frame); return 1; } -- cgit From e5a951325a6cac8567af3a66de6d2df577508ae4 Mon Sep 17 00:00:00 2001 From: "Gerald (Jerry) Carter" Date: Wed, 10 Oct 2007 15:34:30 -0500 Subject: [GLUE] Rsync SAMBA_3_2_0 SVN r25598 in order to create the v3-2-test branch. (This used to be commit 5c6c8e1fe93f340005110a7833946191659d88ab) --- source3/utils/pdbedit.c | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) (limited to 'source3/utils/pdbedit.c') diff --git a/source3/utils/pdbedit.c b/source3/utils/pdbedit.c index cea2cd7cfa..66a706d1ce 100644 --- a/source3/utils/pdbedit.c +++ b/source3/utils/pdbedit.c @@ -828,8 +828,7 @@ int main (int argc, char **argv) if (user_name == NULL) user_name = poptGetArg(pc); - if (!lp_load(configfile?configfile:dyn_CONFIGFILE, - True,False,False,True)) { + if (!lp_load(dyn_CONFIGFILE,True,False,False,True)) { fprintf(stderr, "Can't load %s - run testparm to debug it\n", dyn_CONFIGFILE); exit(1); } -- cgit From 30191d1a5704ad2b158386b511558972d539ce47 Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Thu, 18 Oct 2007 17:40:25 -0700 Subject: RIP BOOL. Convert BOOL -> bool. I found a few interesting bugs in various places whilst doing this (places that assumed BOOL == int). I also need to fix the Samba4 pidl generation (next checkin). Jeremy. (This used to be commit f35a266b3cbb3e5fa6a86be60f34fe340a3ca71f) --- source3/utils/pdbedit.c | 50 ++++++++++++++++++++++++------------------------- 1 file changed, 25 insertions(+), 25 deletions(-) (limited to 'source3/utils/pdbedit.c') diff --git a/source3/utils/pdbedit.c b/source3/utils/pdbedit.c index 66a706d1ce..b87e88e406 100644 --- a/source3/utils/pdbedit.c +++ b/source3/utils/pdbedit.c @@ -214,7 +214,7 @@ static int export_account_policies (struct pdb_methods *in, struct pdb_methods * Print info from sam structure **********************************************************/ -static int print_sam_info (struct samu *sam_pwent, BOOL verbosity, BOOL smbpwdstyle) +static int print_sam_info (struct samu *sam_pwent, bool verbosity, bool smbpwdstyle) { uid_t uid; time_t tmp; @@ -298,10 +298,10 @@ static int print_sam_info (struct samu *sam_pwent, BOOL verbosity, BOOL smbpwdst Get an Print User Info **********************************************************/ -static int print_user_info (struct pdb_methods *in, const char *username, BOOL verbosity, BOOL smbpwdstyle) +static int print_user_info (struct pdb_methods *in, const char *username, bool verbosity, bool smbpwdstyle) { struct samu *sam_pwent=NULL; - BOOL ret; + bool ret; if ( (sam_pwent = samu_new( NULL )) == NULL ) { return -1; @@ -324,10 +324,10 @@ static int print_user_info (struct pdb_methods *in, const char *username, BOOL v /********************************************************* List Users **********************************************************/ -static int print_users_list (struct pdb_methods *in, BOOL verbosity, BOOL smbpwdstyle) +static int print_users_list (struct pdb_methods *in, bool verbosity, bool smbpwdstyle) { struct samu *sam_pwent=NULL; - BOOL check; + bool check; check = NT_STATUS_IS_OK(in->setsampwent(in, False, 0)); if (!check) { @@ -362,7 +362,7 @@ static int print_users_list (struct pdb_methods *in, BOOL verbosity, BOOL smbpwd static int fix_users_list (struct pdb_methods *in) { struct samu *sam_pwent=NULL; - BOOL check; + bool check; check = NT_STATUS_IS_OK(in->setsampwent(in, False, 0)); if (!check) { @@ -406,11 +406,11 @@ static int set_user_info (struct pdb_methods *in, const char *username, const char *drive, const char *script, const char *profile, const char *account_control, const char *user_sid, const char *user_domain, - const BOOL badpw, const BOOL hours) + const bool badpw, const bool hours) { - BOOL updated_autolock = False, updated_badpw = False; + bool updated_autolock = False, updated_badpw = False; struct samu *sam_pwent=NULL; - BOOL ret; + bool ret; if ( (sam_pwent = samu_new( NULL )) == NULL ) { return 1; @@ -510,7 +510,7 @@ static int set_user_info (struct pdb_methods *in, const char *username, static int new_user (struct pdb_methods *in, const char *username, const char *fullname, const char *homedir, const char *drive, const char *script, - const char *profile, char *user_sid, BOOL stdin_get) + const char *profile, char *user_sid, bool stdin_get) { struct samu *sam_pwent; char *password1, *password2; @@ -723,13 +723,13 @@ static int delete_machine_entry (struct pdb_methods *in, const char *machinename int main (int argc, char **argv) { - static BOOL list_users = False; - static BOOL verbose = False; - static BOOL spstyle = False; - static BOOL machine = False; - static BOOL add_user = False; - static BOOL delete_user = False; - static BOOL modify_user = False; + static bool list_users = False; + static bool verbose = False; + static bool spstyle = False; + static bool machine = False; + static bool add_user = False; + static bool delete_user = False; + static bool modify_user = False; uint32 setparms, checkparms; int opt; static char *full_name = NULL; @@ -740,10 +740,10 @@ int main (int argc, char **argv) static char *backend = NULL; static char *backend_in = NULL; static char *backend_out = NULL; - static BOOL transfer_groups = False; - static BOOL transfer_account_policies = False; - static BOOL reset_account_policies = False; - static BOOL force_initialised_password = False; + static bool transfer_groups = False; + static bool transfer_account_policies = False; + static bool reset_account_policies = False; + static bool force_initialised_password = False; static char *logon_script = NULL; static char *profile_path = NULL; static char *user_domain = NULL; @@ -751,11 +751,11 @@ int main (int argc, char **argv) static char *account_policy = NULL; static char *user_sid = NULL; static long int account_policy_value = 0; - BOOL account_policy_value_set = False; - static BOOL badpw_reset = False; - static BOOL hours_reset = False; + bool account_policy_value_set = False; + static bool badpw_reset = False; + static bool hours_reset = False; static char *pwd_time_format = NULL; - static BOOL pw_from_stdin = False; + static bool pw_from_stdin = False; struct pdb_methods *bin, *bout, *bdef; char *configfile = NULL; TALLOC_CTX *frame = talloc_stackframe(); -- cgit From 9a85533914119fb995fb61555c9f6e0018d4d181 Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Fri, 19 Oct 2007 11:38:36 -0700 Subject: Fix the popt / bool issues. Some places we used BOOL where we meant int. Fix this. Thanks to metze for pointing this out. Jeremy. (This used to be commit 793a9d24a163cb6cf5a3a0aa5ae30e9f8cf4744a) --- source3/utils/pdbedit.c | 28 ++++++++++++++-------------- 1 file changed, 14 insertions(+), 14 deletions(-) (limited to 'source3/utils/pdbedit.c') diff --git a/source3/utils/pdbedit.c b/source3/utils/pdbedit.c index b87e88e406..7af417098a 100644 --- a/source3/utils/pdbedit.c +++ b/source3/utils/pdbedit.c @@ -723,13 +723,13 @@ static int delete_machine_entry (struct pdb_methods *in, const char *machinename int main (int argc, char **argv) { - static bool list_users = False; - static bool verbose = False; - static bool spstyle = False; - static bool machine = False; - static bool add_user = False; - static bool delete_user = False; - static bool modify_user = False; + static int list_users = False; + static int verbose = False; + static int spstyle = False; + static int machine = False; + static int add_user = False; + static int delete_user = False; + static int modify_user = False; uint32 setparms, checkparms; int opt; static char *full_name = NULL; @@ -740,10 +740,10 @@ int main (int argc, char **argv) static char *backend = NULL; static char *backend_in = NULL; static char *backend_out = NULL; - static bool transfer_groups = False; - static bool transfer_account_policies = False; - static bool reset_account_policies = False; - static bool force_initialised_password = False; + static int transfer_groups = False; + static int transfer_account_policies = False; + static int reset_account_policies = False; + static int force_initialised_password = False; static char *logon_script = NULL; static char *profile_path = NULL; static char *user_domain = NULL; @@ -752,10 +752,10 @@ int main (int argc, char **argv) static char *user_sid = NULL; static long int account_policy_value = 0; bool account_policy_value_set = False; - static bool badpw_reset = False; - static bool hours_reset = False; + static int badpw_reset = False; + static int hours_reset = False; static char *pwd_time_format = NULL; - static bool pw_from_stdin = False; + static int pw_from_stdin = False; struct pdb_methods *bin, *bout, *bdef; char *configfile = NULL; TALLOC_CTX *frame = talloc_stackframe(); -- cgit From adf6d848de8ae32a83c7271d8ccd24d2cf8b47f7 Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Mon, 3 Dec 2007 18:48:41 -0800 Subject: Getting to the home stretch for elimination of pstrings... Jeremy. (This used to be commit 041163551194102ca67fef52c57d87020a1d09bc) --- source3/utils/pdbedit.c | 26 +++++++++++++------------- 1 file changed, 13 insertions(+), 13 deletions(-) (limited to 'source3/utils/pdbedit.c') diff --git a/source3/utils/pdbedit.c b/source3/utils/pdbedit.c index 7af417098a..c72d98953d 100644 --- a/source3/utils/pdbedit.c +++ b/source3/utils/pdbedit.c @@ -221,11 +221,11 @@ static int print_sam_info (struct samu *sam_pwent, bool verbosity, bool smbpwdst /* TODO: chaeck if entry is a user or a workstation */ if (!sam_pwent) return -1; - + if (verbosity) { - pstring temp; + char temp[44]; const uint8 *hours; - + printf ("Unix username: %s\n", pdb_get_username(sam_pwent)); printf ("NT username: %s\n", pdb_get_nt_username(sam_pwent)); printf ("Account Flags: %s\n", pdb_encode_acct_ctrl(pdb_get_acct_ctrl(sam_pwent), NEW_PW_FORMAT_SPACE_PADDED_LEN)); @@ -242,34 +242,34 @@ static int print_sam_info (struct samu *sam_pwent, bool verbosity, bool smbpwdst printf ("Account desc: %s\n", pdb_get_acct_desc(sam_pwent)); printf ("Workstations: %s\n", pdb_get_workstations(sam_pwent)); printf ("Munged dial: %s\n", pdb_get_munged_dial(sam_pwent)); - + tmp = pdb_get_logon_time(sam_pwent); printf ("Logon time: %s\n", tmp ? http_timestring(tmp) : "0"); - + tmp = pdb_get_logoff_time(sam_pwent); printf ("Logoff time: %s\n", tmp ? http_timestring(tmp) : "0"); - + tmp = pdb_get_kickoff_time(sam_pwent); printf ("Kickoff time: %s\n", tmp ? http_timestring(tmp) : "0"); - + tmp = pdb_get_pass_last_set_time(sam_pwent); printf ("Password last set: %s\n", tmp ? http_timestring(tmp) : "0"); - + tmp = pdb_get_pass_can_change_time(sam_pwent); printf ("Password can change: %s\n", tmp ? http_timestring(tmp) : "0"); - + tmp = pdb_get_pass_must_change_time(sam_pwent); printf ("Password must change: %s\n", tmp ? http_timestring(tmp) : "0"); tmp = pdb_get_bad_password_time(sam_pwent); printf ("Last bad password : %s\n", tmp ? http_timestring(tmp) : "0"); - printf ("Bad password count : %d\n", + printf ("Bad password count : %d\n", pdb_get_bad_password_count(sam_pwent)); - + hours = pdb_get_hours(sam_pwent); pdb_sethexhours(temp, hours); printf ("Logon hours : %s\n", temp); - + } else if (smbpwdstyle) { char lm_passwd[33]; char nt_passwd[33]; @@ -277,7 +277,7 @@ static int print_sam_info (struct samu *sam_pwent, bool verbosity, bool smbpwdst uid = nametouid(pdb_get_username(sam_pwent)); pdb_sethexpwd(lm_passwd, pdb_get_lanman_passwd(sam_pwent), pdb_get_acct_ctrl(sam_pwent)); pdb_sethexpwd(nt_passwd, pdb_get_nt_passwd(sam_pwent), pdb_get_acct_ctrl(sam_pwent)); - + printf("%s:%lu:%s:%s:%s:LCT-%08X:\n", pdb_get_username(sam_pwent), (unsigned long)uid, -- cgit From 7faee02d0d351c5c039e8f1be7e82ce3a93cbe96 Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Mon, 10 Dec 2007 11:30:37 -0800 Subject: Remove the char[1024] strings from dynconfig. Replace them with malloc'ing accessor functions. Should save a lot of static space :-). Jeremy. (This used to be commit 52dc5eaef2106015b3a8b659e818bdb15ad94b05) --- source3/utils/pdbedit.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'source3/utils/pdbedit.c') diff --git a/source3/utils/pdbedit.c b/source3/utils/pdbedit.c index c72d98953d..7d23c67f0c 100644 --- a/source3/utils/pdbedit.c +++ b/source3/utils/pdbedit.c @@ -828,8 +828,8 @@ int main (int argc, char **argv) if (user_name == NULL) user_name = poptGetArg(pc); - if (!lp_load(dyn_CONFIGFILE,True,False,False,True)) { - fprintf(stderr, "Can't load %s - run testparm to debug it\n", dyn_CONFIGFILE); + if (!lp_load(get_dyn_CONFIGFILE(),True,False,False,True)) { + fprintf(stderr, "Can't load %s - run testparm to debug it\n", get_dyn_CONFIGFILE()); exit(1); } -- cgit From 7b01537679d4d4f1408634fe63c64c144f9d9519 Mon Sep 17 00:00:00 2001 From: Volker Lendecke Date: Sat, 15 Dec 2007 21:53:26 +0100 Subject: Replace sid_string_static with sid_string_tos In utils/ I was a bit lazy... (This used to be commit 60e830b0f4571bd5d9039f2edd199534f2a4c341) --- source3/utils/pdbedit.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'source3/utils/pdbedit.c') diff --git a/source3/utils/pdbedit.c b/source3/utils/pdbedit.c index 7d23c67f0c..6884783396 100644 --- a/source3/utils/pdbedit.c +++ b/source3/utils/pdbedit.c @@ -230,9 +230,9 @@ static int print_sam_info (struct samu *sam_pwent, bool verbosity, bool smbpwdst printf ("NT username: %s\n", pdb_get_nt_username(sam_pwent)); printf ("Account Flags: %s\n", pdb_encode_acct_ctrl(pdb_get_acct_ctrl(sam_pwent), NEW_PW_FORMAT_SPACE_PADDED_LEN)); printf ("User SID: %s\n", - sid_string_static(pdb_get_user_sid(sam_pwent))); + sid_string_tos(pdb_get_user_sid(sam_pwent))); printf ("Primary Group SID: %s\n", - sid_string_static(pdb_get_group_sid(sam_pwent))); + sid_string_tos(pdb_get_group_sid(sam_pwent))); printf ("Full Name: %s\n", pdb_get_fullname(sam_pwent)); printf ("Home Directory: %s\n", pdb_get_homedir(sam_pwent)); printf ("HomeDir Drive: %s\n", pdb_get_dir_drive(sam_pwent)); -- cgit From c90f731ef21d682f808cf3da0f24510a2eaea4ff Mon Sep 17 00:00:00 2001 From: Volker Lendecke Date: Wed, 26 Dec 2007 17:45:49 +0100 Subject: Convert pdbedit to use pdb_search_users (This used to be commit 8a8f2583b8bda22f65c7483dea54ac823ed1c0c3) --- source3/utils/pdbedit.c | 201 +++++++++++++++++++++++++++++------------------- 1 file changed, 123 insertions(+), 78 deletions(-) (limited to 'source3/utils/pdbedit.c') diff --git a/source3/utils/pdbedit.c b/source3/utils/pdbedit.c index 6884783396..e1d6709073 100644 --- a/source3/utils/pdbedit.c +++ b/source3/utils/pdbedit.c @@ -61,69 +61,85 @@ static int export_database (struct pdb_methods *in, struct pdb_methods *out, const char *username) { - struct samu *user = NULL; NTSTATUS status; + struct pdb_search *u_search; + struct samr_displayentry userentry; DEBUG(3, ("export_database: username=\"%s\"\n", username ? username : "(NULL)")); - status = in->setsampwent(in, 0, 0); - if ( NT_STATUS_IS_ERR(status) ) { - fprintf(stderr, "Unable to set account database iterator for %s!\n", - in->name); + u_search = pdb_search_init(PDB_USER_SEARCH); + if (u_search == NULL) { + DEBUG(0, ("pdb_search_init failed\n")); return 1; } - if ( ( user = samu_new( NULL ) ) == NULL ) { - fprintf(stderr, "export_database: Memory allocation failure!\n"); + if (!in->search_users(in, u_search, 0)) { + DEBUG(0, ("Could not start searching users\n")); + pdb_search_destroy(u_search); return 1; } - while ( NT_STATUS_IS_OK(in->getsampwent(in, user)) ) - { - DEBUG(4, ("Processing account %s\n", user->username)); + while (u_search->next_entry(u_search, &userentry)) { + struct samu *user; + struct samu *account; + DOM_SID user_sid; - /* If we don't have a specific user or if we do and - the login name matches */ + DEBUG(4, ("Processing account %s\n", userentry.account_name)); - if ( !username || (strcmp(username, user->username) == 0)) { - struct samu *account; + if ((username != NULL) + && (strcmp(username, userentry.account_name) != 0)) { + /* + * ignore unwanted users + */ + continue; + } - if ( (account = samu_new( NULL )) == NULL ) { - fprintf(stderr, "export_database: Memory allocation failure!\n"); - TALLOC_FREE( user ); - in->endsampwent( in ); - return 1; - } + user = samu_new(talloc_tos()); + if (user == NULL) { + DEBUG(0, ("talloc failed\n")); + break; + } - printf("Importing account for %s...", user->username); - if ( !NT_STATUS_IS_OK(out->getsampwnam( out, account, user->username )) ) { - status = out->add_sam_account(out, user); - } else { - status = out->update_sam_account( out, user ); - } + sid_compose(&user_sid, get_global_sam_sid(), userentry.rid); - if ( NT_STATUS_IS_OK(status) ) { - printf( "ok\n"); - } else { - printf( "failed\n"); - } + status = in->getsampwsid(in, user, &user_sid); - TALLOC_FREE( account ); + if (!NT_STATUS_IS_OK(status)) { + DEBUG(2, ("getsampwsid failed: %s\n", + nt_errstr(status))); + TALLOC_FREE(user); + continue; } - /* clean up and get ready for another run */ + account = samu_new(NULL); + if (account == NULL) { + fprintf(stderr, "export_database: Memory allocation " + "failure!\n"); + TALLOC_FREE( user ); + pdb_search_destroy(u_search); + return 1; + } - TALLOC_FREE( user ); + printf("Importing account for %s...", user->username); + status = out->getsampwnam(out, account, user->username); - if ( ( user = samu_new( NULL ) ) == NULL ) { - fprintf(stderr, "export_database: Memory allocation failure!\n"); - return 1; + if (NT_STATUS_IS_OK(status)) { + status = out->update_sam_account( out, user ); + } else { + status = out->add_sam_account(out, user); + } + + if ( NT_STATUS_IS_OK(status) ) { + printf( "ok\n"); + } else { + printf( "failed\n"); } - } - TALLOC_FREE( user ); + TALLOC_FREE( account ); + TALLOC_FREE( user ); + } - in->endsampwent(in); + pdb_search_destroy(u_search); return 0; } @@ -326,33 +342,50 @@ static int print_user_info (struct pdb_methods *in, const char *username, bool v **********************************************************/ static int print_users_list (struct pdb_methods *in, bool verbosity, bool smbpwdstyle) { - struct samu *sam_pwent=NULL; - bool check; - - check = NT_STATUS_IS_OK(in->setsampwent(in, False, 0)); - if (!check) { + struct pdb_search *u_search; + struct samr_displayentry userentry; + + u_search = pdb_search_init(PDB_USER_SEARCH); + if (u_search == NULL) { + DEBUG(0, ("pdb_search_init failed\n")); return 1; } - check = True; - if ( (sam_pwent = samu_new( NULL )) == NULL ) { + if (!in->search_users(in, u_search, 0)) { + DEBUG(0, ("Could not start searching users\n")); + pdb_search_destroy(u_search); return 1; } - while (check && NT_STATUS_IS_OK(in->getsampwent (in, sam_pwent))) { + while (u_search->next_entry(u_search, &userentry)) { + struct samu *sam_pwent; + DOM_SID user_sid; + NTSTATUS status; + + sam_pwent = samu_new(talloc_tos()); + if (sam_pwent == NULL) { + DEBUG(0, ("talloc failed\n")); + break; + } + + sid_compose(&user_sid, get_global_sam_sid(), userentry.rid); + + status = in->getsampwsid(in, sam_pwent, &user_sid); + + if (!NT_STATUS_IS_OK(status)) { + DEBUG(2, ("getsampwsid failed: %s\n", + nt_errstr(status))); + TALLOC_FREE(sam_pwent); + continue; + } + if (verbosity) printf ("---------------\n"); print_sam_info (sam_pwent, verbosity, smbpwdstyle); TALLOC_FREE(sam_pwent); - - if ( (sam_pwent = samu_new( NULL )) == NULL ) { - check = False; - } } - if (check) - TALLOC_FREE(sam_pwent); - - in->endsampwent(in); + pdb_search_destroy(u_search); + return 0; } @@ -361,38 +394,50 @@ static int print_users_list (struct pdb_methods *in, bool verbosity, bool smbpwd **********************************************************/ static int fix_users_list (struct pdb_methods *in) { - struct samu *sam_pwent=NULL; - bool check; - - check = NT_STATUS_IS_OK(in->setsampwent(in, False, 0)); - if (!check) { + struct pdb_search *u_search; + struct samr_displayentry userentry; + + u_search = pdb_search_init(PDB_USER_SEARCH); + if (u_search == NULL) { + DEBUG(0, ("pdb_search_init failed\n")); return 1; } - check = True; - if ( (sam_pwent = samu_new( NULL )) == NULL ) { + if (!in->search_users(in, u_search, 0)) { + DEBUG(0, ("Could not start searching users\n")); + pdb_search_destroy(u_search); return 1; } - while (check && NT_STATUS_IS_OK(in->getsampwent (in, sam_pwent))) { - printf("Updating record for user %s\n", pdb_get_username(sam_pwent)); - - if (!NT_STATUS_IS_OK(pdb_update_sam_account(sam_pwent))) { - printf("Update of user %s failed!\n", pdb_get_username(sam_pwent)); + while (u_search->next_entry(u_search, &userentry)) { + struct samu *sam_pwent; + DOM_SID user_sid; + NTSTATUS status; + + sam_pwent = samu_new(talloc_tos()); + if (sam_pwent == NULL) { + DEBUG(0, ("talloc failed\n")); + break; } - TALLOC_FREE(sam_pwent); - if ( (sam_pwent = samu_new( NULL )) == NULL ) { - check = False; + + sid_compose(&user_sid, get_global_sam_sid(), userentry.rid); + + status = in->getsampwsid(in, sam_pwent, &user_sid); + + if (!NT_STATUS_IS_OK(status)) { + DEBUG(2, ("getsampwsid failed: %s\n", + nt_errstr(status))); + TALLOC_FREE(sam_pwent); + continue; } - if (!check) { - fprintf(stderr, "Failed to initialise new struct samu structure (out of memory?)\n"); + + if (!NT_STATUS_IS_OK(pdb_update_sam_account(sam_pwent))) { + printf("Update of user %s failed!\n", + pdb_get_username(sam_pwent)); } - - } - if (check) TALLOC_FREE(sam_pwent); - - in->endsampwent(in); + } + pdb_search_destroy(u_search); return 0; } -- cgit