CVS update: samba/source/utils

Andrew Bartlett abartlet at samba.org
Sun Mar 23 23:24:50 EST 2003 

On Sun, 2003-03-23 at 22:49, vlendec at samba.org wrote:
> 
> Date:	Sun Mar 23 11:49:24 2003
> Author:	vlendec
> 
> Update of /data/cvs/samba/source/utils
> In directory dp.samba.org:/tmp/cvs-serv2216/source/utils
> 
> Modified Files:
> 	pdbedit.c 
> Log Message:
> This does two things:
> 
> * pdbedit -i -e sets all SAM_ACCOUNT elements
>   to CHANGED to satisfy the new pdb_ldap.c handling
>

 	while (NT_STATUS_IS_OK(in->pdb_getsampwent(in, user))) {
+		int i;
+
+		for (i=0; i<PDB_COUNT; i++) {
+			pdb_set_init_flags(user, i, PDB_CHANGED);
+		}
+

This is wrong:  With this, if you have a 'default' attribute, you will
now force it to be set into the passdb.  For example, a logon path of
\\%L\%U will no longer change with changes in %L.

I favor this patch:  (with the obvious other changes to the callers).

--- passdb/pdb_ldap.c   23 Mar 2003 09:04:25 -0000      1.92
+++ passdb/pdb_ldap.c   23 Mar 2003 12:16:12 -0000
@@ -1286,14 +1286,14 @@
   attribute had in LDAP before.
 *********************************************************************/
 static void make_ldap_mod(LDAP *ldap_struct, LDAPMessage *existing,
-                         LDAPMod ***mods,
+                         LDAPMod ***mods, enum pdb_op operation,
                          const SAM_ACCOUNT *sampass,
                          enum pdb_elements element,
                          const char *attribute, const char *newval)
 {
        char **values = NULL;

-       if (!IS_SAM_CHANGED(sampass, element)) {
+       if (!IS_SAM_CHANGED(sampass, element) &&
(!IS_SAM_DEFAULT(sampass, element) && operation == PDB_ADD))) {
                return;
        }

I favor this because then pdbedit does not need to change the
SAM_ACCOUNT at all.  Also, the same logic can then be used in places
that make up a SAM_ACCOUNT from GetPwNam(), and add it.  (like
create_user did, and smbpasswd still does).

But I really am glad to see your work on this - CVS can be revised, and
it's much better to have this moving forward!

Andrew Bartlett

-- 
Andrew Bartlett                                 abartlet at pcug.org.au
Manager, Authentication Subsystems, Samba Team  abartlet at samba.org
Student Network Administrator, Hawker College   abartlet at hawkerc.net
http://samba.org     http://build.samba.org     http://hawkerc.net
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part
Url : http://lists.samba.org/archive/samba-cvs/attachments/20030323/17026118/attachment.bin

More information about the samba-cvs mailing list