svn commit: samba r12969 - in trunk/source/utils: .
vlendec at samba.org
vlendec at samba.org
Mon Jan 16 22:41:38 GMT 2006
Author: vlendec
Date: 2006-01-16 22:41:37 +0000 (Mon, 16 Jan 2006)
New Revision: 12969
WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=rev&root=samba&rev=12969
Log:
Implement "net set", for account flags and password can and must change fields.
Volker
Modified:
trunk/source/utils/net_sam.c
Changeset:
Modified: trunk/source/utils/net_sam.c
===================================================================
--- trunk/source/utils/net_sam.c 2006-01-16 21:11:47 UTC (rev 12968)
+++ trunk/source/utils/net_sam.c 2006-01-16 22:41:37 UTC (rev 12969)
@@ -22,6 +22,10 @@
#include "includes.h"
#include "utils/net.h"
+/*
+ * Set a user's data
+ */
+
static int net_sam_userset(int argc, const char **argv, const char *field,
BOOL (*fn)(SAM_ACCOUNT *, const char *,
enum pdb_value_state))
@@ -71,6 +75,8 @@
return -1;
}
+ pdb_free_sam(&sam_acct);
+
d_printf("Updated %s for %s\\%s to %s\n", field, dom, name, argv[1]);
return 0;
}
@@ -118,6 +124,181 @@
}
/*
+ * Set account flags
+ */
+
+static int net_sam_set_userflag(int argc, const char **argv, const char *field,
+ uint16 flag)
+{
+ SAM_ACCOUNT *sam_acct = NULL;
+ DOM_SID sid;
+ enum SID_NAME_USE type;
+ const char *dom, *name;
+ NTSTATUS status;
+ uint16 acct_flags;
+
+ if ((argc != 2) || (!strequal(argv[1], "yes") &&
+ !strequal(argv[1], "no"))) {
+ d_printf("usage: net sam set %s <user> [yes|no]\n", field);
+ return -1;
+ }
+
+ if (!lookup_name(tmp_talloc_ctx(), argv[0], LOOKUP_NAME_ISOLATED,
+ &dom, &name, &sid, &type)) {
+ d_printf("Could not find name %s\n", argv[0]);
+ return -1;
+ }
+
+ if (type != SID_NAME_USER) {
+ d_printf("%s is a %s, not a user\n", argv[0],
+ sid_type_lookup(type));
+ return -1;
+ }
+
+ if (!NT_STATUS_IS_OK(pdb_init_sam(&sam_acct))) {
+ d_printf("Internal error\n");
+ return -1;
+ }
+
+ if (!pdb_getsampwsid(sam_acct, &sid)) {
+ d_printf("Loading user %s failed\n", argv[0]);
+ return -1;
+ }
+
+ acct_flags = pdb_get_acct_ctrl(sam_acct);
+
+ if (strequal(argv[1], "yes")) {
+ acct_flags |= flag;
+ } else {
+ acct_flags &= ~flag;
+ }
+
+ pdb_set_acct_ctrl(sam_acct, acct_flags, PDB_CHANGED);
+
+ status = pdb_update_sam_account(sam_acct);
+ if (!NT_STATUS_IS_OK(status)) {
+ d_printf("Updating sam account %s failed with %s\n",
+ argv[0], nt_errstr(status));
+ return -1;
+ }
+
+ pdb_free_sam(&sam_acct);
+
+ d_printf("Updated flag %s for %s\\%s to %s\n", field, dom, name,
+ argv[1]);
+ return 0;
+}
+
+static int net_sam_set_disabled(int argc, const char **argv)
+{
+ return net_sam_set_userflag(argc, argv, "disabled", ACB_DISABLED);
+}
+
+static int net_sam_set_pwnotreq(int argc, const char **argv)
+{
+ return net_sam_set_userflag(argc, argv, "pwnotreq", ACB_PWNOTREQ);
+}
+
+static int net_sam_set_autolock(int argc, const char **argv)
+{
+ return net_sam_set_userflag(argc, argv, "autolock", ACB_AUTOLOCK);
+}
+
+static int net_sam_set_pwnoexp(int argc, const char **argv)
+{
+ return net_sam_set_userflag(argc, argv, "pwnoexp", ACB_PWNOEXP);
+}
+
+/*
+ * Set a user's time field
+ */
+
+static int net_sam_set_time(int argc, const char **argv, const char *field,
+ BOOL (*fn)(SAM_ACCOUNT *, time_t,
+ enum pdb_value_state))
+{
+ SAM_ACCOUNT *sam_acct = NULL;
+ DOM_SID sid;
+ enum SID_NAME_USE type;
+ const char *dom, *name;
+ NTSTATUS status;
+ time_t new_time;
+
+ if (argc != 2) {
+ d_printf("usage: net sam set %s <user> [now|YYYY-MM-DD HH:MM]\n",
+ field);
+ return -1;
+ }
+
+ if (!lookup_name(tmp_talloc_ctx(), argv[0], LOOKUP_NAME_ISOLATED,
+ &dom, &name, &sid, &type)) {
+ d_printf("Could not find name %s\n", argv[0]);
+ return -1;
+ }
+
+ if (type != SID_NAME_USER) {
+ d_printf("%s is a %s, not a user\n", argv[0],
+ sid_type_lookup(type));
+ return -1;
+ }
+
+ if (strequal(argv[1], "now")) {
+ new_time = time(NULL);
+ } else {
+ struct tm tm;
+ char *end;
+ ZERO_STRUCT(tm);
+ end = strptime(argv[1], "%Y-%m-%d %H:%M", &tm);
+ new_time = mktime(&tm);
+ if ((end == NULL) || (*end != '\0') || (new_time == -1)) {
+ d_printf("Could not parse time string %s\n",
+ argv[1]);
+ return -1;
+ }
+ }
+
+
+ if (!NT_STATUS_IS_OK(pdb_init_sam(&sam_acct))) {
+ d_printf("Internal error\n");
+ return -1;
+ }
+
+ if (!pdb_getsampwsid(sam_acct, &sid)) {
+ d_printf("Loading user %s failed\n", argv[0]);
+ return -1;
+ }
+
+ if (!fn(sam_acct, new_time, PDB_CHANGED)) {
+ d_printf("Internal error\n");
+ return -1;
+ }
+
+ status = pdb_update_sam_account(sam_acct);
+ if (!NT_STATUS_IS_OK(status)) {
+ d_printf("Updating sam account %s failed with %s\n",
+ argv[0], nt_errstr(status));
+ return -1;
+ }
+
+ pdb_free_sam(&sam_acct);
+
+ d_printf("Updated %s for %s\\%s to %s\n", field, dom, name, argv[1]);
+ return 0;
+}
+
+static int net_sam_set_pwdmustchange(int argc, const char **argv)
+{
+ return net_sam_set_time(argc, argv, "pwdmustchange",
+ pdb_set_pass_must_change_time);
+}
+
+static int net_sam_set_pwdcanchange(int argc, const char **argv)
+{
+ return net_sam_set_time(argc, argv, "pwdcanchange",
+ pdb_set_pass_can_change_time);
+}
+
+/*
* Set a group's comment
*/
@@ -178,14 +359,26 @@
" Change a user's profile path\n");
d_printf("net sam set description\n"
" Change a user's description\n");
- d_printf("net sam set groupcomment\n"
- " Change a group's comment\n");
d_printf("net sam set logonscript\n"
" Change a user's logon script\n");
d_printf("net sam set homedrive\n"
" Change a user's homedrive\n");
d_printf("net sam set workstations\n"
" Change a user's allowed workstations\n");
+ d_printf("net sam set disabled\n"
+ " Disable/Enable a user\n");
+ d_printf("net sam set pwnotreq\n"
+ " Disable/Enable the password not required flag\n");
+ d_printf("net sam set autolock\n"
+ " Disable/Enable a user's autolock flag\n");
+ d_printf("net sam set pwnoexp\n"
+ " Disable/Enable whether a user's pw does not expire\n");
+ d_printf("net sam set pwdmustchange\n"
+ " Set a users password must change time\n");
+ d_printf("net sam set pwdcanchange\n"
+ " Set a users password can change time\n");
+ d_printf("net sam set groupcomment\n"
+ " Change a group's comment\n");
return -1;
}
@@ -201,6 +394,12 @@
{"logonscript", net_sam_set_logonscript},
{"homedrive", net_sam_set_homedrive},
{"workstations", net_sam_set_workstations},
+ {"disabled", net_sam_set_disabled},
+ {"pwnotreq", net_sam_set_pwnotreq},
+ {"autolock", net_sam_set_autolock},
+ {"pwnoexp", net_sam_set_pwnoexp},
+ {"pwdmustchange", net_sam_set_pwdmustchange},
+ {"pwdcanchange", net_sam_set_pwdcanchange},
{NULL, NULL}
};
More information about the samba-cvs
mailing list