svn commit: samba r16768 - in branches/SAMBA_4_0/source/setup: .

[abartlet at samba.org]

Author: abartlet
Date: 2006-07-03 01:04:14 +0000 (Mon, 03 Jul 2006)
New Revision: 16768

WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=rev&root=samba&rev=16768

Log:
Add a simple script to set a user's password.  This should grow into a
real smbpasswd command some day.

Andrew Bartlett

Added:
   branches/SAMBA_4_0/source/setup/setpassword


Changeset:
Added: branches/SAMBA_4_0/source/setup/setpassword
===================================================================
--- branches/SAMBA_4_0/source/setup/setpassword	2006-07-02 22:05:02 UTC (rev 16767)
+++ branches/SAMBA_4_0/source/setup/setpassword	2006-07-03 01:04:14 UTC (rev 16768)
@@ -0,0 +1,122 @@
+#!/bin/sh
+exec smbscript "$0" ${1+"$@"}
+/*
+	set a user's password on a Samba4 server
+	Copyright Andrew Tridgell 2005
+	Copyright Andrew Bartlett 2006
+	Released under the GNU GPL v2 or later
+*/
+
+options = GetOptions(ARGV,
+		"POPT_AUTOHELP",
+		'username=s',
+		'filter=s',
+		'newpassword=s',
+		"POPT_COMMON_SAMBA",
+		"POPT_COMMON_VERSION",
+		"POPT_COMMON_CREDENTIALS",
+		'quiet');
+
+if (options == undefined) {
+   println("Failed to parse options");
+   return -1;
+}
+
+libinclude("base.js");
+libinclude("provision.js");
+
+/*
+  print a message if quiet is not set
+*/
+function message() 
+{
+	if (options["quiet"] == undefined) {
+		print(vsprintf(arguments));
+	}
+}
+
+/*
+ show some help
+*/
+function ShowHelp()
+{
+	print("
+Samba4 newuser
+
+newuser [options]
+  --username     USERNAME     username
+  --filter       LDAPFILTER   LDAP Filter to set password on
+  --newpassword  PASSWORD     set password
+
+You must provide either a filter or a username, as well as password
+");
+	exit(1);
+}
+
+if (options['username'] == undefined && options['filter'] == undefined) {
+	ShowHelp();
+}
+
+if (options['newpassword'] == undefined) {
+	ShowHelp();
+}
+
+	var lp = loadparm_init();
+	var samdb = lp.get("sam database");
+	var ldb = ldb_init();
+	random_init(local);
+	ldb.session_info = system_session();
+	ldb.credentials = options.get_credentials();
+
+	/* connect to the sam */
+	var ok = ldb.connect(samdb);
+	assert(ok);
+
+	ldb.transaction_start();
+
+/* find the DNs for the domain and the domain users group */
+var attrs = new Array("defaultNamingContext");
+var attrs2 = new Array("cn");
+res = ldb.search("defaultNamingContext=*", "", ldb.SCOPE_BASE, attrs);
+assert(res.length == 1 && res[0].defaultNamingContext != undefined);
+var domain_dn = res[0].defaultNamingContext;
+assert(domain_dn != undefined);
+
+if (options['filter'] != undefined) {
+    var res = ldb.search(options['filter'],
+	domain_dn, ldb.SCOPE_SUBTREE, attrs2);
+    if (res.length != 1) {
+	message("Failed to find record for filter %s\n", options['filter']);
+	exit(1);
+    }
+} else {
+    var res = ldb.search(sprintf("samAccountName=%s", options['username']), 
+    domain_dn, ldb.SCOPE_SUBTREE, attrs2);
+    if (res.length != 1) {
+	message("Failed to find record for user %s\n", options['username']);
+	exit(1);
+    }
+}
+
+var mod = sprintf("
+dn: %s
+changetype: modify
+replace: sambaPassword
+sambaPassword: %s
+",
+    res[0].dn, options['newpassword']);
+var ok = ldb.modify(mod);
+if (!ok) {
+	message("set password for %s failed - %s\n",
+	    res[0].dn, ldb.errstring());
+	ldb.transaction_cancel();
+	exit(1);
+} else {
+	message("set password for %s (%s) succeded\n",
+	    res[0].dn, res[0].cn);
+	
+	ldb.transaction_commit();
+}
+
+
+return 0;