svn commit: samba r13837 - in trunk/source/utils: .
idra at samba.org
idra at samba.org
Sat Mar 4 23:30:47 GMT 2006
Author: idra
Date: 2006-03-04 23:30:46 +0000 (Sat, 04 Mar 2006)
New Revision: 13837
WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=rev&root=samba&rev=13837
Log:
Fix provisioning
Modified:
trunk/source/utils/net_sam.c
Changeset:
Modified: trunk/source/utils/net_sam.c
===================================================================
--- trunk/source/utils/net_sam.c 2006-03-04 23:29:30 UTC (rev 13836)
+++ trunk/source/utils/net_sam.c 2006-03-04 23:30:46 UTC (rev 13837)
@@ -762,6 +762,7 @@
GROUP_MAP gmap;
DOM_SID gsid;
gid_t domusers_gid = -1;
+ gid_t domadmins_gid = -1;
struct samu *samuser;
struct passwd *pwd;
@@ -869,13 +870,12 @@
char *wname;
char *gidstr;
char *gtype;
- gid_t gid;
int rc;
d_printf("Adding the Domain Admins group.\n");
/* lets allocate a new groupid for this group */
- if (!winbind_allocate_gid(&gid)) {
+ if (!winbind_allocate_gid(&domadmins_gid)) {
d_fprintf(stderr, "Unable to allocate a new gid to create Domain Admins group!\n");
goto doma_done;
}
@@ -883,7 +883,7 @@
uname = talloc_strdup(tc, "domadmins");
wname = talloc_strdup(tc, "Domain Admins");
dn = talloc_asprintf(tc, "cn=%s,%s", "domadmins", lp_ldap_group_suffix());
- gidstr = talloc_asprintf(tc, "%d", gid);
+ gidstr = talloc_asprintf(tc, "%d", domadmins_gid);
gtype = talloc_asprintf(tc, "%d", SID_NAME_DOM_GRP);
if (!uname || !wname || !dn || !gidstr || !gtype) {
@@ -912,7 +912,82 @@
doma_done:
+ d_printf("Check for Administrator account.\n");
+ samuser = samu_new(tc);
+ if (!samuser) {
+ d_fprintf(stderr, "Out of Memory!\n");
+ goto failed;
+ }
+
+ if (!pdb_getsampwnam(samuser, "Administrator")) {
+ LDAPMod **mods = NULL;
+ DOM_SID sid;
+ char *dn;
+ char *name;
+ char *uidstr;
+ char *gidstr;
+ char *shell;
+ char *dir;
+ uid_t uid;
+ int rc;
+
+ d_printf("Adding the Administrator user.\n");
+
+ if (domadmins_gid == -1) {
+ d_fprintf(stderr, "Can't create Administrtor user, Domain Admins group not available!\n");
+ goto done;
+ }
+ if (!winbind_allocate_uid(&uid)) {
+ d_fprintf(stderr, "Unable to allocate a new uid to create the Administrator user!\n");
+ goto done;
+ }
+ name = talloc_strdup(tc, "Administrator");
+ dn = talloc_asprintf(tc, "uid=Administrator,%s", lp_ldap_user_suffix());
+ uidstr = talloc_asprintf(tc, "%d", uid);
+ gidstr = talloc_asprintf(tc, "%d", domadmins_gid);
+ dir = talloc_sub_specified(tc, lp_template_homedir(),
+ "Administrator",
+ get_global_sam_name(),
+ uid, domadmins_gid);
+ shell = talloc_sub_specified(tc, lp_template_shell(),
+ "Administrator",
+ get_global_sam_name(),
+ uid, domadmins_gid);
+
+ if (!name || !dn || !uidstr || !gidstr || !dir || !shell) {
+ d_fprintf(stderr, "Out of Memory!\n");
+ goto failed;
+ }
+
+ sid_compose(&sid, get_global_sam_sid(), DOMAIN_USER_RID_ADMIN);
+
+ smbldap_set_mod(&mods, LDAP_MOD_ADD, "objectClass", LDAP_OBJ_ACCOUNT);
+ smbldap_set_mod(&mods, LDAP_MOD_ADD, "objectClass", LDAP_OBJ_POSIXACCOUNT);
+ smbldap_set_mod(&mods, LDAP_MOD_ADD, "objectClass", LDAP_OBJ_SAMBASAMACCOUNT);
+ smbldap_set_mod(&mods, LDAP_MOD_ADD, "uid", name);
+ smbldap_set_mod(&mods, LDAP_MOD_ADD, "cn", name);
+ smbldap_set_mod(&mods, LDAP_MOD_ADD, "displayName", name);
+ smbldap_set_mod(&mods, LDAP_MOD_ADD, "uidNumber", uidstr);
+ smbldap_set_mod(&mods, LDAP_MOD_ADD, "gidNumber", gidstr);
+ smbldap_set_mod(&mods, LDAP_MOD_ADD, "homeDirectory", dir);
+ smbldap_set_mod(&mods, LDAP_MOD_ADD, "loginShell", shell);
+ smbldap_set_mod(&mods, LDAP_MOD_ADD, "sambaSID", sid_string_static(&sid));
+ smbldap_set_mod(&mods, LDAP_MOD_ADD, "sambaAcctFlags",
+ pdb_encode_acct_ctrl(ACB_NORMAL|ACB_DISABLED,
+ NEW_PW_FORMAT_SPACE_PADDED_LEN));
+
+ talloc_autofree_ldapmod(tc, mods);
+
+ rc = smbldap_add(ls, dn, mods);
+
+ if (rc != LDAP_SUCCESS) {
+ d_fprintf(stderr, "Failed to add Administrator user to ldap directory\n");
+ }
+ } else {
+ d_printf("found!\n");
+ }
+
d_printf("Checking for Guest user.\n");
samuser = samu_new(tc);
@@ -931,7 +1006,7 @@
d_printf("Adding the Guest user.\n");
- pwd = getpwnam_alloc(NULL, lp_guestaccount());
+ pwd = getpwnam_alloc(tc, lp_guestaccount());
if (!pwd) {
if (domusers_gid == -1) {
@@ -971,9 +1046,12 @@
smbldap_set_mod(&mods, LDAP_MOD_ADD, "displayName", pwd->pw_name);
smbldap_set_mod(&mods, LDAP_MOD_ADD, "uidNumber", uidstr);
smbldap_set_mod(&mods, LDAP_MOD_ADD, "gidNumber", gidstr);
- smbldap_set_mod(&mods, LDAP_MOD_ADD, "sambaSID", sid_string_static(&sid));
smbldap_set_mod(&mods, LDAP_MOD_ADD, "homeDirectory", pwd->pw_dir);
smbldap_set_mod(&mods, LDAP_MOD_ADD, "loginShell", pwd->pw_shell);
+ smbldap_set_mod(&mods, LDAP_MOD_ADD, "sambaSID", sid_string_static(&sid));
+ smbldap_set_mod(&mods, LDAP_MOD_ADD, "sambaAcctFlags",
+ pdb_encode_acct_ctrl(ACB_NORMAL|ACB_DISABLED,
+ NEW_PW_FORMAT_SPACE_PADDED_LEN));
talloc_autofree_ldapmod(tc, mods);
More information about the samba-cvs
mailing list