[SCM] Samba Shared Repository - branch master updated
Jeremy Allison
jra at samba.org
Wed Mar 6 17:37:02 MST 2013
The branch, master has been updated
via 33a7296 docs: Add documentation for osName and osVer
via c666320 net ads join: Add support for specifying the machine account password
via 166288b selftest: Fix specification of --machinepass to actually set a unique password
from 7fa4795 waf: add -fstack-protector to LDFLAGS if detected.
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master
- Log -----------------------------------------------------------------
commit 33a72968e566f47a3dcb5e8d752d47847d464337
Author: Andrew Bartlett <abartlet at samba.org>
Date: Thu Feb 28 23:30:16 2013 +1100
docs: Add documentation for osName and osVer
This was previously documented only in the online help.
Andrew Bartlett
Reviewed-by: Jeremy Allison <jra at samba.org>
Autobuild-User(master): Jeremy Allison <jra at samba.org>
Autobuild-Date(master): Thu Mar 7 01:36:01 CET 2013 on sn-devel-104
commit c66632046d62786dd19c8978847bfc6470da4e89
Author: Andrew Bartlett <abartlet at samba.org>
Date: Thu Feb 28 22:59:48 2013 +1100
net ads join: Add support for specifying the machine account password
This allows a predictable password to be specified, just like --machinepass does on samba-tool domain join.
Andrew Bartlett
Reviewed-by: Jeremy Allison <jra at samba.org>
commit 166288b162e7b658b48bc908c71f635928edc5b5
Author: Andrew Bartlett <abartlet at samba.org>
Date: Thu Feb 28 22:57:45 2013 +1100
selftest: Fix specification of --machinepass to actually set a unique password
Because perl does not assert on dereferencing an invalid hash key
we did not notice that the passwords were being set to machine, not
machineloCalMemberPass.
Andrew Bartlett
Reviewed-by: Jeremy Allison <jra at samba.org>
-----------------------------------------------------------------------
Summary of changes:
docs-xml/manpages/net.8.xml | 12 +++++++++++-
selftest/target/Samba4.pm | 12 ++++++------
source3/utils/net_ads.c | 11 +++++++++++
3 files changed, 28 insertions(+), 7 deletions(-)
Changeset truncated at 500 lines:
diff --git a/docs-xml/manpages/net.8.xml b/docs-xml/manpages/net.8.xml
index 01044e1..82849f2 100644
--- a/docs-xml/manpages/net.8.xml
+++ b/docs-xml/manpages/net.8.xml
@@ -194,7 +194,8 @@ the remote server using <command>/bin/date</command>. </para>
</refsect2>
<refsect2>
-<title>[RPC|ADS] JOIN [TYPE] [-U username[%password]] [createupn=UPN] [createcomputer=OU] [options]</title>
+<title>[RPC|ADS] JOIN [TYPE] [-U username[%password]] [createupn=UPN]
+[createcomputer=OU] [machinepass=PASS] [osName=string osVer=string] [options]</title>
<para>
Join a domain. If the account already exists on the server, and
@@ -220,6 +221,15 @@ a '/'. Please note that '\' is used for escape by both the shell
and ldap, so it may need to be doubled or quadrupled to pass through,
and it is not used as a delimiter.
</para>
+<para>
+[PASS] (ADS only) Set a specific password on the computer account
+being created by the join.
+</para>
+<para>
+[osName=string osVer=String] (ADS only) Set the operatingSystem and
+operatingSystemVersion attribute during the join. Both parameters
+must be specified for either to take effect.
+</para>
</refsect2>
<refsect2>
diff --git a/selftest/target/Samba4.pm b/selftest/target/Samba4.pm
index e9e0037..05541d9 100644
--- a/selftest/target/Samba4.pm
+++ b/selftest/target/Samba4.pm
@@ -881,7 +881,7 @@ sub provision_member($$$)
$cmd .= "KRB5_CONFIG=\"$ret->{KRB5_CONFIG}\" ";
$cmd .= "$samba_tool domain join $ret->{CONFIGURATION} $dcvars->{REALM} member";
$cmd .= " -U$dcvars->{DC_USERNAME}\%$dcvars->{DC_PASSWORD}";
- $cmd .= " --machinepass=machine$ret->{password}";
+ $cmd .= " --machinepass=machine$ret->{PASSWORD}";
unless (system($cmd) == 0) {
warn("Join failed\n$cmd");
@@ -949,7 +949,7 @@ sub provision_rpc_proxy($$$)
$cmd .= "KRB5_CONFIG=\"$ret->{KRB5_CONFIG}\" ";
$cmd .= "$samba_tool domain join $ret->{CONFIGURATION} $dcvars->{REALM} member";
$cmd .= " -U$dcvars->{DC_USERNAME}\%$dcvars->{DC_PASSWORD}";
- $cmd .= " --machinepass=machine$ret->{password}";
+ $cmd .= " --machinepass=machine$ret->{PASSWORD}";
unless (system($cmd) == 0) {
warn("Join failed\n$cmd");
@@ -1036,7 +1036,7 @@ sub provision_promoted_dc($$$)
$cmd .= "KRB5_CONFIG=\"$ret->{KRB5_CONFIG}\" ";
$cmd .= "$samba_tool domain join $ret->{CONFIGURATION} $dcvars->{REALM} MEMBER --realm=$dcvars->{REALM}";
$cmd .= " -U$dcvars->{DC_USERNAME}\%$dcvars->{DC_PASSWORD}";
- $cmd .= " --machinepass=machine$ret->{password}";
+ $cmd .= " --machinepass=machine$ret->{PASSWORD}";
unless (system($cmd) == 0) {
warn("Join failed\n$cmd");
@@ -1049,7 +1049,7 @@ sub provision_promoted_dc($$$)
$cmd .= "KRB5_CONFIG=\"$ret->{KRB5_CONFIG}\" ";
$cmd .= "$samba_tool domain dcpromo $ret->{CONFIGURATION} $dcvars->{REALM} DC --realm=$dcvars->{REALM}";
$cmd .= " -U$dcvars->{DC_USERNAME}\%$dcvars->{DC_PASSWORD}";
- $cmd .= " --machinepass=machine$ret->{password} --use-ntvfs";
+ $cmd .= " --machinepass=machine$ret->{PASSWORD} --use-ntvfs";
unless (system($cmd) == 0) {
warn("Join failed\n$cmd");
@@ -1110,7 +1110,7 @@ sub provision_vampire_dc($$$)
$cmd .= "KRB5_CONFIG=\"$ret->{KRB5_CONFIG}\" ";
$cmd .= "$samba_tool domain join $ret->{CONFIGURATION} $dcvars->{REALM} DC --realm=$dcvars->{REALM}";
$cmd .= " -U$dcvars->{DC_USERNAME}\%$dcvars->{DC_PASSWORD} --domain-critical-only";
- $cmd .= " --machinepass=machine$ret->{password} --use-ntvfs";
+ $cmd .= " --machinepass=machine$ret->{PASSWORD} --use-ntvfs";
unless (system($cmd) == 0) {
warn("Join failed\n$cmd");
@@ -1175,7 +1175,7 @@ sub provision_subdom_dc($$$)
$cmd .= "KRB5_CONFIG=\"$ret->{KRB5_CONFIG}\" ";
$cmd .= "$samba_tool domain join $ret->{CONFIGURATION} $ctx->{realm} subdomain ";
$cmd .= "--parent-domain=$dcvars->{REALM} -U$dcvars->{DC_USERNAME}\@$dcvars->{REALM}\%$dcvars->{DC_PASSWORD}";
- $cmd .= " --machinepass=machine$ret->{password} --use-ntvfs";
+ $cmd .= " --machinepass=machine$ret->{PASSWORD} --use-ntvfs";
unless (system($cmd) == 0) {
warn("Join failed\n$cmd");
diff --git a/source3/utils/net_ads.c b/source3/utils/net_ads.c
index 013884d..5699943 100644
--- a/source3/utils/net_ads.c
+++ b/source3/utils/net_ads.c
@@ -1315,6 +1315,8 @@ static int net_ads_join_usage(struct net_context *c, int argc, const char **argv
" E.g. \"createcomputer=Computers/Servers/Unix\"\n"
" NB: A backslash '\\' is used as escape at multiple levels and may\n"
" need to be doubled or even quadrupled. It is not used as a separator.\n"));
+ d_printf(_(" machinepass=PASS Set the machine password to a specific value during the join.\n"
+ " The deault password is random.\n"));
d_printf(_(" osName=string Set the operatingSystem attribute during the join.\n"));
d_printf(_(" osVer=string Set the operatingSystemVersion attribute during the join.\n"
" NB: osName and osVer must be specified together for either to take effect.\n"
@@ -1421,6 +1423,7 @@ int net_ads_join(struct net_context *c, int argc, const char **argv)
WERROR werr = WERR_SETUP_NOT_JOINED;
bool createupn = false;
const char *machineupn = NULL;
+ const char *machine_password = NULL;
const char *create_in_ou = NULL;
int i;
const char *os_name = NULL;
@@ -1482,6 +1485,13 @@ int net_ads_join(struct net_context *c, int argc, const char **argv)
goto fail;
}
}
+ else if ( !strncasecmp_m(argv[i], "machinepass", strlen("machinepass")) ) {
+ if ( (machine_password = get_string_param(argv[i])) == NULL ) {
+ d_fprintf(stderr, _("Please supply a valid password to set as trust account password.\n"));
+ werr = WERR_INVALID_PARAM;
+ goto fail;
+ }
+ }
else {
domain = argv[i];
}
@@ -1511,6 +1521,7 @@ int net_ads_join(struct net_context *c, int argc, const char **argv)
r->in.dc_name = c->opt_host;
r->in.admin_account = c->opt_user_name;
r->in.admin_password = net_prompt_pass(c, c->opt_user_name);
+ r->in.machine_password = machine_password;
r->in.debug = true;
r->in.use_kerberos = c->opt_kerberos;
r->in.modify_config = modify_config;
--
Samba Shared Repository
More information about the samba-cvs
mailing list