three simple patches
Rafal Szczesniak
mimir at spin.ict.pwr.wroc.pl
Fri Dec 14 05:48:19 GMT 2001
I wanted to send it with other, more "serious", patches. However, I'm
getting tired of correcting "my" sources after each update altering
the source files I've already modified :-)
Here are patches for creating trusting domain's account using
smbpasswd. Yes, I know it's going to be replaced with net tool. Work
on 'net rpc trustdom' is in progress.
cheers,
+--------------------------------------------------------+
|Rafal 'Mimir' Szczesniak <mimir at spin.ict.pwr.wroc.pl> |
|*BSD, Linux and Samba /
|______________________________________________________/
-------------- next part --------------
--- head.orig/source/include/smb.h Thu Dec 13 19:09:27 2001
+++ head/source/include/smb.h Fri Dec 14 14:26:19 2001
@@ -656,6 +656,7 @@
#define LOCAL_SET_NO_PASSWORD 0x20
#define LOCAL_SET_PASSWORD 0x40
#define LOCAL_SET_LDAP_ADMIN_PW 0x80
+#define LOCAL_INTERDOM_ACCOUNT 0x100
/* key and data in the connections database - used in smbstatus and smbd */
struct connections_key {
-------------- next part --------------
--- head.orig/source/passdb/passdb.c Thu Dec 6 14:09:14 2001
+++ head/source/passdb/passdb.c Fri Dec 14 14:21:33 2001
@@ -954,13 +954,33 @@
return False;
}
- /* set account flags. Note that the default is non-expiring accounts */
- /*if (!pdb_set_acct_ctrl(sam_pass,((local_flags & LOCAL_TRUST_ACCOUNT) ? ACB_WSTRUST : ACB_NORMAL|ACB_PWNOEXP) )) {*/
+
+ if (local_flags & LOCAL_TRUST_ACCOUNT) {
+ if (!pdb_set_acct_ctrl(sam_pass, ACB_WSTRUST)) {
+ slprintf(err_str, err_str_len - 1, "Failed to set 'trusted workstation account' flags for user %s.\n", user_name);
+ pdb_free_sam(&sam_pass);
+ return False;
+ }
+ } else if (local_flags & LOCAL_INTERDOM_ACCOUNT) {
+ if (!pdb_set_acct_ctrl(sam_pass, ACB_DOMTRUST)) {
+ slprintf(err_str, err_str_len - 1, "Failed to set 'domain trust account' flags for user %s.\n", user_name);
+ pdb_free_sam(&sam_pass);
+ return False;
+ }
+ } else {
+ if (!pdb_set_acct_ctrl(sam_pass, ACB_NORMAL)) {
+ slprintf(err_str, err_str_len - 1, "Failed to set 'normal account' flags for user %s.\n", user_name);
+ pdb_free_sam(&sam_pass);
+ return False;
+ }
+ }
+
+/* mimir: commented out since account types number grown own of such solution
if (!pdb_set_acct_ctrl(sam_pass,((local_flags & LOCAL_TRUST_ACCOUNT) ? ACB_WSTRUST : ACB_NORMAL) )) {
slprintf(err_str, err_str_len-1, "Failed to set 'trust account' flags for user %s.\n", user_name);
pdb_free_sam(&sam_pass);
return False;
- }
+ } */
} else {
/* the entry already existed */
local_flags &= ~LOCAL_ADD_USER;
-------------- next part --------------
--- head.orig/source/utils/smbpasswd.c Thu Dec 13 19:09:29 2001
+++ head/source/utils/smbpasswd.c Fri Dec 14 14:09:44 2001
@@ -56,6 +56,7 @@
printf(" -e enable user\n");
printf(" -n set no password\n");
printf(" -m machine trust account\n");
+ printf(" -i interdomain trust account\n");
#ifdef WITH_LDAP_SAM
printf(" -w ldap admin password\n");
#endif
@@ -213,7 +214,7 @@
user_name[0] = '\0';
- while ((ch = getopt(argc, argv, "axdehmnjr:swR:D:U:L")) != EOF) {
+ while ((ch = getopt(argc, argv, "axdehmnijr:swR:D:U:L")) != EOF) {
switch(ch) {
case 'L':
local_mode = True;
@@ -236,6 +237,9 @@
case 'm':
local_flags |= LOCAL_TRUST_ACCOUNT;
break;
+ case 'i':
+ local_flags |= LOCAL_INTERDOM_ACCOUNT;
+ break;
case 'j':
d_printf("See 'net rpc join' for this functionality\n");
exit(1);
@@ -375,8 +379,23 @@
slprintf(buf, sizeof(buf)-1, "%s$", user_name);
fstrcpy(user_name, buf);
+ } else if (local_flags & LOCAL_INTERDOM_ACCOUNT) {
+ static fstring buf;
+
+ if (local_flags & LOCAL_ADD_USER) {
+ /*
+ * Prompt for trusting domain's account password
+ */
+ new_passwd = prompt_for_new_password(stdin_passwd_get);
+ if(!new_passwd) {
+ fprintf(stderr, "Unable to get new password.\n");
+ exit(1);
+ }
+ }
+ slprintf(buf, sizeof(buf) - 1, "%s$", user_name);
+ fstrcpy(user_name, buf);
+
} else {
-
if (remote_machine != NULL) {
old_passwd = get_pass("Old SMB password:",stdin_passwd_get);
}
More information about the samba-technical
mailing list