[PATCH 2/2] Set the machine UPN using net ads
Gerald (Jerry) Carter
jerry at samba.org
Fri Mar 16 17:20:12 GMT 2007
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Another patch to 'net ads' to allow setting the machine
UPN after the join. I needed this as older versions of
Winbind try to kinit with the UPN rather than the
sAMAccountName but the new join code does not set it
by default.
Example:
$ net ads setmachineupn -U Administrator
Added userPrincipalName value of host/PASCAL at EAST.AD.PLAINJOE.ORG
If people don't want the clutter, I'll leave it in my
local tree.
cheers, jerry
=====================================================================
Samba ------- http://www.samba.org
Centeris ----------- http://www.centeris.com
"What man is a man who does not make the world better?" --Balian
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.4 (MingW32)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
iD8DBQFF+tHMIR7qMdg1EfYRAushAJ9naPlw32BNZvKwsxEy+09QT3OQgQCdGR/J
RAB/Etvb+LwHi/bx7WZDJ6g=
=Wxx/
-----END PGP SIGNATURE-----
-------------- next part --------------
=== modified file 'source/utils/net_ads.c'
--- source/utils/net_ads.c 2007-03-01 15:11:22 +0000
+++ source/utils/net_ads.c 2007-03-16 17:07:29 +0000
@@ -1700,6 +1793,62 @@
}
/*******************************************************************
+ Set the UPN attribute in the form host/HOSTNAME at REALM
+*******************************************************************/
+
+static int net_ads_set_machineupn(int argc, const char **argv)
+{
+ ADS_STRUCT *ads;
+ ADS_STATUS rc;
+ LDAPMessage *res;
+ const char *machineupn = argv[1];
+ TALLOC_CTX *ctx = NULL;
+
+ if (!(ctx = talloc_init("net_ads_join"))) {
+ d_fprintf(stderr, "Could not initialise talloc context.\n");
+ return -1;
+ }
+
+ if (!ADS_ERR_OK(ads_startup(True, &ads))) {
+ talloc_destroy( ctx );
+ return -1;
+ }
+
+ rc = ads_find_machine_acct(ads, &res, global_myname());
+ if (!ADS_ERR_OK(rc)) {
+ d_fprintf(stderr, "ads_find_machine_acct: %s\n", ads_errstr(rc));
+ talloc_destroy( ctx );
+ ads_destroy(&ads);
+ return -1;
+ }
+
+ if (ads_count_replies(ads, res) == 0) {
+ d_fprintf(stderr, "No machine account for '%s' found\n", global_myname());
+ talloc_destroy( ctx );
+ ads_destroy(&ads);
+ return -1;
+ }
+
+ /* default to using the short UPN name */
+ if ( !machineupn ) {
+ machineupn = talloc_asprintf( ctx, "host/%s@%s", global_myname(),
+ ads->config.realm );
+ }
+
+ rc = net_set_machine_upn( ctx, ads, machineupn );
+ if ( !ADS_ERR_OK(rc) ) {
+ d_fprintf(stderr, "Failed to set userPrincipalName. Are you a Domain Admin?\n");
+ } else {
+ d_printf( "Added userPrincipalName value of %s\n", machineupn);
+ }
+
+ ads_destroy(&ads);
+ talloc_destroy( ctx );
+
+ return ADS_ERR_OK(rc) ? 0 : -1;
+}
+
+/*******************************************************************
********************************************************************/
int net_ads_printer_usage(int argc, const char **argv)
@@ -2411,6 +2560,7 @@
{"USER", net_ads_user},
{"GROUP", net_ads_group},
{"DNS", net_ads_dns},
+ {"SETMACHINEUPN", net_ads_set_machineupn},
{"PASSWORD", net_ads_password},
{"CHANGETRUSTPW", net_ads_changetrustpw},
{"PRINTER", net_ads_printer},
More information about the samba-technical
mailing list