Fwd: net rpc user command improvements

Jeremy Allison jra at samba.org
Mon Oct 6 18:56:19 MDT 2014


On Mon, Sep 08, 2014 at 01:12:36PM +0200, Gabriel Buades wrote:
> Hello.
> 
> First of all, I must thank all the Samba developers for its impressive work.
> 
> We are working to remotely manage the accounts and local groups of any
> windows server from within Soffid IAM (Our open-source Identity Management
> product). When Soffid IAM is installed on a Linux box we'd like to use
> SAMBA as the best way to remotely query and manage local groups and
> accounts hosted on Windows servers, but we've found some little bugs and
> some missing features.
> 
> So, we've build up our first samba patches, and I'd like them to be
> reviewed and commited into Samba GIT repository.
> 
> The first one is a simply patch that changes the flat to be sent when the
> expired flag is remotely set. The existing code sets the
> SAMR_FIELD_FORCE_PWD_CHANGE, but in our tests it generates an invalid
> argument error. Setting the SAMR_FIELD_EXPIRED_FLAG works smoothly.
> 
> The second one is a patch that allows a remote administrator to set most of
> the user attributes, while creating (net rpc user set_info) or adding (net
> rpc user add) a new user, as well as a way to query them (net rpc user
> get_info).
> 
> The syntax for net rpc user add accepts the following optional arguments:
> 
> comment=...
> full_name=....
> home_dir=....
> home_dir_drive=....
> script_path=...
> params=...
> wokstations=....
> logon_server=....
> primary_group_id=...
> profile=....
> flags= A hexadecimal number (0x...) or any combination of the following
> letters:
>    d Disabled account
>    e Enabled account
>    p Password must be changed at next logon
>    P Password must not be changed at next logon
>    x Password never expires
>    w Workstation trust account
>    s Server trust account
>    i Inter-domain trust account
>    n Normal account
> password_expired=true/false
> 
> So, to create a new user whose password never expire, the command would be:
> net rpc user add GBuades full_name="Gabriel Buades"
> password=ForeverPassword flags=nxP
> 
> To assign a new password that will expire after the configured time period.
> net rpc user set_info GBuades password=ChangeIt flags=np
> 
> To query for user information, execute:
> net rpc user get_info GBuades.
> 
> 
> Thank you very much.

Hi Gabiel,

As this is a significant amount of new code
contributions could you send an email
either giving us these contributions under
your personal copyright, or if you wish them
to be under Soffid corporate copyright please
follow the instructions here:

https://www.samba.org/samba/devel/copyright-policy.html

That will make it much easier to accept
contributions !

Thanks,

	Jeremy.


More information about the samba-technical mailing list