Fwd: net rpc user command improvements

Gabriel Buades gbuades at soffid.com
Mon Sep 8 05:12:36 MDT 2014


First of all, I must thank all the Samba developers for its impressive work.

We are working to remotely manage the accounts and local groups of any
windows server from within Soffid IAM (Our open-source Identity Management
product). When Soffid IAM is installed on a Linux box we'd like to use
SAMBA as the best way to remotely query and manage local groups and
accounts hosted on Windows servers, but we've found some little bugs and
some missing features.

So, we've build up our first samba patches, and I'd like them to be
reviewed and commited into Samba GIT repository.

The first one is a simply patch that changes the flat to be sent when the
expired flag is remotely set. The existing code sets the
SAMR_FIELD_FORCE_PWD_CHANGE, but in our tests it generates an invalid
argument error. Setting the SAMR_FIELD_EXPIRED_FLAG works smoothly.

The second one is a patch that allows a remote administrator to set most of
the user attributes, while creating (net rpc user set_info) or adding (net
rpc user add) a new user, as well as a way to query them (net rpc user

The syntax for net rpc user add accepts the following optional arguments:

flags= A hexadecimal number (0x...) or any combination of the following
   d Disabled account
   e Enabled account
   p Password must be changed at next logon
   P Password must not be changed at next logon
   x Password never expires
   w Workstation trust account
   s Server trust account
   i Inter-domain trust account
   n Normal account

So, to create a new user whose password never expire, the command would be:
net rpc user add GBuades full_name="Gabriel Buades"
password=ForeverPassword flags=nxP

To assign a new password that will expire after the configured time period.
net rpc user set_info GBuades password=ChangeIt flags=np

To query for user information, execute:
net rpc user get_info GBuades.

Thank you very much.

Gabriel Buades
*Soffid* CEO
✉ gbuades at soffid.com
☎ +34-871962912
✆ +34-639660155
Skype: gbuadesr

*Please consider the environment before printing this email*

This email and any attachments are property of Soffid IAM SL. It may
contain confidential or privileged information, so it is absolutely
forbidden to copy, reproduce, publish and distribute their contents and the
use of this material for any other purpose that is not strictly authorized, as
stated at Intellectual Property and Data Protection laws.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: 0001-Change-expired-password-flag-indicator.patch
Type: text/x-patch
Size: 849 bytes
Desc: not available
URL: <http://lists.samba.org/pipermail/samba-technical/attachments/20140908/713970be/attachment.bin>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: 0002-Enhance-net-rpc-user-command.patch
Type: text/x-patch
Size: 12450 bytes
Desc: not available
URL: <http://lists.samba.org/pipermail/samba-technical/attachments/20140908/713970be/attachment-0001.bin>

More information about the samba-technical mailing list