関数 | |
static int | export_database (struct pdb_methods *in, struct pdb_methods *out, const char *username) |
static int | export_groups (struct pdb_methods *in, struct pdb_methods *out) |
static int | reinit_account_policies (void) |
static int | export_account_policies (struct pdb_methods *in, struct pdb_methods *out) |
static int | print_sam_info (struct samu *sam_pwent, BOOL verbosity, BOOL smbpwdstyle) |
static int | print_user_info (struct pdb_methods *in, const char *username, BOOL verbosity, BOOL smbpwdstyle) |
static int | print_users_list (struct pdb_methods *in, BOOL verbosity, BOOL smbpwdstyle) |
static int | fix_users_list (struct pdb_methods *in) |
static int | set_user_info (struct pdb_methods *in, const char *username, const char *fullname, const char *homedir, const char *acct_desc, const char *drive, const char *script, const char *profile, const char *account_control, const char *user_sid, const char *user_domain, const BOOL badpw, const BOOL hours) |
static int | new_user (struct pdb_methods *in, const char *username, const char *fullname, const char *homedir, const char *drive, const char *script, const char *profile, char *user_sid, BOOL stdin_get) |
static int | new_machine (struct pdb_methods *in, const char *machine_in) |
static int | delete_user_entry (struct pdb_methods *in, const char *username) |
static int | delete_machine_entry (struct pdb_methods *in, const char *machinename) |
int | main (int argc, char **argv) |
static int export_database | ( | struct pdb_methods * | in, | |
struct pdb_methods * | out, | |||
const char * | username | |||
) | [static] |
参照先 pdb_methods::add_sam_account・pdb_methods::endsampwent・fprintf()・pdb_methods::getsampwent・pdb_methods::getsampwnam・pdb_methods::name・printf()・samu_new()・pdb_methods::setsampwent・status・pdb_methods::update_sam_account・samu::username.
参照元 main().
00064 { 00065 struct samu *user = NULL; 00066 NTSTATUS status; 00067 00068 DEBUG(3, ("export_database: username=\"%s\"\n", username ? username : "(NULL)")); 00069 00070 status = in->setsampwent(in, 0, 0); 00071 if ( NT_STATUS_IS_ERR(status) ) { 00072 fprintf(stderr, "Unable to set account database iterator for %s!\n", 00073 in->name); 00074 return 1; 00075 } 00076 00077 if ( ( user = samu_new( NULL ) ) == NULL ) { 00078 fprintf(stderr, "export_database: Memory allocation failure!\n"); 00079 return 1; 00080 } 00081 00082 while ( NT_STATUS_IS_OK(in->getsampwent(in, user)) ) 00083 { 00084 DEBUG(4, ("Processing account %s\n", user->username)); 00085 00086 /* If we don't have a specific user or if we do and 00087 the login name matches */ 00088 00089 if ( !username || (strcmp(username, user->username) == 0)) { 00090 struct samu *account; 00091 00092 if ( (account = samu_new( NULL )) == NULL ) { 00093 fprintf(stderr, "export_database: Memory allocation failure!\n"); 00094 TALLOC_FREE( user ); 00095 in->endsampwent( in ); 00096 return 1; 00097 } 00098 00099 printf("Importing account for %s...", user->username); 00100 if ( !NT_STATUS_IS_OK(out->getsampwnam( out, account, user->username )) ) { 00101 status = out->add_sam_account(out, user); 00102 } else { 00103 status = out->update_sam_account( out, user ); 00104 } 00105 00106 if ( NT_STATUS_IS_OK(status) ) { 00107 printf( "ok\n"); 00108 } else { 00109 printf( "failed\n"); 00110 } 00111 00112 TALLOC_FREE( account ); 00113 } 00114 00115 /* clean up and get ready for another run */ 00116 00117 TALLOC_FREE( user ); 00118 00119 if ( ( user = samu_new( NULL ) ) == NULL ) { 00120 fprintf(stderr, "export_database: Memory allocation failure!\n"); 00121 return 1; 00122 } 00123 } 00124 00125 TALLOC_FREE( user ); 00126 00127 in->endsampwent(in); 00128 00129 return 0; 00130 }
static int export_groups | ( | struct pdb_methods * | in, | |
struct pdb_methods * | out | |||
) | [static] |
参照先 pdb_methods::add_group_mapping_entry・pdb_methods::enum_group_mapping・fprintf()・get_global_sam_sid()・SID_NAME_DOM_GRP・status.
参照元 main().
00137 { 00138 GROUP_MAP *maps = NULL; 00139 size_t i, entries = 0; 00140 NTSTATUS status; 00141 00142 status = in->enum_group_mapping(in, get_global_sam_sid(), 00143 SID_NAME_DOM_GRP, &maps, &entries, False); 00144 00145 if ( NT_STATUS_IS_ERR(status) ) { 00146 fprintf(stderr, "Unable to enumerate group map entries.\n"); 00147 return 1; 00148 } 00149 00150 for (i=0; i<entries; i++) { 00151 out->add_group_mapping_entry(out, &(maps[i])); 00152 } 00153 00154 SAFE_FREE( maps ); 00155 00156 return 0; 00157 }
static int reinit_account_policies | ( | void | ) | [static] |
参照先 account_policy_get_default()・account_policy_set()・decode_account_policy_name()・fprintf().
参照元 main().
00164 { 00165 int i; 00166 00167 for (i=1; decode_account_policy_name(i) != NULL; i++) { 00168 uint32 policy_value; 00169 if (!account_policy_get_default(i, &policy_value)) { 00170 fprintf(stderr, "Can't get default account policy\n"); 00171 return -1; 00172 } 00173 if (!account_policy_set(i, policy_value)) { 00174 fprintf(stderr, "Can't set account policy in tdb\n"); 00175 return -1; 00176 } 00177 } 00178 00179 return 0; 00180 }
static int export_account_policies | ( | struct pdb_methods * | in, | |
struct pdb_methods * | out | |||
) | [static] |
参照先 decode_account_policy_name()・fprintf()・pdb_methods::get_account_policy・pdb_methods::name・pdb_methods::set_account_policy・status.
参照元 main().
00188 { 00189 int i; 00190 00191 for ( i=1; decode_account_policy_name(i) != NULL; i++ ) { 00192 uint32 policy_value; 00193 NTSTATUS status; 00194 00195 status = in->get_account_policy(in, i, &policy_value); 00196 00197 if ( NT_STATUS_IS_ERR(status) ) { 00198 fprintf(stderr, "Unable to get account policy from %s\n", in->name); 00199 return -1; 00200 } 00201 00202 status = out->set_account_policy(out, i, policy_value); 00203 00204 if ( NT_STATUS_IS_ERR(status) ) { 00205 fprintf(stderr, "Unable to migrate account policy to %s\n", out->name); 00206 return -1; 00207 } 00208 } 00209 00210 return 0; 00211 }
参照先 convert_time_t_to_uint32()・samu::hours・http_timestring()・nametouid()・pdb_encode_acct_ctrl()・pdb_get_acct_ctrl()・pdb_get_acct_desc()・pdb_get_bad_password_count()・pdb_get_bad_password_time()・pdb_get_dir_drive()・pdb_get_domain()・pdb_get_fullname()・pdb_get_group_sid()・pdb_get_homedir()・pdb_get_hours()・pdb_get_kickoff_time()・pdb_get_lanman_passwd()・pdb_get_logoff_time()・pdb_get_logon_script()・pdb_get_logon_time()・pdb_get_munged_dial()・pdb_get_nt_passwd()・pdb_get_nt_username()・pdb_get_pass_can_change_time()・pdb_get_pass_last_set_time()・pdb_get_pass_must_change_time()・pdb_get_profile_path()・pdb_get_user_sid()・pdb_get_username()・pdb_get_workstations()・pdb_sethexhours()・pdb_sethexpwd()・printf()・sid_string_static().
参照元 print_user_info()・print_users_list().
00219 { 00220 uid_t uid; 00221 time_t tmp; 00222 00223 /* TODO: chaeck if entry is a user or a workstation */ 00224 if (!sam_pwent) return -1; 00225 00226 if (verbosity) { 00227 pstring temp; 00228 const uint8 *hours; 00229 00230 printf ("Unix username: %s\n", pdb_get_username(sam_pwent)); 00231 printf ("NT username: %s\n", pdb_get_nt_username(sam_pwent)); 00232 printf ("Account Flags: %s\n", pdb_encode_acct_ctrl(pdb_get_acct_ctrl(sam_pwent), NEW_PW_FORMAT_SPACE_PADDED_LEN)); 00233 printf ("User SID: %s\n", 00234 sid_string_static(pdb_get_user_sid(sam_pwent))); 00235 printf ("Primary Group SID: %s\n", 00236 sid_string_static(pdb_get_group_sid(sam_pwent))); 00237 printf ("Full Name: %s\n", pdb_get_fullname(sam_pwent)); 00238 printf ("Home Directory: %s\n", pdb_get_homedir(sam_pwent)); 00239 printf ("HomeDir Drive: %s\n", pdb_get_dir_drive(sam_pwent)); 00240 printf ("Logon Script: %s\n", pdb_get_logon_script(sam_pwent)); 00241 printf ("Profile Path: %s\n", pdb_get_profile_path(sam_pwent)); 00242 printf ("Domain: %s\n", pdb_get_domain(sam_pwent)); 00243 printf ("Account desc: %s\n", pdb_get_acct_desc(sam_pwent)); 00244 printf ("Workstations: %s\n", pdb_get_workstations(sam_pwent)); 00245 printf ("Munged dial: %s\n", pdb_get_munged_dial(sam_pwent)); 00246 00247 tmp = pdb_get_logon_time(sam_pwent); 00248 printf ("Logon time: %s\n", tmp ? http_timestring(tmp) : "0"); 00249 00250 tmp = pdb_get_logoff_time(sam_pwent); 00251 printf ("Logoff time: %s\n", tmp ? http_timestring(tmp) : "0"); 00252 00253 tmp = pdb_get_kickoff_time(sam_pwent); 00254 printf ("Kickoff time: %s\n", tmp ? http_timestring(tmp) : "0"); 00255 00256 tmp = pdb_get_pass_last_set_time(sam_pwent); 00257 printf ("Password last set: %s\n", tmp ? http_timestring(tmp) : "0"); 00258 00259 tmp = pdb_get_pass_can_change_time(sam_pwent); 00260 printf ("Password can change: %s\n", tmp ? http_timestring(tmp) : "0"); 00261 00262 tmp = pdb_get_pass_must_change_time(sam_pwent); 00263 printf ("Password must change: %s\n", tmp ? http_timestring(tmp) : "0"); 00264 00265 tmp = pdb_get_bad_password_time(sam_pwent); 00266 printf ("Last bad password : %s\n", tmp ? http_timestring(tmp) : "0"); 00267 printf ("Bad password count : %d\n", 00268 pdb_get_bad_password_count(sam_pwent)); 00269 00270 hours = pdb_get_hours(sam_pwent); 00271 pdb_sethexhours(temp, hours); 00272 printf ("Logon hours : %s\n", temp); 00273 00274 } else if (smbpwdstyle) { 00275 char lm_passwd[33]; 00276 char nt_passwd[33]; 00277 00278 uid = nametouid(pdb_get_username(sam_pwent)); 00279 pdb_sethexpwd(lm_passwd, pdb_get_lanman_passwd(sam_pwent), pdb_get_acct_ctrl(sam_pwent)); 00280 pdb_sethexpwd(nt_passwd, pdb_get_nt_passwd(sam_pwent), pdb_get_acct_ctrl(sam_pwent)); 00281 00282 printf("%s:%lu:%s:%s:%s:LCT-%08X:\n", 00283 pdb_get_username(sam_pwent), 00284 (unsigned long)uid, 00285 lm_passwd, 00286 nt_passwd, 00287 pdb_encode_acct_ctrl(pdb_get_acct_ctrl(sam_pwent),NEW_PW_FORMAT_SPACE_PADDED_LEN), 00288 (uint32)convert_time_t_to_uint32(pdb_get_pass_last_set_time(sam_pwent))); 00289 } else { 00290 uid = nametouid(pdb_get_username(sam_pwent)); 00291 printf ("%s:%lu:%s\n", pdb_get_username(sam_pwent), (unsigned long)uid, 00292 pdb_get_fullname(sam_pwent)); 00293 } 00294 00295 return 0; 00296 }
static int print_user_info | ( | struct pdb_methods * | in, | |
const char * | username, | |||
BOOL | verbosity, | |||
BOOL | smbpwdstyle | |||
) | [static] |
参照先 fprintf()・pdb_methods::getsampwnam・print_sam_info()・samu_new().
参照元 main()・new_machine()・new_user()・set_user_info().
00303 { 00304 struct samu *sam_pwent=NULL; 00305 BOOL ret; 00306 00307 if ( (sam_pwent = samu_new( NULL )) == NULL ) { 00308 return -1; 00309 } 00310 00311 ret = NT_STATUS_IS_OK(in->getsampwnam (in, sam_pwent, username)); 00312 00313 if (ret==False) { 00314 fprintf (stderr, "Username not found!\n"); 00315 TALLOC_FREE(sam_pwent); 00316 return -1; 00317 } 00318 00319 ret=print_sam_info (sam_pwent, verbosity, smbpwdstyle); 00320 TALLOC_FREE(sam_pwent); 00321 00322 return ret; 00323 }
static int print_users_list | ( | struct pdb_methods * | in, | |
BOOL | verbosity, | |||
BOOL | smbpwdstyle | |||
) | [static] |
参照先 pdb_methods::endsampwent・pdb_methods::getsampwent・print_sam_info()・printf()・samu_new()・pdb_methods::setsampwent.
参照元 main().
00329 { 00330 struct samu *sam_pwent=NULL; 00331 BOOL check; 00332 00333 check = NT_STATUS_IS_OK(in->setsampwent(in, False, 0)); 00334 if (!check) { 00335 return 1; 00336 } 00337 00338 check = True; 00339 if ( (sam_pwent = samu_new( NULL )) == NULL ) { 00340 return 1; 00341 } 00342 00343 while (check && NT_STATUS_IS_OK(in->getsampwent (in, sam_pwent))) { 00344 if (verbosity) 00345 printf ("---------------\n"); 00346 print_sam_info (sam_pwent, verbosity, smbpwdstyle); 00347 TALLOC_FREE(sam_pwent); 00348 00349 if ( (sam_pwent = samu_new( NULL )) == NULL ) { 00350 check = False; 00351 } 00352 } 00353 if (check) 00354 TALLOC_FREE(sam_pwent); 00355 00356 in->endsampwent(in); 00357 return 0; 00358 }
static int fix_users_list | ( | struct pdb_methods * | in | ) | [static] |
参照先 pdb_methods::endsampwent・fprintf()・pdb_methods::getsampwent・pdb_get_username()・pdb_update_sam_account()・printf()・samu_new()・pdb_methods::setsampwent.
参照元 main().
00364 { 00365 struct samu *sam_pwent=NULL; 00366 BOOL check; 00367 00368 check = NT_STATUS_IS_OK(in->setsampwent(in, False, 0)); 00369 if (!check) { 00370 return 1; 00371 } 00372 00373 check = True; 00374 if ( (sam_pwent = samu_new( NULL )) == NULL ) { 00375 return 1; 00376 } 00377 00378 while (check && NT_STATUS_IS_OK(in->getsampwent (in, sam_pwent))) { 00379 printf("Updating record for user %s\n", pdb_get_username(sam_pwent)); 00380 00381 if (!NT_STATUS_IS_OK(pdb_update_sam_account(sam_pwent))) { 00382 printf("Update of user %s failed!\n", pdb_get_username(sam_pwent)); 00383 } 00384 TALLOC_FREE(sam_pwent); 00385 if ( (sam_pwent = samu_new( NULL )) == NULL ) { 00386 check = False; 00387 } 00388 if (!check) { 00389 fprintf(stderr, "Failed to initialise new struct samu structure (out of memory?)\n"); 00390 } 00391 00392 } 00393 if (check) 00394 TALLOC_FREE(sam_pwent); 00395 00396 in->endsampwent(in); 00397 return 0; 00398 }
static int set_user_info | ( | struct pdb_methods * | in, | |
const char * | username, | |||
const char * | fullname, | |||
const char * | homedir, | |||
const char * | acct_desc, | |||
const char * | drive, | |||
const char * | script, | |||
const char * | profile, | |||
const char * | account_control, | |||
const char * | user_sid, | |||
const char * | user_domain, | |||
const BOOL | badpw, | |||
const BOOL | hours | |||
) | [static] |
参照先 fprintf()・get_global_sam_sid()・pdb_methods::getsampwnam・samu::hours_len・PDB_CHANGED・pdb_decode_acct_ctrl()・pdb_get_acct_ctrl()・pdb_get_hours_len()・pdb_set_acct_ctrl()・pdb_set_acct_desc()・pdb_set_bad_password_count()・pdb_set_bad_password_time()・pdb_set_dir_drive()・pdb_set_domain()・pdb_set_fullname()・pdb_set_homedir()・pdb_set_hours()・pdb_set_logon_script()・pdb_set_profile_path()・pdb_set_user_sid()・pdb_update_autolock_flag()・pdb_update_bad_password_count()・print_user_info()・samu_new()・sid_append_rid()・sid_copy()・string_to_sid()・pdb_methods::update_sam_account.
参照元 main().
00411 { 00412 BOOL updated_autolock = False, updated_badpw = False; 00413 struct samu *sam_pwent=NULL; 00414 BOOL ret; 00415 00416 if ( (sam_pwent = samu_new( NULL )) == NULL ) { 00417 return 1; 00418 } 00419 00420 ret = NT_STATUS_IS_OK(in->getsampwnam (in, sam_pwent, username)); 00421 if (ret==False) { 00422 fprintf (stderr, "Username not found!\n"); 00423 TALLOC_FREE(sam_pwent); 00424 return -1; 00425 } 00426 00427 if (hours) { 00428 uint8 hours_array[MAX_HOURS_LEN]; 00429 uint32 hours_len; 00430 00431 hours_len = pdb_get_hours_len(sam_pwent); 00432 memset(hours_array, 0xff, hours_len); 00433 00434 pdb_set_hours(sam_pwent, hours_array, PDB_CHANGED); 00435 } 00436 00437 if (!pdb_update_autolock_flag(sam_pwent, &updated_autolock)) { 00438 DEBUG(2,("pdb_update_autolock_flag failed.\n")); 00439 } 00440 00441 if (!pdb_update_bad_password_count(sam_pwent, &updated_badpw)) { 00442 DEBUG(2,("pdb_update_bad_password_count failed.\n")); 00443 } 00444 00445 if (fullname) 00446 pdb_set_fullname(sam_pwent, fullname, PDB_CHANGED); 00447 if (acct_desc) 00448 pdb_set_acct_desc(sam_pwent, acct_desc, PDB_CHANGED); 00449 if (homedir) 00450 pdb_set_homedir(sam_pwent, homedir, PDB_CHANGED); 00451 if (drive) 00452 pdb_set_dir_drive(sam_pwent,drive, PDB_CHANGED); 00453 if (script) 00454 pdb_set_logon_script(sam_pwent, script, PDB_CHANGED); 00455 if (profile) 00456 pdb_set_profile_path (sam_pwent, profile, PDB_CHANGED); 00457 if (user_domain) 00458 pdb_set_domain(sam_pwent, user_domain, PDB_CHANGED); 00459 00460 if (account_control) { 00461 uint32 not_settable = ~(ACB_DISABLED|ACB_HOMDIRREQ|ACB_PWNOTREQ| 00462 ACB_PWNOEXP|ACB_AUTOLOCK); 00463 00464 uint32 newflag = pdb_decode_acct_ctrl(account_control); 00465 00466 if (newflag & not_settable) { 00467 fprintf(stderr, "Can only set [NDHLX] flags\n"); 00468 TALLOC_FREE(sam_pwent); 00469 return -1; 00470 } 00471 00472 pdb_set_acct_ctrl(sam_pwent, 00473 (pdb_get_acct_ctrl(sam_pwent) & not_settable) | newflag, 00474 PDB_CHANGED); 00475 } 00476 if (user_sid) { 00477 DOM_SID u_sid; 00478 if (!string_to_sid(&u_sid, user_sid)) { 00479 /* not a complete sid, may be a RID, try building a SID */ 00480 int u_rid; 00481 00482 if (sscanf(user_sid, "%d", &u_rid) != 1) { 00483 fprintf(stderr, "Error passed string is not a complete user SID or RID!\n"); 00484 return -1; 00485 } 00486 sid_copy(&u_sid, get_global_sam_sid()); 00487 sid_append_rid(&u_sid, u_rid); 00488 } 00489 pdb_set_user_sid (sam_pwent, &u_sid, PDB_CHANGED); 00490 } 00491 00492 if (badpw) { 00493 pdb_set_bad_password_count(sam_pwent, 0, PDB_CHANGED); 00494 pdb_set_bad_password_time(sam_pwent, 0, PDB_CHANGED); 00495 } 00496 00497 if (NT_STATUS_IS_OK(in->update_sam_account (in, sam_pwent))) 00498 print_user_info (in, username, True, False); 00499 else { 00500 fprintf (stderr, "Unable to modify entry!\n"); 00501 TALLOC_FREE(sam_pwent); 00502 return -1; 00503 } 00504 TALLOC_FREE(sam_pwent); 00505 return 0; 00506 }
static int new_user | ( | struct pdb_methods * | in, | |
const char * | username, | |||
const char * | fullname, | |||
const char * | homedir, | |||
const char * | drive, | |||
const char * | script, | |||
const char * | profile, | |||
char * | user_sid, | |||
BOOL | stdin_get | |||
) | [static] |
参照先 pdb_methods::add_sam_account・fprintf()・get_global_sam_sid()・get_pass()・getpwnam_alloc()・PDB_CHANGED・pdb_set_acct_ctrl()・pdb_set_dir_drive()・pdb_set_fullname()・pdb_set_homedir()・pdb_set_logon_script()・pdb_set_plaintext_passwd()・pdb_set_profile_path()・pdb_set_user_sid()・print_user_info()・samu_alloc_rid_unix()・samu_new()・sid_append_rid()・sid_copy()・string_to_sid().
参照元 main().
00515 { 00516 struct samu *sam_pwent; 00517 char *password1, *password2; 00518 int rc_pwd_cmp; 00519 struct passwd *pwd; 00520 00521 get_global_sam_sid(); 00522 00523 if ( !(pwd = getpwnam_alloc( NULL, username )) ) { 00524 DEBUG(0,("Cannot locate Unix account for %s\n", username)); 00525 return -1; 00526 } 00527 00528 if ( (sam_pwent = samu_new( NULL )) == NULL ) { 00529 DEBUG(0, ("Memory allocation failure!\n")); 00530 return -1; 00531 } 00532 00533 if (!NT_STATUS_IS_OK(samu_alloc_rid_unix(sam_pwent, pwd ))) { 00534 TALLOC_FREE( sam_pwent ); 00535 TALLOC_FREE( pwd ); 00536 DEBUG(0, ("could not create account to add new user %s\n", username)); 00537 return -1; 00538 } 00539 00540 password1 = get_pass( "new password:", stdin_get); 00541 password2 = get_pass( "retype new password:", stdin_get); 00542 if ((rc_pwd_cmp = strcmp (password1, password2))) { 00543 fprintf (stderr, "Passwords do not match!\n"); 00544 TALLOC_FREE(sam_pwent); 00545 } else { 00546 pdb_set_plaintext_passwd(sam_pwent, password1); 00547 } 00548 00549 memset(password1, 0, strlen(password1)); 00550 SAFE_FREE(password1); 00551 memset(password2, 0, strlen(password2)); 00552 SAFE_FREE(password2); 00553 00554 /* pwds do _not_ match? */ 00555 if (rc_pwd_cmp) 00556 return -1; 00557 00558 if (fullname) 00559 pdb_set_fullname(sam_pwent, fullname, PDB_CHANGED); 00560 if (homedir) 00561 pdb_set_homedir (sam_pwent, homedir, PDB_CHANGED); 00562 if (drive) 00563 pdb_set_dir_drive (sam_pwent, drive, PDB_CHANGED); 00564 if (script) 00565 pdb_set_logon_script(sam_pwent, script, PDB_CHANGED); 00566 if (profile) 00567 pdb_set_profile_path (sam_pwent, profile, PDB_CHANGED); 00568 if (user_sid) { 00569 DOM_SID u_sid; 00570 if (!string_to_sid(&u_sid, user_sid)) { 00571 /* not a complete sid, may be a RID, try building a SID */ 00572 int u_rid; 00573 00574 if (sscanf(user_sid, "%d", &u_rid) != 1) { 00575 fprintf(stderr, "Error passed string is not a complete user SID or RID!\n"); 00576 TALLOC_FREE(sam_pwent); 00577 return -1; 00578 } 00579 sid_copy(&u_sid, get_global_sam_sid()); 00580 sid_append_rid(&u_sid, u_rid); 00581 } 00582 pdb_set_user_sid (sam_pwent, &u_sid, PDB_CHANGED); 00583 } 00584 00585 pdb_set_acct_ctrl (sam_pwent, ACB_NORMAL, PDB_CHANGED); 00586 00587 if (NT_STATUS_IS_OK(in->add_sam_account (in, sam_pwent))) { 00588 print_user_info (in, username, True, False); 00589 } else { 00590 fprintf (stderr, "Unable to add user! (does it already exist?)\n"); 00591 TALLOC_FREE(sam_pwent); 00592 return -1; 00593 } 00594 TALLOC_FREE(sam_pwent); 00595 return 0; 00596 }
static int new_machine | ( | struct pdb_methods * | in, | |
const char * | machine_in | |||
) | [static] |
参照先 pdb_methods::add_sam_account・fprintf()・get_global_sam_sid()・getpwnam_alloc()・PDB_CHANGED・pdb_set_acct_ctrl()・pdb_set_plaintext_passwd()・pdb_set_username()・print_user_info()・samu_alloc_rid_unix()・samu_new()・strlower_m().
参照元 main().
00603 { 00604 struct samu *sam_pwent=NULL; 00605 fstring machinename; 00606 fstring machineaccount; 00607 struct passwd *pwd = NULL; 00608 00609 get_global_sam_sid(); 00610 00611 if (strlen(machine_in) == 0) { 00612 fprintf(stderr, "No machine name given\n"); 00613 return -1; 00614 } 00615 00616 fstrcpy(machinename, machine_in); 00617 machinename[15]= '\0'; 00618 00619 if (machinename[strlen (machinename) -1] == '$') 00620 machinename[strlen (machinename) -1] = '\0'; 00621 00622 strlower_m(machinename); 00623 00624 fstrcpy(machineaccount, machinename); 00625 fstrcat(machineaccount, "$"); 00626 00627 if ( !(pwd = getpwnam_alloc( NULL, machineaccount )) ) { 00628 DEBUG(0,("Cannot locate Unix account for %s\n", machineaccount)); 00629 return -1; 00630 } 00631 00632 if ( (sam_pwent = samu_new( NULL )) == NULL ) { 00633 fprintf(stderr, "Memory allocation error!\n"); 00634 TALLOC_FREE(pwd); 00635 return -1; 00636 } 00637 00638 if ( !NT_STATUS_IS_OK(samu_alloc_rid_unix(sam_pwent, pwd )) ) { 00639 fprintf(stderr, "Could not init sam from pw\n"); 00640 TALLOC_FREE(pwd); 00641 return -1; 00642 } 00643 00644 TALLOC_FREE(pwd); 00645 00646 pdb_set_plaintext_passwd (sam_pwent, machinename); 00647 pdb_set_username (sam_pwent, machineaccount, PDB_CHANGED); 00648 pdb_set_acct_ctrl (sam_pwent, ACB_WSTRUST, PDB_CHANGED); 00649 00650 if (NT_STATUS_IS_OK(in->add_sam_account (in, sam_pwent))) { 00651 print_user_info (in, machineaccount, True, False); 00652 } else { 00653 fprintf (stderr, "Unable to add machine! (does it already exist?)\n"); 00654 TALLOC_FREE(sam_pwent); 00655 return -1; 00656 } 00657 TALLOC_FREE(sam_pwent); 00658 return 0; 00659 }
static int delete_user_entry | ( | struct pdb_methods * | in, | |
const char * | username | |||
) | [static] |
参照先 pdb_methods::delete_sam_account・fprintf()・pdb_methods::getsampwnam・samu_new().
参照元 main().
00666 { 00667 struct samu *samaccount = NULL; 00668 00669 if ( (samaccount = samu_new( NULL )) == NULL ) { 00670 return -1; 00671 } 00672 00673 if (!NT_STATUS_IS_OK(in->getsampwnam(in, samaccount, username))) { 00674 fprintf (stderr, "user %s does not exist in the passdb\n", username); 00675 return -1; 00676 } 00677 00678 if (!NT_STATUS_IS_OK(in->delete_sam_account (in, samaccount))) { 00679 fprintf (stderr, "Unable to delete user %s\n", username); 00680 return -1; 00681 } 00682 return 0; 00683 }
static int delete_machine_entry | ( | struct pdb_methods * | in, | |
const char * | machinename | |||
) | [static] |
参照先 pdb_methods::delete_sam_account・fprintf()・pdb_methods::getsampwnam・name・samu_new().
参照元 main().
00690 { 00691 fstring name; 00692 struct samu *samaccount = NULL; 00693 00694 if (strlen(machinename) == 0) { 00695 fprintf(stderr, "No machine name given\n"); 00696 return -1; 00697 } 00698 00699 fstrcpy(name, machinename); 00700 name[15] = '\0'; 00701 if (name[strlen(name)-1] != '$') 00702 fstrcat (name, "$"); 00703 00704 if ( (samaccount = samu_new( NULL )) == NULL ) { 00705 return -1; 00706 } 00707 00708 if (!NT_STATUS_IS_OK(in->getsampwnam(in, samaccount, name))) { 00709 fprintf (stderr, "machine %s does not exist in the passdb\n", name); 00710 return -1; 00711 } 00712 00713 if (!NT_STATUS_IS_OK(in->delete_sam_account (in, samaccount))) { 00714 fprintf (stderr, "Unable to delete machine %s\n", name); 00715 return -1; 00716 } 00717 00718 return 0; 00719 }
int main | ( | int | argc, | |
char ** | argv | |||
) |
参照先 account_policy_get_desc()・account_policy_name_to_fieldnum()・account_policy_names_list()・samu::acct_desc・d_fprintf()・delete_machine_entry()・delete_user_entry()・dyn_CONFIGFILE・export_account_policies()・export_database()・export_groups()・fix_users_list()・fprintf()・samu::full_name・samu::home_dir・init_names()・initialize_password_db()・load_case_tables()・samu::logon_script・make_pdb_method_name()・new_machine()・new_user()・pdb_get_account_policy()・pdb_set_account_policy()・poptGetArg()・poptGetContext()・poptGetNextOpt()・poptPrintHelp()・print_user_info()・print_users_list()・printf()・samu::profile_path・reinit_account_policies()・set_user_info()・setup_logging()・status・user_name・samu::user_sid・verbose.
00726 { 00727 static BOOL list_users = False; 00728 static BOOL verbose = False; 00729 static BOOL spstyle = False; 00730 static BOOL machine = False; 00731 static BOOL add_user = False; 00732 static BOOL delete_user = False; 00733 static BOOL modify_user = False; 00734 uint32 setparms, checkparms; 00735 int opt; 00736 static char *full_name = NULL; 00737 static char *acct_desc = NULL; 00738 static const char *user_name = NULL; 00739 static char *home_dir = NULL; 00740 static char *home_drive = NULL; 00741 static char *backend = NULL; 00742 static char *backend_in = NULL; 00743 static char *backend_out = NULL; 00744 static BOOL transfer_groups = False; 00745 static BOOL transfer_account_policies = False; 00746 static BOOL reset_account_policies = False; 00747 static BOOL force_initialised_password = False; 00748 static char *logon_script = NULL; 00749 static char *profile_path = NULL; 00750 static char *user_domain = NULL; 00751 static char *account_control = NULL; 00752 static char *account_policy = NULL; 00753 static char *user_sid = NULL; 00754 static long int account_policy_value = 0; 00755 BOOL account_policy_value_set = False; 00756 static BOOL badpw_reset = False; 00757 static BOOL hours_reset = False; 00758 static char *pwd_time_format = NULL; 00759 static BOOL pw_from_stdin = False; 00760 struct pdb_methods *bin, *bout, *bdef; 00761 poptContext pc; 00762 struct poptOption long_options[] = { 00763 POPT_AUTOHELP 00764 {"list", 'L', POPT_ARG_NONE, &list_users, 0, "list all users", NULL}, 00765 {"verbose", 'v', POPT_ARG_NONE, &verbose, 0, "be verbose", NULL }, 00766 {"smbpasswd-style", 'w',POPT_ARG_NONE, &spstyle, 0, "give output in smbpasswd style", NULL}, 00767 {"user", 'u', POPT_ARG_STRING, &user_name, 0, "use username", "USER" }, 00768 {"account-desc", 'N', POPT_ARG_STRING, &acct_desc, 0, "set account description", NULL}, 00769 {"fullname", 'f', POPT_ARG_STRING, &full_name, 0, "set full name", NULL}, 00770 {"homedir", 'h', POPT_ARG_STRING, &home_dir, 0, "set home directory", NULL}, 00771 {"drive", 'D', POPT_ARG_STRING, &home_drive, 0, "set home drive", NULL}, 00772 {"script", 'S', POPT_ARG_STRING, &logon_script, 0, "set logon script", NULL}, 00773 {"profile", 'p', POPT_ARG_STRING, &profile_path, 0, "set profile path", NULL}, 00774 {"domain", 'I', POPT_ARG_STRING, &user_domain, 0, "set a users' domain", NULL}, 00775 {"user SID", 'U', POPT_ARG_STRING, &user_sid, 0, "set user SID or RID", NULL}, 00776 {"create", 'a', POPT_ARG_NONE, &add_user, 0, "create user", NULL}, 00777 {"modify", 'r', POPT_ARG_NONE, &modify_user, 0, "modify user", NULL}, 00778 {"machine", 'm', POPT_ARG_NONE, &machine, 0, "account is a machine account", NULL}, 00779 {"delete", 'x', POPT_ARG_NONE, &delete_user, 0, "delete user", NULL}, 00780 {"backend", 'b', POPT_ARG_STRING, &backend, 0, "use different passdb backend as default backend", NULL}, 00781 {"import", 'i', POPT_ARG_STRING, &backend_in, 0, "import user accounts from this backend", NULL}, 00782 {"export", 'e', POPT_ARG_STRING, &backend_out, 0, "export user accounts to this backend", NULL}, 00783 {"group", 'g', POPT_ARG_NONE, &transfer_groups, 0, "use -i and -e for groups", NULL}, 00784 {"policies", 'y', POPT_ARG_NONE, &transfer_account_policies, 0, "use -i and -e to move account policies between backends", NULL}, 00785 {"policies-reset", 0, POPT_ARG_NONE, &reset_account_policies, 0, "restore default policies", NULL}, 00786 {"account-policy", 'P', POPT_ARG_STRING, &account_policy, 0,"value of an account policy (like maximum password age)",NULL}, 00787 {"value", 'C', POPT_ARG_LONG, &account_policy_value, 'C',"set the account policy to this value", NULL}, 00788 {"account-control", 'c', POPT_ARG_STRING, &account_control, 0, "Values of account control", NULL}, 00789 {"force-initialized-passwords", 0, POPT_ARG_NONE, &force_initialised_password, 0, "Force initialization of corrupt password strings in a passdb backend", NULL}, 00790 {"bad-password-count-reset", 'z', POPT_ARG_NONE, &badpw_reset, 0, "reset bad password count", NULL}, 00791 {"logon-hours-reset", 'Z', POPT_ARG_NONE, &hours_reset, 0, "reset logon hours", NULL}, 00792 {"time-format", 0, POPT_ARG_STRING, &pwd_time_format, 0, "The time format for time parameters", NULL }, 00793 {"password-from-stdin", 't', POPT_ARG_NONE, &pw_from_stdin, 0, "get password from standard in", NULL}, 00794 POPT_COMMON_SAMBA 00795 POPT_TABLEEND 00796 }; 00797 00798 /* we shouldn't have silly checks like this */ 00799 if (getuid() != 0) { 00800 d_fprintf(stderr, "You must be root to use pdbedit\n"); 00801 return -1; 00802 } 00803 00804 bin = bout = bdef = NULL; 00805 00806 load_case_tables(); 00807 00808 setup_logging("pdbedit", True); 00809 00810 pc = poptGetContext(NULL, argc, (const char **) argv, long_options, 00811 POPT_CONTEXT_KEEP_FIRST); 00812 00813 while((opt = poptGetNextOpt(pc)) != -1) { 00814 switch (opt) { 00815 case 'C': 00816 account_policy_value_set = True; 00817 break; 00818 } 00819 } 00820 00821 poptGetArg(pc); /* Drop argv[0], the program name */ 00822 00823 if (user_name == NULL) 00824 user_name = poptGetArg(pc); 00825 00826 if (!lp_load(dyn_CONFIGFILE,True,False,False,True)) { 00827 fprintf(stderr, "Can't load %s - run testparm to debug it\n", dyn_CONFIGFILE); 00828 exit(1); 00829 } 00830 00831 if(!initialize_password_db(False)) 00832 exit(1); 00833 00834 if (!init_names()) 00835 exit(1); 00836 00837 setparms = (backend ? BIT_BACKEND : 0) + 00838 (verbose ? BIT_VERBOSE : 0) + 00839 (spstyle ? BIT_SPSTYLE : 0) + 00840 (full_name ? BIT_FULLNAME : 0) + 00841 (home_dir ? BIT_HOMEDIR : 0) + 00842 (home_drive ? BIT_HDIRDRIVE : 0) + 00843 (logon_script ? BIT_LOGSCRIPT : 0) + 00844 (profile_path ? BIT_PROFILE : 0) + 00845 (user_domain ? BIT_USERDOMAIN : 0) + 00846 (machine ? BIT_MACHINE : 0) + 00847 (user_name ? BIT_USER : 0) + 00848 (list_users ? BIT_LIST : 0) + 00849 (force_initialised_password ? BIT_FIX_INIT : 0) + 00850 (user_sid ? BIT_USERSIDS : 0) + 00851 (modify_user ? BIT_MODIFY : 0) + 00852 (add_user ? BIT_CREATE : 0) + 00853 (delete_user ? BIT_DELETE : 0) + 00854 (account_control ? BIT_ACCTCTRL : 0) + 00855 (account_policy ? BIT_ACCPOLICY : 0) + 00856 (account_policy_value_set ? BIT_ACCPOLVAL : 0) + 00857 (backend_in ? BIT_IMPORT : 0) + 00858 (backend_out ? BIT_EXPORT : 0) + 00859 (badpw_reset ? BIT_BADPWRESET : 0) + 00860 (hours_reset ? BIT_LOGONHOURS : 0); 00861 00862 if (setparms & BIT_BACKEND) { 00863 if (!NT_STATUS_IS_OK(make_pdb_method_name( &bdef, backend ))) { 00864 fprintf(stderr, "Can't initialize passdb backend.\n"); 00865 return 1; 00866 } 00867 } else { 00868 if (!NT_STATUS_IS_OK(make_pdb_method_name(&bdef, lp_passdb_backend()))) { 00869 fprintf(stderr, "Can't initialize passdb backend.\n"); 00870 return 1; 00871 } 00872 } 00873 00874 /* the lowest bit options are always accepted */ 00875 checkparms = setparms & ~MASK_ALWAYS_GOOD; 00876 00877 if (checkparms & BIT_FIX_INIT) { 00878 return fix_users_list(bdef); 00879 } 00880 00881 /* account policy operations */ 00882 if ((checkparms & BIT_ACCPOLICY) && !(checkparms & ~(BIT_ACCPOLICY + BIT_ACCPOLVAL))) { 00883 uint32 value; 00884 int field = account_policy_name_to_fieldnum(account_policy); 00885 if (field == 0) { 00886 const char **names; 00887 int count; 00888 int i; 00889 account_policy_names_list(&names, &count); 00890 fprintf(stderr, "No account policy by that name!\n"); 00891 if (count !=0) { 00892 fprintf(stderr, "Account policy names are:\n"); 00893 for (i = 0; i < count ; i++) { 00894 d_fprintf(stderr, "%s\n", names[i]); 00895 } 00896 } 00897 SAFE_FREE(names); 00898 exit(1); 00899 } 00900 if (!pdb_get_account_policy(field, &value)) { 00901 fprintf(stderr, "valid account policy, but unable to fetch value!\n"); 00902 if (!account_policy_value_set) 00903 exit(1); 00904 } 00905 printf("account policy \"%s\" description: %s\n", account_policy, account_policy_get_desc(field)); 00906 if (account_policy_value_set) { 00907 printf("account policy \"%s\" value was: %u\n", account_policy, value); 00908 if (!pdb_set_account_policy(field, account_policy_value)) { 00909 fprintf(stderr, "valid account policy, but unable to set value!\n"); 00910 exit(1); 00911 } 00912 printf("account policy \"%s\" value is now: %lu\n", account_policy, account_policy_value); 00913 exit(0); 00914 } else { 00915 printf("account policy \"%s\" value is: %u\n", account_policy, value); 00916 exit(0); 00917 } 00918 } 00919 00920 if (reset_account_policies) { 00921 if (!reinit_account_policies()) { 00922 exit(1); 00923 } 00924 00925 exit(0); 00926 } 00927 00928 /* import and export operations */ 00929 00930 if ( ((checkparms & BIT_IMPORT) 00931 || (checkparms & BIT_EXPORT)) 00932 && !(checkparms & ~(BIT_IMPORT +BIT_EXPORT +BIT_USER)) ) 00933 { 00934 NTSTATUS status; 00935 00936 bin = bout = bdef; 00937 00938 if (backend_in) { 00939 status = make_pdb_method_name(&bin, backend_in); 00940 00941 if ( !NT_STATUS_IS_OK(status) ) { 00942 fprintf(stderr, "Unable to initialize %s.\n", backend_in); 00943 return 1; 00944 } 00945 } 00946 00947 if (backend_out) { 00948 status = make_pdb_method_name(&bout, backend_out); 00949 00950 if ( !NT_STATUS_IS_OK(status) ) { 00951 fprintf(stderr, "Unable to initialize %s.\n", backend_out); 00952 return 1; 00953 } 00954 } 00955 00956 if (transfer_account_policies) { 00957 00958 if (!(checkparms & BIT_USER)) 00959 return export_account_policies(bin, bout); 00960 00961 } else if (transfer_groups) { 00962 00963 if (!(checkparms & BIT_USER)) 00964 return export_groups(bin, bout); 00965 00966 } else { 00967 return export_database(bin, bout, 00968 (checkparms & BIT_USER) ? user_name : NULL ); 00969 } 00970 } 00971 00972 /* if BIT_USER is defined but nothing else then threat it as -l -u for compatibility */ 00973 /* fake up BIT_LIST if only BIT_USER is defined */ 00974 if ((checkparms & BIT_USER) && !(checkparms & ~BIT_USER)) { 00975 checkparms += BIT_LIST; 00976 } 00977 00978 /* modify flag is optional to maintain backwards compatibility */ 00979 /* fake up BIT_MODIFY if BIT_USER and at least one of MASK_USER_GOOD is defined */ 00980 if (!((checkparms & ~MASK_USER_GOOD) & ~BIT_USER) && (checkparms & MASK_USER_GOOD)) { 00981 checkparms += BIT_MODIFY; 00982 } 00983 00984 /* list users operations */ 00985 if (checkparms & BIT_LIST) { 00986 if (!(checkparms & ~BIT_LIST)) { 00987 return print_users_list (bdef, verbose, spstyle); 00988 } 00989 if (!(checkparms & ~(BIT_USER + BIT_LIST))) { 00990 return print_user_info (bdef, user_name, verbose, spstyle); 00991 } 00992 } 00993 00994 /* mask out users options */ 00995 checkparms &= ~MASK_USER_GOOD; 00996 00997 /* if bad password count is reset, we must be modifying */ 00998 if (checkparms & BIT_BADPWRESET) { 00999 checkparms |= BIT_MODIFY; 01000 checkparms &= ~BIT_BADPWRESET; 01001 } 01002 01003 /* if logon hours is reset, must modify */ 01004 if (checkparms & BIT_LOGONHOURS) { 01005 checkparms |= BIT_MODIFY; 01006 checkparms &= ~BIT_LOGONHOURS; 01007 } 01008 01009 /* account operation */ 01010 if ((checkparms & BIT_CREATE) || (checkparms & BIT_MODIFY) || (checkparms & BIT_DELETE)) { 01011 /* check use of -u option */ 01012 if (!(checkparms & BIT_USER)) { 01013 fprintf (stderr, "Username not specified! (use -u option)\n"); 01014 return -1; 01015 } 01016 01017 /* account creation operations */ 01018 if (!(checkparms & ~(BIT_CREATE + BIT_USER + BIT_MACHINE))) { 01019 if (checkparms & BIT_MACHINE) { 01020 return new_machine (bdef, user_name); 01021 } else { 01022 return new_user (bdef, user_name, full_name, home_dir, 01023 home_drive, logon_script, profile_path, user_sid, pw_from_stdin); 01024 } 01025 } 01026 01027 /* account deletion operations */ 01028 if (!(checkparms & ~(BIT_DELETE + BIT_USER + BIT_MACHINE))) { 01029 if (checkparms & BIT_MACHINE) { 01030 return delete_machine_entry (bdef, user_name); 01031 } else { 01032 return delete_user_entry (bdef, user_name); 01033 } 01034 } 01035 01036 /* account modification operations */ 01037 if (!(checkparms & ~(BIT_MODIFY + BIT_USER))) { 01038 return set_user_info (bdef, user_name, full_name, home_dir, 01039 acct_desc, home_drive, logon_script, profile_path, account_control, 01040 user_sid, user_domain, badpw_reset, hours_reset); 01041 } 01042 } 01043 01044 if (setparms >= 0x20) { 01045 fprintf (stderr, "Incompatible or insufficient options on command line!\n"); 01046 } 01047 poptPrintHelp(pc, stderr, 0); 01048 01049 return 1; 01050 }