summaryrefslogtreecommitdiffstats
path: root/source/utils/smbpasswd.c
Commit message (Collapse)AuthorAgeFilesLines
* Mimir has been busy with patches again, and sent in the followingAndrew Bartlett2002-07-261-2/+4
| | | | | | | | | | | | | | | | | | | | | | | | | patches: Andrew Bartlett From his e-mail: Below I attach the following patches as a result of my work on trusted domains support: 1) srv_samr_nt.c.diff This fixes a bug which caused to return null string as the first entry of enumerated accounts list (no matter what entry, it was always null string and rid) and possibly spoiled further names, depeding on their length. I found that while testing my 'net rpc trustdom list' against nt servers and samba server. 2) libsmb.diff Now, fallback to anonymous connection works correctly. 3) smbpasswd.c.diff Just a little fix which actually allows one to create a trusting domain account using smbpasswd 4) typos.diff As the name suggests, it's just a few typos fix :)
* Add a bit more const, and kill of (finally!) sys_getpwnam and sys_getpwuid.Andrew Bartlett2002-05-221-2/+4
| | | | | | | | | | | | | | These might be reimplmented as simple pass-through functions, but all users really should be doing 'getpwnam_alloc' or 'getpwuid_alloc' to ensure that there are not shared static buffers. I don't beleive we actually need a getpw*() cache inside samba - if we do then I think we should look at our code design first. (some of these changes are for platforms I don't have access to, but they look sane) Andrew Bartlett
* Make smbpasswd at least slightly sane. This kills off some of theAndrew Bartlett2002-05-181-43/+43
| | | | | | | | | | | | | silly global variables, and makes it come closer to a clean compile. I'm still not convinced what was wrong with the previous code, at least it didn't cause a gush of warnings... In any case, we now don't need to spegetti code gotos etc. This should really be redone with popt. Andrew Bartlett
* Make --with-ldapsam 'go away'. This is now a standard, stable, featureAndrew Bartlett2002-05-171-13/+0
| | | | | and there is no real reason for it to depend on more than the abilty to compile the code.
* reorder useage message a little. -L is not a root-only or local mode option.Herb Lewis2002-04-031-7/+8
|
* readd -c config file change from 2.2 - works with -L mode now as well.Herb Lewis2002-04-021-180/+178
|
* reverted Herbs smbpasswd commit as it completely broke setting aAndrew Tridgell2002-04-011-178/+181
| | | | password
* merge from 2.2 - allow -c option to specify smb.conf fileHerb Lewis2002-03-301-181/+178
|
* merge from 2.2 - don't check local passdb if -r option usedHerb Lewis2002-03-271-1/+3
|
* Removed version number from file header.Tim Potter2002-01-301-1/+1
| | | | Changed "SMB/Netbios" to "SMB/CIFS" in file header.
* This is another *BIG* change...Andrew Bartlett2002-01-201-5/+0
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Samba now features a pluggable passdb interface, along the same lines as the one in use in the auth subsystem. In this case, only one backend may be active at a time by the 'normal' interface, and only one backend per passdb_context is permitted outside that. This pluggable interface is designed to allow any number of passdb backends to be compiled in, with the selection at runtime. The 'passdb backend' paramater has been created (and documented!) to support this. As such, configure has been modfied to allow (for example) --with-ldap and the old smbpasswd to be selected at the same time. This patch also introduces two new backends: smbpasswd_nua and tdbsam_nua. These two backends accept 'non unix accounts', where the user does *not* exist in /etc/passwd. These accounts' don't have UIDs in the unix sense, but to avoid conflicts in the algroitmic mapping of RIDs, they use the values specified in the 'non unix account range' paramter - in the same way as the winbind ranges are specifed. While I was at it, I cleaned up some of the code in pdb_tdb (code copied directly from smbpasswd and not really considered properly). Most of this was to do with % macro expansion on stored data. It isn't easy to get the macros into the tdb, and the first password change will 'expand' them. tdbsam needs to use a similar system to pdb_ldap in this regard. This patch only makes minor adjustments to pdb_nisplus and pdb_ldap, becouse I don't have the test facilities for these. I plan to incoroprate at least pdb_ldap into this scheme after consultation with Jerry. Each (converted) passdb module now no longer has any 'static' variables, and only exports 1 init function outside its .c file. The non-unix-account support in this patch has been proven! It is now possible to join a win2k machine to a Samba PDC without an account in /etc/passwd! Other changes: Minor interface adjustments: pdb_delete_sam_account() now takes a SAM_ACCOUNT, not a char*. pdb_update_sam_account() no longer takes the 'override' argument that was being ignored so often (every other passdb backend). Extra checks have been added in some places. Minor code changes: smbpasswd no longer attempts to initialise the passdb at startup, this is now done on first use. pdbedit has lost some of its 'machine account' logic, as this behaviour is now controlled by the passdb subsystem directly. The samr subsystem no longer calls 'local password change', but does the pdb interactions directly. This allow the ACB_ flags specifed to be transferred direct to the backend, without interference. Doco: I've updated the doco to reflect some of the changes, and removed some paramters no longer applicable to HEAD.
* merge changes from 2.2 branch to prevent smb.conf from changing debug levelHerb Lewis2002-01-071-0/+3
| | | | of commands when specified on command line.
* sync getopt() args with 2.2Gerald Carter2002-01-071-1/+1
|
* Rafal (mimir) patch for trusts r.Jean-François Micouleau2001-12-141-1/+21
|
* update the ldap support code. it compiles.Jean-François Micouleau2001-12-131-1/+41
| | | | | | | | Ignacio you can update your howto ;-) samsync: a small patch to try chaning challenges. J.F.
* OK. Smbpasswd -j is DEAD.Andrew Bartlett2001-12-051-139/+40
| | | | | | | | | | | | | | | | | | | This moves the rest of the functionality into the 'net rpc join' code. Futhermore, this moves that entire area over to the libsmb codebase, rather than the crufty old rpc_client stuff. I have also fixed up the smbpasswd -a -m bug in the process. We also have a new 'net rpc changetrustpw' that can be called from a cron-job to regularly change the trust account password, for sites that run winbind but not smbd. With a little more work, we can kill rpc_client from smbd entirly! (It is mostly the domain auth stuff - which I can rework - and the spoolss stuff that sombody else will need to look over). Andrew Bartlett
* moved init_account_policy() to the right placeAndrew Tridgell2001-12-041-2/+0
|
* smbpasswd is *ugly*!Andrew Bartlett2001-12-041-0/+2
| | | | | | | | However this looks like the best spot to init the account policy db... (fix segfaults on all local smbpasswd ops) Andrew Bartlett
* Add 'net rpc join' to match the ADS equiv.Andrew Bartlett2001-12-041-294/+3
| | | | | | | | | | | | | | | | This kills off the offending code in smbpasswd -j -Uab%c In the process we have changed from unsing compelatly random passwords to random, 15 char ascii strings. While this does produce a decrese in entropy, it is still vastly greater than we need, considering the application. In the meantime this allows us to actually *type* the machine account password duruign debugging. This code also adds a 'check' step to the join, confirming that the stored password does indeed do somthing of value :-) Andrew Bartlett
* Removed TimeInit() call from every client program (except for one placeTim Potter2001-11-231-2/+0
| | | | | in smbd/process.c where the timezone is reinitialised. Was replaced with check for a static is_initialised boolean.
* Rename xmalloc, xmemdup, xstrdup to smb_$1 to avoid conflicts with theMartin Pool2001-11-201-8/+8
| | | | versions defined by libreadline on SCO (!).
* Make the smbpasswd options/usage message a little less bizarre: it nowMartin Pool2001-11-191-22/+20
| | | | | shows all the available options, but explains that you must be root to use them. Surely this is less confusing?
* Store some path names in global variables initialized to configureMartin Pool2001-11-191-4/+2
| | | | default, rather than in preprocessor macros.
* Parionia to ensure people don't install libsmb based programs setuid root.Andrew Bartlett2001-10-311-1/+1
| | | | | | | libsmb has not been written to be setuid, with things like LIBSMB_PROG allowing all sort of fun and games. Andrew Bartlett
* Fix up smbpasswd -e/-d so that it doesn't change the password under you anyAndrew Bartlett2001-10-301-11/+13
| | | | | | | | | | | | | more. (Previously it set them to 'XXXX' or similar when only the flags were being changed - a bug I must have introduced when I reworked the passdb end of things a few weeks back.) Adds a new local flag: LOCAL_SET_PASSWORD to specify that the password is actually to be changed. Andrew Bartlett
* Added xstrdup, removed static version from smbpasswd.cJeremy Allison2001-10-221-14/+0
| | | | Jeremy.
* Removed 'extern int DEBUGLEVEL' as it is now in the smb.h header.Tim Potter2001-10-021-1/+0
|
* Fix up a number of intertwined issues:Andrew Bartlett2001-09-291-4/+4
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | The big one is a global change to allow us to NULLify the free'ed pointer to a former passdb object. This was done to allow idra's SAFE_FREE() macro to do its magic, and to satisfy the input test in pdb_init_sam() for a NULL pointer to start with. This NULL pointer test was what was breaking the adding of accounts up until now, and this code has been reworked to avoid duplicating work - I hope this will avoid a similar mess-up in future. Finally, I fixed a few nasty bugs where the pdb_ fuctions's return codes were being ignored. Some of these functions malloc() and are permitted to fail. Also, this caught a nasty bug where pdb_set_lanman_password(sam, NULL) acheived precisely didilly-squat, just returning False. Now that we check the returns this bug was spotted. This could allow different LM and NT passwords. - the pdbedit code needs to start checking these too, but I havn't had a chance to fix it. I have also fixed up where some of the password changing code was using the pdb_set functions to store *internal* data. I assume this is from a previous lot of mass conversion work... Most likally (and going on past experience) I have missed somthing, probably in the LanMan password change code which I havn't yet been able to test, but this lot is in much better shape than it was before. If all this is too much to swallow (particularly for 2.2.2) then just adding a sam_pass = NULL to the particular line of passdb.c should do the trick for the ovbious bug. Andrew Bartlett
* move to SAFE_FREE()Simo Sorce2001-09-171-6/+6
|
* Fixed problems with arg parsing as root with smbpasswd.Jeremy Allison2001-09-121-8/+11
| | | | Jeremy.
* the next stage in the NTSTATUS/WERROR change. smbd and nmbd now compile, but ↵Andrew Tridgell2001-09-041-5/+5
| | | | the client code still needs some work
* Set acb_info to ACB_SVRTRUST if we are joining the domain as a BDC withoutTim Potter2001-08-311-2/+6
| | | | going through the server manager.
* merge from 2.2Gerald Carter2001-08-301-0/+3
|
* Fix uninitialised variables. Spotted by "Esh, Andrew" <AEsh@tricord.com>Tim Potter2001-08-291-0/+3
|
* converted another bunch of stuff to NTSTATUSAndrew Tridgell2001-08-271-3/+3
|
* get rid of compiler warningsHerb Lewis2001-08-241-3/+3
|
* Allow smbpasswd to join a W2K hosted AD domain.Jeremy Allison2001-08-021-3/+10
| | | | Jeremy.
* Held a shoot-out between NT_STATUS_NO_PROBLEMO and NT_STATUS_NOPROBLEMO.Tim Potter2001-07-251-2/+2
| | | | | | According to the incorruptible judges find and grep, the latter won. Mmm - procrastination. (-:
* Don't try and open tdb secrets file in non-root/local mode.Jeremy Allison2001-07-061-2/+1
| | | | Jeremy.
* strchr and strrchr are macros when compiling with optimisation in gcc, so we ↵Andrew Tridgell2001-07-041-3/+3
| | | | can't redefine them. damn.
* The big character set handling changeover!Andrew Tridgell2001-07-041-4/+0
| | | | | | | This commit gets rid of all our old codepage handling and replaces it with iconv. All internal strings in Samba are now in "unix" charset, which may be multi-byte. See internals.doc and my posting to samba-technical for a more complete explanation.
* Experimental support for joining a domain without creating an account inTim Potter2001-06-291-23/+344
| | | | | | | | | | server manager first. Just use the -U parameter to smbpasswd when joining the domain: smbpasswd -r PDC -j DOMAIN -U administrator%password Should also work with domain users with the 'add workstation to domain' user right.
* added a -L option to smbpasswd to force it to run locally so we can test ↵Andrew Tridgell2001-06-251-3/+17
| | | | smbpasswd as non-root
* Patch from Simo:Gerald Carter2001-05-071-2/+2
| | | | | | o sed 's/pdb_clear_sam/pdb_free_sam/g' o add pdb_reset_sam() o password changing should be ok now as well.
* Big cleanup of passdb and backends.Jean-François Micouleau2001-05-041-5/+16
| | | | | | | I did some basic tests but I have probably broken something. Notably the password changing. So don't cry ;-) J.F.
* fix typoHerb Lewis2001-04-241-1/+1
|
* don't allow both add and delete user to be set at the same timeHerb Lewis2001-04-241-1/+4
|
* Merge of new 2.2 code into HEAD (Gerald I hate you :-) :-). Allows new SAMRJeremy Allison2001-03-111-12/+7
| | | | | | RPC code to merge with new passdb code. Currently rpcclient doesn't compile. I'm working on it... Jeremy.
* fixed a crash bug in smbpasswdAndrew Tridgell2001-02-211-1/+0
| | | | (the user can come from optarg, so we can't free it)
* Changes from APPLIANCE_HEAD:David O'Neill2001-01-111-2/+9
| | | | | | | | source/lib/smbpasswd.c - Only call load_interfaces() when doing a network related operation. This means you can add, remove, enable or disable smbpasswd entries without a network. Changing passwords always requires a network.
generated by cgit (git 2.34.1) at 2025-09-26 17:39:40 +0000