git.samba.org - ira/wip.git/commit - source3/utils/net

author	Jim McDonough <jmcd@samba.org>
	Fri, 19 Jun 2009 17:46:07 +0000 (13:46 -0400)
committer	Jim McDonough <jmcd@samba.org>
	Fri, 19 Jun 2009 17:46:07 +0000 (13:46 -0400)
commit	7930f15f5dce0dd72b354f903a758b03988371b8
tree	b3405ea2ccb64b92fad2854cecb5698c517d2fe1	tree
parent	0524d24fb217813e4939b299b1fabe9a54b4216e	commit \| diff

Don't require "Modify property" perms to unjoin bug #6481)
"net ads leave" stopped working when "modify properties"
permissions were not granted (meaning you had to be allowed
to disable the account that you were about to delete).

Libnetapi should not delete machine accounts, as this does not
happen on win32.  The WKSSVC_JOIN_FLAGS_ACCOUNT_DELETE flag
really means "disable" (both in practice and docs).

However, to keep the functionality in "net ads leave", we
will still try to do the delete.  If this fails, we try
to do the disable.

Additionally, it is possible in windows to not disable or
delete the account, but just tell the local machine that it
is no longer in the account.  libnet can now do this as well.

source3/lib/netapi/joindomain.c		diff \| blob \| history
source3/libnet/libnet_join.c		diff \| blob \| history
source3/librpc/gen_ndr/libnet_join.h		diff \| blob \| history
source3/librpc/gen_ndr/ndr_libnet_join.c		diff \| blob \| history
source3/librpc/idl/libnet_join.idl		diff \| blob \| history
source3/utils/net_ads.c		diff \| blob \| history