From: Amitay Isaacs <amitay@gmail.com>
Date: Fri, 19 Aug 2011 05:53:28 +0000 (+1000)
Subject: s3_upgrade: Set the administrator password on upgrade
X-Git-Tag: samba-4.0.0alpha17~511
X-Git-Url: http://git.samba.org/?p=amitay%2Fsamba.git;a=commitdiff_plain;h=2ecb5003eba410d1287c81d9392aa39322b7d215

s3_upgrade: Set the administrator password on upgrade

In the upgrade process, set the administrator password from the
existing root or administrator account.

Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
---

diff --git a/source4/scripting/python/samba/upgrade.py b/source4/scripting/python/samba/upgrade.py
index ed13d101e99..579c9e6f117 100644
--- a/source4/scripting/python/samba/upgrade.py
+++ b/source4/scripting/python/samba/upgrade.py
@@ -261,7 +261,7 @@ def add_group_from_mapping_entry(samdb, groupmap, logger):
             raise(e)
 
 
-def add_users_to_group(samdb, group, members):
+def add_users_to_group(samdb, group, members, logger):
     """Add user/member to group/alias"""
 
     for member_sid in members:
@@ -583,6 +583,7 @@ def upgrade_from_samba3(samba3, logger, session_info, smbconf, targetdir):
     userlist = old_passdb.search_users(0)
     userdata = {}
     uids = {}
+    admin_user = None
     for entry in userlist:
         if machinerid and machinerid == entry['rid']:
             continue
@@ -602,6 +603,12 @@ def upgrade_from_samba3(samba3, logger, session_info, smbconf, targetdir):
             except:
                 pass
 
+        if not admin_user and username.lower() == 'root':
+            admin_user = username
+        if username.lower() == 'administrator':
+            admin_user = username
+
+
     logger.info("Next rid = %d", next_rid)
 
     # Do full provision
@@ -646,6 +653,19 @@ def upgrade_from_samba3(samba3, logger, session_info, smbconf, targetdir):
     logger.info("Adding users to groups")
     for g in grouplist:
         if g.nt_name in groupmembers:
-            add_users_to_group(result.samdb, g, groupmembers[g.nt_name])
+            add_users_to_group(result.samdb, g, groupmembers[g.nt_name], logger)
+
+    # Set password for administrator
+    if admin_user:
+        logger.info("Setting password for administrator")
+        admin_userdata = new_passdb.getsampwnam("administrator")
+        admin_userdata.nt_passwd = userdata[admin_user].nt_passwd
+        if userdata[admin_user].lanman_passwd:
+            admin_userdata.lanman_passwd = userdata[admin_user].lanman_passwd
+        admin_userdata.pass_last_set_time = userdata[admin_user].pass_last_set_time
+        if userdata[admin_user].pw_history:
+            admin_userdata.pw_history = userdata[admin_user].pw_history
+        new_passdb.update_sam_account(admin_userdata)
+        logger.info("Administrator password has been set to password of user '%s'", admin_user)
 
     # FIXME: import_registry(registry.Registry(), samba3.get_registry())