return 0;
}
+/*
+ * Create a local group
+ */
+
+static int net_sam_createbuiltingroup(int argc, const char **argv)
+{
+ NTSTATUS status;
+ uint32 rid;
+ enum SID_NAME_USE type;
+ fstring groupname;
+ DOM_SID sid;
+
+ if (argc != 1) {
+ d_fprintf(stderr, "usage: net sam createbuiltingroup <name>\n");
+ return -1;
+ }
+
+ if (!winbind_ping()) {
+ d_fprintf(stderr, "winbind seems not to run. createlocalgroup "
+ "only works when winbind runs.\n");
+ return -1;
+ }
+
+ /* validate the name and get the group */
+
+ fstrcpy( groupname, "BUILTIN\\" );
+ fstrcat( groupname, argv[0] );
+
+ if ( !lookup_name(tmp_talloc_ctx(), groupname, LOOKUP_NAME_ALL, NULL,
+ NULL, &sid, &type)) {
+ d_fprintf(stderr, "%s is not a BUILTIN group\n", argv[0]);
+ return -1;
+ }
+
+ if ( !sid_peek_rid( &sid, &rid ) ) {
+ d_fprintf(stderr, "Failed to get RID for %s\n", argv[0]);
+ return -1;
+ }
+
+ status = pdb_create_builtin_alias( rid );
+
+ if (!NT_STATUS_IS_OK(status)) {
+ d_fprintf(stderr, "Creating %s failed with %s\n",
+ argv[0], nt_errstr(status));
+ return -1;
+ }
+
+ d_printf("Created BUILTIN group %s with RID %d\n", argv[0], rid);
+
+ return 0;
+}
+
/*
* Add a group member
*/
return -1;
}
+ /* check to see if the member to be added is a name or a SID */
+
if (!lookup_name(tmp_talloc_ctx(), argv[1], LOOKUP_NAME_ISOLATED,
- &memberdomain, &membername, &member, &membertype)) {
- d_fprintf(stderr, "Could not find member %s\n", argv[1]);
- return -1;
+ &memberdomain, &membername, &member, &membertype))
+ {
+ /* try it as a SID */
+
+ if ( !string_to_sid( &member, argv[1] ) ) {
+ d_fprintf(stderr, "Could not find member %s\n", argv[1]);
+ return -1;
+ }
+
+ if ( !lookup_sid(tmp_talloc_ctx(), &member, &memberdomain,
+ &membername, &membertype) )
+ {
+ d_fprintf(stderr, "Could not resolve SID %s\n", argv[1]);
+ return -1;
+ }
}
if ((grouptype == SID_NAME_ALIAS) || (grouptype == SID_NAME_WKN_GRP)) {
return -1;
}
- d_printf("Added %s\\%s to %s\\%s\n",
- memberdomain, membername, groupdomain, groupname);
+ d_printf("Added %s\\%s to %s\\%s\n", memberdomain, membername,
+ groupdomain, groupname);
return 0;
}
return -1;
}
- d_printf("%s\\%s has %d members\n", groupdomain, groupname,
- num_members);
+ d_printf("%s\\%s has %u members\n", groupdomain, groupname,
+ (unsigned int)num_members);
for (i=0; i<num_members; i++) {
const char *dom, *name;
if (lookup_sid(tmp_talloc_ctx(), &members[i],
return 0;
}
+#ifdef HAVE_LDAP
+
/*
* Init an LDAP tree with default users and Groups
* if ldapsam:editposix is enabled
return -1;
}
- ldap_bk = talloc_strdup(tc, lp_passdb_backend());
+ if ((ldap_bk = talloc_strdup(tc, lp_passdb_backend())) == NULL) {
+ d_fprintf(stderr, "talloc failed\n");
+ talloc_free(tc);
+ return -1;
+ }
p = strchr(ldap_bk, ':');
if (p) {
*p = 0;
d_fprintf(stderr, "Can't create Guest user, Domain Users group not available!\n");
goto done;
}
- pwd = talloc(tc, struct passwd);
+ if ((pwd = talloc(tc, struct passwd)) == NULL) {
+ d_fprintf(stderr, "talloc failed\n");
+ goto done;
+ }
pwd->pw_name = talloc_strdup(pwd, lp_guestaccount());
if (!winbind_allocate_uid(&(pwd->pw_uid))) {
d_fprintf(stderr, "Unable to allocate a new uid to create the Guest user!\n");
return -1;
}
+#endif
+
/***********************************************************
migrated functionality from smbgroupedit
**********************************************************/
int net_sam(int argc, const char **argv)
{
struct functable2 func[] = {
+ { "createbuiltingroup", net_sam_createbuiltingroup,
+ "Create a new BUILTIN group" },
{ "createlocalgroup", net_sam_createlocalgroup,
"Create a new local group" },
{ "mapunixgroup", net_sam_mapunixgroup,
"Show details of a SAM entry" },
{ "set", net_sam_set,
"Set details of a SAM account" },
+#ifdef HAVE_LDAP
{ "provision", net_sam_provision,
"Provision a clean User Database" },
+#endif
{ NULL, NULL, NULL }
};