r17554: Cleanup

[bbaumbach/samba-autobuild/.git] / source3 / utils / net_sam.c

diff --git a/source3/utils/net_sam.c b/source3/utils/net_sam.c
index 9c8d72b42f0792221dd94f9455ed1114414625fe..654c9ec5b2a3c4fee8c0f9ef18958f8dd0ec5a18 100644 (file)
--- a/source3/utils/net_sam.c
+++ b/source3/utils/net_sam.c
@@ -454,6 +454,58 @@ static int net_sam_createlocalgroup(int argc, const char **argv)
        return 0;
 }
 
+/*
+ * Create a local group
+ */
+
+static int net_sam_createbuiltingroup(int argc, const char **argv)
+{
+       NTSTATUS status;
+       uint32 rid;
+       enum SID_NAME_USE type;
+       fstring groupname;
+       DOM_SID sid;
+
+       if (argc != 1) {
+               d_fprintf(stderr, "usage: net sam createbuiltingroup <name>\n");
+               return -1;
+       }
+
+       if (!winbind_ping()) {
+               d_fprintf(stderr, "winbind seems not to run. createlocalgroup "
+                         "only works when winbind runs.\n");
+               return -1;
+       }
+
+       /* validate the name and get the group */
+       
+       fstrcpy( groupname, "BUILTIN\\" );
+       fstrcat( groupname, argv[0] );
+       
+       if ( !lookup_name(tmp_talloc_ctx(), groupname, LOOKUP_NAME_ALL, NULL,
+                         NULL, &sid, &type)) {
+               d_fprintf(stderr, "%s is not a BUILTIN group\n", argv[0]);
+               return -1;
+       }
+       
+       if ( !sid_peek_rid( &sid, &rid ) ) {
+               d_fprintf(stderr, "Failed to get RID for %s\n", argv[0]);
+               return -1;
+       }
+
+       status = pdb_create_builtin_alias( rid );
+
+       if (!NT_STATUS_IS_OK(status)) {
+               d_fprintf(stderr, "Creating %s failed with %s\n",
+                         argv[0], nt_errstr(status));
+               return -1;
+       }
+
+       d_printf("Created BUILTIN group %s with RID %d\n", argv[0], rid);
+
+       return 0;
+}
+
 /*
  * Add a group member
  */
@@ -476,10 +528,24 @@ static int net_sam_addmem(int argc, const char **argv)
                return -1;
        }
 
+       /* check to see if the member to be added is a name or a SID */
+
        if (!lookup_name(tmp_talloc_ctx(), argv[1], LOOKUP_NAME_ISOLATED,
-                        &memberdomain, &membername, &member, &membertype)) {
-               d_fprintf(stderr, "Could not find member %s\n", argv[1]);
-               return -1;
+                        &memberdomain, &membername, &member, &membertype))
+       {
+               /* try it as a SID */
+
+               if ( !string_to_sid( &member, argv[1] ) ) {
+                       d_fprintf(stderr, "Could not find member %s\n", argv[1]);
+                       return -1;
+               }
+
+               if ( !lookup_sid(tmp_talloc_ctx(), &member, &memberdomain, 
+                       &membername, &membertype) ) 
+               {
+                       d_fprintf(stderr, "Could not resolve SID %s\n", argv[1]);
+                       return -1;
+               }
        }
 
        if ((grouptype == SID_NAME_ALIAS) || (grouptype == SID_NAME_WKN_GRP)) {
@@ -505,8 +571,8 @@ static int net_sam_addmem(int argc, const char **argv)
                return -1;
        }
 
-       d_printf("Added %s\\%s to %s\\%s\n",
-                memberdomain, membername, groupdomain, groupname);
+       d_printf("Added %s\\%s to %s\\%s\n", memberdomain, membername, 
+               groupdomain, groupname);
 
        return 0;
 }
@@ -606,8 +672,8 @@ static int net_sam_listmem(int argc, const char **argv)
                        return -1;
                }
 
-               d_printf("%s\\%s has %d members\n", groupdomain, groupname,
-                        num_members);
+               d_printf("%s\\%s has %u members\n", groupdomain, groupname,
+                        (unsigned int)num_members);
                for (i=0; i<num_members; i++) {
                        const char *dom, *name;
                        if (lookup_sid(tmp_talloc_ctx(), &members[i],
@@ -747,6 +813,8 @@ static int net_sam_show(int argc, const char **argv)
        return 0;
 }
 
+#ifdef HAVE_LDAP
+
 /*
  * Init an LDAP tree with default users and Groups
  * if ldapsam:editposix is enabled
@@ -772,7 +840,11 @@ static int net_sam_provision(int argc, const char **argv)
                return -1;
        }
 
-       ldap_bk = talloc_strdup(tc, lp_passdb_backend());
+       if ((ldap_bk = talloc_strdup(tc, lp_passdb_backend())) == NULL) {
+               d_fprintf(stderr, "talloc failed\n");
+               talloc_free(tc);
+               return -1;
+       }
        p = strchr(ldap_bk, ':');
        if (p) {
                *p = 0;
@@ -1013,7 +1085,10 @@ doma_done:
                                d_fprintf(stderr, "Can't create Guest user, Domain Users group not available!\n");
                                goto done;
                        }
-                       pwd = talloc(tc, struct passwd);
+                       if ((pwd = talloc(tc, struct passwd)) == NULL) {
+                               d_fprintf(stderr, "talloc failed\n");
+                               goto done;
+                       }
                        pwd->pw_name = talloc_strdup(pwd, lp_guestaccount());
                        if (!winbind_allocate_uid(&(pwd->pw_uid))) {
                                d_fprintf(stderr, "Unable to allocate a new uid to create the Guest user!\n");
@@ -1131,12 +1206,16 @@ failed:
        return -1;
 }
 
+#endif
+
 /***********************************************************
  migrated functionality from smbgroupedit
  **********************************************************/
 int net_sam(int argc, const char **argv)
 {
        struct functable2 func[] = {
+               { "createbuiltingroup", net_sam_createbuiltingroup,
+                 "Create a new BUILTIN group" },
                { "createlocalgroup", net_sam_createlocalgroup,
                  "Create a new local group" },
                { "mapunixgroup", net_sam_mapunixgroup,
@@ -1153,8 +1232,10 @@ int net_sam(int argc, const char **argv)
                  "Show details of a SAM entry" },
                { "set", net_sam_set,
                  "Set details of a SAM account" },
+#ifdef HAVE_LDAP
                { "provision", net_sam_provision,
                  "Provision a clean User Database" },
+#endif
                { NULL, NULL, NULL }
        };