#define ACB_SVRTRUST 0x0100 /* 1 = Server trust account */
#define ACB_PWNOEXP 0x0200 /* 1 = User password does not expire */
#define ACB_AUTOLOCK 0x0400 /* 1 = Account auto locked */
+#define ACB_PWLOCK 0x0800 /* 1 = Password is locked and connot be changed remotely */
#define MAX_HOURS_LEN 32
if (acct_ctrl & ACB_AUTOLOCK ) acct_str[i++] = 'L';
if (acct_ctrl & ACB_PWNOEXP ) acct_str[i++] = 'X';
if (acct_ctrl & ACB_DOMTRUST ) acct_str[i++] = 'I';
+ if (acct_ctrl & ACB_PWLOCK ) acct_str[i++] = 'P';
for ( ; i < length - 2 ; i++ )
{
case 'L': { acct_ctrl |= ACB_AUTOLOCK ; break; /* 'L'ocked account. */ }
case 'X': { acct_ctrl |= ACB_PWNOEXP ; break; /* No 'X'piry on password */ }
case 'I': { acct_ctrl |= ACB_DOMTRUST ; break; /* 'I'nterdomain trust account. */ }
+ case 'P': { acct_ctrl |= ACB_PWLOCK ; break; /* 'P'assword cannot be changed remotely */ }
case ' ': { break; }
case ':':
case '\n':
&sampw,
new_passwd, sizeof(new_passwd));
+ /* now we check to see if we are actually allowed to change the
+ password. */
+
+ if (ret && (sampw->acct_ctrl & ACB_PWLOCK))
+ {
+ ret = False;
+ }
+
/*
* At this point we have the new case-sensitive plaintext
* password in the fstring new_passwd. If we wanted to synchronise
printf(" -n set no password\n");
printf(" -m workstation trust account\n");
printf(" -i inter-domain trust account\n");
+ printf(" -p user cannot change password\n");
+ printf(" -x user can change password\n");
}
+
exit(1);
}
BOOL enable_user = False;
BOOL set_no_password = False;
BOOL stdin_passwd_get = False;
+ BOOL lock_password = False;
+ BOOL unlock_password = False;
char *user_name = NULL;
char *new_domain = NULL;
char *new_passwd = NULL;
char *old_passwd = NULL;
char *remote_machine = NULL;
- while ((ch = getopt(argc, argv, "adehimnj:r:sR:D:U:")) != EOF)
+ while ((ch = getopt(argc, argv, "adehimnpxj:r:sR:D:U:")) != EOF)
{
switch(ch)
{
user_name = optarg;
break;
}
+ case 'p':
+ {
+ lock_password = True;
+ break;
+ }
+ case 'x':
+ {
+ unlock_password = True;
+ break;
+ }
default:
{
usage();
acb_info |= ACB_PWNOTREQ;
}
+ if (lock_password)
+ {
+ acb_mask |= ACB_PWLOCK;
+ acb_info |= ACB_PWLOCK;
+ }
+
+ if (unlock_password)
+ {
+ acb_mask |= ACB_PWLOCK;
+ acb_info &= ~ACB_PWLOCK;
+ }
+
if (wks_trust_account)
{
acb_mask |= ACB_WSTRUST;
char *remote_machine = NULL;
char *user_name = NULL;
char *new_passwd = NULL;
-
+
while ((ch = getopt(argc, argv, "hD:r:sU:")) != EOF)
{
switch(ch)
remote_machine = "127.0.0.1";
}
-
if (remote_machine != NULL) {
old_passwd = get_pass("Old SMB password:",stdin_passwd_get);
}