/*
add a machine account to the ADS server
*/
-static int ads_add_machine_acct(ADS_STRUCT *ads, const char *hostname)
+static int ads_add_machine_acct(ADS_STRUCT *ads, const char *hostname, const char *org_unit)
{
int ret;
char *host_spn, *host_upn, *new_dn, *samAccountName, *controlstr;
asprintf(&host_spn, "HOST/%s", hostname);
asprintf(&host_upn, "%s@%s", host_spn, ads->realm);
- asprintf(&new_dn, "cn=%s,cn=Computers,%s", hostname, ads->bind_path);
+ asprintf(&new_dn, "cn=%s,cn=%s,%s", hostname, org_unit, ads->bind_path);
asprintf(&samAccountName, "%s$", hostname);
asprintf(&controlstr, "%u",
UF_DONT_EXPIRE_PASSWD | UF_WORKSTATION_TRUST_ACCOUNT |
join a machine to a realm, creating the machine account
and setting the machine password
*/
-int ads_join_realm(ADS_STRUCT *ads, const char *hostname)
+int ads_join_realm(ADS_STRUCT *ads, const char *hostname, const char *org_unit)
{
int rc;
LDAPMessage *res;
return LDAP_SUCCESS;
}
- rc = ads_add_machine_acct(ads, host);
+ rc = ads_add_machine_acct(ads, host, org_unit);
if (rc != LDAP_SUCCESS) {
DEBUG(0, ("ads_add_machine_acct: %s\n", ads_errstr(rc)));
return rc;
int net_ads_usage(int argc, const char **argv)
{
d_printf(
-"\nnet ads join"\
+"\nnet ads join <org_unit>"\
"\n\tjoins the local machine to a ADS realm\n"\
"\nnet ads leave"\
"\n\tremoves the local machine from a ADS realm\n"\
static int net_ads_leave(int argc, const char **argv)
{
- ADS_STRUCT *ads;
+ ADS_STRUCT *ads = NULL;
int rc;
extern pstring global_myname;
- if (!(ads = ads_startup())) return -1;
+ if (!(ads = ads_startup())) {
+ return -1;
+ }
if (!secrets_init()) {
DEBUG(1,("Failed to initialise secrets database\n"));
char *tmp_password;
extern pstring global_myname;
NTSTATUS status;
+ const char *org_unit = "Computers";
+ char *dn;
+ void *res;
+
+ if (argc > 0) org_unit = argv[0];
if (!secrets_init()) {
DEBUG(1,("Failed to initialise secrets database\n"));
return -1;
}
-
-
+
tmp_password = generate_random_str(DEFAULT_TRUST_ACCOUNT_PASSWORD_LENGTH);
password = strdup(tmp_password);
if (!(ads = ads_startup())) return -1;
- rc = ads_join_realm(ads, global_myname);
+ asprintf(&dn, "cn=%s,%s", org_unit, ads->bind_path);
+
+ rc = ads_search_dn(ads, &res, dn, NULL);
+ free(dn);
+ ads_msgfree(ads, res);
+
+ if (rc == LDAP_NO_SUCH_OBJECT) {
+ d_printf("ads_join_realm: organisational unit %s does not exist\n", org_unit);
+ return rc;
+ }
+
+ if (rc) {
+ d_printf("ads_join_realm: %s\n", ads_errstr(rc));
+ return -1;
+ }
+
+ rc = ads_join_realm(ads, global_myname, org_unit);
if (rc) {
d_printf("ads_join_realm: %s\n", ads_errstr(rc));
return -1;