The Samba-Bugzilla – Attachment 2899 Details for
Bug 4926
Argument createcomputer does not work in net rpc join
Home
|
New
|
Browse
|
Search
|
[?]
|
Reports
|
Requests
|
Help
|
New Account
|
Log In
[x]
|
Forgot Password
Login:
[x]
[patch]
Patch to support createcomputer using net rpc join in an AD environment
patch-net_rpc_join.c (text/plain), 5.66 KB, created by
Raj Pagaku
on 2007-08-29 09:45:18 UTC
(
hide
)
Description:
Patch to support createcomputer using net rpc join in an AD environment
Filename:
MIME Type:
Creator:
Raj Pagaku
Created:
2007-08-29 09:45:18 UTC
Size:
5.66 KB
patch
obsolete
>--- utils/net_rpc_join.c.orig Fri Jun 23 13:16:53 2006 >+++ utils/net_rpc_join.c Wed Aug 8 03:47:19 2007 >@@ -97,6 +97,136 @@ > } > > /** >+ * utility function to parse an integer parameter from >+ * "parameter = value" >+ */ >+static const char* get_string_param( const char* param ) >+{ >+ const char *p; >+ >+ if ( (p = strchr( param, '=' )) == NULL ) >+ return NULL; >+ >+ return (p+1); >+} >+ >+ >+/** >+ * Build an org unit string >+ * if org unit is empty then assume org to be Computers >+ * @param org_unit - Organizational unit >+ * @return org unit string - caller must free >+ **/ >+static char *build_ou_string(const char *org_unit) >+{ >+ if (!org_unit || !*org_unit || strequal(org_unit, "Computers")) >+ return SMB_STRDUP("cn=Computers"); >+ >+ return ads_build_path(org_unit, "/", "ou=", 1); >+} >+ >+static int netrpc_precreate_machine_acct(const char *ou) >+{ >+ char *binddn = NULL; >+ char *ldap_uri = NULL; >+ const char *realm = lp_realm(); >+ >+ char *machine_escaped = NULL; >+ char *ou_str = NULL; >+ char *new_dn = NULL; >+ char *samAccountName = NULL; >+ char *controlstr = NULL; >+ const char *objectClass[] = {"top", "person", "organizationalPerson", >+ "user", "computer", NULL}; >+ TALLOC_CTX *tc = NULL; >+ struct smbldap_state *ldap_state = NULL; >+ int retval = 0; >+ int rc; >+ int i; >+ LDAPMod **mods = NULL; >+ const char *machine_name = global_myname(); >+ uint32 acct_control = ( UF_WORKSTATION_TRUST_ACCOUNT |\ >+ UF_DONT_EXPIRE_PASSWD |\ >+ UF_ACCOUNTDISABLE ); >+ >+#ifndef ENCTYPE_ARCFOUR_HMAC >+ acct_control |= UF_USE_DES_KEY_ONLY; >+#endif >+ >+ machine_escaped = escape_rdn_val_string_alloc(machine_name); >+ if (!machine_escaped) { >+ d_fprintf(stderr, "ERROR: Out of memory while escaping machine name\n"); >+ retval = 1; >+ goto done; >+ } >+ >+ ou_str = build_ou_string(ou); >+ if ((asprintf(&new_dn, "cn=%s,%s,%s", machine_escaped, ou_str, ads_build_dn(realm)) == -1)) { >+ d_fprintf(stderr, "ERROR: Out of memory while creating dn\n"); >+ retval = 1; >+ goto done; >+ } >+ >+ asprintf(&binddn, "%s\\%s", opt_target_workgroup, opt_user_name); >+ asprintf(&ldap_uri, "ldap://%s", opt_host); >+ asprintf(&samAccountName, "%s$", machine_name); >+ asprintf(&controlstr, "%u", acct_control); >+ >+ smbldap_set_mod(&mods, LDAP_MOD_ADD, "cn", machine_name); >+ smbldap_set_mod(&mods, LDAP_MOD_ADD, "sAMAccountName", samAccountName); >+ >+ for (i = 0; objectClass[i] != NULL; i++) >+ smbldap_set_mod(&mods, LDAP_MOD_ADD, "objectClass", objectClass[i]); >+ >+ smbldap_set_mod(&mods, LDAP_MOD_ADD, "userAccountControl", controlstr); >+ >+ tc = talloc_new(NULL); >+ if (!tc) { >+ d_fprintf(stderr, "ERROR: Out of memory while allocating internal buffer\n"); >+ retval = 1; >+ goto done; >+ } >+ >+ if (!NT_STATUS_IS_OK(smbldap_init(tc, ldap_uri, &ldap_state))) { >+ d_fprintf(stderr, "ERROR: smbldap_init: Unable to initialize connection with server.\n"); >+ retval = 1; >+ goto done; >+ } >+ >+ if (!smbldap_set_creds(ldap_state, false, binddn, opt_password)) { >+ d_fprintf(stderr, "ERROR: Failure to set credentials\n"); >+ retval = 1; >+ goto done; >+ } >+ >+ if (LDAP_SUCCESS != (rc = smbldap_add(ldap_state, new_dn, mods))) { >+ if (rc != LDAP_ALREADY_EXISTS) { >+ d_fprintf(stderr, "ERROR: Failure to create " >+ "machine account: %s\n", ldap_err2string(rc)); >+ } >+ retval = rc; >+ goto done; >+ } >+ >+done: >+ if (ldap_state) >+ smbldap_free_struct(&ldap_state); >+ >+ if (tc) >+ TALLOC_FREE(tc); >+ >+ SAFE_FREE(ldap_uri); >+ SAFE_FREE(binddn); >+ SAFE_FREE(machine_escaped); >+ SAFE_FREE(ou_str); >+ SAFE_FREE(new_dn); >+ SAFE_FREE(samAccountName); >+ SAFE_FREE(controlstr); >+ >+ return retval; >+} >+ >+/** > * Join a domain using the administrator username and password > * > * @param argc Standard main() style argc >@@ -142,6 +272,9 @@ > uint32 flags = 0x3e8; > char *acct_name; > const char *const_acct_name; >+ const char *create_in_ou = NULL; >+ int i; >+ int status; > > /* check what type of join */ > if (argc >= 0) { >@@ -221,6 +354,23 @@ > domain_sid, &domain_pol), > "could not open domain"); > >+ for (i = 0; i < argc; i++) { >+ if (strnequal(argv[i], "createcomputer=", sizeof("createcomputer=")-1)) { >+ if ((create_in_ou = get_string_param(argv[i])) == NULL) { >+ d_fprintf(stderr, "Please supply a valid OU path.\n"); >+ goto done; >+ } >+ } >+ } >+ >+ if (create_in_ou) { >+ status = netrpc_precreate_machine_acct(create_in_ou); >+ if (status && status != LDAP_ALREADY_EXISTS) { >+ d_fprintf(stderr, "Failed to pre-create the machine object " >+ "in OU '%s'.\n", create_in_ou); >+ goto done; >+ } >+ } > /* Create domain user */ > if ((acct_name = talloc_asprintf(mem_ctx, "%s$", global_myname())) == NULL) { > result = NT_STATUS_NO_MEMORY;
<b>You cannot view the attachment while viewing its details because your browser does not support IFRAMEs. <a href="attachment.cgi?id=2899">View the attachment on a separate page</a>.</b>
View Attachment As Raw
Actions:
View
Attachments on
bug 4926
: 2899