"%s.\n", remote_machine);
return NT_STATUS_UNSUCCESSFUL;
}
-
+
cli = cli_initialise();
if (!cli) {
return NT_STATUS_NO_MEMORY;
cli_shutdown(cli);
return result;
}
-
+
make_nmb_name(&calling, global_myname() , 0x0);
make_nmb_name(&called , remote_machine, 0x20);
-
+
if (!cli_session_request(cli, &calling, &called)) {
asprintf(err_str, "machine %s rejected the session setup. "
"Error was : %s.\n",
cli_shutdown(cli);
return result;
}
-
+
cli->protocol = PROTOCOL_NT1;
if (!cli_negprot(cli)) {
cli_shutdown(cli);
return result;
}
-
+
/* Given things like SMB signing, restrict anonymous and the like,
try an authenticated connection first */
result = cli_session_setup(cli, user_name,
} else if (!(NT_STATUS_EQUAL(result, NT_STATUS_ACCESS_DENIED)
|| NT_STATUS_EQUAL(result, NT_STATUS_UNSUCCESSFUL))) {
/* it failed, but for reasons such as wrong password, too short etc ... */
-
+
asprintf(err_str, "machine %s rejected the password change: "
"Error was : %s.\n",
remote_machine, get_friendly_nt_error_msg(result));
/* OK, that failed, so try again... */
TALLOC_FREE(pipe_hnd);
-
+
/* Try anonymous NTLMSSP... */
cli_init_creds(cli, "", "", NULL);
-
+
result = NT_STATUS_UNSUCCESSFUL;
-
+
/* OK, this is ugly, but... try an anonymous pipe. */
result = cli_rpc_pipe_open_noauth(cli, &ndr_table_samr.syntax_id,
&pipe_hnd);
cli_shutdown(cli);
return result;
}
-
+
/* We have failed to change the user's password, and we think the server
just might not support SAMR password changes, so fall back */
-
+
if (lp_client_lanman_auth()) {
/* Use the old RAP method. */
if (cli_oem_change_password(cli, user_name, new_passwd, old_passwd)) {
fstring new_pw;
ZERO_ARRAY(new_pw);
-
+
p = get_pass("New SMB password:", stdin_get);
fstrcpy(new_pw, p);
SAFE_FREE(err_str);
return ret;
}
-
+
ret = local_password_change(username, local_flags, new_pw,
&err_str, &msg_str);
if (!secrets_init())
return False;
-
+
return secrets_store_ldap_pw(lp_ldap_admin_dn(), pw);
}
DEBUG(0, ("Failed to open passdb!\n"));
exit(1);
}
-
+
/* Ensure we have a SAM sid. */
get_global_sam_sid();
(remote_machine != NULL))) {
usage();
}
-
+
/* Only load interfaces if we are doing network operations. */
if (remote_machine) {
exit(1);
}
}
-
+
/* prepare uppercased and '$' terminated username */
slprintf(buf, sizeof(buf) - 1, "%s$", user_name);
fstrcpy(user_name, buf);
-
+
} else {
-
+
if (remote_machine != NULL) {
old_passwd = get_pass("Old SMB password:",stdin_passwd_get);
}
-
+
if (!(local_flags & LOCAL_SET_PASSWORD)) {
-
+
/*
* If we are trying to enable a user, first we need to find out
* if they are using a modern version of the smbpasswd file that
* password. If not (ie. they have a no stored password in the
* smbpasswd file) then we need to prompt for a new password.
*/
-
+
if(local_flags & LOCAL_ENABLE_USER) {
struct samu *sampass = NULL;
-
+
sampass = samu_new( NULL );
if (!sampass) {
fprintf(stderr, "talloc fail for struct samu.\n");
TALLOC_FREE(sampass);
}
}
-
+
if((local_flags & LOCAL_SET_PASSWORD) && (new_passwd == NULL)) {
new_passwd = prompt_for_new_password(stdin_passwd_get);
-
+
if(!new_passwd) {
fprintf(stderr, "Unable to get new password.\n");
exit(1);
printf("Password changed for user %s on %s.\n", user_name, remote_machine );
} else if(!(local_flags & (LOCAL_ADD_USER|LOCAL_DISABLE_USER|LOCAL_ENABLE_USER|LOCAL_DELETE_USER|LOCAL_SET_NO_PASSWORD|LOCAL_SET_PASSWORD))) {
struct samu *sampass = NULL;
-
+
sampass = samu_new( NULL );
if (!sampass) {
fprintf(stderr, "talloc fail for struct samu.\n");
exit(1);
}
}
-
+
/*
* A non-root user is always setting a password
* via a remote machine (even if that machine is
if (remote_machine != NULL) {
old_pw = get_pass("Old SMB password:",stdin_passwd_get);
}
-
+
if (!new_passwd) {
new_pw = prompt_for_new_password(stdin_passwd_get);
}
else
new_pw = smb_xstrdup(new_passwd);
-
+
if (!new_pw) {
fprintf(stderr, "Unable to get new password.\n");
exit(1);
TALLOC_CTX *frame = talloc_stackframe();
int local_flags = 0;
int ret;
-
+
AllowDebugChange = False;
#if defined(HAVE_SET_AUTH_PARAMETERS)
local_flags = process_options(argc, argv, local_flags);
setup_logging("smbpasswd", True);
-
+
/*
* Set the machine NETBIOS name if not already
* set from the config file.
*/
-
+
if (!init_names())
return 1;
projects / thirdparty / samba.git / commitdiff
