From c64e3a8ff3297153fb2446194b924617fedc1a31 Mon Sep 17 00:00:00 2001 From: Christof Schmitt Date: Thu, 30 Jul 2015 15:52:08 -0700 Subject: [PATCH] net: Print time of last password change in 'net ads info' This is useful for debugging overwritten machine accounts, e.g. a second machine is joined to a domain with the same name as the first one. Signed-off-by: Christof Schmitt Reviewed-by: Jeremy Allison --- source3/utils/net_ads.c | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/source3/utils/net_ads.c b/source3/utils/net_ads.c index 28553fcadc8..a0f59affc7e 100644 --- a/source3/utils/net_ads.c +++ b/source3/utils/net_ads.c @@ -177,6 +177,7 @@ static int net_ads_info(struct net_context *c, int argc, const char **argv) { ADS_STRUCT *ads; char addr[INET6_ADDRSTRLEN]; + time_t pass_time; if (c->display_usage) { d_printf("%s\n" @@ -206,6 +207,8 @@ static int net_ads_info(struct net_context *c, int argc, const char **argv) d_fprintf( stderr, _("Failed to get server's current time!\n")); } + pass_time = secrets_fetch_pass_last_set_time(ads->server.workgroup); + print_sockaddr(addr, sizeof(addr), &ads->ldap.ss); d_printf(_("LDAP server: %s\n"), addr); @@ -219,6 +222,9 @@ static int net_ads_info(struct net_context *c, int argc, const char **argv) d_printf(_("KDC server: %s\n"), ads->auth.kdc_server ); d_printf(_("Server time offset: %d\n"), ads->auth.time_offset ); + d_printf(_("Last machine account password change: %s\n"), + http_timestring(talloc_tos(), pass_time)); + ads_destroy(&ads); return 0; } -- 2.47.2