7) Better Windows 2000/XP/2003 printing support including publishing
printer attributes in active directory.
-8) New loadable RPC modules.
+8) New loadable module support for passdb backends and
+ character sets.
9) New default dual-daemon winbindd support for better performance.
######################################################################
-Changes since 3.0rc
-###################
+Changes since 3.0rc1
+####################
Please refer to the CVS log for the SAMBA_3_0 branch for complete
details:
1) Add levels 261 and 262 to search. Found using Samba4 tester.
-2) Correct bad errot return code in session setup reply
+2) Correct bad error return code in session setup reply
3) Fix bug where smbd returned DOS error codes from SMBsearch
even when NT1 protocol was negotiated.
-4) Implement SMBxit properly.
+4) Implement SMBexit properly.
5) Return group lists from a Samba PDC to a Windows 9x/ME box
in implementing user level access control (bug 314).
6) Prevent SWAT from crashing when adding shares (bug 254)
14) Include initial version of smbldap-tool scripts for the Samba
3.0 schema.
15) Implement numerous fixes for multi-byte character strings.
-16) Enable unix extensions by default.
-17) Make sure we set the sid type when falling back to the rid
+16) Enable 'unix extensions' parameter by default.
+17) Make sure we set the SID type when falling back to the rid
algorithm (bug 245).
18) Correct linking problems with pam_smbpass (bug 327).
19) Add SYSV defines for Irix and Solaris to ensure the 'printing'
parameter default to the correct value (bug 230)
-20) Fix recusion bug in alloc_string+sub() (bug 289, et. al.)
+20) Fix recursion bug in alloc_string_sub() (bug 289, et. al.)
21) Ensure that 'make install' includes the static and shared
versions of the libsmbclient libraries.
22) Add CP850 and CP437 internal character set support (bug 150).
-23) Add support to examples/LDAP/convertSambaAccuont for generating
- LDIF modify files instaed of just add (303).
+23) Add support to examples/LDAP/convertSambaAccount for generating
+ LDIF modify files instead of just add (303).
24) Fix support for -W option in smbclient (bug 39)
25) Remove 'ldap trust ids' parameter since it could not be supported
by the current architecture.
26) Don't crash when no argument is given to -T in smbclient (bug 345).
27) Ensure smbadduser contains the same paths for the smbpasswd file
as the other Samba tools (bug 290).
-28) Port of 'avalable = no' fix for [homes] from SAMBA_2_2 cvs tree.
+28) Port of 'available = no' fix for [homes] from SAMBA_2_2 cvs tree.
29) Add sanity checks to DeletePrinterData[Ex]() and ensure that the
modified printer is written to disk.
-30) Force winbindd to preiodically update the trusted domain cache.
-31) Remove outdate import/export script to convert an smbpasswd file
+30) Force winbindd to periodically update the trusted domain cache.
+31) Remove outdated import/export script to convert an smbpasswd file
to and from and LDAP directory. Use the pdbedit tool instead.
53) Add vfs_readonly VFS module.
54) Make sure to initialize the sambaNextUserRid and sambaNextGroupRid
attributes when using 'idmap backend = ldap' (bug 280).
-55) Make sure that UNIX users shared between a Samba PDC and member
+55) Make sure that users shared between a Samba PDC and member
samba server are seen as domain users and not local users on the
domain member.
56) Fix Query FS Info level 2.
extern BOOL AllowDebugChange;
+/**************************************************************************************************/
+/* Utility function to prompt for password from stdin. Password entered must end with a newline. */
+/**************************************************************************************************/
+static char *stdin_new_passwd(void)
+{
+ static fstring new_pw;
+ size_t len;
+
+ ZERO_ARRAY(new_pw);
+
+ /*
+ * if no error is reported from fgets() and string at least contains
+ * the newline that ends the password, then replace the newline with
+ * a null terminator.
+ */
+ if ( fgets(new_pw, sizeof(new_pw), stdin) != NULL) {
+ if ((len = strlen(new_pw)) > 0) {
+ if(new_pw[len-1] == '\n')
+ new_pw[len - 1] = 0;
+ }
+ }
+ return(new_pw);
+}
+
uint32 get_sec_channel_type(const char *param)
{
if (!(param && *param)) {
return net_rpc_changetrustpw(argc, argv);
}
+static int net_changesecretpw(int argc, const char **argv)
+{
+ char *trust_pw;
+ char trust_pw_hash[16];
+ uint32 sec_channel_type = SEC_CHAN_WKSTA;
+
+
+ if(opt_force) {
+ trust_pw = getpass("Enter machine password: ");
+
+ if (!secrets_store_machine_password(trust_pw, lp_workgroup(), sec_channel_type)) {
+ d_printf("Unable to write the machine account password in the secrets database");
+ return 1;
+ }
+ else {
+ d_printf("Modified trust account password in secrets database\n");
+ }
+ }
+ else {
+ d_printf("Machine account password change requires the -f flag.\n");
+ d_printf("Do NOT use this function unless you know what it does!\n");
+ d_printf("This function will change the ADS Domain member machine account password in the secrets.tdb file!\n");
+ }
+
+ return 0;
+}
+
static int net_share(int argc, const char **argv)
{
if (net_rpc_check(0))
{"SERVICE", net_rap_service},
{"PASSWORD", net_rap_password},
{"CHANGETRUSTPW", net_changetrustpw},
+ {"CHANGESECRETPW", net_changesecretpw},
{"TIME", net_time},
{"LOOKUP", net_lookup},
{"JOIN", net_join},
d_printf("\t-U or --user=<name>\t\tuser name\n");
d_printf("\t-s or --configfile=<path>\t\tpathname of smb.conf file\n");
d_printf("\t-l or --long\t\t\tDisplay full information\n");
- d_printf("\t-V or --version\t\tPrint samba version information\n");
+ d_printf("\t-V or --version\t\t\tPrint samba version information\n");
d_printf("\t-P or --machine-pass\t\tAuthenticate as machine account\n");
return -1;
}
"\n"\
"Valid functions are:\n"\
" RPC RAP ADS FILE SHARE SESSION SERVER DOMAIN PRINTQ USER GROUP VALIDATE\n"\
-" GROUPMEMBER ADMIN SERVICE PASSWORD TIME LOOKUP GETLOCALSID SETLOCALSID\n");
+" GROUPMEMBER ADMIN SERVICE PASSWORD TIME LOOKUP GETLOCALSID SETLOCALSID\n"\
+" CHANGESCRETPW\n");
return -1;
}
" net cache\t\tto operate on cache tdb file\n"\
" net getlocalsid [NAME]\tto get the SID for local name\n"\
" net setlocalsid SID\tto set the local domain SID\n"\
+ " net changesecretpw\tto change the machine password in the local secrets database only\n"\
+ " \tthis requires the -f flag as a safety barrier\n"\
"\n"\
" net ads <command>\tto run ADS commands\n"\
" net rap <command>\tto run RAP (pre-RPC) commands\n"\
git.samba.org / samba.git / commitdiff