|
Packit |
8586cb |
/*
|
|
Packit |
8586cb |
* adcli
|
|
Packit |
8586cb |
*
|
|
Packit |
8586cb |
* Copyright (C) 2013 Red Hat Inc.
|
|
Packit |
8586cb |
*
|
|
Packit |
8586cb |
* This program is free software; you can redistribute it and/or modify
|
|
Packit |
8586cb |
* it under the terms of the GNU Lesser General Public License as
|
|
Packit |
8586cb |
* published by the Free Software Foundation; either version 2.1 of
|
|
Packit |
8586cb |
* the License, or (at your option) any later version.
|
|
Packit |
8586cb |
*
|
|
Packit |
8586cb |
* This program is distributed in the hope that it will be useful, but
|
|
Packit |
8586cb |
* WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
Packit |
8586cb |
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
|
|
Packit |
8586cb |
* Lesser General Public License for more details.
|
|
Packit |
8586cb |
*
|
|
Packit |
8586cb |
* You should have received a copy of the GNU Lesser General Public
|
|
Packit |
8586cb |
* License along with this program; if not, write to the Free Software
|
|
Packit |
8586cb |
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston,
|
|
Packit |
8586cb |
* MA 02110-1301 USA
|
|
Packit |
8586cb |
*
|
|
Packit |
8586cb |
* Author: Stef Walter <stefw@redhat.com>
|
|
Packit |
8586cb |
*/
|
|
Packit |
8586cb |
|
|
Packit |
8586cb |
#include "config.h"
|
|
Packit |
8586cb |
|
|
Packit |
8586cb |
#include "adcli.h"
|
|
Packit |
8586cb |
#include "adattrs.h"
|
|
Packit |
8586cb |
#include "tools.h"
|
|
Packit |
8586cb |
|
|
Packit |
8586cb |
#include <assert.h>
|
|
Packit |
8586cb |
#include <err.h>
|
|
Packit |
8586cb |
#include <stdio.h>
|
|
Packit |
8586cb |
|
|
Packit |
8586cb |
typedef enum {
|
|
Packit |
8586cb |
/* Have short equivalents */
|
|
Packit |
8586cb |
opt_domain = 'D',
|
|
Packit |
8586cb |
opt_domain_realm = 'R',
|
|
Packit |
8586cb |
opt_domain_controller = 'S',
|
|
Packit |
8586cb |
opt_login_user = 'U',
|
|
Packit |
8586cb |
opt_login_ccache = 'C',
|
|
Packit |
8586cb |
opt_domain_ou = 'O',
|
|
Packit |
8586cb |
opt_prompt_password = 'W',
|
|
Packit |
8586cb |
opt_verbose = 'v',
|
|
Packit |
8586cb |
|
|
Packit |
8586cb |
/* Don't have short equivalents */
|
|
Packit |
8586cb |
opt_no_password,
|
|
Packit |
8586cb |
opt_stdin_password,
|
|
Packit |
8586cb |
opt_display_name,
|
|
Packit |
8586cb |
opt_description,
|
|
Packit |
8586cb |
opt_mail,
|
|
Packit |
8586cb |
opt_unix_home,
|
|
Packit |
8586cb |
opt_unix_uid,
|
|
Packit |
8586cb |
opt_unix_gid,
|
|
Packit |
8586cb |
opt_unix_shell,
|
|
Packit |
0b9c0e |
opt_nis_domain,
|
|
Packit |
8586cb |
} Option;
|
|
Packit |
8586cb |
|
|
Packit |
8586cb |
static adcli_tool_desc common_usages[] = {
|
|
Packit |
8586cb |
{ opt_display_name, "display name" },
|
|
Packit |
8586cb |
{ opt_description, "group description" },
|
|
Packit |
8586cb |
{ opt_mail, "email address" },
|
|
Packit |
8586cb |
{ opt_unix_home, "unix home directory" },
|
|
Packit |
8586cb |
{ opt_unix_uid, "unix uid number" },
|
|
Packit |
8586cb |
{ opt_unix_gid, "unix gid number" },
|
|
Packit |
8586cb |
{ opt_unix_shell, "unix shell" },
|
|
Packit |
0b9c0e |
{ opt_nis_domain, "NIS domain" },
|
|
Packit |
8586cb |
{ opt_domain, "active directory domain name" },
|
|
Packit |
8586cb |
{ opt_domain_realm, "kerberos realm for the domain" },
|
|
Packit |
8586cb |
{ opt_domain_controller, "domain directory server to connect to" },
|
|
Packit |
8586cb |
{ opt_login_ccache, "kerberos credential cache file which contains\n"
|
|
Packit |
8586cb |
"ticket to used to connect to the domain" },
|
|
Packit |
8586cb |
{ opt_login_user, "user (usually administrative) login name of\n"
|
|
Packit |
8586cb |
"the account to log into the domain as" },
|
|
Packit |
8586cb |
{ opt_domain_ou, "a LDAP DN representing an organizational unit in\n"
|
|
Packit |
8586cb |
"which the user account should be placed." },
|
|
Packit |
8586cb |
{ opt_no_password, "don't prompt for or read a password" },
|
|
Packit |
8586cb |
{ opt_prompt_password, "prompt for a login password if necessary" },
|
|
Packit |
8586cb |
{ opt_stdin_password, "read a login password from stdin (until EOF) if\n"
|
|
Packit |
8586cb |
"necessary" },
|
|
Packit |
8586cb |
{ opt_verbose, "show verbose progress and failure messages", },
|
|
Packit |
8586cb |
{ 0 },
|
|
Packit |
8586cb |
};
|
|
Packit |
8586cb |
|
|
Packit |
911ae2 |
static int
|
|
Packit |
8586cb |
parse_option (Option opt,
|
|
Packit |
8586cb |
const char *optarg,
|
|
Packit |
8586cb |
adcli_conn *conn)
|
|
Packit |
8586cb |
{
|
|
Packit |
8586cb |
static int no_password = 0;
|
|
Packit |
8586cb |
static int prompt_password = 0;
|
|
Packit |
8586cb |
static int stdin_password = 0;
|
|
Packit |
8586cb |
|
|
Packit |
8586cb |
switch (opt) {
|
|
Packit |
8586cb |
case opt_login_ccache:
|
|
Packit |
8586cb |
adcli_conn_set_login_ccache_name (conn, optarg);
|
|
Packit |
911ae2 |
return ADCLI_SUCCESS;
|
|
Packit |
8586cb |
case opt_login_user:
|
|
Packit |
8586cb |
adcli_conn_set_login_user (conn, optarg);
|
|
Packit |
911ae2 |
return ADCLI_SUCCESS;
|
|
Packit |
8586cb |
case opt_domain:
|
|
Packit |
8586cb |
adcli_conn_set_domain_name (conn, optarg);
|
|
Packit |
911ae2 |
return ADCLI_SUCCESS;
|
|
Packit |
8586cb |
case opt_domain_realm:
|
|
Packit |
8586cb |
adcli_conn_set_domain_realm (conn, optarg);
|
|
Packit |
911ae2 |
return ADCLI_SUCCESS;
|
|
Packit |
8586cb |
case opt_domain_controller:
|
|
Packit |
8586cb |
adcli_conn_set_domain_controller (conn, optarg);
|
|
Packit |
911ae2 |
return ADCLI_SUCCESS;
|
|
Packit |
8586cb |
case opt_no_password:
|
|
Packit |
8586cb |
if (stdin_password || prompt_password) {
|
|
Packit |
911ae2 |
warnx ("cannot use --no-password argument with %s",
|
|
Packit |
911ae2 |
stdin_password ? "--stdin-password" : "--prompt-password");
|
|
Packit |
911ae2 |
return EUSAGE;
|
|
Packit |
8586cb |
} else {
|
|
Packit |
8586cb |
adcli_conn_set_password_func (conn, NULL, NULL, NULL);
|
|
Packit |
8586cb |
no_password = 1;
|
|
Packit |
8586cb |
}
|
|
Packit |
911ae2 |
return ADCLI_SUCCESS;
|
|
Packit |
8586cb |
case opt_prompt_password:
|
|
Packit |
8586cb |
if (stdin_password || no_password) {
|
|
Packit |
911ae2 |
warnx ("cannot use --prompt-password argument with %s",
|
|
Packit |
911ae2 |
stdin_password ? "--stdin-password" : "--no-password");
|
|
Packit |
911ae2 |
return EUSAGE;
|
|
Packit |
8586cb |
} else {
|
|
Packit |
8586cb |
adcli_conn_set_password_func (conn, adcli_prompt_password_func, NULL, NULL);
|
|
Packit |
8586cb |
prompt_password = 1;
|
|
Packit |
8586cb |
}
|
|
Packit |
911ae2 |
return ADCLI_SUCCESS;
|
|
Packit |
8586cb |
case opt_stdin_password:
|
|
Packit |
8586cb |
if (prompt_password || no_password) {
|
|
Packit |
911ae2 |
warnx ("cannot use --stdin-password argument with %s",
|
|
Packit |
911ae2 |
prompt_password ? "--prompt-password" : "--no-password");
|
|
Packit |
911ae2 |
return EUSAGE;
|
|
Packit |
8586cb |
} else {
|
|
Packit |
8586cb |
adcli_conn_set_password_func (conn, adcli_read_password_func, NULL, NULL);
|
|
Packit |
8586cb |
stdin_password = 1;
|
|
Packit |
8586cb |
}
|
|
Packit |
911ae2 |
return ADCLI_SUCCESS;
|
|
Packit |
8586cb |
case opt_verbose:
|
|
Packit |
911ae2 |
return ADCLI_SUCCESS;
|
|
Packit |
8586cb |
default:
|
|
Packit |
8586cb |
assert (0 && "not reached");
|
|
Packit |
8586cb |
break;
|
|
Packit |
8586cb |
}
|
|
Packit |
8586cb |
|
|
Packit |
911ae2 |
warnx ("failure to parse option '%c'", opt);
|
|
Packit |
911ae2 |
return EUSAGE;
|
|
Packit |
8586cb |
}
|
|
Packit |
8586cb |
|
|
Packit |
8586cb |
int
|
|
Packit |
8586cb |
adcli_tool_user_create (adcli_conn *conn,
|
|
Packit |
8586cb |
int argc,
|
|
Packit |
8586cb |
char *argv[])
|
|
Packit |
8586cb |
{
|
|
Packit |
8586cb |
adcli_entry *entry;
|
|
Packit |
8586cb |
adcli_result res;
|
|
Packit |
8586cb |
adcli_attrs *attrs;
|
|
Packit |
8586cb |
const char *ou = NULL;
|
|
Packit |
8586cb |
int opt;
|
|
Packit |
e0c93f |
bool has_unix_attr = false;
|
|
Packit |
e0c93f |
bool has_nis_domain = false;
|
|
Packit |
8586cb |
|
|
Packit |
8586cb |
struct option options[] = {
|
|
Packit |
8586cb |
{ "display-name", required_argument, NULL, opt_display_name },
|
|
Packit |
8586cb |
{ "mail", required_argument, NULL, opt_mail },
|
|
Packit |
8586cb |
{ "unix-home", required_argument, NULL, opt_unix_home },
|
|
Packit |
8586cb |
{ "unix-uid", required_argument, NULL, opt_unix_uid },
|
|
Packit |
8586cb |
{ "unix-gid", required_argument, NULL, opt_unix_gid },
|
|
Packit |
8586cb |
{ "unix-shell", required_argument, NULL, opt_unix_shell },
|
|
Packit |
0b9c0e |
{ "nis-domain", required_argument, NULL, opt_nis_domain },
|
|
Packit |
8586cb |
{ "domain-ou", required_argument, NULL, opt_domain_ou },
|
|
Packit |
8586cb |
{ "domain", required_argument, NULL, opt_domain },
|
|
Packit |
8586cb |
{ "domain-realm", required_argument, NULL, opt_domain_realm },
|
|
Packit |
8586cb |
{ "domain-controller", required_argument, NULL, opt_domain_controller },
|
|
Packit |
8586cb |
{ "login-user", required_argument, NULL, opt_login_user },
|
|
Packit |
8586cb |
{ "login-ccache", optional_argument, NULL, opt_login_ccache },
|
|
Packit |
8586cb |
{ "no-password", no_argument, 0, opt_no_password },
|
|
Packit |
8586cb |
{ "stdin-password", no_argument, 0, opt_stdin_password },
|
|
Packit |
8586cb |
{ "prompt-password", no_argument, 0, opt_prompt_password },
|
|
Packit |
8586cb |
{ "verbose", no_argument, NULL, opt_verbose },
|
|
Packit |
8586cb |
{ "help", no_argument, NULL, 'h' },
|
|
Packit |
8586cb |
{ 0 },
|
|
Packit |
8586cb |
};
|
|
Packit |
8586cb |
|
|
Packit |
8586cb |
static adcli_tool_desc usages[] = {
|
|
Packit |
8586cb |
{ 0, "usage: adcli create-user --domain=xxxx user" },
|
|
Packit |
8586cb |
{ 0 },
|
|
Packit |
8586cb |
};
|
|
Packit |
8586cb |
|
|
Packit |
8586cb |
attrs = adcli_attrs_new ();
|
|
Packit |
8586cb |
|
|
Packit |
8586cb |
while ((opt = adcli_tool_getopt (argc, argv, options)) != -1) {
|
|
Packit |
8586cb |
switch (opt) {
|
|
Packit |
8586cb |
case opt_display_name:
|
|
Packit |
8586cb |
adcli_attrs_add (attrs, "displayName", optarg, NULL);
|
|
Packit |
8586cb |
break;
|
|
Packit |
8586cb |
case opt_mail:
|
|
Packit |
8586cb |
adcli_attrs_add1 (attrs, "mail", optarg);
|
|
Packit |
8586cb |
break;
|
|
Packit |
8586cb |
case opt_unix_home:
|
|
Packit |
8586cb |
adcli_attrs_add (attrs, "unixHomeDirectory", optarg, NULL);
|
|
Packit |
e0c93f |
has_unix_attr = true;
|
|
Packit |
8586cb |
break;
|
|
Packit |
8586cb |
case opt_unix_uid:
|
|
Packit |
8586cb |
adcli_attrs_add (attrs, "uidNumber", optarg, NULL);
|
|
Packit |
e0c93f |
has_unix_attr = true;
|
|
Packit |
8586cb |
break;
|
|
Packit |
8586cb |
case opt_unix_gid:
|
|
Packit |
8586cb |
adcli_attrs_add (attrs, "gidNumber", optarg, NULL);
|
|
Packit |
e0c93f |
has_unix_attr = true;
|
|
Packit |
8586cb |
break;
|
|
Packit |
8586cb |
case opt_unix_shell:
|
|
Packit |
8586cb |
adcli_attrs_add (attrs, "loginShell", optarg, NULL);
|
|
Packit |
e0c93f |
has_unix_attr = true;
|
|
Packit |
8586cb |
break;
|
|
Packit |
0b9c0e |
case opt_nis_domain:
|
|
Packit |
0b9c0e |
adcli_attrs_add (attrs, "msSFU30NisDomain", optarg, NULL);
|
|
Packit |
e0c93f |
has_nis_domain = true;
|
|
Packit |
0b9c0e |
break;
|
|
Packit |
8586cb |
case opt_domain_ou:
|
|
Packit |
8586cb |
ou = optarg;
|
|
Packit |
8586cb |
break;
|
|
Packit |
8586cb |
case 'h':
|
|
Packit |
8586cb |
case '?':
|
|
Packit |
8586cb |
case ':':
|
|
Packit |
8586cb |
adcli_tool_usage (options, usages);
|
|
Packit |
8586cb |
adcli_tool_usage (options, common_usages);
|
|
Packit |
8586cb |
adcli_attrs_free (attrs);
|
|
Packit |
8586cb |
return opt == 'h' ? 0 : 2;
|
|
Packit |
8586cb |
default:
|
|
Packit |
911ae2 |
res = parse_option ((Option)opt, optarg, conn);
|
|
Packit |
911ae2 |
if (res != ADCLI_SUCCESS) {
|
|
Packit |
911ae2 |
adcli_attrs_free (attrs);
|
|
Packit |
911ae2 |
return res;
|
|
Packit |
911ae2 |
}
|
|
Packit |
8586cb |
break;
|
|
Packit |
8586cb |
}
|
|
Packit |
8586cb |
}
|
|
Packit |
8586cb |
|
|
Packit |
8586cb |
argc -= optind;
|
|
Packit |
8586cb |
argv += optind;
|
|
Packit |
8586cb |
|
|
Packit |
e5fed2 |
if (argc != 1) {
|
|
Packit |
e5fed2 |
warnx ("specify one user name to create");
|
|
Packit |
e5fed2 |
adcli_attrs_free (attrs);
|
|
Packit |
e5fed2 |
return 2;
|
|
Packit |
e5fed2 |
}
|
|
Packit |
8586cb |
|
|
Packit |
8586cb |
entry = adcli_entry_new_user (conn, argv[0]);
|
|
Packit |
e5fed2 |
if (entry == NULL) {
|
|
Packit |
e5fed2 |
warnx ("unexpected memory problems");
|
|
Packit |
e5fed2 |
adcli_attrs_free (attrs);
|
|
Packit |
e5fed2 |
return -1;
|
|
Packit |
e5fed2 |
}
|
|
Packit |
8586cb |
adcli_entry_set_domain_ou (entry, ou);
|
|
Packit |
8586cb |
|
|
Packit |
8586cb |
adcli_conn_set_allowed_login_types (conn, ADCLI_LOGIN_USER_ACCOUNT);
|
|
Packit |
8586cb |
|
|
Packit |
8586cb |
res = adcli_conn_connect (conn);
|
|
Packit |
8586cb |
if (res != ADCLI_SUCCESS) {
|
|
Packit |
e5fed2 |
warnx ("couldn't connect to %s domain: %s",
|
|
Packit |
e5fed2 |
adcli_conn_get_domain_name (conn),
|
|
Packit |
e5fed2 |
adcli_get_last_error ());
|
|
Packit |
e5fed2 |
adcli_entry_unref (entry);
|
|
Packit |
e5fed2 |
adcli_attrs_free (attrs);
|
|
Packit |
e5fed2 |
return -res;
|
|
Packit |
8586cb |
}
|
|
Packit |
8586cb |
|
|
Packit |
e0c93f |
if (has_unix_attr && !has_nis_domain) {
|
|
Packit |
e0c93f |
res = adcli_get_nis_domain (entry, attrs);
|
|
Packit |
e0c93f |
if (res != ADCLI_SUCCESS) {
|
|
Packit |
e0c93f |
adcli_entry_unref (entry);
|
|
Packit |
e0c93f |
adcli_attrs_free (attrs);
|
|
Packit |
e5fed2 |
warnx ("couldn't get NIS domain");
|
|
Packit |
e5fed2 |
return -res;
|
|
Packit |
e0c93f |
}
|
|
Packit |
e0c93f |
}
|
|
Packit |
e0c93f |
|
|
Packit |
8586cb |
res = adcli_entry_create (entry, attrs);
|
|
Packit |
8586cb |
if (res != ADCLI_SUCCESS) {
|
|
Packit |
e5fed2 |
warnx ("creating user %s in domain %s failed: %s",
|
|
Packit |
e5fed2 |
adcli_entry_get_sam_name (entry),
|
|
Packit |
e5fed2 |
adcli_conn_get_domain_name (conn),
|
|
Packit |
e5fed2 |
adcli_get_last_error ());
|
|
Packit |
e5fed2 |
adcli_entry_unref (entry);
|
|
Packit |
e5fed2 |
adcli_attrs_free (attrs);
|
|
Packit |
e5fed2 |
return -res;
|
|
Packit |
8586cb |
}
|
|
Packit |
8586cb |
|
|
Packit |
8586cb |
adcli_entry_unref (entry);
|
|
Packit |
8586cb |
adcli_attrs_free (attrs);
|
|
Packit |
8586cb |
|
|
Packit |
8586cb |
return 0;
|
|
Packit |
8586cb |
}
|
|
Packit |
8586cb |
|
|
Packit |
8586cb |
int
|
|
Packit |
8586cb |
adcli_tool_user_delete (adcli_conn *conn,
|
|
Packit |
8586cb |
int argc,
|
|
Packit |
8586cb |
char *argv[])
|
|
Packit |
8586cb |
{
|
|
Packit |
8586cb |
adcli_result res;
|
|
Packit |
8586cb |
adcli_entry *entry;
|
|
Packit |
8586cb |
int opt;
|
|
Packit |
8586cb |
|
|
Packit |
8586cb |
struct option options[] = {
|
|
Packit |
8586cb |
{ "domain", required_argument, NULL, opt_domain },
|
|
Packit |
8586cb |
{ "domain-realm", required_argument, NULL, opt_domain_realm },
|
|
Packit |
8586cb |
{ "domain-controller", required_argument, NULL, opt_domain_controller },
|
|
Packit |
8586cb |
{ "login-user", required_argument, NULL, opt_login_user },
|
|
Packit |
8586cb |
{ "login-ccache", optional_argument, NULL, opt_login_ccache },
|
|
Packit |
8586cb |
{ "no-password", no_argument, 0, opt_no_password },
|
|
Packit |
8586cb |
{ "stdin-password", no_argument, 0, opt_stdin_password },
|
|
Packit |
8586cb |
{ "prompt-password", no_argument, 0, opt_prompt_password },
|
|
Packit |
8586cb |
{ "verbose", no_argument, NULL, opt_verbose },
|
|
Packit |
8586cb |
{ "help", no_argument, NULL, 'h' },
|
|
Packit |
8586cb |
{ 0 },
|
|
Packit |
8586cb |
};
|
|
Packit |
8586cb |
|
|
Packit |
8586cb |
static adcli_tool_desc usages[] = {
|
|
Packit |
8586cb |
{ 0, "usage: adcli delete-user --domain=xxxx user" },
|
|
Packit |
8586cb |
{ 0 },
|
|
Packit |
8586cb |
};
|
|
Packit |
8586cb |
|
|
Packit |
8586cb |
while ((opt = adcli_tool_getopt (argc, argv, options)) != -1) {
|
|
Packit |
8586cb |
switch (opt) {
|
|
Packit |
8586cb |
case 'h':
|
|
Packit |
8586cb |
case '?':
|
|
Packit |
8586cb |
case ':':
|
|
Packit |
8586cb |
adcli_tool_usage (options, usages);
|
|
Packit |
8586cb |
adcli_tool_usage (options, common_usages);
|
|
Packit |
8586cb |
return opt == 'h' ? 0 : 2;
|
|
Packit |
8586cb |
default:
|
|
Packit |
911ae2 |
res = parse_option ((Option)opt, optarg, conn);
|
|
Packit |
911ae2 |
if (res != ADCLI_SUCCESS) {
|
|
Packit |
911ae2 |
return res;
|
|
Packit |
911ae2 |
}
|
|
Packit |
8586cb |
break;
|
|
Packit |
8586cb |
}
|
|
Packit |
8586cb |
}
|
|
Packit |
8586cb |
|
|
Packit |
8586cb |
argc -= optind;
|
|
Packit |
8586cb |
argv += optind;
|
|
Packit |
8586cb |
|
|
Packit |
e5fed2 |
if (argc != 1) {
|
|
Packit |
e5fed2 |
warnx ("specify one user name to delete");
|
|
Packit |
e5fed2 |
return 2;
|
|
Packit |
e5fed2 |
}
|
|
Packit |
8586cb |
|
|
Packit |
8586cb |
entry = adcli_entry_new_user (conn, argv[0]);
|
|
Packit |
e5fed2 |
if (entry == NULL) {
|
|
Packit |
e5fed2 |
warnx ("unexpected memory problems");
|
|
Packit |
e5fed2 |
return -1;
|
|
Packit |
e5fed2 |
}
|
|
Packit |
8586cb |
|
|
Packit |
8586cb |
adcli_conn_set_allowed_login_types (conn, ADCLI_LOGIN_USER_ACCOUNT);
|
|
Packit |
8586cb |
|
|
Packit |
8586cb |
res = adcli_conn_connect (conn);
|
|
Packit |
8586cb |
if (res != ADCLI_SUCCESS) {
|
|
Packit |
e5fed2 |
warnx ("couldn't connect to %s domain: %s",
|
|
Packit |
e5fed2 |
adcli_conn_get_domain_name (conn),
|
|
Packit |
e5fed2 |
adcli_get_last_error ());
|
|
Packit |
e5fed2 |
adcli_entry_unref (entry);
|
|
Packit |
e5fed2 |
return -res;
|
|
Packit |
8586cb |
}
|
|
Packit |
8586cb |
|
|
Packit |
8586cb |
res = adcli_entry_delete (entry);
|
|
Packit |
8586cb |
if (res != ADCLI_SUCCESS) {
|
|
Packit |
e5fed2 |
warnx ("deleting user %s in domain %s failed: %s",
|
|
Packit |
e5fed2 |
adcli_entry_get_sam_name (entry),
|
|
Packit |
e5fed2 |
adcli_conn_get_domain_name (conn),
|
|
Packit |
e5fed2 |
adcli_get_last_error ());
|
|
Packit |
e5fed2 |
adcli_entry_unref (entry);
|
|
Packit |
e5fed2 |
return -res;
|
|
Packit |
8586cb |
}
|
|
Packit |
8586cb |
|
|
Packit |
8586cb |
adcli_entry_unref (entry);
|
|
Packit |
8586cb |
|
|
Packit |
8586cb |
return 0;
|
|
Packit |
8586cb |
}
|
|
Packit |
8586cb |
|
|
Packit |
8586cb |
int
|
|
Packit |
8586cb |
adcli_tool_group_create (adcli_conn *conn,
|
|
Packit |
8586cb |
int argc,
|
|
Packit |
8586cb |
char *argv[])
|
|
Packit |
8586cb |
{
|
|
Packit |
8586cb |
adcli_entry *entry;
|
|
Packit |
8586cb |
adcli_result res;
|
|
Packit |
8586cb |
adcli_attrs *attrs;
|
|
Packit |
8586cb |
const char *ou = NULL;
|
|
Packit |
8586cb |
int opt;
|
|
Packit |
8586cb |
|
|
Packit |
8586cb |
struct option options[] = {
|
|
Packit |
8586cb |
{ "description", required_argument, NULL, opt_description },
|
|
Packit |
8586cb |
{ "domain", required_argument, NULL, opt_domain },
|
|
Packit |
8586cb |
{ "domain-realm", required_argument, NULL, opt_domain_realm },
|
|
Packit |
8586cb |
{ "domain-controller", required_argument, NULL, opt_domain_controller },
|
|
Packit |
8586cb |
{ "domain-ou", required_argument, NULL, opt_domain_ou },
|
|
Packit |
8586cb |
{ "login-user", required_argument, NULL, opt_login_user },
|
|
Packit |
8586cb |
{ "login-ccache", optional_argument, NULL, opt_login_ccache },
|
|
Packit |
8586cb |
{ "no-password", no_argument, 0, opt_no_password },
|
|
Packit |
8586cb |
{ "stdin-password", no_argument, 0, opt_stdin_password },
|
|
Packit |
8586cb |
{ "prompt-password", no_argument, 0, opt_prompt_password },
|
|
Packit |
8586cb |
{ "verbose", no_argument, NULL, opt_verbose },
|
|
Packit |
8586cb |
{ "help", no_argument, NULL, 'h' },
|
|
Packit |
8586cb |
{ 0 },
|
|
Packit |
8586cb |
};
|
|
Packit |
8586cb |
|
|
Packit |
8586cb |
static adcli_tool_desc usages[] = {
|
|
Packit |
8586cb |
{ 0, "usage: adcli create-group --domain=xxxx group" },
|
|
Packit |
8586cb |
{ 0 },
|
|
Packit |
8586cb |
};
|
|
Packit |
8586cb |
|
|
Packit |
8586cb |
attrs = adcli_attrs_new ();
|
|
Packit |
8586cb |
|
|
Packit |
8586cb |
while ((opt = adcli_tool_getopt (argc, argv, options)) != -1) {
|
|
Packit |
8586cb |
switch (opt) {
|
|
Packit |
8586cb |
case opt_description:
|
|
Packit |
8586cb |
adcli_attrs_add (attrs, "description", optarg, NULL);
|
|
Packit |
8586cb |
break;
|
|
Packit |
8586cb |
case opt_domain_ou:
|
|
Packit |
8586cb |
ou = optarg;
|
|
Packit |
8586cb |
break;
|
|
Packit |
8586cb |
case 'h':
|
|
Packit |
8586cb |
case '?':
|
|
Packit |
8586cb |
case ':':
|
|
Packit |
8586cb |
adcli_tool_usage (options, usages);
|
|
Packit |
8586cb |
adcli_tool_usage (options, common_usages);
|
|
Packit |
8586cb |
adcli_attrs_free (attrs);
|
|
Packit |
8586cb |
return opt == 'h' ? 0 : 2;
|
|
Packit |
8586cb |
default:
|
|
Packit |
911ae2 |
res = parse_option ((Option)opt, optarg, conn);
|
|
Packit |
911ae2 |
if (res != ADCLI_SUCCESS) {
|
|
Packit |
911ae2 |
adcli_attrs_free (attrs);
|
|
Packit |
911ae2 |
return res;
|
|
Packit |
911ae2 |
}
|
|
Packit |
8586cb |
break;
|
|
Packit |
8586cb |
}
|
|
Packit |
8586cb |
}
|
|
Packit |
8586cb |
|
|
Packit |
8586cb |
argc -= optind;
|
|
Packit |
8586cb |
argv += optind;
|
|
Packit |
8586cb |
|
|
Packit |
e5fed2 |
if (argc != 1) {
|
|
Packit |
e5fed2 |
warnx ("specify one group to create");
|
|
Packit |
e5fed2 |
adcli_attrs_free (attrs);
|
|
Packit |
e5fed2 |
return 2;
|
|
Packit |
e5fed2 |
}
|
|
Packit |
8586cb |
|
|
Packit |
8586cb |
entry = adcli_entry_new_group (conn, argv[0]);
|
|
Packit |
e5fed2 |
if (entry == NULL) {
|
|
Packit |
e5fed2 |
warnx ("unexpected memory problems");
|
|
Packit |
e5fed2 |
adcli_attrs_free (attrs);
|
|
Packit |
e5fed2 |
return -1;
|
|
Packit |
e5fed2 |
}
|
|
Packit |
8586cb |
adcli_entry_set_domain_ou (entry, ou);
|
|
Packit |
8586cb |
|
|
Packit |
8586cb |
adcli_conn_set_allowed_login_types (conn, ADCLI_LOGIN_USER_ACCOUNT);
|
|
Packit |
8586cb |
|
|
Packit |
8586cb |
res = adcli_conn_connect (conn);
|
|
Packit |
8586cb |
if (res != ADCLI_SUCCESS) {
|
|
Packit |
e5fed2 |
warnx ("couldn't connect to domain %s: %s",
|
|
Packit |
e5fed2 |
adcli_conn_get_domain_name (conn),
|
|
Packit |
e5fed2 |
adcli_get_last_error ());
|
|
Packit |
e5fed2 |
adcli_entry_unref (entry);
|
|
Packit |
e5fed2 |
adcli_attrs_free (attrs);
|
|
Packit |
e5fed2 |
return -res;
|
|
Packit |
8586cb |
}
|
|
Packit |
8586cb |
|
|
Packit |
8586cb |
res = adcli_entry_create (entry, attrs);
|
|
Packit |
8586cb |
if (res != ADCLI_SUCCESS) {
|
|
Packit |
e5fed2 |
warnx ("creating group %s in domain %s failed: %s",
|
|
Packit |
e5fed2 |
adcli_entry_get_sam_name (entry),
|
|
Packit |
e5fed2 |
adcli_conn_get_domain_name (conn),
|
|
Packit |
e5fed2 |
adcli_get_last_error ());
|
|
Packit |
e5fed2 |
adcli_entry_unref (entry);
|
|
Packit |
e5fed2 |
adcli_attrs_free (attrs);
|
|
Packit |
e5fed2 |
return -res;
|
|
Packit |
8586cb |
}
|
|
Packit |
8586cb |
|
|
Packit |
8586cb |
adcli_entry_unref (entry);
|
|
Packit |
8586cb |
adcli_attrs_free (attrs);
|
|
Packit |
8586cb |
|
|
Packit |
8586cb |
return 0;
|
|
Packit |
8586cb |
}
|
|
Packit |
8586cb |
|
|
Packit |
8586cb |
int
|
|
Packit |
8586cb |
adcli_tool_group_delete (adcli_conn *conn,
|
|
Packit |
8586cb |
int argc,
|
|
Packit |
8586cb |
char *argv[])
|
|
Packit |
8586cb |
{
|
|
Packit |
8586cb |
adcli_result res;
|
|
Packit |
8586cb |
adcli_entry *entry;
|
|
Packit |
8586cb |
int opt;
|
|
Packit |
8586cb |
|
|
Packit |
8586cb |
struct option options[] = {
|
|
Packit |
8586cb |
{ "domain", required_argument, NULL, opt_domain },
|
|
Packit |
8586cb |
{ "domain-realm", required_argument, NULL, opt_domain_realm },
|
|
Packit |
8586cb |
{ "domain-controller", required_argument, NULL, opt_domain_controller },
|
|
Packit |
8586cb |
{ "login-user", required_argument, NULL, opt_login_user },
|
|
Packit |
8586cb |
{ "login-ccache", optional_argument, NULL, opt_login_ccache },
|
|
Packit |
8586cb |
{ "no-password", no_argument, 0, opt_no_password },
|
|
Packit |
8586cb |
{ "stdin-password", no_argument, 0, opt_stdin_password },
|
|
Packit |
8586cb |
{ "prompt-password", no_argument, 0, opt_prompt_password },
|
|
Packit |
8586cb |
{ "verbose", no_argument, NULL, opt_verbose },
|
|
Packit |
8586cb |
{ "help", no_argument, NULL, 'h' },
|
|
Packit |
8586cb |
{ 0 },
|
|
Packit |
8586cb |
};
|
|
Packit |
8586cb |
|
|
Packit |
8586cb |
static adcli_tool_desc usages[] = {
|
|
Packit |
8586cb |
{ 0, "usage: adcli delete-group --domain=xxxx group" },
|
|
Packit |
8586cb |
{ 0 },
|
|
Packit |
8586cb |
};
|
|
Packit |
8586cb |
|
|
Packit |
8586cb |
while ((opt = adcli_tool_getopt (argc, argv, options)) != -1) {
|
|
Packit |
8586cb |
switch (opt) {
|
|
Packit |
8586cb |
case 'h':
|
|
Packit |
8586cb |
case '?':
|
|
Packit |
8586cb |
case ':':
|
|
Packit |
8586cb |
adcli_tool_usage (options, usages);
|
|
Packit |
8586cb |
adcli_tool_usage (options, common_usages);
|
|
Packit |
8586cb |
return opt == 'h' ? 0 : 2;
|
|
Packit |
8586cb |
default:
|
|
Packit |
911ae2 |
res = parse_option ((Option)opt, optarg, conn);
|
|
Packit |
911ae2 |
if (res != ADCLI_SUCCESS) {
|
|
Packit |
911ae2 |
return res;
|
|
Packit |
911ae2 |
}
|
|
Packit |
8586cb |
break;
|
|
Packit |
8586cb |
}
|
|
Packit |
8586cb |
}
|
|
Packit |
8586cb |
|
|
Packit |
8586cb |
argc -= optind;
|
|
Packit |
8586cb |
argv += optind;
|
|
Packit |
8586cb |
|
|
Packit |
e5fed2 |
if (argc != 1) {
|
|
Packit |
e5fed2 |
warnx ("specify one group name to delete");
|
|
Packit |
e5fed2 |
return 2;
|
|
Packit |
e5fed2 |
}
|
|
Packit |
8586cb |
|
|
Packit |
8586cb |
entry = adcli_entry_new_group (conn, argv[0]);
|
|
Packit |
e5fed2 |
if (entry == NULL) {
|
|
Packit |
e5fed2 |
warnx ("unexpected memory problems");
|
|
Packit |
e5fed2 |
return -1;
|
|
Packit |
e5fed2 |
}
|
|
Packit |
8586cb |
|
|
Packit |
8586cb |
adcli_conn_set_allowed_login_types (conn, ADCLI_LOGIN_USER_ACCOUNT);
|
|
Packit |
8586cb |
|
|
Packit |
8586cb |
res = adcli_conn_connect (conn);
|
|
Packit |
8586cb |
if (res != ADCLI_SUCCESS) {
|
|
Packit |
e5fed2 |
warnx ("couldn't connect to %s domain: %s",
|
|
Packit |
e5fed2 |
adcli_conn_get_domain_name (conn),
|
|
Packit |
e5fed2 |
adcli_get_last_error ());
|
|
Packit |
e5fed2 |
adcli_entry_unref (entry);
|
|
Packit |
e5fed2 |
return -res;
|
|
Packit |
8586cb |
}
|
|
Packit |
8586cb |
|
|
Packit |
8586cb |
res = adcli_entry_delete (entry);
|
|
Packit |
8586cb |
if (res != ADCLI_SUCCESS) {
|
|
Packit |
e5fed2 |
warnx ("deleting group %s in domain %s failed: %s",
|
|
Packit |
e5fed2 |
adcli_entry_get_sam_name (entry),
|
|
Packit |
e5fed2 |
adcli_conn_get_domain_name (conn),
|
|
Packit |
e5fed2 |
adcli_get_last_error ());
|
|
Packit |
e5fed2 |
adcli_entry_unref (entry);
|
|
Packit |
e5fed2 |
return -res;
|
|
Packit |
8586cb |
}
|
|
Packit |
8586cb |
|
|
Packit |
8586cb |
adcli_entry_unref (entry);
|
|
Packit |
8586cb |
|
|
Packit |
8586cb |
return 0;
|
|
Packit |
8586cb |
}
|
|
Packit |
8586cb |
|
|
Packit |
e5fed2 |
static int
|
|
Packit |
8586cb |
expand_user_dn_as_member (adcli_conn *conn,
|
|
Packit |
8586cb |
adcli_attrs *attrs,
|
|
Packit |
8586cb |
const char *user,
|
|
Packit |
8586cb |
int adding)
|
|
Packit |
8586cb |
{
|
|
Packit |
8586cb |
adcli_entry *entry;
|
|
Packit |
8586cb |
adcli_result res;
|
|
Packit |
8586cb |
const char *dn;
|
|
Packit |
8586cb |
|
|
Packit |
8586cb |
entry = adcli_entry_new_user (conn, user);
|
|
Packit |
8586cb |
|
|
Packit |
8586cb |
res = adcli_entry_load (entry);
|
|
Packit |
8586cb |
if (res != ADCLI_SUCCESS) {
|
|
Packit |
e5fed2 |
warnx ("couldn't lookup user %s in domain %s: %s",
|
|
Packit |
e5fed2 |
user, adcli_conn_get_domain_name (conn),
|
|
Packit |
e5fed2 |
adcli_get_last_error ());
|
|
Packit |
e5fed2 |
adcli_entry_unref (entry);
|
|
Packit |
e5fed2 |
return -res;
|
|
Packit |
8586cb |
}
|
|
Packit |
8586cb |
|
|
Packit |
8586cb |
dn = adcli_entry_get_dn (entry);
|
|
Packit |
8586cb |
if (dn == NULL) {
|
|
Packit |
e5fed2 |
warnx ("couldn't found user %s in domain %s",
|
|
Packit |
e5fed2 |
user, adcli_conn_get_domain_name (conn));
|
|
Packit |
e5fed2 |
adcli_entry_unref (entry);
|
|
Packit |
e5fed2 |
return -ADCLI_ERR_CONFIG;
|
|
Packit |
8586cb |
}
|
|
Packit |
8586cb |
|
|
Packit |
8586cb |
if (adding)
|
|
Packit |
8586cb |
adcli_attrs_add1 (attrs, "member", dn);
|
|
Packit |
8586cb |
else
|
|
Packit |
8586cb |
adcli_attrs_delete1 (attrs, "member", dn);
|
|
Packit |
8586cb |
|
|
Packit |
8586cb |
adcli_entry_unref (entry);
|
|
Packit |
e5fed2 |
|
|
Packit |
e5fed2 |
return ADCLI_SUCCESS;
|
|
Packit |
8586cb |
}
|
|
Packit |
8586cb |
|
|
Packit |
8586cb |
int
|
|
Packit |
8586cb |
adcli_tool_member_add (adcli_conn *conn,
|
|
Packit |
8586cb |
int argc,
|
|
Packit |
8586cb |
char *argv[])
|
|
Packit |
8586cb |
{
|
|
Packit |
8586cb |
adcli_result res;
|
|
Packit |
8586cb |
adcli_entry *entry;
|
|
Packit |
8586cb |
adcli_attrs *attrs;
|
|
Packit |
8586cb |
int opt;
|
|
Packit |
8586cb |
int i;
|
|
Packit |
8586cb |
|
|
Packit |
8586cb |
struct option options[] = {
|
|
Packit |
8586cb |
{ "domain", required_argument, NULL, opt_domain },
|
|
Packit |
8586cb |
{ "domain-realm", required_argument, NULL, opt_domain_realm },
|
|
Packit |
8586cb |
{ "domain-controller", required_argument, NULL, opt_domain_controller },
|
|
Packit |
8586cb |
{ "login-user", required_argument, NULL, opt_login_user },
|
|
Packit |
8586cb |
{ "login-ccache", optional_argument, NULL, opt_login_ccache },
|
|
Packit |
8586cb |
{ "no-password", no_argument, 0, opt_no_password },
|
|
Packit |
8586cb |
{ "stdin-password", no_argument, 0, opt_stdin_password },
|
|
Packit |
8586cb |
{ "prompt-password", no_argument, 0, opt_prompt_password },
|
|
Packit |
8586cb |
{ "verbose", no_argument, NULL, opt_verbose },
|
|
Packit |
8586cb |
{ "help", no_argument, NULL, 'h' },
|
|
Packit |
8586cb |
{ 0 },
|
|
Packit |
8586cb |
};
|
|
Packit |
8586cb |
|
|
Packit |
8586cb |
static adcli_tool_desc usages[] = {
|
|
Packit |
8586cb |
{ 0, "usage: adcli add-member --domain=xxxx group user ..." },
|
|
Packit |
8586cb |
{ 0 },
|
|
Packit |
8586cb |
};
|
|
Packit |
8586cb |
|
|
Packit |
8586cb |
while ((opt = adcli_tool_getopt (argc, argv, options)) != -1) {
|
|
Packit |
8586cb |
switch (opt) {
|
|
Packit |
8586cb |
case 'h':
|
|
Packit |
8586cb |
case '?':
|
|
Packit |
8586cb |
case ':':
|
|
Packit |
8586cb |
adcli_tool_usage (options, usages);
|
|
Packit |
8586cb |
adcli_tool_usage (options, common_usages);
|
|
Packit |
8586cb |
return opt == 'h' ? 0 : 2;
|
|
Packit |
8586cb |
default:
|
|
Packit |
911ae2 |
res = parse_option ((Option)opt, optarg, conn);
|
|
Packit |
911ae2 |
if (res != ADCLI_SUCCESS) {
|
|
Packit |
911ae2 |
return res;
|
|
Packit |
911ae2 |
}
|
|
Packit |
8586cb |
break;
|
|
Packit |
8586cb |
}
|
|
Packit |
8586cb |
}
|
|
Packit |
8586cb |
|
|
Packit |
8586cb |
argc -= optind;
|
|
Packit |
8586cb |
argv += optind;
|
|
Packit |
8586cb |
|
|
Packit |
e5fed2 |
if (argc < 2) {
|
|
Packit |
e5fed2 |
warnx ("specify a group name and a user to add");
|
|
Packit |
e5fed2 |
return 2;
|
|
Packit |
e5fed2 |
}
|
|
Packit |
8586cb |
|
|
Packit |
8586cb |
entry = adcli_entry_new_group (conn, argv[0]);
|
|
Packit |
e5fed2 |
if (entry == NULL) {
|
|
Packit |
e5fed2 |
warnx ("unexpected memory problems");
|
|
Packit |
e5fed2 |
return -1;
|
|
Packit |
e5fed2 |
}
|
|
Packit |
8586cb |
|
|
Packit |
8586cb |
adcli_conn_set_allowed_login_types (conn, ADCLI_LOGIN_USER_ACCOUNT);
|
|
Packit |
8586cb |
|
|
Packit |
8586cb |
res = adcli_conn_connect (conn);
|
|
Packit |
8586cb |
if (res != ADCLI_SUCCESS) {
|
|
Packit |
e5fed2 |
warnx ("couldn't connect to %s domain: %s",
|
|
Packit |
e5fed2 |
adcli_conn_get_domain_name (conn),
|
|
Packit |
e5fed2 |
adcli_get_last_error ());
|
|
Packit |
e5fed2 |
adcli_entry_unref (entry);
|
|
Packit |
e5fed2 |
return -res;
|
|
Packit |
8586cb |
}
|
|
Packit |
8586cb |
|
|
Packit |
8586cb |
attrs = adcli_attrs_new ();
|
|
Packit |
8586cb |
|
|
Packit |
e5fed2 |
for (i = 1; i < argc; i++) {
|
|
Packit |
e5fed2 |
res = expand_user_dn_as_member (conn, attrs, argv[i], 1);
|
|
Packit |
e5fed2 |
if (res != ADCLI_SUCCESS) {
|
|
Packit |
e5fed2 |
adcli_attrs_free (attrs);
|
|
Packit |
e5fed2 |
adcli_entry_unref (entry);
|
|
Packit |
e5fed2 |
return res;
|
|
Packit |
e5fed2 |
}
|
|
Packit |
e5fed2 |
}
|
|
Packit |
8586cb |
|
|
Packit |
8586cb |
res = adcli_entry_modify (entry, attrs);
|
|
Packit |
8586cb |
if (res != ADCLI_SUCCESS) {
|
|
Packit |
e5fed2 |
warnx ("adding member(s) to group %s in domain %s failed: %s",
|
|
Packit |
e5fed2 |
adcli_entry_get_sam_name (entry),
|
|
Packit |
e5fed2 |
adcli_conn_get_domain_name (conn),
|
|
Packit |
e5fed2 |
adcli_get_last_error ());
|
|
Packit |
e5fed2 |
adcli_attrs_free (attrs);
|
|
Packit |
e5fed2 |
adcli_entry_unref (entry);
|
|
Packit |
e5fed2 |
return -res;
|
|
Packit |
8586cb |
}
|
|
Packit |
8586cb |
|
|
Packit |
8586cb |
adcli_attrs_free (attrs);
|
|
Packit |
8586cb |
adcli_entry_unref (entry);
|
|
Packit |
8586cb |
|
|
Packit |
8586cb |
return 0;
|
|
Packit |
8586cb |
}
|
|
Packit |
8586cb |
|
|
Packit |
8586cb |
int
|
|
Packit |
8586cb |
adcli_tool_member_remove (adcli_conn *conn,
|
|
Packit |
8586cb |
int argc,
|
|
Packit |
8586cb |
char *argv[])
|
|
Packit |
8586cb |
{
|
|
Packit |
8586cb |
adcli_result res;
|
|
Packit |
8586cb |
adcli_entry *entry;
|
|
Packit |
8586cb |
adcli_attrs *attrs;
|
|
Packit |
8586cb |
int opt;
|
|
Packit |
8586cb |
int i;
|
|
Packit |
8586cb |
|
|
Packit |
8586cb |
struct option options[] = {
|
|
Packit |
8586cb |
{ "domain", required_argument, NULL, opt_domain },
|
|
Packit |
8586cb |
{ "domain-realm", required_argument, NULL, opt_domain_realm },
|
|
Packit |
8586cb |
{ "domain-controller", required_argument, NULL, opt_domain_controller },
|
|
Packit |
8586cb |
{ "login-user", required_argument, NULL, opt_login_user },
|
|
Packit |
8586cb |
{ "login-ccache", optional_argument, NULL, opt_login_ccache },
|
|
Packit |
8586cb |
{ "no-password", no_argument, 0, opt_no_password },
|
|
Packit |
8586cb |
{ "stdin-password", no_argument, 0, opt_stdin_password },
|
|
Packit |
8586cb |
{ "prompt-password", no_argument, 0, opt_prompt_password },
|
|
Packit |
8586cb |
{ "verbose", no_argument, NULL, opt_verbose },
|
|
Packit |
8586cb |
{ "help", no_argument, NULL, 'h' },
|
|
Packit |
8586cb |
{ 0 },
|
|
Packit |
8586cb |
};
|
|
Packit |
8586cb |
|
|
Packit |
8586cb |
static adcli_tool_desc usages[] = {
|
|
Packit |
8586cb |
{ 0, "usage: adcli remove-member --domain=xxxx group user ..." },
|
|
Packit |
8586cb |
{ 0 },
|
|
Packit |
8586cb |
};
|
|
Packit |
8586cb |
|
|
Packit |
8586cb |
while ((opt = adcli_tool_getopt (argc, argv, options)) != -1) {
|
|
Packit |
8586cb |
switch (opt) {
|
|
Packit |
8586cb |
case 'h':
|
|
Packit |
8586cb |
case '?':
|
|
Packit |
8586cb |
case ':':
|
|
Packit |
8586cb |
adcli_tool_usage (options, usages);
|
|
Packit |
8586cb |
adcli_tool_usage (options, common_usages);
|
|
Packit |
8586cb |
return opt == 'h' ? 0 : 2;
|
|
Packit |
8586cb |
default:
|
|
Packit |
911ae2 |
res = parse_option ((Option)opt, optarg, conn);
|
|
Packit |
911ae2 |
if (res != ADCLI_SUCCESS) {
|
|
Packit |
911ae2 |
return res;
|
|
Packit |
911ae2 |
}
|
|
Packit |
8586cb |
break;
|
|
Packit |
8586cb |
}
|
|
Packit |
8586cb |
}
|
|
Packit |
8586cb |
|
|
Packit |
8586cb |
argc -= optind;
|
|
Packit |
8586cb |
argv += optind;
|
|
Packit |
8586cb |
|
|
Packit |
e5fed2 |
if (argc < 2) {
|
|
Packit |
e5fed2 |
warnx ("specify a group name and a user to remove");
|
|
Packit |
e5fed2 |
return 2;
|
|
Packit |
e5fed2 |
}
|
|
Packit |
8586cb |
|
|
Packit |
8586cb |
entry = adcli_entry_new_group (conn, argv[0]);
|
|
Packit |
e5fed2 |
if (entry == NULL) {
|
|
Packit |
e5fed2 |
warnx ("unexpected memory problems");
|
|
Packit |
e5fed2 |
return -1;
|
|
Packit |
e5fed2 |
}
|
|
Packit |
8586cb |
|
|
Packit |
8586cb |
adcli_conn_set_allowed_login_types (conn, ADCLI_LOGIN_USER_ACCOUNT);
|
|
Packit |
8586cb |
|
|
Packit |
8586cb |
res = adcli_conn_connect (conn);
|
|
Packit |
8586cb |
if (res != ADCLI_SUCCESS) {
|
|
Packit |
e5fed2 |
warnx ("couldn't connect to %s domain: %s",
|
|
Packit |
e5fed2 |
adcli_conn_get_domain_name (conn),
|
|
Packit |
e5fed2 |
adcli_get_last_error ());
|
|
Packit |
e5fed2 |
adcli_entry_unref (entry);
|
|
Packit |
e5fed2 |
return -res;
|
|
Packit |
8586cb |
}
|
|
Packit |
8586cb |
|
|
Packit |
8586cb |
attrs = adcli_attrs_new ();
|
|
Packit |
8586cb |
|
|
Packit |
e5fed2 |
for (i = 1; i < argc; i++) {
|
|
Packit |
e5fed2 |
res = expand_user_dn_as_member (conn, attrs, argv[i], 0);
|
|
Packit |
e5fed2 |
if (res != ADCLI_SUCCESS) {
|
|
Packit |
e5fed2 |
adcli_attrs_free (attrs);
|
|
Packit |
e5fed2 |
adcli_entry_unref (entry);
|
|
Packit |
e5fed2 |
return res;
|
|
Packit |
e5fed2 |
}
|
|
Packit |
e5fed2 |
}
|
|
Packit |
8586cb |
|
|
Packit |
8586cb |
res = adcli_entry_modify (entry, attrs);
|
|
Packit |
8586cb |
if (res != ADCLI_SUCCESS) {
|
|
Packit |
e5fed2 |
warnx ("adding member(s) to group %s in domain %s failed: %s",
|
|
Packit |
e5fed2 |
adcli_entry_get_sam_name (entry),
|
|
Packit |
e5fed2 |
adcli_conn_get_domain_name (conn),
|
|
Packit |
e5fed2 |
adcli_get_last_error ());
|
|
Packit |
e5fed2 |
adcli_attrs_free (attrs);
|
|
Packit |
e5fed2 |
adcli_entry_unref (entry);
|
|
Packit |
e5fed2 |
return -res;
|
|
Packit |
8586cb |
}
|
|
Packit |
8586cb |
|
|
Packit |
8586cb |
adcli_attrs_free (attrs);
|
|
Packit |
8586cb |
adcli_entry_unref (entry);
|
|
Packit |
8586cb |
|
|
Packit |
8586cb |
return 0;
|
|
Packit |
8586cb |
}
|