e-smith-samba%2Bldap/sme7/e-smith-samba%2Bldap-1.15.1-machine_accounts_and_pass_sync.patch

diff -Nur -x '*.orig' -x '*.rej' e-smith-samba+ldap-1.15.1/root/etc/e-smith/events/actions/create-machine-account mezzanine_patched_e-smith-samba+ldap-1.15.1/root/etc/e-smith/events/actions/create-machine-account
--- e-smith-samba+ldap-1.15.1/root/etc/e-smith/events/actions/create-machine-account    2005-04-19 16:19:17.000000000 +0200
+++ mezzanine_patched_e-smith-samba+ldap-1.15.1/root/etc/e-smith/events/actions/create-machine-account  2008-04-16 15:01:04.000000000 +0200
@@ -26,11 +26,17 @@
 use esmith::ConfigDB;
 use esmith::AccountsDB;
 use esmith::util;
+use esmith::ldap;
+
 
 my $a = esmith::AccountsDB->open || die "Couldn't open accounts db\n";
+my $conf = esmith::ConfigDB->open_ro || die "Couldn't open configuration db\n";
 
 my $event = $ARGV [0];
 my $machineName = $ARGV [1];
+my $domain = $conf->get('DomainName')
+    || die("Couldn't determine domain name");
+ $domain = $domain->value;
 
 die "machine name $machineName is not a valid machine account name"
        unless ( $machineName =~ /\$$/ );
@@ -55,10 +61,14 @@
 
 warn "create-machine-account $machineName: Creating Unix user and group\n";
 
+my $base = esmith::util::ldapBase ($domain);
+
 system(
-       "/usr/sbin/useradd",
+       "/usr/sbin/cpu", "useradd",
+       "-o",
+       "--userbase=ou=Computers,$base",
+       "-g nobody",
        "-c", "Hostname account for $machineName",
-       "-M",
        "-d", "/noexistingpath",
        "-s", "/bin/false",
        "$machineName"
@@ -66,7 +76,7 @@
 
 warn "create-machine-account $machineName: Locking account\n";
 
-system("/usr/bin/passwd", "-l", "$machineName") == 0
+system("/usr/sbin/cpu", "usermod", "-o", "-L", "$machineName") == 0
     or warn("Could not lock password for $machineName\n");
 
 # warn "create-machine-account $machineName: Creating smbpasswd account\n";
diff -Nur -x '*.orig' -x '*.rej' e-smith-samba+ldap-1.15.1/root/etc/e-smith/templates/etc/smb.conf/11ldapScript mezzanine_patched_e-smith-samba+ldap-1.15.1/root/etc/e-smith/templates/etc/smb.conf/11ldapScript
--- e-smith-samba+ldap-1.15.1/root/etc/e-smith/templates/etc/smb.conf/11ldapScript      2008-04-16 15:01:07.000000000 +0200
+++ mezzanine_patched_e-smith-samba+ldap-1.15.1/root/etc/e-smith/templates/etc/smb.conf/11ldapScript    2008-04-16 14:58:47.000000000 +0200
@@ -4,3 +4,5 @@
 ldap user suffix = ou=Users
 ldap machine suffix = ou=Computers
 ldap delete dn = yes
+ldap passwd sync = yes
+
diff -Nur -x '*.orig' -x '*.rej' e-smith-samba+ldap-1.15.1/root/etc/e-smith/templates/etc/smb.conf/11unixPasswordSync mezzanine_patched_e-smith-samba+ldap-1.15.1/root/etc/e-smith/templates/etc/smb.conf/11unixPasswordSync
--- e-smith-samba+ldap-1.15.1/root/etc/e-smith/templates/etc/smb.conf/11unixPasswordSync        2007-12-15 16:53:08.000000000 +0100
+++ mezzanine_patched_e-smith-samba+ldap-1.15.1/root/etc/e-smith/templates/etc/smb.conf/11unixPasswordSync      2008-04-16 14:57:57.000000000 +0200
@@ -6,9 +6,9 @@
 #        the encrypted SMB passwords. They allow the Unix password
 #        to be kept in sync with the SMB password.
 }
-unix password sync = Yes
-pam password change = Yes
+unix password sync = no
+pam password change = no
 
-passwd program = /usr/bin/passwd %u 
+passwd program = /usr/sbin/cpu usermod -p %u 
 passwd chat = *New*UNIX*password* %n\n *ReType*new*UNIX*password* %n\n *passwd:*all*authentication*tokens*updated*successfully*
 check password script = /sbin/e-smith/samba_check_password
1	slords	1.1	diff -Nur -x '.orig' -x '.rej' e-smith-samba+ldap-1.15.1/root/etc/e-smith/events/actions/create-machine-account mezzanine_patched_e-smith-samba+ldap-1.15.1/root/etc/e-smith/events/actions/create-machine-account
2			--- e-smith-samba+ldap-1.15.1/root/etc/e-smith/events/actions/create-machine-account 2005-04-19 16:19:17.000000000 +0200
3			+++ mezzanine_patched_e-smith-samba+ldap-1.15.1/root/etc/e-smith/events/actions/create-machine-account 2008-04-16 15:01:04.000000000 +0200
4			@@ -26,11 +26,17 @@
5			use esmith::ConfigDB;
6			use esmith::AccountsDB;
7			use esmith::util;
8			+use esmith::ldap;
9			+
10
11			my $a = esmith::AccountsDB->open \|\| die "Couldn't open accounts db\n";
12			+my $conf = esmith::ConfigDB->open_ro \|\| die "Couldn't open configuration db\n";
13
14			my $event = $ARGV [0];
15			my $machineName = $ARGV [1];
16			+my $domain = $conf->get('DomainName')
17			+ \|\| die("Couldn't determine domain name");
18			+ $domain = $domain->value;
19
20			die "machine name $machineName is not a valid machine account name"
21			unless ( $machineName =~ /\$$/ );
22			@@ -55,10 +61,14 @@
23
24			warn "create-machine-account $machineName: Creating Unix user and group\n";
25
26			+my $base = esmith::util::ldapBase ($domain);
27			+
28			system(
29			- "/usr/sbin/useradd",
30			+ "/usr/sbin/cpu", "useradd",
31			+ "-o",
32			+ "--userbase=ou=Computers,$base",
33			+ "-g nobody",
34			"-c", "Hostname account for $machineName",
35			- "-M",
36			"-d", "/noexistingpath",
37			"-s", "/bin/false",
38			"$machineName"
39			@@ -66,7 +76,7 @@
40
41			warn "create-machine-account $machineName: Locking account\n";
42
43			-system("/usr/bin/passwd", "-l", "$machineName") == 0
44			+system("/usr/sbin/cpu", "usermod", "-o", "-L", "$machineName") == 0
45			or warn("Could not lock password for $machineName\n");
46
47			# warn "create-machine-account $machineName: Creating smbpasswd account\n";
48			diff -Nur -x '.orig' -x '.rej' e-smith-samba+ldap-1.15.1/root/etc/e-smith/templates/etc/smb.conf/11ldapScript mezzanine_patched_e-smith-samba+ldap-1.15.1/root/etc/e-smith/templates/etc/smb.conf/11ldapScript
49			--- e-smith-samba+ldap-1.15.1/root/etc/e-smith/templates/etc/smb.conf/11ldapScript 2008-04-16 15:01:07.000000000 +0200
50			+++ mezzanine_patched_e-smith-samba+ldap-1.15.1/root/etc/e-smith/templates/etc/smb.conf/11ldapScript 2008-04-16 14:58:47.000000000 +0200
51			@@ -4,3 +4,5 @@
52			ldap user suffix = ou=Users
53			ldap machine suffix = ou=Computers
54			ldap delete dn = yes
55			+ldap passwd sync = yes
56			+
57			diff -Nur -x '.orig' -x '.rej' e-smith-samba+ldap-1.15.1/root/etc/e-smith/templates/etc/smb.conf/11unixPasswordSync mezzanine_patched_e-smith-samba+ldap-1.15.1/root/etc/e-smith/templates/etc/smb.conf/11unixPasswordSync
58			--- e-smith-samba+ldap-1.15.1/root/etc/e-smith/templates/etc/smb.conf/11unixPasswordSync 2007-12-15 16:53:08.000000000 +0100
59			+++ mezzanine_patched_e-smith-samba+ldap-1.15.1/root/etc/e-smith/templates/etc/smb.conf/11unixPasswordSync 2008-04-16 14:57:57.000000000 +0200
60			@@ -6,9 +6,9 @@
61			# the encrypted SMB passwords. They allow the Unix password
62			# to be kept in sync with the SMB password.
63			}
64			-unix password sync = Yes
65			-pam password change = Yes
66			+unix password sync = no
67			+pam password change = no
68
69			-passwd program = /usr/bin/passwd %u
70			+passwd program = /usr/sbin/cpu usermod -p %u
71			passwd chat = NewUNIXpassword %n\n ReTypenewUNIXpassword* %n\n passwd:allauthenticationtokensupdatedsuccessfully*
72			check password script = /sbin/e-smith/samba_check_password