1 |
diff -Nur -x '*.orig' -x '*.rej' e-smith-samba+ldap-1.15.1/root/etc/e-smith/events/actions/create-machine-account mezzanine_patched_e-smith-samba+ldap-1.15.1/root/etc/e-smith/events/actions/create-machine-account |
2 |
--- e-smith-samba+ldap-1.15.1/root/etc/e-smith/events/actions/create-machine-account 2005-04-19 16:19:17.000000000 +0200 |
3 |
+++ mezzanine_patched_e-smith-samba+ldap-1.15.1/root/etc/e-smith/events/actions/create-machine-account 2008-04-16 15:01:04.000000000 +0200 |
4 |
@@ -26,11 +26,17 @@ |
5 |
use esmith::ConfigDB; |
6 |
use esmith::AccountsDB; |
7 |
use esmith::util; |
8 |
+use esmith::ldap; |
9 |
+ |
10 |
|
11 |
my $a = esmith::AccountsDB->open || die "Couldn't open accounts db\n"; |
12 |
+my $conf = esmith::ConfigDB->open_ro || die "Couldn't open configuration db\n"; |
13 |
|
14 |
my $event = $ARGV [0]; |
15 |
my $machineName = $ARGV [1]; |
16 |
+my $domain = $conf->get('DomainName') |
17 |
+ || die("Couldn't determine domain name"); |
18 |
+ $domain = $domain->value; |
19 |
|
20 |
die "machine name $machineName is not a valid machine account name" |
21 |
unless ( $machineName =~ /\$$/ ); |
22 |
@@ -55,10 +61,14 @@ |
23 |
|
24 |
warn "create-machine-account $machineName: Creating Unix user and group\n"; |
25 |
|
26 |
+my $base = esmith::util::ldapBase ($domain); |
27 |
+ |
28 |
system( |
29 |
- "/usr/sbin/useradd", |
30 |
+ "/usr/sbin/cpu", "useradd", |
31 |
+ "-o", |
32 |
+ "--userbase=ou=Computers,$base", |
33 |
+ "-g nobody", |
34 |
"-c", "Hostname account for $machineName", |
35 |
- "-M", |
36 |
"-d", "/noexistingpath", |
37 |
"-s", "/bin/false", |
38 |
"$machineName" |
39 |
@@ -66,7 +76,7 @@ |
40 |
|
41 |
warn "create-machine-account $machineName: Locking account\n"; |
42 |
|
43 |
-system("/usr/bin/passwd", "-l", "$machineName") == 0 |
44 |
+system("/usr/sbin/cpu", "usermod", "-o", "-L", "$machineName") == 0 |
45 |
or warn("Could not lock password for $machineName\n"); |
46 |
|
47 |
# warn "create-machine-account $machineName: Creating smbpasswd account\n"; |
48 |
diff -Nur -x '*.orig' -x '*.rej' e-smith-samba+ldap-1.15.1/root/etc/e-smith/templates/etc/smb.conf/11ldapScript mezzanine_patched_e-smith-samba+ldap-1.15.1/root/etc/e-smith/templates/etc/smb.conf/11ldapScript |
49 |
--- e-smith-samba+ldap-1.15.1/root/etc/e-smith/templates/etc/smb.conf/11ldapScript 2008-04-16 15:01:07.000000000 +0200 |
50 |
+++ mezzanine_patched_e-smith-samba+ldap-1.15.1/root/etc/e-smith/templates/etc/smb.conf/11ldapScript 2008-04-16 14:58:47.000000000 +0200 |
51 |
@@ -4,3 +4,5 @@ |
52 |
ldap user suffix = ou=Users |
53 |
ldap machine suffix = ou=Computers |
54 |
ldap delete dn = yes |
55 |
+ldap passwd sync = yes |
56 |
+ |
57 |
diff -Nur -x '*.orig' -x '*.rej' e-smith-samba+ldap-1.15.1/root/etc/e-smith/templates/etc/smb.conf/11unixPasswordSync mezzanine_patched_e-smith-samba+ldap-1.15.1/root/etc/e-smith/templates/etc/smb.conf/11unixPasswordSync |
58 |
--- e-smith-samba+ldap-1.15.1/root/etc/e-smith/templates/etc/smb.conf/11unixPasswordSync 2007-12-15 16:53:08.000000000 +0100 |
59 |
+++ mezzanine_patched_e-smith-samba+ldap-1.15.1/root/etc/e-smith/templates/etc/smb.conf/11unixPasswordSync 2008-04-16 14:57:57.000000000 +0200 |
60 |
@@ -6,9 +6,9 @@ |
61 |
# the encrypted SMB passwords. They allow the Unix password |
62 |
# to be kept in sync with the SMB password. |
63 |
} |
64 |
-unix password sync = Yes |
65 |
-pam password change = Yes |
66 |
+unix password sync = no |
67 |
+pam password change = no |
68 |
|
69 |
-passwd program = /usr/bin/passwd %u |
70 |
+passwd program = /usr/sbin/cpu usermod -p %u |
71 |
passwd chat = *New*UNIX*password* %n\n *ReType*new*UNIX*password* %n\n *passwd:*all*authentication*tokens*updated*successfully* |
72 |
check password script = /sbin/e-smith/samba_check_password |