allow selection of the organisational unit when joining a realm

(This used to be commit f1231c2)
WKu5 · Dec 17, 2001 · 48c4548 · 48c4548
1 parent cf5a038
commit 48c4548
Show file tree

Hide file tree

Showing 2 changed files with 32 additions and 10 deletions.
diff --git a/source3/libads/ldap.c b/source3/libads/ldap.c
@@ -181,14 +181,14 @@ int ads_gen_add(ADS_STRUCT *ads, const char *new_dn, ...)
 /*
   add a machine account to the ADS server
 */
-static int ads_add_machine_acct(ADS_STRUCT *ads, const char *hostname)
+static int ads_add_machine_acct(ADS_STRUCT *ads, const char *hostname, const char *org_unit)
 {
 	int ret;
 	char *host_spn, *host_upn, *new_dn, *samAccountName, *controlstr;
 
 	asprintf(&host_spn, "HOST/%s", hostname);
 	asprintf(&host_upn, "%s@%s", host_spn, ads->realm);
-	asprintf(&new_dn, "cn=%s,cn=Computers,%s", hostname, ads->bind_path);
+	asprintf(&new_dn, "cn=%s,cn=%s,%s", hostname, org_unit, ads->bind_path);
 	asprintf(&samAccountName, "%s$", hostname);
 	asprintf(&controlstr, "%u", 
 		UF_DONT_EXPIRE_PASSWD | UF_WORKSTATION_TRUST_ACCOUNT | 
@@ -300,7 +300,7 @@ int ads_count_replies(ADS_STRUCT *ads, void *res)
   join a machine to a realm, creating the machine account
   and setting the machine password
 */
-int ads_join_realm(ADS_STRUCT *ads, const char *hostname)
+int ads_join_realm(ADS_STRUCT *ads, const char *hostname, const char *org_unit)
 {
 	int rc;
 	LDAPMessage *res;
@@ -316,7 +316,7 @@ int ads_join_realm(ADS_STRUCT *ads, const char *hostname)
 		return LDAP_SUCCESS;
 	}
 
-	rc = ads_add_machine_acct(ads, host);
+	rc = ads_add_machine_acct(ads, host, org_unit);
 	if (rc != LDAP_SUCCESS) {
 		DEBUG(0, ("ads_add_machine_acct: %s\n", ads_errstr(rc)));
 		return rc;

diff --git a/source3/utils/net_ads.c b/source3/utils/net_ads.c
@@ -26,7 +26,7 @@
 int net_ads_usage(int argc, const char **argv)
 {
 	d_printf(
-"\nnet ads join"\
+"\nnet ads join <org_unit>"\
 "\n\tjoins the local machine to a ADS realm\n"\
 "\nnet ads leave"\
 "\n\tremoves the local machine from a ADS realm\n"\
@@ -169,11 +169,13 @@ static int net_ads_status(int argc, const char **argv)
 
 static int net_ads_leave(int argc, const char **argv)
 {
-	ADS_STRUCT *ads;
+	ADS_STRUCT *ads = NULL;
 	int rc;
 	extern pstring global_myname;
 
-	if (!(ads = ads_startup())) return -1;
+	if (!(ads = ads_startup())) {
+		return -1;
+	}
 
 	if (!secrets_init()) {
 		DEBUG(1,("Failed to initialise secrets database\n"));
@@ -200,19 +202,39 @@ static int net_ads_join(int argc, const char **argv)
 	char *tmp_password;
 	extern pstring global_myname;
 	NTSTATUS status;
+	const char *org_unit = "Computers";
+	char *dn;
+	void *res;
+
+	if (argc > 0) org_unit = argv[0];
 
 	if (!secrets_init()) {
 		DEBUG(1,("Failed to initialise secrets database\n"));
 		return -1;
 	}
-
-
+
 	tmp_password = generate_random_str(DEFAULT_TRUST_ACCOUNT_PASSWORD_LENGTH);
 	password = strdup(tmp_password);
 
 	if (!(ads = ads_startup())) return -1;
 
-	rc = ads_join_realm(ads, global_myname);
+	asprintf(&dn, "cn=%s,%s", org_unit, ads->bind_path);
+
+	rc = ads_search_dn(ads, &res, dn, NULL);
+	free(dn);
+	ads_msgfree(ads, res);
+
+	if (rc == LDAP_NO_SUCH_OBJECT) {
+		d_printf("ads_join_realm: organisational unit %s does not exist\n", org_unit);
+		return rc;
+	}
+
+	if (rc) {
+		d_printf("ads_join_realm: %s\n", ads_errstr(rc));
+		return -1;
+	}	
+
+	rc = ads_join_realm(ads, global_myname, org_unit);
 	if (rc) {
 		d_printf("ads_join_realm: %s\n", ads_errstr(rc));
 		return -1;