Author: jra Date: 2006-09-13 13:28:42 +0000 (Wed, 13 Sep 2006) New Revision: 18467
WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=rev&root=samba&rev=18467 Log: Some sites allow an account to be deleted, but not disabled. Cope with both - print appropriate messages. Jeremy. Modified: branches/SAMBA_3_0/source/utils/net_ads.c Changeset: Modified: branches/SAMBA_3_0/source/utils/net_ads.c =================================================================== --- branches/SAMBA_3_0/source/utils/net_ads.c 2006-09-13 13:02:51 UTC (rev 18466) +++ branches/SAMBA_3_0/source/utils/net_ads.c 2006-09-13 13:28:42 UTC (rev 18467) @@ -755,10 +755,12 @@ That only worked using the machine creds because added the machine with full control to the computer object's ACL. *******************************************************************/ + static int net_ads_leave(int argc, const char **argv) { ADS_STRUCT *ads = NULL; ADS_STATUS adsret; + NTSTATUS status; int ret = -1; struct cli_state *cli = NULL; TALLOC_CTX *ctx; @@ -795,28 +797,29 @@ goto done; } - if ( !NT_STATUS_IS_OK(netdom_leave_domain( ctx, cli, dom_sid )) ) { - d_fprintf(stderr, "Failed to disable machine account for '%s' in realm '%s'\n", - global_myname(), ads->config.realm); - goto done; - } - - ret = 0; + status = netdom_leave_domain(ctx, cli, dom_sid); - /* Now we've disabled the account, try and delete it - via LDAP - the old way we used to. Don't log a failure - if this failed. */ + /* Ty and delete it via LDAP - the old way we used to. */ adsret = ads_leave_realm(ads, global_myname()); if (ADS_ERR_OK(adsret)) { d_printf("Deleted account for '%s' in realm '%s'\n", global_myname(), ads->config.realm); + ret = 0; } else { - d_printf("Disabled account for '%s' in realm '%s'\n", - global_myname(), ads->config.realm); + /* We couldn't delete it - see if the disable succeeded. */ + if (NT_STATUS_IS_OK(status)) { + d_printf("Disabled account for '%s' in realm '%s'\n", + global_myname(), ads->config.realm); + ret = 0; + } else { + d_fprintf(stderr, "Failed to disable machine account for '%s' in realm '%s'\n", + global_myname(), ads->config.realm); + } } done: + if ( cli ) cli_shutdown(cli);