Thanks to pointers from Andrew Bartlett, I redid my samsync sam_account_from_delta patch a little more sanely. Now it only marks as changed things which have actually changed. This patch is against current HEAD. The STRING_CHANGED macro and general style of the additions is copied from rpc_server/srv_samr_util.c
Cheers, Waider. Index: utils/net_rpc_samsync.c =================================================================== RCS file: /cvsroot/samba/source/utils/net_rpc_samsync.c,v retrieving revision 1.18 diff -u -r1.18 net_rpc_samsync.c --- utils/net_rpc_samsync.c 22 Feb 2003 12:14:08 -0000 1.18 +++ utils/net_rpc_samsync.c 21 Mar 2003 14:47:52 -0000 @@ -197,65 +197,137 @@ } /* Convert a SAM_ACCOUNT_DELTA to a SAM_ACCOUNT. */ +#define STRING_CHANGED (old_string && !new_string) ||\ + (!old_string && new_string) ||\ + (old_string && new_string && (strcmp(old_string, new_string) != 0)) static NTSTATUS sam_account_from_delta(SAM_ACCOUNT *account, SAM_ACCOUNT_INFO *delta) { - fstring s; + const char *old_string, *new_string; + time_t unix_time, stored_time; uchar lm_passwd[16], nt_passwd[16]; static uchar zero_buf[16]; /* Username, fullname, home dir, dir drive, logon script, acct desc, workstations, profile. */ - unistr2_to_ascii(s, &delta->uni_acct_name, sizeof(s) - 1); - pdb_set_nt_username(account, s, PDB_CHANGED); - - /* Unix username is the same - for sainity */ - pdb_set_username(account, s, PDB_CHANGED); - - unistr2_to_ascii(s, &delta->uni_full_name, sizeof(s) - 1); - pdb_set_fullname(account, s, PDB_CHANGED); - - unistr2_to_ascii(s, &delta->uni_home_dir, sizeof(s) - 1); - pdb_set_homedir(account, s, PDB_CHANGED); - - unistr2_to_ascii(s, &delta->uni_dir_drive, sizeof(s) - 1); - pdb_set_dir_drive(account, s, PDB_CHANGED); - - unistr2_to_ascii(s, &delta->uni_logon_script, sizeof(s) - 1); - pdb_set_logon_script(account, s, PDB_CHANGED); - - unistr2_to_ascii(s, &delta->uni_acct_desc, sizeof(s) - 1); - pdb_set_acct_desc(account, s, PDB_CHANGED); - - unistr2_to_ascii(s, &delta->uni_workstations, sizeof(s) - 1); - pdb_set_workstations(account, s, PDB_CHANGED); - - unistr2_to_ascii(s, &delta->uni_profile, sizeof(s) - 1); - pdb_set_profile_path(account, s, PDB_CHANGED); + if (delta->hdr_acct_name.buffer) { + old_string = pdb_get_nt_username(account); + new_string = unistr2_static(&delta->uni_acct_name); + + if (STRING_CHANGED) { + pdb_set_nt_username(account, new_string, PDB_CHANGED); + + } + + /* Unix username is the same - for sanity */ + old_string = pdb_get_username( account ); + if (STRING_CHANGED) { + pdb_set_username(account, new_string, PDB_CHANGED); + } + } + + if (delta->hdr_full_name.buffer) { + old_string = pdb_get_fullname(account); + new_string = unistr2_static(&delta->uni_full_name); + + if (STRING_CHANGED) + pdb_set_fullname(account, new_string, PDB_CHANGED); + } + + if (delta->hdr_home_dir.buffer) { + old_string = pdb_get_homedir(account); + new_string = unistr2_static(&delta->uni_home_dir); + + if (STRING_CHANGED) + pdb_set_homedir(account, new_string, PDB_CHANGED); + } + + if (delta->hdr_dir_drive.buffer) { + old_string = pdb_get_dir_drive(account); + new_string = unistr2_static(&delta->uni_dir_drive); + + if (STRING_CHANGED) + pdb_set_dir_drive(account, new_string, PDB_CHANGED); + } + + if (delta->hdr_logon_script.buffer) { + old_string = pdb_get_logon_script(account); + new_string = unistr2_static(&delta->uni_logon_script); + + if (STRING_CHANGED) + pdb_set_logon_script(account, new_string, PDB_CHANGED); + } + + if (delta->hdr_acct_desc.buffer) { + old_string = pdb_get_acct_desc(account); + new_string = unistr2_static(&delta->uni_acct_desc); + + if (STRING_CHANGED) + pdb_set_acct_desc(account, new_string, PDB_CHANGED); + } + + if (delta->hdr_workstations.buffer) { + old_string = pdb_get_workstations(account); + new_string = unistr2_static(&delta->uni_workstations); + + if (STRING_CHANGED) + pdb_set_workstations(account, new_string, PDB_CHANGED); + } + + if (delta->hdr_profile.buffer) { + old_string = pdb_get_profile_path(account); + new_string = unistr2_static(&delta->uni_profile); + + if (STRING_CHANGED) + pdb_set_profile_path(account, new_string, PDB_CHANGED); + } /* User and group sid */ - - pdb_set_user_sid_from_rid(account, delta->user_rid, PDB_CHANGED); - pdb_set_group_sid_from_rid(account, delta->group_rid, PDB_CHANGED); + if (pdb_get_user_rid(account) != delta->user_rid) + pdb_set_user_sid_from_rid(account, delta->user_rid, PDB_CHANGED); + if (pdb_get_group_rid(account) != delta->group_rid) + pdb_set_group_sid_from_rid(account, delta->group_rid, PDB_CHANGED); /* Logon and password information */ + if (!nt_time_is_zero(&delta->logon_time)) { + unix_time = nt_time_to_unix(&delta->logon_time); + stored_time = pdb_get_logon_time(account); + if (stored_time != unix_time) + pdb_set_logon_time(account, unix_time, PDB_CHANGED); + } + + if (!nt_time_is_zero(&delta->logoff_time)) { + unix_time = nt_time_to_unix(&delta->logoff_time); + stored_time = pdb_get_logoff_time(account); + if (stored_time != unix_time) + pdb_set_logoff_time(account, unix_time,PDB_CHANGED); + } - pdb_set_logon_time(account, nt_time_to_unix(&delta->logon_time), PDB_CHANGED); - pdb_set_logoff_time(account, nt_time_to_unix(&delta->logoff_time), - PDB_CHANGED); - pdb_set_logon_divs(account, delta->logon_divs, PDB_CHANGED); + if (pdb_get_logon_divs(account) != delta->logon_divs) + pdb_set_logon_divs(account, delta->logon_divs, PDB_CHANGED); /* TODO: logon hours */ /* TODO: bad password count */ /* TODO: logon count */ - pdb_set_pass_last_set_time( - account, nt_time_to_unix(&delta->pwd_last_set_time), PDB_CHANGED); - - pdb_set_kickoff_time(account, get_time_t_max(), PDB_CHANGED); - + if (!nt_time_is_zero(&delta->pwd_last_set_time)) { + unix_time = nt_time_to_unix(&delta->pwd_last_set_time); + stored_time = pdb_get_pass_last_set_time(account); + if (stored_time != unix_time) + pdb_set_pass_last_set_time(account, unix_time, PDB_CHANGED); + } + +/* + No kickoff time in the delta? + if (!nt_time_is_zero(&delta->kickoff_time)) { + unix_time = nt_time_to_unix(&delta->kickoff_time); + stored_time = pdb_get_kickoff_time(account); + if (stored_time != unix_time) + pdb_set_kickoff_time(account, unix_time, PDB_CHANGED); + } +*/ /* Decode hashes from password hash Note that win2000 may send us all zeros for the hashes if it doesn't think this channel is secure enough - don't set the passwords at all @@ -273,7 +345,9 @@ /* TODO: account expiry time */ - pdb_set_acct_ctrl(account, delta->acb_info, PDB_CHANGED); + if (pdb_get_acct_ctrl(account) != delta->acb_info) + pdb_set_acct_ctrl(account, delta->acb_info, PDB_CHANGED); + return NT_STATUS_OK; } -- [EMAIL PROTECTED] / Yes, it /is/ very personal of me. "I can't seem to undo 2,500 years of western rational thinking just by reading a couple Gary Snyder poems." - [EMAIL PROTECTED]