r13350: Implement rpccli_samr_set_domain_info. Weird that it was not around :-)

Implement 'net rpc shell account' -- An editor for account policies

nt_time_to_unix_abs changed its argument which to me seems wrong, and I could
not find a caller that depends on this. So I changed it. Applied some more
const in time.c.

Volker
(This used to be commit fc73690a7000d5a3f0f5ad34461c1f3a87edeac5)

6 files changed, 484 insertions, 11 deletions

diff --git a/source3/Makefile.in b/source3/Makefile.in
index f02afc4eb9..b36b793b97 100644
--- a/source3/Makefile.in
+++ b/source3/Makefile.in
@@ -565,7 +565,7 @@ NET_OBJ1 = utils/net.o utils/net_ads.o utils/net_ads_cldap.o utils/net_help.o \
 	   utils/net_status.o utils/net_rpc_printer.o utils/net_rpc_rights.o \
 	   utils/net_rpc_service.o utils/net_rpc_registry.o utils/net_usershare.o \
 	   utils/netlookup.o utils/net_sam.o utils/net_rpc_shell.o \
-	   utils/net_util.o
+	   utils/net_util.o utils/net_rpc_sh_acct.o
 
 NET_OBJ = $(NET_OBJ1) $(PARAM_OBJ) $(SECRETS_OBJ) $(LIBSMB_OBJ) \
 	  $(RPC_PARSE_OBJ) $(PASSDB_OBJ) $(GROUPDB_OBJ) \
diff --git a/source3/lib/time.c b/source3/lib/time.c
index 989589121b..f87e53fef5 100644
--- a/source3/lib/time.c
+++ b/source3/lib/time.c
@@ -231,7 +231,7 @@ time_t nt_time_to_unix(NTTIME *nt)
  if the NTTIME was 5 seconds, the time_t is 5 seconds. JFM
 ****************************************************************************/
 
-time_t nt_time_to_unix_abs(NTTIME *nt)
+time_t nt_time_to_unix_abs(const NTTIME *nt)
 {
 	double d;
 	time_t ret;
@@ -239,6 +239,7 @@ time_t nt_time_to_unix_abs(NTTIME *nt)
 	   broken SCO compiler. JRA. */
 	time_t l_time_min = TIME_T_MIN;
 	time_t l_time_max = TIME_T_MAX;
+	NTTIME neg_nt;
 
 	if (nt->high == 0) {
 		return(0);
@@ -250,11 +251,11 @@ time_t nt_time_to_unix_abs(NTTIME *nt)
 
 	/* reverse the time */
 	/* it's a negative value, turn it to positive */
-	nt->high=~nt->high;
-	nt->low=~nt->low;
+	neg_nt.high=~nt->high;
+	neg_nt.low=~nt->low;
 
-	d = ((double)nt->high)*4.0*(double)(1<<30);
-	d += (nt->low&0xFFF00000);
+	d = ((double)neg_nt.high)*4.0*(double)(1<<30);
+	d += (neg_nt.low&0xFFF00000);
 	d *= 1.0e-7;
   
 	if (!(l_time_min <= d && d <= l_time_max)) {
@@ -728,11 +729,24 @@ void init_nt_time(NTTIME *nt)
 	nt->low = 0xFFFFFFFF;
 }
 
+BOOL nt_time_is_set(const NTTIME *nt)
+{
+	if ((nt->high == 0x7FFFFFFF) && (nt->low == 0xFFFFFFFF)) {
+		return False;
+	}
+
+	if ((nt->high == 0x80000000) && (nt->low == 0)) {
+		return False;
+	}
+
+	return True;
+}
+
 /****************************************************************************
  Check if NTTIME is 0.
 ****************************************************************************/
 
-BOOL nt_time_is_zero(NTTIME *nt)
+BOOL nt_time_is_zero(const NTTIME *nt)
 {
 	if(nt->high==0) {
 		return True;
@@ -744,7 +758,7 @@ BOOL nt_time_is_zero(NTTIME *nt)
  Check if two NTTIMEs are the same.
 ****************************************************************************/
 
-BOOL nt_time_equals(NTTIME *nt1, NTTIME *nt2)
+BOOL nt_time_equals(const NTTIME *nt1, const NTTIME *nt2)
 {
 	return (nt1->high == nt2->high && nt1->low == nt2->low);
 }
diff --git a/source3/rpc_client/cli_samr.c b/source3/rpc_client/cli_samr.c
index 744d8174a0..79f27fe2bb 100644
--- a/source3/rpc_client/cli_samr.c
+++ b/source3/rpc_client/cli_samr.c
@@ -1124,6 +1124,46 @@ NTSTATUS rpccli_samr_query_dom_info(struct rpc_pipe_client *cli,
 	return result;
 }
 
+/* Set domain info */
+
+NTSTATUS rpccli_samr_set_domain_info(struct rpc_pipe_client *cli,
+				     TALLOC_CTX *mem_ctx, 
+				     POLICY_HND *domain_pol,
+				     uint16 switch_value,
+				     SAM_UNK_CTR *ctr)
+{
+	prs_struct qbuf, rbuf;
+	SAMR_Q_SET_DOMAIN_INFO q;
+	SAMR_R_SET_DOMAIN_INFO r;
+	NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
+
+	DEBUG(10,("cli_samr_set_domain_info\n"));
+
+	ZERO_STRUCT(q);
+	ZERO_STRUCT(r);
+
+	/* Marshall data and send request */
+
+	init_samr_q_set_domain_info(&q, domain_pol, switch_value, ctr);
+
+	CLI_DO_RPC(cli, mem_ctx, PI_SAMR, SAMR_SET_DOMAIN_INFO,
+		q, r,
+		qbuf, rbuf,
+		samr_io_q_set_domain_info,
+		samr_io_r_set_domain_info,
+		NT_STATUS_UNSUCCESSFUL); 
+
+	/* Return output parameters */
+
+	if (!NT_STATUS_IS_OK(result = r.status)) {
+		goto done;
+	}
+
+ done:
+
+	return result;
+}
+
 /* User change password */
 
 NTSTATUS rpccli_samr_chgpasswd_user(struct rpc_pipe_client *cli,
diff --git a/source3/rpc_parse/parse_samr.c b/source3/rpc_parse/parse_samr.c
index 7cbaa4e3c9..87bfcebe26 100644
--- a/source3/rpc_parse/parse_samr.c
+++ b/source3/rpc_parse/parse_samr.c
@@ -7629,8 +7629,10 @@ BOOL samr_io_q_set_domain_info(const char *desc, SAMR_Q_SET_DOMAIN_INFO *q_u,
 	if(!prs_align(ps))
 		return False;
 
-	if ((q_u->ctr = PRS_ALLOC_MEM(ps, SAM_UNK_CTR, 1)) == NULL)
-		return False;
+	if (UNMARSHALLING(ps)) {
+		if ((q_u->ctr = PRS_ALLOC_MEM(ps, SAM_UNK_CTR, 1)) == NULL)
+			return False;
+	}
 	
 	switch (q_u->switch_value) {
 
diff --git a/source3/utils/net_rpc_sh_acct.c b/source3/utils/net_rpc_sh_acct.c
new file mode 100644
index 0000000000..91ec6f1335
--- /dev/null
+++ b/source3/utils/net_rpc_sh_acct.c
@@ -0,0 +1,411 @@
+/* 
+   Samba Unix/Linux SMB client library 
+   Distributed SMB/CIFS Server Management Utility 
+   Copyright (C) 2005 Volker Lendecke (vl@samba.org)
+
+   This program is free software; you can redistribute it and/or modify
+   it under the terms of the GNU General Public License as published by
+   the Free Software Foundation; either version 2 of the License, or
+   (at your option) any later version.
+   
+   This program is distributed in the hope that it will be useful,
+   but WITHOUT ANY WARRANTY; without even the implied warranty of
+   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+   GNU General Public License for more details.
+   
+   You should have received a copy of the GNU General Public License
+   along with this program; if not, write to the Free Software
+   Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.  */
+ 
+#include "includes.h"
+#include "utils/net.h"
+
+/*
+ * Do something with the account policies. Read them all, run a function on
+ * them and possibly write them back. "fn" has to return the container index
+ * it has modified, it can return 0 for no change.
+ */
+
+static NTSTATUS rpc_sh_acct_do(TALLOC_CTX *mem_ctx,
+			       struct rpc_sh_ctx *ctx,
+			       struct rpc_pipe_client *pipe_hnd,
+			       int argc, const char **argv,
+			       BOOL (*fn)(TALLOC_CTX *mem_ctx,
+					  struct rpc_sh_ctx *ctx,
+					  SAM_UNK_INFO_1 *i1,
+					  SAM_UNK_INFO_3 *i3,
+					  SAM_UNK_INFO_12 *i12,
+					  int argc, const char **argv))
+{
+	POLICY_HND connect_pol, domain_pol;
+	NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
+	SAM_UNK_CTR ctr1, ctr3, ctr12;
+	int store;
+
+	ZERO_STRUCT(connect_pol);
+	ZERO_STRUCT(domain_pol);
+
+	/* Get sam policy handle */
+	
+	result = rpccli_samr_connect(pipe_hnd, mem_ctx,
+				     MAXIMUM_ALLOWED_ACCESS, 
+				     &connect_pol);
+	if (!NT_STATUS_IS_OK(result)) {
+		goto done;
+	}
+	
+	/* Get domain policy handle */
+	
+	result = rpccli_samr_open_domain(pipe_hnd, mem_ctx, &connect_pol,
+					 MAXIMUM_ALLOWED_ACCESS,
+					 ctx->domain_sid, &domain_pol);
+	if (!NT_STATUS_IS_OK(result)) {
+		goto done;
+	}
+
+	result = rpccli_samr_query_dom_info(pipe_hnd, mem_ctx, &domain_pol,
+					    1, &ctr1);
+
+	if (!NT_STATUS_IS_OK(result)) {
+		d_fprintf(stderr, "query_domain_info level 1 failed: %s\n",
+			  nt_errstr(result));
+		goto done;
+	}
+
+	result = rpccli_samr_query_dom_info(pipe_hnd, mem_ctx, &domain_pol,
+					    3, &ctr3);
+
+	if (!NT_STATUS_IS_OK(result)) {
+		d_fprintf(stderr, "query_domain_info level 3 failed: %s\n",
+			  nt_errstr(result));
+		goto done;
+	}
+
+	result = rpccli_samr_query_dom_info(pipe_hnd, mem_ctx, &domain_pol,
+					    12, &ctr12);
+
+	if (!NT_STATUS_IS_OK(result)) {
+		d_fprintf(stderr, "query_domain_info level 12 failed: %s\n",
+			  nt_errstr(result));
+		goto done;
+	}
+
+	store = fn(mem_ctx, ctx, &ctr1.info.inf1, &ctr3.info.inf3,
+		   &ctr12.info.inf12, argc, argv);
+
+	if (store <= 0) {
+		/* Don't save anything */
+		goto done;
+	}
+
+	switch (store) {
+	case 1:
+		result = rpccli_samr_set_domain_info(pipe_hnd, mem_ctx,
+						     &domain_pol, 1, &ctr1);
+		break;
+	case 3:
+		result = rpccli_samr_set_domain_info(pipe_hnd, mem_ctx,
+						     &domain_pol, 3, &ctr3);
+		break;
+	case 12:
+		result = rpccli_samr_set_domain_info(pipe_hnd, mem_ctx,
+						     &domain_pol, 12, &ctr12);
+		break;
+	default:
+		d_fprintf(stderr, "Got unexpected info level %d\n", store);
+		result = NT_STATUS_INTERNAL_ERROR;
+		goto done;
+	}
+
+ done:
+	if (is_valid_policy_hnd(&domain_pol)) {
+		rpccli_samr_close(pipe_hnd, mem_ctx, &domain_pol);
+	}
+	if (is_valid_policy_hnd(&connect_pol)) {
+		rpccli_samr_close(pipe_hnd, mem_ctx, &connect_pol);
+	}
+
+	return result;
+}
+
+static int account_show(TALLOC_CTX *mem_ctx, struct rpc_sh_ctx *ctx,
+			SAM_UNK_INFO_1 *i1, SAM_UNK_INFO_3 *i3,
+			SAM_UNK_INFO_12 *i12,
+			int argc, const char **argv)
+{
+	if (argc != 0) {
+		d_fprintf(stderr, "usage: %s\n", ctx->whoami);
+		return -1;
+	}
+
+	d_printf("Minimum password length: %d\n", i1->min_length_password);
+	d_printf("Password history length: %d\n", i1->password_history);
+
+	d_printf("Minimum password age: ");
+	if (!nt_time_is_zero(&i1->min_passwordage)) {
+		time_t t = nt_time_to_unix_abs(&i1->min_passwordage);
+		d_printf("%d seconds\n", (int)t);
+	} else {
+		d_printf("not set\n");
+	}
+
+	d_printf("Maximum password age: ");
+	if (nt_time_is_set(&i1->expire)) {
+		time_t t = nt_time_to_unix_abs(&i1->expire);
+		d_printf("%d seconds\n", (int)t);
+	} else {
+		d_printf("not set\n");
+	}
+
+	d_printf("Bad logon attempts: %d\n", i12->bad_attempt_lockout);
+
+	if (i12->bad_attempt_lockout != 0) {
+
+		d_printf("Account lockout duration: ");
+		if (nt_time_is_set(&i12->duration)) {
+			time_t t = nt_time_to_unix_abs(&i12->duration);
+			d_printf("%d seconds\n", (int)t);
+		} else {
+			d_printf("not set\n");
+		}
+
+		d_printf("Bad password count reset after: ");
+		if (nt_time_is_set(&i12->reset_count)) {
+			time_t t = nt_time_to_unix_abs(&i12->reset_count);
+			d_printf("%d seconds\n", (int)t);
+		} else {
+			d_printf("not set\n");
+		}
+	}
+
+	d_printf("Disconnect users when logon hours expire: %s\n",
+		 nt_time_is_zero(&i3->logout) ? "yes" : "no");
+
+	d_printf("User must logon to change password: %s\n",
+		 (i1->password_properties & 0x2) ? "yes" : "no");
+	
+	return 0;		/* Don't save */
+}
+
+static NTSTATUS rpc_sh_acct_pol_show(TALLOC_CTX *mem_ctx,
+				     struct rpc_sh_ctx *ctx,
+				     struct rpc_pipe_client *pipe_hnd,
+				     int argc, const char **argv) {
+	return rpc_sh_acct_do(mem_ctx, ctx, pipe_hnd, argc, argv,
+			      account_show);
+}
+
+static int account_set_badpw(TALLOC_CTX *mem_ctx, struct rpc_sh_ctx *ctx,
+			     SAM_UNK_INFO_1 *i1, SAM_UNK_INFO_3 *i3,
+			     SAM_UNK_INFO_12 *i12,
+			     int argc, const char **argv)
+{
+	if (argc != 1) {
+		d_fprintf(stderr, "usage: %s <count>\n", ctx->whoami);
+		return -1;
+	}
+
+	i12->bad_attempt_lockout = atoi(argv[0]);
+	d_printf("Setting bad password count to %d\n",
+		 i12->bad_attempt_lockout);
+
+	return 12;
+}
+
+static NTSTATUS rpc_sh_acct_set_badpw(TALLOC_CTX *mem_ctx,
+				      struct rpc_sh_ctx *ctx,
+				      struct rpc_pipe_client *pipe_hnd,
+				      int argc, const char **argv)
+{
+	return rpc_sh_acct_do(mem_ctx, ctx, pipe_hnd, argc, argv,
+			      account_set_badpw);
+}
+
+static int account_set_lockduration(TALLOC_CTX *mem_ctx,
+				    struct rpc_sh_ctx *ctx,
+				    SAM_UNK_INFO_1 *i1, SAM_UNK_INFO_3 *i3,
+				    SAM_UNK_INFO_12 *i12,
+				    int argc, const char **argv)
+{
+	if (argc != 1) {
+		d_fprintf(stderr, "usage: %s <count>\n", ctx->whoami);
+		return -1;
+	}
+
+	unix_to_nt_time_abs(&i12->duration, atoi(argv[0]));
+	d_printf("Setting lockout duration to %d seconds\n",
+		 (int)nt_time_to_unix_abs(&i12->duration));
+
+	return 12;
+}
+
+static NTSTATUS rpc_sh_acct_set_lockduration(TALLOC_CTX *mem_ctx,
+					     struct rpc_sh_ctx *ctx,
+					     struct rpc_pipe_client *pipe_hnd,
+					     int argc, const char **argv)
+{
+	return rpc_sh_acct_do(mem_ctx, ctx, pipe_hnd, argc, argv,
+			      account_set_lockduration);
+}
+
+static int account_set_resetduration(TALLOC_CTX *mem_ctx,
+				     struct rpc_sh_ctx *ctx,
+				     SAM_UNK_INFO_1 *i1, SAM_UNK_INFO_3 *i3,
+				     SAM_UNK_INFO_12 *i12,
+				     int argc, const char **argv)
+{
+	if (argc != 1) {
+		d_fprintf(stderr, "usage: %s <count>\n", ctx->whoami);
+		return -1;
+	}
+
+	unix_to_nt_time_abs(&i12->reset_count, atoi(argv[0]));
+	d_printf("Setting bad password reset duration to %d seconds\n",
+		 (int)nt_time_to_unix_abs(&i12->reset_count));
+
+	return 12;
+}
+
+static NTSTATUS rpc_sh_acct_set_resetduration(TALLOC_CTX *mem_ctx,
+					      struct rpc_sh_ctx *ctx,
+					      struct rpc_pipe_client *pipe_hnd,
+					      int argc, const char **argv)
+{
+	return rpc_sh_acct_do(mem_ctx, ctx, pipe_hnd, argc, argv,
+			      account_set_resetduration);
+}
+
+static int account_set_minpwage(TALLOC_CTX *mem_ctx,
+				struct rpc_sh_ctx *ctx,
+				SAM_UNK_INFO_1 *i1, SAM_UNK_INFO_3 *i3,
+				SAM_UNK_INFO_12 *i12,
+				int argc, const char **argv)
+{
+	if (argc != 1) {
+		d_fprintf(stderr, "usage: %s <count>\n", ctx->whoami);
+		return -1;
+	}
+
+	unix_to_nt_time_abs(&i1->min_passwordage, atoi(argv[0]));
+	d_printf("Setting minimum password age to %d seconds\n",
+		 (int)nt_time_to_unix_abs(&i1->min_passwordage));
+
+	return 1;
+}
+
+static NTSTATUS rpc_sh_acct_set_minpwage(TALLOC_CTX *mem_ctx,
+					 struct rpc_sh_ctx *ctx,
+					 struct rpc_pipe_client *pipe_hnd,
+					 int argc, const char **argv)
+{
+	return rpc_sh_acct_do(mem_ctx, ctx, pipe_hnd, argc, argv,
+			      account_set_minpwage);
+}
+
+static int account_set_maxpwage(TALLOC_CTX *mem_ctx,
+				struct rpc_sh_ctx *ctx,
+				SAM_UNK_INFO_1 *i1, SAM_UNK_INFO_3 *i3,
+				SAM_UNK_INFO_12 *i12,
+				int argc, const char **argv)
+{
+	if (argc != 1) {
+		d_fprintf(stderr, "usage: %s <count>\n", ctx->whoami);
+		return -1;
+	}
+
+	unix_to_nt_time_abs(&i1->expire, atoi(argv[0]));
+	d_printf("Setting maximum password age to %d seconds\n",
+		 (int)nt_time_to_unix_abs(&i1->expire));
+
+	return 1;
+}
+
+static NTSTATUS rpc_sh_acct_set_maxpwage(TALLOC_CTX *mem_ctx,
+					 struct rpc_sh_ctx *ctx,
+					 struct rpc_pipe_client *pipe_hnd,
+					 int argc, const char **argv)
+{
+	return rpc_sh_acct_do(mem_ctx, ctx, pipe_hnd, argc, argv,
+			      account_set_maxpwage);
+}
+
+static int account_set_minpwlen(TALLOC_CTX *mem_ctx,
+				struct rpc_sh_ctx *ctx,
+				SAM_UNK_INFO_1 *i1, SAM_UNK_INFO_3 *i3,
+				SAM_UNK_INFO_12 *i12,
+				int argc, const char **argv)
+{
+	if (argc != 1) {
+		d_fprintf(stderr, "usage: %s <count>\n", ctx->whoami);
+		return -1;
+	}
+
+	i1->min_length_password = atoi(argv[0]);
+	d_printf("Setting minimum password length to %d\n",
+		 i1->min_length_password);
+
+	return 1;
+}
+
+static NTSTATUS rpc_sh_acct_set_minpwlen(TALLOC_CTX *mem_ctx,
+					 struct rpc_sh_ctx *ctx,
+					 struct rpc_pipe_client *pipe_hnd,
+					 int argc, const char **argv)
+{
+	return rpc_sh_acct_do(mem_ctx, ctx, pipe_hnd, argc, argv,
+			      account_set_minpwlen);
+}
+
+static int account_set_pwhistlen(TALLOC_CTX *mem_ctx,
+				 struct rpc_sh_ctx *ctx,
+				 SAM_UNK_INFO_1 *i1, SAM_UNK_INFO_3 *i3,
+				 SAM_UNK_INFO_12 *i12,
+				 int argc, const char **argv)
+{
+	if (argc != 1) {
+		d_fprintf(stderr, "usage: %s <count>\n", ctx->whoami);
+		return -1;
+	}
+
+	i1->password_history = atoi(argv[0]);
+	d_printf("Setting password history length to %d\n",
+		 i1->password_history);
+
+	return 1;
+}
+
+static NTSTATUS rpc_sh_acct_set_pwhistlen(TALLOC_CTX *mem_ctx,
+					  struct rpc_sh_ctx *ctx,
+					  struct rpc_pipe_client *pipe_hnd,
+					  int argc, const char **argv)
+{
+	return rpc_sh_acct_do(mem_ctx, ctx, pipe_hnd, argc, argv,
+			      account_set_pwhistlen);
+}
+
+struct rpc_sh_cmd *net_rpc_acct_cmds(TALLOC_CTX *mem_ctx,
+				     struct rpc_sh_ctx *ctx)
+{
+	static struct rpc_sh_cmd cmds[9] = {
+		{ "show", NULL, PI_SAMR, rpc_sh_acct_pol_show,
+		  "Show current account policy settings" },
+		{ "badpw", NULL, PI_SAMR, rpc_sh_acct_set_badpw,
+		  "Set bad password count before lockout" },
+		{ "lockduration", NULL, PI_SAMR, rpc_sh_acct_set_lockduration,
+		  "Set account lockout duration" },
+		{ "resetduration", NULL, PI_SAMR,
+		  rpc_sh_acct_set_resetduration,
+		  "Set bad password count reset duration" },
+		{ "minpwage", NULL, PI_SAMR, rpc_sh_acct_set_minpwage,
+		  "Set minimum password age" },
+		{ "maxpwage", NULL, PI_SAMR, rpc_sh_acct_set_maxpwage,
+		  "Set maximum password age" },
+		{ "minpwlen", NULL, PI_SAMR, rpc_sh_acct_set_minpwlen,
+		  "Set minimum password length" },
+		{ "pwhistlen", NULL, PI_SAMR, rpc_sh_acct_set_pwhistlen,
+		  "Set the password history length" },
+		{ NULL, NULL, 0, NULL, NULL }
+	};
+
+	return cmds;
+}
diff --git a/source3/utils/net_rpc_shell.c b/source3/utils/net_rpc_shell.c
index 2e1f65fe6c..0e17cd6843 100644
--- a/source3/utils/net_rpc_shell.c
+++ b/source3/utils/net_rpc_shell.c
@@ -233,6 +233,9 @@ int net_rpc_shell(int argc, const char **argv)
 		}
 
 		ret = poptParseArgvString(line, &argc, &argv);
+		if (ret == POPT_ERROR_NOARG) {
+			continue;
+		}
 		if (ret != 0) {
 			d_fprintf(stderr, "cmdline invalid: %s\n",
 				  poptStrerror(ret));
@@ -252,7 +255,7 @@ int net_rpc_shell(int argc, const char **argv)
 	return 0;
 }
 
-static struct rpc_sh_cmd sh_cmds[5] = {
+static struct rpc_sh_cmd sh_cmds[6] = {
 
 	{ "info", NULL, PI_SAMR, rpc_sh_info,
 	  "Print information about the domain connected to" },
@@ -266,5 +269,8 @@ static struct rpc_sh_cmd sh_cmds[5] = {
 	{ "user", net_rpc_user_cmds, 0, NULL,
 	  "List/Add/Remove user info" },
 
+	{ "account", net_rpc_acct_cmds, 0, NULL,
+	  "Show/Change account policy settings" },
+
 	{ NULL, NULL, 0, NULL, NULL }
 };