summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorGiampaolo Lauria <lauria2@yahoo.com>2011-10-21 11:49:29 -0400
committerJelmer Vernooij <jelmer@samba.org>2011-11-03 15:12:27 +0100
commit9ff2874e5e89ac297be972e0a6ef793456480a56 (patch)
tree87c0dba35a94177b4f8b34f93854c70624a6c5d3
parent82c6599e154fcec7bb9c32829e092b96a3e90de7 (diff)
downloadsamba-9ff2874e5e89ac297be972e0a6ef793456480a56.tar.gz
samba-9ff2874e5e89ac297be972e0a6ef793456480a56.tar.bz2
samba-9ff2874e5e89ac297be972e0a6ef793456480a56.zip
samba-tool: Improve "delegation" command error handling
Display a more meaningful error msg when user account not found Assert when returned number of entries is not 0 or 1
-rw-r--r--source4/scripting/python/samba/netcmd/delegation.py48
1 files changed, 27 insertions, 21 deletions
diff --git a/source4/scripting/python/samba/netcmd/delegation.py b/source4/scripting/python/samba/netcmd/delegation.py
index 9fccaf9536..ec84f671bc 100644
--- a/source4/scripting/python/samba/netcmd/delegation.py
+++ b/source4/scripting/python/samba/netcmd/delegation.py
@@ -52,13 +52,15 @@ class cmd_delegation_show(Command):
# TODO once I understand how, use the domain info to naildown
# to the correct domain
(cleanedaccount, realm, domain) = _get_user_realm_domain(accountname)
- self.outf.write("Searching for: %s\n" % (cleanedaccount))
- res = sam.search(expression="sAMAccountName=%s" % ldb.binary_encode(cleanedaccount),
- scope=ldb.SCOPE_SUBTREE,
- attrs=["userAccountControl", "msDS-AllowedToDelegateTo"])
- if len(res) != 1:
- raise CommandError("Account %s found %d times" % (accountname, len(res)))
-
+
+ res = sam.search(expression="sAMAccountName=%s" %
+ ldb.binary_encode(cleanedaccount),
+ scope=ldb.SCOPE_SUBTREE,
+ attrs=["userAccountControl", "msDS-AllowedToDelegateTo"])
+ if len(res) == 0:
+ raise CommandError("Unable to find account name '%s'" % accountname)
+ assert(len(res) == 1)
+
uac = int(res[0].get("userAccountControl")[0])
allowed = res[0].get("msDS-AllowedToDelegateTo")
@@ -159,17 +161,19 @@ class cmd_delegation_add_service(Command):
# to the correct domain
(cleanedaccount, realm, domain) = _get_user_realm_domain(accountname)
- res = sam.search(expression="sAMAccountName=%s" % ldb.binary_encode(cleanedaccount),
- scope=ldb.SCOPE_SUBTREE,
- attrs=["msDS-AllowedToDelegateTo"])
- if len(res) != 1:
- raise CommandError("Account %s found %d times" % (accountname, len(res)))
+ res = sam.search(expression="sAMAccountName=%s" %
+ ldb.binary_encode(cleanedaccount),
+ scope=ldb.SCOPE_SUBTREE,
+ attrs=["msDS-AllowedToDelegateTo"])
+ if len(res) == 0:
+ raise CommandError("Unable to find account name '%s'" % accountname)
+ assert(len(res) == 1)
msg = ldb.Message()
msg.dn = res[0].dn
msg["msDS-AllowedToDelegateTo"] = ldb.MessageElement([principal],
- ldb.FLAG_MOD_ADD,
- "msDS-AllowedToDelegateTo")
+ ldb.FLAG_MOD_ADD,
+ "msDS-AllowedToDelegateTo")
try:
sam.modify(msg)
except Exception, err:
@@ -194,17 +198,19 @@ class cmd_delegation_del_service(Command):
# to the correct domain
(cleanedaccount, realm, domain) = _get_user_realm_domain(accountname)
- res = sam.search(expression="sAMAccountName=%s" % ldb.binary_encode(cleanedaccount),
- scope=ldb.SCOPE_SUBTREE,
- attrs=["msDS-AllowedToDelegateTo"])
- if len(res) != 1:
- raise CommandError("Account %s found %d times" % (accountname, len(res)))
+ res = sam.search(expression="sAMAccountName=%s" %
+ ldb.binary_encode(cleanedaccount),
+ scope=ldb.SCOPE_SUBTREE,
+ attrs=["msDS-AllowedToDelegateTo"])
+ if len(res) == 0:
+ raise CommandError("Unable to find account name '%s'" % accountname)
+ assert(len(res) == 1)
msg = ldb.Message()
msg.dn = res[0].dn
msg["msDS-AllowedToDelegateTo"] = ldb.MessageElement([principal],
- ldb.FLAG_MOD_DELETE,
- "msDS-AllowedToDelegateTo")
+ ldb.FLAG_MOD_DELETE,
+ "msDS-AllowedToDelegateTo")
try:
sam.modify(msg)
except Exception, err: