diff options
| author | Matthias Dieter Wallnöfer <mwallnoefer@yahoo.de> | 2009-09-19 21:57:41 +0200 |
|---|---|---|
| committer | Matthias Dieter Wallnöfer <mwallnoefer@yahoo.de> | 2009-09-19 21:57:41 +0200 |
| commit | 017092a028104a22f12aac7b143aaf848cc3adec (patch) | |
| tree | 0c53980b143d5d9001611560b2ea27aa3f2b6c4f | |
| parent | d75653fb6bd99a9e3593b4d79d23a1df34536d02 (diff) | |
| download | samba-017092a028104a22f12aac7b143aaf848cc3adec.tar.gz samba-017092a028104a22f12aac7b143aaf848cc3adec.tar.bz2 samba-017092a028104a22f12aac7b143aaf848cc3adec.zip | |
s4:samdb.py - further rework
- I added a comment to the "new user" operation to point out that this works
only on s4, since we add also ID mapping entries for winbind there
- The "new user" operation adds now the password through the "set password"
operation which I find better due to the re-use principle
- Remove the word "DC" after "SAMBA 4" in the comment over the "set password"
operation since this note and operation applies also to s4 in standalone mode
| -rw-r--r-- | source4/scripting/python/samba/samdb.py | 21 |
1 files changed, 9 insertions, 12 deletions
diff --git a/source4/scripting/python/samba/samdb.py b/source4/scripting/python/samba/samdb.py index ef2a0b1644..28352f202f 100644 --- a/source4/scripting/python/samba/samdb.py +++ b/source4/scripting/python/samba/samdb.py @@ -2,6 +2,7 @@ # Unix SMB/CIFS implementation. # Copyright (C) Jelmer Vernooij <jelmer@samba.org> 2007-2008 +# Copyright (C) Matthias Dieter Wallnoefer 2009 # # Based on the original in EJS: # Copyright (C) Andrew Tridgell <tridge@samba.org> 2005 @@ -109,15 +110,13 @@ pwdLastSet: 0 def newuser(self, username, unixname, password, force_password_change_at_next_login=False): """Adds a new user - Note: This call uses the "userPassword" attribute to set the password. - This works correctly on SAMBA 4 DCs and on Windows DCs with - "2003 Native" or higer domain function level. + Note: This call adds also the ID mapping for winbind; therefore it works + *only* on SAMBA 4. :param username: Name of the new user. :param unixname: Name of the unix user to map to. :param password: Password for the new user """ - # connect to the sam self.transaction_start() try: user_dn = "CN=%s,CN=Users,%s" % (username, self.domain_dn()) @@ -126,9 +125,13 @@ pwdLastSet: 0 # fills in the default informations self.add({"dn": user_dn, "sAMAccountName": username, - "userPassword": password, "objectClass": "user"}) + # Sets the password for it + self.setpassword("(dn=" + user_dn + ")", password, + force_password_change_at_next_login) + + # Gets the user SID (for the account mapping setup) res = self.search(user_dn, scope=ldb.SCOPE_BASE, expression="objectclass=*", attrs=["objectSid"]) @@ -145,12 +148,6 @@ pwdLastSet: 0 except KeyError: pass - - if force_password_change_at_next_login: - self.force_password_change_at_next_login("(dn=" + user_dn + ")") - - # modify the userAccountControl to remove the disabled bit - self.enable_account("(dn=" + user_dn + ")") except: self.transaction_cancel() raise @@ -160,7 +157,7 @@ pwdLastSet: 0 """Sets the password for a user Note: This call uses the "userPassword" attribute to set the password. - This works correctly on SAMBA 4 DCs and on Windows DCs with + This works correctly on SAMBA 4 and on Windows DCs with "2003 Native" or higer domain function level. :param filter: LDAP filter to find the user (eg samccountname=name) |