summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorAndrew Tridgell <tridge@samba.org>2010-11-28 12:20:15 +1100
committerAndrew Tridgell <tridge@samba.org>2010-11-29 18:04:41 +1100
commit7a826d02a386cb2429a992b84ca597b174cfc35d (patch)
tree86b537533f005066c63c0daa2061d0c0875b90b8
parente54c8bef8a926abf7cd52af5906ed0736f52d800 (diff)
downloadsamba-7a826d02a386cb2429a992b84ca597b174cfc35d.tar.gz
samba-7a826d02a386cb2429a992b84ca597b174cfc35d.tar.bz2
samba-7a826d02a386cb2429a992b84ca597b174cfc35d.zip
s4-samba-tool: started on gpo subcommands in python
this adds the listall GPO command. Currently the python variants are available as "samba-tool gpo2 SUBCOMMAND". These will replace the "samba-tool gpo" commands when complete
-rw-r--r--source4/scripting/python/samba/netcmd/__init__.py2
-rw-r--r--source4/scripting/python/samba/netcmd/gpo.py120
2 files changed, 122 insertions, 0 deletions
diff --git a/source4/scripting/python/samba/netcmd/__init__.py b/source4/scripting/python/samba/netcmd/__init__.py
index af317ab7e0..d47b39dced 100644
--- a/source4/scripting/python/samba/netcmd/__init__.py
+++ b/source4/scripting/python/samba/netcmd/__init__.py
@@ -170,3 +170,5 @@ from samba.netcmd.rodc import cmd_rodc
commands["rodc"] = cmd_rodc()
from samba.netcmd.drs import cmd_drs
commands["drs"] = cmd_drs()
+from samba.netcmd.gpo import cmd_gpo
+commands["gpo2"] = cmd_gpo()
diff --git a/source4/scripting/python/samba/netcmd/gpo.py b/source4/scripting/python/samba/netcmd/gpo.py
new file mode 100644
index 0000000000..edbd5a273c
--- /dev/null
+++ b/source4/scripting/python/samba/netcmd/gpo.py
@@ -0,0 +1,120 @@
+#!/usr/bin/env python
+#
+# implement samba_tool gpo commands
+#
+# Copyright Andrew Tridgell 2010
+#
+# based on C implementation by Guenther Deschner and Wilco Baan Hofman
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation; either version 3 of the License, or
+# (at your option) any later version.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program. If not, see <http://www.gnu.org/licenses/>.
+#
+
+import samba.getopt as options
+import ldb
+
+from samba.auth import system_session
+from samba.netcmd import (
+ Command,
+ CommandError,
+ Option,
+ SuperCommand,
+ )
+from samba.samdb import SamDB
+from samba import drs_utils, nttime2string, dsdb
+from samba.dcerpc import misc
+
+
+def samdb_connect(ctx):
+ '''make a ldap connection to the server'''
+ try:
+ ctx.samdb = SamDB(url=ctx.url,
+ session_info=system_session(),
+ credentials=ctx.creds, lp=ctx.lp)
+ except Exception, estr:
+ raise CommandError("LDAP connection to %s failed - %s" % (ctx.url, estr))
+
+
+def attr_default(msg, attrname, default):
+ '''get an attribute from a ldap msg with a default'''
+ if attrname in msg:
+ return msg[attrname][0]
+ return default
+
+
+def flags_string(flags, value):
+ '''return a set of flags as a string'''
+ if value == 0:
+ return 'NONE'
+ ret = ''
+ for (str, val) in flags:
+ if val & value:
+ ret += str + ' '
+ value &= ~val
+ if value != 0:
+ ret += '0x%08x' % value
+ return ret.rstrip()
+
+
+class cmd_listall(Command):
+ """list all GPOs"""
+
+ synopsis = "%prog gpo listall"
+
+ takes_optiongroups = {
+ "sambaopts": options.SambaOptions,
+ "versionopts": options.VersionOptions,
+ "credopts": options.CredentialsOptions,
+ }
+
+ takes_options = [
+ Option("-H", help="LDB URL for database or target server", type=str)
+ ]
+
+ def run(self, H=None, sambaopts=None,
+ credopts=None, versionopts=None, server=None):
+
+ self.url = H
+ self.lp = sambaopts.get_loadparm()
+
+ self.creds = credopts.get_credentials(self.lp)
+ if not self.creds.authentication_requested():
+ self.creds.set_machine_account(self.lp)
+
+ samdb_connect(self)
+
+ policies_dn = self.samdb.get_default_basedn()
+ policies_dn.add_child(ldb.Dn(self.samdb, "CN=Policies,CN=System"))
+
+ gpo_flags = [
+ ("GPO_FLAG_USER_DISABLE", dsdb.GPO_FLAG_USER_DISABLE ),
+ ( "GPO_FLAG_MACHINE_DISABLE", dsdb.GPO_FLAG_MACHINE_DISABLE ) ]
+
+ msg = self.samdb.search(base=policies_dn, scope=ldb.SCOPE_ONELEVEL,
+ expression="(objectClass=groupPolicyContainer)",
+ attrs=['nTSecurityDescriptor', 'versionNumber', 'flags', 'name', 'displayName', 'gPCFileSysPath'])
+ for m in msg:
+ print("GPO : %s" % m['name'][0])
+ print("display name : %s" % m['displayName'][0])
+ print("path : %s" % m['gPCFileSysPath'][0])
+ print("dn : %s" % m.dn)
+ print("version : %s" % attr_default(m, 'version', '0'))
+ print("flags : %s" % flags_string(gpo_flags, int(attr_default(m, 'flags', 0))))
+ print("")
+
+
+class cmd_gpo(SuperCommand):
+ """GPO commands"""
+
+ subcommands = {}
+ subcommands["listall"] = cmd_listall()