summaryrefslogtreecommitdiff
path: root/source4/scripting/python
diff options
context:
space:
mode:
authorMatthias Dieter Wallnöfer <mwallnoefer@yahoo.de>2009-09-10 00:46:51 +0200
committerMatthias Dieter Wallnöfer <mwallnoefer@yahoo.de>2009-09-10 00:48:19 +0200
commitaae07390e2b84d8b1d41eb65d31f9621a22a17aa (patch)
treec552c19755d303f921c6ebc952898001d0df0251 /source4/scripting/python
parent27beb7fc7efde5c26917357e6a53e61e4cd7e04a (diff)
downloadsamba-aae07390e2b84d8b1d41eb65d31f9621a22a17aa.tar.gz
samba-aae07390e2b84d8b1d41eb65d31f9621a22a17aa.tar.bz2
samba-aae07390e2b84d8b1d41eb65d31f9621a22a17aa.zip
Revert "s4: Let the "setpassword" script finally use the "samdb_set_password" routine"
This reverts commit fdd62e9699b181a140292689fcd88a559bc26211. abartlet and I agreed that this isn't the right way to enforce the password policies. Sooner or later we've to control them anyway on the directory level.
Diffstat (limited to 'source4/scripting/python')
-rw-r--r--source4/scripting/python/pyglue.c65
-rw-r--r--source4/scripting/python/samba/samdb.py14
2 files changed, 9 insertions, 70 deletions
diff --git a/source4/scripting/python/pyglue.c b/source4/scripting/python/pyglue.c
index 3e6233b4c4..42c04c1f38 100644
--- a/source4/scripting/python/pyglue.c
+++ b/source4/scripting/python/pyglue.c
@@ -220,69 +220,13 @@ static PyObject *py_samdb_get_domain_sid(PyLdbObject *self, PyObject *args)
if (!sid) {
PyErr_SetString(PyExc_RuntimeError, "samdb_domain_sid failed");
return NULL;
- }
-
+ }
retstr = dom_sid_string(NULL, sid);
ret = PyString_FromString(retstr);
talloc_free(retstr);
-
return ret;
}
-static PyObject *py_samdb_set_password(PyLdbObject *self, PyObject *args,
- PyObject *kwargs)
-{
- PyObject *py_sam, *py_user_dn, *py_dom_dn, *py_mod, *py_user_change;
- char *new_password;
- bool user_change;
- DATA_BLOB new_pwd_blob;
- struct ldb_context *sam_ctx;
- struct ldb_dn *user_dn, *dom_dn;
- struct ldb_message *mod;
- TALLOC_CTX *mem_ctx;
- NTSTATUS status;
- const char * const kwnames[] = { "samdb", "user_dn", "dom_dn", "mod",
- "new_password", "user_change", NULL };
-
- if (!PyArg_ParseTupleAndKeywords(args, kwargs, "OOOOsO",
- discard_const_p(char *, kwnames),
- &py_sam, &py_user_dn, &py_dom_dn, &py_mod, &new_password,
- &py_user_change))
- return NULL;
-
- sam_ctx = PyLdb_AsLdbContext(py_sam);
-
- mem_ctx = talloc_new(NULL);
- if (mem_ctx == NULL) {
- PyErr_NoMemory();
- }
-
- if (!PyObject_AsDn(mem_ctx, py_user_dn, sam_ctx, &user_dn)) {
- PyErr_SetString(PyExc_RuntimeError, "user_dn invalid!");
- return NULL;
- }
-
- if (!PyObject_AsDn(mem_ctx, py_dom_dn, sam_ctx, &dom_dn)) {
- PyErr_SetString(PyExc_RuntimeError, "dom_dn invalid!");
- return NULL;
- }
-
- mod = PyLdbMessage_AsMessage(py_mod);
-
- user_change = PyInt_AsLong(py_user_change);
-
- new_pwd_blob.data = (uint8_t *) new_password;
- new_pwd_blob.length = strlen((char *) new_pwd_blob.data);
-
- status = samdb_set_password(sam_ctx, mem_ctx, user_dn, dom_dn, mod,
- &new_pwd_blob, NULL, NULL, user_change, NULL, NULL);
-
- talloc_free(mem_ctx);
-
- PyErr_NTSTATUS_IS_ERR_RAISE(status);
- Py_RETURN_NONE;
-}
-
static PyObject *py_ldb_register_samba_handlers(PyObject *self, PyObject *args)
{
PyObject *py_ldb;
@@ -496,8 +440,7 @@ static PyObject *py_dom_sid_to_rid(PyLdbObject *self, PyObject *args)
sid = dom_sid_parse_talloc(NULL, PyString_AsString(py_sid));
- status = dom_sid_split_rid(NULL, (const struct dom_sid *)sid, NULL,
- &rid);
+ status = dom_sid_split_rid(NULL, sid, NULL, &rid);
if (!NT_STATUS_IS_OK(status)) {
PyErr_SetString(PyExc_RuntimeError, "dom_sid_split_rid failed");
return NULL;
@@ -527,10 +470,6 @@ static PyMethodDef py_misc_methods[] = {
{ "samdb_get_domain_sid", (PyCFunction)py_samdb_get_domain_sid, METH_VARARGS,
"samdb_get_domain_sid(samdb)\n"
"Get SID of domain in use." },
- { "samdb_set_password", (PyCFunction)py_samdb_set_password,
- METH_VARARGS|METH_KEYWORDS,
- "samdb_set_password(samdb, user_dn, dom_dn, mod, new_password, user_change)\n"
- "Set the password of a user" },
{ "ldb_register_samba_handlers", (PyCFunction)py_ldb_register_samba_handlers, METH_VARARGS,
"ldb_register_samba_handlers(ldb)\n"
"Register Samba-specific LDB modules and schemas." },
diff --git a/source4/scripting/python/samba/samdb.py b/source4/scripting/python/samba/samdb.py
index 3f4252b36a..a58d6c5b12 100644
--- a/source4/scripting/python/samba/samdb.py
+++ b/source4/scripting/python/samba/samdb.py
@@ -161,14 +161,14 @@ pwdLastSet: 0
assert(len(res) == 1)
user_dn = res[0].dn
- mod = ldb.Message()
- mod.dn = user_dn
-
- glue.samdb_set_password(samdb=self, user_dn=str(user_dn),
- dom_dn=self.domain_dn(), mod=mod, new_password=password,
- user_change=False)
+ setpw = """
+dn: %s
+changetype: modify
+replace: userPassword
+userPassword:: %s
+""" % (user_dn, base64.b64encode(password))
- self.modify(mod)
+ self.modify_ldif(setpw)
if force_password_change_at_next_login:
self.force_password_change_at_next_login(user_dn)