summaryrefslogtreecommitdiff
path: root/source4/scripting/python
diff options
context:
space:
mode:
authorMatthias Dieter Wallnöfer <mwallnoefer@yahoo.de>2009-09-19 21:57:41 +0200
committerMatthias Dieter Wallnöfer <mwallnoefer@yahoo.de>2009-09-19 21:57:41 +0200
commit017092a028104a22f12aac7b143aaf848cc3adec (patch)
tree0c53980b143d5d9001611560b2ea27aa3f2b6c4f /source4/scripting/python
parentd75653fb6bd99a9e3593b4d79d23a1df34536d02 (diff)
downloadsamba-017092a028104a22f12aac7b143aaf848cc3adec.tar.gz
samba-017092a028104a22f12aac7b143aaf848cc3adec.tar.bz2
samba-017092a028104a22f12aac7b143aaf848cc3adec.zip
s4:samdb.py - further rework
- I added a comment to the "new user" operation to point out that this works only on s4, since we add also ID mapping entries for winbind there - The "new user" operation adds now the password through the "set password" operation which I find better due to the re-use principle - Remove the word "DC" after "SAMBA 4" in the comment over the "set password" operation since this note and operation applies also to s4 in standalone mode
Diffstat (limited to 'source4/scripting/python')
-rw-r--r--source4/scripting/python/samba/samdb.py21
1 files changed, 9 insertions, 12 deletions
diff --git a/source4/scripting/python/samba/samdb.py b/source4/scripting/python/samba/samdb.py
index ef2a0b1644..28352f202f 100644
--- a/source4/scripting/python/samba/samdb.py
+++ b/source4/scripting/python/samba/samdb.py
@@ -2,6 +2,7 @@
# Unix SMB/CIFS implementation.
# Copyright (C) Jelmer Vernooij <jelmer@samba.org> 2007-2008
+# Copyright (C) Matthias Dieter Wallnoefer 2009
#
# Based on the original in EJS:
# Copyright (C) Andrew Tridgell <tridge@samba.org> 2005
@@ -109,15 +110,13 @@ pwdLastSet: 0
def newuser(self, username, unixname, password, force_password_change_at_next_login=False):
"""Adds a new user
- Note: This call uses the "userPassword" attribute to set the password.
- This works correctly on SAMBA 4 DCs and on Windows DCs with
- "2003 Native" or higer domain function level.
+ Note: This call adds also the ID mapping for winbind; therefore it works
+ *only* on SAMBA 4.
:param username: Name of the new user.
:param unixname: Name of the unix user to map to.
:param password: Password for the new user
"""
- # connect to the sam
self.transaction_start()
try:
user_dn = "CN=%s,CN=Users,%s" % (username, self.domain_dn())
@@ -126,9 +125,13 @@ pwdLastSet: 0
# fills in the default informations
self.add({"dn": user_dn,
"sAMAccountName": username,
- "userPassword": password,
"objectClass": "user"})
+ # Sets the password for it
+ self.setpassword("(dn=" + user_dn + ")", password,
+ force_password_change_at_next_login)
+
+ # Gets the user SID (for the account mapping setup)
res = self.search(user_dn, scope=ldb.SCOPE_BASE,
expression="objectclass=*",
attrs=["objectSid"])
@@ -145,12 +148,6 @@ pwdLastSet: 0
except KeyError:
pass
-
- if force_password_change_at_next_login:
- self.force_password_change_at_next_login("(dn=" + user_dn + ")")
-
- # modify the userAccountControl to remove the disabled bit
- self.enable_account("(dn=" + user_dn + ")")
except:
self.transaction_cancel()
raise
@@ -160,7 +157,7 @@ pwdLastSet: 0
"""Sets the password for a user
Note: This call uses the "userPassword" attribute to set the password.
- This works correctly on SAMBA 4 DCs and on Windows DCs with
+ This works correctly on SAMBA 4 and on Windows DCs with
"2003 Native" or higer domain function level.
:param filter: LDAP filter to find the user (eg samccountname=name)