diff options
author | Matthias Dieter Wallnöfer <mwallnoefer@yahoo.de> | 2009-09-19 21:57:41 +0200 |
---|---|---|
committer | Matthias Dieter Wallnöfer <mwallnoefer@yahoo.de> | 2009-09-19 21:57:41 +0200 |
commit | 017092a028104a22f12aac7b143aaf848cc3adec (patch) | |
tree | 0c53980b143d5d9001611560b2ea27aa3f2b6c4f /source4/scripting/python | |
parent | d75653fb6bd99a9e3593b4d79d23a1df34536d02 (diff) | |
download | samba-017092a028104a22f12aac7b143aaf848cc3adec.tar.gz samba-017092a028104a22f12aac7b143aaf848cc3adec.tar.bz2 samba-017092a028104a22f12aac7b143aaf848cc3adec.zip |
s4:samdb.py - further rework
- I added a comment to the "new user" operation to point out that this works
only on s4, since we add also ID mapping entries for winbind there
- The "new user" operation adds now the password through the "set password"
operation which I find better due to the re-use principle
- Remove the word "DC" after "SAMBA 4" in the comment over the "set password"
operation since this note and operation applies also to s4 in standalone mode
Diffstat (limited to 'source4/scripting/python')
-rw-r--r-- | source4/scripting/python/samba/samdb.py | 21 |
1 files changed, 9 insertions, 12 deletions
diff --git a/source4/scripting/python/samba/samdb.py b/source4/scripting/python/samba/samdb.py index ef2a0b1644..28352f202f 100644 --- a/source4/scripting/python/samba/samdb.py +++ b/source4/scripting/python/samba/samdb.py @@ -2,6 +2,7 @@ # Unix SMB/CIFS implementation. # Copyright (C) Jelmer Vernooij <jelmer@samba.org> 2007-2008 +# Copyright (C) Matthias Dieter Wallnoefer 2009 # # Based on the original in EJS: # Copyright (C) Andrew Tridgell <tridge@samba.org> 2005 @@ -109,15 +110,13 @@ pwdLastSet: 0 def newuser(self, username, unixname, password, force_password_change_at_next_login=False): """Adds a new user - Note: This call uses the "userPassword" attribute to set the password. - This works correctly on SAMBA 4 DCs and on Windows DCs with - "2003 Native" or higer domain function level. + Note: This call adds also the ID mapping for winbind; therefore it works + *only* on SAMBA 4. :param username: Name of the new user. :param unixname: Name of the unix user to map to. :param password: Password for the new user """ - # connect to the sam self.transaction_start() try: user_dn = "CN=%s,CN=Users,%s" % (username, self.domain_dn()) @@ -126,9 +125,13 @@ pwdLastSet: 0 # fills in the default informations self.add({"dn": user_dn, "sAMAccountName": username, - "userPassword": password, "objectClass": "user"}) + # Sets the password for it + self.setpassword("(dn=" + user_dn + ")", password, + force_password_change_at_next_login) + + # Gets the user SID (for the account mapping setup) res = self.search(user_dn, scope=ldb.SCOPE_BASE, expression="objectclass=*", attrs=["objectSid"]) @@ -145,12 +148,6 @@ pwdLastSet: 0 except KeyError: pass - - if force_password_change_at_next_login: - self.force_password_change_at_next_login("(dn=" + user_dn + ")") - - # modify the userAccountControl to remove the disabled bit - self.enable_account("(dn=" + user_dn + ")") except: self.transaction_cancel() raise @@ -160,7 +157,7 @@ pwdLastSet: 0 """Sets the password for a user Note: This call uses the "userPassword" attribute to set the password. - This works correctly on SAMBA 4 DCs and on Windows DCs with + This works correctly on SAMBA 4 and on Windows DCs with "2003 Native" or higer domain function level. :param filter: LDAP filter to find the user (eg samccountname=name) |