samba-tool: Added gpo fetch command implementation using python smb module.

To copy the GPO files, use libcli python interface list() to get directory listing and loadfile() to read the contents of the file. Signed-off-by: Andrew Tridgell <tridge@samba.org>
author: Amitay Isaacs <amitay@gmail.com> 2011-07-28 14:17:19 +1000
committer: Andrew Tridgell <tridge@samba.org> 2011-07-28 15:20:54 +1000
commit: 2b6ea7975b5254a90ea183e3a69647920cbf4595 (patch)
tree: 21be49180b51b5909e4c6bdea760efc7e700e465 /source4
parent: d6db6614dd3621ad2a2cff58d1d79d6fdf7345f0 (diff)
download: samba-2b6ea7975b5254a90ea183e3a69647920cbf4595.tar.gz
samba-2b6ea7975b5254a90ea183e3a69647920cbf4595.tar.bz2
samba-2b6ea7975b5254a90ea183e3a69647920cbf4595.zip
1 files changed, 94 insertions, 0 deletions
diff --git a/source4/scripting/python/samba/netcmd/gpo.py b/source4/scripting/python/samba/netcmd/gpo.py
index fb559d619d..72c157d00a 100644
--- a/source4/scripting/python/samba/netcmd/gpo.py
+++ b/source4/scripting/python/samba/netcmd/gpo.py
@@ -22,6 +22,7 @@
 # along with this program.  If not, see <http://www.gnu.org/licenses/>.
 #
 
+import os
 import samba.getopt as options
 import ldb
 
@@ -40,6 +41,7 @@ import samba.security
 import samba.auth
 from samba.auth import AUTH_SESSION_INFO_DEFAULT_GROUPS, AUTH_SESSION_INFO_AUTHENTICATED, AUTH_SESSION_INFO_SIMPLE_PRIVILEGES
 from samba.netcmd.common import netcmd_finddc
+from samba import smb
 
 
 def samdb_connect(ctx):
@@ -157,6 +159,42 @@ def get_gpo_info(samdb, gpo=None, displayname=None, dn=None):
     return msg
 
 
+def parse_unc(unc):
+    '''Parse UNC string into a hostname, a service, and a filepath'''
+    if unc.startswith('\\\\') and unc.startswith('//'):
+        return []
+    tmp = unc[2:].split('/', 2)
+    if len(tmp) == 3:
+        return tmp
+    tmp = unc[2:].split('\\', 2)
+    if len(tmp) == 3:
+        return tmp;
+    return []
+
+
+def copy_directory_recurse(conn, remotedir, localdir):
+    if not os.path.isdir(localdir):
+        os.mkdir(localdir)
+    r_dirs = [ remotedir ]
+    l_dirs = [ localdir ]
+    while r_dirs:
+        r_dir = r_dirs.pop()
+        l_dir = l_dirs.pop()
+
+        dirlist = conn.list(r_dir)
+        for e in dirlist:
+            r_name = r_dir + '\\' + e['name']
+            l_name = l_dir + os.path.sep + e['name']
+
+            if e['attrib'] & smb.FILE_ATTRIBUTE_DIRECTORY:
+                r_dirs.append(r_name)
+                l_dirs.append(l_name)
+                os.mkdir(l_name)
+            elif e['attrib'] & smb.FILE_ATTRIBUTE_ARCHIVE:
+                data = conn.loadfile(r_name)
+                file(l_name, 'w').write(data)
+
+
 class cmd_listall(Command):
     """list all GPOs"""
 
@@ -659,6 +697,62 @@ class cmd_setinheritance(Command):
 class cmd_fetch(Command):
     """Download a GPO"""
 
+    synopsis = "%prog gpo fetch <gpo> [options]"
+
+    takes_optiongroups = {
+        "sambaopts": options.SambaOptions,
+        "versionopts": options.VersionOptions,
+        "credopts": options.CredentialsOptions,
+    }
+
+    takes_args = [ 'gpo' ]
+
+    takes_options = [
+        Option("-H", help="LDB URL for database or target server", type=str),
+        Option("--tmpdir", help="Temporary directory for copying policy files", type=str)
+        ]
+
+    def run(self, gpo, H=None, tmpdir=None, sambaopts=None, credopts=None, versionopts=None):
+
+        self.lp = sambaopts.get_loadparm()
+        self.creds = credopts.get_credentials(self.lp, fallback_machine=True)
+
+        dc_hostname = netcmd_finddc(self.lp, self.creds)
+        self.url = dc_url(self.lp, self.creds, H, dc=dc_hostname)
+
+        samdb_connect(self)
+        try:
+            msg = get_gpo_info(self.samdb, gpo)[0]
+        except Exception, e:
+            raise CommandError("GPO %s does not exist" % gpo)
+
+        unc = msg['gPCFileSysPath'][0]
+        try:
+            [dom_name, service, sharepath] = parse_unc(unc)
+        except:
+            raise CommandError("Invalid GPO path (%s)" % unc)
+
+        try:
+            conn = smb.SMB(dc_hostname, service, lp=self.lp, creds=self.creds)
+        except Exception, e:
+            raise CommandError("Error connecting to '%s' using SMB" % dc_hostname, e)
+
+        if tmpdir is None:
+            tmpdir = "/tmp"
+
+        try:
+            localdir = tmpdir + os.path.sep + "policy"
+            if not os.path.isdir(localdir):
+                os.mkdir(localdir)
+            gpodir = localdir + os.path.sep + gpo
+            if not os.path.isdir(gpodir):
+                os.mkdir(gpodir)
+            copy_directory_recurse(conn, sharepath, gpodir)
+        except Exception, e:
+            raise CommandError("Error copying GPO", e)
+        print('GPO copied to %s' % gpodir)
+
+
 class cmd_create(Command):
     """Create a GPO"""
author	Amitay Isaacs <amitay@gmail.com>	2011-07-28 14:17:19 +1000
committer	Andrew Tridgell <tridge@samba.org>	2011-07-28 15:20:54 +1000
commit	2b6ea7975b5254a90ea183e3a69647920cbf4595 (patch)
tree	21be49180b51b5909e4c6bdea760efc7e700e465 /source4
parent	d6db6614dd3621ad2a2cff58d1d79d6fdf7345f0 (diff)
download	samba-2b6ea7975b5254a90ea183e3a69647920cbf4595.tar.gz samba-2b6ea7975b5254a90ea183e3a69647920cbf4595.tar.bz2 samba-2b6ea7975b5254a90ea183e3a69647920cbf4595.zip