summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rwxr-xr-xsource4/lib/ldb/tests/python/ldap.py18
-rwxr-xr-xsource4/lib/ldb/tests/python/ldap_schema.py2
-rw-r--r--source4/librpc/ndr/py_security.c36
-rw-r--r--source4/scripting/python/pyglue.c23
-rw-r--r--source4/scripting/python/samba/__init__.py9
5 files changed, 46 insertions, 42 deletions
diff --git a/source4/lib/ldb/tests/python/ldap.py b/source4/lib/ldb/tests/python/ldap.py
index 426d7b38a0..c2920c009e 100755
--- a/source4/lib/ldb/tests/python/ldap.py
+++ b/source4/lib/ldb/tests/python/ldap.py
@@ -26,7 +26,7 @@ from ldb import ERR_NAMING_VIOLATION, ERR_CONSTRAINT_VIOLATION
from ldb import ERR_UNDEFINED_ATTRIBUTE_TYPE
from ldb import Message, MessageElement, Dn
from ldb import FLAG_MOD_ADD, FLAG_MOD_REPLACE, FLAG_MOD_DELETE
-from samba import Ldb, param, dom_sid_to_rid
+from samba import Ldb, param
from samba import UF_NORMAL_ACCOUNT, UF_TEMP_DUPLICATE_ACCOUNT
from samba import UF_SERVER_TRUST_ACCOUNT, UF_WORKSTATION_TRUST_ACCOUNT
from samba import UF_INTERDOMAIN_TRUST_ACCOUNT
@@ -456,7 +456,7 @@ class BasicTests(unittest.TestCase):
self.fail()
except LdbError, (num, _):
self.assertEquals(num, ERR_NAMING_VIOLATION)
-
+
self.delete_force(self.ldb, "description=xyz,cn=users," + self.base_dn)
self.ldb.add({
@@ -642,17 +642,17 @@ objectClass: container
res1 = ldb.search("cn=ldaptestgroup,cn=users," + self.base_dn,
scope=SCOPE_BASE, attrs=["objectSID"])
self.assertTrue(len(res1) == 1)
- group_rid_1 = dom_sid_to_rid(ldb.schema_format_value("objectSID",
- res1[0]["objectSID"][0]))
+ group_rid_1 = security.dom_sid(ldb.schema_format_value("objectSID",
+ res1[0]["objectSID"][0])).split()[1]
res1 = ldb.search("cn=ldaptestgroup2,cn=users," + self.base_dn,
scope=SCOPE_BASE, attrs=["objectSID"])
self.assertTrue(len(res1) == 1)
- group_rid_2 = dom_sid_to_rid(ldb.schema_format_value("objectSID",
- res1[0]["objectSID"][0]))
+ group_rid_2 = security.dom_sid(ldb.schema_format_value("objectSID",
+ res1[0]["objectSID"][0])).split()[1]
# Try to create a user with an invalid primary group
- try:
+ try:
ldb.add({
"dn": "cn=ldaptestuser,cn=users," + self.base_dn,
"objectclass": ["user", "person"],
@@ -833,7 +833,7 @@ objectClass: container
self.assertTrue(len(res1) == 1)
self.assertFalse("primaryGroupToken" in res1[0])
- res1 = ldb.search("cn=ldaptestgroup,cn=users," + self.base_dn,
+ res1 = ldb.search("cn=ldaptestgroup,cn=users," + self.base_dn,
scope=SCOPE_BASE)
self.assertTrue(len(res1) == 1)
self.assertFalse("primaryGroupToken" in res1[0])
@@ -843,7 +843,7 @@ objectClass: container
self.assertTrue(len(res1) == 1)
primary_group_token = int(res1[0]["primaryGroupToken"][0])
- rid = dom_sid_to_rid(ldb.schema_format_value("objectSID", res1[0]["objectSID"][0]))
+ rid = security.dom_sid(ldb.schema_format_value("objectSID", res1[0]["objectSID"][0])).split()[1]
self.assertEquals(primary_group_token, rid)
m = Message()
diff --git a/source4/lib/ldb/tests/python/ldap_schema.py b/source4/lib/ldb/tests/python/ldap_schema.py
index f13a4fbc52..0a31db82f7 100755
--- a/source4/lib/ldb/tests/python/ldap_schema.py
+++ b/source4/lib/ldb/tests/python/ldap_schema.py
@@ -26,7 +26,7 @@ from ldb import ERR_NAMING_VIOLATION, ERR_CONSTRAINT_VIOLATION
from ldb import ERR_UNDEFINED_ATTRIBUTE_TYPE
from ldb import Message, MessageElement, Dn
from ldb import FLAG_MOD_ADD, FLAG_MOD_REPLACE, FLAG_MOD_DELETE
-from samba import Ldb, param, dom_sid_to_rid
+from samba import Ldb
from samba import UF_NORMAL_ACCOUNT, UF_TEMP_DUPLICATE_ACCOUNT
from samba import UF_SERVER_TRUST_ACCOUNT, UF_WORKSTATION_TRUST_ACCOUNT
from samba import UF_INTERDOMAIN_TRUST_ACCOUNT
diff --git a/source4/librpc/ndr/py_security.c b/source4/librpc/ndr/py_security.c
index 02dc059f05..d04e2579f5 100644
--- a/source4/librpc/ndr/py_security.c
+++ b/source4/librpc/ndr/py_security.c
@@ -41,6 +41,33 @@ static void PyType_AddMethods(PyTypeObject *type, PyMethodDef *methods)
}
}
+static PyObject *py_dom_sid_split(PyObject *py_self, PyObject *args)
+{
+ struct dom_sid *self = py_talloc_get_ptr(py_self);
+ struct dom_sid *domain_sid;
+ TALLOC_CTX *mem_ctx;
+ uint32_t rid;
+ NTSTATUS status;
+ PyObject *py_domain_sid;
+
+ mem_ctx = talloc_new(NULL);
+ if (mem_ctx == NULL) {
+ PyErr_NoMemory();
+ return NULL;
+ }
+
+ status = dom_sid_split_rid(mem_ctx, self, &domain_sid, &rid);
+ if (!NT_STATUS_IS_OK(status)) {
+ PyErr_SetString(PyExc_RuntimeError, "dom_sid_split_rid failed");
+ talloc_free(mem_ctx);
+ return NULL;
+ }
+
+ py_domain_sid = py_talloc_steal(&dom_sid_Type, domain_sid);
+ talloc_free(mem_ctx);
+ return Py_BuildValue("(OI)", py_domain_sid, rid);
+}
+
static int py_dom_sid_cmp(PyObject *py_self, PyObject *py_other)
{
struct dom_sid *self = py_talloc_get_ptr(py_self), *other;
@@ -86,12 +113,21 @@ static int py_dom_sid_init(PyObject *self, PyObject *args, PyObject *kwargs)
return 0;
}
+static PyMethodDef py_dom_sid_extra_methods[] = {
+ { "split", (PyCFunction)py_dom_sid_split, METH_NOARGS,
+ "S.split() -> (domain_sid, rid)\n"
+ "Split a domain sid" },
+ { NULL }
+};
+
+
static void py_dom_sid_patch(PyTypeObject *type)
{
type->tp_init = py_dom_sid_init;
type->tp_str = py_dom_sid_str;
type->tp_repr = py_dom_sid_repr;
type->tp_compare = py_dom_sid_cmp;
+ PyType_AddMethods(type, py_dom_sid_extra_methods);
}
#define PY_DOM_SID_PATCH py_dom_sid_patch
diff --git a/source4/scripting/python/pyglue.c b/source4/scripting/python/pyglue.c
index 9f01102316..3d33e605db 100644
--- a/source4/scripting/python/pyglue.c
+++ b/source4/scripting/python/pyglue.c
@@ -442,27 +442,6 @@ static PyObject *py_dsdb_make_schema_global(PyObject *self, PyObject *args)
Py_RETURN_NONE;
}
-static PyObject *py_dom_sid_to_rid(PyLdbObject *self, PyObject *args)
-{
- PyObject *py_sid;
- struct dom_sid *sid;
- uint32_t rid;
- NTSTATUS status;
-
- if(!PyArg_ParseTuple(args, "O", &py_sid))
- return NULL;
-
- sid = dom_sid_parse_talloc(NULL, PyString_AsString(py_sid));
-
- status = dom_sid_split_rid(NULL, sid, NULL, &rid);
- if (!NT_STATUS_IS_OK(status)) {
- PyErr_SetString(PyExc_RuntimeError, "dom_sid_split_rid failed");
- return NULL;
- }
-
- return PyInt_FromLong(rid);
-}
-
static PyMethodDef py_misc_methods[] = {
{ "generate_random_str", (PyCFunction)py_generate_random_str, METH_VARARGS,
"random_password(len) -> string\n"
@@ -506,8 +485,6 @@ static PyMethodDef py_misc_methods[] = {
NULL },
{ "dsdb_make_schema_global", (PyCFunction)py_dsdb_make_schema_global, METH_VARARGS,
NULL },
- { "dom_sid_to_rid", (PyCFunction)py_dom_sid_to_rid, METH_VARARGS,
- NULL },
{ "set_debug_level", (PyCFunction)py_set_debug_level, METH_VARARGS,
"set debug level" },
{ NULL }
diff --git a/source4/scripting/python/samba/__init__.py b/source4/scripting/python/samba/__init__.py
index f74304c01c..d501fd7b88 100644
--- a/source4/scripting/python/samba/__init__.py
+++ b/source4/scripting/python/samba/__init__.py
@@ -370,15 +370,6 @@ def valid_netbios_name(name):
return True
-def dom_sid_to_rid(sid_str):
- """Converts a domain SID to the relative RID.
-
- :param sid_str: The domain SID formatted as string
- """
-
- return glue.dom_sid_to_rid(sid_str)
-
-
version = glue.version
# "userAccountControl" flags