diff options
-rw-r--r-- | source4/scripting/python/samba/netcmd/delegation.py | 8 | ||||
-rw-r--r-- | source4/scripting/python/samba/samdb.py | 10 |
2 files changed, 12 insertions, 6 deletions
diff --git a/source4/scripting/python/samba/netcmd/delegation.py b/source4/scripting/python/samba/netcmd/delegation.py index 49849870dd..469579e58c 100644 --- a/source4/scripting/python/samba/netcmd/delegation.py +++ b/source4/scripting/python/samba/netcmd/delegation.py @@ -104,7 +104,9 @@ class cmd_delegation_for_any_service(Command): search_filter = "sAMAccountName=%s" % ldb.binary_encode(cleanedaccount) flag = dsdb.UF_TRUSTED_FOR_DELEGATION try: - sam.toggle_userAccountFlags(search_filter, flag, on=on, strict=True) + sam.toggle_userAccountFlags(search_filter, flag, + flags_str="Trusted-for-Delegation", + on=on, strict=True) except Exception, err: raise CommandError(err) @@ -138,7 +140,9 @@ class cmd_delegation_for_any_protocol(Command): search_filter = "sAMAccountName=%s" % ldb.binary_encode(cleanedaccount) flag = dsdb.UF_TRUSTED_TO_AUTHENTICATE_FOR_DELEGATION try: - sam.toggle_userAccountFlags(search_filter, flag, on=on, strict=True) + sam.toggle_userAccountFlags(search_filter, flag, + flags_str="Trusted-to-Authenticate-for-Delegation", + on=on, strict=True) except Exception, err: raise CommandError(err) diff --git a/source4/scripting/python/samba/samdb.py b/source4/scripting/python/samba/samdb.py index 5cceb062ea..df05a5208b 100644 --- a/source4/scripting/python/samba/samdb.py +++ b/source4/scripting/python/samba/samdb.py @@ -6,6 +6,7 @@ # # Based on the original in EJS: # Copyright (C) Andrew Tridgell <tridge@samba.org> 2005 +# Copyright (C) Giampaolo Lauria <lauria2@yahoo.com> 2011 # # This program is free software; you can redistribute it and/or modify # it under the terms of the GNU General Public License as published by @@ -89,7 +90,8 @@ class SamDB(samba.Ldb): flags = samba.dsdb.UF_ACCOUNTDISABLE | samba.dsdb.UF_PASSWD_NOTREQD self.toggle_userAccountFlags(search_filter, flags, on=False) - def toggle_userAccountFlags(self, search_filter, flags, on=True, strict=False): + def toggle_userAccountFlags(self, search_filter, flags, flags_str=None, + on=True, strict=False): """toggle_userAccountFlags :param search_filter: LDAP filter to find the user (eg @@ -102,20 +104,20 @@ class SamDB(samba.Ldb): res = self.search(base=self.domain_dn(), scope=ldb.SCOPE_SUBTREE, expression=search_filter, attrs=["userAccountControl"]) if len(res) == 0: - raise Exception('Unable to find user "%s"' % search_filter) + raise Exception("Unable to find account where '%s'" % search_filter) assert(len(res) == 1) account_dn = res[0].dn old_uac = int(res[0]["userAccountControl"][0]) if on: if strict and (old_uac & flags): - error = 'userAccountFlags[%d:0x%08X] already contain 0x%X' % (old_uac, old_uac, flags) + error = "Account flag(s) '%s' already set" % flags_str raise Exception(error) new_uac = old_uac | flags else: if strict and not (old_uac & flags): - error = 'userAccountFlags[%d:0x%08X] not contain 0x%X' % (old_uac, old_uac, flags) + error = "Account flag(s) '%s' already unset" % flags_str raise Exception(error) new_uac = old_uac & ~flags |