summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--source4/samba4-skip1
-rw-r--r--source4/scripting/python/samba/provision.py3
-rw-r--r--source4/scripting/python/samba/samdb.py8
-rw-r--r--source4/scripting/python/samba/tests/samdb.py55
-rwxr-xr-xsource4/selftest/samba4_tests.sh1
-rwxr-xr-xsource4/setup/newuser.py61
6 files changed, 125 insertions, 4 deletions
diff --git a/source4/samba4-skip b/source4/samba4-skip
index b53f444c9c..ea69e297ce 100644
--- a/source4/samba4-skip
+++ b/source4/samba4-skip
@@ -50,4 +50,5 @@ RPC-FRSAPI # Not provided by Samba 4
WINBIND # FIXME: This should not be skipped
NSS-TEST # Fails
samba4.samba3sam.python # Conversion from EJS not yet finished
+samba4.samdb.python # Not finished yet
RAW-OFFLINE # Samba 4 doesn't have much offline support yet
diff --git a/source4/scripting/python/samba/provision.py b/source4/scripting/python/samba/provision.py
index 4f52d36167..97021fceb2 100644
--- a/source4/scripting/python/samba/provision.py
+++ b/source4/scripting/python/samba/provision.py
@@ -332,7 +332,6 @@ def setup_samdb_partitions(samdb_path, setup_path, message, lp, session_info,
schemadn_ldb = "schema.ldb"
if ldap_backend is not None:
schema_ldb = ldap_backend
-
schemadn_ldb = ldap_backend
if ldap_backend_type == "fedora-ds":
@@ -536,6 +535,8 @@ def setup_samdb(path, setup_path, session_info, credentials, lp,
:note: This will wipe the main SAM database file!
"""
+ assert serverrole in ("domain controller", "member server")
+
# Also wipes the database
setup_samdb_partitions(path, setup_path, schemadn=schemadn, configdn=configdn,
domaindn=domaindn, message=message, lp=lp,
diff --git a/source4/scripting/python/samba/samdb.py b/source4/scripting/python/samba/samdb.py
index c11fabf553..3c6bb23c02 100644
--- a/source4/scripting/python/samba/samdb.py
+++ b/source4/scripting/python/samba/samdb.py
@@ -100,12 +100,14 @@ userAccountControl: %u
self.transaction_start()
# find the DNs for the domain and the domain users group
- res = self.search("", SCOPE_BASE, "defaultNamingContext=*",
- ["defaultNamingContext"])
+ res = self.search("", scope=ldb.SCOPE_BASE,
+ expression="(defaultNamingContext=*)",
+ attrs=["defaultNamingContext"])
assert(len(res) == 1 and res[0].defaultNamingContext is not None)
domain_dn = res[0]["defaultNamingContext"][0]
assert(domain_dn is not None)
- dom_users = self.searchone(basedn=domain_dn, attribute="dn", expression="name=Domain Users")
+ dom_users = self.searchone(basedn=domain_dn, attribute="dn",
+ expression="name=Domain Users")
assert(dom_users is not None)
user_dn = "CN=%s,CN=Users,%s" % (username, domain_dn)
diff --git a/source4/scripting/python/samba/tests/samdb.py b/source4/scripting/python/samba/tests/samdb.py
new file mode 100644
index 0000000000..40e56bebb5
--- /dev/null
+++ b/source4/scripting/python/samba/tests/samdb.py
@@ -0,0 +1,55 @@
+#!/usr/bin/python
+
+# Unix SMB/CIFS implementation. Tests for SamDB
+# Copyright (C) Jelmer Vernooij <jelmer@samba.org> 2008
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation; either version 3 of the License, or
+# (at your option) any later version.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program. If not, see <http://www.gnu.org/licenses/>.
+#
+from auth import system_session
+from credentials import Credentials
+import os
+from samba.provision import setup_samdb
+from samba.samdb import SamDB
+from samba.tests import get_loadparm, TestCaseInTempDir
+import security
+from unittest import TestCase
+import uuid
+
+class SamDBTestCase(TestCaseInTempDir):
+ def setUp(self):
+ super(SamDBTestCase, self).setUp()
+ invocationid = uuid.random()
+ domaindn = "DC=COM,DC=EXAMPLE"
+ self.domaindn = domaindn
+ configdn = "CN=Configuration," + domaindn
+ schemadn = "CN=Schema," + configdn
+ domainguid = uuid.random()
+ policyguid = uuid.random()
+ setup_path = lambda x: os.path.join("setup", x)
+ creds = Credentials()
+ domainsid = security.random_sid()
+ hostguid = uuid.random()
+ path = os.path.join(self.tempdir, "samdb.ldb")
+ self.samdb = setup_samdb(path, setup_path, system_session(), creds,
+ get_loadparm(), schemadn, configdn,
+ self.domaindn, "example.com", "EXAMPLE.COM",
+ "FOO", lambda x: None, "foo", domaindn,
+ False, domainsid, "# no aci", domainguid,
+ policyguid, "EXAMPLE", True, "secret",
+ "secret", "secret", hostguid, invocationid,
+ "secret", "domain controller")
+
+ def test_add_foreign(self):
+ self.samdb.add_foreign(self.domaindn, "S-1-5-7", "Somedescription")
+
diff --git a/source4/selftest/samba4_tests.sh b/source4/selftest/samba4_tests.sh
index c90373e446..2595d51177 100755
--- a/source4/selftest/samba4_tests.sh
+++ b/source4/selftest/samba4_tests.sh
@@ -320,6 +320,7 @@ then
plantest "provision.python" none $SUBUNITRUN samba.tests.provision
plantest "samba3.python" none $SUBUNITRUN samba.tests.samba3
plantest "samr.python" dc $SUBUNITRUN samba.tests.dcerpc.sam
+ plantest "samdb.python" dc $SUBUNITRUN samba.tests.samdb
plantest "events.python" none PYTHONPATH="$PYTHONPATH:lib/events" $SUBUNITRUN tests
plantest "samba3sam.python" none PYTHONPATH="$PYTHONPATH:dsdb/samdb/ldb_modules/tests" $SUBUNITRUN samba3sam
plantest "rpcecho.python" dc $SUBUNITRUN samba.tests.dcerpc.rpcecho
diff --git a/source4/setup/newuser.py b/source4/setup/newuser.py
new file mode 100755
index 0000000000..03ae4e5ffb
--- /dev/null
+++ b/source4/setup/newuser.py
@@ -0,0 +1,61 @@
+#!/usr/bin/python
+#
+# add a new user to a Samba4 server
+# Copyright Andrew Tridgell 2005
+# Copyright Jelmer Vernooij 2008
+# Released under the GNU GPL v2 or later
+#
+
+import samba.getopt as options
+import optparse
+import pwd
+import sys
+
+from auth import system_session
+from samba.samdb import SamDB
+
+parser = optparse.OptionParser("newuser [options] <username> [<password>]")
+sambaopts = options.SambaOptions(parser)
+parser.add_option_group(sambaopts)
+parser.add_option_group(options.VersionOptions(parser))
+credopts = options.CredentialsOptions(parser)
+parser.add_option_group(credopts)
+parser.add_option("--quiet", help="Be quiet", action="store_true")
+parser.add_option("--unixname", help="Unix Username", type=str)
+
+opts, args = parser.parse_args()
+
+#
+# print a message if quiet is not set
+#
+def message(text):
+ if not opts.quiet:
+ print text
+
+if len(args) == 0:
+ parser.print_usage()
+ sys.exit(1)
+
+username = args[0]
+if len(args) > 1:
+ password = args[1]
+else:
+ random_init(local)
+ options.password = randpass(12)
+ print "chose random password %s\n" % password
+
+if opts.unixname is None:
+ opts.unixname = username
+
+try:
+ pwd.getpwnam(opts.unixname)
+except KeyError:
+ print "ERROR: Unix user '%s' does not exist" % opts.unixname
+ sys.exit(1)
+
+creds = credopts.get_credentials()
+
+lp = sambaopts.get_loadparm()
+samdb = SamDB(url=lp.get("sam database"), session_info=system_session(),
+ credentials=creds, lp=lp)
+samdb.newuser(username, opts.unixname, password)