diff options
-rw-r--r-- | source4/samba4-skip | 1 | ||||
-rw-r--r-- | source4/scripting/python/samba/provision.py | 3 | ||||
-rw-r--r-- | source4/scripting/python/samba/samdb.py | 8 | ||||
-rw-r--r-- | source4/scripting/python/samba/tests/samdb.py | 55 | ||||
-rwxr-xr-x | source4/selftest/samba4_tests.sh | 1 | ||||
-rwxr-xr-x | source4/setup/newuser.py | 61 |
6 files changed, 125 insertions, 4 deletions
diff --git a/source4/samba4-skip b/source4/samba4-skip index b53f444c9c..ea69e297ce 100644 --- a/source4/samba4-skip +++ b/source4/samba4-skip @@ -50,4 +50,5 @@ RPC-FRSAPI # Not provided by Samba 4 WINBIND # FIXME: This should not be skipped NSS-TEST # Fails samba4.samba3sam.python # Conversion from EJS not yet finished +samba4.samdb.python # Not finished yet RAW-OFFLINE # Samba 4 doesn't have much offline support yet diff --git a/source4/scripting/python/samba/provision.py b/source4/scripting/python/samba/provision.py index 4f52d36167..97021fceb2 100644 --- a/source4/scripting/python/samba/provision.py +++ b/source4/scripting/python/samba/provision.py @@ -332,7 +332,6 @@ def setup_samdb_partitions(samdb_path, setup_path, message, lp, session_info, schemadn_ldb = "schema.ldb" if ldap_backend is not None: schema_ldb = ldap_backend - schemadn_ldb = ldap_backend if ldap_backend_type == "fedora-ds": @@ -536,6 +535,8 @@ def setup_samdb(path, setup_path, session_info, credentials, lp, :note: This will wipe the main SAM database file! """ + assert serverrole in ("domain controller", "member server") + # Also wipes the database setup_samdb_partitions(path, setup_path, schemadn=schemadn, configdn=configdn, domaindn=domaindn, message=message, lp=lp, diff --git a/source4/scripting/python/samba/samdb.py b/source4/scripting/python/samba/samdb.py index c11fabf553..3c6bb23c02 100644 --- a/source4/scripting/python/samba/samdb.py +++ b/source4/scripting/python/samba/samdb.py @@ -100,12 +100,14 @@ userAccountControl: %u self.transaction_start() # find the DNs for the domain and the domain users group - res = self.search("", SCOPE_BASE, "defaultNamingContext=*", - ["defaultNamingContext"]) + res = self.search("", scope=ldb.SCOPE_BASE, + expression="(defaultNamingContext=*)", + attrs=["defaultNamingContext"]) assert(len(res) == 1 and res[0].defaultNamingContext is not None) domain_dn = res[0]["defaultNamingContext"][0] assert(domain_dn is not None) - dom_users = self.searchone(basedn=domain_dn, attribute="dn", expression="name=Domain Users") + dom_users = self.searchone(basedn=domain_dn, attribute="dn", + expression="name=Domain Users") assert(dom_users is not None) user_dn = "CN=%s,CN=Users,%s" % (username, domain_dn) diff --git a/source4/scripting/python/samba/tests/samdb.py b/source4/scripting/python/samba/tests/samdb.py new file mode 100644 index 0000000000..40e56bebb5 --- /dev/null +++ b/source4/scripting/python/samba/tests/samdb.py @@ -0,0 +1,55 @@ +#!/usr/bin/python + +# Unix SMB/CIFS implementation. Tests for SamDB +# Copyright (C) Jelmer Vernooij <jelmer@samba.org> 2008 +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License as published by +# the Free Software Foundation; either version 3 of the License, or +# (at your option) any later version. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program. If not, see <http://www.gnu.org/licenses/>. +# +from auth import system_session +from credentials import Credentials +import os +from samba.provision import setup_samdb +from samba.samdb import SamDB +from samba.tests import get_loadparm, TestCaseInTempDir +import security +from unittest import TestCase +import uuid + +class SamDBTestCase(TestCaseInTempDir): + def setUp(self): + super(SamDBTestCase, self).setUp() + invocationid = uuid.random() + domaindn = "DC=COM,DC=EXAMPLE" + self.domaindn = domaindn + configdn = "CN=Configuration," + domaindn + schemadn = "CN=Schema," + configdn + domainguid = uuid.random() + policyguid = uuid.random() + setup_path = lambda x: os.path.join("setup", x) + creds = Credentials() + domainsid = security.random_sid() + hostguid = uuid.random() + path = os.path.join(self.tempdir, "samdb.ldb") + self.samdb = setup_samdb(path, setup_path, system_session(), creds, + get_loadparm(), schemadn, configdn, + self.domaindn, "example.com", "EXAMPLE.COM", + "FOO", lambda x: None, "foo", domaindn, + False, domainsid, "# no aci", domainguid, + policyguid, "EXAMPLE", True, "secret", + "secret", "secret", hostguid, invocationid, + "secret", "domain controller") + + def test_add_foreign(self): + self.samdb.add_foreign(self.domaindn, "S-1-5-7", "Somedescription") + diff --git a/source4/selftest/samba4_tests.sh b/source4/selftest/samba4_tests.sh index c90373e446..2595d51177 100755 --- a/source4/selftest/samba4_tests.sh +++ b/source4/selftest/samba4_tests.sh @@ -320,6 +320,7 @@ then plantest "provision.python" none $SUBUNITRUN samba.tests.provision plantest "samba3.python" none $SUBUNITRUN samba.tests.samba3 plantest "samr.python" dc $SUBUNITRUN samba.tests.dcerpc.sam + plantest "samdb.python" dc $SUBUNITRUN samba.tests.samdb plantest "events.python" none PYTHONPATH="$PYTHONPATH:lib/events" $SUBUNITRUN tests plantest "samba3sam.python" none PYTHONPATH="$PYTHONPATH:dsdb/samdb/ldb_modules/tests" $SUBUNITRUN samba3sam plantest "rpcecho.python" dc $SUBUNITRUN samba.tests.dcerpc.rpcecho diff --git a/source4/setup/newuser.py b/source4/setup/newuser.py new file mode 100755 index 0000000000..03ae4e5ffb --- /dev/null +++ b/source4/setup/newuser.py @@ -0,0 +1,61 @@ +#!/usr/bin/python +# +# add a new user to a Samba4 server +# Copyright Andrew Tridgell 2005 +# Copyright Jelmer Vernooij 2008 +# Released under the GNU GPL v2 or later +# + +import samba.getopt as options +import optparse +import pwd +import sys + +from auth import system_session +from samba.samdb import SamDB + +parser = optparse.OptionParser("newuser [options] <username> [<password>]") +sambaopts = options.SambaOptions(parser) +parser.add_option_group(sambaopts) +parser.add_option_group(options.VersionOptions(parser)) +credopts = options.CredentialsOptions(parser) +parser.add_option_group(credopts) +parser.add_option("--quiet", help="Be quiet", action="store_true") +parser.add_option("--unixname", help="Unix Username", type=str) + +opts, args = parser.parse_args() + +# +# print a message if quiet is not set +# +def message(text): + if not opts.quiet: + print text + +if len(args) == 0: + parser.print_usage() + sys.exit(1) + +username = args[0] +if len(args) > 1: + password = args[1] +else: + random_init(local) + options.password = randpass(12) + print "chose random password %s\n" % password + +if opts.unixname is None: + opts.unixname = username + +try: + pwd.getpwnam(opts.unixname) +except KeyError: + print "ERROR: Unix user '%s' does not exist" % opts.unixname + sys.exit(1) + +creds = credopts.get_credentials() + +lp = sambaopts.get_loadparm() +samdb = SamDB(url=lp.get("sam database"), session_info=system_session(), + credentials=creds, lp=lp) +samdb.newuser(username, opts.unixname, password) |