summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--source4/scripting/python/misc.i5
-rw-r--r--source4/scripting/python/misc.py1
-rw-r--r--source4/scripting/python/misc_wrap.c45
-rw-r--r--source4/scripting/python/samba/idmap.py7
-rw-r--r--source4/scripting/python/samba/samdb.py28
-rwxr-xr-xsource4/setup/newuser10
-rw-r--r--source4/setup/setpassword8
-rwxr-xr-xsource4/setup/tests/blackbox_provision.sh7
8 files changed, 96 insertions, 15 deletions
diff --git a/source4/scripting/python/misc.i b/source4/scripting/python/misc.i
index e04e6a6906..6fa3bc93e3 100644
--- a/source4/scripting/python/misc.i
+++ b/source4/scripting/python/misc.i
@@ -78,3 +78,8 @@ bool dsdb_set_ntds_invocation_id(struct ldb_context *ldb, const char *guid)
return samdb_set_ntds_invocation_id(ldb, &invocation_id_in);
}
%}
+
+char *private_path(TALLOC_CTX* mem_ctx,
+ struct loadparm_context *lp_ctx,
+ const char *name);
+
diff --git a/source4/scripting/python/misc.py b/source4/scripting/python/misc.py
index 2fc7fe37e7..f1da4c687a 100644
--- a/source4/scripting/python/misc.py
+++ b/source4/scripting/python/misc.py
@@ -71,5 +71,6 @@ version = _misc.version
dsdb_set_global_schema = _misc.dsdb_set_global_schema
ldb_register_samba_handlers = _misc.ldb_register_samba_handlers
dsdb_set_ntds_invocation_id = _misc.dsdb_set_ntds_invocation_id
+private_path = _misc.private_path
diff --git a/source4/scripting/python/misc_wrap.c b/source4/scripting/python/misc_wrap.c
index 579d1f379f..4944515d15 100644
--- a/source4/scripting/python/misc_wrap.c
+++ b/source4/scripting/python/misc_wrap.c
@@ -3153,6 +3153,50 @@ fail:
}
+SWIGINTERN PyObject *_wrap_private_path(PyObject *SWIGUNUSEDPARM(self), PyObject *args, PyObject *kwargs) {
+ PyObject *resultobj = 0;
+ TALLOC_CTX *arg1 = (TALLOC_CTX *) 0 ;
+ struct loadparm_context *arg2 = (struct loadparm_context *) 0 ;
+ char *arg3 = (char *) 0 ;
+ char *result = 0 ;
+ void *argp2 = 0 ;
+ int res2 = 0 ;
+ int res3 ;
+ char *buf3 = 0 ;
+ int alloc3 = 0 ;
+ PyObject * obj0 = 0 ;
+ PyObject * obj1 = 0 ;
+ char * kwnames[] = {
+ (char *) "lp_ctx",(char *) "name", NULL
+ };
+
+ arg2 = loadparm_init(NULL);
+ arg1 = NULL;
+ if (!PyArg_ParseTupleAndKeywords(args,kwargs,(char *)"|OO:private_path",kwnames,&obj0,&obj1)) SWIG_fail;
+ if (obj0) {
+ res2 = SWIG_ConvertPtr(obj0, &argp2,SWIGTYPE_p_loadparm_context, 0 | 0 );
+ if (!SWIG_IsOK(res2)) {
+ SWIG_exception_fail(SWIG_ArgError(res2), "in method '" "private_path" "', argument " "2"" of type '" "struct loadparm_context *""'");
+ }
+ arg2 = (struct loadparm_context *)(argp2);
+ }
+ if (obj1) {
+ res3 = SWIG_AsCharPtrAndSize(obj1, &buf3, NULL, &alloc3);
+ if (!SWIG_IsOK(res3)) {
+ SWIG_exception_fail(SWIG_ArgError(res3), "in method '" "private_path" "', argument " "3"" of type '" "char const *""'");
+ }
+ arg3 = (char *)(buf3);
+ }
+ result = (char *)private_path(arg1,arg2,(char const *)arg3);
+ resultobj = SWIG_FromCharPtr((const char *)result);
+ if (alloc3 == SWIG_NEWOBJ) free((char*)buf3);
+ return resultobj;
+fail:
+ if (alloc3 == SWIG_NEWOBJ) free((char*)buf3);
+ return NULL;
+}
+
+
static PyMethodDef SwigMethods[] = {
{ (char *)"random_password", (PyCFunction) _wrap_random_password, METH_VARARGS | METH_KEYWORDS, NULL},
{ (char *)"ldb_set_credentials", (PyCFunction) _wrap_ldb_set_credentials, METH_VARARGS | METH_KEYWORDS, NULL},
@@ -3164,6 +3208,7 @@ static PyMethodDef SwigMethods[] = {
{ (char *)"dsdb_set_global_schema", (PyCFunction) _wrap_dsdb_set_global_schema, METH_VARARGS | METH_KEYWORDS, NULL},
{ (char *)"ldb_register_samba_handlers", (PyCFunction) _wrap_ldb_register_samba_handlers, METH_VARARGS | METH_KEYWORDS, NULL},
{ (char *)"dsdb_set_ntds_invocation_id", (PyCFunction) _wrap_dsdb_set_ntds_invocation_id, METH_VARARGS | METH_KEYWORDS, NULL},
+ { (char *)"private_path", (PyCFunction) _wrap_private_path, METH_VARARGS | METH_KEYWORDS, NULL},
{ NULL, NULL, 0, NULL }
};
diff --git a/source4/scripting/python/samba/idmap.py b/source4/scripting/python/samba/idmap.py
index 355565968a..16efcd0470 100644
--- a/source4/scripting/python/samba/idmap.py
+++ b/source4/scripting/python/samba/idmap.py
@@ -21,6 +21,7 @@
"""Convenience functions for using the idmap database."""
import samba
+import misc
import ldb
class IDmapDB(samba.Ldb):
@@ -37,11 +38,17 @@ class IDmapDB(samba.Ldb):
:param url: URL of the database.
"""
+ self.lp = lp
+
super(IDmapDB, self).__init__(session_info=session_info, credentials=credentials,
modules_dir=modules_dir, lp=lp)
if url:
self.connect(url)
+ else:
+ self.connect(lp.get("idmap database"))
+ def connect(self, url):
+ super(IDmapDB, self).connect(misc.private_path(self.lp, url))
def setup_name_mapping(self, sid, type, unixid):
"""Setup a mapping between a sam name and a unix name.
diff --git a/source4/scripting/python/samba/samdb.py b/source4/scripting/python/samba/samdb.py
index bc3eef7879..198d1e9f5c 100644
--- a/source4/scripting/python/samba/samdb.py
+++ b/source4/scripting/python/samba/samdb.py
@@ -25,20 +25,29 @@
import samba
import misc
import ldb
+from samba.idmap import IDmapDB
+import pwd
class SamDB(samba.Ldb):
"""The SAM database."""
+
def __init__(self, url=None, session_info=None, credentials=None,
modules_dir=None, lp=None):
"""Open the Sam Database.
:param url: URL of the database.
"""
+ self.lp = lp
super(SamDB, self).__init__(session_info=session_info, credentials=credentials,
modules_dir=modules_dir, lp=lp)
assert misc.dsdb_set_global_schema(self) == 0
if url:
self.connect(url)
+ else:
+ self.connect(lp.get("sam database"))
+
+ def connect(self, url):
+ super(SamDB, self).connect(misc.private_path(self.lp, url))
def add_foreign(self, domaindn, sid, desc):
"""Add a foreign security principle."""
@@ -101,10 +110,27 @@ userAccountControl: %u
# now the real work
self.add({"dn": user_dn,
"sAMAccountName": username,
- "unixName": unixname,
"sambaPassword": password,
"objectClass": "user"})
+ res = self.search(user_dn, scope=ldb.SCOPE_BASE,
+ expression="objectclass=*",
+ attrs=["objectSid"])
+ assert(len(res) == 1)
+ user_sid = self.schema_format_value("objectSid", res[0]["objectSid"][0])
+
+
+ try:
+ idmap = IDmapDB(lp=self.lp)
+
+ user = pwd.getpwnam(unixname)
+ # setup ID mapping for this UID
+
+ idmap.setup_name_mapping(user_sid, idmap.TYPE_UID, user[2])
+
+ except KeyError:
+ pass
+
# modify the userAccountControl to remove the disabled bit
self.enable_account(user_dn)
self.transaction_commit()
diff --git a/source4/setup/newuser b/source4/setup/newuser
index f622058a5d..04a5440ee1 100755
--- a/source4/setup/newuser
+++ b/source4/setup/newuser
@@ -45,15 +45,9 @@ else:
if opts.unixname is None:
opts.unixname = username
-try:
- pwd.getpwnam(opts.unixname)
-except KeyError:
- print "ERROR: Unix user '%s' does not exist" % opts.unixname
- sys.exit(1)
-
-creds = credopts.get_credentials()
-
lp = sambaopts.get_loadparm()
+creds = credopts.get_credentials(lp)
+
samdb = SamDB(url=lp.get("sam database"), session_info=system_session(),
credentials=creds, lp=lp)
samdb.newuser(username, opts.unixname, password)
diff --git a/source4/setup/setpassword b/source4/setup/setpassword
index 31b2f73a25..977a6a5ee8 100644
--- a/source4/setup/setpassword
+++ b/source4/setup/setpassword
@@ -36,7 +36,7 @@ if len(args) == 0:
parser.print_usage()
sys.exit(1)
-password = opts.password;
+password = opts.newpassword;
if password is None:
password = getpass("New Password: ")
@@ -47,12 +47,12 @@ if filter is None:
if username is None:
print "Either username or --filter must be specified"
- filter = "(&(objectclass=user)(samAccountName=" + username + "))"
+ filter = "(&(objectclass=user)(samAccountName=%s))" % (username)
-creds = credopts.get_credentials()
-
lp = sambaopts.get_loadparm()
+creds = credopts.get_credentials(lp)
+
samdb = SamDB(url=lp.get("sam database"), session_info=system_session(),
credentials=creds, lp=lp)
samdb.setpassword(filter, password)
diff --git a/source4/setup/tests/blackbox_provision.sh b/source4/setup/tests/blackbox_provision.sh
index 4db226778c..19f37cef2d 100755
--- a/source4/setup/tests/blackbox_provision.sh
+++ b/source4/setup/tests/blackbox_provision.sh
@@ -31,8 +31,11 @@ testit "simple-default" $PYTHON ./setup/provision $CONFIGURATION --domain=FOO --
testit "simple-dc" $PYTHON ./setup/provision $CONFIGURATION --server-role="dc" --domain=FOO --realm=foo.example.com --domain-sid=S-1-5-21-4177067393-1453636373-93818738 --targetdir=$PREFIX/simple-dc
testit "simple-member" $PYTHON ./setup/provision $CONFIGURATION --server-role="member" --domain=FOO --realm=foo.example.com --targetdir=$PREFIX/simple-member
testit "simple-standalone" $PYTHON ./setup/provision $CONFIGURATION --server-role="standalone" --domain=FOO --realm=foo.example.com --targetdir=$PREFIX/simple-standalone
-testit "blank-dc" $PYTHON ./setup/provision $CONFIGURATION --server-role="dc" --domain=FOO --realm=foo.example.com --domain-sid=S-1-5-21-4177067393-1453636373-93818738 --targetdir=$PREFIX/simple-dc --blank
-testit "partitions-only-dc" $PYTHON ./setup/provision $CONFIGURATION --server-role="dc" --domain=FOO --realm=foo.example.com --domain-sid=S-1-5-21-4177067393-1453636373-93818738 --targetdir=$PREFIX/simple-dc --partitions-only
+testit "blank-dc" $PYTHON ./setup/provision $CONFIGURATION --server-role="dc" --domain=FOO --realm=foo.example.com --domain-sid=S-1-5-21-4177067393-1453636373-93818738 --targetdir=$PREFIX/blank-dc --blank
+testit "partitions-only-dc" $PYTHON ./setup/provision $CONFIGURATION --server-role="dc" --domain=FOO --realm=foo.example.com --domain-sid=S-1-5-21-4177067393-1453636373-93818738 --targetdir=$PREFIX/partitions-only-dc --partitions-only
+
+testit "newuser" $PYTHON ./setup/newuser --configfile=$PREFIX/simple-dc/etc/smb.conf testuser testpass
+testit "setpassword" $PYTHON ./setup/setpassword --configfile=$PREFIX/simple-dc/etc/smb.conf testuser --newpassword=testpass
reprovision() {
$PYTHON ./setup/provision $CONFIGURATION --domain=FOO --realm=foo.example.com --targetdir="$PREFIX/reprovision"