diff options
-rw-r--r-- | source4/scripting/python/misc.i | 5 | ||||
-rw-r--r-- | source4/scripting/python/misc.py | 1 | ||||
-rw-r--r-- | source4/scripting/python/misc_wrap.c | 45 | ||||
-rw-r--r-- | source4/scripting/python/samba/idmap.py | 7 | ||||
-rw-r--r-- | source4/scripting/python/samba/samdb.py | 28 | ||||
-rwxr-xr-x | source4/setup/newuser | 10 | ||||
-rw-r--r-- | source4/setup/setpassword | 8 | ||||
-rwxr-xr-x | source4/setup/tests/blackbox_provision.sh | 7 |
8 files changed, 96 insertions, 15 deletions
diff --git a/source4/scripting/python/misc.i b/source4/scripting/python/misc.i index e04e6a6906..6fa3bc93e3 100644 --- a/source4/scripting/python/misc.i +++ b/source4/scripting/python/misc.i @@ -78,3 +78,8 @@ bool dsdb_set_ntds_invocation_id(struct ldb_context *ldb, const char *guid) return samdb_set_ntds_invocation_id(ldb, &invocation_id_in); } %} + +char *private_path(TALLOC_CTX* mem_ctx, + struct loadparm_context *lp_ctx, + const char *name); + diff --git a/source4/scripting/python/misc.py b/source4/scripting/python/misc.py index 2fc7fe37e7..f1da4c687a 100644 --- a/source4/scripting/python/misc.py +++ b/source4/scripting/python/misc.py @@ -71,5 +71,6 @@ version = _misc.version dsdb_set_global_schema = _misc.dsdb_set_global_schema ldb_register_samba_handlers = _misc.ldb_register_samba_handlers dsdb_set_ntds_invocation_id = _misc.dsdb_set_ntds_invocation_id +private_path = _misc.private_path diff --git a/source4/scripting/python/misc_wrap.c b/source4/scripting/python/misc_wrap.c index 579d1f379f..4944515d15 100644 --- a/source4/scripting/python/misc_wrap.c +++ b/source4/scripting/python/misc_wrap.c @@ -3153,6 +3153,50 @@ fail: } +SWIGINTERN PyObject *_wrap_private_path(PyObject *SWIGUNUSEDPARM(self), PyObject *args, PyObject *kwargs) { + PyObject *resultobj = 0; + TALLOC_CTX *arg1 = (TALLOC_CTX *) 0 ; + struct loadparm_context *arg2 = (struct loadparm_context *) 0 ; + char *arg3 = (char *) 0 ; + char *result = 0 ; + void *argp2 = 0 ; + int res2 = 0 ; + int res3 ; + char *buf3 = 0 ; + int alloc3 = 0 ; + PyObject * obj0 = 0 ; + PyObject * obj1 = 0 ; + char * kwnames[] = { + (char *) "lp_ctx",(char *) "name", NULL + }; + + arg2 = loadparm_init(NULL); + arg1 = NULL; + if (!PyArg_ParseTupleAndKeywords(args,kwargs,(char *)"|OO:private_path",kwnames,&obj0,&obj1)) SWIG_fail; + if (obj0) { + res2 = SWIG_ConvertPtr(obj0, &argp2,SWIGTYPE_p_loadparm_context, 0 | 0 ); + if (!SWIG_IsOK(res2)) { + SWIG_exception_fail(SWIG_ArgError(res2), "in method '" "private_path" "', argument " "2"" of type '" "struct loadparm_context *""'"); + } + arg2 = (struct loadparm_context *)(argp2); + } + if (obj1) { + res3 = SWIG_AsCharPtrAndSize(obj1, &buf3, NULL, &alloc3); + if (!SWIG_IsOK(res3)) { + SWIG_exception_fail(SWIG_ArgError(res3), "in method '" "private_path" "', argument " "3"" of type '" "char const *""'"); + } + arg3 = (char *)(buf3); + } + result = (char *)private_path(arg1,arg2,(char const *)arg3); + resultobj = SWIG_FromCharPtr((const char *)result); + if (alloc3 == SWIG_NEWOBJ) free((char*)buf3); + return resultobj; +fail: + if (alloc3 == SWIG_NEWOBJ) free((char*)buf3); + return NULL; +} + + static PyMethodDef SwigMethods[] = { { (char *)"random_password", (PyCFunction) _wrap_random_password, METH_VARARGS | METH_KEYWORDS, NULL}, { (char *)"ldb_set_credentials", (PyCFunction) _wrap_ldb_set_credentials, METH_VARARGS | METH_KEYWORDS, NULL}, @@ -3164,6 +3208,7 @@ static PyMethodDef SwigMethods[] = { { (char *)"dsdb_set_global_schema", (PyCFunction) _wrap_dsdb_set_global_schema, METH_VARARGS | METH_KEYWORDS, NULL}, { (char *)"ldb_register_samba_handlers", (PyCFunction) _wrap_ldb_register_samba_handlers, METH_VARARGS | METH_KEYWORDS, NULL}, { (char *)"dsdb_set_ntds_invocation_id", (PyCFunction) _wrap_dsdb_set_ntds_invocation_id, METH_VARARGS | METH_KEYWORDS, NULL}, + { (char *)"private_path", (PyCFunction) _wrap_private_path, METH_VARARGS | METH_KEYWORDS, NULL}, { NULL, NULL, 0, NULL } }; diff --git a/source4/scripting/python/samba/idmap.py b/source4/scripting/python/samba/idmap.py index 355565968a..16efcd0470 100644 --- a/source4/scripting/python/samba/idmap.py +++ b/source4/scripting/python/samba/idmap.py @@ -21,6 +21,7 @@ """Convenience functions for using the idmap database.""" import samba +import misc import ldb class IDmapDB(samba.Ldb): @@ -37,11 +38,17 @@ class IDmapDB(samba.Ldb): :param url: URL of the database. """ + self.lp = lp + super(IDmapDB, self).__init__(session_info=session_info, credentials=credentials, modules_dir=modules_dir, lp=lp) if url: self.connect(url) + else: + self.connect(lp.get("idmap database")) + def connect(self, url): + super(IDmapDB, self).connect(misc.private_path(self.lp, url)) def setup_name_mapping(self, sid, type, unixid): """Setup a mapping between a sam name and a unix name. diff --git a/source4/scripting/python/samba/samdb.py b/source4/scripting/python/samba/samdb.py index bc3eef7879..198d1e9f5c 100644 --- a/source4/scripting/python/samba/samdb.py +++ b/source4/scripting/python/samba/samdb.py @@ -25,20 +25,29 @@ import samba import misc import ldb +from samba.idmap import IDmapDB +import pwd class SamDB(samba.Ldb): """The SAM database.""" + def __init__(self, url=None, session_info=None, credentials=None, modules_dir=None, lp=None): """Open the Sam Database. :param url: URL of the database. """ + self.lp = lp super(SamDB, self).__init__(session_info=session_info, credentials=credentials, modules_dir=modules_dir, lp=lp) assert misc.dsdb_set_global_schema(self) == 0 if url: self.connect(url) + else: + self.connect(lp.get("sam database")) + + def connect(self, url): + super(SamDB, self).connect(misc.private_path(self.lp, url)) def add_foreign(self, domaindn, sid, desc): """Add a foreign security principle.""" @@ -101,10 +110,27 @@ userAccountControl: %u # now the real work self.add({"dn": user_dn, "sAMAccountName": username, - "unixName": unixname, "sambaPassword": password, "objectClass": "user"}) + res = self.search(user_dn, scope=ldb.SCOPE_BASE, + expression="objectclass=*", + attrs=["objectSid"]) + assert(len(res) == 1) + user_sid = self.schema_format_value("objectSid", res[0]["objectSid"][0]) + + + try: + idmap = IDmapDB(lp=self.lp) + + user = pwd.getpwnam(unixname) + # setup ID mapping for this UID + + idmap.setup_name_mapping(user_sid, idmap.TYPE_UID, user[2]) + + except KeyError: + pass + # modify the userAccountControl to remove the disabled bit self.enable_account(user_dn) self.transaction_commit() diff --git a/source4/setup/newuser b/source4/setup/newuser index f622058a5d..04a5440ee1 100755 --- a/source4/setup/newuser +++ b/source4/setup/newuser @@ -45,15 +45,9 @@ else: if opts.unixname is None: opts.unixname = username -try: - pwd.getpwnam(opts.unixname) -except KeyError: - print "ERROR: Unix user '%s' does not exist" % opts.unixname - sys.exit(1) - -creds = credopts.get_credentials() - lp = sambaopts.get_loadparm() +creds = credopts.get_credentials(lp) + samdb = SamDB(url=lp.get("sam database"), session_info=system_session(), credentials=creds, lp=lp) samdb.newuser(username, opts.unixname, password) diff --git a/source4/setup/setpassword b/source4/setup/setpassword index 31b2f73a25..977a6a5ee8 100644 --- a/source4/setup/setpassword +++ b/source4/setup/setpassword @@ -36,7 +36,7 @@ if len(args) == 0: parser.print_usage() sys.exit(1) -password = opts.password; +password = opts.newpassword; if password is None: password = getpass("New Password: ") @@ -47,12 +47,12 @@ if filter is None: if username is None: print "Either username or --filter must be specified" - filter = "(&(objectclass=user)(samAccountName=" + username + "))" + filter = "(&(objectclass=user)(samAccountName=%s))" % (username) -creds = credopts.get_credentials() - lp = sambaopts.get_loadparm() +creds = credopts.get_credentials(lp) + samdb = SamDB(url=lp.get("sam database"), session_info=system_session(), credentials=creds, lp=lp) samdb.setpassword(filter, password) diff --git a/source4/setup/tests/blackbox_provision.sh b/source4/setup/tests/blackbox_provision.sh index 4db226778c..19f37cef2d 100755 --- a/source4/setup/tests/blackbox_provision.sh +++ b/source4/setup/tests/blackbox_provision.sh @@ -31,8 +31,11 @@ testit "simple-default" $PYTHON ./setup/provision $CONFIGURATION --domain=FOO -- testit "simple-dc" $PYTHON ./setup/provision $CONFIGURATION --server-role="dc" --domain=FOO --realm=foo.example.com --domain-sid=S-1-5-21-4177067393-1453636373-93818738 --targetdir=$PREFIX/simple-dc testit "simple-member" $PYTHON ./setup/provision $CONFIGURATION --server-role="member" --domain=FOO --realm=foo.example.com --targetdir=$PREFIX/simple-member testit "simple-standalone" $PYTHON ./setup/provision $CONFIGURATION --server-role="standalone" --domain=FOO --realm=foo.example.com --targetdir=$PREFIX/simple-standalone -testit "blank-dc" $PYTHON ./setup/provision $CONFIGURATION --server-role="dc" --domain=FOO --realm=foo.example.com --domain-sid=S-1-5-21-4177067393-1453636373-93818738 --targetdir=$PREFIX/simple-dc --blank -testit "partitions-only-dc" $PYTHON ./setup/provision $CONFIGURATION --server-role="dc" --domain=FOO --realm=foo.example.com --domain-sid=S-1-5-21-4177067393-1453636373-93818738 --targetdir=$PREFIX/simple-dc --partitions-only +testit "blank-dc" $PYTHON ./setup/provision $CONFIGURATION --server-role="dc" --domain=FOO --realm=foo.example.com --domain-sid=S-1-5-21-4177067393-1453636373-93818738 --targetdir=$PREFIX/blank-dc --blank +testit "partitions-only-dc" $PYTHON ./setup/provision $CONFIGURATION --server-role="dc" --domain=FOO --realm=foo.example.com --domain-sid=S-1-5-21-4177067393-1453636373-93818738 --targetdir=$PREFIX/partitions-only-dc --partitions-only + +testit "newuser" $PYTHON ./setup/newuser --configfile=$PREFIX/simple-dc/etc/smb.conf testuser testpass +testit "setpassword" $PYTHON ./setup/setpassword --configfile=$PREFIX/simple-dc/etc/smb.conf testuser --newpassword=testpass reprovision() { $PYTHON ./setup/provision $CONFIGURATION --domain=FOO --realm=foo.example.com --targetdir="$PREFIX/reprovision" |