diff options
-rw-r--r-- | source4/scripting/python/samba/netcmd/__init__.py | 9 | ||||
-rw-r--r-- | source4/scripting/python/samba/netcmd/pwsettings.py | 2 | ||||
-rw-r--r-- | source4/scripting/python/samba/netcmd/setpassword.py | 77 | ||||
-rwxr-xr-x | source4/setup/setpassword | 74 | ||||
-rwxr-xr-x | testprogs/blackbox/test_passwords.sh | 5 |
5 files changed, 88 insertions, 79 deletions
diff --git a/source4/scripting/python/samba/netcmd/__init__.py b/source4/scripting/python/samba/netcmd/__init__.py index 1a04210f95..0086fa6f70 100644 --- a/source4/scripting/python/samba/netcmd/__init__.py +++ b/source4/scripting/python/samba/netcmd/__init__.py @@ -81,7 +81,12 @@ class Command(object): for option in option_group.option_list: del kwargs[option.dest] kwargs.update(optiongroups) - if len(args) != len(self.takes_args): + for i, arg in enumerate(self.takes_args): + if arg[-1] != "?": + if len(args) < i: + self.usage(args) + return -1 + if len(args) > len(self.takes_args): self.usage(args) return -1 try: @@ -126,3 +131,5 @@ from samba.netcmd.pwsettings import cmd_pwsettings commands["pwsettings"] = cmd_pwsettings() from samba.netcmd.domainlevel import cmd_domainlevel commands["domainlevel"] = cmd_domainlevel() +from samba.netcmd.setpassword import cmd_setpassword +commands["setpassword"] = cmd_setpassword() diff --git a/source4/scripting/python/samba/netcmd/pwsettings.py b/source4/scripting/python/samba/netcmd/pwsettings.py index 0568ea78e6..eb3bb65790 100644 --- a/source4/scripting/python/samba/netcmd/pwsettings.py +++ b/source4/scripting/python/samba/netcmd/pwsettings.py @@ -1,7 +1,7 @@ #!/usr/bin/python # # Sets password settings. -# (Password complexity, history length, minimum password length, the minimum +# (Password complexity, history length, minimum password length, the minimum # and maximum password age) on a Samba4 server # # Copyright Matthias Dieter Wallnoefer 2009 diff --git a/source4/scripting/python/samba/netcmd/setpassword.py b/source4/scripting/python/samba/netcmd/setpassword.py new file mode 100644 index 0000000000..6393e47414 --- /dev/null +++ b/source4/scripting/python/samba/netcmd/setpassword.py @@ -0,0 +1,77 @@ +#!/usr/bin/python +# +# Sets a user password on a Samba4 server +# Copyright Jelmer Vernooij 2008 +# +# Based on the original in EJS: +# Copyright Andrew Tridgell 2005 +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License as published by +# the Free Software Foundation; either version 3 of the License, or +# (at your option) any later version. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program. If not, see <http://www.gnu.org/licenses/>. +# + +import samba.getopt as options +from samba.netcmd import Command, CommandError, Option + +from getpass import getpass +from samba.auth import system_session +from samba.samdb import SamDB + +class cmd_setpassword(Command): + """Change the password of a user.""" + + synopsis = "setpassword [username] [options]" + + takes_optiongroups = { + "sambaopts": options.SambaOptions, + "versionopts": options.VersionOptions, + "credopts": options.CredentialsOptions, + } + + takes_options = [ + Option("-H", help="LDB URL for database or target server", type=str), + Option("--filter", help="LDAP Filter to set password on", type=str), + Option("--newpassword", help="Set password", type=str), + Option("--must-change-at-next-login", + help="Force password to be changed on next login", + action="store_true"), + ] + + takes_args = ["username?"] + + def run(self, username=None, filter=None, credopts=None, sambaopts=None, + versionopts=None, H=None, newpassword=None, + must_change_at_next_login=None): + if filter is None and username is None: + raise CommandError("Either the username or '--filter' must be specified!") + + password = newpassword + if password is None: + password = getpass("New Password: ") + + if filter is None: + filter = "(&(objectClass=user)(sAMAccountName=%s))" % (username) + + lp = sambaopts.get_loadparm() + creds = credopts.get_credentials(lp) + + if H is not None: + url = H + else: + url = lp.get("sam database") + + samdb = SamDB(url=url, session_info=system_session(), + credentials=creds, lp=lp) + + samdb.setpassword(filter, password, + force_password_change_at_next_login_req=must_change_at_next_login) diff --git a/source4/setup/setpassword b/source4/setup/setpassword deleted file mode 100755 index 57772be7a7..0000000000 --- a/source4/setup/setpassword +++ /dev/null @@ -1,74 +0,0 @@ -#!/usr/bin/python -# -# Sets a user password on a Samba4 server -# Copyright Jelmer Vernooij 2008 -# -# Based on the original in EJS: -# Copyright Andrew Tridgell 2005 -# -# This program is free software; you can redistribute it and/or modify -# it under the terms of the GNU General Public License as published by -# the Free Software Foundation; either version 3 of the License, or -# (at your option) any later version. -# -# This program is distributed in the hope that it will be useful, -# but WITHOUT ANY WARRANTY; without even the implied warranty of -# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -# GNU General Public License for more details. -# -# You should have received a copy of the GNU General Public License -# along with this program. If not, see <http://www.gnu.org/licenses/>. -# - -import sys - -# Find right directory when running from source tree -sys.path.insert(0, "bin/python") - -import samba.getopt as options -import optparse - -from getpass import getpass -from samba.auth import system_session -from samba.samdb import SamDB - -parser = optparse.OptionParser("setpassword [username] [options]") -sambaopts = options.SambaOptions(parser) -parser.add_option_group(sambaopts) -parser.add_option_group(options.VersionOptions(parser)) -credopts = options.CredentialsOptions(parser) -parser.add_option_group(credopts) -parser.add_option("-H", help="LDB URL for database or target server", type=str) -parser.add_option("--filter", help="LDAP Filter to set password on", type=str) -parser.add_option("--newpassword", help="Set password", type=str) -parser.add_option("--must-change-at-next-login", help="Force password to be changed on next login", action="store_true") - -opts, args = parser.parse_args() - -filter = opts.filter - -if (len(args) == 0) and (filter is None): - print "Either the username or '--filter' must be specified!" - parser.print_usage() - sys.exit(1) - -password = opts.newpassword; -if password is None: - password = getpass("New Password: ") - -if filter is None: - username = args[0] - filter = "(&(objectClass=user)(sAMAccountName=%s))" % (username) - -lp = sambaopts.get_loadparm() -creds = credopts.get_credentials(lp) - -if opts.H is not None: - url = opts.H -else: - url = lp.get("sam database") - -samdb = SamDB(url=url, session_info=system_session(), credentials=creds, lp=lp) - -samdb.setpassword(filter, password, force_password_change_at_next_login_req=opts.must_change_at_next_login) - diff --git a/testprogs/blackbox/test_passwords.sh b/testprogs/blackbox/test_passwords.sh index bc98e5abc0..71a0f46767 100755 --- a/testprogs/blackbox/test_passwords.sh +++ b/testprogs/blackbox/test_passwords.sh @@ -26,7 +26,6 @@ net="$samba4bindir/net$EXEEXT" rkpty="$samba4bindir/rkpty$EXEEXT" samba4kpasswd="$samba4bindir/samba4kpasswd$EXEEXT" enableaccount="$PYTHON `dirname $0`/../../source4/setup/enableaccount" -setpassword="$PYTHON `dirname $0`/../../source4/setup/setpassword" newuser="$PYTHON `dirname $0`/../../source4/setup/newuser" . `dirname $0`/subunit.sh @@ -88,7 +87,7 @@ test_smbclient "Test login with user kerberos (unforced)" 'ls' -k yes -Unettestu NEWUSERPASS=testPaSS@04% -testit "set password on user locally" $VALGRIND $setpassword nettestuser --newpassword=$NEWUSERPASS --must-change-at-next-login $@ || failed=`expr $failed + 1` +testit "set password on user locally" $VALGRIND $net setpassword nettestuser --newpassword=$NEWUSERPASS --must-change-at-next-login $@ || failed=`expr $failed + 1` USERPASS=$NEWUSERPASS NEWUSERPASS=testPaSS@05% @@ -96,7 +95,7 @@ testit "change user password with 'net password change' (after must change flag USERPASS=$NEWUSERPASS NEWUSERPASS=testPaSS@06% -testit "set password on user locally" $VALGRIND $setpassword nettestuser --newpassword=$NEWUSERPASS --must-change-at-next-login $@ || failed=`expr $failed + 1` +testit "set password on user locally" $VALGRIND $net setpassword nettestuser --newpassword=$NEWUSERPASS --must-change-at-next-login $@ || failed=`expr $failed + 1` USERPASS=$NEWUSERPASS NEWUSERPASS=testPaSS@07% |