diff options
-rw-r--r-- | source4/scripting/python/samba/idmap.py | 7 | ||||
-rw-r--r-- | source4/scripting/python/samba/samdb.py | 28 | ||||
-rwxr-xr-x | source4/setup/newuser | 10 | ||||
-rw-r--r-- | source4/setup/setpassword | 8 | ||||
-rwxr-xr-x | source4/setup/tests/blackbox_provision.sh | 7 |
5 files changed, 45 insertions, 15 deletions
diff --git a/source4/scripting/python/samba/idmap.py b/source4/scripting/python/samba/idmap.py index 355565968a..16efcd0470 100644 --- a/source4/scripting/python/samba/idmap.py +++ b/source4/scripting/python/samba/idmap.py @@ -21,6 +21,7 @@ """Convenience functions for using the idmap database.""" import samba +import misc import ldb class IDmapDB(samba.Ldb): @@ -37,11 +38,17 @@ class IDmapDB(samba.Ldb): :param url: URL of the database. """ + self.lp = lp + super(IDmapDB, self).__init__(session_info=session_info, credentials=credentials, modules_dir=modules_dir, lp=lp) if url: self.connect(url) + else: + self.connect(lp.get("idmap database")) + def connect(self, url): + super(IDmapDB, self).connect(misc.private_path(self.lp, url)) def setup_name_mapping(self, sid, type, unixid): """Setup a mapping between a sam name and a unix name. diff --git a/source4/scripting/python/samba/samdb.py b/source4/scripting/python/samba/samdb.py index bc3eef7879..198d1e9f5c 100644 --- a/source4/scripting/python/samba/samdb.py +++ b/source4/scripting/python/samba/samdb.py @@ -25,20 +25,29 @@ import samba import misc import ldb +from samba.idmap import IDmapDB +import pwd class SamDB(samba.Ldb): """The SAM database.""" + def __init__(self, url=None, session_info=None, credentials=None, modules_dir=None, lp=None): """Open the Sam Database. :param url: URL of the database. """ + self.lp = lp super(SamDB, self).__init__(session_info=session_info, credentials=credentials, modules_dir=modules_dir, lp=lp) assert misc.dsdb_set_global_schema(self) == 0 if url: self.connect(url) + else: + self.connect(lp.get("sam database")) + + def connect(self, url): + super(SamDB, self).connect(misc.private_path(self.lp, url)) def add_foreign(self, domaindn, sid, desc): """Add a foreign security principle.""" @@ -101,10 +110,27 @@ userAccountControl: %u # now the real work self.add({"dn": user_dn, "sAMAccountName": username, - "unixName": unixname, "sambaPassword": password, "objectClass": "user"}) + res = self.search(user_dn, scope=ldb.SCOPE_BASE, + expression="objectclass=*", + attrs=["objectSid"]) + assert(len(res) == 1) + user_sid = self.schema_format_value("objectSid", res[0]["objectSid"][0]) + + + try: + idmap = IDmapDB(lp=self.lp) + + user = pwd.getpwnam(unixname) + # setup ID mapping for this UID + + idmap.setup_name_mapping(user_sid, idmap.TYPE_UID, user[2]) + + except KeyError: + pass + # modify the userAccountControl to remove the disabled bit self.enable_account(user_dn) self.transaction_commit() diff --git a/source4/setup/newuser b/source4/setup/newuser index f622058a5d..04a5440ee1 100755 --- a/source4/setup/newuser +++ b/source4/setup/newuser @@ -45,15 +45,9 @@ else: if opts.unixname is None: opts.unixname = username -try: - pwd.getpwnam(opts.unixname) -except KeyError: - print "ERROR: Unix user '%s' does not exist" % opts.unixname - sys.exit(1) - -creds = credopts.get_credentials() - lp = sambaopts.get_loadparm() +creds = credopts.get_credentials(lp) + samdb = SamDB(url=lp.get("sam database"), session_info=system_session(), credentials=creds, lp=lp) samdb.newuser(username, opts.unixname, password) diff --git a/source4/setup/setpassword b/source4/setup/setpassword index 31b2f73a25..977a6a5ee8 100644 --- a/source4/setup/setpassword +++ b/source4/setup/setpassword @@ -36,7 +36,7 @@ if len(args) == 0: parser.print_usage() sys.exit(1) -password = opts.password; +password = opts.newpassword; if password is None: password = getpass("New Password: ") @@ -47,12 +47,12 @@ if filter is None: if username is None: print "Either username or --filter must be specified" - filter = "(&(objectclass=user)(samAccountName=" + username + "))" + filter = "(&(objectclass=user)(samAccountName=%s))" % (username) -creds = credopts.get_credentials() - lp = sambaopts.get_loadparm() +creds = credopts.get_credentials(lp) + samdb = SamDB(url=lp.get("sam database"), session_info=system_session(), credentials=creds, lp=lp) samdb.setpassword(filter, password) diff --git a/source4/setup/tests/blackbox_provision.sh b/source4/setup/tests/blackbox_provision.sh index 4db226778c..19f37cef2d 100755 --- a/source4/setup/tests/blackbox_provision.sh +++ b/source4/setup/tests/blackbox_provision.sh @@ -31,8 +31,11 @@ testit "simple-default" $PYTHON ./setup/provision $CONFIGURATION --domain=FOO -- testit "simple-dc" $PYTHON ./setup/provision $CONFIGURATION --server-role="dc" --domain=FOO --realm=foo.example.com --domain-sid=S-1-5-21-4177067393-1453636373-93818738 --targetdir=$PREFIX/simple-dc testit "simple-member" $PYTHON ./setup/provision $CONFIGURATION --server-role="member" --domain=FOO --realm=foo.example.com --targetdir=$PREFIX/simple-member testit "simple-standalone" $PYTHON ./setup/provision $CONFIGURATION --server-role="standalone" --domain=FOO --realm=foo.example.com --targetdir=$PREFIX/simple-standalone -testit "blank-dc" $PYTHON ./setup/provision $CONFIGURATION --server-role="dc" --domain=FOO --realm=foo.example.com --domain-sid=S-1-5-21-4177067393-1453636373-93818738 --targetdir=$PREFIX/simple-dc --blank -testit "partitions-only-dc" $PYTHON ./setup/provision $CONFIGURATION --server-role="dc" --domain=FOO --realm=foo.example.com --domain-sid=S-1-5-21-4177067393-1453636373-93818738 --targetdir=$PREFIX/simple-dc --partitions-only +testit "blank-dc" $PYTHON ./setup/provision $CONFIGURATION --server-role="dc" --domain=FOO --realm=foo.example.com --domain-sid=S-1-5-21-4177067393-1453636373-93818738 --targetdir=$PREFIX/blank-dc --blank +testit "partitions-only-dc" $PYTHON ./setup/provision $CONFIGURATION --server-role="dc" --domain=FOO --realm=foo.example.com --domain-sid=S-1-5-21-4177067393-1453636373-93818738 --targetdir=$PREFIX/partitions-only-dc --partitions-only + +testit "newuser" $PYTHON ./setup/newuser --configfile=$PREFIX/simple-dc/etc/smb.conf testuser testpass +testit "setpassword" $PYTHON ./setup/setpassword --configfile=$PREFIX/simple-dc/etc/smb.conf testuser --newpassword=testpass reprovision() { $PYTHON ./setup/provision $CONFIGURATION --domain=FOO --realm=foo.example.com --targetdir="$PREFIX/reprovision" |