summaryrefslogtreecommitdiff
path: root/source4/scripting/python
diff options
context:
space:
mode:
Diffstat (limited to 'source4/scripting/python')
-rw-r--r--source4/scripting/python/samba/samdb.py26
1 files changed, 14 insertions, 12 deletions
diff --git a/source4/scripting/python/samba/samdb.py b/source4/scripting/python/samba/samdb.py
index 28352f202f..239dd6a6ea 100644
--- a/source4/scripting/python/samba/samdb.py
+++ b/source4/scripting/python/samba/samdb.py
@@ -107,15 +107,16 @@ pwdLastSet: 0
""" % (user_dn)
self.modify_ldif(mod)
- def newuser(self, username, unixname, password, force_password_change_at_next_login=False):
+ def newuser(self, username, unixname, password, force_password_change_at_next_login_req=False):
"""Adds a new user
Note: This call adds also the ID mapping for winbind; therefore it works
*only* on SAMBA 4.
- :param username: Name of the new user.
- :param unixname: Name of the unix user to map to.
+ :param username: Name of the new user
+ :param unixname: Name of the unix user to map to
:param password: Password for the new user
+ :param force_password_change_at_next_login_req: Force password change
"""
self.transaction_start()
try:
@@ -129,7 +130,7 @@ pwdLastSet: 0
# Sets the password for it
self.setpassword("(dn=" + user_dn + ")", password,
- force_password_change_at_next_login)
+ force_password_change_at_next_login_req)
# Gets the user SID (for the account mapping setup)
res = self.search(user_dn, scope=ldb.SCOPE_BASE,
@@ -153,7 +154,7 @@ pwdLastSet: 0
raise
self.transaction_commit()
- def setpassword(self, filter, password, force_password_change_at_next_login=False):
+ def setpassword(self, filter, password, force_password_change_at_next_login_req=False):
"""Sets the password for a user
Note: This call uses the "userPassword" attribute to set the password.
@@ -162,7 +163,7 @@ pwdLastSet: 0
:param filter: LDAP filter to find the user (eg samccountname=name)
:param password: Password for the user
- :param force_password_change_at_next_login: Force password change
+ :param force_password_change_at_next_login_req: Force password change
"""
self.transaction_start()
try:
@@ -180,8 +181,9 @@ userPassword:: %s
self.modify_ldif(setpw)
- if force_password_change_at_next_login:
- self.force_password_change_at_next_login(user_dn)
+ if force_password_change_at_next_login_req:
+ self.force_password_change_at_next_login(
+ "(dn=" + str(user_dn) + ")")
# modify the userAccountControl to remove the disabled bit
self.enable_account(filter)
@@ -190,24 +192,24 @@ userPassword:: %s
raise
self.transaction_commit()
- def setexpiry(self, filter, expiry_seconds, noexpiry=False):
+ def setexpiry(self, filter, expiry_seconds, no_expiry_req=False):
"""Sets the account expiry for a user
:param filter: LDAP filter to find the user (eg samccountname=name)
:param expiry_seconds: expiry time from now in seconds
- :param noexpiry: if set, then don't expire password
+ :param no_expiry_req: if set, then don't expire password
"""
self.transaction_start()
try:
res = self.search(base=self.domain_dn(), scope=ldb.SCOPE_SUBTREE,
expression=filter,
attrs=["userAccountControl", "accountExpires"])
- assert len(res) == 1
+ assert(len(res) == 1)
user_dn = res[0].dn
userAccountControl = int(res[0]["userAccountControl"][0])
accountExpires = int(res[0]["accountExpires"][0])
- if noexpiry:
+ if no_expiry_req:
userAccountControl = userAccountControl | 0x10000
accountExpires = 0
else: