5 files changed, 85 insertions, 1 deletions

diff --git a/source4/scripting/python/misc.i b/source4/scripting/python/misc.i
index e04e6a6906..6fa3bc93e3 100644
--- a/source4/scripting/python/misc.i
+++ b/source4/scripting/python/misc.i
@@ -78,3 +78,8 @@ bool dsdb_set_ntds_invocation_id(struct ldb_context *ldb, const char *guid)
     return samdb_set_ntds_invocation_id(ldb, &invocation_id_in);
 }
 %}
+
+char *private_path(TALLOC_CTX* mem_ctx, 
+     		   struct loadparm_context *lp_ctx,
+	           const char *name);
+
diff --git a/source4/scripting/python/misc.py b/source4/scripting/python/misc.py
index 2fc7fe37e7..f1da4c687a 100644
--- a/source4/scripting/python/misc.py
+++ b/source4/scripting/python/misc.py
@@ -71,5 +71,6 @@ version = _misc.version
 dsdb_set_global_schema = _misc.dsdb_set_global_schema
 ldb_register_samba_handlers = _misc.ldb_register_samba_handlers
 dsdb_set_ntds_invocation_id = _misc.dsdb_set_ntds_invocation_id
+private_path = _misc.private_path
 
 
diff --git a/source4/scripting/python/misc_wrap.c b/source4/scripting/python/misc_wrap.c
index 579d1f379f..4944515d15 100644
--- a/source4/scripting/python/misc_wrap.c
+++ b/source4/scripting/python/misc_wrap.c
@@ -3153,6 +3153,50 @@ fail:
 }
 
 
+SWIGINTERN PyObject *_wrap_private_path(PyObject *SWIGUNUSEDPARM(self), PyObject *args, PyObject *kwargs) {
+  PyObject *resultobj = 0;
+  TALLOC_CTX *arg1 = (TALLOC_CTX *) 0 ;
+  struct loadparm_context *arg2 = (struct loadparm_context *) 0 ;
+  char *arg3 = (char *) 0 ;
+  char *result = 0 ;
+  void *argp2 = 0 ;
+  int res2 = 0 ;
+  int res3 ;
+  char *buf3 = 0 ;
+  int alloc3 = 0 ;
+  PyObject * obj0 = 0 ;
+  PyObject * obj1 = 0 ;
+  char *  kwnames[] = {
+    (char *) "lp_ctx",(char *) "name", NULL 
+  };
+  
+  arg2 = loadparm_init(NULL);
+  arg1 = NULL;
+  if (!PyArg_ParseTupleAndKeywords(args,kwargs,(char *)"|OO:private_path",kwnames,&obj0,&obj1)) SWIG_fail;
+  if (obj0) {
+    res2 = SWIG_ConvertPtr(obj0, &argp2,SWIGTYPE_p_loadparm_context, 0 |  0 );
+    if (!SWIG_IsOK(res2)) {
+      SWIG_exception_fail(SWIG_ArgError(res2), "in method '" "private_path" "', argument " "2"" of type '" "struct loadparm_context *""'"); 
+    }
+    arg2 = (struct loadparm_context *)(argp2);
+  }
+  if (obj1) {
+    res3 = SWIG_AsCharPtrAndSize(obj1, &buf3, NULL, &alloc3);
+    if (!SWIG_IsOK(res3)) {
+      SWIG_exception_fail(SWIG_ArgError(res3), "in method '" "private_path" "', argument " "3"" of type '" "char const *""'");
+    }
+    arg3 = (char *)(buf3);
+  }
+  result = (char *)private_path(arg1,arg2,(char const *)arg3);
+  resultobj = SWIG_FromCharPtr((const char *)result);
+  if (alloc3 == SWIG_NEWOBJ) free((char*)buf3);
+  return resultobj;
+fail:
+  if (alloc3 == SWIG_NEWOBJ) free((char*)buf3);
+  return NULL;
+}
+
+
 static PyMethodDef SwigMethods[] = {
 	 { (char *)"random_password", (PyCFunction) _wrap_random_password, METH_VARARGS | METH_KEYWORDS, NULL},
 	 { (char *)"ldb_set_credentials", (PyCFunction) _wrap_ldb_set_credentials, METH_VARARGS | METH_KEYWORDS, NULL},
@@ -3164,6 +3208,7 @@ static PyMethodDef SwigMethods[] = {
 	 { (char *)"dsdb_set_global_schema", (PyCFunction) _wrap_dsdb_set_global_schema, METH_VARARGS | METH_KEYWORDS, NULL},
 	 { (char *)"ldb_register_samba_handlers", (PyCFunction) _wrap_ldb_register_samba_handlers, METH_VARARGS | METH_KEYWORDS, NULL},
 	 { (char *)"dsdb_set_ntds_invocation_id", (PyCFunction) _wrap_dsdb_set_ntds_invocation_id, METH_VARARGS | METH_KEYWORDS, NULL},
+	 { (char *)"private_path", (PyCFunction) _wrap_private_path, METH_VARARGS | METH_KEYWORDS, NULL},
 	 { NULL, NULL, 0, NULL }
 };
 
diff --git a/source4/scripting/python/samba/idmap.py b/source4/scripting/python/samba/idmap.py
index 355565968a..16efcd0470 100644
--- a/source4/scripting/python/samba/idmap.py
+++ b/source4/scripting/python/samba/idmap.py
@@ -21,6 +21,7 @@
 """Convenience functions for using the idmap database."""
 
 import samba
+import misc
 import ldb
 
 class IDmapDB(samba.Ldb):
@@ -37,11 +38,17 @@ class IDmapDB(samba.Ldb):
 
         :param url: URL of the database.
         """
+        self.lp = lp
+
         super(IDmapDB, self).__init__(session_info=session_info, credentials=credentials,
                                     modules_dir=modules_dir, lp=lp)
         if url:
             self.connect(url)
+        else:
+            self.connect(lp.get("idmap database"))
 
+    def connect(self, url):
+        super(IDmapDB, self).connect(misc.private_path(self.lp, url))
 
     def setup_name_mapping(self, sid, type, unixid):
         """Setup a mapping between a sam name and a unix name.
diff --git a/source4/scripting/python/samba/samdb.py b/source4/scripting/python/samba/samdb.py
index bc3eef7879..198d1e9f5c 100644
--- a/source4/scripting/python/samba/samdb.py
+++ b/source4/scripting/python/samba/samdb.py
@@ -25,20 +25,29 @@
 import samba
 import misc
 import ldb
+from samba.idmap import IDmapDB
+import pwd
 
 class SamDB(samba.Ldb):
     """The SAM database."""
+
     def __init__(self, url=None, session_info=None, credentials=None, 
                  modules_dir=None, lp=None):
         """Open the Sam Database.
 
         :param url: URL of the database.
         """
+        self.lp = lp
         super(SamDB, self).__init__(session_info=session_info, credentials=credentials,
                                     modules_dir=modules_dir, lp=lp)
         assert misc.dsdb_set_global_schema(self) == 0
         if url:
             self.connect(url)
+        else:
+            self.connect(lp.get("sam database"))
+
+    def connect(self, url):
+        super(SamDB, self).connect(misc.private_path(self.lp, url))
 
     def add_foreign(self, domaindn, sid, desc):
         """Add a foreign security principle."""
@@ -101,10 +110,27 @@ userAccountControl: %u
         #  now the real work
         self.add({"dn": user_dn, 
             "sAMAccountName": username,
-            "unixName": unixname,
             "sambaPassword": password,
             "objectClass": "user"})
 
+        res = self.search(user_dn, scope=ldb.SCOPE_BASE,
+                          expression="objectclass=*",
+                          attrs=["objectSid"])
+        assert(len(res) == 1)
+        user_sid = self.schema_format_value("objectSid", res[0]["objectSid"][0])
+        
+        
+        try:
+            idmap = IDmapDB(lp=self.lp)
+
+            user = pwd.getpwnam(unixname)
+            # setup ID mapping for this UID
+            
+            idmap.setup_name_mapping(user_sid, idmap.TYPE_UID, user[2])
+
+        except KeyError:
+            pass
+
         #  modify the userAccountControl to remove the disabled bit
         self.enable_account(user_dn)
         self.transaction_commit()