diff options
Diffstat (limited to 'source4/scripting')
-rw-r--r-- | source4/scripting/python/samba/samdb.py | 26 |
1 files changed, 14 insertions, 12 deletions
diff --git a/source4/scripting/python/samba/samdb.py b/source4/scripting/python/samba/samdb.py index 28352f202f..239dd6a6ea 100644 --- a/source4/scripting/python/samba/samdb.py +++ b/source4/scripting/python/samba/samdb.py @@ -107,15 +107,16 @@ pwdLastSet: 0 """ % (user_dn) self.modify_ldif(mod) - def newuser(self, username, unixname, password, force_password_change_at_next_login=False): + def newuser(self, username, unixname, password, force_password_change_at_next_login_req=False): """Adds a new user Note: This call adds also the ID mapping for winbind; therefore it works *only* on SAMBA 4. - :param username: Name of the new user. - :param unixname: Name of the unix user to map to. + :param username: Name of the new user + :param unixname: Name of the unix user to map to :param password: Password for the new user + :param force_password_change_at_next_login_req: Force password change """ self.transaction_start() try: @@ -129,7 +130,7 @@ pwdLastSet: 0 # Sets the password for it self.setpassword("(dn=" + user_dn + ")", password, - force_password_change_at_next_login) + force_password_change_at_next_login_req) # Gets the user SID (for the account mapping setup) res = self.search(user_dn, scope=ldb.SCOPE_BASE, @@ -153,7 +154,7 @@ pwdLastSet: 0 raise self.transaction_commit() - def setpassword(self, filter, password, force_password_change_at_next_login=False): + def setpassword(self, filter, password, force_password_change_at_next_login_req=False): """Sets the password for a user Note: This call uses the "userPassword" attribute to set the password. @@ -162,7 +163,7 @@ pwdLastSet: 0 :param filter: LDAP filter to find the user (eg samccountname=name) :param password: Password for the user - :param force_password_change_at_next_login: Force password change + :param force_password_change_at_next_login_req: Force password change """ self.transaction_start() try: @@ -180,8 +181,9 @@ userPassword:: %s self.modify_ldif(setpw) - if force_password_change_at_next_login: - self.force_password_change_at_next_login(user_dn) + if force_password_change_at_next_login_req: + self.force_password_change_at_next_login( + "(dn=" + str(user_dn) + ")") # modify the userAccountControl to remove the disabled bit self.enable_account(filter) @@ -190,24 +192,24 @@ userPassword:: %s raise self.transaction_commit() - def setexpiry(self, filter, expiry_seconds, noexpiry=False): + def setexpiry(self, filter, expiry_seconds, no_expiry_req=False): """Sets the account expiry for a user :param filter: LDAP filter to find the user (eg samccountname=name) :param expiry_seconds: expiry time from now in seconds - :param noexpiry: if set, then don't expire password + :param no_expiry_req: if set, then don't expire password """ self.transaction_start() try: res = self.search(base=self.domain_dn(), scope=ldb.SCOPE_SUBTREE, expression=filter, attrs=["userAccountControl", "accountExpires"]) - assert len(res) == 1 + assert(len(res) == 1) user_dn = res[0].dn userAccountControl = int(res[0]["userAccountControl"][0]) accountExpires = int(res[0]["accountExpires"][0]) - if noexpiry: + if no_expiry_req: userAccountControl = userAccountControl | 0x10000 accountExpires = 0 else: |