From 6bc1957a54ba2e3c73b0cf580c94e8055d451b03 Mon Sep 17 00:00:00 2001
From: Andrew Tridgell <tridge@samba.org>
Date: Tue, 12 Jul 2011 10:41:52 +1000
Subject: samba-tool: fixed ldapcmp to run as non-root

this avoids the need for access to the secrets database

Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
Pair-Programmed-With: Amitay Isaacs <amitay@gmail.com>
---
 source4/scripting/python/samba/netcmd/ldapcmp.py | 11 +++++++++--
 1 file changed, 9 insertions(+), 2 deletions(-)

diff --git a/source4/scripting/python/samba/netcmd/ldapcmp.py b/source4/scripting/python/samba/netcmd/ldapcmp.py
index 160aa31258..c752d76a7b 100755
--- a/source4/scripting/python/samba/netcmd/ldapcmp.py
+++ b/source4/scripting/python/samba/netcmd/ldapcmp.py
@@ -874,15 +874,22 @@ class cmd_ldapcmp(Command):
             context1=None, context2=None, context3=None,
             two=False, quiet=False, verbose=False, descriptor=False, sort_aces=False, view="section",
             base="", base2="", scope="SUB", credopts=None, sambaopts=None, versionopts=None):
+
         lp = sambaopts.get_loadparm()
-        creds = credopts.get_credentials(lp, fallback_machine=True)
+
+        using_ldap = URL1.startswith("ldap") or URL2.startswith("ldap")
+
+        if using_ldap:
+            creds = credopts.get_credentials(lp, fallback_machine=True)
+        else:
+            creds = None
         creds2 = credopts.get_credentials2(lp, guess=False)
         if creds2.is_anonymous():
             creds2 = creds
         else:
             creds2.set_domain("")
             creds2.set_workstation("")
-        if not creds.authentication_requested():
+        if using_ldap and not creds.authentication_requested():
             raise CommandError("You must supply at least one username/password pair")
 
         # make a list of contexts to compare in
-- 
cgit