From 9817f3d785ceb67819a9def0e8030272e4ba9e14 Mon Sep 17 00:00:00 2001 From: Andrew Tridgell Date: Sat, 30 Aug 2008 07:32:44 +1000 Subject: Add a setexpiry operation in samdb.py This makes it easy to set the expiry (or no expiry) for a samdb user (This used to be commit 25171f18a4b242b5a731f4ac1eefc51cc82efd74) --- source4/scripting/python/misc.i | 13 +++++ source4/scripting/python/misc.py | 3 +- source4/scripting/python/misc_wrap.c | 84 +++++++++++++++++++++++++++++---- source4/scripting/python/samba/samdb.py | 33 +++++++++++++ 4 files changed, 123 insertions(+), 10 deletions(-) (limited to 'source4/scripting') diff --git a/source4/scripting/python/misc.i b/source4/scripting/python/misc.i index 1d331215b5..f0bc156abd 100644 --- a/source4/scripting/python/misc.i +++ b/source4/scripting/python/misc.i @@ -100,3 +100,16 @@ bool dsdb_set_ntds_invocation_id(struct ldb_context *ldb, const char *guid) char *private_path(TALLOC_CTX* mem_ctx, struct loadparm_context *lp_ctx, const char *name); +typedef unsigned long time_t; + +/* + convert from unix time to NT time +*/ +%inline %{ +uint64_t unix2nttime(time_t t) +{ + NTTIME nt; + unix_to_nt_time(&nt, t); + return (uint64_t)nt; +} +%} diff --git a/source4/scripting/python/misc.py b/source4/scripting/python/misc.py index 0c14944001..e52d7df11d 100644 --- a/source4/scripting/python/misc.py +++ b/source4/scripting/python/misc.py @@ -1,5 +1,5 @@ # This file was automatically generated by SWIG (http://www.swig.org). -# Version 1.3.35 +# Version 1.3.36 # # Don't modify this file, modify the SWIG interface instead. @@ -118,5 +118,6 @@ def ldb_register_samba_handlers(*args, **kwargs): return _misc.ldb_register_samba_handlers(*args, **kwargs) dsdb_set_ntds_invocation_id = _misc.dsdb_set_ntds_invocation_id private_path = _misc.private_path +unix2nttime = _misc.unix2nttime diff --git a/source4/scripting/python/misc_wrap.c b/source4/scripting/python/misc_wrap.c index 888918ef53..4b5bfb0174 100644 --- a/source4/scripting/python/misc_wrap.c +++ b/source4/scripting/python/misc_wrap.c @@ -1,6 +1,6 @@ /* ---------------------------------------------------------------------------- * This file was automatically generated by SWIG (http://www.swig.org). - * Version 1.3.35 + * Version 1.3.36 * * This file is not intended to be easily readable and contains a number of * coding conventions designed to improve portability and efficiency. Do not make @@ -52,6 +52,12 @@ # endif #endif +#ifndef SWIG_MSC_UNSUPPRESS_4505 +# if defined(_MSC_VER) +# pragma warning(disable : 4505) /* unreferenced local function has been removed */ +# endif +#endif + #ifndef SWIGUNUSEDPARM # ifdef __cplusplus # define SWIGUNUSEDPARM(p) @@ -2537,7 +2543,7 @@ static swig_module_info swig_module = {swig_types, 27, 0, 0, 0, 0}; #define SWIG_name "_misc" -#define SWIGVERSION 0x010335 +#define SWIGVERSION 0x010336 #define SWIG_VERSION SWIGVERSION @@ -2826,6 +2832,40 @@ bool dsdb_set_ntds_invocation_id(struct ldb_context *ldb, const char *guid) return samdb_set_ntds_invocation_id(ldb, &invocation_id_in); } + +uint64_t unix2nttime(time_t t) +{ + NTTIME nt; + unix_to_nt_time(&nt, t); + return (uint64_t)nt; +} + + +#include +#if !defined(SWIG_NO_LLONG_MAX) +# if !defined(LLONG_MAX) && defined(__GNUC__) && defined (__LONG_LONG_MAX__) +# define LLONG_MAX __LONG_LONG_MAX__ +# define LLONG_MIN (-LLONG_MAX - 1LL) +# define ULLONG_MAX (LLONG_MAX * 2ULL + 1ULL) +# endif +#endif + + +SWIGINTERNINLINE PyObject* +SWIG_From_long_SS_long (long long value) +{ + return ((value < LONG_MIN) || (value > LONG_MAX)) ? + PyLong_FromLongLong(value) : PyInt_FromLong((long)(value)); +} + + +SWIGINTERNINLINE PyObject* +SWIG_From_unsigned_SS_long_SS_long (unsigned long long value) +{ + return (value > LONG_MAX) ? + PyLong_FromUnsignedLongLong(value) : PyInt_FromLong((long)(value)); +} + #ifdef __cplusplus extern "C" { #endif @@ -2833,13 +2873,13 @@ SWIGINTERN PyObject *_wrap_random_password(PyObject *SWIGUNUSEDPARM(self), PyObj PyObject *resultobj = 0; TALLOC_CTX *arg1 = (TALLOC_CTX *) 0 ; size_t arg2 ; - char *result = 0 ; size_t val2 ; int ecode2 = 0 ; PyObject * obj0 = 0 ; char * kwnames[] = { (char *) "len", NULL }; + char *result = 0 ; arg1 = NULL; if (!PyArg_ParseTupleAndKeywords(args,kwargs,(char *)"O:random_password",kwnames,&obj0)) SWIG_fail; @@ -2974,7 +3014,6 @@ SWIGINTERN PyObject *_wrap_samdb_set_domain_sid(PyObject *SWIGUNUSEDPARM(self), PyObject *resultobj = 0; struct ldb_context *arg1 = (struct ldb_context *) 0 ; struct dom_sid *arg2 = (struct dom_sid *) 0 ; - bool result; void *argp1 = 0 ; int res1 = 0 ; void *argp2 = 0 ; @@ -2984,6 +3023,7 @@ SWIGINTERN PyObject *_wrap_samdb_set_domain_sid(PyObject *SWIGUNUSEDPARM(self), char * kwnames[] = { (char *) "ldb",(char *) "dom_sid_in", NULL }; + bool result; if (!PyArg_ParseTupleAndKeywords(args,kwargs,(char *)"OO:samdb_set_domain_sid",kwnames,&obj0,&obj1)) SWIG_fail; res1 = SWIG_ConvertPtr(obj0, &argp1,SWIGTYPE_p_ldb_context, 0 | 0 ); @@ -3012,7 +3052,6 @@ SWIGINTERN PyObject *_wrap_dsdb_attach_schema_from_ldif_file(PyObject *SWIGUNUSE struct ldb_context *arg1 = (struct ldb_context *) 0 ; char *arg2 = (char *) 0 ; char *arg3 = (char *) 0 ; - WERROR result; void *argp1 = 0 ; int res1 = 0 ; int res2 ; @@ -3027,6 +3066,7 @@ SWIGINTERN PyObject *_wrap_dsdb_attach_schema_from_ldif_file(PyObject *SWIGUNUSE char * kwnames[] = { (char *) "ldb",(char *) "pf",(char *) "df", NULL }; + WERROR result; if (!PyArg_ParseTupleAndKeywords(args,kwargs,(char *)"OOO:dsdb_attach_schema_from_ldif_file",kwnames,&obj0,&obj1,&obj2)) SWIG_fail; res1 = SWIG_ConvertPtr(obj0, &argp1,SWIGTYPE_p_ldb_context, 0 | 0 ); @@ -3080,13 +3120,13 @@ fail: SWIGINTERN PyObject *_wrap_dsdb_set_global_schema(PyObject *SWIGUNUSEDPARM(self), PyObject *args, PyObject *kwargs) { PyObject *resultobj = 0; struct ldb_context *arg1 = (struct ldb_context *) 0 ; - int result; void *argp1 = 0 ; int res1 = 0 ; PyObject * obj0 = 0 ; char * kwnames[] = { (char *) "ldb", NULL }; + int result; if (!PyArg_ParseTupleAndKeywords(args,kwargs,(char *)"O:dsdb_set_global_schema",kwnames,&obj0)) SWIG_fail; res1 = SWIG_ConvertPtr(obj0, &argp1,SWIGTYPE_p_ldb_context, 0 | 0 ); @@ -3108,13 +3148,13 @@ fail: SWIGINTERN PyObject *_wrap_ldb_register_samba_handlers(PyObject *SWIGUNUSEDPARM(self), PyObject *args, PyObject *kwargs) { PyObject *resultobj = 0; struct ldb_context *arg1 = (struct ldb_context *) 0 ; - int result; void *argp1 = 0 ; int res1 = 0 ; PyObject * obj0 = 0 ; char * kwnames[] = { (char *) "ldb", NULL }; + int result; if (!PyArg_ParseTupleAndKeywords(args,kwargs,(char *)"O:ldb_register_samba_handlers",kwnames,&obj0)) SWIG_fail; res1 = SWIG_ConvertPtr(obj0, &argp1,SWIGTYPE_p_ldb_context, 0 | 0 ); @@ -3137,7 +3177,6 @@ SWIGINTERN PyObject *_wrap_dsdb_set_ntds_invocation_id(PyObject *SWIGUNUSEDPARM( PyObject *resultobj = 0; struct ldb_context *arg1 = (struct ldb_context *) 0 ; char *arg2 = (char *) 0 ; - bool result; void *argp1 = 0 ; int res1 = 0 ; int res2 ; @@ -3148,6 +3187,7 @@ SWIGINTERN PyObject *_wrap_dsdb_set_ntds_invocation_id(PyObject *SWIGUNUSEDPARM( char * kwnames[] = { (char *) "ldb",(char *) "guid", NULL }; + bool result; if (!PyArg_ParseTupleAndKeywords(args,kwargs,(char *)"OO:dsdb_set_ntds_invocation_id",kwnames,&obj0,&obj1)) SWIG_fail; res1 = SWIG_ConvertPtr(obj0, &argp1,SWIGTYPE_p_ldb_context, 0 | 0 ); @@ -3178,7 +3218,6 @@ SWIGINTERN PyObject *_wrap_private_path(PyObject *SWIGUNUSEDPARM(self), PyObject TALLOC_CTX *arg1 = (TALLOC_CTX *) 0 ; struct loadparm_context *arg2 = (struct loadparm_context *) 0 ; char *arg3 = (char *) 0 ; - char *result = 0 ; void *argp2 = 0 ; int res2 = 0 ; int res3 ; @@ -3189,6 +3228,7 @@ SWIGINTERN PyObject *_wrap_private_path(PyObject *SWIGUNUSEDPARM(self), PyObject char * kwnames[] = { (char *) "lp_ctx",(char *) "name", NULL }; + char *result = 0 ; arg2 = loadparm_init(NULL); arg1 = NULL; @@ -3217,6 +3257,31 @@ fail: } +SWIGINTERN PyObject *_wrap_unix2nttime(PyObject *SWIGUNUSEDPARM(self), PyObject *args, PyObject *kwargs) { + PyObject *resultobj = 0; + time_t arg1 ; + unsigned long val1 ; + int ecode1 = 0 ; + PyObject * obj0 = 0 ; + char * kwnames[] = { + (char *) "t", NULL + }; + uint64_t result; + + if (!PyArg_ParseTupleAndKeywords(args,kwargs,(char *)"O:unix2nttime",kwnames,&obj0)) SWIG_fail; + ecode1 = SWIG_AsVal_unsigned_SS_long(obj0, &val1); + if (!SWIG_IsOK(ecode1)) { + SWIG_exception_fail(SWIG_ArgError(ecode1), "in method '" "unix2nttime" "', argument " "1"" of type '" "time_t""'"); + } + arg1 = (time_t)(val1); + result = (uint64_t)unix2nttime(arg1); + resultobj = SWIG_From_unsigned_SS_long_SS_long((unsigned long long)(result)); + return resultobj; +fail: + return NULL; +} + + static PyMethodDef SwigMethods[] = { { (char *)"random_password", (PyCFunction) _wrap_random_password, METH_VARARGS | METH_KEYWORDS, (char *)"\n" "S.random_password(len) -> string\n" @@ -3250,6 +3315,7 @@ static PyMethodDef SwigMethods[] = { ""}, { (char *)"dsdb_set_ntds_invocation_id", (PyCFunction) _wrap_dsdb_set_ntds_invocation_id, METH_VARARGS | METH_KEYWORDS, NULL}, { (char *)"private_path", (PyCFunction) _wrap_private_path, METH_VARARGS | METH_KEYWORDS, NULL}, + { (char *)"unix2nttime", (PyCFunction) _wrap_unix2nttime, METH_VARARGS | METH_KEYWORDS, NULL}, { NULL, NULL, 0, NULL } }; diff --git a/source4/scripting/python/samba/samdb.py b/source4/scripting/python/samba/samdb.py index c7d93d6aff..4a64c2f76d 100644 --- a/source4/scripting/python/samba/samdb.py +++ b/source4/scripting/python/samba/samdb.py @@ -27,6 +27,7 @@ import misc import ldb from samba.idmap import IDmapDB import pwd +import time __docformat__ = "restructuredText" @@ -192,3 +193,35 @@ userPassword: %s :param invocation_id: GUID of the invocation id. """ misc.dsdb_set_ntds_invocation_id(self, invocation_id) + + def setexpiry(self, user, expiry_seconds, noexpiry): + """Set the password expiry for a user + + :param expiry_seconds: expiry time from now in seconds + :param noexpiry: if set, then don't expire password + """ + self.transaction_start(); + res = self.search(base=self.domain_dn(), scope=ldb.SCOPE_SUBTREE, + expression=("(samAccountName=%s)" % user), + attrs=["userAccountControl", "accountExpires"]) + assert len(res) == 1 + userAccountControl = int(res[0]["userAccountControl"][0]) + accountExpires = int(res[0]["accountExpires"][0]) + if noexpiry: + userAccountControl = userAccountControl | 0x10000 + accountExpires = 0 + else: + userAccountControl = userAccountControl & ~0x10000 + accountExpires = misc.unix2nttime(expiry_seconds + int(time.time())) + + mod = """ +dn: %s +changetype: modify +replace: userAccountControl +userAccountControl: %u +replace: accountExpires +accountExpires: %u +""" % (res[0].dn, userAccountControl, accountExpires) + # now change the database + self.modify_ldif(mod) + self.transaction_commit(); -- cgit