From a57c5eb848698a4231f851744949c6a44e92784a Mon Sep 17 00:00:00 2001 From: Wesley Young Date: Mon, 13 Aug 2012 01:08:36 +0000 Subject: s4-classicupgrade: Tests if sam policies exist before trying to import them. Signed-off-by: Andrew Bartlett --- source4/scripting/python/samba/upgrade.py | 49 ++++++++++++++++++------------- 1 file changed, 28 insertions(+), 21 deletions(-) (limited to 'source4/scripting') diff --git a/source4/scripting/python/samba/upgrade.py b/source4/scripting/python/samba/upgrade.py index 3779794ab5..8ce080b52f 100644 --- a/source4/scripting/python/samba/upgrade.py +++ b/source4/scripting/python/samba/upgrade.py @@ -56,30 +56,37 @@ def import_sam_policy(samdb, policy, logger): m = ldb.Message() m.dn = samdb.get_default_basedn() - m['a01'] = ldb.MessageElement(str(policy['min password length']), - ldb.FLAG_MOD_REPLACE, 'minPwdLength') - m['a02'] = ldb.MessageElement(str(policy['password history']), - ldb.FLAG_MOD_REPLACE, 'pwdHistoryLength') - - min_pw_age_unix = policy['minimum password age'] - min_pw_age_nt = int(-min_pw_age_unix * (1e7)) - m['a03'] = ldb.MessageElement(str(min_pw_age_nt), ldb.FLAG_MOD_REPLACE, - 'minPwdAge') - - max_pw_age_unix = policy['maximum password age'] - if max_pw_age_unix == -1 or max_pw_age_unix == 0: - max_pw_age_nt = -0x8000000000000000 - else: - max_pw_age_nt = int(-max_pw_age_unix * (1e7)) - m['a04'] = ldb.MessageElement(str(max_pw_age_nt), ldb.FLAG_MOD_REPLACE, - 'maxPwdAge') + if 'min password length' in policy: + m['a01'] = ldb.MessageElement(str(policy['min password length']), + ldb.FLAG_MOD_REPLACE, 'minPwdLength') + + if 'password history' in policy: + m['a02'] = ldb.MessageElement(str(policy['password history']), + ldb.FLAG_MOD_REPLACE, 'pwdHistoryLength') + + if 'minimum password age' in policy: + min_pw_age_unix = policy['minimum password age'] + min_pw_age_nt = int(-min_pw_age_unix * (1e7)) + m['a03'] = ldb.MessageElement(str(min_pw_age_nt), ldb.FLAG_MOD_REPLACE, + 'minPwdAge') + + if 'maximum password age' in policy: + max_pw_age_unix = policy['maximum password age'] + if max_pw_age_unix == -1 or max_pw_age_unix == 0: + max_pw_age_nt = -0x8000000000000000 + else: + max_pw_age_nt = int(-max_pw_age_unix * (1e7)) + + m['a04'] = ldb.MessageElement(str(max_pw_age_nt), ldb.FLAG_MOD_REPLACE, + 'maxPwdAge') - lockout_duration_mins = policy['lockout duration'] - lockout_duration_nt = unix2nttime(lockout_duration_mins * 60) + if 'lockout duration' in policy: + lockout_duration_mins = policy['lockout duration'] + lockout_duration_nt = unix2nttime(lockout_duration_mins * 60) - m['a05'] = ldb.MessageElement(str(lockout_duration_nt), - ldb.FLAG_MOD_REPLACE, 'lockoutDuration') + m['a05'] = ldb.MessageElement(str(lockout_duration_nt), + ldb.FLAG_MOD_REPLACE, 'lockoutDuration') try: samdb.modify(m) -- cgit