summaryrefslogtreecommitdiff
path: root/source4/setup/enableaccount
blob: b270da00970ace829063bef723ecc0bdff4ab4de (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
#!/usr/bin/python
#
#	Enables a disabled user account on a Samba4 server
#	Copyright Andrew Tridgell 2005
#	Copyright Jelmer Vernooij 2008
#	Released under the GNU GPL version 3 or later
#
import os, sys

sys.path.insert(0, os.path.join(os.path.dirname(sys.argv[0]), "../bin/python"))

import samba.getopt as options
import optparse
import pwd
import ldb

from samba.auth import system_session
from samba.samdb import SamDB

parser = optparse.OptionParser("enableaccount [username] [options]")
sambaopts = options.SambaOptions(parser)
parser.add_option_group(sambaopts)
parser.add_option_group(options.VersionOptions(parser))
credopts = options.CredentialsOptions(parser)
parser.add_option_group(credopts)
parser.add_option("-H", help="LDB URL for database or target server", type=str)
parser.add_option("--base", help="Base DN to search for user under", type=str)

opts, args = parser.parse_args()

#
#  print a message if quiet is not set
#
def message(text):
	if not opts.quiet:
		print text

if len(args) == 0:
	parser.print_usage()
	sys.exit(1)

username = args[0]

if username is None:
	print "username must be specified"

lp = sambaopts.get_loadparm()

creds = credopts.get_credentials(lp)

if opts.H is not None:
	url = opts.H
else:
	url = lp.get("sam database")

samdb = SamDB(url=url, session_info=system_session(), 
              credentials=creds, lp=lp)

domain_dn = opts.base
if opts.base is None:
	res = samdb.search("", scope=ldb.SCOPE_BASE, 
			  expression="(defaultNamingContext=*)", 
			  attrs=["defaultNamingContext"])
	assert(len(res) == 1 and res[0]["defaultNamingContext"] is not None)
	domain_dn = res[0]["defaultNamingContext"][0]
else:
	domain_dn = opts.base

filter = "(&(objectClass=user)(samAccountName=%s))" % username

res = samdb.search(domain_dn, scope=ldb.SCOPE_SUBTREE, 
		  expression=filter,
		  attrs=[])
assert(len(res) == 1)
user_dn = res[0].dn

samdb.enable_account(user_dn)