s4-s3-upgrade: convert password age policies to the negative NTTIME format

author Andrew Bartlett <abartlet@samba.org>

Wed, 7 Sep 2011 02:21:00 +0000 (12:21 +1000)

committer Andrew Bartlett <abartlet@samba.org>

Wed, 7 Sep 2011 11:44:44 +0000 (13:44 +0200)
author Andrew Bartlett <abartlet@samba.org>
Wed, 7 Sep 2011 02:21:00 +0000 (12:21 +1000)
committer Andrew Bartlett <abartlet@samba.org>
Wed, 7 Sep 2011 11:44:44 +0000 (13:44 +0200)
diff --git a/source4/scripting/python/samba/upgrade.py b/source4/scripting/python/samba/upgrade.py

index 2bb5ccccbe16aa8304b56422ecfacf2c2b76e38f..92ab86b69689aafdd5eedfd0e10d18a2bcf1c1a1 100644 (file)
--- a/source4/scripting/python/samba/upgrade.py
+++ b/source4/scripting/python/samba/upgrade.py
@@ -33,7 +33,7 @@ from samba.dcerpc import lsa, samr, security
  from samba.dcerpc.security import dom_sid
  from samba import dsdb
  from samba.ndr import ndr_pack
  from samba.dcerpc.security import dom_sid
  from samba import dsdb
  from samba.ndr import ndr_pack
-
+from samba import unix2nttime
  
  def import_sam_policy(samdb, policy, logger):
      """Import a Samba 3 policy.
  
  def import_sam_policy(samdb, policy, logger):
      """Import a Samba 3 policy.
@@ -53,16 +53,29 @@ def import_sam_policy(samdb, policy, logger):
  
      m = ldb.Message()
      m.dn = samdb.get_default_basedn()
  
      m = ldb.Message()
      m.dn = samdb.get_default_basedn()
-    m['a01'] = ldb.MessageElement(str(policy['min password length']), ldb.FLAG_MOD_REPLACE,
+    m['a01'] = ldb.MessageElement(str(unix2nttime(policy['min password length'])), ldb.FLAG_MOD_REPLACE,
                              'minPwdLength')
      m['a02'] = ldb.MessageElement(str(policy['password history']), ldb.FLAG_MOD_REPLACE,
                              'pwdHistoryLength')
                              'minPwdLength')
      m['a02'] = ldb.MessageElement(str(policy['password history']), ldb.FLAG_MOD_REPLACE,
                              'pwdHistoryLength')
-    m['a03'] = ldb.MessageElement(str(policy['minimum password age']), ldb.FLAG_MOD_REPLACE,
-                            'minPwdAge')
-    m['a04'] = ldb.MessageElement(str(policy['maximum password age']), ldb.FLAG_MOD_REPLACE,
-                            'maxPwdAge')
-    m['a05'] = ldb.MessageElement(str(policy['lockout duration']), ldb.FLAG_MOD_REPLACE,
-                            'lockoutDuration')
+
+    min_pw_age_unix = policy['minimum password age']
+    min_pw_age_nt = 0 - unix2nttime(min_pw_age_unix)
+    m['a03'] = ldb.MessageElement(str(min_pw_age_nt), ldb.FLAG_MOD_REPLACE, 'minPwdAge')
+
+    max_pw_age_unix = policy['maximum password age']
+    if (max_pw_age_unix == 0xFFFFFFFF):
+        max_pw_age_nt = 0
+    else:
+        max_pw_age_nt = unix2nttime(max_pw_age_unix)
+
+    m['a04'] = ldb.MessageElement(str(max_pw_age_nt), ldb.FLAG_MOD_REPLACE,
+                                  'maxPwdAge')
+
+    lockout_duration_mins = policy['lockout duration']
+    lockout_duration_nt = unix2nttime(lockout_duration_mins * 60)
+
+    m['a05'] = ldb.MessageElement(str(lockout_duration_nt), ldb.FLAG_MOD_REPLACE,
+                                  'lockoutDuration')
  
      try:
          samdb.modify(m)
  
      try:
          samdb.modify(m)
author	Andrew Bartlett <abartlet@samba.org>
	Wed, 7 Sep 2011 02:21:00 +0000 (12:21 +1000)
committer	Andrew Bartlett <abartlet@samba.org>
	Wed, 7 Sep 2011 11:44:44 +0000 (13:44 +0200)