samba-tools: more reasonable defaults for samba-tool commands

- fallback to machine account where possible

- default to local hostname where this is reasonable

diff --git a/source4/scripting/python/samba/getopt.py b/source4/scripting/python/samba/getopt.py
index a5a33929845da7c7b36f8b13150f4bf34fb1a44d..671142b552e1f2af2a5ce96109c26bfc63fbe2cd 100644 (file)
--- a/source4/scripting/python/samba/getopt.py
+++ b/source4/scripting/python/samba/getopt.py
@@ -151,7 +151,7 @@ class CredentialsOptions(optparse.OptionGroup):
     def _set_simple_bind_dn(self, option, opt_str, arg, parser):
         self.creds.set_bind_dn(arg)
 
-    def get_credentials(self, lp):
+    def get_credentials(self, lp, fallback_machine=False):
         """Obtain the credentials set on the command-line.
 
         :param lp: Loadparm object to use.
@@ -160,6 +160,15 @@ class CredentialsOptions(optparse.OptionGroup):
         self.creds.guess(lp)
         if self.no_pass:
             self.creds.set_cmdline_callbacks()
+
+        # possibly fallback to using the machine account, if we have
+        # access to the secrets db
+        if fallback_machine and not self.creds.authentication_requested():
+            try:
+                self.creds.set_machine_account(lp)
+            except Exception:
+                pass
+
         return self.creds
 
 class CredentialsOptionsDouble(CredentialsOptions):

diff --git a/source4/scripting/python/samba/netcmd/common.py b/source4/scripting/python/samba/netcmd/common.py
new file mode 100644 (file)
index 0000000..bd72c8f
--- /dev/null
+++ b/source4/scripting/python/samba/netcmd/common.py
@@ -0,0 +1,24 @@
+#!/usr/bin/env python
+#
+# common functions for samba-tool python commands
+#
+# Copyright Andrew Tridgell 2010
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation; either version 3 of the License, or
+# (at your option) any later version.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program.  If not, see <http://www.gnu.org/licenses/>.
+#
+
+def netcmd_dnsname(lp):
+    '''return the full DNS name of our own host. Used as a default
+       for hostname when running status queries'''
+    return lp.get('netbios name').lower() + "." + lp.get('realm').lower()

diff --git a/source4/scripting/python/samba/netcmd/domainlevel.py b/source4/scripting/python/samba/netcmd/domainlevel.py
index 54a778c5fc29059d451d2c6c66b947ed79760cac..3d50ccea78b89f05cd3563251e69b5bbbfb465d2 100644 (file)
--- a/source4/scripting/python/samba/netcmd/domainlevel.py
+++ b/source4/scripting/python/samba/netcmd/domainlevel.py
@@ -67,7 +67,7 @@ class cmd_domainlevel(Command):
     def run(self, subcommand, H=None, forest=None, domain=None, quiet=False,
             credopts=None, sambaopts=None, versionopts=None):
         lp = sambaopts.get_loadparm()
-        creds = credopts.get_credentials(lp)
+        creds = credopts.get_credentials(lp, fallback_machine=True)
 
         samdb = SamDB(url=H, session_info=system_session(),
             credentials=creds, lp=lp)

diff --git a/source4/scripting/python/samba/netcmd/drs.py b/source4/scripting/python/samba/netcmd/drs.py
index 404084426a0b886e3dc72ae748ad957dfcad76d4..f0cde791c52676d03df536dede3a68e7a6ae960e 100644 (file)
--- a/source4/scripting/python/samba/netcmd/drs.py
+++ b/source4/scripting/python/samba/netcmd/drs.py
@@ -33,7 +33,7 @@ from samba.netcmd import (
 from samba.samdb import SamDB
 from samba import drs_utils, nttime2string, dsdb
 from samba.dcerpc import drsuapi, misc
-
+import common
 
 def drsuapi_connect(ctx):
     '''make a DRSUAPI connection to the server'''
@@ -94,7 +94,7 @@ class cmd_drs_showrepl(Command):
         "credopts": options.CredentialsOptions,
     }
 
-    takes_args = ["DC"]
+    takes_args = ["DC?"]
 
     def print_neighbour(self, n):
         '''print one set of neighbour information'''
@@ -127,15 +127,14 @@ class cmd_drs_showrepl(Command):
         return (info_type, info)
 
 
-    def run(self, DC, sambaopts=None,
+    def run(self, DC=None, sambaopts=None,
             credopts=None, versionopts=None, server=None):
 
-        self.server = DC
         self.lp = sambaopts.get_loadparm()
-
-        self.creds = credopts.get_credentials(self.lp)
-        if not self.creds.authentication_requested():
-            self.creds.set_machine_account(self.lp)
+        if DC is None:
+            DC = common.netcmd_dnsname(self.lp)
+        self.server = DC
+        self.creds = credopts.get_credentials(self.lp, fallback_machine=True)
 
         drsuapi_connect(self)
         samdb_connect(self)
@@ -145,7 +144,10 @@ class cmd_drs_showrepl(Command):
         server_dns = self.samdb.search(base="", scope=ldb.SCOPE_BASE, attrs=["dnsHostName"])[0]['dnsHostName'][0]
 
         (site, server) = drs_parse_ntds_dn(ntds_dn)
-        ntds = self.samdb.search(base=ntds_dn, scope=ldb.SCOPE_BASE, attrs=['options', 'objectGUID', 'invocationId'])
+        try:
+            ntds = self.samdb.search(base=ntds_dn, scope=ldb.SCOPE_BASE, attrs=['options', 'objectGUID', 'invocationId'])
+        except Exception, e:
+            raise CommandError("Failed to search NTDS DN %s" % ntds_dn)
         conn = self.samdb.search(base=ntds_dn, expression="(objectClass=nTDSConnection)")
 
         print("%s\\%s" % (site, server))
@@ -207,17 +209,17 @@ class cmd_drs_kcc(Command):
         "credopts": options.CredentialsOptions,
     }
 
-    takes_args = ["DC"]
+    takes_args = ["DC?"]
 
-    def run(self, DC, sambaopts=None,
+    def run(self, DC=None, sambaopts=None,
             credopts=None, versionopts=None, server=None):
 
-        self.server = DC
         self.lp = sambaopts.get_loadparm()
+        if DC is None:
+            DC = common.netcmd_dnsname(self.lp)
+        self.server = DC
 
-        self.creds = credopts.get_credentials(self.lp)
-        if not self.creds.authentication_requested():
-            self.creds.set_machine_account(self.lp)
+        self.creds = credopts.get_credentials(self.lp, fallback_machine=True)
 
         drsuapi_connect(self)
 
@@ -254,9 +256,7 @@ class cmd_drs_replicate(Command):
         self.server = DEST_DC
         self.lp = sambaopts.get_loadparm()
 
-        self.creds = credopts.get_credentials(self.lp)
-        if not self.creds.authentication_requested():
-            self.creds.set_machine_account(self.lp)
+        self.creds = credopts.get_credentials(self.lp, fallback_machine=True)
 
         drsuapi_connect(self)
         samdb_connect(self)
@@ -292,7 +292,7 @@ class cmd_drs_replicate(Command):
 
         try:
             self.drsuapi.DsReplicaSync(self.drsuapi_handle, 1, req1)
-        except Exception, e:
+        except Exception, estr:
             raise CommandError("DsReplicaSync failed", estr)
        print("Replicate from %s to %s was successful." % (SOURCE_DC, DEST_DC))
 
@@ -309,17 +309,16 @@ class cmd_drs_bind(Command):
         "credopts": options.CredentialsOptions,
     }
 
-    takes_args = ["DC"]
+    takes_args = ["DC?"]
 
-    def run(self, DC, sambaopts=None,
+    def run(self, DC=None, sambaopts=None,
             credopts=None, versionopts=None, server=None):
 
-        self.server = DC
         self.lp = sambaopts.get_loadparm()
-
-        self.creds = credopts.get_credentials(self.lp)
-        if not self.creds.authentication_requested():
-            self.creds.set_machine_account(self.lp)
+        if DC is None:
+            DC = common.netcmd_dnsname(self.lp)
+        self.server = DC
+        self.creds = credopts.get_credentials(self.lp, fallback_machine=True)
 
         drsuapi_connect(self)
         samdb_connect(self)

diff --git a/source4/scripting/python/samba/netcmd/enableaccount.py b/source4/scripting/python/samba/netcmd/enableaccount.py
index d89cbbde9bf42e0217dc36152a6933021004366b..3ceddb3fd97443321a2be4db33f705fffffe8c87 100644 (file)
--- a/source4/scripting/python/samba/netcmd/enableaccount.py
+++ b/source4/scripting/python/samba/netcmd/enableaccount.py
@@ -53,7 +53,7 @@ class cmd_enableaccount(Command):
             filter = "(&(objectClass=user)(sAMAccountName=%s))" % (username)
 
         lp = sambaopts.get_loadparm()
-        creds = credopts.get_credentials(lp)
+        creds = credopts.get_credentials(lp, fallback_machine=True)
 
         samdb = SamDB(url=H, session_info=system_session(),
             credentials=creds, lp=lp)

diff --git a/source4/scripting/python/samba/netcmd/fsmo.py b/source4/scripting/python/samba/netcmd/fsmo.py
index 96e162eb027fc0c9db099f1e33cd7c03c6a3e290..0c8d17c74f05cce51b09c043eff4196210e734b0 100644 (file)
--- a/source4/scripting/python/samba/netcmd/fsmo.py
+++ b/source4/scripting/python/samba/netcmd/fsmo.py
@@ -133,7 +133,7 @@ all=all of the above"""),
     def run(self, subcommand, force=None, host=None, role=None,
             credopts=None, sambaopts=None, versionopts=None):
         lp = sambaopts.get_loadparm()
-        creds = credopts.get_credentials(lp)
+        creds = credopts.get_credentials(lp, fallback_machine=True)
 
         samdb = SamDB(url=host, session_info=system_session(),
             credentials=creds, lp=lp)

diff --git a/source4/scripting/python/samba/netcmd/gpo.py b/source4/scripting/python/samba/netcmd/gpo.py
index 5e8748adc53a004eb58a2ea474185d40c0e2260c..2b481aaf86904cec8237e36658370c0861f0b65d 100644 (file)
--- a/source4/scripting/python/samba/netcmd/gpo.py
+++ b/source4/scripting/python/samba/netcmd/gpo.py
@@ -101,9 +101,7 @@ class cmd_listall(Command):
         self.url = H
         self.lp = sambaopts.get_loadparm()
 
-        self.creds = credopts.get_credentials(self.lp)
-        if not self.creds.authentication_requested():
-            self.creds.set_machine_account(self.lp)
+        self.creds = credopts.get_credentials(self.lp, fallback_machine=True)
 
         samdb_connect(self)
 
@@ -153,9 +151,7 @@ class cmd_list(Command):
         self.url = H
         self.lp = sambaopts.get_loadparm()
 
-        self.creds = credopts.get_credentials(self.lp)
-        if not self.creds.authentication_requested():
-            self.creds.set_machine_account(self.lp)
+        self.creds = credopts.get_credentials(self.lp, fallback_machine=True)
 
         samdb_connect(self)
 

diff --git a/source4/scripting/python/samba/netcmd/group.py b/source4/scripting/python/samba/netcmd/group.py
index 57f31cd511f3fbc24ea705aaa46aea9f7e26ea1a..620a7be866443248216f0cd6ad4217ebd7dac3d4 100644 (file)
--- a/source4/scripting/python/samba/netcmd/group.py
+++ b/source4/scripting/python/samba/netcmd/group.py
@@ -76,7 +76,7 @@ class cmd_group_add(Command):
               gtype = distribution_group.get(group_scope, GTYPE_DISTRIBUTION_GLOBAL_GROUP)
 
         lp = sambaopts.get_loadparm()
-        creds = credopts.get_credentials(lp)
+        creds = credopts.get_credentials(lp, fallback_machine=True)
 
         try:
             samdb = SamDB(url=H, session_info=system_session(),
@@ -107,7 +107,7 @@ class cmd_group_delete(Command):
     def run(self, groupname, credopts=None, sambaopts=None, versionopts=None, H=None):
 
         lp = sambaopts.get_loadparm()
-        creds = credopts.get_credentials(lp)
+        creds = credopts.get_credentials(lp, fallback_machine=True)
 
         try:
             samdb = SamDB(url=H, session_info=system_session(),
@@ -138,7 +138,7 @@ class cmd_group_add_members(Command):
             versionopts=None, H=None):
 
         lp = sambaopts.get_loadparm()
-        creds = credopts.get_credentials(lp)
+        creds = credopts.get_credentials(lp, fallback_machine=True)
 
         try:
             samdb = SamDB(url=H, session_info=system_session(),
@@ -169,7 +169,7 @@ class cmd_group_remove_members(Command):
             versionopts=None, H=None):
 
         lp = sambaopts.get_loadparm()
-        creds = credopts.get_credentials(lp)
+        creds = credopts.get_credentials(lp, fallback_machine=True)
 
         try:
             samdb = SamDB(url=H, session_info=system_session(),

diff --git a/source4/scripting/python/samba/netcmd/ldapcmp.py b/source4/scripting/python/samba/netcmd/ldapcmp.py
index 8bb1c8a8c72050204ff539ce9da70262a2ce48a0..1318457a80aad0ac2ac64e600cbcde341cd4798d 100755 (executable)
--- a/source4/scripting/python/samba/netcmd/ldapcmp.py
+++ b/source4/scripting/python/samba/netcmd/ldapcmp.py
@@ -770,7 +770,7 @@ class cmd_ldapcmp(Command):
             two=False, quiet=False, verbose=False, descriptor=False, view="section",
             credopts=None, sambaopts=None, versionopts=None):
         lp = sambaopts.get_loadparm()
-        creds = credopts.get_credentials(lp)
+        creds = credopts.get_credentials(lp, fallback_machine=True)
         creds2 = credopts.get_credentials2(lp, False)
         if creds2.is_anonymous():
             creds2 = creds

diff --git a/source4/scripting/python/samba/netcmd/machinepw.py b/source4/scripting/python/samba/netcmd/machinepw.py
index 9951dd7c37d501b9a24cb4548fc4eefa837bbc4a..d822b2279404f3481576e4288aa15cade14269da 100644 (file)
--- a/source4/scripting/python/samba/netcmd/machinepw.py
+++ b/source4/scripting/python/samba/netcmd/machinepw.py
@@ -39,7 +39,7 @@ class cmd_machinepw(Command):
 
     def run(self, secret, sambaopts=None, credopts=None, versionopts=None):
         lp = sambaopts.get_loadparm()
-        creds = credopts.get_credentials(lp)
+        creds = credopts.get_credentials(lp, fallback_machine=True)
         url = lp.get("secrets database")
         secretsdb = Ldb(url=url, session_info=system_session(),
             credentials=creds, lp=lp)

diff --git a/source4/scripting/python/samba/netcmd/rodc.py b/source4/scripting/python/samba/netcmd/rodc.py
index b1f9d66d1fe98897e05f3df6f35da8202ffd783f..f4daac853d4410ae0b0dfcad4bc8413ef1dbae92 100644 (file)
--- a/source4/scripting/python/samba/netcmd/rodc.py
+++ b/source4/scripting/python/samba/netcmd/rodc.py
@@ -77,11 +77,7 @@ class cmd_rodc_preload(Command):
 
         lp = sambaopts.get_loadparm()
 
-        creds = credopts.get_credentials(lp)
-        if not creds.authentication_requested():
-            print "Using machine account"
-            creds.set_machine_account(lp)
-
+        creds = credopts.get_credentials(lp, fallback_machine=True)
 
         # connect to the remote and local SAMs
         samdb = SamDB(url="ldap://%s" % server,

diff --git a/source4/scripting/python/samba/netcmd/time.py b/source4/scripting/python/samba/netcmd/time.py
index 0856873f392c47cf2341600d5fc3552edd1601f1..e13d3df96caed4ad7bea9f68e21a31547457cf49 100644 (file)
--- a/source4/scripting/python/samba/netcmd/time.py
+++ b/source4/scripting/python/samba/netcmd/time.py
@@ -19,7 +19,7 @@
 #
 
 import samba.getopt as options
-
+import common
 from samba.net import Net
 
 from samba.netcmd import (
@@ -36,10 +36,12 @@ class cmd_time(Command):
         "versionopts": options.VersionOptions,
         }
 
-    takes_args = ["server_name"]
+    takes_args = ["server_name?"]
 
-    def run(self, server_name, credopts=None, sambaopts=None, versionopts=None):
+    def run(self, server_name=None, credopts=None, sambaopts=None, versionopts=None):
         lp = sambaopts.get_loadparm()
-        creds = credopts.get_credentials(lp)
+        creds = credopts.get_credentials(lp, fallback_machine=True)
         net = Net(creds, lp, server=credopts.ipaddress)
+        if server_name is None:
+            server_name = common.netcmd_dnsname(lp)
         print net.time(server_name)

diff --git a/source4/scripting/python/samba/netcmd/user.py b/source4/scripting/python/samba/netcmd/user.py
index 23840a4a0385610295a473a4175cc8606dec61b7..bbc972bcc7e488c570adb65a125f13ffc041d7e1 100644 (file)
--- a/source4/scripting/python/samba/netcmd/user.py
+++ b/source4/scripting/python/samba/netcmd/user.py
@@ -41,7 +41,7 @@ class cmd_user_add(Command):
 
     def run(self, name, password=None, credopts=None, sambaopts=None, versionopts=None):
         lp = sambaopts.get_loadparm()
-        creds = credopts.get_credentials(lp)
+        creds = credopts.get_credentials(lp )
         net = Net(creds, lp, server=credopts.ipaddress)
         net.create_user(name)
         if password is not None:
@@ -62,7 +62,7 @@ class cmd_user_delete(Command):
 
     def run(self, name, credopts=None, sambaopts=None, versionopts=None):
         lp = sambaopts.get_loadparm()
-        creds = credopts.get_credentials(lp)
+        creds = credopts.get_credentials(lp, fallback_machine=True)
         net = Net(creds, lp, server=credopts.ipaddress)
         net.delete_user(name)