s4:various scripts under "setup" - Unification

[ira/wip.git] / source4 / setup / setpassword

diff --git a/source4/setup/setpassword b/source4/setup/setpassword
index 65770e1f4d8b913d6b6253da3f9660e858a8f549..5fbba03c2b680b0cc52d6940613f73c5148dc1c7 100755 (executable)
--- a/source4/setup/setpassword
+++ b/source4/setup/setpassword
@@ -1,20 +1,32 @@
 #!/usr/bin/python
 #
-#      add a new user to a Samba4 server
-#      Copyright Andrew Tridgell 2005
-#      Copyright Jelmer Vernooij 2008
-#      Released under the GNU GPL version 3 or later
+# Sets a user password on a Samba4 server
+# Copyright Jelmer Vernooij 2008
+#
+# Based on the original in EJS:
+# Copyright Andrew Tridgell 2005
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation; either version 3 of the License, or
+# (at your option) any later version.
+#   
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#   
+# You should have received a copy of the GNU General Public License
+# along with this program.  If not, see <http://www.gnu.org/licenses/>.
 #
 
-import os, sys
+import sys
 
-# Find right directory when running from source tree
 sys.path.insert(0, "bin/python")
 
 import samba.getopt as options
 import optparse
-import pwd
-import sys
+
 from getpass import getpass
 from samba.auth import system_session
 from samba.samdb import SamDB
@@ -27,17 +39,14 @@ credopts = options.CredentialsOptions(parser)
 parser.add_option_group(credopts)
 parser.add_option("--filter", help="LDAP Filter to set password on", type=str)
 parser.add_option("--newpassword", help="Set password", type=str)
+parser.add_option("--must-change-at-next-login", help="Force password to be changed on next login", action="store_true")
 
 opts, args = parser.parse_args()
 
-#
-#  print a message if quiet is not set
-#
-def message(text):
-       if not opts.quiet:
-               print text
+filter = opts.filter
 
-if len(args) == 0:
+if (len(args) == 0) and (filter is None):
+       print "Either the username or '--filter' must be specified!"
        parser.print_usage()
        sys.exit(1)
 
@@ -45,19 +54,14 @@ password = opts.newpassword;
 if password is None:
        password = getpass("New Password: ")
 
-filter = opts.filter
-
 if filter is None:
        username = args[0]
-       if username is None:
-               print "Either username or --filter must be specified"
-
-       filter = "(&(objectclass=user)(samAccountName=%s))" % (username)
-
+       filter = "(&(objectClass=user)(sAMAccountName=%s))" % (username)
 
 lp = sambaopts.get_loadparm()
 creds = credopts.get_credentials(lp)
 
 samdb = SamDB(url=lp.get("sam database"), session_info=system_session(), 
               credentials=creds, lp=lp)
-samdb.setpassword(filter, password)
+samdb.setpassword(filter, password, force_password_change_at_next_login=opts.must_change_at_next_login)
+