Revert "s4: Let the "setpassword" script finally use the "samdb_set_password" routine"
authorMatthias Dieter Wallnöfer <mwallnoefer@yahoo.de>
Wed, 9 Sep 2009 22:46:51 +0000 (00:46 +0200)
committerMatthias Dieter Wallnöfer <mwallnoefer@yahoo.de>
Wed, 9 Sep 2009 22:48:19 +0000 (00:48 +0200)
This reverts commit fdd62e9699b181a140292689fcd88a559bc26211.

abartlet and I agreed that this isn't the right way to enforce the password
policies. Sooner or later we've to control them anyway on the directory level.

source4/scripting/python/pyglue.c
source4/scripting/python/samba/samdb.py

index 3e6233b4c42a683000cb3a813223ac46a88aaefc..42c04c1f3847a0d6095d286a974f2d5ede9f1fae 100644 (file)
@@ -220,69 +220,13 @@ static PyObject *py_samdb_get_domain_sid(PyLdbObject *self, PyObject *args)
        if (!sid) {
                PyErr_SetString(PyExc_RuntimeError, "samdb_domain_sid failed");
                return NULL;
-       }
-
+       } 
        retstr = dom_sid_string(NULL, sid);
        ret = PyString_FromString(retstr);
        talloc_free(retstr);
-
        return ret;
 }
 
-static PyObject *py_samdb_set_password(PyLdbObject *self, PyObject *args,
-       PyObject *kwargs)
-{
-       PyObject *py_sam, *py_user_dn, *py_dom_dn, *py_mod, *py_user_change;
-       char *new_password;
-       bool user_change;
-       DATA_BLOB new_pwd_blob;
-       struct ldb_context *sam_ctx;
-       struct ldb_dn *user_dn, *dom_dn;
-       struct ldb_message *mod;
-       TALLOC_CTX *mem_ctx;
-       NTSTATUS status;
-       const char * const kwnames[] = { "samdb", "user_dn", "dom_dn", "mod",
-               "new_password", "user_change", NULL };
-
-       if (!PyArg_ParseTupleAndKeywords(args, kwargs, "OOOOsO",
-                 discard_const_p(char *, kwnames),
-                 &py_sam, &py_user_dn, &py_dom_dn, &py_mod, &new_password,
-                 &py_user_change))
-               return NULL;
-
-       sam_ctx = PyLdb_AsLdbContext(py_sam);
-
-       mem_ctx = talloc_new(NULL);
-       if (mem_ctx == NULL) {
-               PyErr_NoMemory();
-       }
-
-       if (!PyObject_AsDn(mem_ctx, py_user_dn, sam_ctx, &user_dn)) {
-               PyErr_SetString(PyExc_RuntimeError, "user_dn invalid!");
-               return NULL;
-       }
-
-       if (!PyObject_AsDn(mem_ctx, py_dom_dn, sam_ctx, &dom_dn)) {
-               PyErr_SetString(PyExc_RuntimeError, "dom_dn invalid!");
-               return NULL;
-       }
-
-       mod = PyLdbMessage_AsMessage(py_mod);
-
-       user_change = PyInt_AsLong(py_user_change);
-
-       new_pwd_blob.data = (uint8_t *) new_password;
-       new_pwd_blob.length = strlen((char *) new_pwd_blob.data);
-
-       status = samdb_set_password(sam_ctx, mem_ctx, user_dn, dom_dn, mod,
-               &new_pwd_blob, NULL, NULL, user_change, NULL, NULL);
-
-       talloc_free(mem_ctx);
-
-       PyErr_NTSTATUS_IS_ERR_RAISE(status);
-       Py_RETURN_NONE;
-}
-
 static PyObject *py_ldb_register_samba_handlers(PyObject *self, PyObject *args)
 {
        PyObject *py_ldb;
@@ -496,8 +440,7 @@ static PyObject *py_dom_sid_to_rid(PyLdbObject *self, PyObject *args)
 
        sid = dom_sid_parse_talloc(NULL, PyString_AsString(py_sid));
 
-       status = dom_sid_split_rid(NULL, (const struct dom_sid *)sid, NULL,
-               &rid);
+       status = dom_sid_split_rid(NULL, sid, NULL, &rid);
        if (!NT_STATUS_IS_OK(status)) {
                PyErr_SetString(PyExc_RuntimeError, "dom_sid_split_rid failed");
                return NULL;
@@ -527,10 +470,6 @@ static PyMethodDef py_misc_methods[] = {
        { "samdb_get_domain_sid", (PyCFunction)py_samdb_get_domain_sid, METH_VARARGS,
                "samdb_get_domain_sid(samdb)\n"
                "Get SID of domain in use." },
-       { "samdb_set_password", (PyCFunction)py_samdb_set_password,
-               METH_VARARGS|METH_KEYWORDS,
-               "samdb_set_password(samdb, user_dn, dom_dn, mod, new_password, user_change)\n"
-               "Set the password of a user" },
        { "ldb_register_samba_handlers", (PyCFunction)py_ldb_register_samba_handlers, METH_VARARGS,
                "ldb_register_samba_handlers(ldb)\n"
                "Register Samba-specific LDB modules and schemas." },
index 3f4252b36af3efd5030782e4feb03fcbfd61ac98..a58d6c5b12473ba32126a38fafda460d1ac22110 100644 (file)
@@ -161,14 +161,14 @@ pwdLastSet: 0
             assert(len(res) == 1)
             user_dn = res[0].dn
 
-            mod = ldb.Message()
-            mod.dn = user_dn
-
-            glue.samdb_set_password(samdb=self, user_dn=str(user_dn),
-                        dom_dn=self.domain_dn(), mod=mod, new_password=password,
-                        user_change=False)
+            setpw = """
+dn: %s
+changetype: modify
+replace: userPassword
+userPassword:: %s
+""" % (user_dn, base64.b64encode(password))
 
-            self.modify(mod)
+            self.modify_ldif(setpw)
 
             if force_password_change_at_next_login:
                 self.force_password_change_at_next_login(user_dn)