self.url = url
super(SamDB, self).__init__(url=url, lp=lp, modules_dir=modules_dir,
- session_info=session_info, credentials=credentials, flags=flags,
- options=options)
+ session_info=session_info, credentials=credentials, flags=flags,
+ options=options)
if global_schema:
dsdb._dsdb_set_global_schema(self)
self.url = url
super(SamDB, self).connect(url=url, flags=flags,
- options=options)
+ options=options)
def am_rodc(self):
'''return True if we are an RODC'''
# The new user record. Note the reliance on the SAMLDB module which
# fills in the default informations
ldbmessage = {"dn": group_dn,
- "sAMAccountName": groupname,
- "objectClass": "group"}
+ "sAMAccountName": groupname,
+ "objectClass": "group"}
if grouptype is not None:
ldbmessage["groupType"] = normalise_int32(grouptype)
self.transaction_start()
try:
targetgroup = self.search(base=self.domain_dn(), scope=ldb.SCOPE_SUBTREE,
- expression=groupfilter, attrs=[])
+ expression=groupfilter, attrs=[])
if len(targetgroup) == 0:
raise Exception('Unable to find group "%s"' % groupname)
assert(len(targetgroup) == 1)
self.transaction_commit()
def add_remove_group_members(self, groupname, members,
- add_members_operation=True):
+ add_members_operation=True):
"""Adds or removes group members
:param groupname: Name of the target group
self.transaction_start()
try:
targetgroup = self.search(base=self.domain_dn(), scope=ldb.SCOPE_SUBTREE,
- expression=groupfilter, attrs=['member'])
+ expression=groupfilter, attrs=['member'])
if len(targetgroup) == 0:
raise Exception('Unable to find group "%s"' % groupname)
assert(len(targetgroup) == 1)
self.transaction_commit()
def newuser(self, username, password,
- force_password_change_at_next_login_req=False,
- useusernameascn=False, userou=None, surname=None, givenname=None,
- initials=None, profilepath=None, scriptpath=None, homedrive=None,
- homedirectory=None, jobtitle=None, department=None, company=None,
- description=None, mailaddress=None, internetaddress=None,
- telephonenumber=None, physicaldeliveryoffice=None, sd=None,
- setpassword=True, uidnumber=None, gidnumber=None, gecos=None,
- loginshell=None, uid=None, nisdomain=None, unixhome=None,
- smartcard_required=False):
+ force_password_change_at_next_login_req=False,
+ useusernameascn=False, userou=None, surname=None, givenname=None,
+ initials=None, profilepath=None, scriptpath=None, homedrive=None,
+ homedirectory=None, jobtitle=None, department=None, company=None,
+ description=None, mailaddress=None, internetaddress=None,
+ telephonenumber=None, physicaldeliveryoffice=None, sd=None,
+ setpassword=True, uidnumber=None, gidnumber=None, gecos=None,
+ loginshell=None, uid=None, nisdomain=None, unixhome=None,
+ smartcard_required=False):
"""Adds a new user with additional parameters
:param username: Name of the new user
ldbmessage2 = None
if any(map(lambda b: b is not None, (uid, uidnumber, gidnumber, gecos,
- loginshell, nisdomain, unixhome))):
+ loginshell, nisdomain, unixhome))):
ldbmessage2 = ldb.Message()
ldbmessage2.dn = ldb.Dn(self, user_dn)
if uid is not None:
self.transaction_commit()
def setpassword(self, search_filter, password,
- force_change_at_next_login=False, username=None):
+ force_change_at_next_login=False, username=None):
"""Sets the password for a user
:param search_filter: LDAP filter to find the user (eg
if force_change_at_next_login:
self.force_password_change_at_next_login(
- "(distinguishedName=" + str(user_dn) + ")")
+ "(distinguishedName=" + str(user_dn) + ")")
# modify the userAccountControl to remove the disabled bit
self.enable_account(search_filter)
self.transaction_start()
try:
res = self.search(base=self.domain_dn(), scope=ldb.SCOPE_SUBTREE,
- expression=search_filter,
- attrs=["userAccountControl", "accountExpires"])
+ expression=search_filter,
+ attrs=["userAccountControl", "accountExpires"])
if len(res) == 0:
raise Exception('Unable to find user "%s"' % search_filter)
assert(len(res) == 1)
return dsdb._samdb_get_domain_sid(self)
domain_sid = property(get_domain_sid, set_domain_sid,
- "SID for the domain")
+ "SID for the domain")
def set_invocation_id(self, invocation_id):
"""Set the invocation id for this SamDB handle.
return dsdb._samdb_ntds_invocation_id(self)
invocation_id = property(get_invocation_id, set_invocation_id,
- "Invocation ID GUID")
+ "Invocation ID GUID")
def get_oid_from_attid(self, attid):
return dsdb._dsdb_get_oid_from_attid(self, attid)
def get_attid_from_lDAPDisplayName(self, ldap_display_name,
- is_schema_nc=False):
+ is_schema_nc=False):
'''return the attribute ID for a LDAP attribute as an integer as found in DRSUAPI'''
return dsdb._dsdb_get_attid_from_lDAPDisplayName(self,
- ldap_display_name, is_schema_nc)
+ ldap_display_name, is_schema_nc)
def get_syntax_oid_from_lDAPDisplayName(self, ldap_display_name):
'''return the syntax OID for a LDAP attribute as a string'''
def set_schema_from_ldb(self, ldb_conn, write_indices_and_attributes=True):
dsdb._dsdb_set_schema_from_ldb(self, ldb_conn, write_indices_and_attributes)
+ def set_schema_update_now(self):
+ ldif = """
+dn:
+changetype: modify
+add: schemaUpdateNow
+schemaUpdateNow: 1
+"""
+ self.modify_ldif(ldif)
+
def dsdb_DsReplicaAttribute(self, ldb, ldap_display_name, ldif_elements):
'''convert a list of attribute values to a DRSUAPI DsReplicaAttribute'''
return dsdb._dsdb_DsReplicaAttribute(ldb, ldap_display_name, ldif_elements)
"""
self.hash_oid_name = {}
res = self.search(expression="objectClass=attributeSchema",
- controls=["search_options:1:2"],
- attrs=["attributeID",
- "lDAPDisplayName"])
+ controls=["search_options:1:2"],
+ attrs=["attributeID",
+ "lDAPDisplayName"])
if len(res) > 0:
for e in res:
strDisplay = str(e.get("lDAPDisplayName"))
"""
res = self.search(expression="distinguishedName=%s" % dn,
- scope=ldb.SCOPE_SUBTREE,
- controls=["search_options:1:2"],
- attrs=["replPropertyMetaData"])
+ scope=ldb.SCOPE_SUBTREE,
+ controls=["search_options:1:2"],
+ attrs=["replPropertyMetaData"])
if len(res) == 0:
return None
return None
def set_attribute_replmetadata_version(self, dn, att, value,
- addifnotexist=False):
+ addifnotexist=False):
res = self.search(expression="distinguishedName=%s" % dn,
- scope=ldb.SCOPE_SUBTREE,
- controls=["search_options:1:2"],
- attrs=["replPropertyMetaData"])
+ scope=ldb.SCOPE_SUBTREE,
+ controls=["search_options:1:2"],
+ attrs=["replPropertyMetaData"])
if len(res) == 0:
return None
o.originating_usn = seq
o.local_usn = seq
- if not found and addifnotexist and len(ctr.array) >0:
+ if not found and addifnotexist and len(ctr.array) > 0:
o2 = drsblobs.replPropertyMetaData1()
o2.attid = 589914
att_oid = self.get_oid_from_attid(o2.attid)
ctr.count = ctr.count + 1
ctr.array = tab
- if found :
+ if found:
replBlob = ndr_pack(repl)
msg = ldb.Message()
msg.dn = res[0].dn
- msg["replPropertyMetaData"] = ldb.MessageElement(replBlob,
- ldb.FLAG_MOD_REPLACE,
- "replPropertyMetaData")
+ msg["replPropertyMetaData"] = \
+ ldb.MessageElement(replBlob,
+ ldb.FLAG_MOD_REPLACE,
+ "replPropertyMetaData")
self.modify(msg, ["local_oid:1.3.6.1.4.1.7165.4.3.14:0"])
def write_prefixes_from_schema(self):
return dn
def set_minPwdAge(self, value):
+ value = str(value).encode('utf8')
m = ldb.Message()
m.dn = ldb.Dn(self, self.domain_dn())
m["minPwdAge"] = ldb.MessageElement(value, ldb.FLAG_MOD_REPLACE, "minPwdAge")
elif not "minPwdAge" in res[0]:
return None
else:
- return res[0]["minPwdAge"][0]
+ return int(res[0]["minPwdAge"][0])
def set_maxPwdAge(self, value):
+ value = str(value).encode('utf8')
m = ldb.Message()
m.dn = ldb.Dn(self, self.domain_dn())
m["maxPwdAge"] = ldb.MessageElement(value, ldb.FLAG_MOD_REPLACE, "maxPwdAge")
elif not "maxPwdAge" in res[0]:
return None
else:
- return res[0]["maxPwdAge"][0]
+ return int(res[0]["maxPwdAge"][0])
def set_minPwdLength(self, value):
+ value = str(value).encode('utf8')
m = ldb.Message()
m.dn = ldb.Dn(self, self.domain_dn())
m["minPwdLength"] = ldb.MessageElement(value, ldb.FLAG_MOD_REPLACE, "minPwdLength")
elif not "minPwdLength" in res[0]:
return None
else:
- return res[0]["minPwdLength"][0]
+ return int(res[0]["minPwdLength"][0])
def set_pwdProperties(self, value):
+ value = str(value).encode('utf8')
m = ldb.Message()
m.dn = ldb.Dn(self, self.domain_dn())
m["pwdProperties"] = ldb.MessageElement(value, ldb.FLAG_MOD_REPLACE, "pwdProperties")
elif not "pwdProperties" in res[0]:
return None
else:
- return res[0]["pwdProperties"][0]
+ return int(res[0]["pwdProperties"][0])
def set_dsheuristics(self, dsheuristics):
m = ldb.Message()
m.dn = ldb.Dn(self, "CN=Directory Service,CN=Windows NT,CN=Services,%s"
% self.get_config_basedn().get_linearized())
if dsheuristics is not None:
- m["dSHeuristics"] = ldb.MessageElement(dsheuristics,
- ldb.FLAG_MOD_REPLACE, "dSHeuristics")
+ m["dSHeuristics"] = \
+ ldb.MessageElement(dsheuristics,
+ ldb.FLAG_MOD_REPLACE,
+ "dSHeuristics")
else:
- m["dSHeuristics"] = ldb.MessageElement([], ldb.FLAG_MOD_DELETE,
- "dSHeuristics")
+ m["dSHeuristics"] = \
+ ldb.MessageElement([], ldb.FLAG_MOD_DELETE,
+ "dSHeuristics")
self.modify(m)
def get_dsheuristics(self):