git.samba.org / sfrench / samba-autobuild / .git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: f180b1c)
samba-tool: You cannot add members to a group if the member exists as a sAMAccountNam...
authorRowland Penny <rpenny@samba.org>
Wed, 7 Jun 2017 14:57:53 +0000 (15:57 +0100)
committerAlexander Bokovoy <ab@samba.org>
Fri, 9 Jun 2017 21:24:47 +0000 (23:24 +0200)
Signed-off-by: Rowland Penny <rpenny@samba.org>
Reviewed-by: Alexander Bokovoy <ab@samba.org>
Autobuild-User(master): Alexander Bokovoy <ab@samba.org>
Autobuild-Date(master): Fri Jun  9 23:24:47 CEST 2017 on sn-devel-144

python/samba/netcmd/group.py patch | blob | history
python/samba/samdb.py patch | blob | history

diff --git a/python/samba/netcmd/group.py b/python/samba/netcmd/group.py
index 11f87732defe6acbab50ea636b84395dccd7a898..b9d6add4cf92f03d041b34af5c2a166b25f6b33c 100644 (file)
--- a/python/samba/netcmd/group.py
+++ b/python/samba/netcmd/group.py
@@ -199,6 +199,8 @@ This command adds one or more members to an existing Active Directory group. The
 
 When a member is added to a group the member may inherit permissions and rights from the group.  Likewise, when permission or rights of a group are changed, the changes may reflect in the members through inheritance.
 
+The member names specified on the command must be the sAMaccountName.
+
 Example1:
 samba-tool group addmembers supergroup Group1,Group2,User1 -H ldap://samba.samdom.example.com -Uadministrator%passw0rd
 
diff --git a/python/samba/samdb.py b/python/samba/samdb.py
index 19dd8e9a6ad7d0dfc8e698f40c6d0a772a620525..719bb8b2d90fe7b65dcdaa4b5cc08be402fc23a3 100644 (file)
--- a/python/samba/samdb.py
+++ b/python/samba/samdb.py
@@ -266,9 +266,12 @@ changetype: modify
 """ % (str(targetgroup[0].dn))
 
             for member in members:
-                targetmember = self.search(base=self.domain_dn(), scope=ldb.SCOPE_SUBTREE,
-                                    expression="(|(sAMAccountName=%s)(CN=%s))" % (
-                    ldb.binary_encode(member), ldb.binary_encode(member)), attrs=[])
+                filter = ('(&(sAMAccountName=%s)(|(objectclass=user)'
+                          '(objectclass=group)))' % ldb.binary_encode(member))
+                targetmember = self.search(base=self.domain_dn(),
+                                           scope=ldb.SCOPE_SUBTREE,
+                                           expression="%s" % filter,
+                                           attrs=[])
 
                 if len(targetmember) != 1:
                     raise Exception('Unable to find "%s". Operation cancelled.' % member)
Unnamed repository; edit this file 'description' to name the repository.