[SCM] Samba Shared Repository - branch master updated
Marc Muehlfeld
mmuehlfeld at samba.org
Tue Feb 3 09:19:04 MST 2015
The branch, master has been updated
via 362cac2 samba-tool: Create NIS enabled users and unixHomeDirectory attribute
from 7fd2401 s4-samdb/tests: Assert on expected set of attributes for new User object
https://git.samba.org/?p=samba.git;a=shortlog;h=master
- Log -----------------------------------------------------------------
commit 362cac25a744d2d5c6e01495d341969b863d7f12
Author: Marc Muehlfeld <mmuehlfeld at samba.org>
Date: Sat Jan 31 19:44:26 2015 +0100
samba-tool: Create NIS enabled users and unixHomeDirectory attribute
Allow to create NIS enabled user accounts via 'samba-tool user add'.
To create NIS enabled accounts, the parameters
--uid-number=, --login-shell=, --unix-home=, --gid-number=
are mandatory. Because we didn't had a parameter to set unixHomeDirectory
yet, this patch also adds this feature.
'unixUserPassword: ABCD!efgh12345$67890' is added by default, when you
enable NIS on an account in ADUC. The same we do in samba-tool.
See: https://bugzilla.samba.org/show_bug.cgi?id=10909
Signed-off-by: Marc Muehlfeld <mmuehlfeld at samba.org>
Reviewed-By: Jelmer Vernooij <jelmer at samba.org>
Autobuild-User(master): Marc Muehlfeld <mmuehlfeld at samba.org>
Autobuild-Date(master): Tue Feb 3 17:18:32 CET 2015 on sn-devel-104
-----------------------------------------------------------------------
Summary of changes:
python/samba/netcmd/user.py | 25 +++++++++++++++++++++++--
python/samba/samdb.py | 18 ++++++++++++++++--
2 files changed, 39 insertions(+), 4 deletions(-)
Changeset truncated at 500 lines:
diff --git a/python/samba/netcmd/user.py b/python/samba/netcmd/user.py
index 344f35f..2bc5522 100644
--- a/python/samba/netcmd/user.py
+++ b/python/samba/netcmd/user.py
@@ -71,6 +71,13 @@ samba-tool user create User4 passw4rd --rfc2307-from-nss --gecos 'some text'
Example4 shows how to create a new user with Unix UID, GID and login-shell set from the local NSS and GECOS set to 'some text'.
+Example5:
+samba-tool user add User5 passw5rd --nis-domain=samdom --unix-home=/home/User5 \
+ --uid-number=10005 --login-shell=/bin/false --gid-number=10000
+
+Example5 shows how to create an RFC2307/NIS domain enabled user account. If
+--nis-domain is set, then the other four parameters are mandatory.
+
"""
synopsis = "%prog <username> [<password>] [options]"
@@ -107,6 +114,9 @@ Example4 shows how to create a new user with Unix UID, GID and login-shell set f
Option("--rfc2307-from-nss",
help="Copy Unix user attributes from NSS (will be overridden by explicit UID/GID/GECOS/shell)",
action="store_true"),
+ Option("--nis-domain", help="User's Unix/RFC2307 NIS domain", type=str),
+ Option("--unix-home", help="User's Unix/RFC2307 home directory",
+ type=str),
Option("--uid", help="User's Unix/RFC2307 username", type=str),
Option("--uid-number", help="User's Unix/RFC2307 numeric UID", type=int),
Option("--gid-number", help="User's Unix/RFC2307 primary GID number", type=int),
@@ -130,7 +140,8 @@ Example4 shows how to create a new user with Unix UID, GID and login-shell set f
job_title=None, department=None, company=None, description=None,
mail_address=None, internet_address=None, telephone_number=None,
physical_delivery_office=None, rfc2307_from_nss=False,
- uid=None, uid_number=None, gid_number=None, gecos=None, login_shell=None):
+ nis_domain=None, unix_home=None, uid=None, uid_number=None,
+ gid_number=None, gecos=None, login_shell=None):
if random_password:
password = generate_random_password(128, 255)
@@ -164,6 +175,14 @@ Example4 shows how to create a new user with Unix UID, GID and login-shell set f
if not lp.get("idmap_ldb:use rfc2307"):
self.outf.write("You are setting a Unix/RFC2307 UID or GID. You may want to set 'idmap_ldb:use rfc2307 = Yes' to use those attributes for XID/SID-mapping.\n")
+ if nis_domain is not None:
+ if None in (uid_number, login_shell, unix_home, gid_number):
+ raise CommandError('Missing parameters. To enable NIS features, '
+ 'the following options have to be given: '
+ '--nis-domain=, --uidNumber=, --login-shell='
+ ', --unix-home=, --gid-number= Operation '
+ 'cancelled.')
+
try:
samdb = SamDB(url=H, session_info=system_session(),
credentials=creds, lp=lp)
@@ -173,7 +192,9 @@ Example4 shows how to create a new user with Unix UID, GID and login-shell set f
jobtitle=job_title, department=department, company=company, description=description,
mailaddress=mail_address, internetaddress=internet_address,
telephonenumber=telephone_number, physicaldeliveryoffice=physical_delivery_office,
- uid=uid, uidnumber=uid_number, gidnumber=gid_number, gecos=gecos, loginshell=login_shell)
+ nisdomain=nis_domain, unixhome=unix_home, uid=uid,
+ uidnumber=uid_number, gidnumber=gid_number,
+ gecos=gecos, loginshell=login_shell)
except Exception, e:
raise CommandError("Failed to add user '%s': " % username, e)
diff --git a/python/samba/samdb.py b/python/samba/samdb.py
index 0ea52fb..e74e823 100644
--- a/python/samba/samdb.py
+++ b/python/samba/samdb.py
@@ -302,7 +302,7 @@ member: %s
description=None, mailaddress=None, internetaddress=None,
telephonenumber=None, physicaldeliveryoffice=None, sd=None,
setpassword=True, uidnumber=None, gidnumber=None, gecos=None,
- loginshell=None, uid=None):
+ loginshell=None, uid=None, nisdomain=None, unixhome=None):
"""Adds a new user with additional parameters
:param username: Name of the new user
@@ -333,6 +333,8 @@ member: %s
:param gecos: RFC2307 Unix GECOS field of the new user
:param loginshell: RFC2307 Unix login shell of the new user
:param uid: RFC2307 Unix username of the new user
+ :param nisdomain: RFC2307 Unix NIS domain of the new user
+ :param unixhome: RFC2307 Unix home directory of the new user
"""
displayname = ""
@@ -413,7 +415,8 @@ member: %s
ldbmessage["nTSecurityDescriptor"] = ndr_pack(sd)
ldbmessage2 = None
- if any(map(lambda b: b is not None, (uid, uidnumber, gidnumber, gecos, loginshell))):
+ if any(map(lambda b: b is not None, (uid, uidnumber, gidnumber, gecos,
+ loginshell, nisdomain, unixhome))):
ldbmessage2 = ldb.Message()
ldbmessage2.dn = ldb.Dn(self, user_dn)
ldbmessage2["objectClass"] = ldb.MessageElement('posixAccount', ldb.FLAG_MOD_ADD, 'objectClass')
@@ -427,6 +430,17 @@ member: %s
ldbmessage2["gecos"] = ldb.MessageElement(str(gecos), ldb.FLAG_MOD_REPLACE, 'gecos')
if loginshell is not None:
ldbmessage2["loginShell"] = ldb.MessageElement(str(loginshell), ldb.FLAG_MOD_REPLACE, 'loginShell')
+ if unixhome is not None:
+ ldbmessage2["unixHomeDirectory"] = ldb.MessageElement(
+ str(unixhome), ldb.FLAG_MOD_REPLACE, 'unixHomeDirectory')
+ if nisdomain is not None:
+ ldbmessage2["msSFU30NisDomain"] = ldb.MessageElement(
+ str(nisdomain), ldb.FLAG_MOD_REPLACE, 'msSFU30NisDomain')
+ ldbmessage2["msSFU30Name"] = ldb.MessageElement(
+ str(username), ldb.FLAG_MOD_REPLACE, 'msSFU30Name')
+ ldbmessage2["unixUserPassword"] = ldb.MessageElement(
+ 'ABCD!efgh12345$67890', ldb.FLAG_MOD_REPLACE,
+ 'unixUserPassword')
self.transaction_start()
try:
--
Samba Shared Repository
More information about the samba-cvs
mailing list