[PATCH] samba-tool: Create NIS enabled users and unixHomeDirectory attribute

Marc Muehlfeld mmuehlfeld at samba.org
Mon Nov 3 11:48:31 MST 2014 

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Hello Jelmer

thanks for looking at my patch.


Am 30.10.2014 um 21:56 schrieb Jelmer Vernooij:
>> @@ -412,8 +414,15 @@ member: %s if sd is not None: 
>> ldbmessage["nTSecurityDescriptor"] = ndr_pack(sd)
>> 
>> +        if nisdomain is not None: +            if None in
>> (uidnumber, loginshell, unixhome, gidnumber): +
>> raise Exception("""Missing parameters. To enable NIS features, 
>> +the follwing options have to be given: +--nis-domain=,
>> --uidNumber=, --login-shell=, --unix-home=, --gid-number= 
>> +Operation cancelled.""") +
> Please don't raise Exception for user-facing errors but
> CommandError. The description should generally also be a single
> line like in all Python errors.
> 
> s/follwing/following/

New patch attached.
Also with line breaks < 80 characters.



>> +            if nisdomain is not None: +
>> ldbmessage2["msSFU30NisDomain"] =
>> ldb.MessageElement(str(nisdomain), ldb.FLAG_MOD_REPLACE,
>> 'msSFU30NisDomain') +                ldbmessage2["msSFU30Name"] =
>> ldb.MessageElement(str(username), ldb.FLAG_MOD_REPLACE,
>> 'msSFU30Name') +                ldbmessage2["unixUserPassword"] =
>> ldb.MessageElement('ABCD!efgh12345$67890', ldb.FLAG_MOD_REPLACE,
>> 'unixUserPassword')
> 
> ^^^ This just seems to hardcode a user password?

Yes. It's the default value that is added e. g. by ADUC, if you enable
NIS on an user account. ADUC adds then
   unixUserPassword: ABCD!efgh12345$67890
automatically. That's why I do the same here.


There's a way to setup password syncronisation on Windows
   http://technet.microsoft.com/en-us/library/cc756870%28WS.10%29.aspx
but Samba doesn't have this yet. See Andrews reply on a request about
this on the mailing list one month ago:
https://lists.samba.org/archive/samba/2014-September/184960.html
https://lists.samba.org/archive/samba/2014-September/185054.html



Regards,
Marc

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iQEcBAEBAgAGBQJUV83uAAoJEFNERvHO3m51rjUH/A7bcuOqOV/KLvRxPgzV77Ng
8ItpfWzhg0m244AKaCKuLkPD2wlcRxr/9K2GwvxxtQC+OU8yW+PFthMXdy28EJ/Y
1Q/tZZINNYK0k41DUuly8auwkOEMPp6b1QRmYDrZFfjHVhMCznQ6iP4MFAeLgy8I
EqlrfWHkpwsIBM0c3DsEgexWJnTGpYFZpSVjyN1ic8FR+sNfC0pHWK9VswsyrIwH
dO2FnyzC/XzSIVbhAzo48Ukn+tTMBSN66Sqlv5kEWM3AvX4PeytPuVGOHfnTMK3Q
aIWDs7MZUMyInTcUdd3WoNB6NPCxzz+BAFNMkocKH7CWbjrdyQx9LhCk0tEgD3g=
=MfJ3
-----END PGP SIGNATURE-----
-------------- next part --------------
A non-text attachment was scrubbed...
Name: 0001-samba-tool-Create-NIS-enabled-users-and-unixHomeDire.patch
Type: text/x-patch
Size: 7495 bytes
Desc: not available
URL: <http://lists.samba.org/pipermail/samba-technical/attachments/20141103/ab797d94/attachment.bin>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: 0001-samba-tool-Create-NIS-enabled-users-and-unixHomeDire.patch.sig
Type: application/pgp-signature
Size: 287 bytes
Desc: not available
URL: <http://lists.samba.org/pipermail/samba-technical/attachments/20141103/ab797d94/attachment.pgp>

More information about the samba-technical mailing list