[PATCH] Add option --nis-domain and --gid to samba-tool group add
Michael Adam
obnox at samba.org
Thu Oct 23 07:56:01 MDT 2014
pushed
On 2014-10-18 at 00:58 +0200, Marc Muehlfeld wrote:
> Hello Michael,
>
> thanks for having a look at my patch.
>
>
>
> Am 17.10.2014 um 01:05 schrieb Michael Adam:
> > Generally, this looks good. But is the code enough? One comment
> > says: "Example3 adds a new RFC2307 enabled group for NIS domain
> > samdom and GID 12345 (both options are required to enable this
> > feature." But the code makes no special check for that.
>
> I added a check, to ensure, that both options are present or none.
> Also I add now the 'msSFU30Name' attribute, like it's done by ADUC
> (thanks to Rowland, for pointing me to that).
>
> New patch attached. Please review and push, if OK.
>
>
>
> > +Maybe an additional patch to adapt the manpage?
>
> The current manpage of samba-tool in master, doesn't describe any
> option of the different sub-commands. It just says
>
> group add groupname [options]
> Create a new AD group.
>
> I think adding the different options for all sub-commands should be a
> separate task. I can do this later. I created a feature request
> (https://bugzilla.samba.org/show_bug.cgi?id=10884) and assigned it me.
>
>
> Regards,
> Marc
> From cb3ef62390547610cda31a627615e6cce5168776 Mon Sep 17 00:00:00 2001
> From: Marc Muehlfeld <mmuehlfeld at samba.org>
> Date: Sat, 18 Oct 2014 00:34:35 +0200
> Subject: [PATCH] samba-tool group add - Add option --nis-domain and --gid
>
> This allows creating RFC2307 enabled groups via samba-tool
>
> Signed-off-by: Marc Muehlfeld <mmuehlfeld at samba.org>
> ---
> python/samba/netcmd/group.py | 15 +++++++++++++--
> python/samba/samdb.py | 13 ++++++++++++-
> 2 files changed, 25 insertions(+), 3 deletions(-)
>
> diff --git a/python/samba/netcmd/group.py b/python/samba/netcmd/group.py
> index 1a24e5f..cabb62e 100644
> --- a/python/samba/netcmd/group.py
> +++ b/python/samba/netcmd/group.py
> @@ -70,6 +70,11 @@ Example2:
> sudo samba-tool group add Group2 --group-type=Distribution
>
> Example2 adds a new distribution group to the local server. The command is run under root using the sudo command.
> +
> +Example3:
> +samba-tool group add Group3 --nis-domain=samdom --gid=12345
> +
> +Example3 adds a new RFC2307 enabled group for NIS domain samdom and GID 12345 (both options are required to enable this feature).
> """
>
> synopsis = "%prog <groupname> [options]"
> @@ -93,19 +98,24 @@ Example2 adds a new distribution group to the local server. The command is run
> Option("--description", help="Group's description", type=str),
> Option("--mail-address", help="Group's email address", type=str),
> Option("--notes", help="Groups's notes", type=str),
> + Option("--gid-number", help="Group's Unix/RFC2307 GID number", type=int),
> + Option("--nis-domain", help="SFU30 NIS Domain", type=str),
> ]
>
> takes_args = ["groupname"]
>
> def run(self, groupname, credopts=None, sambaopts=None,
> versionopts=None, H=None, groupou=None, group_scope=None,
> - group_type=None, description=None, mail_address=None, notes=None):
> + group_type=None, description=None, mail_address=None, notes=None, gid_number=None, nis_domain=None):
>
> if (group_type or "Security") == "Security":
> gtype = security_group.get(group_scope, GTYPE_SECURITY_GLOBAL_GROUP)
> else:
> gtype = distribution_group.get(group_scope, GTYPE_DISTRIBUTION_GLOBAL_GROUP)
>
> + if (gid_number is None and nis_domain is not None) or (gid_number is not None and nis_domain is None):
> + raise CommandError('--gid-number and --nis-domain have both to be set. Operation cancelled.')
> +
> lp = sambaopts.get_loadparm()
> creds = credopts.get_credentials(lp, fallback_machine=True)
>
> @@ -113,7 +123,8 @@ Example2 adds a new distribution group to the local server. The command is run
> samdb = SamDB(url=H, session_info=system_session(),
> credentials=creds, lp=lp)
> samdb.newgroup(groupname, groupou=groupou, grouptype = gtype,
> - description=description, mailaddress=mail_address, notes=notes)
> + description=description, mailaddress=mail_address, notes=notes,
> + gidnumber=gid_number, nisdomain=nis_domain)
> except Exception, e:
> # FIXME: catch more specific exception
> raise CommandError('Failed to create group "%s"' % groupname, e)
> diff --git a/python/samba/samdb.py b/python/samba/samdb.py
> index 2dfc839..e68519f 100644
> --- a/python/samba/samdb.py
> +++ b/python/samba/samdb.py
> @@ -169,7 +169,8 @@ pwdLastSet: 0
> self.modify_ldif(mod)
>
> def newgroup(self, groupname, groupou=None, grouptype=None,
> - description=None, mailaddress=None, notes=None, sd=None):
> + description=None, mailaddress=None, notes=None, sd=None,
> + gidnumber=None, nisdomain=None):
> """Adds a new group with additional parameters
>
> :param groupname: Name of the new group
> @@ -177,6 +178,8 @@ pwdLastSet: 0
> :param description: Description of the new group
> :param mailaddress: Email address of the new group
> :param notes: Notes of the new group
> + :param gidnumber: GID Number of the new group
> + :param nisdomain: NIS Domain Name of the new group
> :param sd: security descriptor of the object
> """
>
> @@ -188,6 +191,8 @@ pwdLastSet: 0
> "sAMAccountName": groupname,
> "objectClass": "group"}
>
> + ldbmessage["msSFU30Name"] = groupname
> +
> if grouptype is not None:
> ldbmessage["groupType"] = normalise_int32(grouptype)
>
> @@ -200,6 +205,12 @@ pwdLastSet: 0
> if notes is not None:
> ldbmessage["info"] = notes
>
> + if gidnumber is not None:
> + ldbmessage["gidNumber"] = normalise_int32(gidnumber)
> +
> + if nisdomain is not None:
> + ldbmessage["msSFU30NisDomain"] = nisdomain
> +
> if sd is not None:
> ldbmessage["nTSecurityDescriptor"] = ndr_pack(sd)
>
> --
> 1.9.3
>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 198 bytes
Desc: Digital signature
URL: <http://lists.samba.org/pipermail/samba-technical/attachments/20141023/04e169a6/attachment.pgp>
More information about the samba-technical
mailing list