The Samba-Bugzilla – Attachment 10703 Details for
Bug 10909
samba-tool can't treat RCF2307 enabled user accounts
Home
|
New
|
Browse
|
Search
|
[?]
|
Reports
|
Requests
|
Help
|
New Account
|
Log In
[x]
|
Forgot Password
Login:
[x]
[patch]
Patch for master
0001-samba-tool-Create-NIS-enabled-users-and-unixHomeDire.patch (text/plain), 7.32 KB, created by
Marc Muehlfeld
on 2015-01-30 13:49:53 UTC
(
hide
)
Description:
Patch for master
Filename:
MIME Type:
Creator:
Marc Muehlfeld
Created:
2015-01-30 13:49:53 UTC
Size:
7.32 KB
patch
obsolete
>From 2fef8f7a9e3060bca5661644ebdcfd7d4983447a Mon Sep 17 00:00:00 2001 >From: Marc Muehlfeld <mmuehlfeld@samba.org> >Date: Mon, 3 Nov 2014 19:25:19 +0100 >Subject: [PATCH] samba-tool: Create NIS enabled users and unixHomeDirectory > attribute > >Allow to create NIS enabled user accounts via 'samba-tool user add'. > >To create NIS enabled accounts, the parameters >--uid-number=, --login-shell=, --unix-home=, --gid-number= >are mandatory. Because we didn't had a parameter to set unixHomeDirectory >yet, this patch also adds this feature. > >'unixUserPassword: ABCD!efgh12345$67890' is added by default, when you >enable NIS on an account in ADUC. The same we do in samba-tool. > >See: https://bugzilla.samba.org/show_bug.cgi?id=10909 > >Signed-off-by: Marc Muehlfeld <mmuehlfeld@samba.org> >--- > python/samba/netcmd/user.py | 25 +++++++++++++++++++++++-- > python/samba/samdb.py | 18 ++++++++++++++++-- > 2 files changed, 39 insertions(+), 4 deletions(-) > >diff --git a/python/samba/netcmd/user.py b/python/samba/netcmd/user.py >index 344f35f..2bc5522 100644 >--- a/python/samba/netcmd/user.py >+++ b/python/samba/netcmd/user.py >@@ -71,6 +71,13 @@ samba-tool user create User4 passw4rd --rfc2307-from-nss --gecos 'some text' > > Example4 shows how to create a new user with Unix UID, GID and login-shell set from the local NSS and GECOS set to 'some text'. > >+Example5: >+samba-tool user add User5 passw5rd --nis-domain=samdom --unix-home=/home/User5 \ >+ --uid-number=10005 --login-shell=/bin/false --gid-number=10000 >+ >+Example5 shows how to create an RFC2307/NIS domain enabled user account. If >+--nis-domain is set, then the other four parameters are mandatory. >+ > """ > synopsis = "%prog <username> [<password>] [options]" > >@@ -107,6 +114,9 @@ Example4 shows how to create a new user with Unix UID, GID and login-shell set f > Option("--rfc2307-from-nss", > help="Copy Unix user attributes from NSS (will be overridden by explicit UID/GID/GECOS/shell)", > action="store_true"), >+ Option("--nis-domain", help="User's Unix/RFC2307 NIS domain", type=str), >+ Option("--unix-home", help="User's Unix/RFC2307 home directory", >+ type=str), > Option("--uid", help="User's Unix/RFC2307 username", type=str), > Option("--uid-number", help="User's Unix/RFC2307 numeric UID", type=int), > Option("--gid-number", help="User's Unix/RFC2307 primary GID number", type=int), >@@ -130,7 +140,8 @@ Example4 shows how to create a new user with Unix UID, GID and login-shell set f > job_title=None, department=None, company=None, description=None, > mail_address=None, internet_address=None, telephone_number=None, > physical_delivery_office=None, rfc2307_from_nss=False, >- uid=None, uid_number=None, gid_number=None, gecos=None, login_shell=None): >+ nis_domain=None, unix_home=None, uid=None, uid_number=None, >+ gid_number=None, gecos=None, login_shell=None): > > if random_password: > password = generate_random_password(128, 255) >@@ -164,6 +175,14 @@ Example4 shows how to create a new user with Unix UID, GID and login-shell set f > if not lp.get("idmap_ldb:use rfc2307"): > self.outf.write("You are setting a Unix/RFC2307 UID or GID. You may want to set 'idmap_ldb:use rfc2307 = Yes' to use those attributes for XID/SID-mapping.\n") > >+ if nis_domain is not None: >+ if None in (uid_number, login_shell, unix_home, gid_number): >+ raise CommandError('Missing parameters. To enable NIS features, ' >+ 'the following options have to be given: ' >+ '--nis-domain=, --uidNumber=, --login-shell=' >+ ', --unix-home=, --gid-number= Operation ' >+ 'cancelled.') >+ > try: > samdb = SamDB(url=H, session_info=system_session(), > credentials=creds, lp=lp) >@@ -173,7 +192,9 @@ Example4 shows how to create a new user with Unix UID, GID and login-shell set f > jobtitle=job_title, department=department, company=company, description=description, > mailaddress=mail_address, internetaddress=internet_address, > telephonenumber=telephone_number, physicaldeliveryoffice=physical_delivery_office, >- uid=uid, uidnumber=uid_number, gidnumber=gid_number, gecos=gecos, loginshell=login_shell) >+ nisdomain=nis_domain, unixhome=unix_home, uid=uid, >+ uidnumber=uid_number, gidnumber=gid_number, >+ gecos=gecos, loginshell=login_shell) > except Exception, e: > raise CommandError("Failed to add user '%s': " % username, e) > >diff --git a/python/samba/samdb.py b/python/samba/samdb.py >index 0ea52fb..e74e823 100644 >--- a/python/samba/samdb.py >+++ b/python/samba/samdb.py >@@ -302,7 +302,7 @@ member: %s > description=None, mailaddress=None, internetaddress=None, > telephonenumber=None, physicaldeliveryoffice=None, sd=None, > setpassword=True, uidnumber=None, gidnumber=None, gecos=None, >- loginshell=None, uid=None): >+ loginshell=None, uid=None, nisdomain=None, unixhome=None): > """Adds a new user with additional parameters > > :param username: Name of the new user >@@ -333,6 +333,8 @@ member: %s > :param gecos: RFC2307 Unix GECOS field of the new user > :param loginshell: RFC2307 Unix login shell of the new user > :param uid: RFC2307 Unix username of the new user >+ :param nisdomain: RFC2307 Unix NIS domain of the new user >+ :param unixhome: RFC2307 Unix home directory of the new user > """ > > displayname = "" >@@ -413,7 +415,8 @@ member: %s > ldbmessage["nTSecurityDescriptor"] = ndr_pack(sd) > > ldbmessage2 = None >- if any(map(lambda b: b is not None, (uid, uidnumber, gidnumber, gecos, loginshell))): >+ if any(map(lambda b: b is not None, (uid, uidnumber, gidnumber, gecos, >+ loginshell, nisdomain, unixhome))): > ldbmessage2 = ldb.Message() > ldbmessage2.dn = ldb.Dn(self, user_dn) > ldbmessage2["objectClass"] = ldb.MessageElement('posixAccount', ldb.FLAG_MOD_ADD, 'objectClass') >@@ -427,6 +430,17 @@ member: %s > ldbmessage2["gecos"] = ldb.MessageElement(str(gecos), ldb.FLAG_MOD_REPLACE, 'gecos') > if loginshell is not None: > ldbmessage2["loginShell"] = ldb.MessageElement(str(loginshell), ldb.FLAG_MOD_REPLACE, 'loginShell') >+ if unixhome is not None: >+ ldbmessage2["unixHomeDirectory"] = ldb.MessageElement( >+ str(unixhome), ldb.FLAG_MOD_REPLACE, 'unixHomeDirectory') >+ if nisdomain is not None: >+ ldbmessage2["msSFU30NisDomain"] = ldb.MessageElement( >+ str(nisdomain), ldb.FLAG_MOD_REPLACE, 'msSFU30NisDomain') >+ ldbmessage2["msSFU30Name"] = ldb.MessageElement( >+ str(username), ldb.FLAG_MOD_REPLACE, 'msSFU30Name') >+ ldbmessage2["unixUserPassword"] = ldb.MessageElement( >+ 'ABCD!efgh12345$67890', ldb.FLAG_MOD_REPLACE, >+ 'unixUserPassword') > > self.transaction_start() > try: >-- >1.9.3 >
You cannot view the attachment while viewing its details because your browser does not support IFRAMEs.
View the attachment on a separate page
.
View Attachment As Raw
Actions:
View
Attachments on
bug 10909
:
10390
| 10703 |
10705