#!/usr/bin/python
import sys
import optparse
import samba.getopt as options
from samba.dcerpc import security, lsa
from samba.auth import system_session
from samba.samdb import SamDB
import traceback
import ldb

def lsa_QueryInfoPolicy(lp, creds):
	netbios_name = lp.get('netbios name')

	lsa_conn = lsa.lsarpc("ncacn_np:%s" % (netbios_name, ), lp, creds)

	pol_handle = lsa_conn.OpenPolicy2(system_name='\\',
		attr=lsa.ObjectAttribute(),
		access_mask=security.SEC_FLAG_MAXIMUM_ALLOWED)

	info = lsa_conn.QueryInfoPolicy(pol_handle, 12)
	print "Domain NetBios Name:", info.name.string
	print "Domain Sid:", info.sid
	# print "Domain DNS Name:", info.dns_domain.string
	# print "Domain Forest Name:", info.dns_forest.string
	# print "Domain GUID:", info.domain_guid

def create_container(samdb, dn):
	samdb.add({
		"dn": dn,
		"objectClass": ['container'] })

if __name__ == "__main__":
	parser = optparse.OptionParser("%s [options]" % (sys.argv[0], ) )
	sambaopts = options.SambaOptions(parser)
	parser.add_option_group(sambaopts)
	parser.add_option_group(options.VersionOptions(parser))

	### use command line creds if available
	credopts = options.CredentialsOptions(parser)
	parser.add_option_group(credopts)

	lp = sambaopts.get_loadparm()
	creds = credopts.get_credentials(lp, True)
	opts, args = parser.parse_args()

	print "==========================="
	print "Running lsa_QueryInfoPolicy"
	try:
		lsa_QueryInfoPolicy(lp, creds)
	except RuntimeError:
		traceback.print_exc()

	samdb = SamDB("tdb://%s" % lp.private_path("sam.ldb"), credentials=creds, session_info=system_session(lp), lp=lp)
	second_system_container_dn = "cn=system,cn=users," + samdb.domain_dn()
	print "==========================="
	print "Creating container %s" % second_system_container_dn
	try:
		create_container(samdb, second_system_container_dn)
	except ldb.LdbError:
		traceback.print_exc()

	print "==========================="
	print "Running lsa_QueryInfoPolicy again"
	try:
		lsa_QueryInfoPolicy(lp, creds)
	except RuntimeError:
		traceback.print_exc()
	print "==========================="
	print "Removing container %s" % second_system_container_dn
	samdb.delete(second_system_container_dn)