2010-06-24 08:33:58 +04:00
#!/usr/bin/env python
2010-06-07 20:10:28 +04:00
#
# Adds a new user to a Samba4 server
# Copyright Jelmer Vernooij 2008
#
# Based on the original in EJS:
# Copyright Andrew Tridgell 2005
2011-07-15 20:07:03 +04:00
# Copyright Giampaolo Lauria 2011 <lauria2@yahoo.com>
2010-06-07 20:10:28 +04:00
#
# This program is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
# the Free Software Foundation; either version 3 of the License, or
# (at your option) any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program. If not, see <http://www.gnu.org/licenses/>.
import samba . getopt as options
from samba . netcmd import Command , SuperCommand , CommandError , Option
import ldb
from getpass import getpass
from samba . auth import system_session
from samba . samdb import SamDB
from samba . dsdb import (
GTYPE_SECURITY_DOMAIN_LOCAL_GROUP ,
GTYPE_SECURITY_GLOBAL_GROUP ,
GTYPE_SECURITY_UNIVERSAL_GROUP ,
GTYPE_DISTRIBUTION_DOMAIN_LOCAL_GROUP ,
GTYPE_DISTRIBUTION_GLOBAL_GROUP ,
GTYPE_DISTRIBUTION_UNIVERSAL_GROUP ,
)
security_group = dict ( { " Domain " : GTYPE_SECURITY_DOMAIN_LOCAL_GROUP , " Global " : GTYPE_SECURITY_GLOBAL_GROUP , " Universal " : GTYPE_SECURITY_UNIVERSAL_GROUP } )
distribution_group = dict ( { " Domain " : GTYPE_DISTRIBUTION_DOMAIN_LOCAL_GROUP , " Global " : GTYPE_DISTRIBUTION_GLOBAL_GROUP , " Universal " : GTYPE_DISTRIBUTION_UNIVERSAL_GROUP } )
class cmd_group_add ( Command ) :
""" Creates a new group """
2011-09-06 21:12:36 +04:00
synopsis = " % prog group add <groupname> [options] "
2010-06-07 20:10:28 +04:00
takes_options = [
2011-07-25 19:56:10 +04:00
Option ( " -H " , " --URL " , help = " LDB URL for database or target server " , type = str ,
metavar = " URL " , dest = " H " ) ,
2010-06-07 20:10:28 +04:00
Option ( " --groupou " ,
2011-09-13 02:20:17 +04:00
help = " Alternative location (without domainDN counterpart) to default CN=Users in which new user object will be created " ,
type = str ) ,
2010-06-07 20:10:28 +04:00
Option ( " --group-scope " , type = " choice " , choices = [ " Domain " , " Global " , " Universal " ] ,
help = " Group scope (Domain | Global | Universal) " ) ,
Option ( " --group-type " , type = " choice " , choices = [ " Security " , " Distribution " ] ,
help = " Group type (Security | Distribution) " ) ,
Option ( " --description " , help = " Group ' s description " , type = str ) ,
Option ( " --mail-address " , help = " Group ' s email address " , type = str ) ,
Option ( " --notes " , help = " Groups ' s notes " , type = str ) ,
]
takes_args = [ " groupname " ]
def run ( self , groupname , credopts = None , sambaopts = None ,
versionopts = None , H = None , groupou = None , group_scope = None ,
group_type = None , description = None , mail_address = None , notes = None ) :
2010-06-08 23:33:56 +04:00
if ( group_type or " Security " ) == " Security " :
2010-06-07 20:10:28 +04:00
gtype = security_group . get ( group_scope , GTYPE_SECURITY_GLOBAL_GROUP )
else :
gtype = distribution_group . get ( group_scope , GTYPE_DISTRIBUTION_GLOBAL_GROUP )
lp = sambaopts . get_loadparm ( )
2010-12-08 00:20:54 +03:00
creds = credopts . get_credentials ( lp , fallback_machine = True )
2010-06-07 20:10:28 +04:00
try :
samdb = SamDB ( url = H , session_info = system_session ( ) ,
credentials = creds , lp = lp )
samdb . newgroup ( groupname , groupou = groupou , grouptype = gtype ,
description = description , mailaddress = mail_address , notes = notes )
2010-11-29 06:15:57 +03:00
except Exception , e :
raise CommandError ( ' Failed to create group " %s " ' % groupname , e )
2011-06-17 07:35:52 +04:00
print ( " Added group %s " % groupname )
2010-06-07 20:10:28 +04:00
2010-06-08 23:33:56 +04:00
2010-06-07 20:10:28 +04:00
class cmd_group_delete ( Command ) :
""" Delete a group """
2011-09-06 21:12:36 +04:00
synopsis = " % prog group delete <groupname> [options] "
2010-06-07 20:10:28 +04:00
takes_options = [
2011-07-25 19:56:10 +04:00
Option ( " -H " , " --URL " , help = " LDB URL for database or target server " , type = str ,
metavar = " URL " , dest = " H " ) ,
2010-06-07 20:10:28 +04:00
]
takes_args = [ " groupname " ]
def run ( self , groupname , credopts = None , sambaopts = None , versionopts = None , H = None ) :
lp = sambaopts . get_loadparm ( )
2010-12-08 00:20:54 +03:00
creds = credopts . get_credentials ( lp , fallback_machine = True )
2010-06-07 20:10:28 +04:00
try :
samdb = SamDB ( url = H , session_info = system_session ( ) ,
credentials = creds , lp = lp )
samdb . deletegroup ( groupname )
2010-11-29 06:15:57 +03:00
except Exception , e :
raise CommandError ( ' Failed to remove group " %s " ' % groupname , e )
2011-06-17 07:35:52 +04:00
print ( " Deleted group %s " % groupname )
2010-06-07 20:10:28 +04:00
2010-06-08 23:33:56 +04:00
2010-06-07 20:10:28 +04:00
class cmd_group_add_members ( Command ) :
""" Add (comma-separated list of) group members """
2011-09-06 21:12:36 +04:00
synopsis = " % prog group addmembers <groupname> <listofmembers> [options] "
2010-06-07 20:10:28 +04:00
takes_options = [
2011-07-25 19:56:10 +04:00
Option ( " -H " , " --URL " , help = " LDB URL for database or target server " , type = str ,
metavar = " URL " , dest = " H " ) ,
2010-06-07 20:10:28 +04:00
]
takes_args = [ " groupname " , " listofmembers " ]
def run ( self , groupname , listofmembers , credopts = None , sambaopts = None ,
versionopts = None , H = None ) :
lp = sambaopts . get_loadparm ( )
2010-12-08 00:20:54 +03:00
creds = credopts . get_credentials ( lp , fallback_machine = True )
2010-06-07 20:10:28 +04:00
try :
samdb = SamDB ( url = H , session_info = system_session ( ) ,
credentials = creds , lp = lp )
samdb . add_remove_group_members ( groupname , listofmembers , add_members_operation = True )
2010-11-29 06:15:57 +03:00
except Exception , e :
raise CommandError ( ' Failed to add members " %s " to group " %s " ' % ( listofmembers , groupname ) , e )
2011-06-17 07:35:52 +04:00
print ( " Added members to group %s " % groupname )
2010-06-07 20:10:28 +04:00
2010-06-08 23:33:56 +04:00
2010-06-07 20:10:28 +04:00
class cmd_group_remove_members ( Command ) :
""" Remove (comma-separated list of) group members """
2011-09-06 21:12:36 +04:00
synopsis = " % prog group removemembers <groupname> <listofmembers> [options] "
2010-06-07 20:10:28 +04:00
takes_options = [
2011-07-25 19:56:10 +04:00
Option ( " -H " , " --URL " , help = " LDB URL for database or target server " , type = str ,
metavar = " URL " , dest = " H " ) ,
2010-06-07 20:10:28 +04:00
]
takes_args = [ " groupname " , " listofmembers " ]
def run ( self , groupname , listofmembers , credopts = None , sambaopts = None ,
versionopts = None , H = None ) :
lp = sambaopts . get_loadparm ( )
2010-12-08 00:20:54 +03:00
creds = credopts . get_credentials ( lp , fallback_machine = True )
2010-06-07 20:10:28 +04:00
try :
samdb = SamDB ( url = H , session_info = system_session ( ) ,
credentials = creds , lp = lp )
samdb . add_remove_group_members ( groupname , listofmembers , add_members_operation = False )
2010-11-29 06:15:57 +03:00
except Exception , e :
raise CommandError ( ' Failed to remove members " %s " from group " %s " ' % ( listofmembers , groupname ) , e )
2011-06-17 07:35:52 +04:00
print ( " Removed members from group %s " % groupname )
2010-06-07 20:10:28 +04:00
2010-06-08 23:33:56 +04:00
2010-06-07 20:10:28 +04:00
class cmd_group ( SuperCommand ) :
""" Group management """
subcommands = { }
subcommands [ " add " ] = cmd_group_add ( )
subcommands [ " delete " ] = cmd_group_delete ( )
subcommands [ " addmembers " ] = cmd_group_add_members ( )
subcommands [ " removemembers " ] = cmd_group_remove_members ( )
