1
0
mirror of https://github.com/samba-team/samba.git synced 2025-07-25 00:59:11 +03:00

samba-tool: use ldb.binary_encode() on search expression elements

this allows us to deal with search elements containing characters that
must be escaped in LDAP

Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
Pair-Programmed-With: Amitay Isaacs <amitay@gmail.com>
This commit is contained in:
Andrew Tridgell
2011-07-28 17:14:28 +10:00
parent 8dda0ef57f
commit 03f92508ef
9 changed files with 27 additions and 24 deletions

View File

@ -189,7 +189,7 @@ pwdLastSet: 0
:param groupname: Name of the target group
"""
groupfilter = "(&(sAMAccountName=%s)(objectCategory=%s,%s))" % (groupname, "CN=Group,CN=Schema,CN=Configuration", self.domain_dn())
groupfilter = "(&(sAMAccountName=%s)(objectCategory=%s,%s))" % (ldb.binary_encode(groupname), "CN=Group,CN=Schema,CN=Configuration", self.domain_dn())
self.transaction_start()
try:
targetgroup = self.search(base=self.domain_dn(), scope=ldb.SCOPE_SUBTREE,
@ -214,7 +214,8 @@ pwdLastSet: 0
operation
"""
groupfilter = "(&(sAMAccountName=%s)(objectCategory=%s,%s))" % (groupname, "CN=Group,CN=Schema,CN=Configuration", self.domain_dn())
groupfilter = "(&(sAMAccountName=%s)(objectCategory=%s,%s))" % (
ldb.binary_encode(groupname), "CN=Group,CN=Schema,CN=Configuration", self.domain_dn())
groupmembers = listofmembers.split(',')
self.transaction_start()
@ -234,7 +235,8 @@ changetype: modify
for member in groupmembers:
targetmember = self.search(base=self.domain_dn(), scope=ldb.SCOPE_SUBTREE,
expression="(|(sAMAccountName=%s)(CN=%s))" % (member, member), attrs=[])
expression="(|(sAMAccountName=%s)(CN=%s))" % (
ldb.binary_encode(member), ldb.binary_encode(member)), attrs=[])
if len(targetmember) != 1:
continue
@ -378,7 +380,7 @@ member: %s
# Sets the password for it
if setpassword:
self.setpassword("(samAccountName=%s)" % username, password,
self.setpassword("(samAccountName=%s)" % ldb.binary_encode(username), password,
force_password_change_at_next_login_req)
except Exception:
self.transaction_cancel()