2025-08-04 08:22:08 +03:00 · 2007-12-24 14:16:59 -06:00
parent 8ada900ee6
commit 3c22677a8c
3 changed files with 99 additions and 66 deletions
--- a/source4/scripting/bin/samba3dump
+++ b/source4/scripting/bin/samba3dump
@ -11,7 +11,7 @@ sys.path.append(os.path.join(os.path.dirname(__file__), "../python"))
 import samba
 import samba.samba3
-parser = optparse.OptionParser("provision <libdir> <smb.conf>")
+parser = optparse.OptionParser("provision <libdir> [<smb.conf>]")
 parser.add_option("--format", type="choice", metavar="FORMAT",
 		          choices=["full", "summary"])
@ -28,14 +28,22 @@ def print_samba3_policy(pol):
 	print_header("Account Policies")
 	print "Min password length: %d" % pol.min_password_length
 	print "Password history length: %d" % pol.password_history
-	print "User must logon to change password: %d" % pol.user_must_logon_to_change_password
+	if pol.user_must_logon_to_change_password:
-	print "Maximum password age: %d" % pol.maximum_password_age
+		print "User must logon to change password: %d" % pol.user_must_logon_to_change_password
-	print "Minimum password age: %d" % pol.minimum_password_age
+	if pol.maximum_password_age:
-	print "Lockout duration: %d" % pol.lockout_duration
+		print "Maximum password age: %d" % pol.maximum_password_age
-	print "Reset Count Minutes: %d" % pol.reset_count_minutes
+	if pol.minimum_password_age:
-	print "Bad Lockout Minutes: %d" % pol.bad_lockout_minutes
+		print "Minimum password age: %d" % pol.minimum_password_age
-	print "Disconnect Time: %d" % pol.disconnect_time
+	if pol.lockout_duration:
-	print "Refuse Machine Password Change: %d" % pol.refuse_machine_password_change
+		print "Lockout duration: %d" % pol.lockout_duration
 	if pol.reset_count_minutes:
 		print "Reset Count Minutes: %d" % pol.reset_count_minutes
 	if pol.bad_lockout_minutes:
 		print "Bad Lockout Minutes: %d" % pol.bad_lockout_minutes
 	if pol.disconnect_time:
 		print "Disconnect Time: %d" % pol.disconnect_time
 	if pol.refuse_machine_password_change:
 		print "Refuse Machine Password Change: %d" % pol.refuse_machine_password_change
 def print_samba3_sam(samba3):
 	print_header("SAM Database")
@ -56,55 +64,55 @@ def print_samba3_shares(samba3):
 def print_samba3_secrets(secrets):
 	print_header("Secrets")
-	print "IPC Credentials:"
+	if secrets.get_auth_user():
-	if secrets.ipc_cred.username_obtained:
+		print "IPC Credentials:"
-		print "	User: %s\n" % secrets.ipc_cred.get_username
+		if secrets.get_auth_user():
-	if secrets.ipc_cred.password_obtained:
+			print "	User: %s\n" % secrets.get_auth_user()
-		print "	Password: %s\n" % secrets.ipc_cred.get_password
+		if secrets.get_auth_password():
 			print "	Password: %s\n" % secrets.get_auth_password()
 		if secrets.get_auth_domain():
 			print "	Domain: %s\n" % secrets.get_auth_domain()
-	if secrets.ipc_cred.domain_obtained:
+	if len(list(secrets.ldap_dns())) > 0:
-		print "	Domain: %s\n" % secrets.ipc_cred.get_domain
+		print "LDAP passwords:"
-
+		for dn in secrets.ldap_dns():
-	print "LDAP passwords:"
+			print "\t%s -> %s" % (dn, secrets.get_ldap_bind_pw(dn))
-	for pw in secrets.ldappws:
+		print ""
 		print "\t%s -> %s" % (pw.dn, pw.password)
 	print ""
 	print "Domains:"
-	for d in secrets.domains:
+	for domain in secrets.domains():
-		print "\t--- %s ---" % d.name
+		print "\t--- %s ---" % domain
-		print "\tSID: %s" % d.sid
+		print "\tSID: %s" % secrets.get_sid(domain)
-		print "\tGUID: %s" % d.guid
+		print "\tGUID: %s" % secrets.get_dom_guid(domain)
-		print "\tPlaintext pwd: %s" % d.plaintext_pw
+		print "\tPlaintext pwd: %s" % secrets.get_machine_password(domain)
-		print "\tLast Changed: %lu" % d.last_change_time
+		if secrets.get_machine_last_change_time(domain):
-		print "\tSecure Channel Type: %d\n" % d.sec_channel_type
+			print "\tLast Changed: %lu" % secrets.get_machine_last_change_time(domain)
 		if secrets.get_machine_sec_channel_type(domain):
 			print "\tSecure Channel Type: %d\n" % secrets.get_machine_sec_channel_type(domain)
 	print "Trusted domains:"
-	for td in secrets.trusted_domains:
+	for td in secrets.trusted_domains():
-		for n in td.uni_name:
+		print td
 			print "\t--- %s ---" % n
 		print "\tPassword: %s" % td.password
 		print "\tModified: %lu" % td.mod_time
 		print "\tSID: %s" % td.domain_sid
 def print_samba3_regdb(regdb):
 	print_header("Registry")
-	for k in regdb.keys:
+	for k in regdb.keys():
-		print "%s\n" % k.name
+		print "%s" % k
 		for v in regdb.values(k):
 			print "\t%s: type %d, length %d" % (v.name, v.type, v.data.length)
-def print_samba3_winsdb(samba3):
+def print_samba3_winsdb(winsdb):
 	print_header("WINS Database")
-	for e in samba3.winsentries:
+	for name in winsdb:
-		print "%s, nb_flags: %x, type: %d, ttl: %lu, %d ips, fst: %s" % (e.name, e.nb_flags, e.type, e.ttl, e.ips.length, e.ips[0])
+		(ttl, ips, nb_flags) = winsdb[name]
 		print "%s, nb_flags: %s, ttl: %lu, %d ips, fst: %s" % (name, nb_flags, ttl, len(ips), ips[0])
 def print_samba3_groupmappings(groupdb):
 	print_header("Group Mappings")
-	for g in groupdb.groupmappings:
+	for sid in groupdb.groupsids():
 		print "\t--- Group: %s ---" % g.nt_name
 		print "\tComment: %s" % g.comment
 		print "\tGID: %d" % g.gid
@ -130,26 +138,33 @@ def print_samba3_idmapdb(idmapdb):
 			print "%s -> UID %d" % (e.sid, e.unix_id)
 def print_samba3(samba3):
 	print_samba3_sam(samba3)
 	print_samba3_policy(samba3.get_policy_db())
 	print_samba3_shares(samba3)
 	print_samba3_winsdb(samba3.get_wins_db())
 	print_samba3_regdb(samba3.get_registry())
 	print_samba3_secrets(samba3.get_secrets_db())
-	print_samba3_groupmappings(samba3.get_groupmapping_db())
+	groupdb = samba3.get_groupmapping_db()
-	print_samba3_aliases(samba3)
+	print_samba3_groupmappings(groupdb)
 	print_samba3_aliases(groupdb)
 	print_samba3_idmapdb(samba3.get_idmap_db())
 	print_samba3_shares(samba3)
 	print_samba3_sam(samba3)
 def print_samba3_summary(samba3):
-	print "WINS db entries: %d" % len(samba3.winsentries)
+	print "WINS db entries: %d" % len(samba3.get_wins_db())
-	print "SAM Accounts: %d" % len(samba3.samaccounts)
+	print "Registry key count: %d" % len(samba3.get_registry())
-	print "Registry key count: %d" % len(samba3.registry.keys)
+	groupdb = samba3.get_groupmapping_db()
-	print "Shares (including [global]): %d" % len(samba3.shares)
+	print "Groupmap count: %d" % len(list(groupdb.groupsids()))
-	print "Groupmap count: %d" % len(samba3.groupmappings)
+	print "Alias count: %d" % len(list(groupdb.aliases()))
-	print "Alias count: %d" % len(samba3.aliases)
+	idmapdb = samba3.get_idmap_db()
-	print "Idmap count: %d" % len(samba3.idmapdb.mappings)
+	print "Idmap count: %d" % (len(list(idmapdb.uids())) + len(list(idmapdb.gids())))
-samba3 = samba.samba3.Samba3(args[0], args[1])
+libdir = args[0]
 if len(args) > 1:
 	smbconf = args[2]
 else:
 	smbconf = os.path.join(libdir, "smb.conf")
 samba3 = samba.samba3.Samba3(libdir, smbconf)
 if opts.format == "summary":
 	print_samba3_summary(samba3)
--- a/source4/scripting/python/samba/samba3.py
+++ b/source4/scripting/python/samba/samba3.py
@ -170,6 +170,16 @@ class SecretsDatabase:
    def get_dom_guid(self, host):
        return self.tdb.get("SECRETS/DOMGUID/%s" % host)
    def ldap_dns(self):
        for k in self.tdb.keys():
            if k.startswith("SECRETS/LDAP_BIND_PW/"):
                yield k[len("SECRETS/LDAP_BIND_PW/"):].rstrip("\0")
    def domains(self):
        for k in self.tdb.keys():
            if k.startswith("SECRETS/SID/"):
                yield k[len("SECRETS/SID/"):].rstrip("\0")
    def get_ldap_bind_pw(self, host):
        return self.tdb.get("SECRETS/LDAP_BIND_PW/%s" % host)
@ -177,10 +187,10 @@ class SecretsDatabase:
        return self.tdb.get("SECRETS/AFS_KEYFILE/%s" % host)
    def get_machine_sec_channel_type(self, host):
-        return self.tdb.get("SECRETS/MACHINE_SEC_CHANNEL_TYPE/%s" % host)
+        return self.tdb.fetch_uint32("SECRETS/MACHINE_SEC_CHANNEL_TYPE/%s" % host)
    def get_machine_last_change_time(self, host):
-        return self.tdb.get("SECRETS/MACHINE_LAST_CHANGE_TIME/%s" % host)
+        return self.tdb.fetch_uint32("SECRETS/MACHINE_LAST_CHANGE_TIME/%s" % host)
    def get_machine_password(self, host):
        return self.tdb.get("SECRETS/MACHINE_PASSWORD/%s" % host)
@ -191,6 +201,11 @@ class SecretsDatabase:
    def get_domtrust_acc(self, host):
        return self.tdb.get("SECRETS/$DOMTRUST.ACC/%s" % host)
    def trusted_domains(self):
        for k in self.tdb.keys():
            if k.startswith("SECRETS/$DOMTRUST.ACC/"):
                yield k[len("SECRETS/$DOMTRUST.ACC/"):].rstrip("\0")
    def get_random_seed(self):
        return self.tdb.get("INFO/random_seed")
@ -307,6 +322,9 @@ class SmbpasswdFile:
    def __getitem__(self, name):
        return self.users[name]
    def __iter__(self):
        return iter(self.entries)
    def close(self): # For consistency
        pass
@ -363,7 +381,6 @@ class WinsDatabase:
            if l[0] == "#": # skip comments
                continue
            entries = shellsplit(l.rstrip("\n"))
            print entries
            name = entries[0]
            ttl = int(entries[1])
            i = 2
@ -382,31 +399,34 @@ class WinsDatabase:
    def __len__(self):
        return len(self.entries)
    def __iter__(self):
        return iter(self.entries)
    def close(self): # for consistency
        pass
 class Samba3:
-    def __init__(self, smbconfpath, libdir):
+    def __init__(self, libdir, smbconfpath):
        self.smbconfpath = smbconfpath
        self.libdir = libdir
    def get_policy_db(self):
-        return PolicyDatabase(os.path.join(libdir, "account_policy.tdb"))
+        return PolicyDatabase(os.path.join(self.libdir, "account_policy.tdb"))
    def get_registry(self):
-        return Registry(os.path.join(libdir, "registry.tdb"))
+        return Registry(os.path.join(self.libdir, "registry.tdb"))
    def get_secrets_db(self):
-        return SecretsDatabase(os.path.join(libdir, "secrets.tdb"))
+        return SecretsDatabase(os.path.join(self.libdir, "secrets.tdb"))
    def get_shares_db(self):
-        return ShareInfoDatabase(os.path.join(libdir, "share_info.tdb"))
+        return ShareInfoDatabase(os.path.join(self.libdir, "share_info.tdb"))
    def get_idmap_db(self):
-        return IdmapDatabase(os.path.join(libdir, "winbindd_idmap.tdb"))
+        return IdmapDatabase(os.path.join(self.libdir, "winbindd_idmap.tdb"))
    def get_wins_db(self):
-        return WinsDatabase(os.path.join(libdir, "wins.dat"))
+        return WinsDatabase(os.path.join(self.libdir, "wins.dat"))
    def get_groupmapping_db(self):
-        return GroupMappingDatabase(os.path.join(libdir, "group_mapping.tdb"))
+        return GroupMappingDatabase(os.path.join(self.libdir, "group_mapping.tdb"))
--- a/source4/scripting/python/samba/upgrade.py
+++ b/source4/scripting/python/samba/upgrade.py
@ -447,7 +447,6 @@ def upgrade_smbconf(oldconf,mark):
 def upgrade(subobj, samba3, message, paths, session_info, credentials):
    ret = 0
    lp = loadparm_init()
    samdb = Ldb(paths.samdb, session_info=session_info, credentials=credentials)
    message("Writing configuration")
@ -455,8 +454,7 @@ def upgrade(subobj, samba3, message, paths, session_info, credentials):
    newconf.save(paths.smbconf)
    message("Importing account policies")
-    ldif = upgrade_sam_policy(samba3,subobj.BASEDN)
+    samdb.modify_ldif(upgrade_sam_policy(samba3,subobj.BASEDN))
    samdb.modify(ldif)
    regdb = Ldb(paths.hklm)
    regdb.modify("""