mirror of
https://github.com/samba-team/samba.git
synced 2025-07-28 11:42:03 +03:00
Add a setexpiry operation in samdb.py
This makes it easy to set the expiry (or no expiry) for a samdb user
(This used to be commit 25171f18a4)
This commit is contained in:
Andrew Tridgell
@ -100,3 +100,16 @@ bool dsdb_set_ntds_invocation_id(struct ldb_context *ldb, const char *guid)
|
||||
char *private_path(TALLOC_CTX* mem_ctx, struct loadparm_context *lp_ctx,
|
||||
const char *name);
|
||||
|
||||
typedef unsigned long time_t;
|
||||
|
||||
/*
|
||||
convert from unix time to NT time
|
||||
*/
|
||||
%inline %{
|
||||
uint64_t unix2nttime(time_t t)
|
||||
{
|
||||
NTTIME nt;
|
||||
unix_to_nt_time(&nt, t);
|
||||
return (uint64_t)nt;
|
||||
}
|
||||
%}
|
||||
|
||||
@ -1,5 +1,5 @@
|
||||
# This file was automatically generated by SWIG (http://www.swig.org).
|
||||
# Version 1.3.35
|
||||
# Version 1.3.36
|
||||
#
|
||||
# Don't modify this file, modify the SWIG interface instead.
|
||||
|
||||
@ -118,5 +118,6 @@ def ldb_register_samba_handlers(*args, **kwargs):
|
||||
return _misc.ldb_register_samba_handlers(*args, **kwargs)
|
||||
dsdb_set_ntds_invocation_id = _misc.dsdb_set_ntds_invocation_id
|
||||
private_path = _misc.private_path
|
||||
unix2nttime = _misc.unix2nttime
|
||||
|
||||
|
||||
|
||||
@ -1,6 +1,6 @@
|
||||
/* ----------------------------------------------------------------------------
|
||||
* This file was automatically generated by SWIG (http://www.swig.org).
|
||||
* Version 1.3.35
|
||||
* Version 1.3.36
|
||||
*
|
||||
* This file is not intended to be easily readable and contains a number of
|
||||
* coding conventions designed to improve portability and efficiency. Do not make
|
||||
@ -52,6 +52,12 @@
|
||||
# endif
|
||||
#endif
|
||||
|
||||
#ifndef SWIG_MSC_UNSUPPRESS_4505
|
||||
# if defined(_MSC_VER)
|
||||
# pragma warning(disable : 4505) /* unreferenced local function has been removed */
|
||||
# endif
|
||||
#endif
|
||||
|
||||
#ifndef SWIGUNUSEDPARM
|
||||
# ifdef __cplusplus
|
||||
# define SWIGUNUSEDPARM(p)
|
||||
@ -2537,7 +2543,7 @@ static swig_module_info swig_module = {swig_types, 27, 0, 0, 0, 0};
|
||||
|
||||
#define SWIG_name "_misc"
|
||||
|
||||
#define SWIGVERSION 0x010335
|
||||
#define SWIGVERSION 0x010336
|
||||
#define SWIG_VERSION SWIGVERSION
|
||||
|
||||
|
||||
@ -2826,6 +2832,40 @@ bool dsdb_set_ntds_invocation_id(struct ldb_context *ldb, const char *guid)
|
||||
return samdb_set_ntds_invocation_id(ldb, &invocation_id_in);
|
||||
}
|
||||
|
||||
|
||||
uint64_t unix2nttime(time_t t)
|
||||
{
|
||||
NTTIME nt;
|
||||
unix_to_nt_time(&nt, t);
|
||||
return (uint64_t)nt;
|
||||
}
|
||||
|
||||
|
||||
#include <limits.h>
|
||||
#if !defined(SWIG_NO_LLONG_MAX)
|
||||
# if !defined(LLONG_MAX) && defined(__GNUC__) && defined (__LONG_LONG_MAX__)
|
||||
# define LLONG_MAX __LONG_LONG_MAX__
|
||||
# define LLONG_MIN (-LLONG_MAX - 1LL)
|
||||
# define ULLONG_MAX (LLONG_MAX * 2ULL + 1ULL)
|
||||
# endif
|
||||
#endif
|
||||
|
||||
|
||||
SWIGINTERNINLINE PyObject*
|
||||
SWIG_From_long_SS_long (long long value)
|
||||
{
|
||||
return ((value < LONG_MIN) || (value > LONG_MAX)) ?
|
||||
PyLong_FromLongLong(value) : PyInt_FromLong((long)(value));
|
||||
}
|
||||
|
||||
|
||||
SWIGINTERNINLINE PyObject*
|
||||
SWIG_From_unsigned_SS_long_SS_long (unsigned long long value)
|
||||
{
|
||||
return (value > LONG_MAX) ?
|
||||
PyLong_FromUnsignedLongLong(value) : PyInt_FromLong((long)(value));
|
||||
}
|
||||
|
||||
#ifdef __cplusplus
|
||||
extern "C" {
|
||||
#endif
|
||||
@ -2833,13 +2873,13 @@ SWIGINTERN PyObject *_wrap_random_password(PyObject *SWIGUNUSEDPARM(self), PyObj
|
||||
PyObject *resultobj = 0;
|
||||
TALLOC_CTX *arg1 = (TALLOC_CTX *) 0 ;
|
||||
size_t arg2 ;
|
||||
char *result = 0 ;
|
||||
size_t val2 ;
|
||||
int ecode2 = 0 ;
|
||||
PyObject * obj0 = 0 ;
|
||||
char * kwnames[] = {
|
||||
(char *) "len", NULL
|
||||
};
|
||||
char *result = 0 ;
|
||||
|
||||
arg1 = NULL;
|
||||
if (!PyArg_ParseTupleAndKeywords(args,kwargs,(char *)"O:random_password",kwnames,&obj0)) SWIG_fail;
|
||||
@ -2974,7 +3014,6 @@ SWIGINTERN PyObject *_wrap_samdb_set_domain_sid(PyObject *SWIGUNUSEDPARM(self),
|
||||
PyObject *resultobj = 0;
|
||||
struct ldb_context *arg1 = (struct ldb_context *) 0 ;
|
||||
struct dom_sid *arg2 = (struct dom_sid *) 0 ;
|
||||
bool result;
|
||||
void *argp1 = 0 ;
|
||||
int res1 = 0 ;
|
||||
void *argp2 = 0 ;
|
||||
@ -2984,6 +3023,7 @@ SWIGINTERN PyObject *_wrap_samdb_set_domain_sid(PyObject *SWIGUNUSEDPARM(self),
|
||||
char * kwnames[] = {
|
||||
(char *) "ldb",(char *) "dom_sid_in", NULL
|
||||
};
|
||||
bool result;
|
||||
|
||||
if (!PyArg_ParseTupleAndKeywords(args,kwargs,(char *)"OO:samdb_set_domain_sid",kwnames,&obj0,&obj1)) SWIG_fail;
|
||||
res1 = SWIG_ConvertPtr(obj0, &argp1,SWIGTYPE_p_ldb_context, 0 | 0 );
|
||||
@ -3012,7 +3052,6 @@ SWIGINTERN PyObject *_wrap_dsdb_attach_schema_from_ldif_file(PyObject *SWIGUNUSE
|
||||
struct ldb_context *arg1 = (struct ldb_context *) 0 ;
|
||||
char *arg2 = (char *) 0 ;
|
||||
char *arg3 = (char *) 0 ;
|
||||
WERROR result;
|
||||
void *argp1 = 0 ;
|
||||
int res1 = 0 ;
|
||||
int res2 ;
|
||||
@ -3027,6 +3066,7 @@ SWIGINTERN PyObject *_wrap_dsdb_attach_schema_from_ldif_file(PyObject *SWIGUNUSE
|
||||
char * kwnames[] = {
|
||||
(char *) "ldb",(char *) "pf",(char *) "df", NULL
|
||||
};
|
||||
WERROR result;
|
||||
|
||||
if (!PyArg_ParseTupleAndKeywords(args,kwargs,(char *)"OOO:dsdb_attach_schema_from_ldif_file",kwnames,&obj0,&obj1,&obj2)) SWIG_fail;
|
||||
res1 = SWIG_ConvertPtr(obj0, &argp1,SWIGTYPE_p_ldb_context, 0 | 0 );
|
||||
@ -3080,13 +3120,13 @@ fail:
|
||||
SWIGINTERN PyObject *_wrap_dsdb_set_global_schema(PyObject *SWIGUNUSEDPARM(self), PyObject *args, PyObject *kwargs) {
|
||||
PyObject *resultobj = 0;
|
||||
struct ldb_context *arg1 = (struct ldb_context *) 0 ;
|
||||
int result;
|
||||
void *argp1 = 0 ;
|
||||
int res1 = 0 ;
|
||||
PyObject * obj0 = 0 ;
|
||||
char * kwnames[] = {
|
||||
(char *) "ldb", NULL
|
||||
};
|
||||
int result;
|
||||
|
||||
if (!PyArg_ParseTupleAndKeywords(args,kwargs,(char *)"O:dsdb_set_global_schema",kwnames,&obj0)) SWIG_fail;
|
||||
res1 = SWIG_ConvertPtr(obj0, &argp1,SWIGTYPE_p_ldb_context, 0 | 0 );
|
||||
@ -3108,13 +3148,13 @@ fail:
|
||||
SWIGINTERN PyObject *_wrap_ldb_register_samba_handlers(PyObject *SWIGUNUSEDPARM(self), PyObject *args, PyObject *kwargs) {
|
||||
PyObject *resultobj = 0;
|
||||
struct ldb_context *arg1 = (struct ldb_context *) 0 ;
|
||||
int result;
|
||||
void *argp1 = 0 ;
|
||||
int res1 = 0 ;
|
||||
PyObject * obj0 = 0 ;
|
||||
char * kwnames[] = {
|
||||
(char *) "ldb", NULL
|
||||
};
|
||||
int result;
|
||||
|
||||
if (!PyArg_ParseTupleAndKeywords(args,kwargs,(char *)"O:ldb_register_samba_handlers",kwnames,&obj0)) SWIG_fail;
|
||||
res1 = SWIG_ConvertPtr(obj0, &argp1,SWIGTYPE_p_ldb_context, 0 | 0 );
|
||||
@ -3137,7 +3177,6 @@ SWIGINTERN PyObject *_wrap_dsdb_set_ntds_invocation_id(PyObject *SWIGUNUSEDPARM(
|
||||
PyObject *resultobj = 0;
|
||||
struct ldb_context *arg1 = (struct ldb_context *) 0 ;
|
||||
char *arg2 = (char *) 0 ;
|
||||
bool result;
|
||||
void *argp1 = 0 ;
|
||||
int res1 = 0 ;
|
||||
int res2 ;
|
||||
@ -3148,6 +3187,7 @@ SWIGINTERN PyObject *_wrap_dsdb_set_ntds_invocation_id(PyObject *SWIGUNUSEDPARM(
|
||||
char * kwnames[] = {
|
||||
(char *) "ldb",(char *) "guid", NULL
|
||||
};
|
||||
bool result;
|
||||
|
||||
if (!PyArg_ParseTupleAndKeywords(args,kwargs,(char *)"OO:dsdb_set_ntds_invocation_id",kwnames,&obj0,&obj1)) SWIG_fail;
|
||||
res1 = SWIG_ConvertPtr(obj0, &argp1,SWIGTYPE_p_ldb_context, 0 | 0 );
|
||||
@ -3178,7 +3218,6 @@ SWIGINTERN PyObject *_wrap_private_path(PyObject *SWIGUNUSEDPARM(self), PyObject
|
||||
TALLOC_CTX *arg1 = (TALLOC_CTX *) 0 ;
|
||||
struct loadparm_context *arg2 = (struct loadparm_context *) 0 ;
|
||||
char *arg3 = (char *) 0 ;
|
||||
char *result = 0 ;
|
||||
void *argp2 = 0 ;
|
||||
int res2 = 0 ;
|
||||
int res3 ;
|
||||
@ -3189,6 +3228,7 @@ SWIGINTERN PyObject *_wrap_private_path(PyObject *SWIGUNUSEDPARM(self), PyObject
|
||||
char * kwnames[] = {
|
||||
(char *) "lp_ctx",(char *) "name", NULL
|
||||
};
|
||||
char *result = 0 ;
|
||||
|
||||
arg2 = loadparm_init(NULL);
|
||||
arg1 = NULL;
|
||||
@ -3217,6 +3257,31 @@ fail:
|
||||
}
|
||||
|
||||
|
||||
SWIGINTERN PyObject *_wrap_unix2nttime(PyObject *SWIGUNUSEDPARM(self), PyObject *args, PyObject *kwargs) {
|
||||
PyObject *resultobj = 0;
|
||||
time_t arg1 ;
|
||||
unsigned long val1 ;
|
||||
int ecode1 = 0 ;
|
||||
PyObject * obj0 = 0 ;
|
||||
char * kwnames[] = {
|
||||
(char *) "t", NULL
|
||||
};
|
||||
uint64_t result;
|
||||
|
||||
if (!PyArg_ParseTupleAndKeywords(args,kwargs,(char *)"O:unix2nttime",kwnames,&obj0)) SWIG_fail;
|
||||
ecode1 = SWIG_AsVal_unsigned_SS_long(obj0, &val1);
|
||||
if (!SWIG_IsOK(ecode1)) {
|
||||
SWIG_exception_fail(SWIG_ArgError(ecode1), "in method '" "unix2nttime" "', argument " "1"" of type '" "time_t""'");
|
||||
}
|
||||
arg1 = (time_t)(val1);
|
||||
result = (uint64_t)unix2nttime(arg1);
|
||||
resultobj = SWIG_From_unsigned_SS_long_SS_long((unsigned long long)(result));
|
||||
return resultobj;
|
||||
fail:
|
||||
return NULL;
|
||||
}
|
||||
|
||||
|
||||
static PyMethodDef SwigMethods[] = {
|
||||
{ (char *)"random_password", (PyCFunction) _wrap_random_password, METH_VARARGS | METH_KEYWORDS, (char *)"\n"
|
||||
"S.random_password(len) -> string\n"
|
||||
@ -3250,6 +3315,7 @@ static PyMethodDef SwigMethods[] = {
|
||||
""},
|
||||
{ (char *)"dsdb_set_ntds_invocation_id", (PyCFunction) _wrap_dsdb_set_ntds_invocation_id, METH_VARARGS | METH_KEYWORDS, NULL},
|
||||
{ (char *)"private_path", (PyCFunction) _wrap_private_path, METH_VARARGS | METH_KEYWORDS, NULL},
|
||||
{ (char *)"unix2nttime", (PyCFunction) _wrap_unix2nttime, METH_VARARGS | METH_KEYWORDS, NULL},
|
||||
{ NULL, NULL, 0, NULL }
|
||||
};
|
||||
|
||||
|
||||
@ -27,6 +27,7 @@ import misc
|
||||
import ldb
|
||||
from samba.idmap import IDmapDB
|
||||
import pwd
|
||||
import time
|
||||
|
||||
__docformat__ = "restructuredText"
|
||||
|
||||
@ -192,3 +193,35 @@ userPassword: %s
|
||||
:param invocation_id: GUID of the invocation id.
|
||||
"""
|
||||
misc.dsdb_set_ntds_invocation_id(self, invocation_id)
|
||||
|
||||
def setexpiry(self, user, expiry_seconds, noexpiry):
|
||||
"""Set the password expiry for a user
|
||||
|
||||
:param expiry_seconds: expiry time from now in seconds
|
||||
:param noexpiry: if set, then don't expire password
|
||||
"""
|
||||
self.transaction_start();
|
||||
res = self.search(base=self.domain_dn(), scope=ldb.SCOPE_SUBTREE,
|
||||
expression=("(samAccountName=%s)" % user),
|
||||
attrs=["userAccountControl", "accountExpires"])
|
||||
assert len(res) == 1
|
||||
userAccountControl = int(res[0]["userAccountControl"][0])
|
||||
accountExpires = int(res[0]["accountExpires"][0])
|
||||
if noexpiry:
|
||||
userAccountControl = userAccountControl | 0x10000
|
||||
accountExpires = 0
|
||||
else:
|
||||
userAccountControl = userAccountControl & ~0x10000
|
||||
accountExpires = misc.unix2nttime(expiry_seconds + int(time.time()))
|
||||
|
||||
mod = """
|
||||
dn: %s
|
||||
changetype: modify
|
||||
replace: userAccountControl
|
||||
userAccountControl: %u
|
||||
replace: accountExpires
|
||||
accountExpires: %u
|
||||
""" % (res[0].dn, userAccountControl, accountExpires)
|
||||
# now change the database
|
||||
self.modify_ldif(mod)
|
||||
self.transaction_commit();
|
||||
|
||||
Reference in New Issue
Block a user