1
0
mirror of https://github.com/samba-team/samba.git synced 2024-12-24 21:34:56 +03:00

samba-tool: implement user show command to display a user AD object

This command displays a user account and it's attributes in the
Active Directory domain.
The username specified on the command is the sAMAccountName.

Signed-off-by: Björn Baumbach <bb@sernet.de>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
This commit is contained in:
Björn Baumbach 2018-01-25 10:49:17 +01:00 committed by Andrew Bartlett
parent dbd29a0194
commit dc0fa33c68

View File

@ -2419,6 +2419,84 @@ LDAP server using the 'nano' editor.
self.outf.write("Modified User '%s' successfully\n" % username)
class cmd_user_show(Command):
"""Display a user AD object.
This command displays a user account and it's attributes in the Active
Directory domain.
The username specified on the command is the sAMAccountName.
The command may be run from the root userid or another authorized userid.
The -H or --URL= option can be used to execute the command against a remote
server.
Example1:
samba-tool user show User1 -H ldap://samba.samdom.example.com \
-U administrator --password=passw1rd
Example1 shows how to display a users attributes in the domain against a remote
LDAP server.
The -H parameter is used to specify the remote target server.
Example2:
samba-tool user show User2
Example2 shows how to display a users attributes in the domain against a local
LDAP server.
Example3:
samba-tool user show User2 --attributes=objectSid,memberOf
Example3 shows how to display a users objectSid and memberOf attributes.
"""
synopsis = "%prog <username> [options]"
takes_options = [
Option("-H", "--URL", help="LDB URL for database or target server",
type=str, metavar="URL", dest="H"),
Option("--attributes",
help=("Comma separated list of attributes, "
"which will be printed."),
type=str, dest="user_attrs"),
]
takes_args = ["username"]
takes_optiongroups = {
"sambaopts": options.SambaOptions,
"credopts": options.CredentialsOptions,
"versionopts": options.VersionOptions,
}
def run(self, username, credopts=None, sambaopts=None, versionopts=None,
H=None, user_attrs=None):
lp = sambaopts.get_loadparm()
creds = credopts.get_credentials(lp, fallback_machine=True)
samdb = SamDB(url=H, session_info=system_session(),
credentials=creds, lp=lp)
attrs = None
if user_attrs:
attrs = user_attrs.split(",")
filter = ("(&(sAMAccountType=%d)(sAMAccountName=%s))" %
(dsdb.ATYPE_NORMAL_ACCOUNT, ldb.binary_encode(username)))
domaindn = samdb.domain_dn()
try:
res = samdb.search(base=domaindn, expression=filter,
scope=ldb.SCOPE_SUBTREE, attrs=attrs)
user_dn = res[0].dn
except IndexError:
raise CommandError('Unable to find user "%s"' % (username))
for msg in res:
user_ldif = samdb.write_ldif(msg, ldb.CHANGETYPE_NONE)
self.outf.write(user_ldif)
class cmd_user(SuperCommand):
"""User management."""
@ -2435,3 +2513,4 @@ class cmd_user(SuperCommand):
subcommands["getpassword"] = cmd_user_getpassword()
subcommands["syncpasswords"] = cmd_user_syncpasswords()
subcommands["edit"] = cmd_user_edit()
subcommands["show"] = cmd_user_show()