mirror of
https://github.com/samba-team/samba.git
synced 2024-12-24 21:34:56 +03:00
samba-tool: implement user show command to display a user AD object
This command displays a user account and it's attributes in the Active Directory domain. The username specified on the command is the sAMAccountName. Signed-off-by: Björn Baumbach <bb@sernet.de> Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
This commit is contained in:
parent
dbd29a0194
commit
dc0fa33c68
@ -2419,6 +2419,84 @@ LDAP server using the 'nano' editor.
|
||||
|
||||
self.outf.write("Modified User '%s' successfully\n" % username)
|
||||
|
||||
class cmd_user_show(Command):
|
||||
"""Display a user AD object.
|
||||
|
||||
This command displays a user account and it's attributes in the Active
|
||||
Directory domain.
|
||||
The username specified on the command is the sAMAccountName.
|
||||
|
||||
The command may be run from the root userid or another authorized userid.
|
||||
|
||||
The -H or --URL= option can be used to execute the command against a remote
|
||||
server.
|
||||
|
||||
Example1:
|
||||
samba-tool user show User1 -H ldap://samba.samdom.example.com \
|
||||
-U administrator --password=passw1rd
|
||||
|
||||
Example1 shows how to display a users attributes in the domain against a remote
|
||||
LDAP server.
|
||||
|
||||
The -H parameter is used to specify the remote target server.
|
||||
|
||||
Example2:
|
||||
samba-tool user show User2
|
||||
|
||||
Example2 shows how to display a users attributes in the domain against a local
|
||||
LDAP server.
|
||||
|
||||
Example3:
|
||||
samba-tool user show User2 --attributes=objectSid,memberOf
|
||||
|
||||
Example3 shows how to display a users objectSid and memberOf attributes.
|
||||
"""
|
||||
synopsis = "%prog <username> [options]"
|
||||
|
||||
takes_options = [
|
||||
Option("-H", "--URL", help="LDB URL for database or target server",
|
||||
type=str, metavar="URL", dest="H"),
|
||||
Option("--attributes",
|
||||
help=("Comma separated list of attributes, "
|
||||
"which will be printed."),
|
||||
type=str, dest="user_attrs"),
|
||||
]
|
||||
|
||||
takes_args = ["username"]
|
||||
takes_optiongroups = {
|
||||
"sambaopts": options.SambaOptions,
|
||||
"credopts": options.CredentialsOptions,
|
||||
"versionopts": options.VersionOptions,
|
||||
}
|
||||
|
||||
def run(self, username, credopts=None, sambaopts=None, versionopts=None,
|
||||
H=None, user_attrs=None):
|
||||
|
||||
lp = sambaopts.get_loadparm()
|
||||
creds = credopts.get_credentials(lp, fallback_machine=True)
|
||||
samdb = SamDB(url=H, session_info=system_session(),
|
||||
credentials=creds, lp=lp)
|
||||
|
||||
attrs = None
|
||||
if user_attrs:
|
||||
attrs = user_attrs.split(",")
|
||||
|
||||
filter = ("(&(sAMAccountType=%d)(sAMAccountName=%s))" %
|
||||
(dsdb.ATYPE_NORMAL_ACCOUNT, ldb.binary_encode(username)))
|
||||
|
||||
domaindn = samdb.domain_dn()
|
||||
|
||||
try:
|
||||
res = samdb.search(base=domaindn, expression=filter,
|
||||
scope=ldb.SCOPE_SUBTREE, attrs=attrs)
|
||||
user_dn = res[0].dn
|
||||
except IndexError:
|
||||
raise CommandError('Unable to find user "%s"' % (username))
|
||||
|
||||
for msg in res:
|
||||
user_ldif = samdb.write_ldif(msg, ldb.CHANGETYPE_NONE)
|
||||
self.outf.write(user_ldif)
|
||||
|
||||
class cmd_user(SuperCommand):
|
||||
"""User management."""
|
||||
|
||||
@ -2435,3 +2513,4 @@ class cmd_user(SuperCommand):
|
||||
subcommands["getpassword"] = cmd_user_getpassword()
|
||||
subcommands["syncpasswords"] = cmd_user_syncpasswords()
|
||||
subcommands["edit"] = cmd_user_edit()
|
||||
subcommands["show"] = cmd_user_show()
|
||||
|
Loading…
Reference in New Issue
Block a user