1
0
mirror of https://github.com/samba-team/samba.git synced 2024-12-24 21:34:56 +03:00

python/samdb: add more object types for adding/remove group members

The filters are based on the MS Windows filter, which are used by the
basic group member management dialog.

Signed-off-by: Björn Baumbach <bb@sernet.de>
Reviewed-by: Ralph Boehme <slow@samba.org>
This commit is contained in:
Björn Baumbach 2019-08-09 16:26:58 +02:00 committed by Stefan Metzmacher
parent 662b7458ae
commit e3099ac407

View File

@ -260,6 +260,27 @@ pwdLastSet: 0
if 'group' in member_types:
filter += ('(&(sAMAccountName=%s)(objectclass=group))' %
ldb.binary_encode(member))
if 'computer' in member_types:
samaccountname = member
if member[-1] != '$':
samaccountname = "%s$" % member
filter += ('(&(samAccountType=%d)'
'(!(objectCategory=msDS-ManagedServiceAccount))'
'(sAMAccountName=%s))' %
(dsdb.ATYPE_WORKSTATION_TRUST,
ldb.binary_encode(samaccountname)))
if 'serviceaccount' in member_types:
samaccountname = member
if member[-1] != '$':
samaccountname = "%s$" % member
filter += ('(&(samAccountType=%d)'
'(objectCategory=msDS-ManagedServiceAccount)'
'(sAMAccountName=%s))' %
(dsdb.ATYPE_WORKSTATION_TRUST,
ldb.binary_encode(samaccountname)))
if 'contact' in member_types:
filter += ('(&(objectCategory=Person)(!(objectSid=*))(name=%s))' %
ldb.binary_encode(member))
filter = "(|%s)" % filter