def enable(self):
try:
if self._ldap_adsi_obj.AccountDisabled == True:
self._ldap_adsi_obj.AccountDisabled = False
self._flush()
except pywintypes.com_error, excpt:
pyadutils.pass_up_com_exception(excpt)
def enable(self):
try:
if self._ldap_adsi_obj.AccountDisabled == True:
self._ldap_adsi_obj.AccountDisabled = False
self._flush()
except pywintypes.com_error, excpt:
pyadutils.pass_up_com_exception(excpt)
def disable(self):
"""Disables the user or computer"""
try:
if self._ldap_adsi_obj.AccountDisabled == False:
self._ldap_adsi_obj.AccountDisabled = True
self._flush()
except pywintypes.com_error, excpt:
pyadutils.pass_up_com_exception(excpt)
def _set_attribute(self, attribute, action, new_value):
if not hasattr(self._ldap_adsi_obj, attribute):
raise InvalidAttribute(self.dn, attribute)
else:
try:
self._ldap_adsi_obj.putEx(action, attribute, new_value)
except pywintypes.com_error, excpt:
pyadutils.pass_up_com_exception(excpt)
def disable(self):
"""Disables the user or computer"""
try:
if self._ldap_adsi_obj.AccountDisabled == False:
self._ldap_adsi_obj.AccountDisabled = True
self._flush()
except pywintypes.com_error, excpt:
pyadutils.pass_up_com_exception(excpt)
def _set_attribute(self, attribute, action, new_value):
if not hasattr(self._ldap_adsi_obj, attribute):
raise InvalidAttribute(self.dn, attribute)
else:
try:
self._ldap_adsi_obj.putEx(action, attribute, new_value)
except pywintypes.com_error, excpt:
pyadutils.pass_up_com_exception(excpt)
def move(self, new_ou_object):
"""Moves the object to a new organizationalUnit.
new_ou_object expects a ADContainer object where the current object will be moved to."""
try:
new_ou_object._ldap_adsi_obj.MoveHere(('LDAP://'+self.dn),self.prefixed_cn)
new_ou_object._flush()
except pywintypes.com_error, excpt:
pyadutils.pass_up_com_exception(excpt)
def move(self, new_ou_object):
"""Moves the object to a new organizationalUnit.
new_ou_object expects a ADContainer object where the current object will be moved to."""
try:
new_path = self.default_ldap_protocol + '://' + self.dn
new_ou_object._ldap_adsi_obj.MoveHere(new_path, self.prefixed_cn)
new_ou_object._flush()
except pywintypes.com_error, excpt:
pyadutils.pass_up_com_exception(excpt)
def rename(self, new_name, set_sAMAccountName=True):
"""Renames the current object within its current organizationalUnit.
new_name expects the new name of the object (just CN not prefixed CN or distinguishedName)."""
parent = self.get_parent_container()
if self.type == 'organizationalUnit': pcn = 'ou='
else: pcn = 'cn='
pcn += new_name
try:
if self.type in ('user','computer','group') and set_sAMAccountName:
self._ldap_adsi_obj.Put('sAMAccountName', new_name)
parent._ldap_adsi_obj.MoveHere(('LDAP://'+self.dn), pcn)
self._ldap_adsi_obj.GetInfoEx((distinguishedName, cn), 0)
self.__distinguishedName = self.get_attribute('distinguishedName',False)
except pywintypes.com_error, excpt:
pyadutils.pass_up_com_exception(excpt)
def rename(self, new_name, set_sAMAccountName=True):
"""Renames the current object within its current organizationalUnit.
new_name expects the new name of the object (just CN not prefixed CN or distinguishedName)."""
parent = self.parent_container
if self.type == 'organizationalUnit':
pcn = 'ou='
else:
pcn = 'cn='
pcn += new_name
try:
if self.type in ('user', 'computer', 'group') and set_sAMAccountName:
self._ldap_adsi_obj.Put('sAMAccountName', new_name)
new_path = self.default_ldap_protocol+'://' + self.dn
parent._ldap_adsi_obj.MoveHere(new_path, pcn)
parent._flush()
except pywintypes.com_error, excpt:
pyadutils.pass_up_com_exception(excpt)
def rename(self, new_name, set_sAMAccountName=True):
"""Renames the current object within its current organizationalUnit.
new_name expects the new name of the object (just CN not prefixed CN or distinguishedName)."""
parent = self.parent_container
if self.type == 'organizationalUnit':
pcn = 'ou='
else:
pcn = 'cn='
pcn += new_name
try:
if self.type in ('user', 'computer',
'group') and set_sAMAccountName:
self._ldap_adsi_obj.Put('sAMAccountName', new_name)
parent._ldap_adsi_obj.MoveHere(('LDAP://' + self.dn), pcn)
parent._flush()
except pywintypes.com_error, excpt:
pyadutils.pass_up_com_exception(excpt)
def __init__(self, distinguished_name=None, adsi_ldap_com_object=None, options={}):
if adsi_ldap_com_object:
self._ldap_adsi_obj = adsi_ldap_com_object
elif distinguished_name:
if 'server' in options:
self.default_ldap_server = options['server']
if 'port' in options:
self.default_ldap_port = options['port']
self.__ads_path = pyadutils.generate_ads_path(distinguished_name, 'LDAP', self.default_ldap_server, self.default_ldap_port)
try:
self._ldap_adsi_obj = self.adsi_provider.getObject('',self.__ads_path)
except pywintypes.com_error, excpt:
additional_info = {
'distinguished_name':distinguished_name,
'server':self.default_ldap_server,
'port':self.default_ldap_port
}
pyadutils.pass_up_com_exception(excpt, additional_info)
def get_attribute(self, attribute, always_return_list=True, source='LDAP'):
"""Returns the value of any allowable LDAP attribute of the specified object.
Keyword arguments:
attribute -- any schema-allowed LDAP attribute (case insensitive). The attribute does not need to be defined.
always_return_list -- if an attribute has a single value, this specifies whether to return only the
value or to return a list containing the single value. Similarly, if true, a query on an undefined
attribute will return an empty list instead of a None object. If querying an attribute known to only
contain at most one element, then it is easier to set to false. Otherwise, if querying a potentially
multi-valued attribute, it is safest to leave at default.
source -- either 'LDAP' or 'GC'
Note to experienced ADSI users:
- If an attribute is undefined, getAttribute() will return None or [] and will not choke on the attribute.
- In regards to always_return_list, True has similar behavior to getEx() whereas False is similar to Get()."""
if not hasattr(self._ldap_adsi_obj, attribute):
raise InvalidAttribute(self.dn, attribute)
else:
try:
if source == 'LDAP':
value = self._ldap_adsi_obj.GetEx(attribute)
elif source == 'GC':
self._init_global_catalog_object()
value = self._gc_adsi_obj.GetEx(attribute)
if len(value) == 1 and not always_return_list:
return value[0]
else:
return list(value)
# this just means that the attribute doesn't have a value which
# we imply means null instead of throwing an error..
except pywintypes.com_error, excpt:
if pyadutils.interpret_com_exception(
excpt)['error_constant'] == 'E_ADS_PROPERTY_NOT_FOUND':
return [] if always_return_list else None
else:
pyadutils.pass_up_com_exception(excpt,
{'attribute': attribute})
def get_attribute(self, attribute, always_return_list=True, source='LDAP'):
"""Returns the value of any allowable LDAP attribute of the specified object.
Keyword arguments:
attribute -- any schema-allowed LDAP attribute (case insensitive). The attribute does not need to be defined.
always_return_list -- if an attribute has a single value, this specifies whether to return only the
value or to return a list containing the single value. Similarly, if true, a query on an undefined
attribute will return an empty list instead of a None object. If querying an attribute known to only
contain at most one element, then it is easier to set to false. Otherwise, if querying a potentially
multi-valued attribute, it is safest to leave at default.
source -- either 'LDAP' or 'GC'
Note to experienced ADSI users:
- If an attribute is undefined, getAttribute() will return None or [] and will not choke on the attribute.
- In regards to always_return_list, True has similar behavior to getEx() whereas False is similar to Get()."""
if not hasattr(self._ldap_adsi_obj, attribute):
raise InvalidAttribute(self.dn, attribute)
else:
try:
if source == 'LDAP':
value = self._ldap_adsi_obj.GetEx(attribute)
elif source == 'GC':
self._init_global_catalog_object()
value = self._gc_adsi_obj.GetEx(attribute)
if len(value) == 1 and not always_return_list:
return value[0]
else:
return list(value)
# this just means that the attribute doesn't have a value which
# we imply means null instead of throwing an error..
except pywintypes.com_error, excpt:
if pyadutils.interpret_com_exception(excpt)['error_constant'] == 'E_ADS_PROPERTY_NOT_FOUND':
return [] if always_return_list else None
else:
pyadutils.pass_up_com_exception(excpt, {'attribute':attribute})
def __init__(self,
distinguished_name=None,
adsi_ldap_com_object=None,
options={}):
if adsi_ldap_com_object:
self._ldap_adsi_obj = adsi_ldap_com_object
elif distinguished_name:
if 'server' in options:
self.default_ldap_server = options['server']
if 'port' in options:
self.default_ldap_port = options['port']
self.__ads_path = pyadutils.generate_ads_path(
distinguished_name, 'LDAP', self.default_ldap_server,
self.default_ldap_port)
try:
self._ldap_adsi_obj = self.adsi_provider.getObject(
'', self.__ads_path)
except pywintypes.com_error, excpt:
additional_info = {
'distinguished_name': distinguished_name,
'server': self.default_ldap_server,
'port': self.default_ldap_port
}
pyadutils.pass_up_com_exception(excpt, additional_info)