def setUp(self): self.ds_handle = None try: # saving the handle means the other test itself should bind faster. self.ds_handle = win32security.DsBind() except win32security.error as exc: if exc.winerror != winerror.ERROR_NO_SUCH_DOMAIN: raise raise TestSkipped(exc)
def testDsListServerInfo(self): # again, not checking much, just exercising the code. h = win32security.DsBind() for (status, ignore, site) in win32security.DsListSites(h): for (status, ignore, server) in win32security.DsListServersInSite(h, site): info = win32security.DsListInfoForServer(h, server) for (status, ignore, domain) in win32security.DsListDomainsInSite(h, site): pass
def SpnRegister( serviceAcctDN, # DN of the service's logon account spns, # List of SPNs to register operation, # Add, replace, or delete SPNs ): assert type(spns) not in [str, str] and hasattr(spns, "__iter__"), ( "spns must be a sequence of strings (got %r)" % spns) # Bind to a domain controller. # Get the domain for the current user. samName = win32api.GetUserNameEx(win32api.NameSamCompatible) samName = samName.split("\\", 1)[0] if not serviceAcctDN: # Get the SAM account name of the computer object for the server. serviceAcctDN = win32api.GetComputerObjectName( win32con.NameFullyQualifiedDN) logger.debug("SpnRegister using DN '%s'", serviceAcctDN) # Get the name of a domain controller in that domain. info = win32security.DsGetDcName( domainName=samName, flags=dscon.DS_IS_FLAT_NAME | dscon.DS_RETURN_DNS_NAME | dscon.DS_DIRECTORY_SERVICE_REQUIRED, ) # Bind to the domain controller. handle = win32security.DsBind(info["DomainControllerName"]) # Write the SPNs to the service account or computer account. logger.debug("DsWriteAccountSpn with spns %s") win32security.DsWriteAccountSpn( handle, # handle to the directory operation, # Add or remove SPN from account's existing SPNs serviceAcctDN, # DN of service account or computer account spns, ) # names # Unbind the DS in any case (but Python would do it anyway) handle.Close()
def testDsCrackNames(self): h = win32security.DsBind() fmt_offered = ntsecuritycon.DS_FQDN_1779_NAME name = win32api.GetUserNameEx(fmt_offered) result = win32security.DsCrackNames(h, 0, fmt_offered, fmt_offered, (name,)) self.failUnlessEqual(name, result[0][2])