def get_user_dn(ldb, basedn, username):
if not isinstance(ldb, Ldb):
raise TypeError("'ldb' argument must be an Ldb intance")
ldb_filter = "(&(objectClass=user)(sAMAccountName=%s))" % username
res = ldb.search(base=basedn, scope=SCOPE_SUBTREE, expression=ldb_filter, attrs=["*"])
user_dn = None
if len(res) == 1:
user_dn = res[0].dn.get_linearized()
return user_dn
def get_user_dn(ldb, basedn, username):
if not isinstance(ldb, Ldb):
raise TypeError("'ldb' argument must be an Ldb intance")
ldb_filter = "(&(objectClass=user)(sAMAccountName=%s))" % username
res = ldb.search(base=basedn, scope=SCOPE_SUBTREE, expression=ldb_filter, attrs=["*"])
user_dn = None
if len(res) == 1:
user_dn = res[0].dn.get_linearized()
return user_dn
def run(self, acl, file, quiet=False,xattr_backend=None,eadb_file=None,
credopts=None, sambaopts=None, versionopts=None):
lp = sambaopts.get_loadparm()
creds = credopts.get_credentials(lp)
path = os.path.join(lp.get("private dir"), lp.get("sam database") or "samdb.ldb")
creds = credopts.get_credentials(lp)
creds.set_kerberos_state(DONT_USE_KERBEROS)
try:
ldb = Ldb(path, session_info=system_session(), credentials=creds,lp=lp)
except:
print "Unable to read domain SID from configuration files"
sys.exit(1)
attrs = ["objectSid"]
print lp.get("realm")
res = ldb.search(expression="(objectClass=*)",base="DC=%s"%lp.get("realm").lower().replace(".",",DC="), scope=SCOPE_BASE, attrs=attrs)
if len(res) !=0:
domainsid = ndr_unpack( security.dom_sid,res[0]["objectSid"][0])
setntacl(lp,file,acl,str(domainsid),xattr_backend,eadb_file)
else:
print "Unable to read domain SID from configuration files"
sys.exit(1)