def newuser(self, username, unixname, password, force_password_change_at_next_login_req=False): """Adds a new user Note: This call adds also the ID mapping for winbind; therefore it works *only* on SAMBA 4. :param username: Name of the new user :param unixname: Name of the unix user to map to :param password: Password for the new user :param force_password_change_at_next_login_req: Force password change """ self.transaction_start() try: user_dn = "CN=%s,CN=Users,%s" % (username, self.domain_dn()) # The new user record. Note the reliance on the SAMLDB module which # fills in the default informations self.add({ "dn": user_dn, "sAMAccountName": username, "objectClass": "user" }) # Sets the password for it self.setpassword("(dn=" + user_dn + ")", password, force_password_change_at_next_login_req) # Gets the user SID (for the account mapping setup) res = self.search(user_dn, scope=ldb.SCOPE_BASE, expression="objectclass=*", attrs=["objectSid"]) assert len(res) == 1 user_sid = self.schema_format_value("objectSid", res[0]["objectSid"][0]) try: idmap = IDmapDB(lp=self.lp) user = pwd.getpwnam(unixname) # setup ID mapping for this UID idmap.setup_name_mapping(user_sid, idmap.TYPE_UID, user[2]) except KeyError: pass except: self.transaction_cancel() raise self.transaction_commit()
def newuser(self, username, unixname, password): """add a new user record. :param username: Name of the new user. :param unixname: Name of the unix user to map to. :param password: Password for the new user """ # connect to the sam self.transaction_start() try: domain_dn = self.domain_dn() assert(domain_dn is not None) user_dn = "CN=%s,CN=Users,%s" % (username, domain_dn) # # the new user record. note the reliance on the samdb module to # fill in a sid, guid etc # # now the real work self.add({"dn": user_dn, "sAMAccountName": username, "userPassword": password, "objectClass": "user"}) res = self.search(user_dn, scope=ldb.SCOPE_BASE, expression="objectclass=*", attrs=["objectSid"]) assert len(res) == 1 user_sid = self.schema_format_value("objectSid", res[0]["objectSid"][0]) try: idmap = IDmapDB(lp=self.lp) user = pwd.getpwnam(unixname) # setup ID mapping for this UID idmap.setup_name_mapping(user_sid, idmap.TYPE_UID, user[2]) except KeyError: pass # modify the userAccountControl to remove the disabled bit self.enable_account(user_dn) except: self.transaction_cancel() raise self.transaction_commit()
def newuser(self, username, unixname, password, force_password_change_at_next_login_req=False): """Adds a new user Note: This call adds also the ID mapping for winbind; therefore it works *only* on SAMBA 4. :param username: Name of the new user :param unixname: Name of the unix user to map to :param password: Password for the new user :param force_password_change_at_next_login_req: Force password change """ self.transaction_start() try: user_dn = "CN=%s,CN=Users,%s" % (username, self.domain_dn()) # The new user record. Note the reliance on the SAMLDB module which # fills in the default informations self.add({"dn": user_dn, "sAMAccountName": username, "objectClass": "user"}) # Sets the password for it self.setpassword("(dn=" + user_dn + ")", password, force_password_change_at_next_login_req) # Gets the user SID (for the account mapping setup) res = self.search(user_dn, scope=ldb.SCOPE_BASE, expression="objectclass=*", attrs=["objectSid"]) assert len(res) == 1 user_sid = self.schema_format_value("objectSid", res[0]["objectSid"][0]) try: idmap = IDmapDB(lp=self.lp) user = pwd.getpwnam(unixname) # setup ID mapping for this UID idmap.setup_name_mapping(user_sid, idmap.TYPE_UID, user[2]) except KeyError: pass except: self.transaction_cancel() raise self.transaction_commit()