diff options
| author | Björn Baumbach <bb@sernet.de> | 2019-12-17 16:26:23 +0100 |
|---|---|---|
| committer | Stefan Metzmacher <metze@samba.org> | 2020-01-21 14:38:46 +0000 |
| commit | aedcf6a52748d0858aab7d1b3e0253592e963706 (patch) | |
| tree | 24a28cb89a974b22f1b5baa232847b15ba7e995d /python/samba/samdb.py | |
| parent | f2e2579926e0bfcd8b150c33cd4784391426c5e6 (diff) | |
| download | samba-aedcf6a52748d0858aab7d1b3e0253592e963706.tar.gz | |
samba-tool group addmembers: add --member-dn option
The --member-dn option allows to specify an object by it's DN.
This is required to select a specific object if there are more than one
with the same name. Multiple contacts can exist with the same name in
different OUs.
Signed-off-by: Björn Baumbach <bb@sernet.de>
Reviewed-by: Ralph Boehme <slow@samba.org>
Diffstat (limited to 'python/samba/samdb.py')
| -rw-r--r-- | python/samba/samdb.py | 59 |
1 files changed, 33 insertions, 26 deletions
diff --git a/python/samba/samdb.py b/python/samba/samdb.py index af3a7ddf96a..d0320c1d2cc 100644 --- a/python/samba/samdb.py +++ b/python/samba/samdb.py @@ -334,35 +334,42 @@ changetype: modify """ % (str(targetgroup[0].dn)) for member in members: - filter = self.group_member_filter(member, member_types) - foreign_msg = None + targetmember_dn = None + try: membersid = security.dom_sid(member) + targetmember_dn = "<SID=%s>" % str(membersid) except TypeError as e: - membersid = None - - if membersid is not None: - filter = '(objectSid=%s)' % str(membersid) - dn_str = "<SID=%s>" % str(membersid) - foreign_msg = ldb.Message() - foreign_msg.dn = ldb.Dn(self, dn_str) - - targetmember = self.search(base=self.domain_dn(), - scope=ldb.SCOPE_SUBTREE, - expression="%s" % filter, - attrs=[]) - - if len(targetmember) > 1: - memberlist_str = "" - for msg in targetmember: - memberlist_str += "%s\n" % msg.get("dn") - raise Exception('Found multiple results for "%s":\n%s' % - (member, memberlist_str)) - if len(targetmember) == 0 and foreign_msg is not None: - targetmember = [foreign_msg] - if len(targetmember) != 1: - raise Exception('Unable to find "%s". Operation cancelled.' % member) - targetmember_dn = targetmember[0].dn.extended_str(1) + pass + + if targetmember_dn is None: + try: + member_dn = ldb.Dn(self, member) + if member_dn.get_linearized() == member_dn.extended_str(1): + full_member_dn = self.normalize_dn_in_domain(member_dn) + else: + full_member_dn = member_dn + targetmember_dn = full_member_dn.extended_str(1) + except ValueError as e: + pass + + if targetmember_dn is None: + filter = self.group_member_filter(member, member_types) + targetmember = self.search(base=self.domain_dn(), + scope=ldb.SCOPE_SUBTREE, + expression=filter, + attrs=[]) + + if len(targetmember) > 1: + targetmemberlist_str = "" + for msg in targetmember: + targetmemberlist_str += "%s\n" % msg.get("dn") + raise Exception('Found multiple results for "%s":\n%s' % + (member, targetmemberlist_str)) + if len(targetmember) != 1: + raise Exception('Unable to find "%s". Operation cancelled.' % member) + targetmember_dn = targetmember[0].dn.extended_str(1) + if add_members_operation is True and (targetgroup[0].get('member') is None or get_bytes(targetmember_dn) not in [str(x) for x in targetgroup[0]['member']]): modified = True addtargettogroup += """add: member |