diff options
author | Björn Baumbach <bb@sernet.de> | 2019-12-30 14:54:32 +0100 |
---|---|---|
committer | Stefan Metzmacher <metze@samba.org> | 2020-01-21 14:38:47 +0000 |
commit | 557fa1d44b687a552f7a1413306c229449f5eddd (patch) | |
tree | 509afde596df4b168f0ab1586d7dd515f8612107 /python | |
parent | 5b129bf12ba138ffd097443fee52709c7f82cf46 (diff) | |
download | samba-557fa1d44b687a552f7a1413306c229449f5eddd.tar.gz |
samba-tool group addmembers: add --member-base-dn option for group member search
Signed-off-by: Björn Baumbach <bb@sernet.de>
Reviewed-by: Ralph Boehme <slow@samba.org>
Diffstat (limited to 'python')
-rw-r--r-- | python/samba/netcmd/group.py | 22 | ||||
-rw-r--r-- | python/samba/samdb.py | 7 |
2 files changed, 25 insertions, 4 deletions
diff --git a/python/samba/netcmd/group.py b/python/samba/netcmd/group.py index abc72f588d0..1467ddd0f23 100644 --- a/python/samba/netcmd/group.py +++ b/python/samba/netcmd/group.py @@ -243,6 +243,10 @@ Example2 shows how to add a single user account, User2, to the supergroup AD gro "Default: user,group,computer"), default="user,group,computer", type=str), + Option("--member-base-dn", + help=("Base DN for group member search.\n" + "Default is the domain DN."), + type=str), ] takes_args = ["groupname", "listofmembers?"] @@ -254,6 +258,7 @@ Example2 shows how to add a single user account, User2, to the supergroup AD gro sambaopts=None, versionopts=None, H=None, + member_base_dn=None, member_dn=None, object_types="user,group,computer"): @@ -275,9 +280,13 @@ Example2 shows how to add a single user account, User2, to the supergroup AD gro groupmembers += listofmembers.split(',') group_member_types = object_types.split(',') + if member_base_dn is not None: + member_base_dn = samdb.normalize_dn_in_domain(member_base_dn) + samdb.add_remove_group_members(groupname, groupmembers, add_members_operation=True, - member_types=group_member_types) + member_types=group_member_types, + member_base_dn=member_base_dn) except Exception as e: # FIXME: catch more specific exception raise CommandError('Failed to add members %r to group "%s"' % ( @@ -328,6 +337,10 @@ Example2 shows how to remove a single user account, User2, from the supergroup A "Default: user,group,computer"), default="user,group,computer", type=str), + Option("--member-base-dn", + help=("Base DN for group member search.\n" + "Default is the domain DN."), + type=str), ] takes_args = ["groupname", "listofmembers?"] @@ -339,6 +352,7 @@ Example2 shows how to remove a single user account, User2, from the supergroup A sambaopts=None, versionopts=None, H=None, + member_base_dn=None, member_dn=None, object_types="user,group,computer"): @@ -360,10 +374,14 @@ Example2 shows how to remove a single user account, User2, from the supergroup A groupmembers += listofmembers.split(',') group_member_types = object_types.split(',') + if member_base_dn is not None: + member_base_dn = samdb.normalize_dn_in_domain(member_base_dn) + samdb.add_remove_group_members(groupname, groupmembers, add_members_operation=False, - member_types=group_member_types) + member_types=group_member_types, + member_base_dn=member_base_dn) except Exception as e: # FIXME: Catch more specific exception raise CommandError('Failed to remove members %r from group "%s"' % (listofmembers, groupname), e) diff --git a/python/samba/samdb.py b/python/samba/samdb.py index d0320c1d2cc..d903babb406 100644 --- a/python/samba/samdb.py +++ b/python/samba/samdb.py @@ -306,7 +306,8 @@ pwdLastSet: 0 def add_remove_group_members(self, groupname, members, add_members_operation=True, - member_types=[ 'user', 'group', 'computer' ]): + member_types=[ 'user', 'group', 'computer' ], + member_base_dn=None): """Adds or removes group members :param groupname: Name of the target group @@ -335,6 +336,8 @@ changetype: modify for member in members: targetmember_dn = None + if member_base_dn is None: + member_base_dn = self.domain_dn() try: membersid = security.dom_sid(member) @@ -355,7 +358,7 @@ changetype: modify if targetmember_dn is None: filter = self.group_member_filter(member, member_types) - targetmember = self.search(base=self.domain_dn(), + targetmember = self.search(base=member_base_dn, scope=ldb.SCOPE_SUBTREE, expression=filter, attrs=[]) |