diff options
author | Björn Baumbach <bb@sernet.de> | 2017-11-27 20:40:49 +0100 |
---|---|---|
committer | Andrew Bartlett <abartlet@samba.org> | 2018-02-08 04:58:10 +0100 |
commit | 62a8eecfbbb4b5fb9f37e454e444751ccf16f82f (patch) | |
tree | 77fc011e63a6d6973a83853df3ea7ed7363e4e0f /python | |
parent | 4c1101d0335aba4fcede42e84b5058adc854c54a (diff) | |
download | samba-62a8eecfbbb4b5fb9f37e454e444751ccf16f82f.tar.gz |
samba-tool user: implement the user move command
This new command allows to move an user into an ou or container.
Signed-off-by: Björn Baumbach <bb@sernet.de>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Diffstat (limited to 'python')
-rw-r--r-- | python/samba/netcmd/user.py | 80 |
1 files changed, 80 insertions, 0 deletions
diff --git a/python/samba/netcmd/user.py b/python/samba/netcmd/user.py index 7c30c6ed038..478e263a9bd 100644 --- a/python/samba/netcmd/user.py +++ b/python/samba/netcmd/user.py @@ -2497,6 +2497,85 @@ Example3 shows how to display a users objectSid and memberOf attributes. user_ldif = samdb.write_ldif(msg, ldb.CHANGETYPE_NONE) self.outf.write(user_ldif) +class cmd_user_move(Command): + """Move a user to an organizational unit/container. + + This command moves a user account into the specified organizational unit + or container. + The username specified on the command is the sAMAccountName. + The name of the organizational unit or container can be specified as a + full DN or without the domainDN component. + + The command may be run from the root userid or another authorized userid. + + The -H or --URL= option can be used to execute the command against a remote + server. + + Example1: + samba-tool user move User1 'OU=OrgUnit,DC=samdom.DC=example,DC=com' \ + -H ldap://samba.samdom.example.com -U administrator + + Example1 shows how to move a user User1 into the 'OrgUnit' organizational + unit on a remote LDAP server. + + The -H parameter is used to specify the remote target server. + + Example2: + samba-tool user move User1 CN=Users + + Example2 shows how to move a user User1 back into the CN=Users container + on the local server. + """ + + synopsis = "%prog <username> <new_parent_dn> [options]" + + takes_options = [ + Option("-H", "--URL", help="LDB URL for database or target server", + type=str, metavar="URL", dest="H"), + ] + + takes_args = [ "username", "new_parent_dn" ] + takes_optiongroups = { + "sambaopts": options.SambaOptions, + "credopts": options.CredentialsOptions, + "versionopts": options.VersionOptions, + } + + def run(self, username, new_parent_dn, credopts=None, sambaopts=None, + versionopts=None, H=None): + lp = sambaopts.get_loadparm() + creds = credopts.get_credentials(lp, fallback_machine=True) + samdb = SamDB(url=H, session_info=system_session(), + credentials=creds, lp=lp) + domain_dn = ldb.Dn(samdb, samdb.domain_dn()) + + filter = ("(&(sAMAccountType=%d)(sAMAccountName=%s))" % + (dsdb.ATYPE_NORMAL_ACCOUNT, ldb.binary_encode(username))) + try: + res = samdb.search(base=domain_dn, + expression=filter, + scope=ldb.SCOPE_SUBTREE) + user_dn = res[0].dn + except IndexError: + raise CommandError('Unable to find user "%s"' % (username)) + + try: + full_new_parent_dn = samdb.normalize_dn_in_domain(new_parent_dn) + except Exception, e: + raise CommandError('Invalid new_parent_dn "%s": %s' % + (new_parent_dn, e.message)) + + full_new_user_dn = ldb.Dn(samdb, str(user_dn)) + full_new_user_dn.remove_base_components(len(user_dn)-1) + full_new_user_dn.add_base(full_new_parent_dn) + + try: + samdb.rename(user_dn, full_new_user_dn) + except Exception, e: + raise CommandError('Failed to move user "%s"' % username, e) + self.outf.write('Moved user "%s" into "%s"\n' % + (username, full_new_parent_dn)) + class cmd_user(SuperCommand): """User management.""" @@ -2514,3 +2593,4 @@ class cmd_user(SuperCommand): subcommands["syncpasswords"] = cmd_user_syncpasswords() subcommands["edit"] = cmd_user_edit() subcommands["show"] = cmd_user_show() + subcommands["move"] = cmd_user_move() |