5 # Copyright Jelmer Vernooij 2010 <jelmer@samba.org>
6 # Copyright Theresa Halloran 2011 <theresahalloran@gmail.com>
8 # This program is free software; you can redistribute it and/or modify
9 # it under the terms of the GNU General Public License as published by
10 # the Free Software Foundation; either version 3 of the License, or
11 # (at your option) any later version.
13 # This program is distributed in the hope that it will be useful,
14 # but WITHOUT ANY WARRANTY; without even the implied warranty of
15 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
16 # GNU General Public License for more details.
18 # You should have received a copy of the GNU General Public License
19 # along with this program. If not, see <http://www.gnu.org/licenses/>.
22 import samba
.getopt
as options
23 from samba
import dsdb
, ldb
24 from samba
.auth
import system_session
25 from samba
.netcmd
import Command
, Option
26 from samba
.samdb
import SamDB
29 class cmd_user_list(Command
):
32 synopsis
= "%prog [options]"
35 Option("-H", "--URL", help="LDB URL for database or target server", type=str,
36 metavar
="URL", dest
="H"),
37 Option("--hide-expired",
38 help="Do not list expired user accounts",
41 Option("--hide-disabled",
44 help="Do not list disabled user accounts"),
45 Option("-b", "--base-dn",
46 help="Specify base DN to use",
48 Option("--full-dn", dest
="full_dn",
51 help="Display DN instead of the sAMAccountName.")
54 takes_optiongroups
= {
55 "sambaopts": options
.SambaOptions
,
56 "credopts": options
.CredentialsOptions
,
57 "versionopts": options
.VersionOptions
,
69 lp
= sambaopts
.get_loadparm()
70 creds
= credopts
.get_credentials(lp
, fallback_machine
=True)
72 samdb
= SamDB(url
=H
, session_info
=system_session(),
73 credentials
=creds
, lp
=lp
)
75 search_dn
= samdb
.domain_dn()
77 search_dn
= samdb
.normalize_dn_in_domain(base_dn
)
80 if hide_expired
is True:
81 current_nttime
= samdb
.get_nttime()
82 filter_expires
= "(|(accountExpires=0)(accountExpires>=%u))" % (
86 if hide_disabled
is True:
87 filter_disabled
= "(!(userAccountControl:%s:=%u))" % (
88 ldb
.OID_COMPARATOR_AND
, dsdb
.UF_ACCOUNTDISABLE
)
90 filter = "(&(objectClass=user)(userAccountControl:%s:=%u)%s%s)" % (
91 ldb
.OID_COMPARATOR_AND
,
92 dsdb
.UF_NORMAL_ACCOUNT
,
96 res
= samdb
.search(search_dn
,
97 scope
=ldb
.SCOPE_SUBTREE
,
99 attrs
=["samaccountname"])
105 self
.outf
.write("%s\n" % msg
.get("dn"))
108 self
.outf
.write("%s\n" % msg
.get("samaccountname", idx
=0))