5 # Copyright Jelmer Vernooij 2010 <jelmer@samba.org>
6 # Copyright Theresa Halloran 2011 <theresahalloran@gmail.com>
8 # This program is free software; you can redistribute it and/or modify
9 # it under the terms of the GNU General Public License as published by
10 # the Free Software Foundation; either version 3 of the License, or
11 # (at your option) any later version.
13 # This program is distributed in the hope that it will be useful,
14 # but WITHOUT ANY WARRANTY; without even the implied warranty of
15 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
16 # GNU General Public License for more details.
18 # You should have received a copy of the GNU General Public License
19 # along with this program. If not, see <http://www.gnu.org/licenses/>.
22 import samba
.getopt
as options
23 from samba
import dsdb
, ldb
24 from samba
.auth
import system_session
25 from samba
.netcmd
import Command
, CommandError
, Option
26 from samba
.samdb
import SamDB
29 class cmd_user_move(Command
):
30 """Move a user to an organizational unit/container.
32 This command moves a user account into the specified organizational unit
34 The username specified on the command is the sAMAccountName.
35 The name of the organizational unit or container can be specified as a
36 full DN or without the domainDN component.
38 The command may be run from the root userid or another authorized userid.
40 The -H or --URL= option can be used to execute the command against a remote
44 samba-tool user move User1 'OU=OrgUnit,DC=samdom,DC=example,DC=com' \\
45 -H ldap://samba.samdom.example.com -U administrator
47 Example1 shows how to move a user User1 into the 'OrgUnit' organizational
48 unit on a remote LDAP server.
50 The -H parameter is used to specify the remote target server.
53 samba-tool user move User1 CN=Users
55 Example2 shows how to move a user User1 back into the CN=Users container
59 synopsis
= "%prog <username> <new_parent_dn> [options]"
62 Option("-H", "--URL", help="LDB URL for database or target server",
63 type=str, metavar
="URL", dest
="H"),
66 takes_args
= ["username", "new_parent_dn"]
67 takes_optiongroups
= {
68 "sambaopts": options
.SambaOptions
,
69 "credopts": options
.CredentialsOptions
,
70 "versionopts": options
.VersionOptions
,
73 def run(self
, username
, new_parent_dn
, credopts
=None, sambaopts
=None,
74 versionopts
=None, H
=None):
75 lp
= sambaopts
.get_loadparm()
76 creds
= credopts
.get_credentials(lp
, fallback_machine
=True)
77 samdb
= SamDB(url
=H
, session_info
=system_session(),
78 credentials
=creds
, lp
=lp
)
79 domain_dn
= ldb
.Dn(samdb
, samdb
.domain_dn())
81 filter = ("(&(sAMAccountType=%d)(sAMAccountName=%s))" %
82 (dsdb
.ATYPE_NORMAL_ACCOUNT
, ldb
.binary_encode(username
)))
84 res
= samdb
.search(base
=domain_dn
,
86 scope
=ldb
.SCOPE_SUBTREE
)
89 raise CommandError('Unable to find user "%s"' % (username
))
92 full_new_parent_dn
= samdb
.normalize_dn_in_domain(new_parent_dn
)
93 except Exception as e
:
94 raise CommandError('Invalid new_parent_dn "%s": %s' %
97 full_new_user_dn
= ldb
.Dn(samdb
, str(user_dn
))
98 full_new_user_dn
.remove_base_components(len(user_dn
) - 1)
99 full_new_user_dn
.add_base(full_new_parent_dn
)
102 samdb
.rename(user_dn
, full_new_user_dn
)
103 except Exception as e
:
104 raise CommandError('Failed to move user "%s"' % username
, e
)
105 self
.outf
.write('Moved user "%s" into "%s"\n' %
106 (username
, full_new_parent_dn
))