3 # Adds a new user to a Samba4 server
4 # Copyright Jelmer Vernooij 2008
6 # Based on the original in EJS:
7 # Copyright Andrew Tridgell 2005
8 # Copyright Giampaolo Lauria 2011 <lauria2@yahoo.com>
10 # This program is free software; you can redistribute it and/or modify
11 # it under the terms of the GNU General Public License as published by
12 # the Free Software Foundation; either version 3 of the License, or
13 # (at your option) any later version.
15 # This program is distributed in the hope that it will be useful,
16 # but WITHOUT ANY WARRANTY; without even the implied warranty of
17 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
18 # GNU General Public License for more details.
20 # You should have received a copy of the GNU General Public License
21 # along with this program. If not, see <http://www.gnu.org/licenses/>.
23 import samba
.getopt
as options
24 from samba
.netcmd
import Command
, SuperCommand
, CommandError
, Option
27 from getpass
import getpass
28 from samba
.auth
import system_session
29 from samba
.samdb
import SamDB
30 from samba
.dsdb
import (
31 GTYPE_SECURITY_DOMAIN_LOCAL_GROUP
,
32 GTYPE_SECURITY_GLOBAL_GROUP
,
33 GTYPE_SECURITY_UNIVERSAL_GROUP
,
34 GTYPE_DISTRIBUTION_DOMAIN_LOCAL_GROUP
,
35 GTYPE_DISTRIBUTION_GLOBAL_GROUP
,
36 GTYPE_DISTRIBUTION_UNIVERSAL_GROUP
,
39 security_group
= dict({"Domain": GTYPE_SECURITY_DOMAIN_LOCAL_GROUP
, "Global": GTYPE_SECURITY_GLOBAL_GROUP
, "Universal": GTYPE_SECURITY_UNIVERSAL_GROUP
})
40 distribution_group
= dict({"Domain": GTYPE_DISTRIBUTION_DOMAIN_LOCAL_GROUP
, "Global": GTYPE_DISTRIBUTION_GLOBAL_GROUP
, "Universal": GTYPE_DISTRIBUTION_UNIVERSAL_GROUP
})
43 class cmd_group_add(Command
):
44 """Creates a new group"""
46 synopsis
= "%prog <groupname> [options]"
49 Option("-H", "--URL", help="LDB URL for database or target server", type=str,
50 metavar
="URL", dest
="H"),
52 help="Alternative location (without domainDN counterpart) to default CN=Users in which new user object will be created",
54 Option("--group-scope", type="choice", choices
=["Domain", "Global", "Universal"],
55 help="Group scope (Domain | Global | Universal)"),
56 Option("--group-type", type="choice", choices
=["Security", "Distribution"],
57 help="Group type (Security | Distribution)"),
58 Option("--description", help="Group's description", type=str),
59 Option("--mail-address", help="Group's email address", type=str),
60 Option("--notes", help="Groups's notes", type=str),
63 takes_args
= ["groupname"]
65 def run(self
, groupname
, credopts
=None, sambaopts
=None,
66 versionopts
=None, H
=None, groupou
=None, group_scope
=None,
67 group_type
=None, description
=None, mail_address
=None, notes
=None):
69 if (group_type
or "Security") == "Security":
70 gtype
= security_group
.get(group_scope
, GTYPE_SECURITY_GLOBAL_GROUP
)
72 gtype
= distribution_group
.get(group_scope
, GTYPE_DISTRIBUTION_GLOBAL_GROUP
)
74 lp
= sambaopts
.get_loadparm()
75 creds
= credopts
.get_credentials(lp
, fallback_machine
=True)
78 samdb
= SamDB(url
=H
, session_info
=system_session(),
79 credentials
=creds
, lp
=lp
)
80 samdb
.newgroup(groupname
, groupou
=groupou
, grouptype
= gtype
,
81 description
=description
, mailaddress
=mail_address
, notes
=notes
)
83 # FIXME: catch more specific exception
84 raise CommandError('Failed to create group "%s"' % groupname
, e
)
85 self
.outf
.write("Added group %s\n" % groupname
)
88 class cmd_group_delete(Command
):
91 synopsis
= "%prog <groupname> [options]"
94 Option("-H", "--URL", help="LDB URL for database or target server", type=str,
95 metavar
="URL", dest
="H"),
98 takes_args
= ["groupname"]
100 def run(self
, groupname
, credopts
=None, sambaopts
=None, versionopts
=None, H
=None):
102 lp
= sambaopts
.get_loadparm()
103 creds
= credopts
.get_credentials(lp
, fallback_machine
=True)
106 samdb
= SamDB(url
=H
, session_info
=system_session(),
107 credentials
=creds
, lp
=lp
)
108 samdb
.deletegroup(groupname
)
110 # FIXME: catch more specific exception
111 raise CommandError('Failed to remove group "%s"' % groupname
, e
)
112 self
.outf
.write("Deleted group %s\n" % groupname
)
115 class cmd_group_add_members(Command
):
116 """Add (comma-separated list of) group members"""
118 synopsis
= "%prog <groupname> <listofmembers> [options]"
121 Option("-H", "--URL", help="LDB URL for database or target server", type=str,
122 metavar
="URL", dest
="H"),
125 takes_args
= ["groupname", "listofmembers"]
127 def run(self
, groupname
, listofmembers
, credopts
=None, sambaopts
=None,
128 versionopts
=None, H
=None):
130 lp
= sambaopts
.get_loadparm()
131 creds
= credopts
.get_credentials(lp
, fallback_machine
=True)
134 samdb
= SamDB(url
=H
, session_info
=system_session(),
135 credentials
=creds
, lp
=lp
)
136 samdb
.add_remove_group_members(groupname
, listofmembers
, add_members_operation
=True)
138 # FIXME: catch more specific exception
139 raise CommandError('Failed to add members "%s" to group "%s"' % (
140 listofmembers
, groupname
), e
)
141 self
.outf
.write("Added members to group %s\n" % groupname
)
144 class cmd_group_remove_members(Command
):
145 """Remove (comma-separated list of) group members"""
147 synopsis
= "%prog <groupname> <listofmembers> [options]"
150 Option("-H", "--URL", help="LDB URL for database or target server", type=str,
151 metavar
="URL", dest
="H"),
154 takes_args
= ["groupname", "listofmembers"]
156 def run(self
, groupname
, listofmembers
, credopts
=None, sambaopts
=None,
157 versionopts
=None, H
=None):
159 lp
= sambaopts
.get_loadparm()
160 creds
= credopts
.get_credentials(lp
, fallback_machine
=True)
163 samdb
= SamDB(url
=H
, session_info
=system_session(),
164 credentials
=creds
, lp
=lp
)
165 samdb
.add_remove_group_members(groupname
, listofmembers
, add_members_operation
=False)
167 # FIXME: Catch more specific exception
168 raise CommandError('Failed to remove members "%s" from group "%s"' % (listofmembers
, groupname
), e
)
169 self
.outf
.write("Removed members from group %s\n" % groupname
)
172 class cmd_group(SuperCommand
):
173 """Group management"""
176 subcommands
["add"] = cmd_group_add()
177 subcommands
["delete"] = cmd_group_delete()
178 subcommands
["addmembers"] = cmd_group_add_members()
179 subcommands
["removemembers"] = cmd_group_remove_members()