Author: sree Date: 2006-06-27 17:34:28 +0000 (Tue, 27 Jun 2006) New Revision: 16567
WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=rev&root=samba&rev=16567 Log: added code for userAccountControl flags in user_add() new function user_profile_set() sets profile information Modified: branches/SOC/sree/test.js branches/SOC/sree/usermgmt.js Changeset: Modified: branches/SOC/sree/test.js =================================================================== --- branches/SOC/sree/test.js 2006-06-27 17:16:14 UTC (rev 16566) +++ branches/SOC/sree/test.js 2006-06-27 17:34:28 UTC (rev 16567) @@ -26,6 +26,14 @@ printVars(user_get(sam, "sreetest", new Array("useraccountcontrol"))); +if(user_profile_set(sam, "sreetest", "\\\\profiles\\sreetest", "\\\\someserver\\logon.bat", "\\\\homes\\sreetest", "z:")){ + print("Successfully set profile parameters\n"); + + printVars(user_get(sam, "sreetest", new Array("profilePath", "scriptPath", "homeDirectory", "homeDrive"))); +} +else + print("Failed to set user profile properties"); + if(user_delete(sam, "sreetest")) print("User successfully deleted!\n"); else Modified: branches/SOC/sree/usermgmt.js =================================================================== --- branches/SOC/sree/usermgmt.js 2006-06-27 17:16:14 UTC (rev 16566) +++ branches/SOC/sree/usermgmt.js 2006-06-27 17:34:28 UTC (rev 16567) @@ -9,9 +9,9 @@ libinclude("base.js"); // userAccountFlags constants, decl here for now -var UF_ACCOUNTDISABLE = 0x2; -var UF_PASSWORD_CANT_CHANGE = 0x40; -var UF_DONT_EXPIRE_PASSWORD = 0x10000; +UF_ACCOUNTDISABLE = 0x2; +UF_PASSWORD_CANT_CHANGE = 0x40; +UF_DONT_EXPIRE_PASSWORD = 0x10000; // initialize user functions, and return opaque value to be used by // other functions @@ -102,6 +102,8 @@ // add a user function user_add(sam, username, fullname, description, password, flags, unixname) { + var sys = sys_init(); + var aldif = new Array(); var user_dn = sprintf("CN=%s,CN=Users,%s", @@ -152,10 +154,24 @@ } var userAccountControl = user['userAccountControl']; + + userAccountControl = 0 + userAccountControl; // conversion to number - //TODO: Finish up mapping flags and uac, without bitwise operators - //:-( + //to handle default account created with the disabled bit set + if(sys.bitAND(userAccountControl, UF_ACCOUNTDISABLE)) + userAccountControl = userAccountControl - UF_ACCOUNTDISABLE; + if(sys.bitAND(flags, UF_ACCOUNTDISABLE)) + userAccountControl = sys.bitOR(userAccountControl, UF_ACCOUNTDISABLE); + if(sys.bitAND(flags, UF_DONT_EXPIRE_PASSWORD)) + userAccountControl = sys.bitOR(userAccountControl, UF_DONT_EXPIRE_PASSWORD); + + if(sys.bitAND(flags, UF_PASSWORD_CANT_CHANGE)) + userAccountControl = sys.bitOR(userAccountControl, UF_PASSWORD_CANT_CHANGE); + + //TODO: User must change password at next logon + // Account is locked out + ldifmod = sprintf(" dn: %s changetype: modify @@ -274,3 +290,81 @@ return(sam.ldb.transaction_commit()); } + +// set user's profile settings +// null parameters will leave existing untouched, while "" will erase +// current values +function user_profile_set(sam, username, profilepath, logonscript, homepath, homedrive) +{ + var user_dn = sprintf("CN=%s,CN=Users,%s", + username, sam.domain_dn); + + sam.ldb.transaction_start(); + + user = user_get(sam, username, new Array("sAMAccount")); + + if(user == false) + { + print("Failed to get user's groups, no such user?\n"); + sam.ldb.transaction_cancel(); + return false; + } + + var k = 0; + var profile = new Array(); + + if(profilepath != null) + { + if(profilepath == "") + profile[k] = "delete: profilePath"; + else + profile[k] = "replace: profilePath\nprofilePath: " + profilepath; + k = k + 1; + } + + if(logonscript != null) + { + if(logonscript == "") + profile[k] = "delete: scriptPath"; + else + profile[k] = "replace: scriptPath\nscriptPath: " + logonscript; + k = k + 1; + } + + if(homepath != null) + { + if(homepath == "") + profile[k] = "delete: homeDirectory"; + else + profile[k] = "replace: homeDirectory\nhomeDirectory: " + homepath; + k = k + 1; + } + + // if set, then homepath should specify a network location + if(homedrive != null) + { + if(homedrive == "") + profile[k] = "delete: homeDrive"; + else + profile[k] = "replace: homeDrive\nhomeDrive: " + homedrive; + k = k + 1; + } + + if(k == 0) + { + print("No profile details provided\n"); + sam.ldb.transaction_cancel(); + return false; + } + + var ldifmod = "dn: " + user_dn + "\nchangeType: modify\n" + join("\n-\n", profile) + "\n"; + + if(sam.ldb.modify(ldifmod) != true) + { + print("Failed to set user profile settings!\n"); + sam.ldb.transaction_cancel(); + return false; + } + + return(sam.ldb.transaction_commit()); +}