[SCM] Samba Shared Repository - branch master updated

Alexander Bokovoy Fri, 09 Jun 2017 14:25:44 -0700

The branch, master has been updated
       via  b64f0b5 samba-tool: You cannot add members to a group if the member 
exists as a sAMAccountName and a CN.
      from  f180b1c s4:rpc_server: Do some checks of LogonSamLogon flags


https://git.samba.org/?p=samba.git;a=shortlog;h=master


- Log -----------------------------------------------------------------
commit b64f0b5da640524c5f11b0e7eb2777a39fa04b95
Author: Rowland Penny <rpe...@samba.org>
Date:   Wed Jun 7 15:57:53 2017 +0100

    samba-tool: You cannot add members to a group if the member exists as a 
sAMAccountName and a CN.
    
    Signed-off-by: Rowland Penny <rpe...@samba.org>
    Reviewed-by: Alexander Bokovoy <a...@samba.org>
    
    Autobuild-User(master): Alexander Bokovoy <a...@samba.org>
    Autobuild-Date(master): Fri Jun  9 23:24:47 CEST 2017 on sn-devel-144

-----------------------------------------------------------------------

Summary of changes:
 python/samba/netcmd/group.py | 2 ++
 python/samba/samdb.py        | 9 ++++++---
 2 files changed, 8 insertions(+), 3 deletions(-)


Changeset truncated at 500 lines:

diff --git a/python/samba/netcmd/group.py b/python/samba/netcmd/group.py
index 11f8773..b9d6add 100644
--- a/python/samba/netcmd/group.py
+++ b/python/samba/netcmd/group.py
@@ -199,6 +199,8 @@ This command adds one or more members to an existing Active 
Directory group. The
 
 When a member is added to a group the member may inherit permissions and 
rights from the group.  Likewise, when permission or rights of a group are 
changed, the changes may reflect in the members through inheritance.
 
+The member names specified on the command must be the sAMaccountName.
+
 Example1:
 samba-tool group addmembers supergroup Group1,Group2,User1 -H 
ldap://samba.samdom.example.com -Uadministrator%passw0rd
 
diff --git a/python/samba/samdb.py b/python/samba/samdb.py
index 19dd8e9..719bb8b 100644
--- a/python/samba/samdb.py
+++ b/python/samba/samdb.py
@@ -266,9 +266,12 @@ changetype: modify
 """ % (str(targetgroup[0].dn))
 
             for member in members:
-                targetmember = self.search(base=self.domain_dn(), 
scope=ldb.SCOPE_SUBTREE,
-                                    expression="(|(sAMAccountName=%s)(CN=%s))" 
% (
-                    ldb.binary_encode(member), ldb.binary_encode(member)), 
attrs=[])
+                filter = ('(&(sAMAccountName=%s)(|(objectclass=user)'
+                          '(objectclass=group)))' % ldb.binary_encode(member))
+                targetmember = self.search(base=self.domain_dn(),
+                                           scope=ldb.SCOPE_SUBTREE,
+                                           expression="%s" % filter,
+                                           attrs=[])
 
                 if len(targetmember) != 1:
                     raise Exception('Unable to find "%s". Operation 
cancelled.' % member)


-- 
Samba Shared Repository

[SCM] Samba Shared Repository - branch master updated

Reply via email to