summaryrefslogtreecommitdiff
path: root/python/samba/netcmd/domain
AgeCommit message (Collapse)AuthorFilesLines
2025-05-26samba-tool: Fix code spellingJennifer Sutton1-1/+1
Signed-off-by: Jennifer Sutton <jennifersutton@catalyst.net.nz> Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
2025-05-26python: Fix logging callJennifer Sutton1-1/+1
ERROR(<class AttributeError>): uncaught exception - RootLogger object has no attribute notice File "/samba/bin/python/samba/netcmd/__init__.py", line 387, in _run return self.run(*args, **kwargs) ^^^^^^^^^^^^^^^^^^^^^^^^^ File "/samba/bin/python/samba/netcmd/domain/backup.py", line 698, in run logger.notice("back-up has no sysvol data") ^^^^^^^^^^^^^ BUG: https://bugzilla.samba.org/show_bug.cgi?id=15852 Signed-off-by: Jennifer Sutton <jennifersutton@catalyst.net.nz> Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
2025-03-29samba-tool backup restore: cope with no sysvolDouglas Bagnall1-2/+5
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15661 Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz> Reviewed-by: Ralph Boehme <slow@samba.org> Autobuild-User(master): Ralph Böhme <slow@samba.org> Autobuild-Date(master): Sat Mar 29 08:25:39 UTC 2025 on atb-devel-224
2025-03-26samba-tool domain backup: add --no-sysvol optionThomas Karlsson1-9/+13
In some circumstances sysvol is not wanted in a backup. BUG: https://bugzilla.samba.org/show_bug.cgi?id=15661 Signed-off-by: Thomas Karlsson <thomas.karlsson@relea.se> Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz> Reviewed-by: Jennifer Sutton <jennifersutton@catalyst.net.nz>
2025-02-17python:lsa_utils: Fix fallback to OpenPolicy2Stefan Metzmacher1-50/+42
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15680 Pair-Programmed-With: Andreas Schneider <asn@samba.org> Signed-off-by: Andreas Schneider <asn@samba.org> Signed-off-by: Stefan Metzmacher <metze@samba.org> Autobuild-User(master): Andreas Schneider <asn@cryptomilk.org> Autobuild-Date(master): Mon Feb 17 18:33:15 UTC 2025 on atb-devel-224
2025-02-17python:lsa_utils: Don't use optional arguments for OpenPolicyFallback()Andreas Schneider1-0/+1
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15680 Signed-off-by: Andreas Schneider <asn@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org>
2025-02-04netcmd: Increase the transaction_index_cache_size to 200k for schemaupgradeAndréas Leroux1-1/+5
Increasing this value greatly improve the performances of schema upgrade for large domains (>200k entries). The value 200000 is chosen because it is already used in join.py, and should be sufficient for known domains. BUG: https://bugzilla.samba.org/show_bug.cgi?id=15795 Signed-off-by: Andréas Leroux <aleroux@tranquil.it> Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2024-12-10samba-tool/backup: set the right permissions on our root dirBjörn Jacke1-0/+2
Since processes can run under the UID of the logged in user, it's required to make sure that the users have the permissions here. Signed-off-by: Bjoern Jacke <bjacke@samba.org> Reviewed-by: Björn Baumbach <bbaumbach@samba.org> Autobuild-User(master): Björn Baumbach <bb@sernet.de> Autobuild-Date(master): Tue Dec 10 11:40:27 UTC 2024 on atb-devel-224
2024-11-06samba-tool:: s/the the\b/the/ in docstringDouglas Bagnall1-1/+1
Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz> Reviewed-by: Volker Lendecke <vl@samba.org>
2024-10-04netcmd:domain:policy: Fix missing conversion from tgt_lifetime minutes to ↵Andréas Leroux1-6/+12
10^(-7) seconds BUG: https://bugzilla.samba.org/show_bug.cgi?id=15692 Signed-off-by: Andréas Leroux <aleroux@tranquil.it> Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz> Reviewed-by: Jennifer Sutton <jennifersutton@catalyst.net.nz> Autobuild-User(master): Douglas Bagnall <dbagnall@samba.org> Autobuild-Date(master): Fri Oct 4 04:01:22 UTC 2024 on atb-devel-224
2024-08-04python:netcmd: Explicitly delete samdb variablesJo Sutton1-2/+2
This makes our intent clear, and avoids accidental attempts to use these objects after they have been ‘disconnect()’ed. Signed-off-by: Jo Sutton <josutton@catalyst.net.nz> Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
2024-06-12samba-tool domain trust: avoid useless use of string_to_byte_arrayDouglas Bagnall1-4/+4
`pw.encode('utf-16-le')` is always bytes. Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2024-06-06python:netcmd: Create a SHA256SUM file with checksumsAndreas Schneider1-0/+25
This allows to verify the backup tarball contents with: sha256sum -c SHA256SUM Signed-off-by: Andreas Schneider <asn@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2024-06-06python:netcmd: Only put regular files into the tarballAndreas Schneider1-1/+1
We also have ldapi, other sockets or pipes around, we don't want to add. This will be relevant for adding checksums later. Signed-off-by: Andreas Schneider <asn@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2024-05-22samba-tool: let 'samba-tool domain exportkeytab' take an --only-current-keys ↵Stefan Metzmacher1-2/+7
option Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2024-04-10samba-tool domain backup: Use new ldb.disconnect() method to force-close ↵Andrew Bartlett1-0/+2
files during backup Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
2024-04-09python: Use OpenPolicyFallback() in trust.pyAndreas Schneider1-28/+84
Signed-off-by: Andreas Schneider <asn@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2024-04-09python:samba: Rename trust_utils.py to lsa_utils.pyAndreas Schneider1-1/+1
Signed-off-by: Andreas Schneider <asn@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2024-04-08python: lint: fix pylint R1720 unnecessary "raise" after "else"Rob van der Linde3-6/+6
Signed-off-by: Rob van der Linde <rob@catalyst.net.nz> Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2024-04-08python: lint: remove unused imports in claims and gmsa commandsRob van der Linde2-3/+2
Signed-off-by: Rob van der Linde <rob@catalyst.net.nz> Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2024-03-28netcmd: auth policy: remove old service-allowed-to-authenticate-from-silo ↵Rob van der Linde1-57/+0
and group Signed-off-by: Rob van der Linde <rob@catalyst.net.nz> Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2024-03-28netcmd: auth policy: add service-allowed-to-authenticate-from subcommandsRob van der Linde2-0/+128
Signed-off-by: Rob van der Linde <rob@catalyst.net.nz> Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2024-03-28netcmd: auth policy: remove old user-allowed-to-authenticate-from-silo and groupRob van der Linde1-42/+0
Signed-off-by: Rob van der Linde <rob@catalyst.net.nz> Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2024-03-28netcmd: auth policy: add user-allowed-to-authenticate-from subcommandsRob van der Linde2-0/+128
Signed-off-by: Rob van der Linde <rob@catalyst.net.nz> Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2024-03-28netcmd: auth policy: remove old service-allowed-to-authenticate-to-silo and ↵Rob van der Linde1-42/+0
group Signed-off-by: Rob van der Linde <rob@catalyst.net.nz> Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2024-03-28netcmd: auth policy: add service-allowed-to-authenticate-to subcommandsRob van der Linde2-0/+128
Signed-off-by: Rob van der Linde <rob@catalyst.net.nz> Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2024-03-28netcmd: auth policy: remove old user-allowed-to-authenticate-to-silo and groupRob van der Linde1-42/+0
Signed-off-by: Rob van der Linde <rob@catalyst.net.nz> Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2024-03-28netcmd: auth policy: add user-allowed-to-authenticate-to subcommandsRob van der Linde2-0/+130
Signed-off-by: Rob van der Linde <rob@catalyst.net.nz> Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2024-03-28netcmd: auth policy: remove old computer-allowed-to-authenticate-to-silo and ↵Rob van der Linde1-42/+0
group Signed-off-by: Rob van der Linde <rob@catalyst.net.nz> Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2024-03-28netcmd: auth policy: add computer-allowed-to-authenticate-to subcommandsRob van der Linde2-0/+130
Signed-off-by: Rob van der Linde <rob@catalyst.net.nz> Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2024-03-28netcmd: auth policy: extract policy base commands into policy.pyRob van der Linde2-648/+679
Signed-off-by: Rob van der Linde <rob@catalyst.net.nz> Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2024-03-28netcmd: auth policy: turn policy.py into moduleRob van der Linde1-0/+0
Signed-off-by: Rob van der Linde <rob@catalyst.net.nz> Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2024-03-28netcmd: auth silo: extract silo base commands into silo.pyRob van der Linde2-363/+393
Signed-off-by: Rob van der Linde <rob@catalyst.net.nz> Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2024-03-28netcmd: auth silo: move silo_member.py into silo moduleRob van der Linde2-1/+1
Signed-off-by: Rob van der Linde <rob@catalyst.net.nz> Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2024-03-28netcmd: auth silo: turn silo.py into moduleRob van der Linde1-0/+0
Signed-off-by: Rob van der Linde <rob@catalyst.net.nz> Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2024-03-20python: pep8: fix import sorting after moveRob van der Linde5-10/+9
Only touch files where samba.domain.models import was moved Signed-off-by: Rob van der Linde <rob@catalyst.net.nz> Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2024-03-20python: move models out of the netcmd packageRob van der Linde24-2434/+13
Signed-off-by: Rob van der Linde <rob@catalyst.net.nz> Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2024-03-20netcmd: gmsa: add_trustee and remove_trustee change argument to sidRob van der Linde1-5/+8
Signed-off-by: Rob van der Linde <rob@catalyst.net.nz> Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2024-03-20netcmd: models: improve Computer constructor adding "$" handlingRob van der Linde1-8/+29
In some cases the previous code would end up creating computers where the account name ended on double "$" Rewrote constructor to handle more cases, for example only an account name is provided, only a name is provided, or both. Signed-off-by: Rob van der Linde <rob@catalyst.net.nz> Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2024-03-20netcmd: models: allow scope to be overridden in queryRob van der Linde1-2/+4
Signed-off-by: Rob van der Linde <rob@catalyst.net.nz> Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2024-03-20netcmd: models: add User.get_sid_for_principal helperRob van der Linde1-0/+17
Unlike User.find, this will not fetch the User if an SID is provided. Signed-off-by: Rob van der Linde <rob@catalyst.net.nz> Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2024-03-20netcmd: models: User.find also tries object_sidRob van der Linde1-3/+7
Signed-off-by: Rob van der Linde <rob@catalyst.net.nz> Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2024-03-14samba-tool domain exportkeytab: Raise a proper CommandErrorAndrew Bartlett1-6/+9
This avoids giving just a backtrace for things like exporting a keytab to an existing file. Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Jo Sutton <josutton@catalyst.net.nz>
2024-03-14samba-tool: Add option --keep-stale-entries to "samba-tool domain exportkeytab"Andrew Bartlett1-2/+7
This will keep stale keys in the keytab, which may be useful for wireshark but is not correct if the keytab is used for accepting Kerberos tickets, as tickets encrypted with old passwords would still be accepted. Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Jo Sutton <josutton@catalyst.net.nz>
2024-03-14samba-tool domain exportkeytab: Add support for -H to point to a different ↵Andrew Bartlett1-2/+10
sam.ldb Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Jo Sutton <josutton@catalyst.net.nz>
2024-03-01netcmd: models: Create ClaimType in the model layer insteadRob van der Linde2-27/+51
Having it inside a command isn't very re-usable. Signed-off-by: Rob van der Linde <rob@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz> Autobuild-User(master): Andrew Bartlett <abartlet@samba.org> Autobuild-Date(master): Fri Mar 1 05:52:53 UTC 2024 on atb-devel-224
2024-03-01netcmd: models: ClaimType: move all dunder methods to the top for consistencyRob van der Linde1-3/+3
It's nice to consistently list the __str__ method first and all the dunder methods, then the static methods, then the rest. At least for the models. Signed-off-by: Rob van der Linde <rob@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
2024-03-01netcmd: claims: tidy up, avoid setting enabled twiceRob van der Linde1-8/+8
Signed-off-by: Rob van der Linde <rob@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
2024-03-01netcmd: models: rename lookup methods to find for consistencyRob van der Linde5-16/+12
There are a mixture of methods called either 'lookup' or 'find'. This dates back to when they raised LookupError, but these now raise NotFound. They should be all called 'find' for consistency. Signed-off-by: Rob van der Linde <rob@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
2024-03-01netcmd: models: Rename username to account_name for consistencyRob van der Linde2-16/+16
When creating the User model initially, "username" was the only field that was inconsistently named, it maps to "sAMAccountName". It should really have been account "account_name". There is also a field "account_type" and should be similarly named to "account_name". Basically the naming of fields should always be consistent, breaking the rule for one field only was a mistake. Signed-off-by: Rob van der Linde <rob@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
generated by cgit v1.2.3 (git 2.25.1) at 2026-05-06 20:12:08 +0000