summaryrefslogtreecommitdiff
path: root/python/samba
AgeCommit message (Collapse)AuthorFilesLines
2024-03-01netcmd: add newline before epilog so there is a space betweenRob van der Linde1-1/+1
Signed-off-by: Rob van der Linde <rob@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
2024-03-01netcmd: models: model __json__ method should call as_dict insteadRob van der Linde1-7/+2
The comment about RelatedField is not really relevant so removed that part, RelatedField isn't used at this point. The idea with RelatedField is that it fetches the object (vs DnField which just returns a Dn). Signed-off-by: Rob van der Linde <rob@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
2024-03-01netcmd: models: setting kwarg to None should use field defaultRob van der Linde1-2/+6
This comes up when trying to create a GroupManagedServiceAccount and setting the value of managed_password_interval to None. We still want it to pick up the field default of 30 in this case. Signed-off-by: Rob van der Linde <rob@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
2024-03-01netcmd: models: Model.query adds optional polymorphic flag for returning ↵Rob van der Linde2-8/+34
specific class types This defaults to False, query the User class returns only User instances. User.query(samdb) When set to True, query the User class can return User, Computer, ManagedServiceAccount instances. User.query(samdb, polymorphic=True) If polymorphic is False the same records are still returned but records will always be interpreted as the model that is being queried only, rather than a more specific model that matches that object class. Signed-off-by: Rob van der Linde <rob@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
2024-03-01netcmd: models: ModelMeta needs to also set fields and meta if class is ModelRob van der Linde1-2/+2
This is needed for polymorphic query, if querying from the Base model, which was not previously a feature. Signed-off-by: Rob van der Linde <rob@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
2024-03-01netcmd: models: move object_sid field from User to base ModelRob van der Linde2-4/+3
Signed-off-by: Rob van der Linde <rob@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
2024-03-01netcmd: models: bring Model class forward into moduleRob van der Linde1-0/+1
This is important for polymorphic query support Signed-off-by: Rob van der Linde <rob@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
2024-03-01netcmd: models: ModelMeta no longer needs to inherit from ABCMetaRob van der Linde1-2/+1
There are no more abstract methods since the previous commit, so ABCMeta is no longer needed. Signed-off-by: Rob van der Linde <rob@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
2024-03-01netcmd: models: Model.get_object_class returns top instead of NoneRob van der Linde1-3/+2
Signed-off-by: Rob van der Linde <rob@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
2024-03-01netcmd: models: Query.first and Query.last should use count from instanceRob van der Linde1-2/+2
Signed-off-by: Rob van der Linde <rob@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
2024-03-01netcmd: models: set the default for managed password interval on the modelRob van der Linde1-1/+2
This is to avoid having to provide a default in multiple places Signed-off-by: Rob van der Linde <rob@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
2024-03-01netcmd: models: move group msa membership default to constantsRob van der Linde2-1/+5
This means the constant can be imported and used by the tests Signed-off-by: Rob van der Linde <rob@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
2024-03-01netcmd: shell: show Models subheadingRob van der Linde1-0/+3
Signed-off-by: Rob van der Linde <rob@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
2024-03-01netcmd: models: make MODELS constant keyed by object class insteadRob van der Linde2-3/+4
This helps with polymorphic querying, mapping object class name to model class. Signed-off-by: Rob van der Linde <rob@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
2024-03-01netcmd: models: move MODELS constant to constants.py to avoid import loopRob van der Linde3-5/+27
query.py and models.py otherwise cause an import loop, query.py needs to import MODELS Signed-off-by: Rob van der Linde <rob@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
2024-03-01netcmd: models: update docstring of Computer.find methodRob van der Linde1-1/+1
Signed-off-by: Rob van der Linde <rob@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
2024-03-01netcmd: models: gmsa move find method to Computer modelRob van der Linde2-18/+18
The find method is the same as the find method from the User model, with the exception of adding "$". This means it is actually logic that belongs in the parent class of GroupManagedServiceAccount, which is Computer. Signed-off-by: Rob van der Linde <rob@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
2024-03-01netcmd: models: gmsa GroupManagedServiceAccount inherits from ComputerRob van der Linde1-3/+3
Signed-off-by: Rob van der Linde <rob@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
2024-03-01netcmd: models: gmsa move GroupManagedServiceAccount model to gmsa.pyRob van der Linde3-72/+101
It needs to inherit from the Computer model, the Computer model also inherits from User. First, moving it to its own file from user.py to gmsa.py Signed-off-by: Rob van der Linde <rob@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
2024-03-01netcmd: models: gmsa trustees update docstring and incorrect return typeRob van der Linde1-2/+2
Signed-off-by: Rob van der Linde <rob@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
2024-03-01netcmd: models: gmsa trustees property only looks at allowed acesRob van der Linde1-1/+15
Signed-off-by: Rob van der Linde <rob@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
2024-03-01netcmd: models: make GroupManagedServiceAccount.trustees a propertyRob van der Linde1-0/+1
Signed-off-by: Rob van der Linde <rob@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
2024-03-01netcmd: models: avoid fetching each user in trustees methodRob van der Linde1-14/+3
Signed-off-by: Rob van der Linde <rob@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
2024-03-01netcmd: models: Remove unused groups_sddl method from User modelRob van der Linde1-4/+0
Signed-off-by: Rob van der Linde <rob@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
2024-03-01netcmd: models: add default SDDL to group_msa_membershipRob van der Linde1-1/+2
LA can be used for the administrator and Windows will expand that on save, making the group_sddl method redundant. Signed-off-by: Rob van der Linde <rob@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
2024-03-01pytests: samba-tool domain kds root_keyDouglas Bagnall1-0/+717
Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abartlet@samba.org> Autobuild-User(master): Andrew Bartlett <abartlet@samba.org> Autobuild-Date(master): Fri Mar 1 01:27:30 UTC 2024 on atb-devel-224
2024-03-01samba-tool: add `samba-tool domain kds root_key delete`Douglas Bagnall1-0/+37
For deleting root keys. Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2024-03-01samba-tool: add `samba-tool domain kds root_key create`Douglas Bagnall1-0/+55
For making new root keys. Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2024-03-01samba-tool: add `samba-tool domain kds root_key view`Douglas Bagnall1-0/+59
This is for looking at one root key. There isn't much to know. Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2024-03-01samba-tool: add `samba-tool domain kds root_key list`Douglas Bagnall1-1/+262
This lists root keys, in descending chronological order according to the use_start_toime attribute. That's becuase you usually only care about the newest one. Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2024-03-01samba-tool: don't error if there are no sub-commandsDouglas Bagnall1-1/+1
This is useful when you commit samba-tool tests before you commit the samba-tool code, and you want the tests to fail rather than error. Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2024-03-01provision: add a default root keyDouglas Bagnall1-0/+4
Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2024-03-01pytest:dsdb: check that there is a gkdi root keyDouglas Bagnall1-0/+59
Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2024-03-01pytest:gkdi: shift create_root_key into a functionDouglas Bagnall1-130/+161
This is so the samba-tool domain kds root_key tests can use it as a function. Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2024-03-01pytest:samba-tool: add a flag to print more in runcmdDouglas Bagnall1-3/+19
Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2024-03-01samba-tool user delete: use account type constantDouglas Bagnall1-2/+3
Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2024-03-01samba-tool domain: add LDB Result to json encodersDouglas Bagnall1-2/+4
Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2024-03-01python:samdb: wrapper for _dsdb_create_gkdi_root_key()Douglas Bagnall1-0/+6
Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2024-03-01samba-tool domain kds root_keyDouglas Bagnall1-0/+28
Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2024-03-01samba-tool domain kds: add root key sub-commandDouglas Bagnall1-1/+3
Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2024-03-01samba-tool domain: add kds sub-branchDouglas Bagnall2-0/+31
Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2024-03-01selftest: Ignore msKds-DomainID in ldapcmp_restoredc.sh and ↵Andrew Bartlett1-1/+1
samba.tests.domain_backup_offline Like serverReferenceBL etc, this will point to a DC that created the object, and as part of the backup and restore, this DC will be deleted. It is just for tracking the object creation, so this is fine. Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
2024-02-29samba-tool user getpassword: Clarify success wordingAndrew Bartlett5-5/+5
It may be the case that there was no password, or read access to the password was not permitted. The structure of the code and the pattern in LDIF that missing information is simply returned as missing attributes makes it hard to detect and communicate a clear error here, particularly as an error may not be wanted if (say) pwdLastSet is queried on a gMSA that we can not read. So we just make the string to indicate, as I think it was meant, that the tool ran to compleation. Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz> Autobuild-User(master): Andrew Bartlett <abartlet@samba.org> Autobuild-Date(master): Thu Feb 29 05:07:45 UTC 2024 on atb-devel-224
2024-02-29python/nt_time: have a go at using 1_000_000 number separators.Douglas Bagnall1-1/+1
I noticed these are available in Python 3.6+, which is what we support, and they're arguably nicer than using exponentiation. Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2024-02-29python:nt_time: add a nt_now() functionDouglas Bagnall1-0/+5
Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2024-02-29python:nt_time: add string_from_nt_timeDouglas Bagnall1-0/+13
Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2024-02-29py:nt_time: add nt_time_from_string()Douglas Bagnall1-0/+44
This is for samba-tool, which could do with a common understanding of time strings across various sub-tools. Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2024-02-29pytest:audit_log_base: use string_is_guid()Douglas Bagnall1-8/+3
Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2024-02-29pytest:auth_log_base: use string_is_guid()Douglas Bagnall1-8/+3
Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2024-02-29pylibs: add string_is_guid() helper.Douglas Bagnall1-0/+32
In various places we use regular expressions to check for GUID-ness, though typically we don't match GUIDs with uppercase hex digits when we really should. If we centralise the check, we have more chance of getting it right. Pair-programmed-by: Andrew Bartlett <abartlet@samba.org> Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz> Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Reviewed-by: Andrew Bartlett <abartlet@samba.org> Autobuild-User(master): Andrew Bartlett <abartlet@samba.org> Autobuild-Date(master): Thu Feb 29 02:38:07 UTC 2024 on atb-devel-224
generated by cgit v1.2.3 (git 2.25.1) at 2026-05-07 04:29:39 +0000