path: root/python/samba/samdb.py

# Unix SMB/CIFS implementation.
# Copyright (C) Jelmer Vernooij <jelmer@samba.org> 2007-2010
# Copyright (C) Matthias Dieter Wallnoefer 2009
#
# Based on the original in EJS:
# Copyright (C) Andrew Tridgell <tridge@samba.org> 2005
# Copyright (C) Giampaolo Lauria <lauria2@yahoo.com> 2011
#
# This program is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
# the Free Software Foundation; either version 3 of the License, or
# (at your option) any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program.  If not, see <http://www.gnu.org/licenses/>.
#

"""Convenience functions for using the SAM."""

import samba
import ldb
import time
import base64
import os
import re
from samba import dsdb, dsdb_dns
from samba.ndr import ndr_unpack, ndr_pack
from samba.dcerpc import drsblobs, misc
from samba.common import normalise_int32
from samba.common import get_bytes, cmp
from samba.dcerpc import security
from samba import is_ad_dc_built
import binascii

__docformat__ = "restructuredText"


def get_default_backend_store():
    return "tdb"

class SamDBError(Exception):
    pass

class SamDBNotFoundError(SamDBError):
    pass

class SamDB(samba.Ldb):
    """The SAM database."""

    hash_oid_name = {}
    hash_well_known = {}

    def __init__(self, url=None, lp=None, modules_dir=None, session_info=None,
                 credentials=None, flags=ldb.FLG_DONT_CREATE_DB,
                 options=None, global_schema=True,
                 auto_connect=True, am_rodc=None):
        self.lp = lp
        if not auto_connect:
            url = None
        elif url is None and lp is not None:
            url = lp.samdb_url()

        self.url = url

        super(SamDB, self).__init__(url=url, lp=lp, modules_dir=modules_dir,
                                    session_info=session_info, credentials=credentials, flags=flags,
                                    options=options)

        if global_schema:
            dsdb._dsdb_set_global_schema(self)

        if am_rodc is not None:
            dsdb._dsdb_set_am_rodc(self, am_rodc)

    def connect(self, url=None, flags=0, options=None):
        '''connect to the database'''
        if self.lp is not None and not os.path.exists(url):
            url = self.lp.private_path(url)
        self.url = url

        super(SamDB, self).connect(url=url, flags=flags,
                                   options=options)

    def am_rodc(self):
        '''return True if we are an RODC'''
        return dsdb._am_rodc(self)

    def am_pdc(self):
        '''return True if we are an PDC emulator'''
        return dsdb._am_pdc(self)

    def domain_dn(self):
        '''return the domain DN'''
        return str(self.get_default_basedn())

    def schema_dn(self):
        '''return the schema partition dn'''
        return str(self.get_schema_basedn())

    def disable_account(self, search_filter):
        """Disables an account

        :param search_filter: LDAP filter to find the user (eg
            samccountname=name)
        """

        flags = samba.dsdb.UF_ACCOUNTDISABLE
        self.toggle_userAccountFlags(search_filter, flags, on=True)

    def enable_account(self, search_filter):
        """Enables an account

        :param search_filter: LDAP filter to find the user (eg
            samccountname=name)
        """

        flags = samba.dsdb.UF_ACCOUNTDISABLE | samba.dsdb.UF_PASSWD_NOTREQD
        self.toggle_userAccountFlags(