samba

Merge lp://qastaging/~kernevil/samba/devel into lp://qastaging/samba

  1. devel
  2. Merge into trunk
Proposed by Kernevil
Status: Needs review
Proposed branch: lp://qastaging/~kernevil/samba/devel
Merge into: lp://qastaging/samba
Diff against target: 122 lines (+26/-9)
2 files modified
source4/scripting/python/samba/netcmd/user.py (+5/-2)
source4/scripting/python/samba/samdb.py (+21/-7)
To merge this branch: bzr merge lp://qastaging/~kernevil/samba/devel
Reviewer Review Type Date Requested Status
Samba Team Pending
Review via email: mp+93744@code.qastaging.launchpad.net

Description of the change

Added switch "--enable-reversible-encryption" when creating an user. This sets the UF_ENCRYPTED_TEXT_PASSWORD_ALLOWED flag on the user account, storing the password in clear text inside the "supplementalCredentials" blob. This is needed to sync passwords with external applications.

To post a comment you must log in.
lp://qastaging/~kernevil/samba/devel updated
25247. By Kernevil

Merge trunk revs 318..320

Revision history for this message
Jelmer Vernooij (jelmer) wrote :

Hi,

Thanks for the MP.

On Sun, Feb 19, 2012 at 07:11:20PM -0000, Kernevil wrote:
> Added switch "--enable-reversible-encryption" when creating an user. This sets the UF_ENCRYPTED_TEXT_PASSWORD_ALLOWED flag on the user account, storing the password in clear text inside the "supplementalCredentials" blob. This is needed to sync passwords with external applications.
> --
> === modified file 'source4/scripting/python/samba/samdb.py'
> --- source4/scripting/python/samba/samdb.py 2011-12-07 02:09:08 +0000
> +++ source4/scripting/python/samba/samdb.py 2012-02-19 19:10:26 +0000
> @@ -104,6 +104,24 @@
> flags = samba.dsdb.UF_ACCOUNTDISABLE | samba.dsdb.UF_PASSWD_NOTREQD
> self.toggle_userAccountFlags(search_filter, flags, on=False)
>
> + def enable_reversible_encryption(self, search_filter):
> + """Enables reversible password encryption
> +
> + :param search_filter: LDAP filter to find the user (eg
> + samccountname=name)
 s/samccountname/samaccountname/

> + """
> + flags = samba.dsdb.UF_ENCRYPTED_TEXT_PASSWORD_ALLOWED
> + self.toggle_userAccountFlags(search_filter, flags, on=True)
> +
> + def disable_reversible_encryption(self, search_filter):
> + """Disables reversible password encryption
> +
> + :param search_filter: LDAP filter to find the user (eg
> + samccountname=name)
> + """
> + flags = samba.dsdb.UF_ENCRYPTED_TEXT_PASSWORD_ALLOWED
> + self.toggle_userAccountFlags(search_filter, flags, on=False)
I'm not sure if this really warrants separate methods (though I guess
it is consistent with the other methods).

Can you make this a single method with just a boolean argument
"enabled" or something like that?
> +
> def toggle_userAccountFlags(self, search_filter, flags, flags_str=None,
> on=True, strict=False):
> """toggle_userAccountFlags
> @@ -292,8 +310,8 @@

Cheers,

Jelmer

Reply
lp://qastaging/~kernevil/samba/devel updated
25248. By Kernevil

* Fix spell errors on comments
* Replace 'disable_reversible_encryption' method by a boolean parameter on
  method 'set_reversible_encryption'

25249. By Kernevil

Merge trunk revs 25321..25400

25250. By Kernevil

Fix wrong function call

Unmerged revisions

25250. By Kernevil

Fix wrong function call

25249. By Kernevil

Merge trunk revs 25321..25400

25248. By Kernevil

* Fix spell errors on comments
* Replace 'disable_reversible_encryption' method by a boolean parameter on
  method 'set_reversible_encryption'

25247. By Kernevil

Merge trunk revs 318..320

25246. By Kernevil

Merge trunk

25245. By Kernevil

Merge trunk

25244. By Kernevil

Merge parent branch

25243. By Kernevil

Add '--enable-reversible-encryption' to user creation'

Preview Diff

[H/L] Next/Prev Comment, [J/K] Next/Prev File, [N/P] Next/Prev Hunk
The diff is not available at this time. You can reload the page or download it.

Subscribers

People subscribed via source and target branches

to all changes: