Logo Search packages:      
Sourcecode: samba-gtk version File versions  Download package

def sambagtk::pygwsam::SAMPipeManager::update_user (   self,
  user 
)
Submit any changes to 'user' to the server. The User's RID must be correct for this to work.
This function will call update_user_security() to update user security options.

returns nothing

Definition at line 126 of file pygwsam.py.

                               :
        """Submit any changes to 'user' to the server. The User's RID must be correct for this to work.
        This function will call update_user_security() to update user security options.
        
        returns nothing"""
        user_handle = self.pipe.OpenUser(self.domain_handle, security.SEC_FLAG_MAXIMUM_ALLOWED, user.rid)

        #Note: Most of pipe manager calls in this function could be replaced by 
        #      one call to QueryUserInfo() and SetUserInfo() using level 21 (samr.UserAllInformation)
        #    Don't let this confuse you, it's essentially the same thing.

        info = self.pipe.QueryUserInfo(user_handle, samr.UserNameInformation)
        #info.account_name = self.set_lsa_string(user.username) #Account name should never be changed.
        info.full_name = self.set_lsa_string(user.fullname)
        self.pipe.SetUserInfo(user_handle, samr.UserNameInformation, info)
        
        info = self.pipe.QueryUserInfo(user_handle, samr.UserAdminCommentInformation)
        info.description = self.set_lsa_string(user.description)
        self.pipe.SetUserInfo(user_handle, samr.UserAdminCommentInformation, info)
        
        info = self.pipe.QueryUserInfo(user_handle, samr.UserControlInformation)
        if (user.must_change_password):
            info.acct_flags |= samr.ACB_PW_EXPIRED
        else:
            info.acct_flags &= ~samr.ACB_PW_EXPIRED

        if (user.password_never_expires):
            info.acct_flags |= samr.ACB_PWNOEXP
        else:
            info.acct_flags &= ~samr.ACB_PWNOEXP
            
        if (user.account_disabled):
            info.acct_flags |= samr.ACB_DISABLED
        else:
            info.acct_flags &= ~samr.ACB_DISABLED

        if (user.account_locked_out):
            info.acct_flags |= samr.ACB_AUTOLOCK
        else:
            info.acct_flags &= ~samr.ACB_AUTOLOCK
        self.pipe.SetUserInfo(user_handle, samr.UserControlInformation, info)
        
        #User cannot change password is updated in the security function
        self.update_user_security(user_handle, user)

        info = self.pipe.QueryUserInfo(user_handle, samr.UserProfileInformation)
        info.profile_path = self.set_lsa_string(user.profile_path)
        self.pipe.SetUserInfo(user_handle, samr.UserProfileInformation, info)
        
        info = self.pipe.QueryUserInfo(user_handle, samr.UserScriptInformation)
        info.logon_script = self.set_lsa_string(user.logon_script)
        self.pipe.SetUserInfo(user_handle, samr.UserScriptInformation, info)

        info = self.pipe.QueryUserInfo(user_handle, samr.UserHomeInformation)
        info.home_directory = self.set_lsa_string(user.homedir_path)
        
        if (user.map_homedir_drive == -1):
            info.home_drive = self.set_lsa_string("")
        else:
            info.home_drive = self.set_lsa_string(chr(user.map_homedir_drive + ord('A')) + ":")
        self.pipe.SetUserInfo(user_handle, samr.UserHomeInformation, info)
        
        # get the user's old groups list
        group_list = self.rwa_list_to_group_list(self.pipe.GetGroupsForUser(user_handle).rids)
        
        #The user must be part of a group. If the user is not part of any groups, the user is actually part of the "None" group!
        if (user.group_list == []):
            user.group_list = [grp for grp in self.group_list if grp.name == unicode("None")] #if grp.name == unicode("None")
        
        # remove the user from groups
        for group in group_list:
            if (user.group_list.count(group) == 0):
                group_handle = self.pipe.OpenGroup(self.domain_handle, security.SEC_FLAG_MAXIMUM_ALLOWED, group.rid)
                self.pipe.DeleteGroupMember(group_handle, user.rid)

        # add the user to groups
        for group in user.group_list:
            if (group_list.count(group) == 0):
                group_handle = self.pipe.OpenGroup(self.domain_handle, security.SEC_FLAG_MAXIMUM_ALLOWED, group.rid)
                self.pipe.AddGroupMember(group_handle, user.rid, samr.SE_GROUP_ENABLED)


Generated by  Doxygen 1.6.0   Back to index