1#!/usr/bin/python 2# 3# Sets the user password expiry on a Samba4 server 4# Copyright Jelmer Vernooij 2008 5# 6# Based on the original in EJS: 7# Copyright Andrew Tridgell 2005 8# 9# This program is free software; you can redistribute it and/or modify 10# it under the terms of the GNU General Public License as published by 11# the Free Software Foundation; either version 3 of the License, or 12# (at your option) any later version. 13# 14# This program is distributed in the hope that it will be useful, 15# but WITHOUT ANY WARRANTY; without even the implied warranty of 16# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 17# GNU General Public License for more details. 18# 19# You should have received a copy of the GNU General Public License 20# along with this program. If not, see <http://www.gnu.org/licenses/>. 21# 22 23import sys 24 25# Find right directory when running from source tree 26sys.path.insert(0, "bin/python") 27 28import samba.getopt as options 29import optparse 30 31from samba.auth import system_session 32from samba.samdb import SamDB 33 34parser = optparse.OptionParser("setexpiry [username] [options]") 35sambaopts = options.SambaOptions(parser) 36parser.add_option_group(sambaopts) 37parser.add_option_group(options.VersionOptions(parser)) 38credopts = options.CredentialsOptions(parser) 39parser.add_option_group(credopts) 40parser.add_option("-H", help="LDB URL for database or target server", type=str) 41parser.add_option("--filter", help="LDAP Filter to set password on", type=str) 42parser.add_option("--days", help="Days to expiry", type=int) 43parser.add_option("--noexpiry", help="Password does never expire", action="store_true") 44 45opts, args = parser.parse_args() 46 47filter = opts.filter 48 49if (len(args) == 0) and (filter is None): 50 print "Either the username or '--filter' must be specified!" 51 parser.print_usage() 52 sys.exit(1) 53 54days = opts.days 55if days is None: 56 days = 0 57 58if filter is None: 59 username = args[0] 60 filter = "(&(objectClass=user)(sAMAccountName=%s))" % (username) 61 62lp = sambaopts.get_loadparm() 63creds = credopts.get_credentials(lp) 64 65if opts.H is not None: 66 url = opts.H 67else: 68 url = lp.get("sam database") 69 70samdb = SamDB(url=url, session_info=system_session(), credentials=creds, lp=lp) 71 72samdb.setexpiry(filter, days*24*3600, no_expiry_req=opts.noexpiry) 73