1#!/usr/bin/python
2#
3# Sets the user password expiry on a Samba4 server
4# Copyright Jelmer Vernooij 2008
5#
6# Based on the original in EJS:
7# Copyright Andrew Tridgell 2005
8#
9# This program is free software; you can redistribute it and/or modify
10# it under the terms of the GNU General Public License as published by
11# the Free Software Foundation; either version 3 of the License, or
12# (at your option) any later version.
13#
14# This program is distributed in the hope that it will be useful,
15# but WITHOUT ANY WARRANTY; without even the implied warranty of
16# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
17# GNU General Public License for more details.
18#
19# You should have received a copy of the GNU General Public License
20# along with this program.  If not, see <http://www.gnu.org/licenses/>.
21#
22
23import sys
24
25# Find right directory when running from source tree
26sys.path.insert(0, "bin/python")
27
28import samba.getopt as options
29import optparse
30
31from samba.auth import system_session
32from samba.samdb import SamDB
33
34parser = optparse.OptionParser("setexpiry [username] [options]")
35sambaopts = options.SambaOptions(parser)
36parser.add_option_group(sambaopts)
37parser.add_option_group(options.VersionOptions(parser))
38credopts = options.CredentialsOptions(parser)
39parser.add_option_group(credopts)
40parser.add_option("-H", help="LDB URL for database or target server", type=str)
41parser.add_option("--filter", help="LDAP Filter to set password on", type=str)
42parser.add_option("--days", help="Days to expiry", type=int)
43parser.add_option("--noexpiry", help="Password does never expire", action="store_true")
44
45opts, args = parser.parse_args()
46
47filter = opts.filter
48
49if (len(args) == 0) and (filter is None):
50	print "Either the username or '--filter' must be specified!"
51	parser.print_usage()
52	sys.exit(1)
53
54days = opts.days
55if days is None:
56	days = 0
57
58if filter is None:
59	username = args[0]
60	filter = "(&(objectClass=user)(sAMAccountName=%s))" % (username)
61
62lp = sambaopts.get_loadparm()
63creds = credopts.get_credentials(lp)
64
65if opts.H is not None:
66	url = opts.H
67else:
68	url = lp.get("sam database")
69
70samdb = SamDB(url=url, session_info=system_session(), credentials=creds, lp=lp)
71
72samdb.setexpiry(filter, days*24*3600, no_expiry_req=opts.noexpiry)
73