module ActiveSambaLdap::SambaAccountEntry

Constants

ACCOUNT_FLAGS_RE
DOMAIN_ADMIN_NAME

from source/rpc_server/srv_util.c in Samba

DOMAIN_ADMIN_RID

from source/include/rpc_misc.c in Samba

DOMAIN_GUEST_NAME
DOMAIN_GUEST_RID
FAR_FUTURE_TIME

FAR_FUTURE_TIME = Time.parse(“2050/01/01”).to_i.to_s

WELL_KNOWN_NAMES
WELL_KNOWN_RIDS

Public Class Methods

included(base) click to toggle source
Calls superclass method
# File lib/active_samba_ldap/samba_account_entry.rb, line 5
def self.included(base)
  super
  base.extend(ClassMethods)
end

Public Instance Methods

can_change_password?() click to toggle source
# File lib/active_samba_ldap/samba_account_entry.rb, line 171
def can_change_password?
  assert_samba_available
  samba_pwd_can_change.nil? or
    Time.at(samba_pwd_can_change.to_i) <= Time.now
end
change_samba_password(password) click to toggle source
# File lib/active_samba_ldap/samba_account_entry.rb, line 154
def change_samba_password(password)
  assert_samba_available
  self.samba_lm_password = Samba::Encrypt.lm_hash(password)
  self.samba_nt_password = Samba::Encrypt.ntlm_hash(password)
  self.samba_pwd_last_set = Time.now.to_i.to_s
end
change_sid(rid, allow_non_unique=false) click to toggle source
# File lib/active_samba_ldap/samba_account_entry.rb, line 142
def change_sid(rid, allow_non_unique=false)
  assert_samba_available
  sid = "#{self.class.configuration[:sid]}-#{rid}"
  # check_unique_sid_number(sid) unless allow_non_unique
  self.samba_sid = sid
end
change_uid_number(uid, allow_non_unique=false) click to toggle source
Calls superclass method
# File lib/active_samba_ldap/samba_account_entry.rb, line 129
def change_uid_number(uid, allow_non_unique=false)
  result = super
  return result unless samba_available?

  rid = self.class.uid2rid(uid_number.to_s)
  change_sid(rid, allow_non_unique)
end
change_uid_number_by_rid(rid, allow_non_unique=false) click to toggle source
# File lib/active_samba_ldap/samba_account_entry.rb, line 137
def change_uid_number_by_rid(rid, allow_non_unique=false)
  assert_samba_available
  change_uid_number(self.class.rid2uid(rid), allow_non_unique)
end
disable() click to toggle source
# File lib/active_samba_ldap/samba_account_entry.rb, line 212
def disable
  assert_samba_available
  if samba4?
    self.user_account_control +=
      ActiveDirectory::UserAccountControl::ACCOUNT_DISABLE
  else
    flags = ""
    if ACCOUNT_FLAGS_RE =~ samba_acct_flags.to_s
      flags = $1
      return if /D/ =~ flags
    end
    self.samba_acct_flags = "[D#{flags}]"
  end
end
disable_forcing_password_change() click to toggle source
# File lib/active_samba_ldap/samba_account_entry.rb, line 188
def disable_forcing_password_change
  assert_samba_available
  self.samba_pwd_must_change = FAR_FUTURE_TIME
end
disable_password_change() click to toggle source
# File lib/active_samba_ldap/samba_account_entry.rb, line 166
def disable_password_change
  assert_samba_available
  self.samba_pwd_can_change = FAR_FUTURE_TIME
end
disabled?() click to toggle source
# File lib/active_samba_ldap/samba_account_entry.rb, line 232
def disabled?
  assert_samba_available
  if samba4?
    not (user_account_control &
         ActiveDirectory::UserAccountControl::ACCOUNT_DISABLE).zero?
  else
    (/D/ =~ samba_acct_flags.to_s) ? true : false
  end
end
enable() click to toggle source
# File lib/active_samba_ldap/samba_account_entry.rb, line 200
def enable
  assert_samba_available
  if samba4?
    self.user_account_control -=
      ActiveDirectory::UserAccountControl::ACCOUNT_DISABLE
  else
    if /D/ =~ samba_acct_flags.to_s
      self.samba_acct_flags = samba_acct_flags.gsub(/D/, '')
    end
  end
end
enable_forcing_password_change() click to toggle source
# File lib/active_samba_ldap/samba_account_entry.rb, line 177
def enable_forcing_password_change
  assert_samba_available
  self.samba_pwd_must_change = "0"
  if /X/ =~ samba_acct_flags.to_s
    self.samba_acct_flags = samba_acct_flags.sub(/X/, '')
  end
  if samba_pwd_last_set.to_i.zero?
    self.samba_pwd_last_set = FAR_FUTURE_TIME
  end
end
enable_password_change() click to toggle source
# File lib/active_samba_ldap/samba_account_entry.rb, line 161
def enable_password_change
  assert_samba_available
  self.samba_pwd_can_change = "0"
end
enabled?() click to toggle source
# File lib/active_samba_ldap/samba_account_entry.rb, line 227
def enabled?
  assert_samba_available
  !disabled?
end
fill_default_values(options={}) click to toggle source
Calls superclass method
# File lib/active_samba_ldap/samba_account_entry.rb, line 88
def fill_default_values(options={})
  result = super
  return result unless samba_available?

  self.samba_logon_time ||= "0"
  self.samba_logoff_time ||= FAR_FUTURE_TIME
  self.samba_kickoff_time ||= nil

  password = options["password"]
  change_samba_password(password) if password
  self.samba_lm_password ||= "XXX"
  self.samba_nt_password ||= "XXX"
  self.samba_pwd_last_set ||= "0"

  account_flags_is_not_set = samba_acct_flags.nil?
  self.samba_acct_flags ||= default_account_flags

  can_change_password = options["can_change_password"]
  if can_change_password
    self.enable_password_change
  elsif account_flags_is_not_set or can_change_password == false
    self.disable_password_change
  end

  must_change_password = options["must_change_password"]
  if must_change_password
    self.enable_forcing_password_change
  elsif account_flags_is_not_set or must_change_password == false
    self.disable_forcing_password_change
  end

  enable_account = options["enable"]
  if enable_account
    self.enable
  elsif account_flags_is_not_set or enable_account == false
    self.disable
  end

  self
end
must_change_password?() click to toggle source
# File lib/active_samba_ldap/samba_account_entry.rb, line 193
def must_change_password?
  assert_samba_available
  !(/X/ =~ samba_acct_flags.to_s or
    samba_pwd_must_change.nil? or
    Time.at(samba_pwd_must_change.to_i) > Time.now)
end
rid() click to toggle source
# File lib/active_samba_ldap/samba_account_entry.rb, line 149
def rid
  assert_samba_available
  Integer(samba_sid.split(/-/).last)
end