s4-classicupgrade: Tests if sam policies exist before trying to import them.

author Wesley Young <wesley@wesleyy.com>

Mon, 13 Aug 2012 01:08:36 +0000 (01:08 +0000)

committer Andrew Bartlett <abartlet@samba.org>

Mon, 13 Aug 2012 22:37:48 +0000 (08:37 +1000)
author Wesley Young <wesley@wesleyy.com>
Mon, 13 Aug 2012 01:08:36 +0000 (01:08 +0000)
committer Andrew Bartlett <abartlet@samba.org>
Mon, 13 Aug 2012 22:37:48 +0000 (08:37 +1000)
diff --git a/source4/scripting/python/samba/upgrade.py b/source4/scripting/python/samba/upgrade.py

index 3779794ab58e60a1349f9755f79a62fd3af5126b..8ce080b52f9381cc98bf4ff34c00c9e1d944a251 100644 (file)
--- a/source4/scripting/python/samba/upgrade.py
+++ b/source4/scripting/python/samba/upgrade.py
@@ -56,30 +56,37 @@ def import_sam_policy(samdb, policy, logger):
  
      m = ldb.Message()
      m.dn = samdb.get_default_basedn()
-    m['a01'] = ldb.MessageElement(str(policy['min password length']),
-        ldb.FLAG_MOD_REPLACE, 'minPwdLength')
-    m['a02'] = ldb.MessageElement(str(policy['password history']),
-        ldb.FLAG_MOD_REPLACE, 'pwdHistoryLength')
-
-    min_pw_age_unix = policy['minimum password age']
-    min_pw_age_nt = int(-min_pw_age_unix * (1e7))
-    m['a03'] = ldb.MessageElement(str(min_pw_age_nt), ldb.FLAG_MOD_REPLACE,
-        'minPwdAge')
-
-    max_pw_age_unix = policy['maximum password age']
-    if max_pw_age_unix == -1 or max_pw_age_unix == 0:
-        max_pw_age_nt = -0x8000000000000000
-    else:
-        max_pw_age_nt = int(-max_pw_age_unix * (1e7))
  
-    m['a04'] = ldb.MessageElement(str(max_pw_age_nt), ldb.FLAG_MOD_REPLACE,
-                                  'maxPwdAge')
+    if 'min password length' in policy:
+        m['a01'] = ldb.MessageElement(str(policy['min password length']),
+            ldb.FLAG_MOD_REPLACE, 'minPwdLength')
+
+    if 'password history' in policy:
+        m['a02'] = ldb.MessageElement(str(policy['password history']),
+            ldb.FLAG_MOD_REPLACE, 'pwdHistoryLength')
+
+    if 'minimum password age' in policy:
+        min_pw_age_unix = policy['minimum password age']
+        min_pw_age_nt = int(-min_pw_age_unix * (1e7))
+        m['a03'] = ldb.MessageElement(str(min_pw_age_nt), ldb.FLAG_MOD_REPLACE,
+            'minPwdAge')
+
+    if 'maximum password age' in policy:
+        max_pw_age_unix = policy['maximum password age']
+        if max_pw_age_unix == -1 or max_pw_age_unix == 0:
+            max_pw_age_nt = -0x8000000000000000
+        else:
+            max_pw_age_nt = int(-max_pw_age_unix * (1e7))
+
+        m['a04'] = ldb.MessageElement(str(max_pw_age_nt), ldb.FLAG_MOD_REPLACE,
+                                      'maxPwdAge')
  
-    lockout_duration_mins = policy['lockout duration']
-    lockout_duration_nt = unix2nttime(lockout_duration_mins * 60)
+    if 'lockout duration' in policy:
+        lockout_duration_mins = policy['lockout duration']
+        lockout_duration_nt = unix2nttime(lockout_duration_mins * 60)
  
-    m['a05'] = ldb.MessageElement(str(lockout_duration_nt),
-        ldb.FLAG_MOD_REPLACE, 'lockoutDuration')
+        m['a05'] = ldb.MessageElement(str(lockout_duration_nt),
+            ldb.FLAG_MOD_REPLACE, 'lockoutDuration')
  
      try:
          samdb.modify(m)
author	Wesley Young <wesley@wesleyy.com>
	Mon, 13 Aug 2012 01:08:36 +0000 (01:08 +0000)
committer	Andrew Bartlett <abartlet@samba.org>
	Mon, 13 Aug 2012 22:37:48 +0000 (08:37 +1000)