"Default: user,group,computer"),
default="user,group,computer",
type=str),
+ Option("--member-base-dn",
+ help=("Base DN for group member search.\n"
+ "Default is the domain DN."),
+ type=str),
]
takes_args = ["groupname", "listofmembers?"]
sambaopts=None,
versionopts=None,
H=None,
+ member_base_dn=None,
member_dn=None,
object_types="user,group,computer"):
groupmembers += listofmembers.split(',')
group_member_types = object_types.split(',')
+ if member_base_dn is not None:
+ member_base_dn = samdb.normalize_dn_in_domain(member_base_dn)
+
samdb.add_remove_group_members(groupname, groupmembers,
add_members_operation=True,
- member_types=group_member_types)
+ member_types=group_member_types,
+ member_base_dn=member_base_dn)
except Exception as e:
# FIXME: catch more specific exception
raise CommandError('Failed to add members %r to group "%s"' % (
"Default: user,group,computer"),
default="user,group,computer",
type=str),
+ Option("--member-base-dn",
+ help=("Base DN for group member search.\n"
+ "Default is the domain DN."),
+ type=str),
]
takes_args = ["groupname", "listofmembers?"]
sambaopts=None,
versionopts=None,
H=None,
+ member_base_dn=None,
member_dn=None,
object_types="user,group,computer"):
groupmembers += listofmembers.split(',')
group_member_types = object_types.split(',')
+ if member_base_dn is not None:
+ member_base_dn = samdb.normalize_dn_in_domain(member_base_dn)
+
samdb.add_remove_group_members(groupname,
groupmembers,
add_members_operation=False,
- member_types=group_member_types)
+ member_types=group_member_types,
+ member_base_dn=member_base_dn)
except Exception as e:
# FIXME: Catch more specific exception
raise CommandError('Failed to remove members %r from group "%s"' % (listofmembers, groupname), e)
def add_remove_group_members(self, groupname, members,
add_members_operation=True,
- member_types=[ 'user', 'group', 'computer' ]):
+ member_types=[ 'user', 'group', 'computer' ],
+ member_base_dn=None):
"""Adds or removes group members
:param groupname: Name of the target group
for member in members:
targetmember_dn = None
+ if member_base_dn is None:
+ member_base_dn = self.domain_dn()
try:
membersid = security.dom_sid(member)
if targetmember_dn is None:
filter = self.group_member_filter(member, member_types)
- targetmember = self.search(base=self.domain_dn(),
+ targetmember = self.search(base=member_base_dn,
scope=ldb.SCOPE_SUBTREE,
expression=filter,
attrs=[])