(self, user_name, enable)
| 369 | self.toggle_account_enable_disable(username, True) |
| 370 | |
| 371 | def toggle_account_enable_disable(self, user_name, enable): |
| 372 | UF_ACCOUNT_DISABLE = 2 |
| 373 | self.client.search(self.domain_dumper.root, '(sAMAccountName=%s)' % escape_filter_chars(user_name), attributes=['objectSid', 'userAccountControl']) |
| 374 | |
| 375 | if len(self.client.entries) != 1: |
| 376 | raise Exception("Error expected only one search result got %d results", len(self.client.entries)) |
| 377 | |
| 378 | user_dn = self.client.entries[0].entry_dn |
| 379 | if not user_dn: |
| 380 | raise Exception("User not found in LDAP: %s" % user_name) |
| 381 | |
| 382 | entry = self.client.entries[0] |
| 383 | userAccountControl = entry["userAccountControl"].value |
| 384 | |
| 385 | print("Original userAccountControl: %d" % userAccountControl) |
| 386 | |
| 387 | if enable: |
| 388 | userAccountControl = userAccountControl & ~UF_ACCOUNT_DISABLE |
| 389 | else: |
| 390 | userAccountControl = userAccountControl | UF_ACCOUNT_DISABLE |
| 391 | |
| 392 | self.client.modify(user_dn, {'userAccountControl':(ldap3.MODIFY_REPLACE, [userAccountControl])}) |
| 393 | |
| 394 | if self.client.result['result'] == 0: |
| 395 | print("Updated userAccountControl attribute successfully") |
| 396 | else: |
| 397 | if self.client.result['result'] == 50: |
| 398 | raise Exception('Could not modify object, the server reports insufficient rights: %s', self.client.result['message']) |
| 399 | elif self.client.result['result'] == 19: |
| 400 | raise Exception('Could not modify object, the server reports a constrained violation: %s', self.client.result['message']) |
| 401 | else: |
| 402 | raise Exception('The server returned an error: %s', self.client.result['message']) |
| 403 | |
| 404 | def do_search(self, line): |
| 405 | arguments = shlex.split(line) |
no test coverage detected