-
Notifications
You must be signed in to change notification settings - Fork 18
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Adcli: adding class and methods for adcli
Adding adcli class, and methods including info, discovery, join
- Loading branch information
1 parent
7bcb65e
commit 1052062
Showing
1 changed file
with
198 additions
and
0 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,198 @@ | ||
| """Perform actions on Active Directory.""" | ||
|
|
||
| from __future__ import annotations | ||
|
|
||
| from pytest_mh import MultihostHost, MultihostUtility | ||
| from pytest_mh.cli import CLIBuilder, CLIBuilderArgs | ||
| from pytest_mh.conn import ProcessResult | ||
| from pytest_mh.utils.fs import LinuxFileSystem | ||
|
|
||
| __all__ = [ | ||
| "ADCLIUtils", | ||
| ] | ||
|
|
||
|
|
||
| class ADCLI(MultihostUtility[MultihostHost]): | ||
| """ | ||
| Call commands from adcli | ||
| """ | ||
|
|
||
| def __init__(self, host: MultihostHost, fs: LinuxFileSystem) -> None: | ||
| super().__init__(host) | ||
|
|
||
| self.cli: CLIBuilder = self.host.cli | ||
| """Command line builder.""" | ||
|
|
||
| self.fs: LinuxFileSystem = fs | ||
| """Filesystem utils.""" | ||
|
|
||
| def _info( | ||
| self, | ||
| *, | ||
| domain: str | None = None, | ||
| domain_controller: str | None, | ||
| ) -> str: | ||
| """ | ||
| Call ``adcli info `` with given arguments. | ||
| :param domain: Displays discovered information about an Active Directory domain, defaults to None | ||
| :type domain: str | None, | ||
| :param domain_controller: Domain controller to connect, defaults to None | ||
| :type domain_controller: str | None, optional | ||
| """ | ||
| args: CLIBuilderArgs = { | ||
| "domain": (self.cli.option.VALUE, domain), | ||
| "domain_controller": (self.cli.option.VALUE, domain_controller), | ||
| } | ||
|
|
||
| self.host.conn.exec(["adcli", "info"] + self.cli.args(args)) | ||
|
|
||
| def _testjoin( | ||
| self, | ||
| *, | ||
| domain: str| None = None, | ||
| domain_controller: str| None = None, | ||
| host_keytab: str| None = None, | ||
| ) -> str: | ||
| """ | ||
| call ``adcli testjoin `` with given arguments. | ||
| :param domain: Target Active Directory domain, defaults to None | ||
| :type domain: str | None, optional | ||
| :param domain_controller: Domain controller to connect | ||
| :type domain_controller: str | None, optional | ||
| """ | ||
| args: CLIBuilderArgs = { | ||
| "domain": (self.cli.option.VALUE, domain), | ||
| "domain_controller": (self.cli.option.VALUE, domain_controller), | ||
| "host_keytab": (self.cli.option.VALUE, host_keytab), | ||
| } | ||
| self.host.conn.exec(["adcli", "testjoin"] + self.cli.args(args)) | ||
|
|
||
| def _join( | ||
| self, | ||
| *, | ||
| domain: str| None = None, | ||
| domain_controller: str| None = None, | ||
| domain_realm: str| None = None, | ||
| host_fqdn: str| None = None, | ||
| host_keytab: str| None = None, | ||
| computer_name: str| None = None, | ||
| login_ccache: str| None = None, | ||
| login_user: str| None = None, | ||
| login_type: str| None = None, | ||
| domain_ou: str| None = None, | ||
| service_name: str| None = None, | ||
| os_name: str| None = None, | ||
| os_version: str| None = None, | ||
| os_service_pack: str| None = None, | ||
| user_principal: str| None = None, | ||
| trusted_for_delegation: str| None = None, | ||
| dont_expire_password: str| None = None, | ||
| add_service_principal: str| None = None, | ||
| description: str| None = None, | ||
| setattrs: str| None = None, | ||
| no_password: str| None = None, | ||
| promp_password: str| None = None, | ||
| stdin_password: str| None = None, | ||
| one_time_password: str| None = None, | ||
| show_password: str| None = None, | ||
| show_details: str| None = None, | ||
| add_samba_data: str| None = None, | ||
| samba_data_tool: str| None = None, | ||
| ldap_passwd: str| None = None, | ||
| ) -> str: | ||
| """ | ||
| call ``adcli join`` with given arguments. | ||
| :param domain: Target Active Directory domain, defaults to None | ||
| :type domain: str | None, optional | ||
| :param domain_controller: Domain controller to connect | ||
| :type domain_controller: str | None, optional | ||
| :param domain_realm: kerberos realm for domain | ||
| :type domain_realm: str | None, optional | ||
| :param host_fqdn: override FQDN of local machine | ||
| :type host_fqdn: str | None, optional | ||
| :param host_keytab: filename for the host kerberos keytab | ||
| :type host_keytab: str | None, optional | ||
| :param computer_name: override the netbios short name of the local machine | ||
| :type computer_name: str | None, optional | ||
| :param login_ccache: kerberos credential cache file containing ticket to used to coneect to domain | ||
| :type login_ccache: str | None, optional | ||
| :param login_user: user (usually administrative) login name of the account to log into the domain as | ||
| :type login_user: str | None, optional | ||
| :param login_type: restrict type of login allowed when connecting to the domain, either 'computer' or 'user' | ||
| :type login_type: str | None, optional | ||
| :param domain_ou: a LDAP DN representing an organizational unit in whichthe computer account should be placed | ||
| :type domain_ou: str| None = None, optional | ||
| :param service_name: additional service name for a kerberos service principal to be created on the account | ||
| :type service_name: str| None = None, optional | ||
| :param os_name: the computer operating system name | ||
| :type os_name: str| None = None, optional | ||
| :param os_version: the computer operating system version | ||
| :type os_version: str| None = None, optional | ||
| :param os_service_pack: the computer operating system service pack | ||
| :type os_service_pack: str| None = None, optional | ||
| :param user_principal: add an authentication principal to the account | ||
| :type user_principal: str| None = None, optional | ||
| :param trusted_for_delegation: set/unset the TRUSTED_FOR_DELEGATION flag in the userAccountControl attribute | ||
| :type trusted_for_delegation: str| None = None, optional | ||
| :param dont_expire_password: set/unset the DONT_EXPIRE_PASSWORD flag in the userAccountControl attribute | ||
| :type dont_expire_password: str| None = None, optional | ||
| :param add_service_principal: add the given service principal to the account | ||
| :type add_service_principal: str| None = None, optional | ||
| :param description: add a description to the account | ||
| :type description: str| None = None, optional | ||
| :param setattrs: add an attribute with a value | ||
| :type setattrs: str| None = None, optional | ||
| :param no_password: don't prompt for or read a password | ||
| :type no_password: str| None = None, optional | ||
| :param promp_password: prompt for a password if necessary | ||
| :type promp_password: str| None = None, optional | ||
| :param stdin_password: read a password from stdin (until EOF) if necessary | ||
| :type stdin_password: str| None = None, optional | ||
| :param one_time_password: password to use for the preset computer account | ||
| :type one_time_password: str| None = None, optional | ||
| :param show_password: show computer account password after a successful join | ||
| :type show_password: str| None = None, optional | ||
| :param show_details: show information about joining the domain after a successful join | ||
| :type show_details: str| None = None, optional | ||
| :param add_samba_data: add domain SID and computer account password to the Samba specific configuration database | ||
| :type add_samba_data: str| None = None, optional | ||
| :param samba_data_tool: Absolute path to the tool used for add-samba-data | ||
| :type samba_data_tool: str| None = None, optional | ||
| :param ldap-password: Use LDAP add/mod operations to set/change password, defaults to None | ||
| :type ldap-password: str | None, optional | ||
| """ | ||
| args: CLIBuilderArgs = { | ||
| "domain": (self.cli.option.VALUE, domain), | ||
| "domain-controller": (self.cli.option.VALUE, domain_controller), | ||
| "host-keytab": (self.cli.option.VALUE, host_keytab), | ||
| "host-fqdn": (self.cli.option.VALUE, host_fqdn), | ||
| "computer-name": (self.cli.option.VALUE, computer_name), | ||
| "login-ccache": (self.cli.option.VALUE, login_ccache), | ||
| "login-user": (self.cli.option.VALUE, login_user), | ||
| "login-type": (self.cli.option.VALUE, login_type), | ||
| "domain-ou": (self.cli.option.VALUE, domain_ou), | ||
| "service-name": (self.cli.option.VALUE, service_name), | ||
| "os-name": (self.cli.option.VALUE, os_name), | ||
| "os-version": (self.cli.option.VALUE, os_version), | ||
| "os-service-pack": (self.cli.option.VALUE, os_service_pack), | ||
| "user-principal": (self.cli.option.VALUE, user_principal), | ||
| "trusted-for-delegation": (self.cli.option.VALUE, trusted_for_delegation), | ||
| "dont-expire-password": (self.cli.option.VALUE, dont_expire_password), | ||
| "add-service-principal": (self.cli.option.VALUE, add_service_principal), | ||
| "description": (self.cli.option.VALUE, description), | ||
| "setattrs": (self.cli.option.VALUE, setattrs), | ||
| "no-password": (self.cli.option.VALUE, no_password), | ||
| "prompt-password": (self.cli.option.VALUE, promp_password), | ||
| "stdin-password": (self.cli.option.VALUE, stdin_password), | ||
| "one-time-password": (self.cli.option.VALUE, one_time_password), | ||
| "show-password": (self.cli.option.VALUE, show_password), | ||
| "show-details": (self.cli.option.VALUE, show_details), | ||
| "add-samba-data": (self.cli.option.VALUE, add_samba_data), | ||
| "samba-data-tool": (self.cli.option.VALUE, samba_data_tool), | ||
| "ldap-passwd": (self.cli.option.VALUE, ldap_passwd), | ||
| } | ||
| self.host.conn.exec(["adcli", "join"] + self.cli.args(args)) | ||
|
|