From: Rob van der Linde Date: Mon, 19 Feb 2024 01:49:43 +0000 (+1300) Subject: netcmd: models: avoid fetching each user in trustees method X-Git-Tag: tdb-1.4.11~1592 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=cd395558b0294f3c19255ef92f71b5bd66b72fc0;p=thirdparty%2Fsamba.git netcmd: models: avoid fetching each user in trustees method Signed-off-by: Rob van der Linde Reviewed-by: Andrew Bartlett Reviewed-by: Douglas Bagnall --- diff --git a/python/samba/netcmd/domain/models/user.py b/python/samba/netcmd/domain/models/user.py index 78efaf27e64..c4c241b6585 100644 --- a/python/samba/netcmd/domain/models/user.py +++ b/python/samba/netcmd/domain/models/user.py @@ -20,12 +20,10 @@ # along with this program. If not, see . # -from ldb import FLAG_MOD_ADD, Dn +from ldb import Dn -from samba.dcerpc import security from samba.dsdb import (DS_GUID_MANAGED_SERVICE_ACCOUNTS_CONTAINER, DS_GUID_USERS_CONTAINER) -from samba.ndr import ndr_unpack from .fields import (BinaryField, DnField, EnumField, IntegerField, SDDLField, SIDField, StringField, NtTimeField) @@ -122,21 +120,12 @@ class GroupManagedServiceAccount(User): def get_object_class(): return "msDS-GroupManagedServiceAccount" - def trustees(self, ldb): + def trustees(self): """Returns list of trustees from the msDS-GroupMSAMembership SDDL. :return: list of User objects """ - users = [] - field = self.fields["group_msa_membership"] - sddl = self.group_msa_membership - message = field.to_db_value(ldb, sddl, FLAG_MOD_ADD) - desc = ndr_unpack(security.descriptor, message[0]) - - for ace in desc.dacl.aces: - users.append(User.get(ldb, object_sid=ace.trustee)) - - return users + return [str(ace.trustee) for ace in self.group_msa_membership.dacl.aces] @classmethod def find(cls, ldb, name):