#!/usr/bin/python

import ldap
from ldap.controls import LDAPControl
from samba.dcerpc import security
from samba.ndr import ndr_pack

DN = "CN=WIN7PRO1,CN=Computers,DC=ucs3squid1,DC=qa"
new_sambaSID = "S-1-5-21-1887499772-1669093524-4033992070-1793"

url="ldapi:///var/lib/samba/private/ldap_priv/ldapi"
if url.lower().startswith('ldapi'):
	import urllib
	url = url[0:8] + urllib.quote(url[8:], '')

connection=ldap.initialize(url)
# connection.simple_bind_s('cn=Administrator,cn=users,dc=ucs3squid1,dc=qa', 'univention')

new_objectSid = ndr_pack(security.dom_sid(new_sambaSID))
modlist=[(ldap.MOD_REPLACE, 'objectSid', [new_objectSid])]

LDB_CONTROL_PROVISION_OID = '1.3.6.1.4.1.7165.4.3.16'
controls = [LDAPControl(LDB_CONTROL_PROVISION_OID,criticality=0)]

connection.modify_ext_s(DN, modlist, serverctrls=controls )