sin/samba-mirror
1
0
Fork 0
mirror of https://github.com/samba-team/samba.git synced 2025-08-05 12:22:11 +03:00
Code Activity

s4-provision: Remove hard coded SD for CN=Sites container

Browse Source 
With the fix introduced by Nadya in changeset
622ef6aed8 we are now able to generate
correct SD (at least the same as W2k3R2 with a Forest Level of 2003), so
there is no need for this fix anymore as it makes SDs for Forest Level
2003 and lower incorrect.
This commit is contained in:
Matthieu Patou
2011-06-19 00:16:54 +04:00
committed by Matthieu Patou
parent 05b2d4147a
commit 15637206b9
2 changed files with 0 additions and 16 deletions
Download Patch File Download Diff File Expand all files Collapse all files

15
source4/scripting/python/samba/provision/__init__.py
View File

@ -94,19 +94,6 @@ def setup_path(file):
# "get_schema_descriptor" is located in "schema.py" # "get_schema_descriptor" is located in "schema.py"
def get_sites_descriptor(domain_sid):
sddl = "D:(A;;RPLCLORC;;;AU)" \
"(A;;RPWPCRCCLCLORCWOWDSW;;;EA)" \
"(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;SY)" \
"S:AI(AU;CISA;CCDCSDDT;;;WD)" \
"(OU;CIIOSA;CR;;f0f8ffab-1191-11d0-a060-00aa006c33ed;WD)" \
"(OU;CIIOSA;WP;f30e3bbe-9ff0-11d1-b603-0000f80367c1;bf967ab3-0de6-11d0-a285-00aa003049e2;WD)" \
"(OU;CIIOSA;WP;f30e3bbf-9ff0-11d1-b603-0000f80367c1;bf967ab3-0de6-11d0-a285-00aa003049e2;WD)" \
"(OU;CIIOSA;WP;3e10944c-c354-11d0-aff8-0000f80367c1;b7b13124-b82e-11d0-afee-0000f80367c1;WD)"
sec = security.descriptor.from_sddl(sddl, domain_sid)
return ndr_pack(sec)
def get_config_descriptor(domain_sid): def get_config_descriptor(domain_sid):
sddl = "O:EAG:EAD:(OA;;CR;1131f6aa-9c07-11d1-f79f-00c04fc2dcd2;;ED)" \ sddl = "O:EAG:EAD:(OA;;CR;1131f6aa-9c07-11d1-f79f-00c04fc2dcd2;;ED)" \
"(OA;;CR;1131f6ab-9c07-11d1-f79f-00c04fc2dcd2;;ED)" \ "(OA;;CR;1131f6ab-9c07-11d1-f79f-00c04fc2dcd2;;ED)" \
@ -1318,7 +1305,6 @@ def setup_samdb(path, session_info, provision_backend, lp, names,
samdb.invocation_id = invocationid samdb.invocation_id = invocationid
logger.info("Setting up sam.ldb configuration data") logger.info("Setting up sam.ldb configuration data")
descr = b64encode(get_sites_descriptor(domainsid))
setup_add_ldif(samdb, setup_path("provision_configuration.ldif"), { setup_add_ldif(samdb, setup_path("provision_configuration.ldif"), {
"CONFIGDN": names.configdn, "CONFIGDN": names.configdn,
"NETBIOSNAME": names.netbiosname, "NETBIOSNAME": names.netbiosname,
@ -1330,7 +1316,6 @@ def setup_samdb(path, session_info, provision_backend, lp, names,
"SERVERDN": names.serverdn, "SERVERDN": names.serverdn,
"FOREST_FUNCTIONALITY": str(forestFunctionality), "FOREST_FUNCTIONALITY": str(forestFunctionality),
"DOMAIN_FUNCTIONALITY": str(domainFunctionality), "DOMAIN_FUNCTIONALITY": str(domainFunctionality),
"SITES_DESCRIPTOR": descr
}) })
logger.info("Setting up display specifiers") logger.info("Setting up display specifiers")

1
source4/setup/provision_configuration.ldif
View File

@ -1194,7 +1194,6 @@ dn: CN=Sites,${CONFIGDN}
objectClass: top objectClass: top
objectClass: sitesContainer objectClass: sitesContainer
systemFlags: -2113929216 systemFlags: -2113929216
nTSecurityDescriptor:: ${SITES_DESCRIPTOR}
dn: CN=${DEFAULTSITE},CN=Sites,${CONFIGDN} dn: CN=${DEFAULTSITE},CN=Sites,${CONFIGDN}
objectClass: top objectClass: top