s4-provision permit server role to be the ROLE_ strings from s3

Also convert between the aliases in one single place.

Andrew Bartlett

Pair-Programmed-With: Amitay Isaacs <amitay@samba.org>

source4/scripting/python/samba/provision/__init__.py

@@ -1651,6 +1651,22 @@ def provision(logger, session_info, credentials, smbconf=None,
     :note: caution, this wipes all existing data!
     """
 
+    roles = {}
+    roles["ROLE_STANDALONE"] = "standalone"
+    roles["ROLE_DOMAIN_MEMBER"] = "member server"
+    roles["ROLE_DOMAIN_BDC"] = "domain controller"
+    roles["ROLE_DOMAIN_PDC"] = "domain controller"
+    roles["dc"] = "domain controller"
+    roles["member"] = "member server"
+    roles["domain controller"] = "domain controller"
+    roles["member server"] = "member server"
+    roles["standalone"] = "standalone"
+
+    try:
+        serverrole = roles[serverrole]
+    except KeyError:
+        raise ProvisioningError('server role (%s) should be one of "domain controller", "member server", "standalone"' % serverrole)
+
     if ldapadminpass is None:
         # Make a new, random password between Samba and it's LDAP server
         ldapadminpass=samba.generate_random_password(128, 255)
@@ -1742,8 +1758,6 @@ def provision(logger, session_info, credentials, smbconf=None,
     if serverrole is None:
         serverrole = lp.get("server role")
 
-    assert serverrole in ("domain controller", "member server", "standalone")
-
     if not os.path.exists(paths.private_dir):
         os.mkdir(paths.private_dir)
     if not os.path.exists(os.path.join(paths.private_dir, "tls")):

source4/scripting/python/samba/upgrade.py

@@ -463,14 +463,7 @@ def upgrade_from_samba3(samba3, logger, targetdir, session_info=None, useeadb=Fa
     :param targetdir: samba4 database directory
     :param session_info: Session information
     """
-
-    if samba3.lp.get("domain logons"):
-        serverrole = "domain controller"
-    else:
-        if samba3.lp.get("security") == "user":
-            serverrole = "standalone"
-        else:
-            serverrole = "member server"
+    serverrole = samba3.lp.server_role()
 
     domainname = samba3.lp.get("workgroup")
     realm = samba3.lp.get("realm")
@@ -488,7 +481,7 @@ def upgrade_from_samba3(samba3, logger, targetdir, session_info=None, useeadb=Fa
                 domainname)
 
     if not realm:
-        if serverrole == "domain controller":
+        if serverrole == "ROLE_DOMAIN_BDC" or serverrole == "ROLE_DOMAIN_PDC":
             raise ProvisioningError("No realm specified in smb.conf file and being a DC. That upgrade path doesn't work! Please add a 'realm' directive to your old smb.conf to let us know which one you want to use (it is the DNS name of the AD domain you wish to create.")
         else:
             realm = domainname.upper()
@@ -632,7 +625,7 @@ Please fix this account before attempting to upgrade again
             logger.error("   %s" % str(sid))
         raise ProvisioningError("Please remove duplicate sid entries before upgrade.")
 
-    if serverrole == "domain controller":
+    if serverrole == "ROLE_DOMAIN_BDC" or serverrole == "ROLE_DOMAIN_PDC":
         dns_backend = "BIND9_FLATFILE"
     else:
         dns_backend = "NONE"

source4/setup/provision

@@ -187,12 +187,7 @@ if not opts.adminpass:
 lp = sambaopts.get_loadparm()
 smbconf = lp.configfile
 
-if opts.server_role == "dc":
-    server_role = "domain controller"
-elif opts.server_role == "member":
-    server_role = "member server"
-else:
-    server_role = opts.server_role
+server_role = opts.server_role
 
 if server_role is None:
     server_role = "domain controller"