mirror of
https://github.com/samba-team/samba.git
synced 2024-12-22 13:34:15 +03:00
python: Use the security.dom_sid type for ctx.domsid in join.py and provision
Change-Id: I1266f77184d68aae6a39a73bac8a432fdd707b2e Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org> Reviewed-By: Jelmer Vernooij <jelmer@samba.org>
This commit is contained in:
parent
c9f613f60d
commit
964e412ead
@ -94,7 +94,7 @@ class dc_join(object):
|
||||
ctx.root_dn = str(ctx.samdb.get_root_basedn())
|
||||
ctx.schema_dn = str(ctx.samdb.get_schema_basedn())
|
||||
ctx.config_dn = str(ctx.samdb.get_config_basedn())
|
||||
ctx.domsid = ctx.samdb.get_domain_sid()
|
||||
ctx.domsid = security.dom_sid(ctx.samdb.get_domain_sid())
|
||||
ctx.forestsid = ctx.domsid
|
||||
ctx.domain_name = ctx.get_domain_name()
|
||||
ctx.forest_domain_name = ctx.get_forest_domain_name()
|
||||
@ -372,7 +372,7 @@ class dc_join(object):
|
||||
|
||||
def create_tmp_samdb(ctx):
|
||||
'''create a temporary samdb object for schema queries'''
|
||||
ctx.tmp_schema = Schema(security.dom_sid(ctx.domsid),
|
||||
ctx.tmp_schema = Schema(ctx.domsid,
|
||||
schemadn=ctx.schema_dn)
|
||||
ctx.tmp_samdb = SamDB(session_info=system_session(), url=None, auto_connect=False,
|
||||
credentials=ctx.creds, lp=ctx.lp, global_schema=False,
|
||||
@ -924,7 +924,7 @@ class dc_join(object):
|
||||
realm=ctx.realm,
|
||||
dnsdomain=ctx.dnsdomain,
|
||||
netbiosname=ctx.myname,
|
||||
domainsid=security.dom_sid(ctx.domsid),
|
||||
domainsid=ctx.domsid,
|
||||
machinepass=ctx.acct_pass,
|
||||
secure_channel_type=ctx.secure_channel_type,
|
||||
key_version_number=ctx.key_version_number)
|
||||
@ -967,7 +967,7 @@ class dc_join(object):
|
||||
info = lsa.TrustDomainInfoInfoEx()
|
||||
info.domain_name.string = ctx.dnsdomain
|
||||
info.netbios_name.string = ctx.domain_name
|
||||
info.sid = security.dom_sid(ctx.domsid)
|
||||
info.sid = ctx.domsid
|
||||
info.trust_direction = lsa.LSA_TRUST_DIRECTION_INBOUND | lsa.LSA_TRUST_DIRECTION_OUTBOUND
|
||||
info.trust_type = lsa.LSA_TRUST_TYPE_UPLEVEL
|
||||
info.trust_attributes = lsa.LSA_TRUST_ATTRIBUTE_WITHIN_FOREST
|
||||
@ -1210,7 +1210,7 @@ def join_subdomain(logger=None, server=None, creds=None, lp=None, site=None,
|
||||
|
||||
ctx.base_dn = samba.dn_from_dns_name(dnsdomain)
|
||||
ctx.forestsid = ctx.domsid
|
||||
ctx.domsid = str(security.random_sid())
|
||||
ctx.domsid = security.random_sid()
|
||||
ctx.acct_dn = None
|
||||
ctx.dnshostname = "%s.%s" % (ctx.myname.lower(), ctx.dnsdomain)
|
||||
ctx.trustdom_pass = samba.generate_random_password(128, 128)
|
||||
|
@ -35,6 +35,7 @@ from samba.join import join_RODC, join_DC, join_subdomain
|
||||
from samba.auth import system_session
|
||||
from samba.samdb import SamDB
|
||||
from samba.dcerpc import drsuapi
|
||||
from samba.dcerpc import security
|
||||
from samba.dcerpc.samr import DOMAIN_PASSWORD_COMPLEX, DOMAIN_PASSWORD_STORE_CLEARTEXT
|
||||
from samba.netcmd import (
|
||||
Command,
|
||||
@ -406,6 +407,9 @@ class cmd_domain_provision(Command):
|
||||
if ldap_backend_forced_uri is not None:
|
||||
self.logger.warn("You have specified to use an fixed URI %s for connecting to your LDAP server backend. This is NOT RECOMMENDED, as our default communiation over ldapi:// is more secure and much less")
|
||||
|
||||
if domain_sid is not None:
|
||||
domain_sid = security.dom_sid(domain_sid)
|
||||
|
||||
session = system_session()
|
||||
try:
|
||||
result = provision(self.logger,
|
||||
|
@ -1956,8 +1956,6 @@ def provision(logger, session_info, smbconf=None,
|
||||
|
||||
if domainsid is None:
|
||||
domainsid = security.random_sid()
|
||||
else:
|
||||
domainsid = security.dom_sid(domainsid)
|
||||
|
||||
root_uid = findnss_uid([root or "root"])
|
||||
nobody_uid = findnss_uid([nobody or "nobody"])
|
||||
|
@ -725,7 +725,7 @@ Please fix this account before attempting to upgrade again
|
||||
# Do full provision
|
||||
result = provision(logger, session_info,
|
||||
targetdir=targetdir, realm=realm, domain=domainname,
|
||||
domainsid=str(domainsid), next_rid=next_rid,
|
||||
domainsid=domainsid, next_rid=next_rid,
|
||||
dc_rid=machinerid, adminpass = adminpass,
|
||||
dom_for_fun_level=dsdb.DS_DOMAIN_FUNCTION_2003,
|
||||
hostname=netbiosname.lower(), machinepass=machinepass,
|
||||
|
@ -246,7 +246,7 @@ def newprovision(names, session, smbconf, provdir, logger):
|
||||
return provision(logger, session, smbconf=smbconf,
|
||||
targetdir=provdir, samdb_fill=FILL_FULL, realm=names.realm,
|
||||
domain=names.domain, domainguid=names.domainguid,
|
||||
domainsid=str(names.domainsid), ntdsguid=names.ntdsguid,
|
||||
domainsid=names.domainsid, ntdsguid=names.ntdsguid,
|
||||
policyguid=names.policyid, policyguid_dc=names.policyid_dc,
|
||||
hostname=names.netbiosname.lower(), hostip=None, hostip6=None,
|
||||
invocationid=names.invocation, adminpass=names.adminpass,
|
||||
|
Loading…
Reference in New Issue
Block a user