1
0
mirror of https://github.com/samba-team/samba.git synced 2024-12-22 13:34:15 +03:00

python: Use the security.dom_sid type for ctx.domsid in join.py and provision

Change-Id: I1266f77184d68aae6a39a73bac8a432fdd707b2e
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Reviewed-By: Jelmer Vernooij <jelmer@samba.org>
This commit is contained in:
Andrew Bartlett 2014-08-11 11:23:57 +12:00
parent c9f613f60d
commit 964e412ead
5 changed files with 11 additions and 9 deletions

View File

@ -94,7 +94,7 @@ class dc_join(object):
ctx.root_dn = str(ctx.samdb.get_root_basedn())
ctx.schema_dn = str(ctx.samdb.get_schema_basedn())
ctx.config_dn = str(ctx.samdb.get_config_basedn())
ctx.domsid = ctx.samdb.get_domain_sid()
ctx.domsid = security.dom_sid(ctx.samdb.get_domain_sid())
ctx.forestsid = ctx.domsid
ctx.domain_name = ctx.get_domain_name()
ctx.forest_domain_name = ctx.get_forest_domain_name()
@ -372,7 +372,7 @@ class dc_join(object):
def create_tmp_samdb(ctx):
'''create a temporary samdb object for schema queries'''
ctx.tmp_schema = Schema(security.dom_sid(ctx.domsid),
ctx.tmp_schema = Schema(ctx.domsid,
schemadn=ctx.schema_dn)
ctx.tmp_samdb = SamDB(session_info=system_session(), url=None, auto_connect=False,
credentials=ctx.creds, lp=ctx.lp, global_schema=False,
@ -924,7 +924,7 @@ class dc_join(object):
realm=ctx.realm,
dnsdomain=ctx.dnsdomain,
netbiosname=ctx.myname,
domainsid=security.dom_sid(ctx.domsid),
domainsid=ctx.domsid,
machinepass=ctx.acct_pass,
secure_channel_type=ctx.secure_channel_type,
key_version_number=ctx.key_version_number)
@ -967,7 +967,7 @@ class dc_join(object):
info = lsa.TrustDomainInfoInfoEx()
info.domain_name.string = ctx.dnsdomain
info.netbios_name.string = ctx.domain_name
info.sid = security.dom_sid(ctx.domsid)
info.sid = ctx.domsid
info.trust_direction = lsa.LSA_TRUST_DIRECTION_INBOUND | lsa.LSA_TRUST_DIRECTION_OUTBOUND
info.trust_type = lsa.LSA_TRUST_TYPE_UPLEVEL
info.trust_attributes = lsa.LSA_TRUST_ATTRIBUTE_WITHIN_FOREST
@ -1210,7 +1210,7 @@ def join_subdomain(logger=None, server=None, creds=None, lp=None, site=None,
ctx.base_dn = samba.dn_from_dns_name(dnsdomain)
ctx.forestsid = ctx.domsid
ctx.domsid = str(security.random_sid())
ctx.domsid = security.random_sid()
ctx.acct_dn = None
ctx.dnshostname = "%s.%s" % (ctx.myname.lower(), ctx.dnsdomain)
ctx.trustdom_pass = samba.generate_random_password(128, 128)

View File

@ -35,6 +35,7 @@ from samba.join import join_RODC, join_DC, join_subdomain
from samba.auth import system_session
from samba.samdb import SamDB
from samba.dcerpc import drsuapi
from samba.dcerpc import security
from samba.dcerpc.samr import DOMAIN_PASSWORD_COMPLEX, DOMAIN_PASSWORD_STORE_CLEARTEXT
from samba.netcmd import (
Command,
@ -406,6 +407,9 @@ class cmd_domain_provision(Command):
if ldap_backend_forced_uri is not None:
self.logger.warn("You have specified to use an fixed URI %s for connecting to your LDAP server backend. This is NOT RECOMMENDED, as our default communiation over ldapi:// is more secure and much less")
if domain_sid is not None:
domain_sid = security.dom_sid(domain_sid)
session = system_session()
try:
result = provision(self.logger,

View File

@ -1956,8 +1956,6 @@ def provision(logger, session_info, smbconf=None,
if domainsid is None:
domainsid = security.random_sid()
else:
domainsid = security.dom_sid(domainsid)
root_uid = findnss_uid([root or "root"])
nobody_uid = findnss_uid([nobody or "nobody"])

View File

@ -725,7 +725,7 @@ Please fix this account before attempting to upgrade again
# Do full provision
result = provision(logger, session_info,
targetdir=targetdir, realm=realm, domain=domainname,
domainsid=str(domainsid), next_rid=next_rid,
domainsid=domainsid, next_rid=next_rid,
dc_rid=machinerid, adminpass = adminpass,
dom_for_fun_level=dsdb.DS_DOMAIN_FUNCTION_2003,
hostname=netbiosname.lower(), machinepass=machinepass,

View File

@ -246,7 +246,7 @@ def newprovision(names, session, smbconf, provdir, logger):
return provision(logger, session, smbconf=smbconf,
targetdir=provdir, samdb_fill=FILL_FULL, realm=names.realm,
domain=names.domain, domainguid=names.domainguid,
domainsid=str(names.domainsid), ntdsguid=names.ntdsguid,
domainsid=names.domainsid, ntdsguid=names.ntdsguid,
policyguid=names.policyid, policyguid_dc=names.policyid_dc,
hostname=names.netbiosname.lower(), hostip=None, hostip6=None,
invocationid=names.invocation, adminpass=names.adminpass,