sin/samba-mirror
1
0
Fork 0
mirror of https://github.com/samba-team/samba.git synced 2025-08-03 04:22:09 +03:00
Code Activity

s4 upgradeprovision: additional restyling

Browse Source 
Signed-off-by: Jelmer Vernooij <jelmer@samba.org>
This commit is contained in:
Matthieu Patou
2010-06-15 23:41:39 +04:00
committed by Jelmer Vernooij
parent 423f99172e
commit 9c5f0ed729
1 changed files with 42 additions and 31 deletions
Download Patch File Download Diff File Expand all files Collapse all files

73
source4/scripting/python/samba/upgradehelpers.py
View File

@ -32,10 +32,10 @@ from samba import Ldb, version, ntacls
from samba.dsdb import DS_DOMAIN_FUNCTION_2000 from samba.dsdb import DS_DOMAIN_FUNCTION_2000
from ldb import SCOPE_SUBTREE, SCOPE_ONELEVEL, SCOPE_BASE from ldb import SCOPE_SUBTREE, SCOPE_ONELEVEL, SCOPE_BASE
import ldb import ldb
from samba.provision import ProvisionNames, provision_paths_from_lp,\ from samba.provision import (ProvisionNames, provision_paths_from_lp,
getpolicypath, set_gpo_acl, create_gpo_struct,\ getpolicypath, set_gpo_acl, create_gpo_struct,
FILL_FULL, provision, ProvisioningError,\ FILL_FULL, provision, ProvisioningError,
setsysvolacl setsysvolacl)
from samba.dcerpc import misc, security, xattr from samba.dcerpc import misc, security, xattr
from samba.ndr import ndr_unpack from samba.ndr import ndr_unpack
@ -210,7 +210,9 @@ def find_provision_key_parameters(samdb, secretsdb, idmapdb, paths, smbconf, lp)
names.realm = string.upper(names.realm) names.realm = string.upper(names.realm)
# netbiosname # netbiosname
# Get the netbiosname first (could be obtained from smb.conf in theory) # Get the netbiosname first (could be obtained from smb.conf in theory)
res = secretsdb.search(expression="(flatname=%s)"%names.domain,base="CN=Primary Domains", scope=SCOPE_SUBTREE, attrs=["sAMAccountName"]) res = secretsdb.search(expression="(flatname=%s)" % \
names.domain,base="CN=Primary Domains",
scope=SCOPE_SUBTREE, attrs=["sAMAccountName"])
names.netbiosname = str(res[0]["sAMAccountName"]).replace("$","") names.netbiosname = str(res[0]["sAMAccountName"]).replace("$","")
names.smbconf = smbconf names.smbconf = smbconf
@ -225,23 +227,28 @@ def find_provision_key_parameters(samdb, secretsdb, idmapdb, paths, smbconf, lp)
names.configdn = current[0]["configurationNamingContext"] names.configdn = current[0]["configurationNamingContext"]
configdn = str(names.configdn) configdn = str(names.configdn)
names.schemadn = current[0]["schemaNamingContext"] names.schemadn = current[0]["schemaNamingContext"]
if ldb.Dn(samdb, basedn) != ldb.Dn(samdb, current[0]["defaultNamingContext"][0]): if not (ldb.Dn(samdb, basedn) == (ldb.Dn(samdb,
raise ProvisioningError("basedn in %s (%s) and from %s (%s) is not the same ..." % (paths.samdb, str(current[0]["defaultNamingContext"][0]), paths.smbconf, basedn)) current[0]["defaultNamingContext"][0]))):
raise ProvisioningError(("basedn in %s (%s) and from %s (%s)"
"is not the same ..." % (paths.samdb,
str(current[0]["defaultNamingContext"][0]),
paths.smbconf, basedn)))
names.domaindn=current[0]["defaultNamingContext"] names.domaindn=current[0]["defaultNamingContext"]
names.rootdn=current[0]["rootDomainNamingContext"] names.rootdn=current[0]["rootDomainNamingContext"]
# default site name # default site name
res3 = samdb.search(expression="(objectClass=*)", res3 = samdb.search(expression="(objectClass=*)",
base="CN=Sites,"+configdn, scope=SCOPE_ONELEVEL, attrs=["cn"]) base="CN=Sites," + configdn, scope=SCOPE_ONELEVEL, attrs=["cn"])
names.sitename = str(res3[0]["cn"]) names.sitename = str(res3[0]["cn"])
# dns hostname and server dn # dns hostname and server dn
res4 = samdb.search(expression="(CN=%s)" % names.netbiosname, res4 = samdb.search(expression="(CN=%s)" % names.netbiosname,
base="OU=Domain Controllers,"+basedn, scope=SCOPE_ONELEVEL, attrs=["dNSHostName"]) base="OU=Domain Controllers,%s" % basedn,
names.hostname = str(res4[0]["dNSHostName"]).replace("."+names.dnsdomain,"") scope=SCOPE_ONELEVEL, attrs=["dNSHostName"])
names.hostname = str(res4[0]["dNSHostName"]).replace("." + names.dnsdomain,"")
server_res = samdb.search(expression="serverReference=%s" % res4[0].dn, server_res = samdb.search(expression="serverReference=%s" % res4[0].dn,
attrs=[], base=configdn) attrs=[], base=configdn)
names.serverdn = server_res[0].dn names.serverdn = server_res[0].dn
# invocation id/objectguid # invocation id/objectguid
@ -252,32 +259,34 @@ def find_provision_key_parameters(samdb, secretsdb, idmapdb, paths, smbconf, lp)
names.ntdsguid = str(ndr_unpack(misc.GUID, res5[0]["objectGUID"][0])) names.ntdsguid = str(ndr_unpack(misc.GUID, res5[0]["objectGUID"][0]))
# domain guid/sid # domain guid/sid
res6 = samdb.search(expression="(objectClass=*)",base=basedn, res6 = samdb.search(expression="(objectClass=*)", base=basedn,
scope=SCOPE_BASE, attrs=["objectGUID", scope=SCOPE_BASE, attrs=["objectGUID",
"objectSid","msDS-Behavior-Version" ]) "objectSid","msDS-Behavior-Version" ])
names.domainguid = str(ndr_unpack( misc.GUID,res6[0]["objectGUID"][0])) names.domainguid = str(ndr_unpack(misc.GUID, res6[0]["objectGUID"][0]))
names.domainsid = ndr_unpack( security.dom_sid,res6[0]["objectSid"][0]) names.domainsid = ndr_unpack( security.dom_sid, res6[0]["objectSid"][0])
if (res6[0].get("msDS-Behavior-Version") is None or if res6[0].get("msDS-Behavior-Version") == None or \
int(res6[0]["msDS-Behavior-Version"][0]) < DS_DOMAIN_FUNCTION_2000): int(res6[0]["msDS-Behavior-Version"][0]) < DS_DOMAIN_FUNCTION_2000:
names.domainlevel = DS_DOMAIN_FUNCTION_2000 names.domainlevel = DS_DOMAIN_FUNCTION_2000
else: else:
names.domainlevel = int(res6[0]["msDS-Behavior-Version"][0]) names.domainlevel = int(res6[0]["msDS-Behavior-Version"][0])
# policy guid # policy guid
res7 = samdb.search(expression="(displayName=Default Domain Policy)", res7 = samdb.search(expression="(displayName=Default Domain Policy)",
base="CN=Policies,CN=System,"+basedn, scope=SCOPE_ONELEVEL, base="CN=Policies,CN=System," + basedn,
attrs=["cn","displayName"]) scope=SCOPE_ONELEVEL, attrs=["cn","displayName"])
names.policyid = str(res7[0]["cn"]).replace("{","").replace("}","") names.policyid = str(res7[0]["cn"]).replace("{","").replace("}","")
# dc policy guid # dc policy guid
res8 = samdb.search(expression="(displayName=Default Domain Controllers Policy)", res8 = samdb.search(expression="(displayName=Default Domain Controllers" \
base="CN=Policies,CN=System,"+basedn, scope=SCOPE_ONELEVEL, " Policy)",
attrs=["cn","displayName"]) base="CN=Policies,CN=System," + basedn,
scope=SCOPE_ONELEVEL, attrs=["cn","displayName"])
if len(res8) == 1: if len(res8) == 1:
names.policyid_dc = str(res8[0]["cn"]).replace("{","").replace("}","") names.policyid_dc = str(res8[0]["cn"]).replace("{","").replace("}","")
else: else:
names.policyid_dc = None names.policyid_dc = None
res9 = idmapdb.search(expression="(cn=%s)" % (security.SID_BUILTIN_ADMINISTRATORS), res9 = idmapdb.search(expression="(cn=%s)" % \
attrs=["xidNumber"]) (security.SID_BUILTIN_ADMINISTRATORS),
attrs=["xidNumber"])
if len(res9) == 1: if len(res9) == 1:
names.wheel_gid = res9[0]["xidNumber"] names.wheel_gid = res9[0]["xidNumber"]
else: else:
@ -343,7 +352,7 @@ def dn_sort(x, y):
return ret return ret
else: else:
if i == minimum-1: if i == minimum-1:
assert len1 != len2, "PB PB PB"+" ".join(tab1)+" / "+" ".join(tab2) assert len1!=len2,"PB PB PB" + " ".join(tab1)+" / " + " ".join(tab2)
if len1 > len2: if len1 > len2:
return 1 return 1
else: else:
@ -521,7 +530,8 @@ def update_secrets(newsecrets_ldb, secrets_ldb, messagefunc):
delta = secrets_ldb.msg_diff(empty, reference[0]) delta = secrets_ldb.msg_diff(empty, reference[0])
for att in hashAttrNotCopied.keys(): for att in hashAttrNotCopied.keys():
delta.remove(att) delta.remove(att)
messagefunc(CHANGE, "Entry %s is missing from secrets.ldb" % reference[0].dn) messagefunc(CHANGE, "Entry %s is missing from secrets.ldb" % \
reference[0].dn)
for att in delta: for att in delta:
messagefunc(CHANGE, " Adding attribute %s" % att) messagefunc(CHANGE, " Adding attribute %s" % att)
delta.dn = reference[0].dn delta.dn = reference[0].dn
@ -554,7 +564,8 @@ def update_secrets(newsecrets_ldb, secrets_ldb, messagefunc):
for att in delta: for att in delta:
if att != "dn": if att != "dn":
messagefunc(CHANGE, messagefunc(CHANGE,
"Adding/Changing attribute %s to %s" % (att, current[0].dn)) "Adding/Changing attribute %s to %s" % \
(att, current[0].dn))
delta.dn = current[0].dn delta.dn = current[0].dn
secrets_ldb.modify(delta) secrets_ldb.modify(delta)
@ -588,7 +599,7 @@ def updateOEMInfo(samdb, rootdn):
delta = ldb.Message() delta = ldb.Message()
delta.dn = ldb.Dn(samdb, str(res[0]["dn"])) delta.dn = ldb.Dn(samdb, str(res[0]["dn"]))
delta["oEMInformation"] = ldb.MessageElement(info, ldb.FLAG_MOD_REPLACE, delta["oEMInformation"] = ldb.MessageElement(info, ldb.FLAG_MOD_REPLACE,
"oEMInformation" ) "oEMInformation" )
samdb.modify(delta) samdb.modify(delta)
def update_gpo(paths, samdb, names, lp, message, force=0): def update_gpo(paths, samdb, names, lp, message, force=0):
@ -603,14 +614,14 @@ def update_gpo(paths, samdb, names, lp, message, force=0):
eadbname = lp.get("posix:eadb") eadbname = lp.get("posix:eadb")
if eadbname is not None and eadbname != "": if eadbname is not None and eadbname != "":
try: try:
attribute = samba.xattr_tdb.wrap_getxattr(eadbname, paths.sysvol, attribute = samba.xattr_tdb.wrap_getxattr(eadbname,
xattr.XATTR_NTACL_NAME) paths.sysvol, xattr.XATTR_NTACL_NAME)
except: except:
attribute = samba.xattr_native.wrap_getxattr(paths.sysvol, attribute = samba.xattr_native.wrap_getxattr(paths.sysvol,
xattr.XATTR_NTACL_NAME) xattr.XATTR_NTACL_NAME)
else: else:
attribute = samba.xattr_native.wrap_getxattr(paths.sysvol, attribute = samba.xattr_native.wrap_getxattr(paths.sysvol,
xattr.XATTR_NTACL_NAME) xattr.XATTR_NTACL_NAME)
except: except:
resetacls = 1 resetacls = 1