mirror of
https://github.com/samba-team/samba.git
synced 2025-07-13 08:59:08 +03:00
s4-provision: do a self join for all server types
We need a machine account so the RID allocation code can work. It seems better to use the same code paths for a domain controller and standalone server to avoid testing headaches with little used code.
This commit is contained in:
@ -893,10 +893,7 @@ def setup_samdb(path, setup_path, session_info, provision_backend, lp,
|
||||
samdb.set_opaque_integer("domainControllerFunctionality", domainControllerFunctionality)
|
||||
|
||||
samdb.set_domain_sid(str(domainsid))
|
||||
if serverrole == "domain controller":
|
||||
samdb.set_invocation_id(invocationid)
|
||||
# NOTE: the invocationid for standalone and member server
|
||||
# cases is setup in the sambd_dsdb module init function
|
||||
samdb.set_invocation_id(invocationid)
|
||||
|
||||
message("Adding DomainDN: %s" % names.domaindn)
|
||||
|
||||
@ -952,8 +949,7 @@ def setup_samdb(path, setup_path, session_info, provision_backend, lp,
|
||||
credentials=provision_backend.credentials, lp=lp)
|
||||
samdb.connect(path)
|
||||
samdb.transaction_start()
|
||||
if serverrole == "domain controller":
|
||||
samdb.set_invocation_id(invocationid)
|
||||
samdb.set_invocation_id(invocationid)
|
||||
|
||||
message("Setting up sam.ldb configuration data")
|
||||
setup_add_ldif(samdb, setup_path("provision_configuration.ldif"), {
|
||||
@ -1013,21 +1009,20 @@ def setup_samdb(path, setup_path, session_info, provision_backend, lp,
|
||||
"KRBTGTPASS_B64": b64encode(krbtgtpass),
|
||||
})
|
||||
|
||||
if serverrole == "domain controller":
|
||||
message("Setting up self join")
|
||||
setup_self_join(samdb, names=names, invocationid=invocationid,
|
||||
dnspass=dnspass,
|
||||
machinepass=machinepass,
|
||||
domainsid=domainsid, policyguid=policyguid,
|
||||
policyguid_dc=policyguid_dc,
|
||||
setup_path=setup_path,
|
||||
domainControllerFunctionality=domainControllerFunctionality,
|
||||
ntdsguid=ntdsguid)
|
||||
message("Setting up self join")
|
||||
setup_self_join(samdb, names=names, invocationid=invocationid,
|
||||
dnspass=dnspass,
|
||||
machinepass=machinepass,
|
||||
domainsid=domainsid, policyguid=policyguid,
|
||||
policyguid_dc=policyguid_dc,
|
||||
setup_path=setup_path,
|
||||
domainControllerFunctionality=domainControllerFunctionality,
|
||||
ntdsguid=ntdsguid)
|
||||
|
||||
ntds_dn = "CN=NTDS Settings,CN=%s,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,%s" % (names.hostname, names.domaindn)
|
||||
names.ntdsguid = samdb.searchone(basedn=ntds_dn,
|
||||
attribute="objectGUID", expression="", scope=SCOPE_BASE)
|
||||
assert isinstance(names.ntdsguid, str)
|
||||
ntds_dn = "CN=NTDS Settings,CN=%s,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,%s" % (names.hostname, names.domaindn)
|
||||
names.ntdsguid = samdb.searchone(basedn=ntds_dn,
|
||||
attribute="objectGUID", expression="", scope=SCOPE_BASE)
|
||||
assert isinstance(names.ntdsguid, str)
|
||||
|
||||
except:
|
||||
samdb.transaction_cancel()
|
||||
@ -1146,7 +1141,7 @@ def provision(setup_dir, message, session_info,
|
||||
serverrole = lp.get("server role")
|
||||
|
||||
assert serverrole in ("domain controller", "member server", "standalone")
|
||||
if invocationid is None and serverrole == "domain controller":
|
||||
if invocationid is None:
|
||||
invocationid = str(uuid.uuid4())
|
||||
|
||||
if not os.path.exists(paths.private_dir):
|
||||
|
Reference in New Issue
Block a user