sin/samba-mirror
1
0
Fork 0
mirror of https://github.com/samba-team/samba.git synced 2025-01-11 05:18:09 +03:00
Code

Rework to have member server 'domains' be CN=NETBIOSNAME

Browse Source 
This reworks quite a few parts of our provision system to use
CN=NETBIOSNAME as the domain for member servers.

This makes it clear that these domains are not in the DNS structure,
while complying with our own schema (found by OpenLDAP's schema
validation).

Andrew Bartlett
This commit is contained in:
Andrew Bartlett 2008-03-13 11:36:58 +11:00
parent 5a92771fb5
commit bda6a38b05
7 changed files with 49 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
source/dsdb/common/util.c
View File

@ -1464,7 +1464,7 @@ int samdb_search_for_parent_domain(struct ldb_context *ldb, TALLOC_CTX *mem_ctx,
while ((sdn = ldb_dn_get_parent(local_ctx, sdn))) {
ret = ldb_search(ldb, sdn, LDB_SCOPE_BASE,
"(|(objectClass=domain)(objectClass=builtinDomain))", attrs, &res);
"(|(|(objectClass=domain)(objectClass=builtinDomain))(objectClass=samba4LocalDomain))", attrs, &res);
if (ret == LDB_SUCCESS) {
talloc_steal(local_ctx, res);
if (res->count == 1) {

2
source/dsdb/samdb/ldb_modules/password_hash.c
View File

@ -1220,7 +1220,7 @@ static int build_domain_data_request(struct ph_context *ac)
ac->dom_req->op.search.base = ldb_get_default_basedn(ac->module->ldb);
ac->dom_req->op.search.scope = LDB_SCOPE_SUBTREE;
filter = talloc_asprintf(ac->dom_req, "(&(objectSid=%s)(|(objectClass=domain)(objectClass=builtinDomain)))",
filter = talloc_asprintf(ac->dom_req, "(&(objectSid=%s)(|(|(objectClass=domain)(objectClass=builtinDomain))(objectClass=samba4LocalDomain)))",
ldap_encode_ndr_dom_sid(ac->dom_req, ac->domain_sid));
if (filter == NULL) {
ldb_debug(ac->module->ldb, LDB_DEBUG_ERROR, "Out of Memory!\n");

2
source/rpc_server/samr/dcesrv_samr.c
View File

@ -425,7 +425,7 @@ static NTSTATUS dcesrv_samr_OpenDomain(struct dcesrv_call_state *dce_call, TALLO
ret = gendb_search(c_state->sam_ctx,
mem_ctx, NULL, &dom_msgs, dom_attrs,
"(&(objectSid=%s)(&(|(objectclass=domain)(objectClass=builtinDomain))))",
"(&(objectSid=%s)(|(|(objectClass=domain)(objectClass=builtinDomain))(objectClass=samba4LocalDomain)))",
ldap_encode_ndr_dom_sid(mem_ctx, r->in.sid));
if (ret == 0) {
return NT_STATUS_NO_SUCH_DOMAIN;

6
source/scripting/python/samba/provision.py
View File

@ -763,9 +763,15 @@ def setup_samdb(path, setup_path, session_info, credentials, lp,
try:
message("Adding DomainDN: %s (permitted to fail)" % names.domaindn)
if serverrole == "domain controller":
domain_oc = "domainDNS"
else:
domain_oc = "samba4LocalDomain"
setup_add_ldif(samdb, setup_path("provision_basedn.ldif"), {
"DOMAINDN": names.domaindn,
"ACI": aci,
"DOMAIN_OC": domain_oc
})
message("Modifying DomainDN: " + names.domaindn + "")

2
source/selftest/target/Samba4.pm
View File

@ -544,7 +544,7 @@ sub provision($$$$$$)
my $localbasedn = $basedn;
$localbasedn = "DC=$netbiosname" if $server_role eq "member server";
$localbasedn = "CN=$netbiosname" if $server_role eq "member server";
open(CONFFILE, ">$conffile");
print CONFFILE "

3
source/setup/provision_basedn.ldif
View File

@ -3,7 +3,6 @@
################################
dn: ${DOMAINDN}
objectClass: top
objectClass: domain
objectClass: domainDNS
objectClass: ${DOMAIN_OC}
${ACI}

38
source/setup/schema_samba4.ldif
View File

@ -194,3 +194,41 @@ attributeID: 1.3.6.1.4.1.7165.4.1.11
attributeSyntax: 2.5.5.4
oMSyntax: 20
#
# Based on domainDNS, but without the DNS bits.
#
dn: CN=Samba4-Local-Domain,${SCHEMADN}
objectClass: top
objectClass: classSchema
subClassOf: top
governsID: 1.3.6.1.4.1.7165.4.2.2
possibleInferiors: group
possibleInferiors: lostAndFound
possibleInferiors: builtinDomain
possibleInferiors: computer
possibleInferiors: user
possibleInferiors: container
possibleInferiors: groupPolicyContainer
possibleInferiors: organization
possibleInferiors: domainDNS
possibleInferiors: locality
possibleInferiors: msDS-AzAdminManager
possibleInferiors: country
possibleInferiors: organizationalUnit
rDNAttID: cn
showInAdvancedViewOnly: TRUE
adminDisplayName: Samba4-Local-Domain
adminDescription: Samba4-Local-Domain
systemMayContain: msDS-Behavior-Version
systemMayContain: managedBy
objectClassCategory: 1
lDAPDisplayName: samba4LocalDomain
schemaIDGUID: 07be1647-8310-4fba-91ae-34e55d5a8293
systemOnly: FALSE
systemAuxiliaryClass: samDomainBase
defaultSecurityDescriptor: D:(A;;RPLCLORC;;;DA)(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;SY)(A;;RPLCLORC;;;AU)
systemFlags: 16
defaultHidingValue: TRUE
defaultObjectCategory: CN=Builtin-Domain,${SCHEMADN}