sin/samba-mirror
1
0
Fork 0
mirror of https://github.com/samba-team/samba.git synced 2025-03-27 22:50:26 +03:00
Code

s4-s3upgrade: improve idmap import to use posixAccount and posixGroup entries

Browse Source
This commit is contained in:
Andrew Bartlett 2012-06-10 20:42:25 +10:00
parent 3c65bac0b6
commit d0b60f02dd
1 changed files with 32 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

34
source4/scripting/python/samba/upgrade.py
View File

@ -85,6 +85,36 @@ def import_sam_policy(samdb, policy, logger):
logger.warn("Could not set account policy, (%s)", str(e))
def add_ad_posix_idmap_entry(samdb, sid, xid, xid_type, logger):
"""Create idmap entry
:param samdb: Samba4 sam.ldb database
:param sid: user/group sid
:param xid: user/group id
:param xid_type: type of id (ID_TYPE_UID/ID_TYPE_GID)
:param logger: Logger object
"""
try:
m = ldb.Message()
m.dn = ldb.Dn(samdb, "<SID=%s>" % str(sid))
if xid_type == "ID_TYPE_UID":
m['uidNumber'] = ldb.MessageElement(
str(xid), ldb.FLAG_MOD_REPLACE, 'uidNumber')
m['objectClass'] = ldb.MessageElement(
"posixAccount", ldb.FLAG_MOD_ADD, 'objectClass')
elif xid_type == "ID_TYPE_GID":
m['gidNumber'] = ldb.MessageElement(
str(xid), ldb.FLAG_MOD_REPLACE, 'gidNumber')
m['objectClass'] = ldb.MessageElement(
"posixGroup", ldb.FLAG_MOD_ADD, 'objectClass')
samdb.modify(m)
except ldb.LdbError, e:
logger.warn(
'Could not modify AD idmap entry for sid=%s, id=%s, type=%s (%s)',
str(sid), str(xid), xid_type, str(e))
def add_idmap_entry(idmapdb, sid, xid, xid_type, logger):
"""Create idmap entry
@ -710,8 +740,8 @@ Please fix this account before attempting to upgrade again
for g in grouplist:
# Ignore uninitialized groups (gid = -1)
if g.gid != -1:
add_idmap_entry(result.idmap, g.sid, g.gid, "ID_TYPE_GID", logger)
add_group_from_mapping_entry(result.samdb, g, logger)
add_ad_posix_idmap_entry(result.samdb, g.sid, g.gid, "ID_TYPE_GID", logger)
# Export users to samba4 backend
logger.info("Importing users")
@ -720,7 +750,7 @@ Please fix this account before attempting to upgrade again
continue
s4_passdb.add_sam_account(userdata[username])
if username in uids:
add_idmap_entry(result.idmap, userdata[username].user_sid, uids[username], "ID_TYPE_UID", logger)
add_ad_posix_idmap_entry(result.samdb, userdata[username].user_sid, uids[username], "ID_TYPE_UID", logger)
logger.info("Adding users to groups")
for g in grouplist: