IF YOU WOULD LIKE TO GET AN ACCOUNT, please write an
email to Administrator. User accounts are meant only to access repo
and report issues and/or generate pull requests.
This is a purpose-specific Git hosting for
BaseALT
projects. Thank you for your understanding!
Только зарегистрированные пользователи имеют доступ к сервису!
Для получения аккаунта, обратитесь к администратору.
Make it AD-compatible using "(distinguishedName=...)".
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
This way we only catch true exceptions and keyboard interrupts
are not caught here.
Autobuild-User: Amitay Isaacs <amitay@samba.org>
Autobuild-Date: Tue Jan 24 03:32:40 CET 2012 on sn-devel-104
Not all cleartext password (machine passwords) can be converted to utf8,
let's export the raw uint16_t array.
metze
Autobuild-User: Stefan Metzmacher <metze@samba.org>
Autobuild-Date: Thu Jan 12 23:58:12 CET 2012 on sn-devel-104
This is useful to sync passwords from an AD domain.
$
$ source4/scripting/devel/repl_cleartext_pwd.py \
-Uadministrator%A1b2C3d4 \
172.31.9.219 DC=bla,DC=base /tmp/cookie cleartext_utf8 131085 displayName
# starting at usn[0]
dn: CN=Test User1,CN=Users,DC=bla,DC=base
cleartext_utf8: A1b2C3d4
displayName:: VABlAHMAdAAgAFUAcwBlAHIAMQA=
# up to usn[16449]
$
$ source4/scripting/devel/repl_cleartext_pwd.py \
-Uadministrator%A1b2C3d4
172.31.9.219 DC=bla,DC=base /tmp/cookie cleartext_utf8 131085 displayName
# starting at usn[16449]
# up to usn[16449]
$
metze
Autobuild-User: Stefan Metzmacher <metze@samba.org>
Autobuild-Date: Mon Jan 9 19:06:06 CET 2012 on sn-devel-104
Signed-off-by: Andrew Tridgell <tridge@samba.org>
Autobuild-User: Matthieu Patou <mat@samba.org>
Autobuild-Date: Sat May 21 15:40:26 CEST 2011 on sn-devel-104
so it can be used against Windows DC without fetching prefixMap
Fetching prefixMap doesn't work against WinDCs for some reason at the moment
Autobuild-User: Kamen Mazdrashki <kamenim@samba.org>
Autobuild-Date: Wed Dec 22 01:28:49 CET 2010 on sn-devel-104
The ldapcmp tool is very useful, and should be available to Samba
admins, not just developers. This makes it a samba-tool command, which
also gives it the nicer command line handling that samba-tool has
This pattern, which is common in our code, is wrong:
except LdbError, (ERR_NO_SUCH_OBJECT, _):
what it actually does it to change the value of ldb.ERR_NO_SUCH_OBJECT
to be equal to whatever ldb error occurred! This led to some really
bizarre behavior
- allow for missing VMs
- improved VM names
- added join of w2k3 to Samba domain
- cope with w2k3 dcpromo output
- wait for port 139 not 23, to avoid windows telnet server bug
Autobuild-User: Andrew Tridgell <tridge@samba.org>
Autobuild-Date: Thu Nov 18 23:56:11 CET 2010 on sn-devel-104
now supports --list to list tests, and --skip to skip the named tests
Autobuild-User: Andrew Tridgell <tridge@samba.org>
Autobuild-Date: Thu Nov 18 04:29:24 UTC 2010 on sn-devel-104
this won't just be for the howto anymore
Autobuild-User: Andrew Tridgell <tridge@samba.org>
Autobuild-Date: Thu Nov 18 00:45:18 UTC 2010 on sn-devel-104
- handle clock skew using "net time" on windows after we open the
telnet connection
- allow checking for result lists in order
- replicate all partitions after vampiring so we don't need
to wait for periodic replication
- use a krb5 ccache in the prefix for kinit based tests
The complete test suite now passes on my system, taking just over 13
minutes to complete
this fixes some timing issues, plus ensures we test both with and
without kerberos
Autobuild-User: Andrew Tridgell <tridge@samba.org>
Autobuild-Date: Tue Nov 16 07:58:55 UTC 2010 on sn-devel-104
This provides a script that allows testing of most of the steps of the
Samba4 HOWTO. The big difference between this and 'make test' is that
it test against windows, using pexpect to control windows boxes via
telnet.
The info about VMs and other parameters are in separate conf
files. I've included a sample config file that I use on my laptop.
This is a modest speed test that aims to show performance difference
between Samba4 vs MS Active Directory. It should be used with Samba-style
credentials and no arguments like every other python unittest.
Signed-off-by: Anatoliy Atanasov <anatoliy.atanasov@postpath.com>
Autobuild-User: Anatoliy Atanasov <anatoliy@samba.org>
Autobuild-Date: Thu Nov 4 00:11:20 UTC 2010 on sn-devel-104
This script show the time of each test and tests are sorted by execution
time (from the slowest to the quickest)
Autobuild-User: Matthieu Patou <mat@samba.org>
Autobuild-Date: Tue Oct 26 20:42:11 UTC 2010 on sn-devel-104
This allow us to fallback to first credentials given.
Autobuild-User: Kamen Mazdrashki <kamenim@samba.org>
Autobuild-Date: Sat Oct 2 23:05:20 UTC 2010 on sn-devel-104
New feature that enables LDAPCmp users to find unmatched or
missing ACEs in objects for the three naming contexts between
DCs in one domain (default) or different domains. Comparing
security descriptors is not the default action but attribute
compatison. So to activate the new mode there is --sd switch.
However there are two view modes to the new --sd action which
are 'section' (default) or 'collision'. In 'section' mode you
can only find differences connected to missing or value
unmatched ACEs but not disorder unmatch if ACE values and count
are the same. All of the mentioned differences plus disorder
ACE unmatch you can observe under 'collision' view however
it is more verbose.
Signed-off-by: Anatoliy Atanasov <anatoliy.atanasov@postpath.com>
This will enable us to compare two LDBs or and LDB with running
AD server. Comparing LDB against running running server
may come into handy when one want to see if 'net vampire'
command does what it does the right way
this calls the netlogon DsrUpdateReadOnlyServerDnsRecords call to add
DNS entries for a RODC via RPC calls. The call is routed via a IRPC
call to winbind, as winbind is the one with the schannel credential
chaining setup.
Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
this allows for command line access to getncchanges
it also provides a good example of calling DRSUAPI interfaces from
python
Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
This patch changes the behavior of LDAPCmp in a single domain
scenario. No place-holders will be applied during comparison
so replication will be fully tested and even the silightest
difference will pop up.
There is a second smaller fix when we compre hosts in different
domains. This fix disables ${SERVERNAME} paace-holder when there
are more then one serevr (domain controller) in the given domain.
Recently I have found that after vampireing from a clean Windows
server we have the same DNS objects in the ldb. So ldapcmp has to
no longer ignore them.
Signed-off-by: Kamen Mazdrashki <kamenim@samba.org>
- Added support for replicating hosts versus hosts in different domains
- Added switches for the following modes:
= two - ignores additional attributes that cannot be the same
in two different provisions (domains)
= quiet - display nothing, only return code
= verbose - display all dn objects through compare fase
= default - display only objects with differences
- Added more placeholders for nETBIOSDomainName and ServerName
This allows you to run:
GDB="gdb --args" vampire_ad.sh
and also to add higher debug levels like this:
vampire_ad.sh -d100
Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
This tool is integrated with Samba4 Ldb. It provides a useful output
where you can find easy differences in objects or attributes within
naming context (Domain, Configuration or Schema).
Added functionality for two sets of credentials.
These scripts, originally by tridge, allow developers to easily
reproduce the same domain join senerio time after time.
They need documentation, and the template named.conf and zone files
for hosting an AD domain are not provided. However, I hope to have
the provision script provide these shortly.
They assume a local 'bind' set up to read PREFIX/private/named.conf
(as per the provision instructions).
Ensure you edit the 'vars' file to match your local setup.
Andrew Bartlett
