sin/samba-mirror
1
0
Fork 0
mirror of https://github.com/samba-team/samba.git synced 2025-01-25 06:04:04 +03:00
Code
69,043 Commits 60 Branches 1,146 Tags
Commit Graph

840 Commits

Author SHA1 Message Date
Nadezhda Ivanova
c89ecfc2ad s4-dsdb: Extended samdb.newgroup to set the group's security descriptor. 2010-11-24 16:54:18 +01:00
Nadezhda Ivanova
e95a350682 s4-dsdb: Changed filter to find the account of a user by samAccountName 
In newuser, a filter by dn was given to setpassword to find the account whose password is to be reset.
It appears however that if given filter of type (dn=CN=smth) Windows fails to return the entry, and the
tests that use newuser fail against it. Changed to use samAccountName instead.
 2010-11-23 21:02:03 +01:00
Nadezhda Ivanova
3001a514dd s4-dsdb: Extended samdb.newuser to accept security descriptor for the object and optionally skip password reset 
Sometimes for testing purposes we create users without any permissions on their objects and password reset
cannot be performed at that point, and is not necessary. For this purpose we can now optionally skip this step.
The default is still to reset the user password.
Also, a security.descriptor object can be specified during the user creation to override using the default one.
defaultSecurityDescriptor is still used by default.
 2010-11-23 17:15:16 +01:00
Nadezhda Ivanova
0c22316ccf s4-dsdb: Added a python method to SamDB for creating organizationalUnits 2010-11-23 14:33:27 +02:00
Nadezhda Ivanova
eaa9733a83 s4-dsdb: Added python helpers for getting and seting dSHeuristics to SamDB 2010-11-23 11:22:26 +02:00
Nadezhda Ivanova
c88b90e9f6 s4-dsdb: Added a helper to python SamDB for retrieving and setting minPwdAge. 2010-11-22 18:52:04 +02:00
Kamen Mazdrashki
9c2bd08498 s4-tests: Wrap connect_samdb() into a connect_samdb_ex() helper 
Thus caller will be able to connect to SamDB and fetch
RootDSE info in a single step
 2010-11-22 15:37:40 +02:00
Kamen Mazdrashki
bc6ba4b04c s4-samba.tests: Explicitly pass LoadParm() instance to system_session() function 
Otherwise system_session() creates a LoadParm() instance
wich resets certain params to their defaults from smb.conf
("log level" for instance)
 2010-11-22 15:37:40 +02:00
Andrew Tridgell
5b3981acb1 s4-rodc: enable the DRS_GET_ALL_GROUP_MEMBERSHIP flag for RODC replication 
see the description of this flag in [MS-DRSR]
 2010-11-18 23:12:26 +01:00
Andrew Tridgell
96e55cb132 s4-join: initially disable the machine account 
enable after a password is set
 2010-11-18 23:12:26 +01:00
Andrew Tridgell
6a41afba68 s4-drs: fixed a typo 2010-11-18 23:12:26 +01:00
Kamen Mazdrashki
c29a8c7ec5 s4-samdb.py: Use ldb.get_default_basedn() to avoid RootDSE search 2010-11-18 22:28:07 +01:00
Andrew Tridgell
1645190b1c s4-provision: don't test for xattrs if posix:eadb is set 
when it is set in smb.conf or on the command line, obey the setting
and don't try to test for system xattr support
 2010-11-17 23:55:39 +11:00
Andrew Tridgell
333975d84f s4-provision: setup posix:eadb using lp.set() 
this allows it to override a setting made during the automatic testing
of xattr support
 2010-11-17 23:55:39 +11:00
Andrew Tridgell
292003343e s4-provision: add log messages about IP lookup 
the IPv6 lookup can be very slow if a DNS server in the search list is
unavailable. It's good to let the user know what its doing.
 2010-11-17 23:55:38 +11:00
Andrew Tridgell
5524822a72 s4-join: fixed join to w2k3 
w2k3 does need msDS-Behavior-Version
 2010-11-17 11:30:07 +11:00
Andrew Tridgell
a82bc073e2 s4-join: show a reasonable error on DsAddEntry() failing 
DsAddEntry() gives errors in a reply container
 2010-11-17 11:30:07 +11:00
Andrew Tridgell
3f9c97dbc5 s4-join: enable NDR printing at debug levels >= 5 
this is handy for debugging joins
 2010-11-17 11:30:07 +11:00
Andrew Bartlett
2e44d0d329 samba-tool pwsettings Allow setting 'store cleartext' 
This allows the 'store cleartext' password policy flag to be (un)set.

Andrew Bartlett
 2010-11-16 16:32:55 +11:00
Andrew Tridgell
6ff009cacc s4-join: not all versions of w2003 have msDS-SupportedEncryptionTypes 
Autobuild-User: Andrew Tridgell <tridge@samba.org>
Autobuild-Date: Mon Nov 15 22:28:16 UTC 2010 on sn-devel-104
 2010-11-15 22:28:16 +00:00
Matthieu Patou
e0f64b77eb python: use the ldbMessage + modify notation instead of modify_ldif that we try to avoid 2010-11-12 19:40:21 +00:00
Matthieu Patou
f5ea6f4b4c unit tests: add testing for dns account password change 2010-11-12 19:40:21 +00:00
Matthieu Patou
a9c430bdd2 upgradeprovision: fix pb with dns-hostname, regenerate a correct keytab 2010-11-12 19:40:21 +00:00
Andrew Bartlett
a9baabed56 s4-provision UTF16 encode the password in sam.ldb, not secrets.ldb 
The password in secrets.ldb is UTF8, while clearTextPassword in
sam.ldb is UTF16.

This corrects commit bd5039546e520b6d6897a658bc0a358f0511f7c7, which
had these the wrong way around.

Andrew Bartlett
 2010-11-11 09:55:06 +00:00
Matthias Dieter Wallnöfer
2403aaa759 s4:upgradehelpers.py - use "clearTextPassword" rather than "userPassword" 
It's the default internal s4 password change attribute
 2010-11-11 09:12:25 +01:00
Andrew Tridgell
21fe96e8f9 s4-provision: include command line provision options in the generated smb.conf 
this saves the smb.conf using lp.dump_globals() to ensure that any
command line options (for example directory overrides) are saved in
the generated smb.conf 

Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
 2010-11-11 02:57:04 +00:00
Andrew Tridgell
81c9b98ecd s4-join: use the command line loadparm in provision during a join 
this allows a join with an empty smb.conf to override locations of
files correctly with --option

Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
 2010-11-11 02:57:04 +00:00
Andrew Tridgell
13020349e1 s4-join: raise mininum password length to 32 in new join code 2010-11-10 09:53:18 +11:00
Matthias Dieter Wallnöfer
fd9fc251fb s4:provision.py - strip trailing whitespaces 2010-11-09 13:25:12 +01:00
Matthias Dieter Wallnöfer
bd5039546e s4:provision - switch to "clearTextPassword" for setting passwords 
This is the default password set/change attribute for s4 specific purposes
(otherwise in respect to Windows it's "unicodePwd"). We move away from
"userPassword" since on Windows it's not activated by default - and s4 will
follow soon.
 2010-11-09 13:22:00 +01:00
Andrew Tridgell
cc5e231355 s4-pydrs: validate the DsGetNCChanges response 
check that object_count matches up with first_object
 2010-11-08 11:13:28 +11:00
Andrew Tridgell
e59bf5efb5 s4-join: modify join behaviour according to domain level 
Autobuild-User: Andrew Tridgell <tridge@samba.org>
Autobuild-Date: Sun Nov  7 23:32:16 UTC 2010 on sn-devel-104
 2010-11-07 23:32:16 +00:00
Andrew Tridgell
fc5fecb0b7 s4-drs: allow override of the replica_flags 2010-11-07 22:50:05 +00:00
Andrew Tridgell
2d52eea028 s4-join: fixed SPNs, invocationId and dnshostname and python join 
- we need the GN/ SPN for replication. 
- fixed the string form of the invocationId
- lowercase the dnshostname

Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
 2010-11-06 14:36:26 +11:00
Andrew Tridgell
724599de63 samba-tool: deprecate samba-tool vampire command 2010-11-06 14:36:26 +11:00
Andrew Tridgell
11ae1046a0 s4-join: fixed secure_channel_type 
Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>

Autobuild-User: Andrew Tridgell <tridge@samba.org>
Autobuild-Date: Fri Nov  5 13:24:32 UTC 2010 on sn-devel-104
 2010-11-05 13:24:32 +00:00
Andrew Tridgell
351312d8b8 s4-join: don't print all the NDR packets by default 2010-11-05 23:42:09 +11:00
Andrew Tridgell
506ffcf86f s4-join: added DC join to the python join code 
this will replace the old vampire code
 2010-11-05 23:42:08 +11:00
Andrew Tridgell
278778c927 s4-pydrs: added rodc option to python drs replication 2010-11-05 23:42:08 +11:00
Andrew Tridgell
cbded38ed5 s4-pydsdb: added DsReplicaAttribute() 
this allows us to form a DsReplicaAttribute structure from python
 2010-11-05 23:42:08 +11:00
Jelmer Vernooij
cd172e7724 talloc: Add python talloc module, move convenience functions to it. 
Autobuild-User: Jelmer Vernooij <jelmer@samba.org>
Autobuild-Date: Fri Nov  5 02:48:21 UTC 2010 on sn-devel-104
 2010-11-05 02:48:21 +00:00
Jelmer Vernooij
6bd903ebe0 provision: Look for in source setup data first, in case an older version 
of samba 4 is installed in the system.
 2010-11-03 19:13:36 +00:00
Jelmer Vernooij
654fdce6a2 samba: Make in_source_tree() public. 2010-11-03 19:13:36 +00:00
Matthias Dieter Wallnöfer
7578e04fb8 s4:provision - adapt the "provision" so that SIDs are only set on entry creation 
SID modifications are denied.
 2010-11-01 12:25:24 +01:00
Matthias Dieter Wallnöfer
572774a7a0 s4:provision - remove the "servicePrincipalName" creation on the DC object 
This is now done by the "samba_spnupdate" script.
 2010-10-31 18:44:07 +00:00
Matthieu Patou
b548674c29 provision: fix wrong tests 
Autobuild-User: Matthieu Patou <mat@samba.org>
Autobuild-Date: Sat Oct 30 17:31:23 UTC 2010 on sn-devel-104
 2010-10-30 17:31:23 +00:00
Matthieu Patou
dc0000e1a8 provision: when deriving netbiosname from hostname force the netbiosname to be compliant 
It means no space/_/-/@.... and less than 16 chars.

Autobuild-User: Matthieu Patou <mat@samba.org>
Autobuild-Date: Sat Oct 30 14:26:22 UTC 2010 on sn-devel-104
 2010-10-30 14:26:22 +00:00
Matthias Dieter Wallnöfer
8b9a08e10f s4:provision.py - add the correct "CN=Sites" security descriptor 
This should help to fix bug #7403.

Autobuild-User: Matthias Dieter Wallnöfer <mdw@samba.org>
Autobuild-Date: Sat Oct 23 20:16:59 UTC 2010 on sn-devel-104
 2010-10-23 20:16:59 +00:00
Matthias Dieter Wallnöfer
245642a36b s4:schema.py - reformat and fix the security descriptor 
- Now it matches Windows's order
- It contained a superfluous entry (an "Administrator" user grant)
 2010-10-23 19:35:06 +00:00
Matthias Dieter Wallnöfer
a9b58f6246 s4:samdb.py - remove a pointless comment 
We are only looking for the default DN - but the method name already tells
us this.

Autobuild-User: Matthias Dieter Wallnöfer <mdw@samba.org>
Autobuild-Date: Tue Oct 19 10:03:12 UTC 2010 on sn-devel-104
 2010-10-19 10:03:12 +00:00