sin/samba-mirror
1
0
Fork 0
mirror of https://github.com/samba-team/samba.git synced 2024-12-23 17:34:34 +03:00
Code
59,015 Commits 60 Branches 1,144 Tags 452 MiB
d69d07ce62
Commit Graph

596 Commits

Author SHA1 Message Date
Endi S. Dewata
d69d07ce62 s4-provision: Added msDS-NcType into samba4Top object class 
Signed-off-by: Matthias Dieter Wallnöfer <mwallnoefer@yahoo.de>
 2010-01-23 22:41:28 +01:00
Endi S. Dewata
ce709389e6 s4-provision: Disable populating FDS during instance creation. 
Signed-off-by: Matthias Dieter Wallnöfer <mwallnoefer@yahoo.de>
 2010-01-23 22:40:51 +01:00
Matthieu Patou
c637c52876 provision: use message and do not display warning if the user choosed delibarately posix:eadb 2010-01-21 07:11:17 +13:00
Matthieu Patou
d4514a6539 provision: introduce use-xattr parameter for defining where to store attributes 
This option allow simple user (non root) to invoke provision without facing an error
  while insuring that ACL on shared files will always be set
 2010-01-21 07:11:17 +13:00
Matthieu Patou
e78626dc2e s4: Set acls correctly on all sysvol and scripts shares 2010-01-21 07:11:15 +13:00
Matthieu Patou
028c9b1c15 s4: regroup gpo modification in one function, set acl on files accordingly with ACL in LDAP 2010-01-21 07:11:14 +13:00
Andrew Tridgell
84b47d3334 s4-provision: added w2k8r2 ldap capabilities 2010-01-16 14:10:44 +11:00
Andrew Tridgell
a9808ae83d s4-provision: added "check-names ignore;" to allow for _msdcs A records 2010-01-16 14:10:44 +11:00
Matthias Dieter Wallnöfer
b1d2bb3e51 s4:provision_users.ldif - Add a comment that some objects under "Users" are now located elsewhere 
This is needed due to the new RID/SID distribution system
 2010-01-14 10:58:08 +01:00
Matthias Dieter Wallnöfer
face5d3030 s4:provision_users.ldif - Add objects for IIS 
Some WSPP locations point out that beginning with Windows Server 2008 they're
also per default present.

Compared against Windows Server 2008
 2010-01-14 10:58:08 +01:00
Matthias Dieter Wallnöfer
9ac39b659f s4:provision_users.ldif - Add additional BUILTIN objects 
Compared against Windows Server 2008
 2010-01-14 10:58:08 +01:00
Matthias Dieter Wallnöfer
2a05dd6fcc s4:provision_users.ldif - add the restant part of the objects needing for RODC support 
RODC = Read Only Domain Controllers

Compared against Windows Server 2008
 2010-01-14 10:58:07 +01:00
Matthias Dieter Wallnöfer
71357053bb s4:provision_users.ldif - Fix up errors on existing entries 
Compared against Windows Server 2008
 2010-01-14 10:58:07 +01:00
Matthias Dieter Wallnöfer
81053e9124 s4:provision_users.ldif - Simple reordering 
Sorted according the SID - easier for later enhancements.
 2010-01-14 10:58:07 +01:00
Matthias Dieter Wallnöfer
a0d7f3e344 s4:provision_users.ldif - Remove system objects from the wrong place 
Objects like the "Cryptographic Operators", "Event Log Readers" don't belong
here but into the builtin domain.
 2010-01-14 10:58:06 +01:00
Andrew Tridgell
73422e7dd8 Revert "s4:provision_users.ldif - Import all essential groups for Windows Server 2008 mode" 
This reverts commit 5c174c68cc.

This series of commits broke 'make test'.

Matthias, please make sure you run a _full_ make test before every
push.
 2010-01-11 10:08:30 +11:00
Andrew Tridgell
3af84c1cde Revert "s4:provision_users.ldif - Remove foreign security principal S-1-5-17 for now" 
This reverts commit 61dfd3dc1d.

This series of commits broke 'make test'.

Matthias, please make sure you run a _full_ make test before every
push.
 2010-01-11 10:07:53 +11:00
Andrew Tridgell
306de3051d Revert "s4:provision_users.ldif - Fix memberships regarding the denied password RODC replication group" 
This reverts commit 9ee895fcf6.

This series of commits broke 'make test'.

Matthias, please make sure you run a _full_ make test before every
push.
 2010-01-11 10:06:58 +11:00
Andrew Tridgell
aa4501538a Revert "s4:provision_users.ldif - Add objects for IIS" 
This reverts commit 91e2100287.

This series of commits broke 'make test'.

Matthias, please make sure you run a _full_ make test before every
push.
 2010-01-11 10:05:50 +11:00
Matthias Dieter Wallnöfer
91e2100287 s4:provision_users.ldif - Add objects for IIS 
Some WSPP locations point out that they're defacto-standards for Windows Server deployments starting with 2008. So we should add them to s4 too.
 2010-01-10 22:48:05 +01:00
Matthias Dieter Wallnöfer
e72787f0af s4:provision_self_join_modify.ldif - Point out that account "dns" is s4 specific 2010-01-10 22:48:04 +01:00
Matthias Dieter Wallnöfer
9ee895fcf6 s4:provision_users.ldif - Fix memberships regarding the denied password RODC replication group 2010-01-10 22:48:04 +01:00
Matthias Dieter Wallnöfer
61dfd3dc1d s4:provision_users.ldif - Remove foreign security principal S-1-5-17 for now 
This belongs to the AD IIS stuff where I don't know yet if we should import it.
 2010-01-10 11:07:16 +01:00
Matthias Dieter Wallnöfer
5c174c68cc s4:provision_users.ldif - Import all essential groups for Windows Server 2008 mode 
Additionally I had to fix some bugs (especially wrong "groupTypes") and
reordered the objects using the SID (this is easier when enhancing the file).
 2010-01-10 10:50:46 +01:00
Matthias Dieter Wallnöfer
fca0c4de2a s4:provision_self_join.ldif - Adapt comment after implementation of distributed RIDs 2010-01-08 18:18:21 +01:00
Andrew Tridgell
ad11deb9bd s4-schema: fixes for W2K8-R2 schema 
The schema from WSPP had a number of typos that prevented it from
working. These changes allow it to work with Samba, and allow w2k8r2
to run DCPROMO against Samba successfully

Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
 2010-01-08 18:24:54 +11:00
Andrew Tridgell
ebec49965b s4-schema: added msDS-NcType to schema container 
Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
 2010-01-08 18:24:53 +11:00
Andrew Tridgell
ce21151d22 s4-schema: fixed attributes of aggregate schema 
Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
 2010-01-08 18:24:53 +11:00
Andrew Tridgell
9d296e6776 s4-provision: added W2K8-R2 schema as provided by WSPP 2010-01-08 18:24:52 +11:00
Andrew Tridgell
42f0bdae69 s4-provision: RID 1000 is consumed by the machine account 2010-01-08 13:03:03 +11:00
Andrew Tridgell
b1f97b7e60 s4-dsdb: added an extended operation for allocating a new RID pool 
This will be called by getncchanges when a client asks for a
DRSUAPI_EXOP_FSMO_RID_ALLOC operation

Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
 2010-01-08 13:03:02 +11:00
Andrew Tridgell
53d10d139e s4-provision: don't hard wire the creation of the RID Set object 
We now create it automatically in the samldb module when the first
user is created. 

The creation of the dns user also had to move to the _modify.ldif as
it now relies on the fSMO role being setup for the RID Manager

Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
 2010-01-08 13:03:00 +11:00
Andrew Tridgell
5eb3b919c5 s4-provision: the DC object itself needs a fixed objectSID 
We can't allocate a objectSID until we have rIDSetReferences, but that
is in the DC object, so we have to force the objectSID of the DC

Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
 2010-01-08 13:02:58 +11:00
Andrew Tridgell
a1362492ab s4-provision: added an initial RID Set 
We will allocate RIDs from this set

Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
 2010-01-08 13:02:58 +11:00
Jelmer Vernooij
9e5ef916d4 net: Move 'newuser' to 'net newuser' 
Signed-off-by: Andrew Tridgell <tridge@samba.org>
 2009-12-31 17:33:27 +11:00
Jelmer Vernooij
73594c248f net: Fix tests and documentation of setexpiry. 
Signed-off-by: Andrew Tridgell <tridge@samba.org>
 2009-12-31 17:33:25 +11:00
Jelmer Vernooij
345b25d059 net: Move setexpiry to 'net setexpiry' 
Signed-off-by: Andrew Tridgell <tridge@samba.org>
 2009-12-31 17:33:24 +11:00
Jelmer Vernooij
b531696a5b net: Move 'setpassword' to 'net setpassword'. 
Signed-off-by: Andrew Tridgell <tridge@samba.org>
 2009-12-31 17:33:22 +11:00
Jelmer Vernooij
e60a40e287 s4/net: Add domainlevel subcommand. 2009-12-29 16:26:20 +01:00
Jelmer Vernooij
eaf4a9afb2 s4/net: Make pwsettings a net subcommand. 2009-12-29 16:26:19 +01:00
Endi Sukma Dewata
f871de7def s4:provision - Remap conflicting thumbnailPhoto and thumbnailLogo OID's. 2009-12-15 10:04:04 +11:00
Andrew Bartlett
a88f086d96 s4:setup Adjust upgradeprovision blackbox test now we don't have --targetdir 2009-12-01 12:17:56 +11:00
Matthias Dieter Wallnöfer
b973c50836 s4:upgrade_from_s3 - Move it back to "setup" 
Suggested by Jelmer
 2009-11-28 19:25:12 +01:00
Matthias Dieter Wallnöfer
f0686645a9 s4:setup/provision - Rework 
- Revert change in "ask" - was previously correct
- Readd accidentally removed checks for non-null realm and domainname
- On interactive mode perform only one "ask" call per question
- Inform the user about the unset administrator password
 2009-11-28 18:59:33 +01:00
Matthieu Patou
db41a0afc6 s4: fix SD update and password change in upgrade script 
- reserve a new Samba OID for recalculate SD control
- fix the update SD function
- fix handling of kvno in the update_machine_account_password function
- fix handling of handles in RPC winreg server

Signed-off-by: Andrew Tridgell <tridge@samba.org>
 2009-11-28 09:56:06 +11:00
Matthias Dieter Wallnöfer
6b835b0691 s4:setup/provision - make the interactive mode work again 2009-11-27 13:02:31 +01:00
Matthias Dieter Wallnöfer
fd313282a2 s4:upgrade script - rename it to "upgrade_from_s3" and do some rework 
- Give a better name to the script
- Move it to the location where also "upgradeprovision" resides
- Fix up trailing whitespaces and tabs
 2009-11-27 12:26:11 +01:00
Andrew Bartlett
731f560ecb s4:upgradeprovision add 'exit $failed' to blackbox test 2009-11-27 16:05:05 +11:00
Andrew Bartlett
6f0f82f7ed s4:selftest Add tests for upgradeprovision 2009-11-27 16:05:05 +11:00
Andrew Bartlett
5ea6f79775 s4:provision Don't bother with a template for the LDAP backend startup script. 2009-11-24 11:04:31 +11:00