sin/samba-mirror
1
0
Fork 0
mirror of https://github.com/samba-team/samba.git synced 2025-01-12 09:18:10 +03:00
Code
69,098 Commits 60 Branches 1,145 Tags 452 MiB
f6c2d39d0b
Commit Graph

2128 Commits

Author SHA1 Message Date
Matthieu Patou
2afc2f20b6 s4 upgradeprovision: add function to backup the provision before updating 
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
 2010-07-15 22:08:21 +10:00
Matthieu Patou
6c51b3a432 s4 upgradeprovision: fix whitespaces 
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
 2010-07-15 22:08:21 +10:00
Matthieu Patou
62a32975c8 s4: Add unit test for increment_calculated_keyversion_number 
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
 2010-07-15 22:08:21 +10:00
Matthieu Patou
9323901644 s4 upgradeprovision: introduce a new function to update the field use for calculating msds-keyversionnumber 
This function change the version field of the unicodePwd in the
replPropertyMetaData so that the version is equal or
superior to the reference value passed.

Signed-off-by: Andrew Bartlett <abartlet@samba.org>
 2010-07-15 22:08:21 +10:00
Matthieu Patou
f97c90c9cd s4 python: Add functions to samdb to manipulate version of replPropertyMetaData attribute 
This change contains also helpers for attribute id to attribute oid
conversion and from attribute id to attribute name.
It brings also unit tests

Signed-off-by: Andrew Bartlett <abartlet@samba.org>
 2010-07-15 22:08:20 +10:00
Matthieu Patou
6a0856da9c s4 dsdb: Use the changereplmetadata control 
This control allow to specify the replPropertyMetaData attribute to
be specified on modify request. It can be used for very specific needs
to tweak the content of the replication data.

Signed-off-by: Andrew Bartlett <abartlet@samba.org>
 2010-07-15 22:08:20 +10:00
Matthieu Patou
7ea70f86ac s4: Add a simple script to change dc password 
This script will mostly be used by unit test (blackbox type) to test the
change of the dc password

Signed-off-by: Andrew Bartlett <abartlet@samba.org>
 2010-07-15 22:08:20 +10:00
Matthieu Patou
fd2eb0dfd0 s4 provision: move update_machine_account_password to helpers 
This is to allow reuse of this function and also unit tests

Signed-off-by: Andrew Bartlett <abartlet@samba.org>
 2010-07-15 22:08:20 +10:00
Stefan Metzmacher
800c7af0c9 s4:provision: also use fixed GUID names of the default group policies for domain and domain controllers in tests 
metze
 2010-07-10 11:18:19 +02:00
Matthieu Patou
f16007430a s4 provision: use correct GUID for default policies 
The value of GUID for policy is not random for default policies, it is
described here ("How Core Group Policy Works"):
http://technet.microsoft.com/en-us/library/cc784268%28WS.10%29.aspx
at paragraph System\Policies Container.

Signed-off-by: Stefan Metzmacher <metze@samba.org>
 2010-07-10 11:18:18 +02:00
Matthieu Patou
cad04dabbb s4 net: Add spn module to list/add/remove spn on objects 
Signed-off-by: Stefan Metzmacher <metze@samba.org>
 2010-07-10 11:18:17 +02:00
Matthias Dieter Wallnöfer
32a2bbb44b s4:samdb.py - "setpassword" - performs password sets using the "unicodePwd" attribute 
This does work per default on each AD-compatible DC. "userPassword" support on
Windows however has to be activated explicitly by the "dSHeuristics".
 2010-07-08 19:28:43 +02:00
Matthieu Patou
61be498adb s4 upgradeprovision: For SID > 1000 do not copy them, let the system regenerated a new one 
This should avoid colliion with newly added objects that use the same
SID as existing users in the upgraded provision.

Signed-off-by: Matthias Dieter Wallnöfer <mdw@samba.org>
 2010-07-08 19:28:42 +02:00
Zahari Zahariev
4a0edb597c DNS objects should not be ignored 
Recently I have found that after vampireing from a clean Windows
server we have the same DNS objects in the ldb. So ldapcmp has to
no longer ignore them.

Signed-off-by: Kamen Mazdrashki <kamenim@samba.org>
 2010-07-05 18:54:15 +03:00
Matthias Dieter Wallnöfer
c0ee606474 s4:pwsettings net utility - change also here the "minPwdAge" to be the real default 
Which is one day.
 2010-07-03 11:38:54 +02:00
Andrew Bartlett
94637e5fe4 s4:provision Add an msDS-SupportedEncryptionTypes entry to our DC 
This ensures that our DC will use all the available encyption types.

(The KDC reads this entry to determine what the server supports)

Andrew Bartlett
 2010-06-29 16:59:22 +10:00
Endi S. Dewata
7cb98a0cdc s4/spnupdate: Fixed spnupdate to use secrets credentials when accessing SamDB. 
Signed-off-by: Matthias Dieter Wallnöfer <mdw@samba.org>
 2010-06-28 19:33:47 +02:00
Matthias Dieter Wallnöfer
c7b52b233e s4:provision.py - fix comment regarding DNS entries 
I think this should mean partially Samba4 specified (all beside the "dns"
account is standard)
 2010-06-26 11:11:46 +02:00
Stefan Metzmacher
6ab234cec9 s4:provision: move Samba4 specific DNS stuff to its own file 
metze
 2010-06-26 09:50:56 +02:00
Stefan Metzmacher
c6b21931c6 s4:provision: add --next-rid option 
Make it possible to provision a domain with a given next rid counter.
This will be useful for upgrades, where we want to import users
with already given SIDs.

metze
 2010-06-26 09:50:55 +02:00
Stefan Metzmacher
712a149802 s4:provision: don't use hardcoded values for 'nextRid' and 'rIDAvailablePool' 
On Windows dcpromo imports nextRid from the local SAM,
which means it's not hardcoded to 1000.

The initlal rIDAvailablePool starts at nextRid + 100.

I also found that the RID Set of the local dc
should be created via provision and not at runtime,
when the first rid is needed.
(Tested with dcpromo on w2k8r2, while disabling the DNS
 check box).

After provision we should have this (assuming nextRid=1000):

rIDAllocationPool: 1100-1599
rIDPrevAllocationPool: 1100-1599
rIDUsedPool: 0
rIDNextRID: 1100

rIDAvailablePool: 1600-1073741823

Because provision sets rIDNextRid=1100, the first created account
(typically DNS related accounts) will get 1101 as rid!

metze
 2010-06-26 09:50:54 +02:00
Stefan Metzmacher
89f94a43d8 s4:provision: pass relax control also to modify_ldif 
metze
 2010-06-26 09:50:54 +02:00
Matthieu Patou
5c98ccd706 s4 python: Add unit tests related to PyLong/PyInt handling 
Signed-off-by: Jelmer Vernooij <jelmer@samba.org>
 2010-06-25 11:33:33 +02:00
Michael Wood
92cfc63287 s4 upgradeprovision: Try to support older Pythons. 
Use "...".split(sep, 1) instead of "...".partition(sep).

Signed-off-by: Matthias Dieter Wallnöfer <mdw@samba.org>
 2010-06-25 08:46:13 +02:00
Andrew Tridgell
4cb423f527 s4-python: python is not always in /usr/bin 
Using "#!/usr/bin/env python" is more portable. It still isn't ideal
though, as we should really use the python path found at configure
time. We do that in many places already, but some don't.

Signed-off-by: Andrew Bartlett <abartlet@samba.org>
 2010-06-24 18:46:57 +10:00
Matthias Dieter Wallnöfer
560620a53d s4:upgradeprovision - fix include order for "ldb" 
Patch originally posted on the list by Matthieu Patou.
 2010-06-24 10:04:52 +02:00
Lukasz Zalewski
740c97b513 Fix to undo nasty hack for for grouptype conversion 
Signed-off-by: Jelmer Vernooij <jelmer@samba.org>
 2010-06-23 14:49:02 +02:00
Andrew Bartlett
86ed5eb892 s4:net Remove warnings for 2000 native mode and Samba4. 
We now support 2000 native mode, and so we just need to warn about mixed mode.

Andrew Bartlett
 2010-06-23 20:10:07 +10:00
Andrew Bartlett
d0f52ddac2 s4:provision Raise default max functional level to 2008R2 
We don't support many of the extra features, but that applies across many
other parts of AD.  Allow the admin to join a 2008R2 domain if he or she wants.

This also makes it possible to test 2008R2 domain code in 'make test'

Andrew Bartlett
 2010-06-23 20:10:06 +10:00
Andrew Bartlett
b26125b7d3 s4:provision Remove am_rodc from Schema 
The SamDB created in the schema code isn't real enough to care if it's an
rodc or not.
 2010-06-23 20:10:05 +10:00
Andrew Bartlett
c4482bf53e libds:common Remove DS_DC_* domain functionality flags 
These are just a subset of the DS_DOMAIN_ functionality flags, are compared and often confused with each other.  Just make them one set.

Andrew Bartlett
 2010-06-23 20:10:03 +10:00
Kamen Mazdrashki
acebfcb938 s4/test: fix DC password in selftest-vars.sh 2010-06-22 04:50:19 +03:00
Matthieu Patou
32f82fbec0 s4 upgradeprovision: fix the logging stuff so that it actually log 
Signed-off-by: Jelmer Vernooij <jelmer@samba.org>
 2010-06-21 23:11:50 +02:00
Matthias Dieter Wallnöfer
e062e7300b s4:python LDB __init__.py - remove completely unused "erase_partitions" call 
Seems to be a relict from the past.
 2010-06-20 18:52:28 +02:00
Jelmer Vernooij
0714e23971 provision: Look for Samba prefix a bit harder. 2010-06-20 17:46:39 +02:00
Jelmer Vernooij
9e02764f7c pydsdb: Mark all SamDB and Schema methods that are in pydsdb as 
private, to discourage them being called directly.
 2010-06-20 15:22:49 +02:00
Jelmer Vernooij
7b32f65600 testparm: Check netbios name and workgroup characters and length. 2010-06-20 15:04:42 +02:00
Jelmer Vernooij
5f3d5a3ad8 provision: Properly cancel transactions on the secrets ldb. 2010-06-20 14:24:54 +02:00
Jelmer Vernooij
237ab66f6c selftest: Use scripted testparm. 2010-06-20 14:14:47 +02:00
Jelmer Vernooij
08a3e8b9f4 testparm: Simplify default option handling. 2010-06-20 13:51:39 +02:00
Jelmer Vernooij
f0ab4503d6 testparm: Fix suppress prompt option. 2010-06-20 13:47:36 +02:00
Jelmer Vernooij
c0e9a41f67 testparm: Fix exit value, install. 2010-06-20 13:41:38 +02:00
Jelmer Vernooij
74c66c9a3f s4-python: Implement LoadParm.dump(). 2010-06-20 13:29:35 +02:00
Jelmer Vernooij
f051a8557f testparm: Split up functions that do multiple things. 2010-06-20 13:22:26 +02:00
Jelmer Vernooij
0a07b8ebfe testparm: Convert to Python. 2010-06-20 13:16:30 +02:00
Jelmer Vernooij
8f383fc5c8 s4-python: Remove more unused imports, fix use of sets in upgradehelpers. 2010-06-20 13:15:09 +02:00
Jelmer Vernooij
3795358aca Use standard Python syntax, booleans and set()'s where appropriate. 2010-06-20 12:06:50 +02:00
Jelmer Vernooij
66e27e5214 Remove unnecessary use of transactions. 2010-06-20 11:59:49 +02:00
Jelmer Vernooij
1f07f53827 ldb: Remove last import of dsdb. 2010-06-20 02:46:57 +02:00
Jelmer Vernooij
94e06fe203 Some more formatting fixes, move schema related functions from Ldb to Schema. 2010-06-20 02:46:57 +02:00
Jelmer Vernooij
d3d7ff66d4 Move convert_to_openldap onto Schema class. 2010-06-20 02:46:56 +02:00
Jelmer Vernooij
afad634207 Formatting cleanups; use True/False for booleans, unnecessary backslashes, spacing. 2010-06-20 01:57:11 +02:00
Jelmer Vernooij
a5e8ef884b Move a few more samdb-specific methods to SamDB, away from Ldb. 2010-06-20 01:37:06 +02:00
Jelmer Vernooij
1d86414eb0 samdb: Fix formatting, move get_oid_from_attid from Ldb to SamDB. 2010-06-20 01:30:51 +02:00
Jelmer Vernooij
b48182007c s4-python: Remove trivial function, replace by dictionary. 2010-06-20 01:30:51 +02:00
Lukasz Zalewski
214133fbec Modifications extending functionality of newuser cmd and new net group set of commands for group related operations on ldb 
Signed-off-by: Jelmer Vernooij <jelmer@samba.org>
 2010-06-20 01:29:03 +02:00
Lukasz Zalewski
c58c0c2129 Modifications extending functionality of newuser cmd and new net group set of commands for group related operations on ldb 
Signed-off-by: Jelmer Vernooij <jelmer@samba.org>
 2010-06-20 01:29:03 +02:00
Matthieu Patou
38a26f79ea s4 upgradeprovision: Make grouped commit / rollback more resistant to unexpected problems 
Signed-off-by: Jelmer Vernooij <jelmer@samba.org>
 2010-06-20 00:43:09 +02:00
Matthieu Patou
c4f7b0e5f6 s4 upgradeprovision: Check that the policy for DC is present if not warn the user 
Signed-off-by: Jelmer Vernooij <jelmer@samba.org>
 2010-06-20 00:43:09 +02:00
Matthieu Patou
aea0003d08 s4 upgradeprovision: Emit message instead of crashing when not able to set acl 
Signed-off-by: Jelmer Vernooij <jelmer@samba.org>
 2010-06-20 00:43:09 +02:00
Matthieu Patou
17af115de5 s4 upgradeprovision: add an option to force the rebuilding of FS ACLs on sysvols share 
Signed-off-by: Jelmer Vernooij <jelmer@samba.org>
 2010-06-20 00:43:09 +02:00
Matthieu Patou
59f17f9e64 s4 unittests: add unit tests for upgradehelpers 
The functions tested are:
* construct_existor_expr
* search_constructed_attrs_stored

Signed-off-by: Jelmer Vernooij <jelmer@samba.org>
 2010-06-20 00:43:09 +02:00
Matthieu Patou
75389cecdd s4 upgradeprovision: Add function for searching stored constructed attributes 
Signed-off-by: Jelmer Vernooij <jelmer@samba.org>
 2010-06-20 00:43:08 +02:00
Matthieu Patou
9c5f0ed729 s4 upgradeprovision: additional restyling 
Signed-off-by: Jelmer Vernooij <jelmer@samba.org>
 2010-06-20 00:43:08 +02:00
Matthieu Patou
423f99172e s4 upgradeprovision: Restyle imports 
Signed-off-by: Jelmer Vernooij <jelmer@samba.org>
 2010-06-20 00:43:08 +02:00
Matthieu Patou
fbeacc1013 s4 upgradeprovision: Move functions to helpers and improve code 
Among code improvement the most significant part is that we now
compare DN object instead of their string representation. It allow
 to better react to case an white space difference.
Some new move objects have been added (ie. System into well known
security principals).

This will allow more unittesting

Signed-off-by: Jelmer Vernooij <jelmer@samba.org>
 2010-06-20 00:43:08 +02:00
Matthieu Patou
8ff65b0136 s4 python: Update unit tests related to create secrets 
Signed-off-by: Jelmer Vernooij <jelmer@samba.org>
 2010-06-20 00:43:08 +02:00
Matthieu Patou
9c808c47fc s4: Add comments about setup_secrets 
Comments are to inform people that this function should not handle
transaction within the function as it is mainly used in provision and
that we want to commit secrets only if all the action on secrets have
worked.

Signed-off-by: Jelmer Vernooij <jelmer@samba.org>
 2010-06-20 00:43:08 +02:00
Matthieu Patou
84342b1c7f s4 upgradeprovision: Add documentation on the update process 
Signed-off-by: Jelmer Vernooij <jelmer@samba.org>
 2010-06-20 00:43:08 +02:00
Matthieu Patou
a466e0d61a s4 python: Add unit tests for upgradeprovision related stuff 
Signed-off-by: Jelmer Vernooij <jelmer@samba.org>
 2010-06-20 00:43:08 +02:00
Matthieu Patou
ad55248958 s4 upgradeprovision: move some functions to upgradehelpers for unit tests 
Signed-off-by: Jelmer Vernooij <jelmer@samba.org>
 2010-06-20 00:43:08 +02:00
Matthieu Patou
0537de17c1 s4 upgradeprovision: Fix style 
reformat *_update_samdb functions
  fix_partition_sd
  rebuild_sd
  update_samdb
  update_privilege
  update_machine_account_password
  update_gpo

Signed-off-by: Jelmer Vernooij <jelmer@samba.org>
 2010-06-20 00:43:08 +02:00
Matthieu Patou
b624440a0f s4 upgradeprovision: Use replPropertyMetaData for better guess 
Rework upgradeprovision in order to get more precise updates when doing upgrade provision.
This is done through the use of replPropertyMetaData information and raw information revealed by the
"reveal" control.
The code has been changed also to avoid double free error when changing the schema (for old provision).
Checking of SD is done a bit more cleverly as we compare the different parts for an ACL separately.
Fix logic when upgrading provision without replPropertyMetaData infos
Also for old provision (pre alpha9) do not copy the usn range because data here will be wrong

Signed-off-by: Jelmer Vernooij <jelmer@samba.org>
 2010-06-20 00:43:08 +02:00
Matthieu Patou
dd963ddb4e s4 upgradeprovision: Reformat attributes lists and reformat parser 
Signed-off-by: Jelmer Vernooij <jelmer@samba.org>
 2010-06-20 00:43:08 +02:00
Matthieu Patou
60400a7803 s4 upgradeprovision: Inform about new dns dynamic update if the provision didn't have it 
Signed-off-by: Jelmer Vernooij <jelmer@samba.org>
 2010-06-20 00:43:07 +02:00
Matthieu Patou
26ccc3f440 s4 upgradeprovision: fix style 
add_deletedobj_containers
  add missing objects
  clean add-mising
  handle special add + dump denied

Signed-off-by: Jelmer Vernooij <jelmer@samba.org>
 2010-06-20 00:43:07 +02:00
Matthieu Patou
0ff46ec557 s4 upgrade provision: Refactor code to do all the modification within 1 transaction 
Signed-off-by: Jelmer Vernooij <jelmer@samba.org>
 2010-06-20 00:43:07 +02:00
Matthieu Patou
ec90b1b40e s4 upgrade provision: Fix style in gen_dn_index 
Signed-off-by: Jelmer Vernooij <jelmer@samba.org>
 2010-06-20 00:43:07 +02:00
Matthieu Patou
50072e27fe s4 Add functions related to ldb manipulation when doing upgrade 
Signed-off-by: Jelmer Vernooij <jelmer@samba.org>
 2010-06-20 00:43:07 +02:00
Matthieu Patou
e2df3c2510 s4 provision: Add information about provisioned usn range in sam.ldb 
Signed-off-by: Jelmer Vernooij <jelmer@samba.org>
 2010-06-20 00:43:07 +02:00
Jelmer Vernooij
c92db7b6dc python: Use samba.tests.TestCase, make sure base class tearDown and 
setUp methods are called, fix formatting.
 2010-06-19 22:46:45 +02:00
Jelmer Vernooij
50429fb750 samba.tests.samba3: Clean up imports, use new TestCase class. 2010-06-19 22:46:44 +02:00
Jelmer Vernooij
f57b26b6f4 ntacls: Raise TestSkipped rather than writing to stdout. 2010-06-19 22:46:44 +02:00
Jelmer Vernooij
026a4d85a1 samba.tests: Provide TestCase and TestSkipped classes (from testtools) for convenience. 2010-06-19 22:46:44 +02:00
Jelmer Vernooij
c2cb0a710b python: Remove unnecessary Ldb.set_invocation_id - use SamDB.set_invocation_id instead. 2010-06-19 22:46:44 +02:00
Jelmer Vernooij
827ce7b0a3 pyglue: Trim dependencies. 2010-06-19 22:46:44 +02:00
Jelmer Vernooij
27d82685da pyglue: Remove unused code. 2010-06-19 22:46:44 +02:00
Jelmer Vernooij
74309eb29c pydsdb: Move write_prefixes_from_schema_to_ldb to pydsdb from pyglue. 2010-06-19 22:46:43 +02:00
Jelmer Vernooij
a4f60ffe4b pydsdb: Move dsdb_set_schema_from_ldb to pydsdb. 2010-06-19 22:46:43 +02:00
Jelmer Vernooij
05b108a06b pydsdb: Move set_schema_from_ldif function to pydsdb from pyglue. 2010-06-19 22:46:43 +02:00
Stefan Metzmacher
cadca1f6ba s4:provision: don't use hardcoded 'Default-First-Site-Name' 
metze

Signed-off-by: Matthias Dieter Wallnöfer <mdw@samba.org>
 2010-06-19 21:32:43 +02:00
Matthias Dieter Wallnöfer
bce8017ca9 s4:python/samba/__init__.py - now specify the "relax" control for the delete operation before the provision 2010-06-19 17:53:22 +02:00
Jelmer Vernooij
f36a9afc2f s4-python: Use sys.prefix rather than guessing prefix from current 
file path.
 2010-06-19 13:41:48 +02:00
Jelmer Vernooij
bf8045037d waf: Add missing dependency (so header paths are inherited) on talloc to internal python lib. 2010-06-19 02:26:13 +02:00
Jelmer Vernooij
4c22434b3b s4: Don't build a $prefix/lib/libpython.so, as such a library often already exists :-) 2010-06-18 23:51:40 +02:00
Jelmer Vernooij
b391b7d072 s4-waf: Don't include pytalloc when embedding python. 2010-06-18 23:51:40 +02:00
Jelmer Vernooij
ebd0bca555 s4: Build more python convenience files as subsystems rather than as python modules. 2010-06-18 23:51:40 +02:00
Matthias Dieter Wallnöfer
5779c21e41 s4:provision.py - we do now support the "Windows 2000 Native" domain function level 2010-06-16 15:34:41 +02:00
Jelmer Vernooij
8c88c9c500 Attempt to fix SamDB test infrastructure (not used in Samba anywhere, only in OpenChange). 2010-06-15 17:21:39 +02:00
Andrew Bartlett
7c60ac97bf s4:provision Allow a specific prefix map to be loaded into a new schema provision 
This allows the prefixMap from a DRS server to be used when loading
the schema from the local files.  This helps us then import other
schema with this map in place.

Andrew Bartlett

Signed-off-by: Kamen Mazdrashki <kamenim@samba.org>
 2010-06-15 10:51:34 +10:00
Andrew Kroeger
352fb5c7e4 s4:provision: Make gc._msdcs DNS entries A/AAAA records 
When adding an additional DC as a GC server, the new DC attempts to register its
own gc._msdcs records.  If the existing gc._msdcs record is a CNAME, BIND fails
the update with the message "attempt to add non-CNAME alongside CNAME ignored",
and the new DC is not registered as a GC server.

The A & AAAA record types for gc._msdcs have been verified against the DNS
server of a W2K8 DC.
 2010-06-14 12:14:46 +02:00
Jelmer Vernooij
7b7213f1ee s4-provision: Use logger in provision backends. 2010-06-13 18:19:03 +02:00
Jelmer Vernooij
51058213cb s4-test: Use smb.conf path set in environment rather than using 
command-line options.

This is the first step towards supporting custom test runners.
 2010-06-13 18:19:03 +02:00
Jelmer Vernooij
46037a8160 Remove unused version options for subunitrun. 2010-06-13 18:19:03 +02:00
Jelmer Vernooij
d9d0d54475 upgradeprovision: Use logging infrastructure. 2010-06-13 18:19:03 +02:00
Jelmer Vernooij
3552ad3ab1 upgrade: Properly cancel/commit transactions in a couple more places. 2010-06-13 18:19:03 +02:00
Jelmer Vernooij
956a256faa s4-python: Start using standard python logging infrastructure rather 
than simple messaging callbacks.
 2010-06-13 18:19:03 +02:00
Andrew Bartlett
57b6979ad0 s4:provision Allow both additional and override prefixmaps in Schema 
The idea here is to allow some callers to specify a new prefixMap that
will override the values loaded from the prefixMap.txt.

Andrew Bartlett
 2010-06-12 11:18:36 +10:00
Jelmer Vernooij
4690ebf0f4 Add missing stub functions. 2010-06-11 01:47:55 +02:00
Jelmer Vernooij
c446fbc3bf s4-python: Fix formatting. 2010-06-11 01:47:55 +02:00
Matthias Dieter Wallnöfer
b8ea2e0757 s4:provision - fix typo in substitution variable 2010-06-06 20:42:19 +02:00
Jelmer Vernooij
82d56b9374 ldb: Fix dependencies when building with system ldb. 2010-05-31 19:22:03 +02:00
Jelmer Vernooij
55ef0ecea8 s4-python: Remove cruft to deal with static python modules, which are no 
longer supported.
 2010-05-31 00:21:42 +02:00
Matthias Dieter Wallnöfer
67b2c424ce s4:scripting/python/modules.c - fix "asprintf" calls 2010-05-28 10:04:47 +02:00
Jelmer Vernooij
ac9341245a pynet: Raise proper exceptions rather than invoking sys.exit. 2010-05-19 19:35:22 +02:00
Kamen Mazdrashki
242b41a3d8 s4/selftest: fix passwords in selftest-vars script 2010-05-19 02:49:05 +03:00
Jelmer Vernooij
f9ca9e46ad Finish removal of iconv_convenience in public API's. 2010-05-18 11:45:30 +02:00
Anatoliy Atanasov
d040658e1a s4-rodc: Set am_rodc flag during provision 2010-05-17 13:30:27 +03:00
Matthias Dieter Wallnöfer
8608eaef76 s4:net domainlevel tool - fix up the error handling as Jelmer suggested 
Sorry, I've copied this from the "ldap.py" test and thought it would work.
 2010-05-14 19:03:18 +02:00
Matthias Dieter Wallnöfer
49c8c130a0 s4:domainlevel - handle exceptions more precisely 
LDB_ERR_UNWILLING_TO_PERFORM should be the right error code when the
"msDS-Behavior-Version" was already raised by the first change as it is on
Windows Server.

When s4 itself does implement this trigger then we don't need to do the
second write operation anymore (they're kept in sync).
 2010-05-13 22:42:22 +02:00
Matthias Dieter Wallnöfer
4da42b4e80 s4:domainlevel.py - update the script to handle both domain level occourrences on s4 
The second "modify" is located under a try-catch block to ignore the change
failure against Windows Server (there only the first change is required).
 2010-05-13 15:33:11 +02:00
Matthias Dieter Wallnöfer
38e9a7f577 s4:domain functional level - it is also specified in the domain object under partitions 
Discovered by the "ldapcmp" tool
 2010-05-13 15:14:06 +02:00
Anatoliy Atanasov
7200c25646 Revert "s4-rodc: Fix provision warnings by creating ntds objectGUID in provision" 
This reverts commit c3cbb846d0.
The fix is not correct, we should cache a bool to answer amIRODC
 2010-05-11 12:54:18 +03:00
Zahari Zahariev
658dac9e7e v2 Latest enhancements in ldapcmp tool 
- Added support for replicating hosts versus hosts in different domains
- Added switches for the following modes:
  = two - ignores additional attributes that cannot be the same
    in two different provisions (domains)
  = quiet - display nothing, only return code
  = verbose - display all dn objects through compare fase
  = default - display only objects with differences
- Added more placeholders for nETBIOSDomainName and ServerName
 2010-05-10 17:24:03 +03:00
Anatoliy Atanasov
c3cbb846d0 s4-rodc: Fix provision warnings by creating ntds objectGUID in provision 2010-05-10 17:24:02 +03:00
Matthias Dieter Wallnöfer
ce4c0261f6 s4:net utility - make outprinted description comments more consistent 
I've added a [server connection needed] when commands won't work on the local
SamDB.
 2010-05-09 19:14:47 +02:00
Matthias Dieter Wallnöfer
b703481ef7 s4:net utility - remove unixname parameter of samdb.newuser 
We don't handle the id mapping stuff manually anymore.
 2010-05-09 19:14:47 +02:00
Matthias Dieter Wallnöfer
cde9ec4af6 s4:samdb python bindings - remove idmap creation stuff from this call 
The id mapping should now be handled automatically by the s4 daemon.
 2010-05-09 19:14:46 +02:00
Matthias Dieter Wallnöfer
544dc4465c s4:net utility - add an optional password attribute to "net user add" 
To make it behave similar to "net newuser".
 2010-05-09 19:14:46 +02:00
Andrew Tridgell
6fd4861d9d s4-devel: a very useful script when dealing with library/linking issues 
I use this all the time, so I thought I'd put it in the tree for
others
 2010-05-07 15:14:49 +02:00
Andrew Tridgell
e0f602f2c9 s4-devel: auto-delete any leftover IPs 
remove IP from a previous vampire_ad.sh run
 2010-05-06 15:25:18 +02:00
Andrew Tridgell
9ba08c22e8 s4-devel: a useful script for giving DRS replication demos 2010-05-06 15:25:18 +02:00
Matthias Dieter Wallnöfer
b57d11f1b3 s4:py_nttime2string - removed unused variable "nt2" 
And add some linespaces to look better.
 2010-05-04 17:23:43 +02:00
Matthieu Patou
f534080367 s4 python: fix glues functions manipulating NTTIME 
The fix include reverse function (from NTTIME to timestamp) + fix
on the transformation of a NTTIME to a PyLong object
 2010-05-02 15:59:49 +02:00
Kamen Mazdrashki
5bf12e101a Revert "s4/dsdb: Set schemaInfo attribute value during provisioning" 
This reverts commit 8149094edd.

Windows implementation does not set schemaInfo attribute value
until first Schema update request.
This way, newly provisioned forest returns no schemaInfo value.

I think it won't be bad for us to have this value preset, but
I want to mimic Win AD behavior as close as possible.
 2010-04-29 04:54:05 +03:00
Andrew Bartlett
3c585e9a80 s4:provisionbackend Don't loop forever waiting for OpenLDAP 
We need to give a good error when we can't get OpenLDAP to accept our
connections.

Andrew Bartlett
 2010-04-28 10:39:57 +10:00
Andrew Tridgell
ef13264125 s4-provision: setup spn_update_list in provision 2010-04-27 19:27:19 +10:00
Andrew Tridgell
b5b8e6b6ad s4-dns: install samba_spnupdate 2010-04-27 19:27:19 +10:00
Andrew Tridgell
fa26383884 s4-dsdb: added samba_spnupdate 
this script adds all our required servicePrincipalName entries at
runtime. The admin can add more entries to spn_update_list as needed
 2010-04-27 19:27:18 +10:00
Andrew Tridgell
7872efcbc0 s4-dns: cope better with comments in dns_update_list 2010-04-27 19:27:18 +10:00
Andrew Tridgell
725e48c22c s4-drsdevel: support sites in drs developer scripts 2010-04-27 15:24:40 +10:00
Andrew Tridgell
5e695dec2a s4-upgradeprovision: fixed --realm option duplicate in upgrade_from_s3 2010-04-21 13:35:56 +10:00
Andrew Tridgell
1a68311d41 s4-python: added --realm option to python scripts 
this is needed for net vampire

Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
 2010-04-21 13:35:56 +10:00
Andrew Tridgell
024b53755c s4-python: accept --option arguments in python cmdline parsing 
also fixed the -d option to use lp.set() which calls lp_set_cmdline()

Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
 2010-04-21 13:35:56 +10:00
Andrew Tridgell
899fa60dd2 s4-devel: allow extra net command line options and gdb 
This allows you to run:

  GDB="gdb --args" vampire_ad.sh

and also to add higher debug levels like this:

  vampire_ad.sh -d100

Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
 2010-04-21 13:35:55 +10:00
Andrew Tridgell
ac11b616dd s4-net: don't show a full python exception when you can't open sam.ldb 2010-04-20 20:59:24 +10:00
Andrew Tridgell
1f7da85c77 s4-python: added PYTHONDIR to python search path 
we put it after the scripting/python dir, so we look in the build
directory (if applicable) first.
 2010-04-20 20:59:24 +10:00
Andrew Bartlett
538a07a80a s4:provisionbackend Print the command we failed to start slapd with 
This makes it easier to put failed startups into a debugger.

Andrew Bartlett
 2010-04-20 14:24:22 +10:00
Andrew Bartlett
ea5cf7ce05 s4:provision Pass in the invoication ID and NTDS Settings DN to Schema() 
By putting these values into the cache on the LDB, this reduces some
of the noise in provision, particularly with the LDAP backend.

Andrew Bartlett
 2010-04-20 12:11:18 +10:00
Andrew Tridgell
43ca57d088 s4-dns: use neater python for reading lines 
files are line iterators
 2010-04-19 18:21:42 +10:00
Andrew Tridgell
5040e2a6fb s4-dev: expanded selftest-vars.sh to match current testenv 2010-04-19 16:34:14 +10:00
Andrew Tridgell
75f5c3cd97 s4-net: allow a username to be displayed in setpassword errors 
the filter is a bit too cryptic

Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
 2010-04-16 14:12:44 +10:00
Andrew Tridgell
046c5824e4 s4-net: nicer error message (and no exception) 
in net newuser and net setpasswd we shouldn't be throwing python
exceptions on normal user errors like unknown user

Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
 2010-04-16 14:12:44 +10:00
Andrew Tridgell
22d7a06522 s4-test: added KRB5_CONFIG to selftest-vars.sh 2010-04-16 14:12:44 +10:00
Jelmer Vernooij
13bbfa3fca pydsdb: Fix memory leak on invalid parameters, formatting, trivial 
typos.
 2010-04-15 18:45:41 +02:00
Matthieu Patou
ce28f854c0 s4 python: add a unit test for function dsdb_get_oid_from_attid 
Signed-off-by: Jelmer Vernooij <jelmer@samba.org>
 2010-04-15 18:45:41 +02:00
Matthieu Patou
634caed116 s4 python: make the function dsdb_get_oid_from_attid reachable from a samDB object 
Signed-off-by: Jelmer Vernooij <jelmer@samba.org>
 2010-04-15 18:45:41 +02:00
Nadezhda Ivanova
83312a9e50 Fixed a problem with provision missing the default_dir/etc directory. 2010-04-12 16:06:06 +03:00
Jelmer Vernooij
47c4e883d6 s4-net: Add definition of outf. 2010-04-12 02:55:27 +02:00
Andrew Bartlett
bc6659936a s4:provision Don't make the 'slaptest' call produce errors 
Adding -n 0 also allows us to check the error code too

Andrew Bartlett
 2010-04-10 21:41:00 +10:00
Andrew Tridgell
92a051ef2f s4-waf: only enable the python uuid module if python <= 2.4 2010-04-09 21:26:28 +10:00
Jelmer Vernooij
0d92dd1074 s4-net: Cope with options without arguments. 2010-04-09 11:53:00 +02:00
Jelmer Vernooij
410527f936 s4-net: 'net user create' -> 'net user add', for backwards compatibility. 2010-04-09 11:53:00 +02:00
Jelmer Vernooij
ececb73262 Support --version in python scripts. 2010-04-09 11:53:00 +02:00
Jelmer Vernooij
9af8d02b22 s4-net: Convert machinepw command to python. 2010-04-09 11:53:00 +02:00
Jelmer Vernooij
f83aa13f62 s4-net: Convert vampire command over to Python. 2010-04-09 11:53:00 +02:00
Jelmer Vernooij
ffa73c412e s4-net: Convert user subcommand to Python. 2010-04-09 11:53:00 +02:00
Kamen Mazdrashki
8149094edd s4/dsdb: Set schemaInfo attribute value during provisioning 
After provisioning new Forest, schemaInfo should be set
to a value with revision=1 and current invocation_id
 2010-04-09 12:21:34 +03:00
Jelmer Vernooij
26d928e948 s4-net: Convert 'net time' to python. 2010-04-08 23:41:08 +02:00
Jelmer Vernooij
0c6f434b7b net: Convert time command to python. 2010-04-08 23:22:55 +02:00
Jelmer Vernooij
6510b2cdd2 s4-net: Use new Net() object in net export keytab. 2010-04-08 23:22:55 +02:00
Jelmer Vernooij
814e20e7da pynet: Create a net class. 2010-04-08 23:22:55 +02:00
Jelmer Vernooij
7a6f1c7842 s4-python: Fix formatting, use standard convention to call instance methods. 2010-04-08 23:20:36 +02:00
Jelmer Vernooij
ae6d306c68 s4-python: Cancel transaction properly in case of exceptions, fix formatting. 2010-04-08 23:20:36 +02:00
Jelmer Vernooij
57ac0a6042 s4-python: Move load_partition_usn to dsdb module. 2010-04-08 23:20:36 +02:00
Jelmer Vernooij
dd4ef4e106 s4-python: More cleanups. 2010-04-08 23:20:36 +02:00
Jelmer Vernooij
a35d876537 s4-python: rename samba.glue to samba._glue to indicate it's private. 2010-04-08 23:20:36 +02:00
Jelmer Vernooij
cc6e2b8a81 s4-python: Fix formatting, import of FLG_NOSYNC. 2010-04-08 23:20:36 +02:00
Jelmer Vernooij
d7a46ee129 s4-python: Simplify code, improve formatting. 2010-04-08 23:20:36 +02:00
Jelmer Vernooij
be4b688175 s4-python: Remove obsolete and broken torture modules. 
The functionality of these modules is already present in a more current
form in other modules.
 2010-04-08 23:20:35 +02:00
Jelmer Vernooij
4f2d8d6ace s4-python: samdb: Default to using global schema. 2010-04-08 23:20:35 +02:00
Jelmer Vernooij
cf17d48dec Migrate 'net export keytab' to python. 2010-04-08 22:37:35 +02:00
Jelmer Vernooij
479fd9c03f s4-net: Simplify SamDB connect code. 2010-04-08 12:21:35 +02:00
Jelmer Vernooij
2578072541 s4-python: Move set_global_schema to pydsdb. 2010-04-08 12:21:35 +02:00
Thomas Nagy
7f3116a63d build: allow the waf build to work with python 3.0 and 3.1 
Python 3.x is a bit fussier about print statements and indentation.

Signed-off-by: Andrew Tridgell <tridge@samba.org>
 2010-04-08 07:46:39 +10:00
Jelmer Vernooij
c76bd65b60 s4-samdb: Allow skipping global schema. 2010-04-07 17:40:00 +02:00
Jelmer Vernooij
feeedf49cf s4-provision: Proper handling of exceptions, use SamDB class but skip global schema. 2010-04-07 17:39:59 +02:00
Jelmer Vernooij
21ab06f8a2 s4-python: Move samdb_ntds_objectGUID to pydsdb. 2010-04-07 17:39:59 +02:00
Matthias Dieter Wallnöfer
fa4d91e1e0 s4:provision - add a comment which explains why "paths.dns_keytab" is stored without path reference 2010-04-07 15:05:18 +02:00
Jelmer Vernooij
c349aa3619 s4-python: Use standard infrastructure for finding included testtools, subunit and iso8601. 2010-04-07 00:29:28 +02:00
Jelmer Vernooij
449bdf3543 s4-python: Move set_session_info to PySambaLdb. 2010-04-06 13:12:43 +02:00
Jelmer Vernooij
55b98e9768 s4-python: Move register_samba_handlers to PySambaLdb. 2010-04-06 13:12:43 +02:00
Jelmer Vernooij
e9c3f2ef13 s4-python: Move ldb_set_utf8_casefold to pyldb-samba. 2010-04-06 13:12:43 +02:00
Jelmer Vernooij
b72a5c0336 Move glue.set_credentials hack to samba.Ldb. 2010-04-06 13:12:43 +02:00
Jelmer Vernooij
099fc00b60 Add C-based Samba-specific subclass of Ldb. 2010-04-06 13:12:43 +02:00
Andrew Tridgell
4fa9c3187d s4-waf: updates for the new python installer from jelmer 2010-04-06 20:27:22 +10:00
Andrew Tridgell
f9eae32f4b s4-waf: mark the wscript files as python so vim/emacs knows how to highlight them 2010-04-06 20:27:11 +10:00
Andrew Tridgell
bd7bf0e1a9 s4-waf: install the rest of our python files 2010-04-06 20:27:10 +10:00
Andrew Tridgell
a2a4fee8c6 s4-waf: forgot these files 2010-04-06 20:27:09 +10:00
Andrew Tridgell
844acb2260 build: waf quicktest nearly works 
Rewrote wafsamba using a new dependency handling system, and started
adding the waf test code
 2010-04-06 20:26:48 +10:00
Andrew Tridgell
845e0cbe6f build: commit all the waf build files in the tree 2010-04-06 20:26:48 +10:00
Matthias Dieter Wallnöfer
1b6e5a1b8d s4:python/samba/__init__.py - import "sys" for "ensure_external_module" method 2010-04-05 12:06:49 +02:00
Jelmer Vernooij
55aeb682ba s4-python: Move dsdb_convert_schema_to_openldap to dsdb. 2010-04-04 00:42:52 +02:00
Jelmer Vernooij
2a67eda98f s4-python: Move set_opaque_integer -> dsdb. 2010-04-04 00:40:01 +02:00
Jelmer Vernooij
ccd954f2a7 s4-python: Avoid importing glue directly. 2010-04-04 00:30:34 +02:00
Jelmer Vernooij
aed295b97e s4-python: Remove convenience macro PyErr_SetStringError. 
This macro assumed that all errors were runtime errors.
 2010-04-04 00:22:29 +02:00
Jelmer Vernooij
8afd52a641 s4-python: Move samdb_server_site_name to dsdb module. 2010-04-04 00:21:09 +02:00
Jelmer Vernooij
31a517e172 s4-python: Move dsdb constants to a separate python module. 2010-04-04 00:14:23 +02:00
Jelmer Vernooij
e5b33be2f2 s4-python: Remove remaining constants. 2010-04-03 23:47:26 +02:00
Jelmer Vernooij
5a026219a9 s4-python: Remove unused imports, duplicate definitions of SECINFO_ constants. 2010-04-03 23:47:26 +02:00
Jelmer Vernooij
13a6aee591 s4-python: Remove duplicate definition of GUID_DRS_* constants. 2010-04-03 23:47:25 +02:00
Andrew Tridgell
23f2db7ab6 s4-python: added --debuglevel to our python scripts 
very useful for debugging our cPython extensions, such as dcerpc
modules
 2010-04-02 18:52:29 +11:00
Andrew Tridgell
2c097b51cb s4-pyglue: setup talloc logging in python modules 2010-04-02 18:52:29 +11:00
Jelmer Vernooij
84891b048d s4-python: Install external packages to a different directory but import into 
the normal namespace when the system doesn't have it available.
 2010-04-01 15:33:07 +02:00
Jelmer Vernooij
132e505d1e subunitrun: Find testtools and subunit when they're not provided by the 
system.
 2010-04-01 14:47:54 +02:00
Jelmer Vernooij
5f3fcf7a77 s4-python: Install external included packages only if they're not present on the system. 2010-03-31 03:56:24 +02:00
Jelmer Vernooij
e4af3afd7a samba_external: Simplify script to find missing external packages; include subunit and testtools as well. 2010-03-31 03:15:24 +02:00
Andrew Tridgell
4f4adddb17 s4-test: oLschema2ldif doesn't take -H any more 2010-03-30 15:36:46 +11:00
Jelmer Vernooij
336cd5a0a3 python: Fix rule for generating docs using pydoctor. 2010-03-29 18:05:29 +02:00
Jelmer Vernooij
c873329500 s4-python: Simplify mechanism for finding included Python modules. 2010-03-29 18:05:29 +02:00
Jelmer Vernooij
4bbc3ff037 s4-python: Move dnspython to lib/, like the other Python modules 
This also avoids it from being installed if it's already present on the
system.
 2010-03-29 18:05:29 +02:00
Jelmer Vernooij
89aa3b766b s4-python: Format to PEP8, simplify tests. 2010-03-29 18:05:29 +02:00
Jelmer Vernooij
ba74823c8f upgradeprovision: Fix formatting, syntax error. 2010-03-28 22:58:36 +02:00
Matthieu Patou
d18d7cfa27 s4 upgradeprovision: add information about upgrade in oEMInformation to keep a better trace of different updates 
Signed-off-by: Jelmer Vernooij <jelmer@samba.org>
 2010-03-28 22:54:08 +02:00
Matthieu Patou
8d3ff2d41e s4: allow upgrade provision to fix acl and missing dir on GPO dirs 
Signed-off-by: Jelmer Vernooij <jelmer@samba.org>
 2010-03-28 22:54:08 +02:00
Matthieu Patou
ec48d3693d provision: make gpo related function more reusable for upgradeprovision 
Signed-off-by: Jelmer Vernooij <jelmer@samba.org>
 2010-03-28 22:54:08 +02:00
Jelmer Vernooij
66375cfba2 provision: Remove unnecessary whitespace. 2010-03-28 22:42:31 +02:00
Andrew Tridgell
088096d1ba python: use '#!/usr/bin/env python' to cope with varying install locations 
this should be much more portable
 2010-03-25 14:37:19 +11:00
Andrew Tridgell
83aaf4829e s4-provision: FreeBSD uses 'staff' for users 2010-03-24 07:11:38 +01:00
Andrew Tridgell
de2b841935 s4-provision: solaris uses the group "other" 2010-03-24 07:11:38 +01:00
Günther Deschner
0cf9d62f30 s4-selftest: fix selftest-vars script. 
Tridge, please check.

Guenther
 2010-03-22 10:43:48 +01:00
Andrew Bartlett
775c5ec1c5 s4:dsdb Remove unused 'dsdb_make_schema_global' call from pyglue 2010-03-22 20:24:40 +11:00
Andrew Tridgell
c04922ec20 build: useful shell vars for setting up selftest 2010-03-20 16:50:27 +11:00
Andrew Tridgell
55c45110e6 charset: fixed a problem with the global use of the iconv_convenience structure 
We had a crash bug where a cached copy of a iconv convenience pointer
was used after being freed when loadparm asked for iconv to
reload. This could happen if a python module used a iconv based
function before loadparm was completed.

The fix is to ensure that any use of this pointer remains valid, by
reusing the pointer itself when it has already been initialised, but
filling in the child elements with the updated values.
 2010-03-18 14:18:41 +11:00
Oliver Liebel
15172d3055 Fixed MMR-URL-Split and changed RID-Range OpenLDAP ITS6394 
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
 2010-03-18 11:27:30 +11:00
Nadezhda Ivanova
a212c1dedb Added a net acl ds command for modification of ACLs on directory objects 
At present the command supports only addition of control access rigts, done
so DRS access checks can be tested. It will be expanded to deal with most
ways to modify and view a DS ACL.
Shifted commands a bit. What used to be net acl is now "net acl nt" as apposed
to this, which is "net acl ds"

./bin/net acl ds set --help
Usage: set --objectdn=objectdn --car=control right --action=[deny|allow] --trusteedn=trustee-dn

Options:
  -h, --help            show this help message and exit
  --host=HOST           LDB URL for database or target server
  --car=CAR              The access control right to allow or deny
  --action=ACTION       Deny or allow access
  --objectdn=OBJECTDN   DN of the object whose SD to modify
  --trusteedn=TRUSTEEDN
                        DN of the entity that gets access

  Samba Common Options:
    -s FILE, --configfile=FILE
                        Configuration file

  Credentials Options:
    --simple-bind-dn=DN
                        DN to use for a simple bind
    --password=PASSWORD
                        Password
    -U USERNAME, --username=USERNAME
                        Username
    -W WORKGROUP, --workgroup=WORKGROUP
                        Workgroup
    -N, --no-pass       Don't ask for a password
    -k KERBEROS, --kerberos=KERBEROS
                        Use Kerberos
 2010-03-16 13:37:48 +02:00
Andrew Bartlett
2de07761e0 s4:dsdb Change dsdb_get_schema() callers to use new talloc argument 
This choses an appropriate talloc context to attach the schema too,
long enough lived to ensure it does not go away before the operation
compleates.

Andrew Bartlett
 2010-03-16 19:26:03 +11:00
Matthias Dieter Wallnöfer
31b0417f7d s4:provision.py - small output improvement 2010-03-12 21:04:22 +01:00
Andrew Bartlett
027123199e s4:provision Improve the handling of provision errors 
The backtraces were too confusing for our users, and didn't tell them
what to do to fix the problem.  By printing the string (rather than a
backtrace), and including in the error what to do, and what file to
remove, we give them a chance.

Andrew Bartlett
 2010-03-11 15:28:53 +11:00
Andrew Bartlett
3723e32e8c s4:samba_dnsupdate Add a 'file based' mode to samba_dnsupdate 
For the testsuite to use DNS like names, we need to write these names
to a file.

Also, to have this run in 'make test' the usual rules about 'no 127.*'
IP addresses in DNS must be skipped, so glue.interface_ips takes two
arguments now
 2010-03-11 11:27:48 +11:00
Andrew Tridgell
25a0750b81 s4-python: only install external python libs that are missing 2010-03-05 11:54:37 +11:00
Andrew Tridgell
7d86257d54 s4-python: import a copy of the python dns library 
This library is not installed on enough systems for us to rely
on it being available. We use the system copy if possible, and
fallback to this local copy

Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
 2010-03-05 11:54:36 +11:00
Andrew Tridgell
f3ca7a4696 s4-dns: use samba.external to pull in the dns.resolver library 2010-03-05 11:54:36 +11:00
Andrew Tridgell
8c7cf499ab s4-python: allow us to have samba copies of python libraries we depend on 
For python libraries like dns.resolver it is useful to be able to install 
a copy of the library with Samba. This set of functions allows us to do that
while using the locally installed version if it is available

Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
 2010-03-05 11:54:36 +11:00
Matthias Dieter Wallnöfer
af6f59468a s4:provision - use the new "interface_ips" python call to detect the right host IPv4 address 
Inform the user when there are more possibilities (so he can check for the
right address and otherwise he is able to do an immediate reprovision) and no
possibility at all (then we fall back to the loopback address "127.0.0.1" - this
is thought for testing purposes).

I think this should be enough for closing bug #5484.
 2010-03-04 10:38:36 +01:00
Andrew Tridgell
d8ae32ec41 dns: make dns update script use unbuffered IO 
Otherwise we can lose debug output when a timeout happens
 2010-03-03 23:05:23 +11:00
Endi S. Dewata
c54699faf2 s4:provision - Moved default FDS SASL mappings deletion from post_setup() to init(). 
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
 2010-03-02 14:07:15 +11:00
Endi S. Dewata
7ad931dda9 s4:provision - Moved setup_db_config() into OpenLDAPBackend class. 
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
 2010-03-02 14:07:10 +11:00
Endi S. Dewata
fc6d9e7b4f s4:provision - Moved backend-specific variables into backend class. 
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
 2010-03-02 14:07:05 +11:00
Endi S. Dewata
02533c9f1b s4:provision - Use netbios name for FDS instance name. 
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
 2010-03-02 14:07:01 +11:00
Jelmer Vernooij
24d52dc362 Fix the build, add filtered subunit runner. 2010-03-01 16:24:59 +01:00
Jelmer Vernooij
86e2b25186 More formatting fixes, pointed out by pylint. 2010-03-01 16:24:58 +01:00
Jelmer Vernooij
8448ece9de python: Add 'make pylint' convenience rule. 2010-03-01 04:56:42 +01:00
Jelmer Vernooij
31a718aa27 General cleanups of python code, hinted by pyflakes. 2010-03-01 04:46:51 +01:00
Jelmer Vernooij
1ef50d5de4 Add 'pyflakes' rule. 2010-03-01 04:46:50 +01:00
Jelmer Vernooij
6d9c0724a6 ntacl: Use existing infrastructure. 2010-03-01 04:44:08 +01:00
Jelmer Vernooij
da96d3fdba Remove __contains__ from mock object for consistency with actual 
implementation.
 2010-03-01 03:48:11 +01:00
Ricardo Jorge
8edab1b96c Fix SharesContainer.__len__. 
Signed-off-by: Jelmer Vernooij <jelmer@samba.org>
 2010-03-01 03:48:11 +01:00
Jelmer Vernooij
20e1d5a72e More formatting fixes. 2010-03-01 03:41:52 +01:00
Jelmer Vernooij
44c2d696bd Fix formatting. 2010-03-01 03:29:47 +01:00
Jelmer Vernooij
93d377424a upgradeprovision: Remove unused imports, use shutil.rmtree rather than 
rmall.
 2010-03-01 03:25:07 +01:00
Matthieu Patou
254e007bd9 upgradeprovision: Move to pythondoc format 
Signed-off-by: Jelmer Vernooij <jelmer@samba.org>
 2010-03-01 03:20:36 +01:00
Matthieu Patou
8f1f50daa5 upgradeprovision: Allow script to be called with pydoc 
Signed-off-by: Jelmer Vernooij <jelmer@samba.org>
 2010-03-01 03:20:36 +01:00
Matthieu Patou
2bc3631db8 upgrade provision: change the meaning of handle_security_desc to be similar to handle_special_case 
Signed-off-by: Jelmer Vernooij <jelmer@samba.org>
 2010-03-01 03:20:36 +01:00
Matthieu Patou
5054bdb4f2 upgradeprovision: code cleanup 
Signed-off-by: Jelmer Vernooij <jelmer@samba.org>
 2010-03-01 03:20:36 +01:00
Matthieu Patou
3bd16415d2 upgradeprovision: split the big script to put reusable functions appart 
Signed-off-by: Jelmer Vernooij <jelmer@samba.org>
 2010-03-01 03:20:36 +01:00
Stefan Metzmacher
27e7578e27 s4:provision: use generate_random_password() 
metze
 2010-02-26 08:57:30 +01:00
Stefan Metzmacher
d2cd0a783b s4:pyglue: add generate_random_password() 
metze
 2010-02-26 08:57:30 +01:00
Andrew Tridgell
c2edea5ccf devel: get the ownership of the directories right in tmpfs.sh 2010-02-26 18:19:27 +11:00
Andrew Tridgell
1e2ac9b896 s4-provision: fixed use of rndc command from python 
rndc command is now a list
 2010-02-26 18:19:27 +11:00
Andrew Tridgell
97d65774d4 s4-provision: also create the dns_update_list when running net vampire 
We need the list when joining a windows domain, so we can
automatically maintain the right DNS entries on the Windows DNS server
 2010-02-26 18:19:27 +11:00
Andrew Tridgell
8cb721b293 s4-dns: fixed CNAME automatic DNS updates 2010-02-26 18:19:27 +11:00
Andrew Tridgell
5bf9db7e31 s4-provision: setup the dns_update_list at provision time 
This file is substituted at runtime by samba_dnsupdate
 2010-02-26 14:27:38 +11:00
Andrew Tridgell
44f9d5aadc s4-provision: if we aren't doing variable substitution then don't check for vars 2010-02-26 14:27:38 +11:00
Andrew Tridgell
721bcfa01c dns: auto-delete incorrect SRV entries for our hostname 2010-02-26 13:59:17 +11:00
Andrew Tridgell
ab4f170216 s4-dns: add automatic dynamic DNS updating script 
This script checks a list of DNS names that we should have, and does
dynamic DNS updates using our machine account credentials to add any
missing DNS entries.

This allows us to correctly add all the DNS entries we need when we
join an existing domain as a DC

Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
 2010-02-26 13:59:17 +11:00
Andrew Tridgell
cb8d1e01f0 samdb: added get_ntds_GUID() method 2010-02-26 13:59:17 +11:00
Andrew Tridgell
390f7b535d py-samdb: added server_site_name method 2010-02-26 13:59:17 +11:00
Andrew Tridgell
1e66ec832e pyglue: added py_samdb_server_site_name() 2010-02-26 13:59:17 +11:00
Andrew Tridgell
8f763e046c py-samdb: added get_invocation_id() method 2010-02-26 13:59:17 +11:00
Andrew Tridgell
abf55033df pyglue: added py_samdb_ntds_invocation_id() 2010-02-26 13:59:17 +11:00
Andrew Tridgell
af70728b51 pyglue: don't return 127.0.0.0/8 IPs in interface_ips() 
We don't generally want loopback addresses in the python code
 2010-02-26 13:59:16 +11:00
Andrew Tridgell
cf14fa5a5c dns: dummy samba_dnsupdate script 
The merge from metze of my dns tree means we now depend on this. This
is a placeholder until Andrew and I have finished the full script.
 2010-02-26 13:59:16 +11:00
Andrew Bartlett
612eec4aa7 s4:scripting/devel Allow tmpfs script to be re-run 
By doing the unmount, we can avoid double-mounting st and bin
 2010-02-25 08:26:09 +11:00
Matthieu Patou
8b4b602e1a python: ntacls, fix a leftover that is not in the try/except branch 
Signed-off-by: Matthias Dieter Wallnöfer <mwallnoefer@yahoo.de>
 2010-02-24 14:50:30 +01:00
Andrew Tridgell
cb7ab80ee8 s4-pyglue: added interface_ips() call 
This allows a python script to query the internal network interface
lists from Samba
 2010-02-23 13:48:20 +01:00
Matthias Dieter Wallnöfer
f2eac3b6ea s4:provision.py - try to use other addresses than "127.0.0.x" and "::1" 
On production systems a user for sure strongly disagrees to use local IP
addresses (how should the server be accessible?). Therefore if the user didn't
specify an IP as provision option and in the "/etc/hosts" file we have at
least one not-local IP which resolves to our hostname use this or one of them.

Notice: if a host has more public IP addresses with the same name assigned the
behaviour is non-deterministic (well, okay - by the entries order it is). But
then the user is invited to specify the host IP manually.

This should address bug #5484.
 2010-02-21 21:39:47 +01:00
Andrew Bartlett
a9d9447d5a s4:credentials Add hooks to extract a named Kerberos credentials cache 
This allows the integration of external tools that can't be linked
into C or python, but need to authenticate as the local machine
account.

The machineaccountccache script demonstrates this, and debugging has
been improved in cli_credentials_set_secrets() by passing back and
error string.

Andrew Bartlett
 2010-02-20 17:58:07 +11:00
Andrew Tridgell
986627cd67 s4-provision: freeze the DNS zone before creating the zone file 
This prevents bind from getting confused if it has a journal for the
zone.
 2010-02-17 19:43:33 +11:00
Andrew Tridgell
72c0cd75e4 s4-provision: fix permissions on generated DNS zone file 
The zone file needs to be writeable by bind to allow for it to flush
its journal on dynamic updates

Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
 2010-02-17 19:43:32 +11:00
Fernando J V da Silva
cf1ed0678a s4-drs: Function for accessing dsdb_load_partition_usn from Python 
Returns both uSNHighest and uSNUrgent as a dict object in Python
from a given partition dn.

Signed-off-by: Andrew Tridgell <tridge@samba.org>
 2010-02-15 21:57:08 +11:00
Matthias Dieter Wallnöfer
de555895e5 s4:getopt.py - set the password callback only when no password has been provided 
Previously the "no_pass" and "no_pass2" variables weren't handled correctly.
Since at the initialisation of the "CredentialsOptions" we don't have any
password at all. Only afterwards we could get one through "set_password".

If a password is specified, use it. If no password is specified, consider the
use fo an input mask on STDOUT. But if the loadparm context contains one prefer
it over the input.
 2010-02-12 15:04:07 +01:00
Andrew Tridgell
45defdb90c s4-provision: import the R2 functional level 
this makes it easier to modify the script to set us at R2 level in
provision. We should make this a parameter.
 2010-02-12 01:08:12 +11:00
Andrew Tridgell
960fab4bba s4-build: avoid finding python symlinks 
emacs creates symlinks to .py files while you are editing them. This
could cause build failures.
 2010-02-12 01:08:12 +11:00
Andrew Tridgell
802f6b71dd s4-script: make enablerecyclebin use system_session 
This allows it to work against our local ldb
 2010-02-12 01:08:11 +11:00
Matthieu Patou
a4d0563392 provision: Use short name for assignee of ACE (BA, SA, CO, ...) 
Use short name (shortcut for wellknown SID/RID) for assignee in each entry of ACL (when possible)
  of sysvol files (GPO objects and netlogon folders).
  This avoid error prone substitution of DOMAINSID in ACL and make ACL clearer by using shortname
  for assignee accordingly with SDDL synthax rules. Translation to real SID is handled internaly by the
  from_sddl function.

Signed-off-by: Matthias Dieter Wallnöfer <mwallnoefer@yahoo.de>
 2010-02-11 11:47:04 +01:00
Matthieu Patou
bcba41c351 python-s4: use secrets.ldb instead of sam.ldb for reading domain SID 
This allow to be able to run net acl set xxx yyy on DC, but also on domain
  member.

Signed-off-by: Matthias Dieter Wallnöfer <mwallnoefer@yahoo.de>
 2010-02-11 11:47:04 +01:00
Matthieu Patou
d1c2923151 provision: Fix an error with eadb when using not default install dir and running as a non root user 
Signed-off-by: Matthias Dieter Wallnöfer <mwallnoefer@yahoo.de>
 2010-02-11 11:47:04 +01:00
Andrew Tridgell
6bfb216293 s4-provision: cope with umask in creating private/dns 2010-02-11 21:04:14 +11:00
Andrew Tridgell
c986bfb22e s4-provision: pre-create a named.conf.update file 
The named.conf.update file will be filled in at runtime by Samba to 
contain the list of bind9 grant rules for granting DNS dynamic update
permissions on the domain.
 2010-02-11 21:04:12 +11:00