svn commit: samba r17499 - in branches/SAMBA_4_0/source:
scripting/libjs setup
abartlet at samba.org
abartlet at samba.org
Fri Aug 11 22:11:30 GMT 2006
Author: abartlet
Date: 2006-08-11 22:11:29 +0000 (Fri, 11 Aug 2006)
New Revision: 17499
WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=rev&root=samba&rev=17499
Log:
Open the main database only the minimum times during a provision.
This causes things to operate as just one transaction (locally), and
to make a minimum of TCP connections when connecting to a remote LDAP
server.
Taking advantage of this, create another file to handle loading the
Samba4 specific schema extensions. Also comment out 'middleName' and
reassign the OID to one in the Samba4 range, as it is 'stolen' from a
netscape range that is used in OpenLDAP and interenet standards for
'ref'.
Andrew Bartlett
Added:
branches/SAMBA_4_0/source/setup/schema_samba4.ldif
Modified:
branches/SAMBA_4_0/source/scripting/libjs/provision.js
branches/SAMBA_4_0/source/setup/schema.ldif
Changeset:
Modified: branches/SAMBA_4_0/source/scripting/libjs/provision.js
===================================================================
--- branches/SAMBA_4_0/source/scripting/libjs/provision.js 2006-08-11 18:59:44 UTC (rev 17498)
+++ branches/SAMBA_4_0/source/scripting/libjs/provision.js 2006-08-11 22:11:29 UTC (rev 17499)
@@ -189,24 +189,12 @@
/*
erase an ldb, removing all records
*/
-function ldb_erase_partitions(info, dbname)
+function ldb_erase_partitions(info, ldb)
{
var rootDSE_attrs = new Array("namingContexts");
- var ldb = ldb_init();
var lp = loadparm_init();
var j;
- ldb.session_info = info.session_info;
- ldb.credentials = info.credentials;
-
-
- ldb.filename = dbname;
-
- var connect_ok = ldb.connect(dbname);
- assert(connect_ok);
-
- ldb.transaction_start();
-
var res = ldb.search("(objectClass=*)", "", ldb.SCOPE_BASE, rootDSE_attrs);
assert(typeof(res) != "undefined");
assert(res.length == 1);
@@ -237,45 +225,13 @@
}
}
}
-
- var commit_ok = ldb.transaction_commit();
- if (!commit_ok) {
- info.message("ldb commit failed: " + ldb.errstring() + "\n");
- assert(add_ok);
- }
}
-/*
- setup a ldb in the private dir
- */
-function setup_ldb(ldif, info, dbname)
+function open_ldb(info, dbname, erase)
{
- var erase = true;
- var extra = "";
- var failok = false;
var ldb = ldb_init();
- var lp = loadparm_init();
ldb.session_info = info.session_info;
ldb.credentials = info.credentials;
-
- if (arguments.length >= 4) {
- extra = arguments[3];
- }
-
- if (arguments.length >= 5) {
- erase = arguments[4];
- }
-
- if (arguments.length == 6) {
- failok = arguments[5];
- }
-
- var src = lp.get("setup directory") + "/" + ldif;
-
- var data = sys.file_load(src);
- data = data + extra;
- data = substitute_var(data, info.subobj);
-
ldb.filename = dbname;
var connect_ok = ldb.connect(dbname);
@@ -290,7 +246,21 @@
if (erase) {
ldb_erase(ldb);
}
+ return ldb;
+}
+
+/*
+ setup a ldb in the private dir
+ */
+function setup_add_ldif(ldif, info, ldb, failok)
+{
+ var lp = loadparm_init();
+ var src = lp.get("setup directory") + "/" + ldif;
+
+ var data = sys.file_load(src);
+ data = substitute_var(data, info.subobj);
+
var add_ok = ldb.add(data);
if (!add_ok) {
info.message("ldb load failed: " + ldb.errstring() + "\n");
@@ -298,7 +268,22 @@
assert(add_ok);
}
}
- if (add_ok) {
+ return add_ok;
+}
+
+function setup_ldb(ldif, info, dbname)
+{
+ var erase = true;
+ var failok = false;
+
+ if (arguments.length >= 4) {
+ erase = arguments[3];
+ }
+ if (arguments.length == 5) {
+ failok = arguments[4];
+ }
+ var ldb = open_ldb(info, dbname, erase);
+ if (setup_add_ldif(ldif, info, ldb, erase, failok)) {
var commit_ok = ldb.transaction_commit();
if (!commit_ok) {
info.message("ldb commit failed: " + ldb.errstring() + "\n");
@@ -310,35 +295,20 @@
/*
setup a ldb in the private dir
*/
-function setup_ldb_modify(ldif, info, dbname)
+function setup_ldb_modify(ldif, info, ldb)
{
- var ldb = ldb_init();
var lp = loadparm_init();
- ldb.session_info = info.session_info;
- ldb.credentials = info.credentials;
var src = lp.get("setup directory") + "/" + ldif;
var data = sys.file_load(src);
data = substitute_var(data, info.subobj);
- ldb.filename = dbname;
-
- var connect_ok = ldb.connect(dbname);
- assert(connect_ok);
-
- ldb.transaction_start();
-
var mod_ok = ldb.modify(data);
if (!mod_ok) {
info.message("ldb load failed: " + ldb.errstring() + "\n");
assert(mod_ok);
}
- var commit_ok = ldb.transaction_commit();
- if (!commit_ok) {
- info.message("ldb commit failed: " + ldb.errstring() + "\n");
- assert(commit_ok);
- }
}
/*
@@ -386,16 +356,9 @@
/*
setup reasonable name mappings for sam names to unix names
*/
-function setup_name_mappings(info, subobj, session_info, credentials)
+function setup_name_mappings(info, subobj, ldb)
{
var lp = loadparm_init();
- var ldb = ldb_init();
- ldb.session_info = session_info;
- ldb.credentials = credentials;
- var ok = ldb.connect(lp.get("sam database"));
- if (!ok) {
- return false;
- }
var attrs = new Array("objectSid");
res = ldb.search("objectSid=*", subobj.BASEDN, ldb.SCOPE_BASE, attrs);
assert(res.length == 1 && res[0].objectSid != undefined);
@@ -436,7 +399,6 @@
*/
function provision(subobj, message, blank, paths, session_info, credentials)
{
- var data = "";
var lp = loadparm_init();
var sys = sys_init();
var info = new Object();
@@ -480,38 +442,54 @@
setup_ldb("hklm.ldif", info, paths.hklm);
message("Setting up sam.ldb partitions\n");
+ /* Also wipes the database */
setup_ldb("provision_partitions.ldif", info, paths.samdb);
+ var samdb = open_ldb(info, paths.samdb, false);
+
message("Setting up sam.ldb attributes\n");
- setup_ldb("provision_init.ldif", info, paths.samdb, NULL, false);
+ setup_add_ldif("provision_init.ldif", info, samdb, false);
message("Erasing data from partitions\n");
- ldb_erase_partitions(info, paths.samdb);
+ ldb_erase_partitions(info, samdb);
- message("Adding baseDN: " + subobj.BASEDN + "\n");
- setup_ldb("provision_basedn.ldif", info, paths.samdb, NULL, false, true);
+ message("Adding baseDN: " + subobj.BASEDN + " (permitted to fail)\n");
+ setup_add_ldif("provision_basedn.ldif", info, samdb, true);
message("Modifying baseDN: " + subobj.BASEDN + "\n");
- setup_ldb_modify("provision_basedn_modify.ldif", info, paths.samdb)
+ setup_ldb_modify("provision_basedn_modify.ldif", info, samdb);
- message("Setting up sam.ldb schema\n");
- setup_ldb("schema.ldif", info, paths.samdb, NULL, false);
+ message("Setting up sam.ldb Samba4 schema\n");
+ setup_add_ldif("schema_samba4.ldif", info, samdb, false);
+ message("Setting up sam.ldb AD schema\n");
+ setup_add_ldif("schema.ldif", info, samdb, false);
message("Setting up display specifiers\n");
- setup_ldb("display_specifiers.ldif", info, paths.samdb, NULL, false);
+ setup_add_ldif("display_specifiers.ldif", info, samdb, false);
message("Setting up sam.ldb templates\n");
- setup_ldb("provision_templates.ldif", info, paths.samdb, NULL, false);
+ setup_add_ldif("provision_templates.ldif", info, samdb, false);
message("Setting up sam.ldb data\n");
- setup_ldb("provision.ldif", info, paths.samdb, NULL, false);
+ setup_add_ldif("provision.ldif", info, samdb, false);
if (blank != false) {
+ var commit_ok = samdb.transaction_commit();
+ if (!commit_ok) {
+ info.message("ldb commit failed: " + samdb.errstring() + "\n");
+ assert(commit_ok);
+ }
return true;
}
message("Setting up sam.ldb users and groups\n");
- setup_ldb("provision_users.ldif", info, paths.samdb, data, false);
+ setup_add_ldif("provision_users.ldif", info, samdb, false);
- if (setup_name_mappings(info, subobj, session_info, credentials) == false) {
+ if (setup_name_mappings(info, subobj, samdb) == false) {
return false;
}
+ var commit_ok = samdb.transaction_commit();
+ if (!commit_ok) {
+ info.message("samdb commit failed: " + samdb.errstring() + "\n");
+ assert(commit_ok);
+ }
+
return true;
}
Modified: branches/SAMBA_4_0/source/setup/schema.ldif
===================================================================
--- branches/SAMBA_4_0/source/setup/schema.ldif 2006-08-11 18:59:44 UTC (rev 17498)
+++ branches/SAMBA_4_0/source/setup/schema.ldif 2006-08-11 22:11:29 UTC (rev 17499)
@@ -548,19 +548,19 @@
attributeID: 2.5.4.51
attributeSyntax: 2.5.5.12
-dn: CN=middleName,CN=Schema,CN=Configuration,${BASEDN}
-cn: middleName
-name: middleName
-objectClass: top
-objectClass: attributeSchema
-lDAPDisplayName: middleName
-isSingleValued: TRUE
-systemFlags: 16
-systemOnly: FALSE
-schemaIDGUID: bf9679f2-0de6-11d0-a285-00aa003049e2
-adminDisplayName: Other-Name
-attributeID: 2.16.840.1.113730.3.1.34
-attributeSyntax: 2.5.5.12
+#dn: CN=middleName,CN=Schema,CN=Configuration,${BASEDN}
+#cn: middleName
+#name: middleName
+#objectClass: top
+#objectClass: attributeSchema
+#lDAPDisplayName: middleName
+#isSingleValued: TRUE
+#systemFlags: 16
+#systemOnly: FALSE
+#schemaIDGUID: bf9679f2-0de6-11d0-a285-00aa003049e2
+#adminDisplayName: Other-Name
+#attributeID: 2.16.840.1.113730.3.1.34
+#attributeSyntax: 2.5.5.12
dn: CN=replTopologyStayOfExecution,CN=Schema,CN=Configuration,${BASEDN}
cn: replTopologyStayOfExecution
Added: branches/SAMBA_4_0/source/setup/schema_samba4.ldif
===================================================================
--- branches/SAMBA_4_0/source/setup/schema_samba4.ldif 2006-08-11 18:59:44 UTC (rev 17498)
+++ branches/SAMBA_4_0/source/setup/schema_samba4.ldif 2006-08-11 22:11:29 UTC (rev 17499)
@@ -0,0 +1,149 @@
+#
+# Schema elements which do not exist in AD, but which we use in Samba4
+#
+## Samba4 OID allocation from Samba3's examples/LDAP/samba.schema
+## 1.3.6.1.4.1.7165.4.1.x - attributetypes
+## 1.3.6.1.4.1.7165.4.2.x - objectclasses
+#
+#
+
+
+dn: cn=ntpwdHash,CN=Schema,CN=Configuration,${BASEDN}
+cn: ntpwdHash
+name: NTPWDHash
+objectClass: top
+objectClass: attributeSchema
+lDAPDisplayName: ntpwdhash
+isSingleValued: TRUE
+systemFlags: 17
+systemOnly: TRUE
+schemaIDGUID: E961130F-5084-458C-9E9C-DEC16DA08592
+adminDisplayName: NT-PWD-Hash
+attributeID: 1.3.6.1.4.1.7165.4.1.1
+attributeSyntax: 2.5.5.10
+
+dn: cn=lmpwdHash,CN=Schema,CN=Configuration,${BASEDN}
+cn: lmpwdHash
+name: lmpwdHash
+objectClass: top
+objectClass: attributeSchema
+lDAPDisplayName: lmpwdhash
+isSingleValued: TRUE
+systemFlags: 17
+systemOnly: TRUE
+schemaIDGUID: CBD0D18C-9C54-4A77-87C4-5CEEAF781253
+adminDisplayName: LM-PWD-Hash
+attributeID: 1.3.6.1.4.1.7165.4.1.2
+attributeSyntax: 2.5.5.10
+
+dn: cn=sambaNtPwdHistory,CN=Schema,CN=Configuration,${BASEDN}
+cn: sambaNtPwdHistory
+name: sambaNtPwdHistory
+objectClass: top
+objectClass: attributeSchema
+lDAPDisplayName: sambaNtPwdHistory
+isSingleValued: TRUE
+systemFlags: 17
+systemOnly: TRUE
+schemaIDGUID: 8CCD7658-C574-4435-A38C-99572E349E6B
+adminDisplayName: SAMBA-NT-PWD-History
+attributeID: 1.3.6.1.4.1.7165.4.1.3
+attributeSyntax: 2.5.5.10
+
+dn: cn=sambaLmPwdHistory,CN=Schema,CN=Configuration,${BASEDN}
+cn: sambaLmPwdHistory
+name: sambaLmPwdHistory
+objectClass: top
+objectClass: attributeSchema
+lDAPDisplayName: sambaLmPwdHistory
+isSingleValued: FALSE
+systemFlags: 17
+systemOnly: TRUE
+schemaIDGUID: 0EAFE3DD-0F53-495E-8A34-97BB28AF17A4
+adminDisplayName: SAMBA-LM-PWDHistory
+attributeID: 1.3.6.1.4.1.7165.4.1.4
+attributeSyntax: 2.5.5.10
+
+dn: cn=sambaPassword,CN=Schema,CN=Configuration,${BASEDN}
+cn: sambaPassword
+name: sambaPassword
+objectClass: top
+objectClass: attributeSchema
+lDAPDisplayName: sambaPassword
+isSingleValued: FALSE
+systemFlags: 17
+systemOnly: TRUE
+schemaIDGUID: 87F10301-229A-4E69-B63A-998339ADA37A
+adminDisplayName: SAMBA-Password
+attributeID: 1.3.6.1.4.1.7165.4.1.5
+attributeSyntax: 2.5.5.5
+
+dn: cn=dnsDomain,CN=Schema,CN=Configuration,${BASEDN}
+cn: dnsDomain
+name: dnsDomain
+objectClass: top
+objectClass: attributeSchema
+lDAPDisplayName: dnsDomain
+isSingleValued: FALSE
+systemFlags: 17
+systemOnly: TRUE
+schemaIDGUID: A40165E6-5E45-44A7-A8FA-186C94333018
+adminDisplayName: SAMBA-Password
+attributeID: 1.3.6.1.4.1.7165.4.1.6
+attributeSyntax: 2.5.5.4
+
+dn: cn=privilege,CN=Schema,CN=Configuration,${BASEDN}
+cn: privilege
+name: privilege
+objectClass: top
+objectClass: attributeSchema
+lDAPDisplayName: privilege
+isSingleValued: FALSE
+systemFlags: 17
+systemOnly: TRUE
+schemaIDGUID: 7429BC94-CC6A-4481-8B2C-A97E316EB182
+adminDisplayName: Privilege
+attributeID: 1.3.6.1.4.1.7165.4.1.7
+attributeSyntax: 2.5.5.4
+
+dn: CN=middleName,CN=Schema,CN=Configuration,${BASEDN}
+cn: middleName
+name: middleName
+objectClass: top
+objectClass: attributeSchema
+lDAPDisplayName: middleName
+sSingleValued: TRUE
+systemFlags: 16
+systemOnly: FALSE
+schemaIDGUID: bf9679f2-0de6-11d0-a285-00aa003049e2
+adminDisplayName: Other-Name
+attributeID: 1.3.6.1.4.1.7165.4.1.8
+attributeSyntax: 2.5.5.12
+
+dn: CN=unixName,CN=Schema,CN=Configuration,${BASEDN}
+cn: unixName
+name: unixName
+objectClass: top
+objectClass: attributeSchema
+lDAPDisplayName: unixName
+sSingleValued: TRUE
+systemFlags: 16
+systemOnly: FALSE
+schemaIDGUID: bf9679f2-0de6-11d0-a285-00aa003049e2
+adminDisplayName: Unix-Name
+attributeID: 1.3.6.1.4.1.7165.4.1.9
+attributeSyntax: 2.5.5.4
+
+dn: cn=krb5Key,CN=Schema,CN=Configuration,${BASEDN}
+cn: krb5Key
+name: krb5Key
+objectClass: top
+objectClass: attributeSchema
+lDAPDisplayName: krb5Key
+isSingleValued: FALSE
+systemFlags: 17
+systemOnly: TRUE
+schemaIDGUID: 0EAFE3DD-0F53-495E-8A34-97BB28AF17A4
+adminDisplayName: krb5-Key
+attributeID: 1.3.6.1.4.1.5322.10.1.10
+attributeSyntax: 2.5.5.10
More information about the samba-cvs
mailing list