svn commit: samba r26524 - in branches/SAMBA_4_0: .
source/scripting/python/samba
jelmer at samba.org
jelmer at samba.org
Tue Dec 18 17:21:21 GMT 2007
Author: jelmer
Date: 2007-12-18 17:21:20 +0000 (Tue, 18 Dec 2007)
New Revision: 26524
WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=rev&root=samba&rev=26524
Log:
Import self join.
Modified:
branches/SAMBA_4_0/
branches/SAMBA_4_0/source/scripting/python/samba/provision.py
Changeset:
Property changes on: branches/SAMBA_4_0
___________________________________________________________________
Name: bzr:revision-info
...skipped...
Name: bzr:revision-id:v3-trunk0
...skipped...
Modified: branches/SAMBA_4_0/source/scripting/python/samba/provision.py
===================================================================
--- branches/SAMBA_4_0/source/scripting/python/samba/provision.py 2007-12-18 17:21:13 UTC (rev 26523)
+++ branches/SAMBA_4_0/source/scripting/python/samba/provision.py 2007-12-18 17:21:20 UTC (rev 26524)
@@ -54,15 +54,7 @@
self.schemedn_ldb = None
self.s4_ldapi_path = None
self.policyguid = None
- self.serverrole = None
- def subst_vars(self):
- return {
- "SERVERROLE": self.serverrole,
- "DOMAIN_CONF": self.domain,
- "REALM_CONF": self.realm,
- }
-
def fix(self, paths):
self.realm = self.realm.upper()
self.hostname = self.hostname.lower()
@@ -75,13 +67,6 @@
rdns = self.domaindn.split(",")
self.rdn_dc = rdns[0][len("DC="):]
- self.sam_ldb = paths.samdb
- self.secrets_ldb = paths.secrets
- self.secrets_keytab = paths.keytab
-
- self.s4_ldapi_path = paths.s4_ldapi_path
- self.serverrole = "domain controller"
-
def validate(self, lp):
if not valid_netbios_name(self.domain):
raise InvalidNetbiosName(self.domain)
@@ -111,12 +96,12 @@
self.samdb = None
self.secrets = None
self.keytab = None
+ self.dns_keytab = None
self.dns = None
self.winsdb = None
self.ldap_basedn_ldif = None
self.ldap_config_basedn_ldif = None
self.ldap_schema_basedn_ldif = None
- self.s4_ldapi_path = None
def install_ok(lp, session_info, credentials):
@@ -184,6 +169,8 @@
if subst_vars is not None:
data = substitute_var(data, subst_vars)
+ assert "${" not in data
+
for msg in ldb.parse_ldif(data):
ldb.add(msg[1])
@@ -195,6 +182,8 @@
if substvars is not None:
data = substitute_var(data, substvars)
+ assert "${" not in data
+
for (changetype, msg) in ldb.parse_ldif(data):
ldb.modify(msg)
@@ -231,7 +220,8 @@
os.unlink(f)
data = open(src, 'r').read()
- data = substitute_var(data, substvars)
+ if substvars:
+ data = substitute_var(data, substvars)
assert not "${" in data
open(f, 'w').write(data)
@@ -250,6 +240,7 @@
paths.secrets = os.path.join(private_dir, lp.get("secrets database") or "secrets.ldb")
paths.templates = os.path.join(private_dir, "templates.ldb")
paths.keytab = os.path.join(private_dir, "secrets.keytab")
+ paths.dns_keytab = os.path.join(private_dir, "dns.keytab")
paths.dns = os.path.join(private_dir, subobj.dnsdomain + ".zone")
paths.winsdb = os.path.join(private_dir, "wins.ldb")
paths.ldap_basedn_ldif = os.path.join(private_dir,
@@ -262,6 +253,14 @@
paths.phpldapadminconfig = os.path.join(private_dir,
"phpldapadmin-config.php")
paths.hklm = os.path.join(private_dir, "hklm.ldb")
+ paths.sysvol = lp.get("sysvol", "path")
+ if paths.sysvol is None:
+ paths.sysvol = os.path.join(lp.get("lock dir"), "sysvol")
+
+ paths.netlogon = lp.get("netlogon", "path")
+ if paths.netlogon is None:
+ paths.netlogon = os.path.join(os.path.join(paths.sysvol, "scripts"))
+
return paths
@@ -412,11 +411,6 @@
"""
subobj.fix(paths)
- if subobj.host_guid is not None:
- subobj.hostguid_add = "objectGUID: %s" % subobj.host_guid
- else:
- subobj.hostguid_add = ""
-
assert paths.smbconf is not None
# only install a new smb.conf if there isn't one there already
@@ -440,10 +434,11 @@
setup_ldb(share_ldb, setup_dir, "share.ldif", None)
message("Setting up %s" % paths.secrets)
- setup_secretsdb(paths.secrets, setup_dir, session_info=session_info,
+ secrets_ldb = setup_secretsdb(paths.secrets, setup_dir, session_info=session_info,
credentials=credentials, lp=lp)
message("Setting up registry")
+ # FIXME: Still fails for some reason
#setup_registry(paths.hklm, setup_dir, session_info,
# credentials=credentials, lp=lp)
@@ -582,16 +577,8 @@
"CONFIGDN": subobj.configdn,
})
- if blank:
- message("Setting up sam.ldb index")
- setup_add_ldif(samdb, setup_dir, "provision_index.ldif")
+ if not blank:
- message("Setting up sam.ldb rootDSE marking as syncronized")
- setup_modify_ldif(samdb, setup_dir, "provision_rootdse_modify.ldif")
-
- samdb.transaction_commit()
- return
-
# message("Activate schema module")
# setup_modify_ldif("schema_activation.ldif", info, samdb, False)
#
@@ -605,17 +592,63 @@
#
# samdb = open_ldb(info, paths.samdb, False)
#
- message("Setting up sam.ldb users and groups")
- setup_add_ldif(samdb, setup_dir, "provision_users.ldif", {
- "DOMAINDN": subobj.domaindn,
- "DOMAINSID": str(subobj.domainsid),
- "CONFIGDN": subobj.configdn,
- "ADMINPASS_B64": b64encode(subobj.adminpass),
- "KRBTGTPASS_B64": b64encode(subobj.krbtgtpass),
- })
+ message("Setting up sam.ldb users and groups")
+ setup_add_ldif(samdb, setup_dir, "provision_users.ldif", {
+ "DOMAINDN": subobj.domaindn,
+ "DOMAINSID": str(subobj.domainsid),
+ "CONFIGDN": subobj.configdn,
+ "ADMINPASS_B64": b64encode(subobj.adminpass),
+ "KRBTGTPASS_B64": b64encode(subobj.krbtgtpass),
+ })
- setup_name_mappings(subobj, samdb)
+ if lp.get("server role") == "domain controller":
+ message("Setting up self join")
+ if subobj.host_guid is not None:
+ hostguid_add = "objectGUID: %s" % subobj.host_guid
+ else:
+ hostguid_add = ""
+ setup_add_ldif(samdb, setup_dir, "provision_self_join.ldif", {
+ "CONFIGDN": subobj.configdn,
+ "SCHEMADN": subobj.schemadn,
+ "DOMAINDN": subobj.domaindn,
+ "INVOCATIONID": subobj.invocationid,
+ "NETBIOSNAME": subobj.netbiosname,
+ "DEFAULTSITE": subobj.defaultsite,
+ "DNSNAME": subobj.dnsname,
+ "MACHINEPASS_B64": b64encode(subobj.machinepass),
+ "DNSPASS_B64": b64encode(subobj.dnspass),
+ "REALM": subobj.realm,
+ "DOMAIN": subobj.domain,
+ "HOSTGUID_ADD": hostguid_add,
+ "DNSDOMAIN": subobj.dnsdomain})
+ setup_add_ldif(samdb, setup_dir, "provision_group_policy.ldif", {
+ "POLICYGUID": subobj.policyguid,
+ "DNSDOMAIN": subobj.dnsdomain,
+ "DOMAINSID": str(subobj.domainsid),
+ "DOMAINDN": subobj.domaindn})
+
+ os.makedirs(os.path.join(paths.sysvol, subobj.dnsdomain, "Policies", "{" + subobj.policyguid + "}"), 0755)
+ os.makedirs(os.path.join(paths.sysvol, subobj.dnsdomain, "Policies", "{" + subobj.policyguid + "}", "Machine"), 0755)
+ os.makedirs(os.path.join(paths.sysvol, subobj.dnsdomain, "Policies", "{" + subobj.policyguid + "}", "User"), 0755)
+ if not os.path.isdir(paths.netlogon):
+ os.makedirs(paths.netlogon, 0755)
+ setup_ldb(secrets_ldb, setup_dir, "secrets_dc.ldif", {
+ "MACHINEPASS_B64": b64encode(subobj.machinepass),
+ "DOMAIN": subobj.domain,
+ "REALM": subobj.realm,
+ "LDAPTIME": timestring(int(time.time())),
+ "DNSDOMAIN": subobj.dnsdomain,
+ "DOMAINSID": str(subobj.domainsid),
+ "SECRETS_KEYTAB": paths.keytab,
+ "NETBIOSNAME": subobj.netbiosname,
+ "SAM_LDB": paths.samdb,
+ "DNS_KEYTAB": paths.dns_keytab,
+ "DNSPASS_B64": b64encode(subobj.dnspass),
+ })
+
+ setup_name_mappings(subobj, samdb)
+
message("Setting up sam.ldb index")
setup_add_ldif(samdb, setup_dir, "provision_index.ldif")
@@ -628,7 +661,7 @@
samdb.transaction_commit()
message("Setting up phpLDAPadmin configuration")
- create_phplpapdadmin_config(paths.phpldapadminconfig, setup_dir, subobj.s4_ldapi_path)
+ create_phplpapdadmin_config(paths.phpldapadminconfig, setup_dir, paths.s4_ldapi_path)
message("Please install the phpLDAPadmin configuration located at %s into /etc/phpldapadmin/config.php" % paths.phpldapadminconfig)
More information about the samba-cvs
mailing list