svn commit: samba r23859 - in branches/SAMBA_4_0/source:
scripting/ejs scripting/libjs setup
abartlet at samba.org
abartlet at samba.org
Fri Jul 13 08:01:37 GMT 2007
Author: abartlet
Date: 2007-07-13 08:01:36 +0000 (Fri, 13 Jul 2007)
New Revision: 23859
WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=rev&root=samba&rev=23859
Log:
Work to have Group Policy work 'out of the box' in Samba4.
This involves creating the SYSVOL and NETLOGON shares at provision
time, and creating the right subdirectories.
This also changes the behaviour of lp.get("foo") in ejs - we now
return undefined, rather than syntax error, if the parameter doesn't
exist (perhaps because the share isn't defined).
Andrew Bartlett
Added:
branches/SAMBA_4_0/source/setup/provision_group_policy.ldif
Modified:
branches/SAMBA_4_0/source/scripting/ejs/smbcalls_config.c
branches/SAMBA_4_0/source/scripting/libjs/provision.js
branches/SAMBA_4_0/source/setup/provision
branches/SAMBA_4_0/source/setup/provision.ldif
branches/SAMBA_4_0/source/setup/provision.smb.conf
Changeset:
Modified: branches/SAMBA_4_0/source/scripting/ejs/smbcalls_config.c
===================================================================
--- branches/SAMBA_4_0/source/scripting/ejs/smbcalls_config.c 2007-07-13 01:22:09 UTC (rev 23858)
+++ branches/SAMBA_4_0/source/scripting/ejs/smbcalls_config.c 2007-07-13 08:01:36 UTC (rev 23859)
@@ -89,7 +89,8 @@
/* its a share parameter */
int snum = lp_servicenumber(argv[0]);
if (snum == -1) {
- return -1;
+ mpr_Return(eid, mprCreateUndefinedVar());
+ return 0;
}
if (strchr(argv[1], ':')) {
/* its a parametric option on a share */
@@ -98,16 +99,23 @@
strcspn(argv[1], ":"));
const char *option = strchr(argv[1], ':') + 1;
const char *value;
- if (type == NULL || option == NULL) return -1;
+ if (type == NULL || option == NULL) {
+ mpr_Return(eid, mprCreateUndefinedVar());
+ return 0;
+ }
value = lp_get_parametric(snum, type, option);
- if (value == NULL) return -1;
+ if (value == NULL) {
+ mpr_Return(eid, mprCreateUndefinedVar());
+ return 0;
+ }
mpr_ReturnString(eid, value);
return 0;
}
parm = lp_parm_struct(argv[1]);
if (parm == NULL || parm->class == P_GLOBAL) {
- return -1;
+ mpr_Return(eid, mprCreateUndefinedVar());
+ return 0;
}
parm_ptr = lp_parm_ptr(snum, parm);
} else if (strchr(argv[0], ':')) {
@@ -116,20 +124,30 @@
argv[0], strcspn(argv[0], ":"));
const char *option = strchr(argv[0], ':') + 1;
const char *value;
- if (type == NULL || option == NULL) return -1;
+ if (type == NULL || option == NULL) {
+ mpr_Return(eid, mprCreateUndefinedVar());
+ return 0;
+ }
value = lp_get_parametric(-1, type, option);
- if (value == NULL) return -1;
+ if (value == NULL) {
+ mpr_Return(eid, mprCreateUndefinedVar());
+ return 0;
+ }
mpr_ReturnString(eid, value);
return 0;
} else {
/* its a global parameter */
parm = lp_parm_struct(argv[0]);
- if (parm == NULL) return -1;
+ if (parm == NULL) {
+ mpr_Return(eid, mprCreateUndefinedVar());
+ return 0;
+ }
parm_ptr = lp_parm_ptr(-1, parm);
}
if (parm == NULL || parm_ptr == NULL) {
- return -1;
+ mpr_Return(eid, mprCreateUndefinedVar());
+ return 0;
}
/* construct and return the right type of ejs object */
@@ -142,6 +160,7 @@
mpr_Return(eid, mprCreateBoolVar(*(BOOL *)parm_ptr));
break;
case P_INTEGER:
+ case P_OCTAL:
case P_BYTES:
mpr_Return(eid, mprCreateIntegerVar(*(int *)parm_ptr));
break;
@@ -152,12 +171,14 @@
return 0;
}
}
- return -1;
+ mpr_Return(eid, mprCreateUndefinedVar());
+ return 0;
case P_LIST:
mpr_Return(eid, mprList(parm->label, *(const char ***)parm_ptr));
break;
case P_SEP:
- return -1;
+ mpr_Return(eid, mprCreateUndefinedVar());
+ return 0;
}
return 0;
}
Modified: branches/SAMBA_4_0/source/scripting/libjs/provision.js
===================================================================
--- branches/SAMBA_4_0/source/scripting/libjs/provision.js 2007-07-13 01:22:09 UTC (rev 23858)
+++ branches/SAMBA_4_0/source/scripting/libjs/provision.js 2007-07-13 08:01:36 UTC (rev 23859)
@@ -389,6 +389,19 @@
paths.ldap_basedn_ldif = paths.ldapdir + "/" + subobj.DNSDOMAIN + ".ldif";
paths.ldap_config_basedn_ldif = paths.ldapdir + "/" + subobj.DNSDOMAIN + "-config.ldif";
paths.ldap_schema_basedn_ldif = paths.ldapdir + "/" + subobj.DNSDOMAIN + "-schema.ldif";
+
+ paths.netlogon = lp.get("netlogon", "path");
+
+ if (paths.netlogon == undefined) {
+ paths.netlogon = lp.get("lock dir") + "/netlogon";
+ }
+
+ paths.sysvol = lp.get("sysvol", "path");
+
+ if (paths.sysvol == undefined) {
+ paths.sysvol = lp.get("lock dir") + "/sysvol";
+ }
+
return paths;
}
@@ -466,6 +479,9 @@
subobj.LDAPMANAGERDN = "cn=Manager," + subobj.DOMAINDN;
+ subobj.NETLOGONPATH = paths.netlogon;
+ subobj.SYSVOLPATH = paths.sysvol;
+
return true;
}
@@ -703,6 +719,16 @@
if (lp.get("server role") == "domain controller") {
message("Setting up self join\n");
setup_add_ldif("provision_self_join.ldif", info, samdb, false);
+ setup_add_ldif("provision_group_policy.ldif", info, samdb, false);
+
+ sys.mkdir(paths.sysvol, 0755);
+ sys.mkdir(paths.sysvol + "/"+ subobj.DNSDOMAIN, 0755);
+ sys.mkdir(paths.sysvol + "/"+ subobj.DNSDOMAIN + "/Policies", 0755);
+ sys.mkdir(paths.sysvol + "/"+ subobj.DNSDOMAIN + "/Policies/{" + subobj.POLICYGUID + "}", 0755);
+ sys.mkdir(paths.sysvol + "/"+ subobj.DNSDOMAIN + "/Policies/{" + subobj.POLICYGUID + "}/Machine", 0755);
+ sys.mkdir(paths.sysvol + "/"+ subobj.DNSDOMAIN + "/Policies/{" + subobj.POLICYGUID + "}/User", 0755);
+
+ sys.mkdir(paths.netlogon, 0755);
}
if (setup_name_mappings(info, samdb) == false) {
Modified: branches/SAMBA_4_0/source/setup/provision
===================================================================
--- branches/SAMBA_4_0/source/setup/provision 2007-07-13 01:22:09 UTC (rev 23858)
+++ branches/SAMBA_4_0/source/setup/provision 2007-07-13 08:01:36 UTC (rev 23859)
@@ -14,7 +14,9 @@
'realm=s',
'domain=s',
'domain-guid=s',
+ 'domain-guid=s',
'domain-sid=s',
+ 'policy-guid=s',
'host-name=s',
'host-ip=s',
'host-guid=s',
@@ -69,6 +71,7 @@
--host-name HOSTNAME set hostname
--host-ip IPADDRESS set ipaddress
--host-guid GUID set hostguid (otherwise random)
+ --policy-guid GUID set group policy guid (otherwise random)
--invocationid GUID set invocationid (otherwise random)
--adminpass PASSWORD choose admin password (otherwise random)
--krbtgtpass PASSWORD choose krbtgt password (otherwise random)
Modified: branches/SAMBA_4_0/source/setup/provision.ldif
===================================================================
--- branches/SAMBA_4_0/source/setup/provision.ldif 2007-07-13 01:22:09 UTC (rev 23858)
+++ branches/SAMBA_4_0/source/setup/provision.ldif 2007-07-13 08:01:36 UTC (rev 23859)
@@ -99,31 +99,3 @@
objectClass: top
objectClass: container
-dn: CN={${POLICYGUID}},CN=Policies,CN=System,${DOMAINDN}
-objectClass: top
-objectClass: container
-objectClass: groupPolicyContainer
-displayName: Default Domain Policy
-objectCategory: CN=Group-Policy-Container,${SCHEMADN}
-gPCFunctionalityVersion: 2
-gPCFileSysPath: \\${DNSDOMAIN}\sysvol\${DNSDOMAIN}\Policies\{${POLICYGUID}}
-versionNumber: 1
-flags: 0
-gPCMachineExtensionNames: [{35378EAC-683F-11D2-A89A-00C04FBBCFA2}{53D6AB1B-248
- 8-11D1-A28C-00C04FB94F17}][{827D319E-6EAC-11D2-A4EA-00C04F79F83A}{803E14A0-B4
- FB-11D0-A0D0-00A0C90F574B}][{B1BE8D72-6EAC-11D2-A4EA-00C04F79F83A}{53D6AB1B-2
- 488-11D1-A28C-00C04FB94F17}]
-gPCUserExtensionNames: [{3060E8D0-7020-11D2-842D-00C04FA372D4}{3060E8CE-7020-1
- 1D2-842D-00C04FA372D4}][{35378EAC-683F-11D2-A89A-00C04FBBCFA2}{0F6B957E-509E-
- 11D1-A7CC-0000F87571E3}]
-nTSecurityDescriptor: O:${DOMAINSID}-512G:${DOMAINSID}-512D:PAI(A;CI;RPWPCCDCLCLORCWOWDSDDTSW;;;${DOMAINSID}-512)(A;CI;RPWPCCDCLCLORCWOWDSDDTSW;;;${DOMAINSID}-519)(A;;RPWPCCDCLCLORCWOWDSDDTSW;;;${DOMAINSID}-512)(A;CIIO;RPWPCCDCLCLORCWOWDSDDTSW;;;CO)(A;CI;RPWPCCDCLCLORCWOWDSDDTSW;;;SY)(A;CI;RPLCLORC;;;AU)(OA;CI;CR;edacfd8f-ffb3-11d1-b41d-00a0c968f939;;AU)(A;CI;RPLCLORC;;;ED)S:AI(OU;CIIDSA;WPWD;;f30e3bc2-9ff0-11d1-b603-0000f80367c1;WD)(OU;CIIOIDSA;WP;f30e3bbe-9ff0-11d1-b603-0000f80367c1;bf967aa5-0de6-11d0-a285-00aa003049e2;WD)(OU;CIIOIDSA;WP;f30e3bbf-9ff0-11d1-b603-0000f80367c1;bf967aa5-0de6-11d0-a285-00aa003049e2;WD)
-
-dn: CN=User,CN={${POLICYGUID}},CN=Policies,CN=System,${DOMAINDN}
-objectClass: top
-objectClass: container
-objectCategory: CN=Container,${SCHEMADN}
-
-dn: CN=Machine,CN={${POLICYGUID}},CN=Policies,CN=System,${DOMAINDN}
-objectClass: top
-objectClass: container
-objectCategory: CN=Container,${SCHEMADN}
Modified: branches/SAMBA_4_0/source/setup/provision.smb.conf
===================================================================
--- branches/SAMBA_4_0/source/setup/provision.smb.conf 2007-07-13 01:22:09 UTC (rev 23858)
+++ branches/SAMBA_4_0/source/setup/provision.smb.conf 2007-07-13 08:01:36 UTC (rev 23859)
@@ -4,4 +4,10 @@
realm = ${REALM}
server role = domain controller
+[netlogon]
+ path = ${NETLOGONPATH}
+ read only = no
+[sysvol]
+ path = ${SYSVOLPATH}
+ read only = no
Added: branches/SAMBA_4_0/source/setup/provision_group_policy.ldif
===================================================================
--- branches/SAMBA_4_0/source/setup/provision_group_policy.ldif 2007-07-13 01:22:09 UTC (rev 23858)
+++ branches/SAMBA_4_0/source/setup/provision_group_policy.ldif 2007-07-13 08:01:36 UTC (rev 23859)
@@ -0,0 +1,28 @@
+dn: CN={${POLICYGUID}},CN=Policies,CN=System,${DOMAINDN}
+objectClass: top
+objectClass: container
+objectClass: groupPolicyContainer
+displayName: Default Domain Policy
+objectCategory: CN=Group-Policy-Container,${SCHEMADN}
+gPCFunctionalityVersion: 2
+gPCFileSysPath: \\${DNSDOMAIN}\sysvol\${DNSDOMAIN}\Policies\{${POLICYGUID}}
+versionNumber: 1
+flags: 0
+gPCMachineExtensionNames: [{35378EAC-683F-11D2-A89A-00C04FBBCFA2}{53D6AB1B-248
+ 8-11D1-A28C-00C04FB94F17}][{827D319E-6EAC-11D2-A4EA-00C04F79F83A}{803E14A0-B4
+ FB-11D0-A0D0-00A0C90F574B}][{B1BE8D72-6EAC-11D2-A4EA-00C04F79F83A}{53D6AB1B-2
+ 488-11D1-A28C-00C04FB94F17}]
+gPCUserExtensionNames: [{3060E8D0-7020-11D2-842D-00C04FA372D4}{3060E8CE-7020-1
+ 1D2-842D-00C04FA372D4}][{35378EAC-683F-11D2-A89A-00C04FBBCFA2}{0F6B957E-509E-
+ 11D1-A7CC-0000F87571E3}]
+nTSecurityDescriptor: O:${DOMAINSID}-512G:${DOMAINSID}-512D:PAI(A;CI;RPWPCCDCLCLORCWOWDSDDTSW;;;${DOMAINSID}-512)(A;CI;RPWPCCDCLCLORCWOWDSDDTSW;;;${DOMAINSID}-519)(A;;RPWPCCDCLCLORCWOWDSDDTSW;;;${DOMAINSID}-512)(A;CIIO;RPWPCCDCLCLORCWOWDSDDTSW;;;CO)(A;CI;RPWPCCDCLCLORCWOWDSDDTSW;;;SY)(A;CI;RPLCLORC;;;AU)(OA;CI;CR;edacfd8f-ffb3-11d1-b41d-00a0c968f939;;AU)(A;CI;RPLCLORC;;;ED)S:AI(OU;CIIDSA;WPWD;;f30e3bc2-9ff0-11d1-b603-0000f80367c1;WD)(OU;CIIOIDSA;WP;f30e3bbe-9ff0-11d1-b603-0000f80367c1;bf967aa5-0de6-11d0-a285-00aa003049e2;WD)(OU;CIIOIDSA;WP;f30e3bbf-9ff0-11d1-b603-0000f80367c1;bf967aa5-0de6-11d0-a285-00aa003049e2;WD)
+
+dn: CN=User,CN={${POLICYGUID}},CN=Policies,CN=System,${DOMAINDN}
+objectClass: top
+objectClass: container
+objectCategory: CN=Container,${SCHEMADN}
+
+dn: CN=Machine,CN={${POLICYGUID}},CN=Policies,CN=System,${DOMAINDN}
+objectClass: top
+objectClass: container
+objectCategory: CN=Container,${SCHEMADN}
More information about the samba-cvs
mailing list