[SCM] Samba Shared Repository - branch v4-0-test updated -
release-4-0-0alpha2-485-gf6dbdf3
Andrew Bartlett
abartlet at samba.org
Fri Jan 18 02:31:53 GMT 2008
The branch, v4-0-test has been updated
via f6dbdf34e8a790f460b705100e45ee3928b6b1b3 (commit)
via ffb12aad8a80bb90d66dc66baba81b856622a6bb (commit)
via 35148fd51f22d81fe9f590b7d6f13285c35656a7 (commit)
via d822dfa017b84895222ace8c44935fb872930548 (commit)
from d427cf4fa67e84ccdece9a3fb31d8e89379a86e7 (commit)
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=v4-0-test
- Log -----------------------------------------------------------------
commit f6dbdf34e8a790f460b705100e45ee3928b6b1b3
Author: Andrew Bartlett <abartlet at samba.org>
Date: Fri Jan 18 13:30:20 2008 +1100
Don't manually specify instanceID in the template files.
The instanceid module creates this automaticlly, so we don't need this
any more.
Andrew Bartlett
commit ffb12aad8a80bb90d66dc66baba81b856622a6bb
Author: Andrew Bartlett <abartlet at samba.org>
Date: Fri Jan 18 13:28:52 2008 +1100
Use syncrepl on all OpenLDAP databases (creates contextCSN attribute)
This module needs to be loaded on each database, not just the main
partition. We use it to create the usn for the entries.
Andrew Bartlett
commit 35148fd51f22d81fe9f590b7d6f13285c35656a7
Author: Andrew Bartlett <abartlet at samba.org>
Date: Fri Jan 18 13:27:05 2008 +1100
Search for memberOf when clients ask for a wildcard against OpenLDAP
The memberOf module in OpenLDAP make this attribute operational, so we
need to add it here or clients won't get it when using *.
Andrew Bartlett
commit d822dfa017b84895222ace8c44935fb872930548
Author: Andrew Bartlett <abartlet at samba.org>
Date: Fri Jan 18 13:25:01 2008 +1100
Remove --ldap-base from the python provision script
(This is a merge from the ejs script)
Andrew Bartlett
-----------------------------------------------------------------------
Summary of changes:
source/dsdb/samdb/ldb_modules/simple_ldap_map.c | 1 +
source/scripting/python/samba/provision.py | 32 --------------------
source/setup/display_specifiers.ldif | 2 -
source/setup/provision.ldif | 8 -----
source/setup/provision.py | 10 +-----
source/setup/provision_computers_modify.ldif | 3 --
source/setup/provision_configuration.ldif | 12 -------
.../provision_configuration_basedn_modify.ldif | 6 ----
source/setup/provision_schema_basedn_modify.ldif | 3 --
source/setup/provision_self_join.ldif | 2 -
source/setup/provision_templates.ldif | 1 -
source/setup/provision_users.ldif | 3 --
source/setup/provision_users_modify.ldif | 3 --
source/setup/slapd.conf | 12 +++++++
14 files changed, 15 insertions(+), 83 deletions(-)
Changeset truncated at 500 lines:
diff --git a/source/dsdb/samdb/ldb_modules/simple_ldap_map.c b/source/dsdb/samdb/ldb_modules/simple_ldap_map.c
index 6e66d07..acf2fd6 100644
--- a/source/dsdb/samdb/ldb_modules/simple_ldap_map.c
+++ b/source/dsdb/samdb/ldb_modules/simple_ldap_map.c
@@ -448,6 +448,7 @@ static const char * const entryuuid_wildcard_attributes[] = {
"whenChanged",
"usnCreated",
"usnChanged",
+ "memberOf",
NULL
};
diff --git a/source/scripting/python/samba/provision.py b/source/scripting/python/samba/provision.py
index 1607cb3..d59cea1 100644
--- a/source/scripting/python/samba/provision.py
+++ b/source/scripting/python/samba/provision.py
@@ -180,12 +180,6 @@ def provision_paths_from_lp(lp, dnsdomain):
paths.dns_keytab = os.path.join(private_dir, "dns.keytab")
paths.dns = os.path.join(private_dir, dnsdomain + ".zone")
paths.winsdb = os.path.join(private_dir, "wins.ldb")
- paths.ldap_basedn_ldif = os.path.join(private_dir,
- dnsdomain + ".ldif")
- paths.ldap_config_basedn_ldif = os.path.join(private_dir,
- dnsdomain + "-config.ldif")
- paths.ldap_schema_basedn_ldif = os.path.join(private_dir,
- dnsdomain + "-schema.ldif")
paths.s4_ldapi_path = os.path.join(private_dir, "ldapi")
paths.phpldapadminconfig = os.path.join(private_dir,
"phpldapadmin-config.php")
@@ -465,7 +459,6 @@ def setup_samdb(path, setup_path, session_info, credentials, lp,
setup_add_ldif(samdb, setup_path("provision_basedn.ldif"), {
"DOMAINDN": domaindn,
"ACI": aci,
- "EXTENSIBLEOBJECT": "# no objectClass: extensibleObject for local ldb",
"RDN_DC": rdn_dc,
})
@@ -823,31 +816,6 @@ def create_zone_file(path, setup_path, samdb, dnsdomain, domaindn,
})
-def provision_ldapbase(setup_dir, message, paths):
- """Write out a DNS zone file, from the info in the current database."""
- message("Setting up LDAP base entry: %s" % domaindn)
- rdns = domaindn.split(",")
-
- rdn_dc = rdns[0][len("DC="):]
-
- def setup_path(file):
- return os.path.join(setup_dir, file)
-
- setup_file(setup_path("provision_basedn.ldif"),
- paths.ldap_basedn_ldif)
-
- setup_file(setup_path("provision_configuration_basedn.ldif"),
- paths.ldap_config_basedn_ldif)
-
- setup_file(setup_path("provision_schema_basedn.ldif"),
- paths.ldap_schema_basedn_ldif, {
- "SCHEMADN": schemadn,
- "ACI": "# no aci for local ldb",
- "EXTENSIBLEOBJECT": "objectClass: extensibleObject"})
-
- message("Please install the LDIF located in " + paths.ldap_basedn_ldif + ", " + paths.ldap_config_basedn_ldif + " and " + paths.ldap_schema_basedn_ldif + " into your LDAP server, and re-run with --ldap-backend=ldap://my.ldap.server")
-
-
def load_schema(setup_path, samdb, schemadn, netbiosname, configdn):
"""Load schema.
diff --git a/source/setup/display_specifiers.ldif b/source/setup/display_specifiers.ldif
index b76955a..574912b 100644
--- a/source/setup/display_specifiers.ldif
+++ b/source/setup/display_specifiers.ldif
@@ -2,14 +2,12 @@ dn: CN=DisplaySpecifiers,${CONFIGDN}
objectClass: top
objectClass: container
showInAdvancedViewOnly: TRUE
-instanceType: 4
dn: CN=409,CN=DisplaySpecifiers,${CONFIGDN}
objectClass: top
objectClass: container
cn: 409
name: 409
-instanceType: 4
showInAdvancedViewOnly: TRUE
dn: CN=user-Display,CN=409,CN=DisplaySpecifiers,${CONFIGDN}
diff --git a/source/setup/provision.ldif b/source/setup/provision.ldif
index c6b07c5..5e15bf3 100644
--- a/source/setup/provision.ldif
+++ b/source/setup/provision.ldif
@@ -3,7 +3,6 @@ objectClass: top
objectClass: organizationalUnit
cn: Domain Controllers
description: Default container for domain controllers
-instanceType: 4
showInAdvancedViewOnly: FALSE
systemFlags: 2348810240
isCriticalSystemObject: TRUE
@@ -13,7 +12,6 @@ objectClass: top
objectClass: container
cn: ForeignSecurityPrincipals
description: Default container for security identifiers (SIDs) associated with objects from external, trusted domains
-instanceType: 4
showInAdvancedViewOnly: FALSE
systemFlags: 2348810240
isCriticalSystemObject: TRUE
@@ -23,7 +21,6 @@ objectClass: top
objectClass: container
cn: System
description: Builtin system settings
-instanceType: 4
showInAdvancedViewOnly: TRUE
systemFlags: 2348810240
isCriticalSystemObject: TRUE
@@ -32,7 +29,6 @@ dn: CN=RID Manager$,CN=System,${DOMAINDN}
objectclass: top
objectclass: rIDManager
cn: RID Manager$
-instanceType: 4
showInAdvancedViewOnly: TRUE
systemFlags: 2348810240
isCriticalSystemObject: TRUE
@@ -43,14 +39,12 @@ dn: CN=DomainUpdates,CN=System,${DOMAINDN}
objectClass: top
objectClass: container
cn: DomainUpdates
-instanceType: 4
showInAdvancedViewOnly: TRUE
dn: CN=Windows2003Update,CN=DomainUpdates,CN=System,${DOMAINDN}
objectClass: top
objectClass: container
cn: Windows2003Update
-instanceType: 4
showInAdvancedViewOnly: TRUE
revision: 8
@@ -58,7 +52,6 @@ dn: CN=Infrastructure,${DOMAINDN}
objectclass: top
objectclass: infrastructureUpdate
cn: Infrastructure
-instanceType: 4
showInAdvancedViewOnly: TRUE
systemFlags: 2348810240
isCriticalSystemObject: TRUE
@@ -68,7 +61,6 @@ dn: CN=Builtin,${DOMAINDN}
objectClass: top
objectClass: builtinDomain
cn: Builtin
-instanceType: 4
showInAdvancedViewOnly: FALSE
forceLogoff: 9223372036854775808
lockoutDuration: -18000000000
diff --git a/source/setup/provision.py b/source/setup/provision.py
index e166d5f..88015ce 100755
--- a/source/setup/provision.py
+++ b/source/setup/provision.py
@@ -34,7 +34,7 @@ from auth import system_session
import samba.getopt as options
import param
from samba.provision import (provision,
- provision_paths_from_lp, provision_ldapbase)
+ provision_paths_from_lp)
parser = optparse.OptionParser("provision [options]")
parser.add_option_group(options.SambaOptions(parser))
@@ -81,9 +81,6 @@ parser.add_option("--users", type="string", metavar="GROUPNAME",
parser.add_option("--quiet", help="Be quiet", action="store_true")
parser.add_option("--blank", action="store_true",
help="do not add users or groups, just the structure")
-parser.add_option("--ldap-base",
- help="output only an LDIF file, suitable for creating an LDAP baseDN",
- action="store_true")
parser.add_option("--ldap-backend", type="string", metavar="LDAPSERVER",
help="LDAP server to use for this provision")
parser.add_option("--ldap-module=", type="string", metavar="MODULE",
@@ -152,10 +149,7 @@ creds = credopts.get_credentials()
setup_dir = opts.setupdir
if setup_dir is None:
setup_dir = "setup"
-if opts.ldap_base:
- provision_ldapbase(setup_dir, message, paths)
- message("Please install the LDIF located in %s, %s and into your LDAP server, and re-run with --ldap-backend=ldap://my.ldap.server" % (paths.ldap_basedn_ldif, paths.ldap_config_basedn_ldif, paths.ldap_schema_basedn_ldif))
-elif opts.partitions_only:
+if opts.partitions_only:
provision_become_dc(setup_dir, message, False,
paths, lp, system_session(), creds)
else:
diff --git a/source/setup/provision_computers_modify.ldif b/source/setup/provision_computers_modify.ldif
index b7502e5..3bb4074 100644
--- a/source/setup/provision_computers_modify.ldif
+++ b/source/setup/provision_computers_modify.ldif
@@ -3,9 +3,6 @@ changetype: modify
replace: description
description: Default container for upgraded computer accounts
-
-replace: instanceType
-instanceType: 4
--
replace: showInAdvancedViewOnly
showInAdvancedViewOnly: FALSE
-
diff --git a/source/setup/provision_configuration.ldif b/source/setup/provision_configuration.ldif
index 050f110..750fa13 100644
--- a/source/setup/provision_configuration.ldif
+++ b/source/setup/provision_configuration.ldif
@@ -5,7 +5,6 @@ dn: CN=Partitions,${CONFIGDN}
objectClass: top
objectClass: crossRefContainer
cn: Partitions
-instanceType: 4
showInAdvancedViewOnly: TRUE
systemFlags: 2147483648
msDS-Behavior-Version: 0
@@ -15,7 +14,6 @@ dn: CN=Enterprise Configuration,CN=Partitions,${CONFIGDN}
objectClass: top
objectClass: crossRef
cn: Enterprise Configuration
-instanceType: 4
showInAdvancedViewOnly: TRUE
systemFlags: 1
nCName: ${CONFIGDN}
@@ -25,7 +23,6 @@ dn: CN=Enterprise Schema,CN=Partitions,${CONFIGDN}
objectClass: top
objectClass: crossRef
cn: Enterprise Schema
-instanceType: 4
showInAdvancedViewOnly: TRUE
systemFlags: 1
nCName: ${SCHEMADN}
@@ -35,7 +32,6 @@ dn: CN=${DOMAIN},CN=Partitions,${CONFIGDN}
objectClass: top
objectClass: crossRef
cn: ${DOMAIN}
-instanceType: 4
showInAdvancedViewOnly: TRUE
systemFlags: 3
nCName: ${DOMAINDN}
@@ -46,7 +42,6 @@ dn: CN=Sites,${CONFIGDN}
objectClass: top
objectClass: sitesContainer
cn: Sites
-instanceType: 4
showInAdvancedViewOnly: TRUE
systemFlags: 2181038080
@@ -54,7 +49,6 @@ dn: CN=${DEFAULTSITE},CN=Sites,${CONFIGDN}
objectClass: top
objectClass: site
cn: ${DEFAULTSITE}
-instanceType: 4
showInAdvancedViewOnly: TRUE
systemFlags: 2181038080
@@ -62,7 +56,6 @@ dn: CN=Servers,CN=${DEFAULTSITE},CN=Sites,${CONFIGDN}
objectClass: top
objectClass: serversContainer
cn: Servers
-instanceType: 4
showInAdvancedViewOnly: TRUE
systemFlags: 2181038080
@@ -70,7 +63,6 @@ dn: CN=Services,${CONFIGDN}
objectClass: top
objectClass: container
cn: Services
-instanceType: 4
showInAdvancedViewOnly: TRUE
systemFlags: 2147483648
@@ -78,14 +70,12 @@ dn: CN=Windows NT,CN=Services,${CONFIGDN}
objectClass: top
objectClass: container
cn: Windows NT
-instanceType: 4
showInAdvancedViewOnly: TRUE
dn: CN=Directory Service,CN=Windows NT,CN=Services,${CONFIGDN}
objectClass: top
objectClass: nTDSService
cn: Directory Service
-instanceType: 4
showInAdvancedViewOnly: TRUE
sPNMappings: host=ldap,dns,cifs,http
@@ -93,14 +83,12 @@ dn: CN=Query-Policies,CN=Directory Service,CN=Windows NT,CN=Services,${CONFIGDN}
objectClass: top
objectClass: container
cn: Query-Policies
-instanceType: 4
showInAdvancedViewOnly: TRUE
dn: CN=Default Query Policy,CN=Query-Policies,CN=Directory Service,CN=Windows NT,CN=Services,${CONFIGDN}
objectClass: top
objectClass: queryPolicy
cn: Default Query Policy
-instanceType: 4
showInAdvancedViewOnly: TRUE
lDAPAdminLimits: MaxValRange=1500
lDAPAdminLimits: MaxReceiveBuffer=10485760
diff --git a/source/setup/provision_configuration_basedn_modify.ldif b/source/setup/provision_configuration_basedn_modify.ldif
index 46ba4e9..a72f2c8 100644
--- a/source/setup/provision_configuration_basedn_modify.ldif
+++ b/source/setup/provision_configuration_basedn_modify.ldif
@@ -3,14 +3,8 @@
###############################
dn: ${CONFIGDN}
changetype: modify
-replace: instanceType
-instanceType: 13
--
replace: showInAdvancedViewOnly
showInAdvancedViewOnly: TRUE
-
-replace: objectCategory
-objectCategory: CN=Configuration,${SCHEMADN}
--
replace: subRefs
subRefs: ${SCHEMADN}
diff --git a/source/setup/provision_schema_basedn_modify.ldif b/source/setup/provision_schema_basedn_modify.ldif
index 92c5cf1..986f0d6 100644
--- a/source/setup/provision_schema_basedn_modify.ldif
+++ b/source/setup/provision_schema_basedn_modify.ldif
@@ -3,9 +3,6 @@
###############################
dn: ${SCHEMADN}
changetype: modify
-replace: instanceType
-instanceType: 13
--
replace: showInAdvancedViewOnly
showInAdvancedViewOnly: TRUE
-
diff --git a/source/setup/provision_self_join.ldif b/source/setup/provision_self_join.ldif
index 06230e8..1caa621 100644
--- a/source/setup/provision_self_join.ldif
+++ b/source/setup/provision_self_join.ldif
@@ -43,7 +43,6 @@ dn: CN=${NETBIOSNAME},CN=Servers,CN=${DEFAULTSITE},CN=Sites,${CONFIGDN}
objectClass: top
objectClass: server
cn: ${NETBIOSNAME}
-instanceType: 4
showInAdvancedViewOnly: TRUE
systemFlags: 1375731712
dNSHostName: ${DNSNAME}
@@ -55,7 +54,6 @@ objectClass: applicationSettings
objectClass: nTDSDSA
cn: NTDS Settings
options: 1
-instanceType: 4
showInAdvancedViewOnly: TRUE
systemFlags: 33554432
dMDLocation: ${SCHEMADN}
diff --git a/source/setup/provision_templates.ldif b/source/setup/provision_templates.ldif
index 8797efa..04eaabc 100644
--- a/source/setup/provision_templates.ldif
+++ b/source/setup/provision_templates.ldif
@@ -66,7 +66,6 @@ sAMAccountType: 268435456
#
# dn: CN=TemplateAlias,CN=Templates
# cn: TemplateAlias
-# instanceType: 4
# groupType: -2147483644
# sAMAccountType: 268435456
diff --git a/source/setup/provision_users.ldif b/source/setup/provision_users.ldif
index 7c1a438..3e6f717 100644
--- a/source/setup/provision_users.ldif
+++ b/source/setup/provision_users.ldif
@@ -134,7 +134,6 @@ objectClass: top
objectClass: group
cn: RAS and IAS Servers
description: Servers in this group can access remote access properties of users
-instanceType: 4
objectSid: ${DOMAINSID}-553
sAMAccountName: RAS and IAS Servers
sAMAccountType: 536870912
@@ -307,7 +306,6 @@ objectClass: top
objectClass: group
cn: Server Operators
description: Members can administer domain servers
-instanceType: 4
objectSid: S-1-5-32-549
adminCount: 1
sAMAccountName: Server Operators
@@ -327,7 +325,6 @@ objectClass: top
objectClass: group
cn: Account Operators
description: Members can administer domain user and group accounts
-instanceType: 4
objectSid: S-1-5-32-548
adminCount: 1
sAMAccountName: Account Operators
diff --git a/source/setup/provision_users_modify.ldif b/source/setup/provision_users_modify.ldif
index 42dff07..06954c4 100644
--- a/source/setup/provision_users_modify.ldif
+++ b/source/setup/provision_users_modify.ldif
@@ -3,9 +3,6 @@ changetype: modify
replace: description
description: Default container for upgraded user accounts
-
-replace: instanceType
-instanceType: 4
--
replace: showInAdvancedViewOnly
showInAdvancedViewOnly: FALSE
-
diff --git a/source/setup/slapd.conf b/source/setup/slapd.conf
index e4e86ee..83f4da3 100644
--- a/source/setup/slapd.conf
+++ b/source/setup/slapd.conf
@@ -34,6 +34,12 @@ index lDAPDisplayName eq
index subClassOf eq
index cn eq
+#syncprov is stable in OpenLDAP 2.3, and available in 2.2.
+#We only need this for the contextCSN attribute anyway....
+overlay syncprov
+syncprov-checkpoint 100 10
+syncprov-sessionlog 100
+
database hdb
suffix ${CONFIGDN}
directory ${LDAPDIR}/db/config
@@ -48,6 +54,12 @@ index dnsRoot eq
index nETBIOSName eq
index cn eq
+#syncprov is stable in OpenLDAP 2.3, and available in 2.2.
+#We only need this for the contextCSN attribute anyway....
+overlay syncprov
+syncprov-checkpoint 100 10
+syncprov-sessionlog 100
+
database hdb
suffix ${DOMAINDN}
rootdn ${LDAPMANAGERDN}
--
Samba Shared Repository
More information about the samba-cvs
mailing list