[SCM] Samba Shared Repository - branch v4-0-test updated - release-4-0-0alpha5-62-g78416f4

Andrew Bartlett abartlet at samba.org
Tue Jul 15 08:45:17 GMT 2008 

The branch, v4-0-test has been updated
       via  78416f4840df4f8d1f9cc5e46a48b19c86888050 (commit)
       via  b24c572d5a38c1f6906751c2ad2f809e1995b510 (commit)
      from  cd0745253c4a9ec59a035e830e54d74a05b71aaa (commit)

http://gitweb.samba.org/?p=samba.git;a=shortlog;h=v4-0-test


- Log -----------------------------------------------------------------
commit 78416f4840df4f8d1f9cc5e46a48b19c86888050
Author: Andrew Bartlett <abartlet at samba.org>
Date:   Tue Jul 15 18:44:58 2008 +1000

    Fix asking for credentials for non-LDAP provisions.

commit b24c572d5a38c1f6906751c2ad2f809e1995b510
Author: Andrew Bartlett <abartlet at samba.org>
Date:   Tue Jul 15 15:46:32 2008 +1000

    Rework provision to handle both simple and SASL binds.
    
    Fedora DS is still setup for simple binds only, at this point.
    (it also fails on other issues).
    
    Andrew Bartlett

-----------------------------------------------------------------------

Summary of changes:
 source/scripting/python/samba/provision.py |   12 +++++++-----
 source/selftest/target/Samba4.pm           |   11 ++++++-----
 source/setup/provision-backend             |    6 +++---
 3 files changed, 16 insertions(+), 13 deletions(-)


Changeset truncated at 500 lines:

diff --git a/source/scripting/python/samba/provision.py b/source/scripting/python/samba/provision.py
index d0f612c..6102dc7 100644
--- a/source/scripting/python/samba/provision.py
+++ b/source/scripting/python/samba/provision.py
@@ -605,7 +605,7 @@ def setup_secretsdb(path, setup_path, session_info, credentials, lp):
                       lp=lp)
     secrets_ldb.load_ldif_file_add(setup_path("secrets.ldif"))
 
-    if credentials.authentication_requested:
+    if credentials is not None and credentials.authentication_requested():
         if credentials.get_bind_dn() is not None:
             setup_add_ldif(secrets_ldb, setup_path("secrets_simple_ldap.ldif"), {
                     "LDAPMANAGERDN": credentials.get_bind_dn(),
@@ -1300,9 +1300,6 @@ refint_attributes""" + refint_attributes + "\n"
                                "UUID": str(uuid.uuid4()), 
                                "LDAPTIME": timestring(int(time.time()))} )
 
-#"LDAPMANAGERDN": names.ldapmanagerdn,
-                               
-
         mapping = "schema-map-openldap-2.3"
         backend_schema = "backend-schema.schema"
 
@@ -1323,7 +1320,12 @@ refint_attributes""" + refint_attributes + "\n"
     message("Hostname:            %s" % names.hostname)
     message("DNS Domain:          %s" % names.dnsdomain)
     message("Base DN:             %s" % names.domaindn)
-    message("LDAP admin DN:       %s" % names.ldapmanagerdn)
+
+    if ldap_backend_type == "openldap":
+        message("LDAP admin user:     samba-admin")
+    else:
+        message("LDAP admin DN:       %s" % names.ldapmanagerdn)
+
     message("LDAP admin password: %s" % adminpass)
     message(slapdcommand)
 
diff --git a/source/selftest/target/Samba4.pm b/source/selftest/target/Samba4.pm
index 0be1acf..896b013 100644
--- a/source/selftest/target/Samba4.pm
+++ b/source/selftest/target/Samba4.pm
@@ -571,7 +571,6 @@ sub provision($$$$$$)
 	server max protocol = SMB2
 	notify:inotify = false
 	ldb:nosync = true
-	system:anonymous = true
 #We don't want to pass our self-tests if the PAC code is wrong
 	gensec:require_pac = true
 	log level = $smbd_loglevel
@@ -719,8 +718,7 @@ nogroup:x:65534:nobody
 	push (@provision_options, "--krbtgtpass=krbtgt$password");
 	push (@provision_options, "--machinepass=machine$password");
 	push (@provision_options, "--root=$unix_name");
-	push (@provision_options, "--username=samba-admin");
-	push (@provision_options, "--password=$password");
+
 	push (@provision_options, "--server-role=\"$server_role\"");
 
 	my $ldap_uri= "$ldapdir/ldapi";
@@ -753,15 +751,18 @@ nogroup:x:65534:nobody
 	if (defined($self->{ldap})) {
 
                 push (@provision_options, "--ldap-backend=$ldap_uri");
-	        system("$self->{setupdir}/provision-backend $configuration --ldap-manager-pass=$password --root=$unix_name --realm=$realm --domain=$domain --host-name=$netbiosname --ldap-backend-type=$self->{ldap}>&2") == 0 or die("backend provision failed");
+	        system("$self->{setupdir}/provision-backend $configuration --ldap-admin-pass=$password --root=$unix_name --realm=$realm --domain=$domain --host-name=$netbiosname --ldap-backend-type=$self->{ldap}>&2") == 0 or die("backend provision failed");
+
+	        push (@provision_options, "--password=$password");
 
 	        if ($self->{ldap} eq "openldap") {
+	               push (@provision_options, "--username=samba-admin");
 		       ($ret->{SLAPD_CONF}, $ret->{OPENLDAP_PIDFILE}) = $self->mk_openldap($ldapdir, $configuration) or die("Unable to create openldap directories");
 		       push (@provision_options, "--ldap-backend-type=openldap");
 	        } elsif ($self->{ldap} eq "fedora-ds") {
+	               push (@provision_options, "--simple-bind-dn=cn=Manager,$localbasedn");
 		       ($ret->{FEDORA_DS_DIR}, $ret->{FEDORA_DS_PIDFILE}) = $self->mk_fedora_ds($ldapdir, $configuration) or die("Unable to create fedora ds directories");
 		       push (@provision_options, "--ldap-backend-type=fedora-ds");
-		       push (@provision_options, "'--aci=aci:: KHRhcmdldGF0dHIgPSAiKiIpICh2ZXJzaW9uIDMuMDthY2wgImZ1bGwgYWNjZXNzIHRvIGFsbCBieSBhbGwiO2FsbG93IChhbGwpKHVzZXJkbiA9ICJsZGFwOi8vL2FueW9uZSIpOykK'");
                  }
 
 		$self->slapd_start($ret) or 
diff --git a/source/setup/provision-backend b/source/setup/provision-backend
index 54dc583..845dc86 100755
--- a/source/setup/provision-backend
+++ b/source/setup/provision-backend
@@ -49,8 +49,8 @@ parser.add_option("--domain", type="string", metavar="DOMAIN",
 				  help="set domain")
 parser.add_option("--host-name", type="string", metavar="HOSTNAME", 
 		help="set hostname")
-parser.add_option("--ldap-manager-pass", type="string", metavar="PASSWORD", 
-		help="choose LDAP manager password (otherwise random)")
+parser.add_option("--ldap-admin-pass", type="string", metavar="PASSWORD", 
+		help="choose LDAP admin password (otherwise random)")
 parser.add_option("--root", type="string", metavar="USERNAME", 
 		help="choose 'root' unix username")
 parser.add_option("--quiet", help="Be quiet", action="store_true")
@@ -96,7 +96,7 @@ if setup_dir is None:
 provision_backend(setup_dir=setup_dir, message=message, smbconf=smbconf, targetdir=opts.targetdir,
 		  realm=opts.realm, domain=opts.domain,
 		  hostname=opts.host_name,
-		  adminpass=opts.ldap_manager_pass,
+		  adminpass=opts.ldap_admin_pass,
 		  root=opts.root, serverrole=server_role, 
 		  ldap_backend_type=opts.ldap_backend_type,
 		  ldap_backend_port=opts.ldap_backend_port)


-- 
Samba Shared Repository

More information about the samba-cvs mailing list