[SCM] Samba Shared Repository - branch v4-0-test updated -
release-4-0-0alpha5-62-g78416f4
Andrew Bartlett
abartlet at samba.org
Tue Jul 15 08:45:17 GMT 2008
The branch, v4-0-test has been updated
via 78416f4840df4f8d1f9cc5e46a48b19c86888050 (commit)
via b24c572d5a38c1f6906751c2ad2f809e1995b510 (commit)
from cd0745253c4a9ec59a035e830e54d74a05b71aaa (commit)
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=v4-0-test
- Log -----------------------------------------------------------------
commit 78416f4840df4f8d1f9cc5e46a48b19c86888050
Author: Andrew Bartlett <abartlet at samba.org>
Date: Tue Jul 15 18:44:58 2008 +1000
Fix asking for credentials for non-LDAP provisions.
commit b24c572d5a38c1f6906751c2ad2f809e1995b510
Author: Andrew Bartlett <abartlet at samba.org>
Date: Tue Jul 15 15:46:32 2008 +1000
Rework provision to handle both simple and SASL binds.
Fedora DS is still setup for simple binds only, at this point.
(it also fails on other issues).
Andrew Bartlett
-----------------------------------------------------------------------
Summary of changes:
source/scripting/python/samba/provision.py | 12 +++++++-----
source/selftest/target/Samba4.pm | 11 ++++++-----
source/setup/provision-backend | 6 +++---
3 files changed, 16 insertions(+), 13 deletions(-)
Changeset truncated at 500 lines:
diff --git a/source/scripting/python/samba/provision.py b/source/scripting/python/samba/provision.py
index d0f612c..6102dc7 100644
--- a/source/scripting/python/samba/provision.py
+++ b/source/scripting/python/samba/provision.py
@@ -605,7 +605,7 @@ def setup_secretsdb(path, setup_path, session_info, credentials, lp):
lp=lp)
secrets_ldb.load_ldif_file_add(setup_path("secrets.ldif"))
- if credentials.authentication_requested:
+ if credentials is not None and credentials.authentication_requested():
if credentials.get_bind_dn() is not None:
setup_add_ldif(secrets_ldb, setup_path("secrets_simple_ldap.ldif"), {
"LDAPMANAGERDN": credentials.get_bind_dn(),
@@ -1300,9 +1300,6 @@ refint_attributes""" + refint_attributes + "\n"
"UUID": str(uuid.uuid4()),
"LDAPTIME": timestring(int(time.time()))} )
-#"LDAPMANAGERDN": names.ldapmanagerdn,
-
-
mapping = "schema-map-openldap-2.3"
backend_schema = "backend-schema.schema"
@@ -1323,7 +1320,12 @@ refint_attributes""" + refint_attributes + "\n"
message("Hostname: %s" % names.hostname)
message("DNS Domain: %s" % names.dnsdomain)
message("Base DN: %s" % names.domaindn)
- message("LDAP admin DN: %s" % names.ldapmanagerdn)
+
+ if ldap_backend_type == "openldap":
+ message("LDAP admin user: samba-admin")
+ else:
+ message("LDAP admin DN: %s" % names.ldapmanagerdn)
+
message("LDAP admin password: %s" % adminpass)
message(slapdcommand)
diff --git a/source/selftest/target/Samba4.pm b/source/selftest/target/Samba4.pm
index 0be1acf..896b013 100644
--- a/source/selftest/target/Samba4.pm
+++ b/source/selftest/target/Samba4.pm
@@ -571,7 +571,6 @@ sub provision($$$$$$)
server max protocol = SMB2
notify:inotify = false
ldb:nosync = true
- system:anonymous = true
#We don't want to pass our self-tests if the PAC code is wrong
gensec:require_pac = true
log level = $smbd_loglevel
@@ -719,8 +718,7 @@ nogroup:x:65534:nobody
push (@provision_options, "--krbtgtpass=krbtgt$password");
push (@provision_options, "--machinepass=machine$password");
push (@provision_options, "--root=$unix_name");
- push (@provision_options, "--username=samba-admin");
- push (@provision_options, "--password=$password");
+
push (@provision_options, "--server-role=\"$server_role\"");
my $ldap_uri= "$ldapdir/ldapi";
@@ -753,15 +751,18 @@ nogroup:x:65534:nobody
if (defined($self->{ldap})) {
push (@provision_options, "--ldap-backend=$ldap_uri");
- system("$self->{setupdir}/provision-backend $configuration --ldap-manager-pass=$password --root=$unix_name --realm=$realm --domain=$domain --host-name=$netbiosname --ldap-backend-type=$self->{ldap}>&2") == 0 or die("backend provision failed");
+ system("$self->{setupdir}/provision-backend $configuration --ldap-admin-pass=$password --root=$unix_name --realm=$realm --domain=$domain --host-name=$netbiosname --ldap-backend-type=$self->{ldap}>&2") == 0 or die("backend provision failed");
+
+ push (@provision_options, "--password=$password");
if ($self->{ldap} eq "openldap") {
+ push (@provision_options, "--username=samba-admin");
($ret->{SLAPD_CONF}, $ret->{OPENLDAP_PIDFILE}) = $self->mk_openldap($ldapdir, $configuration) or die("Unable to create openldap directories");
push (@provision_options, "--ldap-backend-type=openldap");
} elsif ($self->{ldap} eq "fedora-ds") {
+ push (@provision_options, "--simple-bind-dn=cn=Manager,$localbasedn");
($ret->{FEDORA_DS_DIR}, $ret->{FEDORA_DS_PIDFILE}) = $self->mk_fedora_ds($ldapdir, $configuration) or die("Unable to create fedora ds directories");
push (@provision_options, "--ldap-backend-type=fedora-ds");
- push (@provision_options, "'--aci=aci:: KHRhcmdldGF0dHIgPSAiKiIpICh2ZXJzaW9uIDMuMDthY2wgImZ1bGwgYWNjZXNzIHRvIGFsbCBieSBhbGwiO2FsbG93IChhbGwpKHVzZXJkbiA9ICJsZGFwOi8vL2FueW9uZSIpOykK'");
}
$self->slapd_start($ret) or
diff --git a/source/setup/provision-backend b/source/setup/provision-backend
index 54dc583..845dc86 100755
--- a/source/setup/provision-backend
+++ b/source/setup/provision-backend
@@ -49,8 +49,8 @@ parser.add_option("--domain", type="string", metavar="DOMAIN",
help="set domain")
parser.add_option("--host-name", type="string", metavar="HOSTNAME",
help="set hostname")
-parser.add_option("--ldap-manager-pass", type="string", metavar="PASSWORD",
- help="choose LDAP manager password (otherwise random)")
+parser.add_option("--ldap-admin-pass", type="string", metavar="PASSWORD",
+ help="choose LDAP admin password (otherwise random)")
parser.add_option("--root", type="string", metavar="USERNAME",
help="choose 'root' unix username")
parser.add_option("--quiet", help="Be quiet", action="store_true")
@@ -96,7 +96,7 @@ if setup_dir is None:
provision_backend(setup_dir=setup_dir, message=message, smbconf=smbconf, targetdir=opts.targetdir,
realm=opts.realm, domain=opts.domain,
hostname=opts.host_name,
- adminpass=opts.ldap_manager_pass,
+ adminpass=opts.ldap_admin_pass,
root=opts.root, serverrole=server_role,
ldap_backend_type=opts.ldap_backend_type,
ldap_backend_port=opts.ldap_backend_port)
--
Samba Shared Repository
More information about the samba-cvs
mailing list