[SCM] Samba Shared Repository - branch master updated - tevent-0-9-8-265-g7710092
Matthias Dieter Wallnöfer
mdw at samba.org
Sat Sep 12 03:26:45 MDT 2009
The branch, master has been updated
via 77100924d9247a3b12ad812b2d3c66b63e3600a7 (commit)
via b0b8340d95bf77eb3abc1e89fbf87b146818ce7f (commit)
from db26c00c5509d361b2681d23e326aca96fc23ea1 (commit)
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master
- Log -----------------------------------------------------------------
commit 77100924d9247a3b12ad812b2d3c66b63e3600a7
Author: Matthias Dieter Wallnöfer <mwallnoefer at yahoo.de>
Date: Sat Sep 12 11:13:36 2009 +0200
s4:group policies - the default group policy objects are all system-critical
commit b0b8340d95bf77eb3abc1e89fbf87b146818ce7f
Author: Matthias Dieter Wallnöfer <mwallnoefer at yahoo.de>
Date: Sat Sep 12 10:58:56 2009 +0200
s4:group policies - upcase directory names of default group policies
The directory names (MACHINE, USER) are upcased to help locating the default
group policies under the SYSVOL dir (the additional ones have only the first
letter upcased of those directory names).
-----------------------------------------------------------------------
Summary of changes:
source4/scripting/python/samba/provision.py | 12 ++++++++----
source4/setup/provision_group_policy.ldif | 6 ++++++
2 files changed, 14 insertions(+), 4 deletions(-)
Changeset truncated at 500 lines:
diff --git a/source4/scripting/python/samba/provision.py b/source4/scripting/python/samba/provision.py
index 19149e9..e21a3cb 100644
--- a/source4/scripting/python/samba/provision.py
+++ b/source4/scripting/python/samba/provision.py
@@ -1040,10 +1040,14 @@ def provision(setup_dir, message, session_info,
if domainsid is None:
domainsid = security.random_sid()
+ # create/adapt the group policy GUIDs
if policyguid is None:
policyguid = str(uuid.uuid4())
+ policyguid = policyguid.upper()
if policyguid_dc is None:
policyguid_dc = str(uuid.uuid4())
+ policyguid_dc = policyguid_dc.upper()
+
if adminpass is None:
adminpass = glue.generate_random_str(12)
if krbtgtpass is None:
@@ -1191,16 +1195,16 @@ def provision(setup_dir, message, session_info,
os.makedirs(policy_path, 0755)
open(os.path.join(policy_path, "GPT.INI"), 'w').write(
"[General]\r\nVersion=65544")
- os.makedirs(os.path.join(policy_path, "Machine"), 0755)
- os.makedirs(os.path.join(policy_path, "User"), 0755)
+ os.makedirs(os.path.join(policy_path, "MACHINE"), 0755)
+ os.makedirs(os.path.join(policy_path, "USER"), 0755)
policy_path_dc = os.path.join(paths.sysvol, names.dnsdomain, "Policies",
"{" + policyguid_dc + "}")
os.makedirs(policy_path_dc, 0755)
open(os.path.join(policy_path_dc, "GPT.INI"), 'w').write(
"[General]\r\nVersion=2")
- os.makedirs(os.path.join(policy_path_dc, "Machine"), 0755)
- os.makedirs(os.path.join(policy_path_dc, "User"), 0755)
+ os.makedirs(os.path.join(policy_path_dc, "MACHINE"), 0755)
+ os.makedirs(os.path.join(policy_path_dc, "USER"), 0755)
if not os.path.isdir(paths.netlogon):
os.makedirs(paths.netlogon, 0755)
diff --git a/source4/setup/provision_group_policy.ldif b/source4/setup/provision_group_policy.ldif
index 00f0bee..6f58bd4 100644
--- a/source4/setup/provision_group_policy.ldif
+++ b/source4/setup/provision_group_policy.ldif
@@ -14,17 +14,20 @@ gPCMachineExtensionNames: [{35378EAC-683F-11D2-A89A-00C04FBBCFA2}{53D6AB1B-248
gPCUserExtensionNames: [{3060E8D0-7020-11D2-842D-00C04FA372D4}{3060E8CE-7020-1
1D2-842D-00C04FA372D4}][{35378EAC-683F-11D2-A89A-00C04FBBCFA2}{0F6B957E-509E-
11D1-A7CC-0000F87571E3}]
+isCriticalSystemObject: TRUE
nTSecurityDescriptor: O:${DOMAINSID}-512G:${DOMAINSID}-512D:PAI(A;CI;RPWPCCDCLCLORCWOWDSDDTSW;;;${DOMAINSID}-512)(A;CI;RPWPCCDCLCLORCWOWDSDDTSW;;;${DOMAINSID}-519)(A;;RPWPCCDCLCLORCWOWDSDDTSW;;;${DOMAINSID}-512)(A;CIIO;RPWPCCDCLCLORCWOWDSDDTSW;;;CO)(A;CI;RPWPCCDCLCLORCWOWDSDDTSW;;;SY)(A;CI;RPLCLORC;;;AU)(OA;CI;CR;edacfd8f-ffb3-11d1-b41d-00a0c968f939;;AU)(A;CI;RPLCLORC;;;ED)S:AI(OU;CIIDSA;WPWD;;f30e3bc2-9ff0-11d1-b603-0000f80367c1;WD)(OU;CIIOIDSA;WP;f30e3bbe-9ff0-11d1-b603-0000f80367c1;bf967aa5-0de6-11d0-a285-00aa003049e2;WD)(OU;CIIOIDSA;WP;f30e3bbf-9ff0-11d1-b603-0000f80367c1;bf967aa5-0de6-11d0-a285-00aa003049e2;WD)
systemFlags: -1946157056
dn: CN=User,CN={${POLICYGUID}},CN=Policies,CN=System,${DOMAINDN}
objectClass: top
objectClass: container
+isCriticalSystemObject: TRUE
systemFlags: -1946157056
dn: CN=Machine,CN={${POLICYGUID}},CN=Policies,CN=System,${DOMAINDN}
objectClass: top
objectClass: container
+isCriticalSystemObject: TRUE
systemFlags: -1946157056
dn: CN={${POLICYGUID_DC}},CN=Policies,CN=System,${DOMAINDN}
@@ -38,16 +41,19 @@ versionNumber: 2
flags: 0
gPCMachineExtensionNames: [{827D319E-6EAC-11D2-A4EA-00C04F79F83A}{803E14A0-B4
FB-11D0-A0D0-00A0C90F574B}]
+isCriticalSystemObject: TRUE
nTSecurityDescriptor: O:${DOMAINSID}-512G:${DOMAINSID}-512D:PAI(A;CI;RPWPCCDCLCLORCWOWDSDDTSW;;;${DOMAINSID}-512)(A;CI;RPWPCCDCLCLORCWOWDSDDTSW;;;${DOMAINSID}-519)(A;;RPWPCCDCLCLORCWOWDSDDTSW;;;${DOMAINSID}-512)(A;CIIO;RPWPCCDCLCLORCWOWDSDDTSW;;;CO)(A;CI;RPWPCCDCLCLORCWOWDSDDTSW;;;SY)(A;CI;RPLCLORC;;;AU)(OA;CI;CR;edacfd8f-ffb3-11d1-b41d-00a0c968f939;;AU)(A;CI;RPLCLORC;;;ED)S:AI(OU;CIIDSA;WPWD;;f30e3bc2-9ff0-11d1-b603-0000f80367c1;WD)(OU;CIIOIDSA;WP;f30e3bbe-9ff0-11d1-b603-0000f80367c1;bf967aa5-0de6-11d0-a285-00aa003049e2;WD)(OU;CIIOIDSA;WP;f30e3bbf-9ff0-11d1-b603-0000f80367c1;bf967aa5-0de6-11d0-a285-00aa003049e2;WD)
systemFlags: -1946157056
dn: CN=User,CN={${POLICYGUID_DC}},CN=Policies,CN=System,${DOMAINDN}
objectClass: top
objectClass: container
+isCriticalSystemObject: TRUE
systemFlags: -1946157056
dn: CN=Machine,CN={${POLICYGUID_DC}},CN=Policies,CN=System,${DOMAINDN}
objectClass: top
objectClass: container
+isCriticalSystemObject: TRUE
systemFlags: -1946157056
--
Samba Shared Repository
More information about the samba-cvs
mailing list