[SCM] Samba Shared Repository - branch master updated - tevent-0-9-8-311-gffe8314

Andrew Bartlett abartlet at samba.org
Mon Sep 14 23:43:18 MDT 2009 

The branch, master has been updated
       via  ffe831452b4251dec3049ab08b125d1fade5fa21 (commit)
       via  7268720ad468b087dc723d4efaf38412603409cb (commit)
      from  f410d23185f5c81dbc111285ea0ba9daf5fc111d (commit)

http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master


- Log -----------------------------------------------------------------
commit ffe831452b4251dec3049ab08b125d1fade5fa21
Author: Andrew Bartlett <abartlet at samba.org>
Date:   Mon Sep 14 22:37:11 2009 -0700

    s4:provision Prevent some invalid combinations of realm and domain
    
    We don't do well (even just trying to create duplicate
    servicePrincipalName values) with some of these combinations, so kill
    it off early before the administrator thinks it's going to work.
    
    Andrew Bartlett

commit 7268720ad468b087dc723d4efaf38412603409cb
Author: Matthieu Patou <mat at matws.net>
Date:   Sat Sep 12 01:03:52 2009 +0400

    s4: Script to build or rebuild extend DN attributes
    
    This script can be used to upgrade a provision that didn't integrate extended dn.
     It can also be used to add missing extended DN that weren't created during provision.

-----------------------------------------------------------------------

Summary of changes:
 source4/scripting/bin/rebuildextendeddn     |  141 +++++++++++++++++++++++++++
 source4/scripting/python/samba/provision.py |    9 ++
 2 files changed, 150 insertions(+), 0 deletions(-)
 create mode 100755 source4/scripting/bin/rebuildextendeddn


Changeset truncated at 500 lines:

diff --git a/source4/scripting/bin/rebuildextendeddn b/source4/scripting/bin/rebuildextendeddn
new file mode 100755
index 0000000..618d179
--- /dev/null
+++ b/source4/scripting/bin/rebuildextendeddn
@@ -0,0 +1,141 @@
+#!/usr/bin/python
+#
+# Unix SMB/CIFS implementation.
+# Extended attributes (re)building
+# Copyright (C) Matthieu Patou <mat at matws.net> 2009
+#
+# Based on provision a Samba4 server by
+# Copyright (C) Jelmer Vernooij <jelmer at samba.org> 2007-2008
+# Copyright (C) Andrew Bartlett <abartlet at samba.org> 2008
+#
+#   
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation; either version 3 of the License, or
+# (at your option) any later version.
+#   
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#   
+# You should have received a copy of the GNU General Public License
+# along with this program.  If not, see <http://www.gnu.org/licenses/>.
+#
+
+import getopt
+import optparse
+import os
+import sys
+# Find right directory when running from source tree
+sys.path.insert(0, "bin/python")
+
+import samba
+from samba.credentials import DONT_USE_KERBEROS
+from samba.auth import system_session
+from samba import Ldb, substitute_var, valid_netbios_name, check_all_substituted
+from ldb import SCOPE_SUBTREE, SCOPE_ONELEVEL, SCOPE_BASE, LdbError, \
+		        timestring, CHANGETYPE_MODIFY, CHANGETYPE_NONE
+import ldb
+import samba.getopt as options
+from samba.samdb import SamDB
+from samba import param
+from samba.provision import ProvisionPaths, ProvisionNames,provision_paths_from_lp,get_dnsyntax_attributes,get_linked_attributes
+
+parser = optparse.OptionParser("provision [options]")
+sambaopts = options.SambaOptions(parser)
+parser.add_option_group(sambaopts)
+parser.add_option_group(options.VersionOptions(parser))
+credopts = options.CredentialsOptions(parser)
+parser.add_option_group(credopts)
+parser.add_option("--targetdir", type="string", metavar="DIR", 
+		          help="Set target directory")
+
+opts = parser.parse_args()[0]
+
+def message(text):
+	"""print a message if quiet is not set."""
+	if not opts.quiet:
+		print text
+
+if len(sys.argv) == 1:
+	opts.interactive = True
+
+lp = sambaopts.get_loadparm()
+smbconf = lp.configfile
+
+creds = credopts.get_credentials(lp)
+
+creds.set_kerberos_state(DONT_USE_KERBEROS)
+
+session = system_session()
+
+
+def get_paths(targetdir=None,smbconf=None):
+	if targetdir is not None:
+		if (not os.path.exists(os.path.join(targetdir, "etc"))):
+			os.makedirs(os.path.join(targetdir, "etc"))
+		smbconf = os.path.join(targetdir, "etc", "smb.conf")
+	if smbconf is None:
+			smbconf = param.default_path()
+
+	if not os.path.exists(smbconf):
+		print >>sys.stderr, "Unable to find smb.conf .. "+smbconf
+		parser.print_usage()
+		sys.exit(1)
+
+	lp = param.LoadParm()
+	lp.load(smbconf)
+	paths = provision_paths_from_lp(lp,"foo")
+	return paths
+
+
+
+def rebuild_en_dn(credentials,session_info,paths):
+	lp = param.LoadParm()
+	lp.load(paths.smbconf)
+	names = ProvisionNames()
+	names.domain = lp.get("workgroup")
+	names.realm = lp.get("realm")
+	names.rootdn = "DC=" + names.realm.replace(".",",DC=")
+	
+	attrs = ["dn" ]
+	dn = ""
+	sam_ldb = Ldb(paths.samdb, session_info=session_info, credentials=credentials,lp=lp)
+	attrs2 = ["schemaNamingContext"]
+	res2 = sam_ldb.search(expression="(objectClass=*)",base="", scope=SCOPE_BASE, attrs=attrs2)
+	attrs.extend(get_linked_attributes(ldb.Dn(sam_ldb,str(res2[0]["schemaNamingContext"])),sam_ldb).keys())
+	attrs.extend(get_dnsyntax_attributes(ldb.Dn(sam_ldb,str(res2[0]["schemaNamingContext"])),sam_ldb)),	
+	sam_ldb.transaction_start()
+	res = sam_ldb.search(expression="(cn=*)", scope=SCOPE_SUBTREE, attrs=attrs,controls=["search_options:1:2"]
+)
+	mod = ""
+	for i in range (0,len(res)):
+		#print >>sys.stderr,res[i].dn
+		dn = res[i].dn
+		for att in res[i]:
+			if ( (att != "dn" and att != "cn") and not (res[i][att] is None) ):
+				m = ldb.Message()
+				m.dn = ldb.Dn(sam_ldb, str(dn))
+				saveatt = []
+				for j in range (0,len( res[i][att])):
+					mod = mod +att +": "+str(res[i][att][j])+"\n"
+					saveatt.append(str(res[i][att][j]))
+				m[att] = ldb.MessageElement(saveatt, ldb.FLAG_MOD_REPLACE, att)
+				sam_ldb.modify(m)
+				res3 = sam_ldb.search(expression="(&(dn=%s)(%s=*))"%(dn,att),scope=SCOPE_SUBTREE, attrs=[att],controls=["search_options:1:2"])
+				if( len(res3) == 0  or (len(res3[0][att])!= len(saveatt))):
+					print >>sys.stderr, str(dn) + " has no attr " +att+ " or a wrong value"
+					for satt in saveatt:
+						print >>sys.stderr,str(att)+"	=	"+satt
+					sam_ldb.transaction_cancel()
+	sam_ldb.transaction_commit()
+
+
+
+		
+paths = get_paths(targetdir=opts.targetdir,smbconf=smbconf)
+
+
+rebuild_en_dn(creds,session,paths)
+
diff --git a/source4/scripting/python/samba/provision.py b/source4/scripting/python/samba/provision.py
index e21a3cb..8f7859c 100644
--- a/source4/scripting/python/samba/provision.py
+++ b/source4/scripting/python/samba/provision.py
@@ -421,6 +421,15 @@ def guess_names(lp=None, hostname=None, domain=None, dnsdomain=None,
     if not valid_netbios_name(domain):
         raise InvalidNetbiosName(domain)
         
+    if netbiosname.upper() == realm.upper():
+        raise Exception("realm %s must not be equal to netbios domain name %s", realm, netbiosname)
+        
+    if hostname.upper() == realm.upper():
+        raise Exception("realm %s must not be equal to hostname %s", realm, hostname)
+        
+    if domain.upper() == realm.upper():
+        raise Exception("realm %s must not be equal to domain name %s", realm, domain)
+
     if rootdn is None:
        rootdn = domaindn
        


-- 
Samba Shared Repository

More information about the samba-cvs mailing list