[SCM] Samba Shared Repository - branch master updated

Andrew Bartlett abartlet at samba.org
Wed Oct 17 04:56:02 MDT 2012 

The branch, master has been updated
       via  d09ac96 Removed phpldapadmin inclusion for Samba 4.
       via  83d34bb dns_server: Try and use the dns-SERVER account if we were configured with it
      from  0296548 ccan: check for all the used config.h defines

http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master


- Log -----------------------------------------------------------------
commit d09ac9636af6a31098156ca65ab62e11ce3a5d15
Author: Ricky Nance <ricky.nance at weaubleau.k12.mo.us>
Date:   Tue Oct 16 00:52:51 2012 -0500

    Removed phpldapadmin inclusion for Samba 4.
    
    Signed-off-by: Andrew Bartlett <abartlet at samba.org>
    
    Autobuild-User(master): Andrew Bartlett <abartlet at samba.org>
    Autobuild-Date(master): Wed Oct 17 12:55:44 CEST 2012 on sn-devel-104

commit 83d34bb2bbcbc0ebbcb81825590363e996979e08
Author: Andrew Bartlett <abartlet at samba.org>
Date:   Tue Oct 16 15:08:30 2012 +1100

    dns_server: Try and use the dns-SERVER account if we were configured with it

-----------------------------------------------------------------------

Summary of changes:
 source4/dns_server/dns_server.c                    |   61 +++++++++++++++-----
 .../scripting/python/samba/provision/__init__.py   |   20 -------
 source4/scripting/python/samba/tests/provision.py  |   10 ---
 source4/setup/phpldapadmin-config.php              |   20 -------
 4 files changed, 47 insertions(+), 64 deletions(-)
 delete mode 100644 source4/setup/phpldapadmin-config.php


Changeset truncated at 500 lines:

diff --git a/source4/dns_server/dns_server.c b/source4/dns_server/dns_server.c
index 8e25396..6824fef 100644
--- a/source4/dns_server/dns_server.c
+++ b/source4/dns_server/dns_server.c
@@ -748,7 +748,11 @@ static void dns_task_init(struct task_server *task)
 	int ret;
 	struct ldb_result *res;
 	static const char * const attrs[] = { "name", NULL};
+	static const char * const attrs_none[] = { NULL};
 	unsigned int i;
+	struct ldb_message *dns_acc;
+	char *hostname_lower;
+	char *dns_spn;
 
 	switch (lpcfg_server_role(task->lp_ctx)) {
 	case ROLE_STANDALONE:
@@ -787,29 +791,58 @@ static void dns_task_init(struct task_server *task)
 		return;
 	}
 
-	cli_credentials_set_conf(dns->server_credentials, task->lp_ctx);
-	status = cli_credentials_set_machine_account(dns->server_credentials, task->lp_ctx);
-	if (!NT_STATUS_IS_OK(status)) {
-		task_server_terminate(task,
-			talloc_asprintf(task, "Failed to obtain server credentials, perhaps a standalone server?: %s\n",
-					nt_errstr(status)),
-			true);
+	dns->samdb = samdb_connect(dns, dns->task->event_ctx, dns->task->lp_ctx,
+			      system_session(dns->task->lp_ctx), 0);
+	if (!dns->samdb) {
+		task_server_terminate(task, "dns: samdb_connect failed", true);
 		return;
 	}
 
+	cli_credentials_set_conf(dns->server_credentials, task->lp_ctx);
+
+	hostname_lower = strlower_talloc(dns, lpcfg_netbios_name(task->lp_ctx));
+	dns_spn = talloc_asprintf(dns, "DNS/%s.%s",
+				  hostname_lower,
+				  lpcfg_dnsdomain(task->lp_ctx));
+	TALLOC_FREE(hostname_lower);
+
+	ret = dsdb_search_one(dns->samdb, dns, &dns_acc,
+			      ldb_get_default_basedn(dns->samdb), LDB_SCOPE_SUBTREE,
+			      attrs_none, 0, "(servicePrincipalName=%s)",
+			      dns_spn);
+	if (ret == LDB_SUCCESS) {
+		TALLOC_FREE(dns_acc);
+		if (!dns_spn) {
+			task_server_terminate(task, "dns: talloc_asprintf failed", true);
+			return;
+		}
+		status = cli_credentials_set_stored_principal(dns->server_credentials, task->lp_ctx, dns_spn);
+		if (!NT_STATUS_IS_OK(status)) {
+			task_server_terminate(task,
+					      talloc_asprintf(task, "Failed to obtain server credentials for DNS, "
+							      "despite finding it in the samdb! %s\n",
+							      nt_errstr(status)),
+					      true);
+			return;
+		}
+	} else {
+		TALLOC_FREE(dns_spn);
+		status = cli_credentials_set_machine_account(dns->server_credentials, task->lp_ctx);
+		if (!NT_STATUS_IS_OK(status)) {
+			task_server_terminate(task,
+					      talloc_asprintf(task, "Failed to obtain server credentials, perhaps a standalone server?: %s\n",
+							      nt_errstr(status)),
+					      true);
+			return;
+		}
+	}
+
 	dns->tkeys = tkey_store_init(dns, TKEY_BUFFER_SIZE);
 	if (!dns->tkeys) {
 		task_server_terminate(task, "Failed to allocate tkey storage\n", true);
 		return;
 	}
 
-	dns->samdb = samdb_connect(dns, dns->task->event_ctx, dns->task->lp_ctx,
-			      system_session(dns->task->lp_ctx), 0);
-	if (!dns->samdb) {
-		task_server_terminate(task, "dns: samdb_connect failed", true);
-		return;
-	}
-
 	// TODO: this search does not work against windows
 	ret = dsdb_search(dns->samdb, dns, &res, NULL, LDB_SCOPE_SUBTREE,
 			  attrs, DSDB_SEARCH_SEARCH_ALL_PARTITIONS, "(objectClass=dnsZone)");
diff --git a/source4/scripting/python/samba/provision/__init__.py b/source4/scripting/python/samba/provision/__init__.py
index 9966192..d440b9f 100644
--- a/source4/scripting/python/samba/provision/__init__.py
+++ b/source4/scripting/python/samba/provision/__init__.py
@@ -122,7 +122,6 @@ class ProvisionPaths(object):
         self.winsdb = None
         self.private_dir = None
         self.state_dir = None
-        self.phpldapadminconfig = None
 
 
 class ProvisionNames(object):
@@ -401,12 +400,6 @@ class ProvisionResult(object):
         logger.info("DNS Domain:            %s", self.names.dnsdomain)
         logger.info("DOMAIN SID:            %s", self.domainsid)
 
-        if self.paths.phpldapadminconfig is not None:
-            logger.info(
-                "A phpLDAPadmin configuration file suitable for administering "
-                "the Samba 4 LDAP server has been created in %s.",
-                self.paths.phpldapadminconfig)
-
         if self.backend_result:
             self.backend_result.report_logger(logger)
 
@@ -474,8 +467,6 @@ def provision_paths_from_lp(lp, dnsdomain):
     paths.krb5conf = os.path.join(paths.private_dir, "krb5.conf")
     paths.winsdb = os.path.join(paths.private_dir, "wins.ldb")
     paths.s4_ldapi_path = os.path.join(paths.private_dir, "ldapi")
-    paths.phpldapadminconfig = os.path.join(paths.private_dir,
-                                            "phpldapadmin-config.php")
     paths.hklm = "hklm.ldb"
     paths.hkcr = "hkcr.ldb"
     paths.hkcu = "hkcu.ldb"
@@ -2052,8 +2043,6 @@ def provision(logger, session_info, credentials, smbconf=None,
         backend_result = provision_backend.post_setup()
         provision_backend.shutdown()
 
-        create_phpldapadmin_config(paths.phpldapadminconfig,
-                                   ldapi_url)
     except:
         secrets_ldb.transaction_cancel()
         raise
@@ -2124,15 +2113,6 @@ def provision_become_dc(smbconf=None, targetdir=None,
     return res
 
 
-def create_phpldapadmin_config(path, ldapi_uri):
-    """Create a PHP LDAP admin configuration file.
-
-    :param path: Path to write the configuration to.
-    """
-    setup_file(setup_path("phpldapadmin-config.php"), path,
-            {"S4_LDAPI_URI": ldapi_uri})
-
-
 def create_krb5_conf(path, dnsdomain, hostname, realm):
     """Write out a file containing zone statements suitable for inclusion in a
     named.conf file (including GSS-TSIG configuration).
diff --git a/source4/scripting/python/samba/tests/provision.py b/source4/scripting/python/samba/tests/provision.py
index f7fb407..9921791 100644
--- a/source4/scripting/python/samba/tests/provision.py
+++ b/source4/scripting/python/samba/tests/provision.py
@@ -104,9 +104,6 @@ class Disabled(object):
     def test_setup_samdb_partitions(self):
         raise NotImplementedError(self.test_setup_samdb_partitions)
 
-    def test_create_phpldapadmin_config(self):
-        raise NotImplementedError(self.test_create_phpldapadmin_config)
-
     def test_provision_dns(self):
         raise NotImplementedError(self.test_provision_dns)
 
@@ -185,13 +182,6 @@ class ProvisionResultTests(TestCase):
             ('INFO', 'DNS Domain:            dnsdomein'),
             ('INFO', 'DOMAIN SID:            S1-1-1')])
 
-    def test_report_logger_phpldapadmin(self):
-        result = self.base_result()
-        result.paths.phpldapadminconfig = "/some/ldapconfig"
-        entries = self.report_logger(result)
-        self.assertEquals(entries[-1],
-            ("INFO", "A phpLDAPadmin configuration file suitable for administering the Samba 4 LDAP server has been created in /some/ldapconfig."))
-
     def test_report_logger_adminpass(self):
         result = self.base_result()
         result.adminpass_generated = True
diff --git a/source4/setup/phpldapadmin-config.php b/source4/setup/phpldapadmin-config.php
deleted file mode 100644
index 8a2f215..0000000
--- a/source4/setup/phpldapadmin-config.php
+++ /dev/null
@@ -1,20 +0,0 @@
-<?php
-/**
- * The phpLDAPadmin config file, customised for use with Samba4
- *
- * Use config.php.example to create config.php, if you don't have one.
- *
- * Append this file to config.php.
- */
-
-/* Create a new LDAP server for SAMBA4 */
-$servers->newServer('ldap_pla');
-
-/* A convenient name that will appear in the tree viewer and throughout
-   phpLDAPadmin to identify this LDAP server to users. */
-$servers->setValue('server','name','Samba4 LDAP Server');
-$servers->setValue('server','host','${S4_LDAPI_URI}');
-$servers->setValue('login','auth_type','session');
-$servers->setValue('login','attr','dn');
-
-?>


-- 
Samba Shared Repository

More information about the samba-cvs mailing list