[SCM] Samba Shared Repository - branch master updated
Andrew Bartlett
abartlet at samba.org
Wed Oct 17 04:56:02 MDT 2012
The branch, master has been updated
via d09ac96 Removed phpldapadmin inclusion for Samba 4.
via 83d34bb dns_server: Try and use the dns-SERVER account if we were configured with it
from 0296548 ccan: check for all the used config.h defines
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master
- Log -----------------------------------------------------------------
commit d09ac9636af6a31098156ca65ab62e11ce3a5d15
Author: Ricky Nance <ricky.nance at weaubleau.k12.mo.us>
Date: Tue Oct 16 00:52:51 2012 -0500
Removed phpldapadmin inclusion for Samba 4.
Signed-off-by: Andrew Bartlett <abartlet at samba.org>
Autobuild-User(master): Andrew Bartlett <abartlet at samba.org>
Autobuild-Date(master): Wed Oct 17 12:55:44 CEST 2012 on sn-devel-104
commit 83d34bb2bbcbc0ebbcb81825590363e996979e08
Author: Andrew Bartlett <abartlet at samba.org>
Date: Tue Oct 16 15:08:30 2012 +1100
dns_server: Try and use the dns-SERVER account if we were configured with it
-----------------------------------------------------------------------
Summary of changes:
source4/dns_server/dns_server.c | 61 +++++++++++++++-----
.../scripting/python/samba/provision/__init__.py | 20 -------
source4/scripting/python/samba/tests/provision.py | 10 ---
source4/setup/phpldapadmin-config.php | 20 -------
4 files changed, 47 insertions(+), 64 deletions(-)
delete mode 100644 source4/setup/phpldapadmin-config.php
Changeset truncated at 500 lines:
diff --git a/source4/dns_server/dns_server.c b/source4/dns_server/dns_server.c
index 8e25396..6824fef 100644
--- a/source4/dns_server/dns_server.c
+++ b/source4/dns_server/dns_server.c
@@ -748,7 +748,11 @@ static void dns_task_init(struct task_server *task)
int ret;
struct ldb_result *res;
static const char * const attrs[] = { "name", NULL};
+ static const char * const attrs_none[] = { NULL};
unsigned int i;
+ struct ldb_message *dns_acc;
+ char *hostname_lower;
+ char *dns_spn;
switch (lpcfg_server_role(task->lp_ctx)) {
case ROLE_STANDALONE:
@@ -787,29 +791,58 @@ static void dns_task_init(struct task_server *task)
return;
}
- cli_credentials_set_conf(dns->server_credentials, task->lp_ctx);
- status = cli_credentials_set_machine_account(dns->server_credentials, task->lp_ctx);
- if (!NT_STATUS_IS_OK(status)) {
- task_server_terminate(task,
- talloc_asprintf(task, "Failed to obtain server credentials, perhaps a standalone server?: %s\n",
- nt_errstr(status)),
- true);
+ dns->samdb = samdb_connect(dns, dns->task->event_ctx, dns->task->lp_ctx,
+ system_session(dns->task->lp_ctx), 0);
+ if (!dns->samdb) {
+ task_server_terminate(task, "dns: samdb_connect failed", true);
return;
}
+ cli_credentials_set_conf(dns->server_credentials, task->lp_ctx);
+
+ hostname_lower = strlower_talloc(dns, lpcfg_netbios_name(task->lp_ctx));
+ dns_spn = talloc_asprintf(dns, "DNS/%s.%s",
+ hostname_lower,
+ lpcfg_dnsdomain(task->lp_ctx));
+ TALLOC_FREE(hostname_lower);
+
+ ret = dsdb_search_one(dns->samdb, dns, &dns_acc,
+ ldb_get_default_basedn(dns->samdb), LDB_SCOPE_SUBTREE,
+ attrs_none, 0, "(servicePrincipalName=%s)",
+ dns_spn);
+ if (ret == LDB_SUCCESS) {
+ TALLOC_FREE(dns_acc);
+ if (!dns_spn) {
+ task_server_terminate(task, "dns: talloc_asprintf failed", true);
+ return;
+ }
+ status = cli_credentials_set_stored_principal(dns->server_credentials, task->lp_ctx, dns_spn);
+ if (!NT_STATUS_IS_OK(status)) {
+ task_server_terminate(task,
+ talloc_asprintf(task, "Failed to obtain server credentials for DNS, "
+ "despite finding it in the samdb! %s\n",
+ nt_errstr(status)),
+ true);
+ return;
+ }
+ } else {
+ TALLOC_FREE(dns_spn);
+ status = cli_credentials_set_machine_account(dns->server_credentials, task->lp_ctx);
+ if (!NT_STATUS_IS_OK(status)) {
+ task_server_terminate(task,
+ talloc_asprintf(task, "Failed to obtain server credentials, perhaps a standalone server?: %s\n",
+ nt_errstr(status)),
+ true);
+ return;
+ }
+ }
+
dns->tkeys = tkey_store_init(dns, TKEY_BUFFER_SIZE);
if (!dns->tkeys) {
task_server_terminate(task, "Failed to allocate tkey storage\n", true);
return;
}
- dns->samdb = samdb_connect(dns, dns->task->event_ctx, dns->task->lp_ctx,
- system_session(dns->task->lp_ctx), 0);
- if (!dns->samdb) {
- task_server_terminate(task, "dns: samdb_connect failed", true);
- return;
- }
-
// TODO: this search does not work against windows
ret = dsdb_search(dns->samdb, dns, &res, NULL, LDB_SCOPE_SUBTREE,
attrs, DSDB_SEARCH_SEARCH_ALL_PARTITIONS, "(objectClass=dnsZone)");
diff --git a/source4/scripting/python/samba/provision/__init__.py b/source4/scripting/python/samba/provision/__init__.py
index 9966192..d440b9f 100644
--- a/source4/scripting/python/samba/provision/__init__.py
+++ b/source4/scripting/python/samba/provision/__init__.py
@@ -122,7 +122,6 @@ class ProvisionPaths(object):
self.winsdb = None
self.private_dir = None
self.state_dir = None
- self.phpldapadminconfig = None
class ProvisionNames(object):
@@ -401,12 +400,6 @@ class ProvisionResult(object):
logger.info("DNS Domain: %s", self.names.dnsdomain)
logger.info("DOMAIN SID: %s", self.domainsid)
- if self.paths.phpldapadminconfig is not None:
- logger.info(
- "A phpLDAPadmin configuration file suitable for administering "
- "the Samba 4 LDAP server has been created in %s.",
- self.paths.phpldapadminconfig)
-
if self.backend_result:
self.backend_result.report_logger(logger)
@@ -474,8 +467,6 @@ def provision_paths_from_lp(lp, dnsdomain):
paths.krb5conf = os.path.join(paths.private_dir, "krb5.conf")
paths.winsdb = os.path.join(paths.private_dir, "wins.ldb")
paths.s4_ldapi_path = os.path.join(paths.private_dir, "ldapi")
- paths.phpldapadminconfig = os.path.join(paths.private_dir,
- "phpldapadmin-config.php")
paths.hklm = "hklm.ldb"
paths.hkcr = "hkcr.ldb"
paths.hkcu = "hkcu.ldb"
@@ -2052,8 +2043,6 @@ def provision(logger, session_info, credentials, smbconf=None,
backend_result = provision_backend.post_setup()
provision_backend.shutdown()
- create_phpldapadmin_config(paths.phpldapadminconfig,
- ldapi_url)
except:
secrets_ldb.transaction_cancel()
raise
@@ -2124,15 +2113,6 @@ def provision_become_dc(smbconf=None, targetdir=None,
return res
-def create_phpldapadmin_config(path, ldapi_uri):
- """Create a PHP LDAP admin configuration file.
-
- :param path: Path to write the configuration to.
- """
- setup_file(setup_path("phpldapadmin-config.php"), path,
- {"S4_LDAPI_URI": ldapi_uri})
-
-
def create_krb5_conf(path, dnsdomain, hostname, realm):
"""Write out a file containing zone statements suitable for inclusion in a
named.conf file (including GSS-TSIG configuration).
diff --git a/source4/scripting/python/samba/tests/provision.py b/source4/scripting/python/samba/tests/provision.py
index f7fb407..9921791 100644
--- a/source4/scripting/python/samba/tests/provision.py
+++ b/source4/scripting/python/samba/tests/provision.py
@@ -104,9 +104,6 @@ class Disabled(object):
def test_setup_samdb_partitions(self):
raise NotImplementedError(self.test_setup_samdb_partitions)
- def test_create_phpldapadmin_config(self):
- raise NotImplementedError(self.test_create_phpldapadmin_config)
-
def test_provision_dns(self):
raise NotImplementedError(self.test_provision_dns)
@@ -185,13 +182,6 @@ class ProvisionResultTests(TestCase):
('INFO', 'DNS Domain: dnsdomein'),
('INFO', 'DOMAIN SID: S1-1-1')])
- def test_report_logger_phpldapadmin(self):
- result = self.base_result()
- result.paths.phpldapadminconfig = "/some/ldapconfig"
- entries = self.report_logger(result)
- self.assertEquals(entries[-1],
- ("INFO", "A phpLDAPadmin configuration file suitable for administering the Samba 4 LDAP server has been created in /some/ldapconfig."))
-
def test_report_logger_adminpass(self):
result = self.base_result()
result.adminpass_generated = True
diff --git a/source4/setup/phpldapadmin-config.php b/source4/setup/phpldapadmin-config.php
deleted file mode 100644
index 8a2f215..0000000
--- a/source4/setup/phpldapadmin-config.php
+++ /dev/null
@@ -1,20 +0,0 @@
-<?php
-/**
- * The phpLDAPadmin config file, customised for use with Samba4
- *
- * Use config.php.example to create config.php, if you don't have one.
- *
- * Append this file to config.php.
- */
-
-/* Create a new LDAP server for SAMBA4 */
-$servers->newServer('ldap_pla');
-
-/* A convenient name that will appear in the tree viewer and throughout
- phpLDAPadmin to identify this LDAP server to users. */
-$servers->setValue('server','name','Samba4 LDAP Server');
-$servers->setValue('server','host','${S4_LDAPI_URI}');
-$servers->setValue('login','auth_type','session');
-$servers->setValue('login','attr','dn');
-
-?>
--
Samba Shared Repository
More information about the samba-cvs
mailing list