[SCM] Samba Shared Repository - branch master updated
Andrew Bartlett
abartlet at samba.org
Fri Mar 31 08:26:01 UTC 2023
The branch, master has been updated
via 619caa1ba40 docs: update manpage for samba-tool
via d5a0d7aa8be netcmd: tests for claims client tool
via cf0a3a8c60b netcmd: add claim sub-commands to samba-tool domain
via 5a4f4b39486 sd_utils: fix typo in get_sd_as_sddl docstring
via 01c6bc55c7e netcmd: simplify boolean check
via 44f881fd349 netcmd: domain: move trust command to domain/trust.py
via 2a71bade849 netcmd: domain: move tombstones command to domain/tombstones.py
via 75e7935b503 netcmd: domain: move schemaupgrade command to domain/schemaupgrade.py
via dff87f051f1 netcmd: domain: move samba3upgrade command to domain/samba3upgrade.py
via 5986937d12c netcmd: domain: move provision command to domain/provision.py
via 49bc6a478b6 netcmd: domain: move paswordsettings command to domain/passwordsettings.py
via 8d4f6761b26 netcmd: domain: move level command to domain/level.py
via e7ad2364a5e netcmd: domain: move leave command to domain/leave.py
via 12d5ea7f588 netcmd: domain: move keytab command to domain/keytab.py
via 8001e07746d netcmd: domain: move join command to domain/join.py
via fefa5e74d19 netcmd: domain: move info command to domain/info.py
via 908f7ff5537 netcmd: domain: move functional_prep command to domain/functional_prep.py
via c22b8dc1c58 netcmd: domain: move demote command to domain/demote.py
via 72f6f7a79cf netcmd: domain: move dcpromo command to domain/dcpromo.py
via d26054d7da7 netcmd: domain: move classicupgrade command to domain/classicupgrade.py
via 6cecd7d08b1 netcmd: domain: move domain_backup.py to domain/backup.py
via 4d6a2b01674 netcmd: domain: fix unused imports
via 2534aba94d2 netcmd: domain: turn domain.py into a module
from 360b7394644 s3: smbd: Fix dumb typos that meant smb1.SMB1-DFS-* tests were running against an SMB2-only fileserver.
https://git.samba.org/?p=samba.git;a=shortlog;h=master
- Log -----------------------------------------------------------------
commit 619caa1ba40f28be77b4f068fc18fada9d4b3597
Author: Rob van der Linde <rob at catalyst.net.nz>
Date: Thu Mar 23 16:13:55 2023 +1300
docs: update manpage for samba-tool
Signed-off-by: Rob van der Linde <rob at catalyst.net.nz>
Reviewed-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Autobuild-User(master): Andrew Bartlett <abartlet at samba.org>
Autobuild-Date(master): Fri Mar 31 08:25:11 UTC 2023 on atb-devel-224
commit d5a0d7aa8be2ed953658faba21c1c53990b83e6c
Author: Rob van der Linde <rob at catalyst.net.nz>
Date: Thu Mar 23 13:51:51 2023 +1300
netcmd: tests for claims client tool
Added delete protected test to known fail as Samba doesn't seem to enforce this yet.
Signed-off-by: Rob van der Linde <rob at catalyst.net.nz>
Reviewed-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
commit cf0a3a8c60b24a0d311b116a24727d9b7293cb48
Author: Rob van der Linde <rob at catalyst.net.nz>
Date: Mon Mar 20 13:48:56 2023 +1300
netcmd: add claim sub-commands to samba-tool domain
Claim Type:
* samba-tool domain claim claim-type list
* samba-tool domain claim claim-type create
* samba-tool domain claim claim-type delete
* samba-tool domain claim claim-type modify
* samba-tool domain claim claim-type view
Claim Value Type:
* samba-tool domain claim value-type list
* samba-tool domain claim value-type view
To add a claim type use the attribute name, it will look up the attribute in the attribute schema and use that data type and description.
Claim types can be protected from accidental deletion just like Windows, use --protect
To delete protected claim types use --force.
Signed-off-by: Rob van der Linde <rob at catalyst.net.nz>
Reviewed-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
commit 5a4f4b39486facd1323fd7d5c22ea90d5d32ad30
Author: Rob van der Linde <rob at catalyst.net.nz>
Date: Mon Mar 20 13:35:24 2023 +1300
sd_utils: fix typo in get_sd_as_sddl docstring
Signed-off-by: Rob van der Linde <rob at catalyst.net.nz>
Reviewed-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
commit 01c6bc55c7ea285608a4056782afb415ed5a66ed
Author: Rob van der Linde <rob at catalyst.net.nz>
Date: Wed Mar 1 14:19:15 2023 +1300
netcmd: simplify boolean check
Should use "is" for checking booleans rather than "==" in Python, however these can also be simplified.
Signed-off-by: Rob van der Linde <rob at catalyst.net.nz>
Reviewed-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
commit 44f881fd3493be93a7d956119d572a946fafd95b
Author: Rob van der Linde <rob at catalyst.net.nz>
Date: Fri Mar 31 13:41:49 2023 +1300
netcmd: domain: move trust command to domain/trust.py
Signed-off-by: Rob van der Linde <rob at catalyst.net.nz>
Reviewed-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
commit 2a71bade8492a9a6c39ab98662eae7e18897349a
Author: Rob van der Linde <rob at catalyst.net.nz>
Date: Fri Mar 31 13:37:01 2023 +1300
netcmd: domain: move tombstones command to domain/tombstones.py
Signed-off-by: Rob van der Linde <rob at catalyst.net.nz>
Reviewed-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
commit 75e7935b503308458442cf0ef46899b04cea40c5
Author: Rob van der Linde <rob at catalyst.net.nz>
Date: Fri Mar 31 13:34:20 2023 +1300
netcmd: domain: move schemaupgrade command to domain/schemaupgrade.py
Signed-off-by: Rob van der Linde <rob at catalyst.net.nz>
Reviewed-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
commit dff87f051f180a48fad9d12039622c6df9396f2c
Author: Rob van der Linde <rob at catalyst.net.nz>
Date: Fri Mar 31 13:30:17 2023 +1300
netcmd: domain: move samba3upgrade command to domain/samba3upgrade.py
Signed-off-by: Rob van der Linde <rob at catalyst.net.nz>
Reviewed-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
commit 5986937d12c237121d4e62fa6dfa0f5dadec263d
Author: Rob van der Linde <rob at catalyst.net.nz>
Date: Fri Mar 31 13:28:17 2023 +1300
netcmd: domain: move provision command to domain/provision.py
Signed-off-by: Rob van der Linde <rob at catalyst.net.nz>
Reviewed-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
commit 49bc6a478b6de213425f048b28e5af0644a46aed
Author: Rob van der Linde <rob at catalyst.net.nz>
Date: Fri Mar 31 13:18:50 2023 +1300
netcmd: domain: move paswordsettings command to domain/passwordsettings.py
Signed-off-by: Rob van der Linde <rob at catalyst.net.nz>
Reviewed-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
commit 8d4f6761b26142be62b4da59ea6c3d8bbc4de62f
Author: Rob van der Linde <rob at catalyst.net.nz>
Date: Fri Mar 31 13:09:14 2023 +1300
netcmd: domain: move level command to domain/level.py
Signed-off-by: Rob van der Linde <rob at catalyst.net.nz>
Reviewed-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
commit e7ad2364a5ec5cc709467430f7014bc5c5bd5d2d
Author: Rob van der Linde <rob at catalyst.net.nz>
Date: Fri Mar 31 13:05:07 2023 +1300
netcmd: domain: move leave command to domain/leave.py
Signed-off-by: Rob van der Linde <rob at catalyst.net.nz>
Reviewed-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
commit 12d5ea7f58892ee0ff93ebee7d02c592f1540746
Author: Rob van der Linde <rob at catalyst.net.nz>
Date: Fri Mar 31 13:02:57 2023 +1300
netcmd: domain: move keytab command to domain/keytab.py
Signed-off-by: Rob van der Linde <rob at catalyst.net.nz>
Reviewed-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
commit 8001e07746dd1466c98564bfd3b1c9d723e5b948
Author: Rob van der Linde <rob at catalyst.net.nz>
Date: Fri Mar 31 13:00:26 2023 +1300
netcmd: domain: move join command to domain/join.py
Signed-off-by: Rob van der Linde <rob at catalyst.net.nz>
Reviewed-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
commit fefa5e74d1917847489a74630be645a7f85ae3ed
Author: Rob van der Linde <rob at catalyst.net.nz>
Date: Fri Mar 31 12:57:45 2023 +1300
netcmd: domain: move info command to domain/info.py
Signed-off-by: Rob van der Linde <rob at catalyst.net.nz>
Reviewed-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
commit 908f7ff55374407d6d8faec501666e9b135f9dcc
Author: Rob van der Linde <rob at catalyst.net.nz>
Date: Fri Mar 31 12:54:49 2023 +1300
netcmd: domain: move functional_prep command to domain/functional_prep.py
Signed-off-by: Rob van der Linde <rob at catalyst.net.nz>
Reviewed-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
commit c22b8dc1c5876e78a6ff162e52a79923f5a5c372
Author: Rob van der Linde <rob at catalyst.net.nz>
Date: Fri Mar 31 12:42:24 2023 +1300
netcmd: domain: move demote command to domain/demote.py
Signed-off-by: Rob van der Linde <rob at catalyst.net.nz>
Reviewed-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
commit 72f6f7a79cf47a6e45a2347d0cb01255bad3a209
Author: Rob van der Linde <rob at catalyst.net.nz>
Date: Fri Mar 31 12:24:33 2023 +1300
netcmd: domain: move dcpromo command to domain/dcpromo.py
Signed-off-by: Rob van der Linde <rob at catalyst.net.nz>
Reviewed-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
commit d26054d7da7a04587350ff4dbf9c53bd8d462b79
Author: Rob van der Linde <rob at catalyst.net.nz>
Date: Fri Mar 31 12:12:55 2023 +1300
netcmd: domain: move classicupgrade command to domain/classicupgrade.py
Signed-off-by: Rob van der Linde <rob at catalyst.net.nz>
Reviewed-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
commit 6cecd7d08b1362e95c0bbb17b5a3a1b4209a9bb5
Author: Rob van der Linde <rob at catalyst.net.nz>
Date: Fri Mar 31 11:54:58 2023 +1300
netcmd: domain: move domain_backup.py to domain/backup.py
Signed-off-by: Rob van der Linde <rob at catalyst.net.nz>
Reviewed-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
commit 4d6a2b016740806b219bf0460bbca1befdf1e44c
Author: Rob van der Linde <rob at catalyst.net.nz>
Date: Fri Mar 31 12:32:07 2023 +1300
netcmd: domain: fix unused imports
Fix existing unused imports first, before splitting the file.
Signed-off-by: Rob van der Linde <rob at catalyst.net.nz>
Reviewed-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
commit 2534aba94d2dc854fcf695924262fc3512b54b7a
Author: Rob van der Linde <rob at catalyst.net.nz>
Date: Fri Mar 31 11:50:13 2023 +1300
netcmd: domain: turn domain.py into a module
The domain.py file has become quite large at over 5000 lines, splitting it now before adding more sub commands.
Signed-off-by: Rob van der Linde <rob at catalyst.net.nz>
Reviewed-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
-----------------------------------------------------------------------
Summary of changes:
docs-xml/manpages/samba-tool.8.xml | 267 +++
python/samba/netcmd/domain/__init__.py | 71 +
.../netcmd/{domain_backup.py => domain/backup.py} | 2 +-
.../domain/claim/__init__.py} | 31 +-
python/samba/netcmd/domain/claim/base.py | 181 ++
python/samba/netcmd/domain/claim/claim_type.py | 439 ++++
python/samba/netcmd/domain/claim/value_type.py | 115 +
python/samba/netcmd/domain/classicupgrade.py | 189 ++
python/samba/netcmd/domain/common.py | 125 ++
python/samba/netcmd/domain/dcpromo.py | 91 +
python/samba/netcmd/domain/demote.py | 339 +++
python/samba/netcmd/domain/functional_prep.py | 140 ++
python/samba/netcmd/domain/info.py | 58 +
python/samba/netcmd/domain/join.py | 146 ++
python/samba/netcmd/domain/keytab.py | 55 +
python/samba/netcmd/domain/leave.py | 59 +
python/samba/netcmd/domain/level.py | 206 ++
python/samba/netcmd/domain/passwordsettings.py | 316 +++
python/samba/netcmd/domain/provision.py | 408 ++++
.../policy.py => netcmd/domain/samba3upgrade.py} | 30 +-
python/samba/netcmd/domain/schemaupgrade.py | 350 +++
python/samba/netcmd/domain/tombstones.py | 116 +
python/samba/netcmd/{domain.py => domain/trust.py} | 2224 +-------------------
python/samba/sd_utils.py | 2 +-
python/samba/tests/samba_tool/claim.py | 570 +++++
selftest/knownfail.d/claims-client-tool | 1 +
source4/selftest/tests.py | 1 +
27 files changed, 4285 insertions(+), 2247 deletions(-)
create mode 100644 python/samba/netcmd/domain/__init__.py
rename python/samba/netcmd/{domain_backup.py => domain/backup.py} (99%)
copy python/samba/{auth_util.py => netcmd/domain/claim/__init__.py} (58%)
create mode 100644 python/samba/netcmd/domain/claim/base.py
create mode 100644 python/samba/netcmd/domain/claim/claim_type.py
create mode 100644 python/samba/netcmd/domain/claim/value_type.py
create mode 100644 python/samba/netcmd/domain/classicupgrade.py
create mode 100644 python/samba/netcmd/domain/common.py
create mode 100644 python/samba/netcmd/domain/dcpromo.py
create mode 100644 python/samba/netcmd/domain/demote.py
create mode 100644 python/samba/netcmd/domain/functional_prep.py
create mode 100644 python/samba/netcmd/domain/info.py
create mode 100644 python/samba/netcmd/domain/join.py
create mode 100644 python/samba/netcmd/domain/keytab.py
create mode 100644 python/samba/netcmd/domain/leave.py
create mode 100644 python/samba/netcmd/domain/level.py
create mode 100644 python/samba/netcmd/domain/passwordsettings.py
create mode 100644 python/samba/netcmd/domain/provision.py
copy python/samba/{tests/policy.py => netcmd/domain/samba3upgrade.py} (52%)
create mode 100644 python/samba/netcmd/domain/schemaupgrade.py
create mode 100644 python/samba/netcmd/domain/tombstones.py
rename python/samba/netcmd/{domain.py => domain/trust.py} (53%)
create mode 100644 python/samba/tests/samba_tool/claim.py
create mode 100644 selftest/knownfail.d/claims-client-tool
Changeset truncated at 500 lines:
diff --git a/docs-xml/manpages/samba-tool.8.xml b/docs-xml/manpages/samba-tool.8.xml
index 6dd25a11c59..0834f606659 100644
--- a/docs-xml/manpages/samba-tool.8.xml
+++ b/docs-xml/manpages/samba-tool.8.xml
@@ -599,6 +599,273 @@
<para>Restore the domain's DB from a backup-file.</para>
</refsect3>
+<refsect3>
+ <title>domain claim claim-type list</title>
+ <para>List claim types on the domain.</para>
+ <variablelist>
+ <varlistentry>
+ <term>-H, --URL</term>
+ <listitem><para>
+ LDB URL for database or target server.
+ </para></listitem>
+ </varlistentry>
+ <varlistentry>
+ <term>--json</term>
+ <listitem><para>
+ View claim types as JSON instead of a list.
+ </para></listitem>
+ </varlistentry>
+ </variablelist>
+</refsect3>
+
+<refsect3>
+ <title>domain claim claim-type view</title>
+ <para>View a single claim type on the domain.</para>
+ <variablelist>
+ <varlistentry>
+ <term>-H, --URL</term>
+ <listitem><para>
+ LDB URL for database or target server.
+ </para></listitem>
+ </varlistentry>
+ <varlistentry>
+ <term>--name</term>
+ <listitem><para>
+ Display name of claim type to view (required).
+ </para></listitem>
+ </varlistentry>
+ </variablelist>
+</refsect3>
+
+<refsect3>
+ <title>domain claim claim-type create</title>
+ <para>Create claim types on the domain.</para>
+ <variablelist>
+ <varlistentry>
+ <term>-H, --URL</term>
+ <listitem><para>
+ LDB URL for database or target server.
+ </para></listitem>
+ </varlistentry>
+ <varlistentry>
+ <term>--attribute</term>
+ <listitem><para>
+ Attribute of claim type to create (required).
+ </para></listitem>
+ </varlistentry>
+ <varlistentry>
+ <term>--class</term>
+ <listitem>
+ <para>
+ Object classes to set claim type to.
+ </para>
+ <para>
+ Example: --class=user --class=computer
+ </para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term>--name</term>
+ <listitem><para>
+ Optional display name or use attribute name.
+ </para></listitem>
+ </varlistentry>
+ <varlistentry>
+ <term>--description</term>
+ <listitem><para>
+ Optional description or use from attribute.
+ </para></listitem>
+ </varlistentry>
+ <varlistentry>
+ <term>--enable</term>
+ <listitem>
+ <para>
+ Enable claim type.
+ </para>
+ <para>
+ Cannot be used together with --disable.
+ </para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term>--disable</term>
+ <listitem>
+ <para>
+ Disable claim type.
+ </para>
+ <para>
+ Cannot be used together with --enable.
+ </para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term>--protect</term>
+ <listitem>
+ <para>
+ Protect claim type from accidental deletion.
+ </para>
+ <para>
+ Cannot be used together with --unprotect.
+ </para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term>--unprotect</term>
+ <listitem>
+ <para>
+ Unprotect claim type from accidental deletion.
+ </para>
+ <para>
+ Cannot be used together with --protect.
+ </para>
+ </listitem>
+ </varlistentry>
+ </variablelist>
+</refsect3>
+
+<refsect3>
+ <title>domain claim claim-type modify</title>
+ <para>Modify claim types on the domain.</para>
+ <variablelist>
+ <varlistentry>
+ <term>-H, --URL</term>
+ <listitem><para>
+ LDB URL for database or target server.
+ </para></listitem>
+ </varlistentry>
+ <varlistentry>
+ <term>--name</term>
+ <listitem><para>
+ Display name of claim type to modify (required).
+ </para></listitem>
+ </varlistentry>
+ <varlistentry>
+ <term>--class</term>
+ <listitem>
+ <para>
+ Object classes to set claim type to.
+ </para>
+ <para>
+ Example: --class=user --class=computer
+ </para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term>--description</term>
+ <listitem><para>
+ Set the claim type description.
+ </para></listitem>
+ </varlistentry>
+ <varlistentry>
+ <term>--enable</term>
+ <listitem>
+ <para>
+ Enable claim type.
+ </para>
+ <para>
+ Cannot be used together with --disable.
+ </para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term>--disable</term>
+ <listitem>
+ <para>
+ Disable claim type.
+ </para>
+ <para>
+ Cannot be used together with --enable.
+ </para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term>--protect</term>
+ <listitem>
+ <para>
+ Protect claim type from accidental deletion.
+ </para>
+ <para>
+ Cannot be used together with --unprotect.
+ </para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term>--unprotect</term>
+ <listitem>
+ <para>
+ Unprotect claim type from accidental deletion.
+ </para>
+ <para>
+ Cannot be used together with --protect.
+ </para>
+ </listitem>
+ </varlistentry>
+ </variablelist>
+</refsect3>
+
+<refsect3>
+ <title>domain claim claim-type delete</title>
+ <para>Delete claim types on the domain.</para>
+ <variablelist>
+ <varlistentry>
+ <term>-H, --URL</term>
+ <listitem><para>
+ LDB URL for database or target server.
+ </para></listitem>
+ </varlistentry>
+ <varlistentry>
+ <term>--name</term>
+ <listitem><para>
+ Display name of claim type to delete (required).
+ </para></listitem>
+ </varlistentry>
+ <varlistentry>
+ <term>--force</term>
+ <listitem><para>
+ Force claim type delete even if it is protected.
+ </para></listitem>
+ </varlistentry>
+ </variablelist>
+</refsect3>
+
+<refsect3>
+ <title>domain claim value-type list</title>
+ <para>List claim value types on the domain.</para>
+ <variablelist>
+ <varlistentry>
+ <term>-H, --URL</term>
+ <listitem><para>
+ LDB URL for database or target server.
+ </para></listitem>
+ </varlistentry>
+ <varlistentry>
+ <term>--json</term>
+ <listitem><para>
+ View claim value types as JSON instead of a list.
+ </para></listitem>
+ </varlistentry>
+ </variablelist>
+</refsect3>
+
+<refsect3>
+ <title>domain claim value-type view</title>
+ <para>View a single claim value type on the domain.</para>
+ <variablelist>
+ <varlistentry>
+ <term>-H, --URL</term>
+ <listitem><para>
+ LDB URL for database or target server.
+ </para></listitem>
+ </varlistentry>
+ <varlistentry>
+ <term>--name</term>
+ <listitem><para>
+ Display name of claim value type to view (required).
+ </para></listitem>
+ </varlistentry>
+ </variablelist>
+</refsect3>
+
<refsect3>
<title>domain classicupgrade [options] <replaceable>classic_smb_conf</replaceable></title>
<para>Upgrade from Samba classic (NT4-like) database to Samba AD DC
diff --git a/python/samba/netcmd/domain/__init__.py b/python/samba/netcmd/domain/__init__.py
new file mode 100644
index 00000000000..552784e180d
--- /dev/null
+++ b/python/samba/netcmd/domain/__init__.py
@@ -0,0 +1,71 @@
+# domain management
+#
+# Copyright Matthias Dieter Wallnoefer 2009
+# Copyright Andrew Kroeger 2009
+# Copyright Jelmer Vernooij 2007-2012
+# Copyright Giampaolo Lauria 2011
+# Copyright Matthieu Patou <mat at matws.net> 2011
+# Copyright Andrew Bartlett 2008-2015
+# Copyright Stefan Metzmacher 2012
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation; either version 3 of the License, or
+# (at your option) any later version.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program. If not, see <http://www.gnu.org/licenses/>.
+#
+
+from samba import is_ad_dc_built
+from samba.netcmd import SuperCommand
+
+from .backup import cmd_domain_backup
+from .claim import cmd_domain_claim
+from .classicupgrade import cmd_domain_classicupgrade
+from .common import (common_join_options, common_ntvfs_options,
+ common_provision_join_options, string_to_level)
+from .dcpromo import cmd_domain_dcpromo
+from .demote import cmd_domain_demote
+from .functional_prep import cmd_domain_functional_prep
+from .info import cmd_domain_info
+from .join import cmd_domain_join
+from .keytab import cmd_domain_export_keytab
+from .leave import cmd_domain_leave
+from .level import cmd_domain_level
+from .passwordsettings import cmd_domain_passwordsettings
+from .provision import cmd_domain_provision
+from .samba3upgrade import cmd_domain_samba3upgrade
+from .schemaupgrade import cmd_domain_schema_upgrade
+from .tombstones import cmd_domain_tombstones
+from .trust import cmd_domain_trust
+
+
+class cmd_domain(SuperCommand):
+ """Domain management."""
+
+ subcommands = {}
+ if cmd_domain_export_keytab is not None:
+ subcommands["exportkeytab"] = cmd_domain_export_keytab()
+ subcommands["info"] = cmd_domain_info()
+ subcommands["join"] = cmd_domain_join()
+ subcommands["leave"] = cmd_domain_leave()
+ subcommands["claim"] = cmd_domain_claim()
+ if is_ad_dc_built():
+ subcommands["demote"] = cmd_domain_demote()
+ subcommands["provision"] = cmd_domain_provision()
+ subcommands["dcpromo"] = cmd_domain_dcpromo()
+ subcommands["level"] = cmd_domain_level()
+ subcommands["passwordsettings"] = cmd_domain_passwordsettings()
+ subcommands["classicupgrade"] = cmd_domain_classicupgrade()
+ subcommands["samba3upgrade"] = cmd_domain_samba3upgrade()
+ subcommands["trust"] = cmd_domain_trust()
+ subcommands["tombstones"] = cmd_domain_tombstones()
+ subcommands["schemaupgrade"] = cmd_domain_schema_upgrade()
+ subcommands["functionalprep"] = cmd_domain_functional_prep()
+ subcommands["backup"] = cmd_domain_backup()
diff --git a/python/samba/netcmd/domain_backup.py b/python/samba/netcmd/domain/backup.py
similarity index 99%
rename from python/samba/netcmd/domain_backup.py
rename to python/samba/netcmd/domain/backup.py
index 9eaba7dea1d..fe667c85632 100644
--- a/python/samba/netcmd/domain_backup.py
+++ b/python/samba/netcmd/domain/backup.py
@@ -36,7 +36,7 @@ from samba.dcerpc.security import dom_sid
from samba.netcmd import Option, CommandError
from samba.dcerpc import misc, security, drsblobs
from samba import Ldb
-from . fsmo import cmd_fsmo_seize
+from samba.netcmd.fsmo import cmd_fsmo_seize
from samba.provision import make_smbconf, DEFAULTSITE
from samba.upgradehelpers import update_krbtgt_account_password
from samba.remove_dc import remove_dc
diff --git a/python/samba/auth_util.py b/python/samba/netcmd/domain/claim/__init__.py
similarity index 58%
copy from python/samba/auth_util.py
copy to python/samba/netcmd/domain/claim/__init__.py
index f616bb48c10..de7c4bb5d08 100644
--- a/python/samba/auth_util.py
+++ b/python/samba/netcmd/domain/claim/__init__.py
@@ -1,7 +1,10 @@
# Unix SMB/CIFS implementation.
-# auth util helpers
#
-# Copyright (C) Ralph Boehme <slow at samba.org> 2019
+# claim management
+#
+# Copyright (C) Catalyst.Net Ltd. 2023
+#
+# Written by Rob van der Linde <rob at catalyst.net.nz>
#
# This program is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
@@ -15,20 +18,18 @@
#
# You should have received a copy of the GNU General Public License
# along with this program. If not, see <http://www.gnu.org/licenses/>.
+#
+
+from samba.netcmd import SuperCommand
-from samba.auth import (
- system_session,
- session_info_fill_unix,
- copy_session_info,
-)
+from .claim_type import cmd_domain_claim_claim_type
+from .value_type import cmd_domain_claim_value_type
-def system_session_unix():
- """
- Return a copy of the system session_info with a valid UNIX token
- """
- session_info = system_session()
- session_info_unix = copy_session_info(session_info)
- session_info_fill_unix(session_info_unix, None)
+class cmd_domain_claim(SuperCommand):
+ """Manage claims on the domain."""
- return session_info_unix
+ subcommands = {
+ "claim-type": cmd_domain_claim_claim_type(),
+ "value-type": cmd_domain_claim_value_type(),
+ }
diff --git a/python/samba/netcmd/domain/claim/base.py b/python/samba/netcmd/domain/claim/base.py
new file mode 100644
index 00000000000..1db4174042a
--- /dev/null
+++ b/python/samba/netcmd/domain/claim/base.py
@@ -0,0 +1,181 @@
+# Unix SMB/CIFS implementation.
+#
+# claim management - base class and common code
+#
+# Copyright (C) Catalyst.Net Ltd. 2023
+#
+# Written by Rob van der Linde <rob at catalyst.net.nz>
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation; either version 3 of the License, or
+# (at your option) any later version.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program. If not, see <http://www.gnu.org/licenses/>.
+#
+
+from xml.etree import ElementTree
+
+from ldb import Dn, SCOPE_ONELEVEL
+from samba.netcmd import Command
+from samba.netcmd.domain.common import parse_guid, parse_text
+
+
+# Namespaces for PossibleValues xml parsing.
+NS_POSSIBLE_VALUES = {
+ "xsd": "http://www.w3.org/2001/XMLSchema",
+ "xsi": "http://www.w3.org/2001/XMLSchema-instance",
+ "": "http://schemas.microsoft.com/2010/08/ActiveDirectory/PossibleValues"
+}
+
+
+class ClaimCommand(Command):
+ """Base class for all claim commands."""
+
+ def __init__(self, *args, **kwargs):
+ super().__init__(*args, **kwargs)
+ self.ldb = None
+
+ def get_services_dn(self):
+ """Returns Services DN."""
+ services_dn = self.ldb.get_config_basedn()
+ services_dn.add_child("CN=Services")
+ return services_dn
+
+ def get_claim_types_dn(self):
+ """Returns the Claim Types DN."""
+ claim_types_dn = self.get_services_dn()
+ claim_types_dn.add_child("CN=Claim Types,CN=Claims Configuration")
+ return claim_types_dn
+
+ def get_value_types_dn(self):
+ """Returns the Value Types DN."""
+ value_types_dn = self.get_services_dn()
+ value_types_dn.add_child("CN=Value Types,CN=Claims Configuration")
+ return value_types_dn
+
+ def parse_possible_values(self, value):
+ """Parse PossibleValues XML and return as list of dicts."""
+ if value is not None:
+ root = ElementTree.fromstring(str(value))
+ string_list = root.find("StringList", NS_POSSIBLE_VALUES)
+
+ values = []
+ for item in string_list.findall("Item", NS_POSSIBLE_VALUES):
+ values.append({
--
Samba Shared Repository
More information about the samba-cvs
mailing list