Samba 3 to Samba 4 Migration. (myldap-pub.py patch)
Andrew Bartlett
abartlet at samba.org
Thu Nov 18 02:59:39 MST 2010
On Wed, 2010-11-03 at 15:55 +0000, Lukasz Zalewski wrote:
> Hi Metze,
> Thx :)
> On 11/03/2010 03:04 PM, Stefan (metze) Metzmacher wrote:
> > Hi Lukasz,
> >
> > here's my current version of the script (based on your -08 version).
> >
> > - I added the --create_user_principal_name option (disabled by default)
> > not everybody wants to have that.
> Shall we also add an option flag to the samba-tool newuser cmd as it
> automatically creates userPrinicpalName - (OTOH this is how Active
> Directory Users and Computers creates accounts.)
> >
> > - I fixed the 'member' handling for the primary group of a user.
> >
> > - I removed some lines like:
> > self.insert_organizationalUnit(self.groups.importdn)
> > where importdn is only the partial dn.
> >
> > - I removed IMPORT_TYPE_TRUSTS from IMPORT_TYPE_ALL for now
> >
> > metze
>
> Given the recent name changing, maybe this is a good opportunity to
> change myldap-pub.py to something else (i think we already agreed the
> current name must go)
>
> I have noticed that some of the attributes have to explicitly rejected
> by the user - this seems sensible, but some parameters do have their
> counterparts in samba4, for example shadowMin, shadowMax, shadowExpire,
> shadowFlag, shadowWarning, shadowInactive - shall they be white listed
> (such that they do not trigger keep != remove assertion) or do you want
> them to be explicitly rejected?
>
> Also, python 2.4 does not handle getpass password prompt well when
> redirecting to stdout (2.6 is fine). Do you know of any
> workarounds/solutions for this?
>
> attached is same script with small typo corrected (was
> --create_user_prinical_name instead of --create_user_principal_name)
I would like to propose that we include this in the tree, in
scripting/devel until we can modify it to be a subcommand of samba-tool.
This script should not sit outside version control for this long, as
folks are starting to use it.
To do that, we do need to clean it up a little. For example, import the
constants like ACB_ etc from samba.dcerpc.samr, and the others from
samba.dsdb.
I would also like the dump() function removed (particularly given it is
copied in, and just used in commented out code).
Andrew Bartlett
--
Andrew Bartlett http://samba.org/~abartlet/
Authentication Developer, Samba Team http://samba.org
Samba Developer, Cisco Inc.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 190 bytes
Desc: This is a digitally signed message part
URL: <http://lists.samba.org/pipermail/samba-technical/attachments/20101118/33b5d1e8/attachment.pgp>
More information about the samba-technical
mailing list