summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorMatthias Dieter Wallnöfer <mwallnoefer@yahoo.de>2009-09-18 16:21:29 +0200
committerMatthias Dieter Wallnöfer <mwallnoefer@yahoo.de>2009-09-18 16:21:29 +0200
commit89f5df6fa7cca1aaec81e29b8777bab5b4068003 (patch)
treef959b921bed8f783b521dce75b3d3498155bb03f
parentfa4023d6f73920765aa5fdbcdd6fd934782258cf (diff)
downloadsamba-89f5df6fa7cca1aaec81e29b8777bab5b4068003.tar.gz
samba-89f5df6fa7cca1aaec81e29b8777bab5b4068003.tar.bz2
samba-89f5df6fa7cca1aaec81e29b8777bab5b4068003.zip
s4:provision - Bump down the domain and forest level to Windows 2000
- The DC level we keep on Windows Server 2008 R2 (we should call ourself always the newest server type) - The domain/forest level we set to the minimum (Windows 2000 native) to allow all AD DC types (from Windows 2000 on) in our domain - the NT4 "mixed" mode isn't supported by us (discussed on mailing list) -> "nTMixedDomain" is set always to 0 - I'll add a script which allows to bump the DC level (basically sets the "msDS-Behaviour-Version" attributes on the "Partitions/Configuration/DC" and on the "DC" object)
-rw-r--r--source4/scripting/python/samba/provision.py6
-rw-r--r--source4/setup/provision_configuration.ldif13
2 files changed, 10 insertions, 9 deletions
diff --git a/source4/scripting/python/samba/provision.py b/source4/scripting/python/samba/provision.py
index ca9850304e..065677fa68 100644
--- a/source4/scripting/python/samba/provision.py
+++ b/source4/scripting/python/samba/provision.py
@@ -44,7 +44,7 @@ from credentials import Credentials, DONT_USE_KERBEROS
from auth import system_session, admin_session
from samba import version, Ldb, substitute_var, valid_netbios_name
from samba import check_all_substituted
-from samba import DS_DOMAIN_FUNCTION_2008_R2, DS_DC_FUNCTION_2008_R2
+from samba import DS_DOMAIN_FUNCTION_2000, DS_DC_FUNCTION_2008_R2
from samba.samdb import SamDB
from samba.idmap import IDmapDB
from samba.dcerpc import security
@@ -835,8 +835,8 @@ def setup_samdb(path, setup_path, session_info, credentials, lp,
:note: This will wipe the main SAM database file!
"""
- domainFunctionality = DS_DOMAIN_FUNCTION_2008_R2
- forestFunctionality = DS_DOMAIN_FUNCTION_2008_R2
+ domainFunctionality = DS_DOMAIN_FUNCTION_2000
+ forestFunctionality = DS_DOMAIN_FUNCTION_2000
domainControllerFunctionality = DS_DC_FUNCTION_2008_R2
# Also wipes the database
diff --git a/source4/setup/provision_configuration.ldif b/source4/setup/provision_configuration.ldif
index a7409966db..098cb91b5d 100644
--- a/source4/setup/provision_configuration.ldif
+++ b/source4/setup/provision_configuration.ldif
@@ -828,24 +828,25 @@ showInAdvancedViewOnly: TRUE
dn: CN=Enterprise Configuration,CN=Partitions,${CONFIGDN}
objectClass: top
objectClass: crossRef
-systemFlags: 1
-nCName: ${CONFIGDN}
dnsRoot: ${DNSDOMAIN}
+nCName: ${CONFIGDN}
+systemFlags: 1
dn: CN=Enterprise Schema,CN=Partitions,${CONFIGDN}
objectClass: top
objectClass: crossRef
-systemFlags: 1
-nCName: ${SCHEMADN}
dnsRoot: ${DNSDOMAIN}
+nCName: ${SCHEMADN}
+systemFlags: 1
dn: CN=${DOMAIN},CN=Partitions,${CONFIGDN}
objectClass: top
objectClass: crossRef
-systemFlags: 3
+dnsRoot: ${DNSDOMAIN}
nCName: ${DOMAINDN}
nETBIOSName: ${DOMAIN}
-dnsRoot: ${DNSDOMAIN}
+nTMixedDomain: 0
+systemFlags: 3
dn: CN=Physical Locations,${CONFIGDN}
objectClass: top