diff options
author | Matthias Dieter Wallnöfer <mdw@samba.org> | 2010-11-01 11:30:19 +0100 |
---|---|---|
committer | Matthias Dieter Wallnöfer <mdw@samba.org> | 2010-11-01 12:25:24 +0100 |
commit | 7578e04fb8022ba13fa07fb88eb3d00474337ea1 (patch) | |
tree | 9c692f0420a3b98df69011b1747fbddf735c7f0b | |
parent | 2a25f7515a68938249beef47546465889ca1c734 (diff) | |
download | samba-7578e04fb8022ba13fa07fb88eb3d00474337ea1.tar.gz samba-7578e04fb8022ba13fa07fb88eb3d00474337ea1.tar.bz2 samba-7578e04fb8022ba13fa07fb88eb3d00474337ea1.zip |
s4:provision - adapt the "provision" so that SIDs are only set on entry creation
SID modifications are denied.
-rw-r--r-- | source4/scripting/python/samba/provision.py | 12 | ||||
-rw-r--r-- | source4/setup/provision_basedn.ldif | 1 | ||||
-rw-r--r-- | source4/setup/provision_basedn_modify.ldif | 3 |
3 files changed, 5 insertions, 11 deletions
diff --git a/source4/scripting/python/samba/provision.py b/source4/scripting/python/samba/provision.py index 441c2b540b..7c38197bec 100644 --- a/source4/scripting/python/samba/provision.py +++ b/source4/scripting/python/samba/provision.py @@ -1127,22 +1127,18 @@ def setup_samdb(path, setup_path, session_info, provision_backend, lp, names, descr = b64encode(get_domain_descriptor(domainsid)) setup_add_ldif(samdb, setup_path("provision_basedn.ldif"), { "DOMAINDN": names.domaindn, - "DOMAINGUID": domainguid_line, - "DESCRIPTOR": descr + "DOMAINSID": str(domainsid), + "DESCRIPTOR": descr, + "DOMAINGUID": domainguid_line }) - setup_modify_ldif(samdb, setup_path("provision_basedn_modify.ldif"), { + "DOMAINDN": names.domaindn, "CREATTIME": str(int(time.time() * 1e7)), # seconds -> ticks - "DOMAINSID": str(domainsid), "NEXTRID": str(next_rid), - "SCHEMADN": names.schemadn, - "NETBIOSNAME": names.netbiosname, "DEFAULTSITE": names.sitename, "CONFIGDN": names.configdn, - "SERVERDN": names.serverdn, "POLICYGUID": policyguid, - "DOMAINDN": names.domaindn, "DOMAIN_FUNCTIONALITY": str(domainFunctionality), "SAMBA_VERSION_STRING": version }) diff --git a/source4/setup/provision_basedn.ldif b/source4/setup/provision_basedn.ldif index b82f41452e..cb9173827c 100644 --- a/source4/setup/provision_basedn.ldif +++ b/source4/setup/provision_basedn.ldif @@ -5,5 +5,6 @@ dn: ${DOMAINDN} objectClass: top objectClass: domaindns instanceType: 5 +objectSid: ${DOMAINSID} nTSecurityDescriptor:: ${DESCRIPTOR} ${DOMAINGUID} diff --git a/source4/setup/provision_basedn_modify.ldif b/source4/setup/provision_basedn_modify.ldif index 53845f7355..d67d674319 100644 --- a/source4/setup/provision_basedn_modify.ldif +++ b/source4/setup/provision_basedn_modify.ldif @@ -72,9 +72,6 @@ nextRid: ${NEXTRID} replace: nTMixedDomain nTMixedDomain: 0 - -replace: objectSid -objectSid: ${DOMAINSID} -- # This does only exist in SAMBA replace: oEMInformation oEMInformation: Provisioned by SAMBA ${SAMBA_VERSION_STRING} |