s4-provision Remove options for LDAP backend to reduce user confusion

We do not support the LDAP backend any more, but keep the code in case someone
comes up with an interesting use case that could leverage this in a very
particular situation.  In order to keep the code, we must test it, so
we keep just this much of the support around.

Andrew Bartlett

Autobuild-User: Andrew Bartlett <abartlet@samba.org>
Autobuild-Date: Tue Nov  8 04:33:49 CET 2011 on sn-devel-104

5 files changed, 21 insertions, 48 deletions

diff --git a/source4/scripting/python/samba/provision/__init__.py b/source4/scripting/python/samba/provision/__init__.py
index a8a5a572a6..be0e903cd9 100644
--- a/source4/scripting/python/samba/provision/__init__.py
+++ b/source4/scripting/python/samba/provision/__init__.py
@@ -1641,10 +1641,10 @@ def provision(logger, session_info, credentials, smbconf=None,
         dns_backend=None, dnspass=None,
         invocationid=None, machinepass=None, ntdsguid=None,
         root=None, nobody=None, users=None, wheel=None, backup=None, aci=None,
-        serverrole=None, dom_for_fun_level=None, ldap_backend_extra_port=None,
-        ldap_backend_forced_uri=None, backend_type=None, sitename=None,
-        ol_mmr_urls=None, ol_olc=None, setup_ds_path=None, slapd_path=None,
-        nosync=False, ldap_dryrun_mode=False, useeadb=False, am_rodc=False,
+        serverrole=None, dom_for_fun_level=None, 
+        backend_type=None, sitename=None,
+        ol_mmr_urls=None, ol_olc=None, slapd_path=None,
+        useeadb=False, am_rodc=False,
         lp=None):
     """Provision samba4
 
@@ -1759,30 +1759,24 @@ def provision(logger, session_info, credentials, smbconf=None,
             lp=lp, credentials=credentials,
             names=names, logger=logger)
     elif backend_type == "existing":
+        # If support for this is ever added back, then the URI will need to be specified again
         provision_backend = ExistingBackend(backend_type, paths=paths,
             lp=lp, credentials=credentials,
             names=names, logger=logger,
-            ldap_backend_forced_uri=ldap_backend_forced_uri)
+            ldap_backend_forced_uri=None)
     elif backend_type == "fedora-ds":
         provision_backend = FDSBackend(backend_type, paths=paths,
             lp=lp, credentials=credentials,
             names=names, logger=logger, domainsid=domainsid,
             schema=schema, hostname=hostname, ldapadminpass=ldapadminpass,
             slapd_path=slapd_path,
-            ldap_backend_extra_port=ldap_backend_extra_port,
-            ldap_dryrun_mode=ldap_dryrun_mode, root=root,
-            setup_ds_path=setup_ds_path,
-            ldap_backend_forced_uri=ldap_backend_forced_uri)
+            root=root)
     elif backend_type == "openldap":
         provision_backend = OpenLDAPBackend(backend_type, paths=paths,
             lp=lp, credentials=credentials,
             names=names, logger=logger, domainsid=domainsid,
             schema=schema, hostname=hostname, ldapadminpass=ldapadminpass,
-            slapd_path=slapd_path,
-            ldap_backend_extra_port=ldap_backend_extra_port,
-            ldap_dryrun_mode=ldap_dryrun_mode, ol_mmr_urls=ol_mmr_urls,
-            nosync=nosync,
-            ldap_backend_forced_uri=ldap_backend_forced_uri)
+            slapd_path=slapd_path, ol_mmr_urls=ol_mmr_urls)
     else:
         raise ValueError("Unknown LDAP backend type selected")
 
diff --git a/source4/scripting/python/samba/provision/backend.py b/source4/scripting/python/samba/provision/backend.py
index f9dbba85f6..4ab827b545 100644
--- a/source4/scripting/python/samba/provision/backend.py
+++ b/source4/scripting/python/samba/provision/backend.py
@@ -133,7 +133,7 @@ class LDAPBackend(ProvisionBackend):
                  credentials=None, names=None, logger=None, domainsid=None,
                  schema=None, hostname=None, ldapadminpass=None,
                  slapd_path=None, ldap_backend_extra_port=None,
-                 ldap_backend_forced_uri=None, ldap_dryrun_mode=False):
+                 ldap_backend_forced_uri=None, ldap_dryrun_mode=True):
 
         super(LDAPBackend, self).__init__(backend_type=backend_type,
                 paths=paths, lp=lp,
@@ -286,7 +286,7 @@ class OpenLDAPBackend(LDAPBackend):
     def __init__(self, backend_type, paths=None, lp=None,
             credentials=None, names=None, logger=None, domainsid=None,
             schema=None, hostname=None, ldapadminpass=None, slapd_path=None,
-            ldap_backend_extra_port=None, ldap_dryrun_mode=False,
+            ldap_backend_extra_port=None, ldap_dryrun_mode=True,
             ol_mmr_urls=None, nosync=False, ldap_backend_forced_uri=None):
         from samba.provision import setup_path
         super(OpenLDAPBackend, self).__init__( backend_type=backend_type,
@@ -568,7 +568,7 @@ class FDSBackend(LDAPBackend):
     def __init__(self, backend_type, paths=None, lp=None,
             credentials=None, names=None, logger=None, domainsid=None,
             schema=None, hostname=None, ldapadminpass=None, slapd_path=None,
-            ldap_backend_extra_port=None, ldap_dryrun_mode=False, root=None,
+            ldap_backend_extra_port=None, ldap_dryrun_mode=True, root=None,
             setup_ds_path=None):
 
         from samba.provision import setup_path
diff --git a/source4/scripting/python/samba/upgradehelpers.py b/source4/scripting/python/samba/upgradehelpers.py
index 043f629ce5..3d1aa7a23a 100755
--- a/source4/scripting/python/samba/upgradehelpers.py
+++ b/source4/scripting/python/samba/upgradehelpers.py
@@ -266,11 +266,11 @@ def newprovision(names, creds, session, smbconf, provdir, logger):
             invocationid=names.invocation, adminpass=names.adminpass,
             krbtgtpass=None, machinepass=None, dnspass=None, root=None,
             nobody=None, wheel=None, users=None,
-            serverrole="domain controller", ldap_backend_extra_port=None,
+            serverrole="domain controller", 
             backend_type=None, ldapadminpass=None, ol_mmr_urls=None,
-            slapd_path=None, setup_ds_path=None, nosync=None,
+            slapd_path=None, 
             dom_for_fun_level=names.domainlevel, dns_backend=dns_backend,
-            ldap_dryrun_mode=None, useeadb=True)
+            useeadb=True)
 
 
 def dn_sort(x, y):
diff --git a/source4/setup/provision b/source4/setup/provision
index bae86ee658..1d847decef 100755
--- a/source4/setup/provision
+++ b/source4/setup/provision
@@ -102,14 +102,9 @@ parser.add_option("--users", type="string", metavar="GROUPNAME",
 parser.add_option("--quiet", help="Be quiet", action="store_true")
 parser.add_option("--blank", action="store_true",
         help="do not add users or groups, just the structure")
-parser.add_option("--ldap-backend-extra-port", type="int", metavar="LDAP-BACKEND-EXTRA-PORT",
-        help="Additional TCP port for LDAP backend server (to use for replication)")
-parser.add_option("--ldap-backend-forced-uri", type="string", metavar="LDAP-BACKEND-FORCED-URI",
-        help="Force the LDAP backend connection to be to a particular URI.  Use this ONLY for 'existing' backends, or when debugging the interaction with the LDAP backend and you need to intercept the LDAP traffic")
 parser.add_option("--ldap-backend-type", type="choice", metavar="LDAP-BACKEND-TYPE",
-        help="LDAP backend type (fedora-ds or openldap)",
+        help="Test initialisation support for unsupported LDAP backend type (fedora-ds or openldap) DO NOT USE",
         choices=["fedora-ds", "openldap"])
-parser.add_option("--ldap-backend-nosync", help="Configure LDAP backend not to call fsync() (for performance in test environments)", action="store_true")
 parser.add_option("--server-role", type="choice", metavar="ROLE",
           choices=["domain controller", "dc", "member server", "member", "standalone"],
         help="The server role (domain controller | dc | member server | member | standalone). Default is dc.")
@@ -126,10 +121,7 @@ parser.add_option("--ol-mmr-urls", type="string", metavar="LDAPSERVER",
                 help="List of LDAP-URLS [ ldap://<FQHN>:<PORT>/  (where <PORT> has to be different than 389!) ] separated with comma (\",\") for use with OpenLDAP-MMR (Multi-Master-Replication), e.g.: \"ldap://s4dc1:9000,ldap://s4dc2:9000\"")
 parser.add_option("--slapd-path", type="string", metavar="SLAPD-PATH",
         help="Path to slapd for LDAP backend [e.g.:'/usr/local/libexec/slapd']. Required for Setup with LDAP-Backend. OpenLDAP Version >= 2.4.17 should be used.")
-parser.add_option("--setup-ds-path", type="string", metavar="SETUP_DS-PATH",
-        help="Path to setup-ds.pl script for Fedora DS LDAP backend [e.g.:'/usr/sbin/setup-ds.pl']. Required for Setup with Fedora DS backend.")
 parser.add_option("--use-xattrs", type="choice", choices=["yes", "no", "auto"], help="Define if we should use the native fs capabilities or a tdb file for storing attributes likes ntacl, auto tries to make an inteligent guess based on the user rights and system capabilities", default="auto")
-parser.add_option("--ldap-dryrun-mode", help="Configure LDAP backend, but do not run any binaries and exit early.  Used only for the test environment.  DO NOT USE", action="store_true")
 
 opts = parser.parse_args()[0]
 
@@ -248,16 +240,6 @@ elif opts.use_xattrs == "auto" and not lp.get("posix:eadb"):
                 "If you intend to use this provision in production, rerun the script as root on a system supporting xattrs.")
     file.close()
 
-
-if opts.ldap_backend_type == "existing":
-    if opts.ldap_backend_forced_uri is not None:
-        logger.warn("You have specified to use an existing LDAP server as the backend, please make sure an LDAP server is running at %s" % opts.ldap_backend_forced_uri)
-    else:
-        logger.info("You have specified to use an existing LDAP server as the backend, please make sure an LDAP server is running at the default location")
-else:
-    if opts.ldap_backend_forced_uri is not None:
-        logger.warn("You have specified to use an fixed URI %s for connecting to your LDAP server backend.  This is NOT RECOMMENDED, as our default communiation over ldapi:// is more secure and much less prone to unexpected failure or interaction" % opts.ldap_backend_forced_uri)
-
 session = system_session()
 try:
     provision(logger,
@@ -273,12 +255,9 @@ try:
           dnspass=opts.dnspass, root=opts.root, nobody=opts.nobody,
           wheel=opts.wheel, users=opts.users,
           serverrole=server_role, dom_for_fun_level=dom_for_fun_level,
-          ldap_backend_extra_port=opts.ldap_backend_extra_port,
-          ldap_backend_forced_uri=opts.ldap_backend_forced_uri,
           backend_type=opts.ldap_backend_type,
           ldapadminpass=opts.ldapadminpass, ol_mmr_urls=opts.ol_mmr_urls,
-          slapd_path=opts.slapd_path, setup_ds_path=opts.setup_ds_path,
-          nosync=opts.ldap_backend_nosync, ldap_dryrun_mode=opts.ldap_dryrun_mode,
+          slapd_path=opts.slapd_path, 
           useeadb=eadb, next_rid=opts.next_rid, lp=lp)
 except ProvisioningError, e:
     print str(e)
diff --git a/source4/setup/tests/blackbox_provision-backend.sh b/source4/setup/tests/blackbox_provision-backend.sh
index 58fde63469..96ff753ace 100755
--- a/source4/setup/tests/blackbox_provision-backend.sh
+++ b/source4/setup/tests/blackbox_provision-backend.sh
@@ -12,13 +12,13 @@ shift 1
 
 . `dirname $0`/../../../testprogs/blackbox/subunit.sh
 
-testit "openldap-backend" $PYTHON $SRCDIR/source4/setup/provision --domain=FOO --realm=foo.example.com --ldap-backend-type=openldap --targetdir=$PREFIX/openldap-backend --ldap-dryrun-mode --slapd-path=/dev/null
-testit "openldap-mmr-backend" $PYTHON $SRCDIR/source4/setup/provision --domain=FOO --realm=foo.example.com --ldap-backend-type=openldap --targetdir=$PREFIX/openldap-mmr-backend --ol-mmr-urls="ldap://s4dc1.test:9000,ldap://s4dc2.test:9000" --ldap-dryrun-mode --slapd-path=/dev/null --username=samba-admin --password=linux --adminpass=linux --ldapadminpass=linux
-testit "fedora-ds-backend" $PYTHON $SRCDIR/source4/setup/provision --domain=FOO --realm=foo.example.com --ldap-backend-type=openldap --targetdir=$PREFIX/openldap-backend --ldap-dryrun-mode --slapd-path=/dev/null
+testit "openldap-backend" $PYTHON $SRCDIR/source4/setup/provision --domain=FOO --realm=foo.example.com --ldap-backend-type=openldap --targetdir=$PREFIX/openldap-backend --slapd-path=/dev/null
+testit "openldap-mmr-backend" $PYTHON $SRCDIR/source4/setup/provision --domain=FOO --realm=foo.example.com --ldap-backend-type=openldap --targetdir=$PREFIX/openldap-mmr-backend --ol-mmr-urls="ldap://s4dc1.test:9000,ldap://s4dc2.test:9000" --slapd-path=/dev/null --username=samba-admin --password=linux --adminpass=linux --ldapadminpass=linux
+testit "fedora-ds-backend" $PYTHON $SRCDIR/source4/setup/provision --domain=FOO --realm=foo.example.com --ldap-backend-type=openldap --targetdir=$PREFIX/openldap-backend --slapd-path=/dev/null
 
 reprovision() {
-        $PYTHON $SRCDIR/source4/setup/provision --domain=FOO --realm=foo.example.com --ldap-backend-type=openldap --targetdir=$PREFIX/openldap-backend-reprovision --ldap-dryrun-mode --slapd-path=/dev/null
-        $PYTHON $SRCDIR/source4/setup/provision --domain=FOO --realm=foo.example.com --ldap-backend-type=openldap --targetdir=$PREFIX/openldap-backend-reprovision --ldap-dryrun-mode --slapd-path=/dev/null
+        $PYTHON $SRCDIR/source4/setup/provision --domain=FOO --realm=foo.example.com --ldap-backend-type=openldap --targetdir=$PREFIX/openldap-backend-reprovision --slapd-path=/dev/null
+        $PYTHON $SRCDIR/source4/setup/provision --domain=FOO --realm=foo.example.com --ldap-backend-type=openldap --targetdir=$PREFIX/openldap-backend-reprovision --slapd-path=/dev/null
 }
 
 testit "reprovision-backend" reprovision