diff options
| author | Nadezhda Ivanova <nadezhda.ivanova@postpath.com> | 2009-09-21 14:26:15 -0700 |
|---|---|---|
| committer | Nadezhda Ivanova <nadezhda.ivanova@postpath.com> | 2009-09-21 14:26:15 -0700 |
| commit | 13b979b03d86f3ae43dc5fd539fa5d3f22f579a0 (patch) | |
| tree | 40e15be25f6b975e7c5b91f00fdf6030726e25e7 /source4/setup | |
| parent | 025590e7a4758e86e7942642971b92fc6bab7a8e (diff) | |
| parent | 1afc7c453c1d5f7e761e46cdc69900305a149820 (diff) | |
| download | samba-13b979b03d86f3ae43dc5fd539fa5d3f22f579a0.tar.gz samba-13b979b03d86f3ae43dc5fd539fa5d3f22f579a0.tar.bz2 samba-13b979b03d86f3ae43dc5fd539fa5d3f22f579a0.zip | |
Merge branch 'master' of git://git.samba.org/samba
Diffstat (limited to 'source4/setup')
| -rwxr-xr-x | source4/setup/domainlevel | 9 | ||||
| -rwxr-xr-x | source4/setup/enableaccount | 10 | ||||
| -rwxr-xr-x | source4/setup/newuser | 10 | ||||
| -rwxr-xr-x | source4/setup/pwsettings | 9 | ||||
| -rw-r--r-- | source4/setup/secrets_dc.ldif | 24 | ||||
| -rw-r--r-- | source4/setup/secrets_dns.ldif | 11 | ||||
| -rw-r--r-- | source4/setup/secrets_self_join.ldif | 13 | ||||
| -rwxr-xr-x | source4/setup/setexpiry | 12 | ||||
| -rwxr-xr-x | source4/setup/setpassword | 12 |
9 files changed, 73 insertions, 37 deletions
diff --git a/source4/setup/domainlevel b/source4/setup/domainlevel index b49150ff2d..ceab735c8f 100755 --- a/source4/setup/domainlevel +++ b/source4/setup/domainlevel @@ -39,6 +39,7 @@ parser.add_option_group(sambaopts) parser.add_option_group(options.VersionOptions(parser)) credopts = options.CredentialsOptions(parser) parser.add_option_group(credopts) +parser.add_option("-H", help="LDB URL for database or target server", type=str) parser.add_option("--quiet", help="Be quiet", action="store_true") parser.add_option("--forest", help="The forest function level (2000 | 2003 | 2008 | 2008_R2). We don't support the 2003 with mixed domains (NT4 DC support) level.", type=str) @@ -60,8 +61,12 @@ if len(args) == 0: lp = sambaopts.get_loadparm() creds = credopts.get_credentials(lp) -samdb = SamDB(url=lp.get("sam database"), session_info=system_session(), - credentials=creds, lp=lp) +if opts.H is not None: + url = opts.H +else: + url = lp.get("sam database") + +samdb = SamDB(url=url, session_info=system_session(), credentials=creds, lp=lp) domain_dn = SamDB.domain_dn(samdb) diff --git a/source4/setup/enableaccount b/source4/setup/enableaccount index 0ca5b39faa..f8f727c1ee 100755 --- a/source4/setup/enableaccount +++ b/source4/setup/enableaccount @@ -36,6 +36,7 @@ parser.add_option_group(sambaopts) parser.add_option_group(options.VersionOptions(parser)) credopts = options.CredentialsOptions(parser) parser.add_option_group(credopts) +parser.add_option("-H", help="LDB URL for database or target server", type=str) parser.add_option("--filter", help="LDAP Filter to set password on", type=str) opts, args = parser.parse_args() @@ -54,6 +55,11 @@ if filter is None: lp = sambaopts.get_loadparm() creds = credopts.get_credentials(lp) -samdb = SamDB(url=lp.get("sam database"), session_info=system_session(), - credentials=creds, lp=lp) +if opts.H is not None: + url = opts.H +else: + url = lp.get("sam database") + +samdb = SamDB(url=url, session_info=system_session(), credentials=creds, lp=lp) + samdb.enable_account(filter) diff --git a/source4/setup/newuser b/source4/setup/newuser index 10af55a458..ef65d36dfb 100755 --- a/source4/setup/newuser +++ b/source4/setup/newuser @@ -37,6 +37,7 @@ parser.add_option_group(sambaopts) parser.add_option_group(options.VersionOptions(parser)) credopts = options.CredentialsOptions(parser) parser.add_option_group(credopts) +parser.add_option("-H", help="LDB URL for database or target server", type=str) parser.add_option("--unixname", help="Unix Username", type=str) parser.add_option("--must-change-at-next-login", help="Force password to be changed on next login", action="store_true") @@ -58,6 +59,11 @@ if opts.unixname is None: lp = sambaopts.get_loadparm() creds = credopts.get_credentials(lp) -samdb = SamDB(url=lp.get("sam database"), session_info=system_session(), - credentials=creds, lp=lp) +if opts.H is not None: + url = opts.H +else: + url = lp.get("sam database") + +samdb = SamDB(url=url, session_info=system_session(), credentials=creds, lp=lp) + samdb.newuser(username, opts.unixname, password, force_password_change_at_next_login_req=opts.must_change_at_next_login) diff --git a/source4/setup/pwsettings b/source4/setup/pwsettings index 6a5e18ef59..0bb39d9757 100755 --- a/source4/setup/pwsettings +++ b/source4/setup/pwsettings @@ -39,6 +39,7 @@ parser.add_option_group(sambaopts) parser.add_option_group(options.VersionOptions(parser)) credopts = options.CredentialsOptions(parser) parser.add_option_group(credopts) +parser.add_option("-H", help="LDB URL for database or target server", type=str) parser.add_option("--quiet", help="Be quiet", action="store_true") parser.add_option("--complexity", help="The password complexity (on | off | default). Default is 'on'", type=str) @@ -67,8 +68,12 @@ if len(args) == 0: lp = sambaopts.get_loadparm() creds = credopts.get_credentials(lp) -samdb = SamDB(url=lp.get("sam database"), session_info=system_session(), - credentials=creds, lp=lp) +if opts.H is not None: + url = opts.H +else: + url = lp.get("sam database") + +samdb = SamDB(url=url, session_info=system_session(), credentials=creds, lp=lp) domain_dn = SamDB.domain_dn(samdb) res = samdb.search(domain_dn, scope=ldb.SCOPE_BASE, diff --git a/source4/setup/secrets_dc.ldif b/source4/setup/secrets_dc.ldif deleted file mode 100644 index b8251eece5..0000000000 --- a/source4/setup/secrets_dc.ldif +++ /dev/null @@ -1,24 +0,0 @@ -dn: flatname=${DOMAIN},CN=Primary Domains -objectClass: top -objectClass: primaryDomain -objectClass: kerberosSecret -flatname: ${DOMAIN} -realm: ${REALM} -secret:: ${MACHINEPASS_B64} -secureChannelType: 6 -sAMAccountName: ${NETBIOSNAME}$ -msDS-KeyVersionNumber: 1 -objectSid: ${DOMAINSID} -privateKeytab: ${SECRETS_KEYTAB} - -#Update a keytab for the external DNS server to use -dn: servicePrincipalName=DNS/${DNSDOMAIN},CN=Principals -objectClass: top -objectClass: secret -objectClass: kerberosSecret -realm: ${REALM} -servicePrincipalName: DNS/${DNSDOMAIN} -msDS-KeyVersionNumber: 1 -privateKeytab: ${DNS_KEYTAB} -secret:: ${DNSPASS_B64} - diff --git a/source4/setup/secrets_dns.ldif b/source4/setup/secrets_dns.ldif new file mode 100644 index 0000000000..8a19733d19 --- /dev/null +++ b/source4/setup/secrets_dns.ldif @@ -0,0 +1,11 @@ +#Update a keytab for the external DNS server to use +dn: servicePrincipalName=DNS/${DNSDOMAIN},CN=Principals +objectClass: top +objectClass: secret +objectClass: kerberosSecret +realm: ${REALM} +servicePrincipalName: DNS/${DNSDOMAIN} +msDS-KeyVersionNumber: 1 +privateKeytab: ${DNS_KEYTAB} +secret:: ${DNSPASS_B64} + diff --git a/source4/setup/secrets_self_join.ldif b/source4/setup/secrets_self_join.ldif new file mode 100644 index 0000000000..22be0cab0b --- /dev/null +++ b/source4/setup/secrets_self_join.ldif @@ -0,0 +1,13 @@ +dn: flatname=${DOMAIN},CN=Primary Domains +objectClass: top +objectClass: primaryDomain +objectClass: kerberosSecret +flatname: ${DOMAIN} +realm: ${REALM} +secret:: ${MACHINEPASS_B64} +secureChannelType: 6 +sAMAccountName: ${NETBIOSNAME}$ +msDS-KeyVersionNumber: ${KEY_VERSION_NUMBER} +objectSid: ${DOMAINSID} +privateKeytab: ${SECRETS_KEYTAB} +saltPrincipal: ${SALT_PRINCIPAL} diff --git a/source4/setup/setexpiry b/source4/setup/setexpiry index 1572555b8c..2740326f2b 100755 --- a/source4/setup/setexpiry +++ b/source4/setup/setexpiry @@ -37,12 +37,15 @@ parser.add_option_group(sambaopts) parser.add_option_group(options.VersionOptions(parser)) credopts = options.CredentialsOptions(parser) parser.add_option_group(credopts) +parser.add_option("-H", help="LDB URL for database or target server", type=str) parser.add_option("--filter", help="LDAP Filter to set password on", type=str) parser.add_option("--days", help="Days to expiry", type=int) parser.add_option("--noexpiry", help="Password does never expire", action="store_true") opts, args = parser.parse_args() +filter = opts.filter + if (len(args) == 0) and (filter is None): print "Either the username or '--filter' must be specified!" parser.print_usage() @@ -59,6 +62,11 @@ if filter is None: lp = sambaopts.get_loadparm() creds = credopts.get_credentials(lp) -samdb = SamDB(url=lp.get("sam database"), session_info=system_session(), - credentials=creds, lp=lp) +if opts.H is not None: + url = opts.H +else: + url = lp.get("sam database") + +samdb = SamDB(url=url, session_info=system_session(), credentials=creds, lp=lp) + samdb.setexpiry(filter, days*24*3600, no_expiry_req=opts.noexpiry) diff --git a/source4/setup/setpassword b/source4/setup/setpassword index d8a2a1144a..57772be7a7 100755 --- a/source4/setup/setpassword +++ b/source4/setup/setpassword @@ -38,6 +38,7 @@ parser.add_option_group(sambaopts) parser.add_option_group(options.VersionOptions(parser)) credopts = options.CredentialsOptions(parser) parser.add_option_group(credopts) +parser.add_option("-H", help="LDB URL for database or target server", type=str) parser.add_option("--filter", help="LDAP Filter to set password on", type=str) parser.add_option("--newpassword", help="Set password", type=str) parser.add_option("--must-change-at-next-login", help="Force password to be changed on next login", action="store_true") @@ -62,7 +63,12 @@ if filter is None: lp = sambaopts.get_loadparm() creds = credopts.get_credentials(lp) -samdb = SamDB(url=lp.get("sam database"), session_info=system_session(), - credentials=creds, lp=lp) -samdb.setpassword(filter, password, force_password_change_at_next_login=opts.must_change_at_next_login) +if opts.H is not None: + url = opts.H +else: + url = lp.get("sam database") + +samdb = SamDB(url=url, session_info=system_session(), credentials=creds, lp=lp) + +samdb.setpassword(filter, password, force_password_change_at_next_login_req=opts.must_change_at_next_login) |