summaryrefslogtreecommitdiff
path: root/source4
diff options
context:
space:
mode:
authorStefan Metzmacher <metze@samba.org>2013-01-23 16:27:17 +0100
committerAndrew Bartlett <abartlet@samba.org>2013-01-27 20:14:21 +1100
commit1de5c2f78544385d2fe270d766fc1ca6726d71fb (patch)
tree7ce68789f1d92e17b43cdf3c11f891a64e5613e9 /source4
parent4775f9ab345072e63d671e83ae2c054fd2f80c3b (diff)
downloadsamba-1de5c2f78544385d2fe270d766fc1ca6726d71fb.tar.gz
samba-1de5c2f78544385d2fe270d766fc1ca6726d71fb.tar.bz2
samba-1de5c2f78544385d2fe270d766fc1ca6726d71fb.zip
provision: fix nTSecurityDescriptor of CN={LostAndFound,System},${DOMAINDN} (bug #9481)
Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Diffstat (limited to 'source4')
-rw-r--r--source4/scripting/python/samba/provision/__init__.py4
-rw-r--r--source4/setup/provision.ldif2
2 files changed, 6 insertions, 0 deletions
diff --git a/source4/scripting/python/samba/provision/__init__.py b/source4/scripting/python/samba/provision/__init__.py
index 4aff6f68a0..cd29e0c95c 100644
--- a/source4/scripting/python/samba/provision/__init__.py
+++ b/source4/scripting/python/samba/provision/__init__.py
@@ -1344,6 +1344,8 @@ def fill_samdb(samdb, lp, names, logger, domainsid, domainguid, policyguid,
"DOMAINDN": names.domaindn})
logger.info("Setting up sam.ldb data")
infrastructure_desc = b64encode(get_domain_infrastructure_descriptor(domainsid))
+ lostandfound_desc = b64encode(get_domain_delete_protected2_descriptor(domainsid))
+ system_desc = b64encode(get_domain_delete_protected1_descriptor(domainsid))
builtin_desc = b64encode(get_domain_builtin_descriptor(domainsid))
controllers_desc = b64encode(get_domain_controllers_descriptor(domainsid))
setup_add_ldif(samdb, setup_path("provision.ldif"), {
@@ -1356,6 +1358,8 @@ def fill_samdb(samdb, lp, names, logger, domainsid, domainguid, policyguid,
"RIDAVAILABLESTART": str(next_rid + 600),
"POLICYGUID_DC": policyguid_dc,
"INFRASTRUCTURE_DESCRIPTOR": infrastructure_desc,
+ "LOSTANDFOUND_DESCRIPTOR": lostandfound_desc,
+ "SYSTEM_DESCRIPTOR": system_desc,
"BUILTIN_DESCRIPTOR": builtin_desc,
"DOMAIN_CONTROLLERS_DESCRIPTOR": controllers_desc,
})
diff --git a/source4/setup/provision.ldif b/source4/setup/provision.ldif
index 51e56ff2a6..61d735cb2c 100644
--- a/source4/setup/provision.ldif
+++ b/source4/setup/provision.ldif
@@ -73,6 +73,7 @@ objectClass: lostAndFound
description: Default container for orphaned objects
systemFlags: -1946157056
isCriticalSystemObject: TRUE
+nTSecurityDescriptor:: ${LOSTANDFOUND_DESCRIPTOR}
dn: CN=NTDS Quotas,${DOMAINDN}
objectClass: top
@@ -98,6 +99,7 @@ objectClass: container
description: Builtin system settings
systemFlags: -1946157056
isCriticalSystemObject: TRUE
+nTSecurityDescriptor:: ${SYSTEM_DESCRIPTOR}
dn: CN=AdminSDHolder,CN=System,${DOMAINDN}
objectClass: top