diff options
author | Andrew Bartlett <abartlet@samba.org> | 2012-09-04 10:27:50 +1000 |
---|---|---|
committer | Andrew Bartlett <abartlet@samba.org> | 2012-09-04 04:45:16 +0200 |
commit | 9983ad7a80477d8aaaa16488a93dffc6a32dd1ef (patch) | |
tree | 97464121bcb8ef06ad31f09074b800b929ba1465 /source4 | |
parent | 68f68d01529e159d965cefa1da497f3472a36972 (diff) | |
download | samba-9983ad7a80477d8aaaa16488a93dffc6a32dd1ef.tar.gz samba-9983ad7a80477d8aaaa16488a93dffc6a32dd1ef.tar.bz2 samba-9983ad7a80477d8aaaa16488a93dffc6a32dd1ef.zip |
s3-passdb: Rename pdb_samba4 to samba_dsdb and autoconfigure when we are a AD DC
The name samba_dsdb is not ideal, but it matches the primary ldb
module we use, and more importantly it avoids having '4' in the name.
We should slowly avoid using the term samba4 in long-term places like
the smb.conf because it is confusing to users given we are shipping
Samba 4.0 as an AD DC as well as all the other supported roles (domain
member/standalone server/classic DC)
Additionally, samba4 will be an odd name when we eventually release
Samba 5.0!
samba4 remains accepted as an alias to ensure existing smb.conf files
load, but to allow changes here in the future, we set the value during
the smb.conf load, and not during the provision when we are an AD DC.
This simplifies the default smb.conf for the vast majority of our
users and reduces the number of things listed in smb.conf files that
we later have to work around if we wish to change the
name/implementation of the passdb glue module again.
Andrew Bartlett
Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Tue Sep 4 04:45:16 CEST 2012 on sn-devel-104
Diffstat (limited to 'source4')
-rw-r--r-- | source4/scripting/python/samba/netcmd/ntacl.py | 4 | ||||
-rw-r--r-- | source4/scripting/python/samba/provision/__init__.py | 23 |
2 files changed, 14 insertions, 13 deletions
diff --git a/source4/scripting/python/samba/netcmd/ntacl.py b/source4/scripting/python/samba/netcmd/ntacl.py index 4a0c91c289..661af80f30 100644 --- a/source4/scripting/python/samba/netcmd/ntacl.py +++ b/source4/scripting/python/samba/netcmd/ntacl.py @@ -152,8 +152,8 @@ class cmd_ntacl_sysvolreset(Command): s3conf = s3param.get_context() s3conf.load(lp.configfile) - # ensure we are using the right samba4 passdb backend, no matter what - s3conf.set("passdb backend", "samba4:%s" % samdb.url) + # ensure we are using the right samba_dsdb passdb backend, no matter what + s3conf.set("passdb backend", "samba_dsdb:%s" % samdb.url) LA_sid = security.dom_sid(str(domain_sid) +"-"+str(security.DOMAIN_RID_ADMINISTRATOR)) diff --git a/source4/scripting/python/samba/provision/__init__.py b/source4/scripting/python/samba/provision/__init__.py index c7fda92f5e..e1f0571dfd 100644 --- a/source4/scripting/python/samba/provision/__init__.py +++ b/source4/scripting/python/samba/provision/__init__.py @@ -613,7 +613,6 @@ def make_smbconf(smbconf, hostname, domain, realm, targetdir, realm = realm.upper() global_settings = { - "passdb backend": "samba4", "netbios name": netbiosname, "workgroup": domain, "realm": realm, @@ -660,6 +659,8 @@ def make_smbconf(smbconf, hostname, domain, realm, targetdir, shares["sysvol"] = os.path.join(lp.get("state directory"), "sysvol") shares["netlogon"] = os.path.join(shares["sysvol"], realm.lower(), "scripts") + else: + global_settings["passdb backend"] = "samba_dsdb" f = open(smbconf, 'w') try: @@ -1415,11 +1416,11 @@ def setsysvolacl(samdb, netlogon, sysvol, uid, gid, domainsid, dnsdomain, domain # This will ensure that the smbd code we are running when setting ACLs is initialised with the smb.conf s3conf = s3param.get_context() s3conf.load(lp.configfile) - # ensure we are using the right samba4 passdb backend, no matter what - s3conf.set("passdb backend", "samba4:%s" % samdb.url) + # ensure we are using the right samba_dsdb passdb backend, no matter what + s3conf.set("passdb backend", "samba_dsdb:%s" % samdb.url) passdb.reload_static_pdb() - # ensure that we init the samba4 backend, so the domain sid is marked in secrets.tdb + # ensure that we init the samba_dsdb backend, so the domain sid is marked in secrets.tdb s4_passdb = passdb.PDB(s3conf.get("passdb backend")) # now ensure everything matches correctly, to avoid wierd issues @@ -1428,10 +1429,10 @@ def setsysvolacl(samdb, netlogon, sysvol, uid, gid, domainsid, dnsdomain, domain domain_info = s4_passdb.domain_info() if domain_info["dom_sid"] != domainsid: - raise ProvisioningError('SID as seen by pdb_samba4 [%s] does not match SID as seen by the provision script [%s]!' % (domain_info["dom_sid"], domainsid)) + raise ProvisioningError('SID as seen by pdb_samba_dsdb [%s] does not match SID as seen by the provision script [%s]!' % (domain_info["dom_sid"], domainsid)) if domain_info["dns_domain"].upper() != dnsdomain.upper(): - raise ProvisioningError('Realm as seen by pdb_samba4 [%s] does not match Realm as seen by the provision script [%s]!' % (domain_info["dns_domain"].upper(), dnsdomain.upper())) + raise ProvisioningError('Realm as seen by pdb_samba_dsdb [%s] does not match Realm as seen by the provision script [%s]!' % (domain_info["dns_domain"].upper(), dnsdomain.upper())) try: @@ -1536,9 +1537,9 @@ def checksysvolacl(samdb, netlogon, sysvol, domainsid, dnsdomain, domaindn, # This will ensure that the smbd code we are running when setting ACLs is initialised with the smb.conf s3conf = s3param.get_context() s3conf.load(lp.configfile) - # ensure we are using the right samba4 passdb backend, no matter what - s3conf.set("passdb backend", "samba4:%s" % samdb.url) - # ensure that we init the samba4 backend, so the domain sid is marked in secrets.tdb + # ensure we are using the right samba_dsdb passdb backend, no matter what + s3conf.set("passdb backend", "samba_dsdb:%s" % samdb.url) + # ensure that we init the samba_dsdb backend, so the domain sid is marked in secrets.tdb s4_passdb = passdb.PDB(s3conf.get("passdb backend")) # now ensure everything matches correctly, to avoid wierd issues @@ -1547,10 +1548,10 @@ def checksysvolacl(samdb, netlogon, sysvol, domainsid, dnsdomain, domaindn, domain_info = s4_passdb.domain_info() if domain_info["dom_sid"] != domainsid: - raise ProvisioningError('SID as seen by pdb_samba4 [%s] does not match SID as seen by the provision script [%s]!' % (domain_info["dom_sid"], domainsid)) + raise ProvisioningError('SID as seen by pdb_samba_dsdb [%s] does not match SID as seen by the provision script [%s]!' % (domain_info["dom_sid"], domainsid)) if domain_info["dns_domain"].upper() != dnsdomain.upper(): - raise ProvisioningError('Realm as seen by pdb_samba4 [%s] does not match Realm as seen by the provision script [%s]!' % (domain_info["dns_domain"].upper(), dnsdomain.upper())) + raise ProvisioningError('Realm as seen by pdb_samba_dsdb [%s] does not match Realm as seen by the provision script [%s]!' % (domain_info["dns_domain"].upper(), dnsdomain.upper())) # Set the SYSVOL_ACL on the sysvol folder and subfolder (first level) for direct_db_access in [True, False]: |