summaryrefslogtreecommitdiff
path: root/source4
diff options
context:
space:
mode:
authorAndrew Bartlett <abartlet@samba.org>2012-09-04 10:27:50 +1000
committerAndrew Bartlett <abartlet@samba.org>2012-09-04 04:45:16 +0200
commit9983ad7a80477d8aaaa16488a93dffc6a32dd1ef (patch)
tree97464121bcb8ef06ad31f09074b800b929ba1465 /source4
parent68f68d01529e159d965cefa1da497f3472a36972 (diff)
downloadsamba-9983ad7a80477d8aaaa16488a93dffc6a32dd1ef.tar.gz
samba-9983ad7a80477d8aaaa16488a93dffc6a32dd1ef.tar.bz2
samba-9983ad7a80477d8aaaa16488a93dffc6a32dd1ef.zip
s3-passdb: Rename pdb_samba4 to samba_dsdb and autoconfigure when we are a AD DC
The name samba_dsdb is not ideal, but it matches the primary ldb module we use, and more importantly it avoids having '4' in the name. We should slowly avoid using the term samba4 in long-term places like the smb.conf because it is confusing to users given we are shipping Samba 4.0 as an AD DC as well as all the other supported roles (domain member/standalone server/classic DC) Additionally, samba4 will be an odd name when we eventually release Samba 5.0! samba4 remains accepted as an alias to ensure existing smb.conf files load, but to allow changes here in the future, we set the value during the smb.conf load, and not during the provision when we are an AD DC. This simplifies the default smb.conf for the vast majority of our users and reduces the number of things listed in smb.conf files that we later have to work around if we wish to change the name/implementation of the passdb glue module again. Andrew Bartlett Autobuild-User(master): Andrew Bartlett <abartlet@samba.org> Autobuild-Date(master): Tue Sep 4 04:45:16 CEST 2012 on sn-devel-104
Diffstat (limited to 'source4')
-rw-r--r--source4/scripting/python/samba/netcmd/ntacl.py4
-rw-r--r--source4/scripting/python/samba/provision/__init__.py23
2 files changed, 14 insertions, 13 deletions
diff --git a/source4/scripting/python/samba/netcmd/ntacl.py b/source4/scripting/python/samba/netcmd/ntacl.py
index 4a0c91c289..661af80f30 100644
--- a/source4/scripting/python/samba/netcmd/ntacl.py
+++ b/source4/scripting/python/samba/netcmd/ntacl.py
@@ -152,8 +152,8 @@ class cmd_ntacl_sysvolreset(Command):
s3conf = s3param.get_context()
s3conf.load(lp.configfile)
- # ensure we are using the right samba4 passdb backend, no matter what
- s3conf.set("passdb backend", "samba4:%s" % samdb.url)
+ # ensure we are using the right samba_dsdb passdb backend, no matter what
+ s3conf.set("passdb backend", "samba_dsdb:%s" % samdb.url)
LA_sid = security.dom_sid(str(domain_sid)
+"-"+str(security.DOMAIN_RID_ADMINISTRATOR))
diff --git a/source4/scripting/python/samba/provision/__init__.py b/source4/scripting/python/samba/provision/__init__.py
index c7fda92f5e..e1f0571dfd 100644
--- a/source4/scripting/python/samba/provision/__init__.py
+++ b/source4/scripting/python/samba/provision/__init__.py
@@ -613,7 +613,6 @@ def make_smbconf(smbconf, hostname, domain, realm, targetdir,
realm = realm.upper()
global_settings = {
- "passdb backend": "samba4",
"netbios name": netbiosname,
"workgroup": domain,
"realm": realm,
@@ -660,6 +659,8 @@ def make_smbconf(smbconf, hostname, domain, realm, targetdir,
shares["sysvol"] = os.path.join(lp.get("state directory"), "sysvol")
shares["netlogon"] = os.path.join(shares["sysvol"], realm.lower(),
"scripts")
+ else:
+ global_settings["passdb backend"] = "samba_dsdb"
f = open(smbconf, 'w')
try:
@@ -1415,11 +1416,11 @@ def setsysvolacl(samdb, netlogon, sysvol, uid, gid, domainsid, dnsdomain, domain
# This will ensure that the smbd code we are running when setting ACLs is initialised with the smb.conf
s3conf = s3param.get_context()
s3conf.load(lp.configfile)
- # ensure we are using the right samba4 passdb backend, no matter what
- s3conf.set("passdb backend", "samba4:%s" % samdb.url)
+ # ensure we are using the right samba_dsdb passdb backend, no matter what
+ s3conf.set("passdb backend", "samba_dsdb:%s" % samdb.url)
passdb.reload_static_pdb()
- # ensure that we init the samba4 backend, so the domain sid is marked in secrets.tdb
+ # ensure that we init the samba_dsdb backend, so the domain sid is marked in secrets.tdb
s4_passdb = passdb.PDB(s3conf.get("passdb backend"))
# now ensure everything matches correctly, to avoid wierd issues
@@ -1428,10 +1429,10 @@ def setsysvolacl(samdb, netlogon, sysvol, uid, gid, domainsid, dnsdomain, domain
domain_info = s4_passdb.domain_info()
if domain_info["dom_sid"] != domainsid:
- raise ProvisioningError('SID as seen by pdb_samba4 [%s] does not match SID as seen by the provision script [%s]!' % (domain_info["dom_sid"], domainsid))
+ raise ProvisioningError('SID as seen by pdb_samba_dsdb [%s] does not match SID as seen by the provision script [%s]!' % (domain_info["dom_sid"], domainsid))
if domain_info["dns_domain"].upper() != dnsdomain.upper():
- raise ProvisioningError('Realm as seen by pdb_samba4 [%s] does not match Realm as seen by the provision script [%s]!' % (domain_info["dns_domain"].upper(), dnsdomain.upper()))
+ raise ProvisioningError('Realm as seen by pdb_samba_dsdb [%s] does not match Realm as seen by the provision script [%s]!' % (domain_info["dns_domain"].upper(), dnsdomain.upper()))
try:
@@ -1536,9 +1537,9 @@ def checksysvolacl(samdb, netlogon, sysvol, domainsid, dnsdomain, domaindn,
# This will ensure that the smbd code we are running when setting ACLs is initialised with the smb.conf
s3conf = s3param.get_context()
s3conf.load(lp.configfile)
- # ensure we are using the right samba4 passdb backend, no matter what
- s3conf.set("passdb backend", "samba4:%s" % samdb.url)
- # ensure that we init the samba4 backend, so the domain sid is marked in secrets.tdb
+ # ensure we are using the right samba_dsdb passdb backend, no matter what
+ s3conf.set("passdb backend", "samba_dsdb:%s" % samdb.url)
+ # ensure that we init the samba_dsdb backend, so the domain sid is marked in secrets.tdb
s4_passdb = passdb.PDB(s3conf.get("passdb backend"))
# now ensure everything matches correctly, to avoid wierd issues
@@ -1547,10 +1548,10 @@ def checksysvolacl(samdb, netlogon, sysvol, domainsid, dnsdomain, domaindn,
domain_info = s4_passdb.domain_info()
if domain_info["dom_sid"] != domainsid:
- raise ProvisioningError('SID as seen by pdb_samba4 [%s] does not match SID as seen by the provision script [%s]!' % (domain_info["dom_sid"], domainsid))
+ raise ProvisioningError('SID as seen by pdb_samba_dsdb [%s] does not match SID as seen by the provision script [%s]!' % (domain_info["dom_sid"], domainsid))
if domain_info["dns_domain"].upper() != dnsdomain.upper():
- raise ProvisioningError('Realm as seen by pdb_samba4 [%s] does not match Realm as seen by the provision script [%s]!' % (domain_info["dns_domain"].upper(), dnsdomain.upper()))
+ raise ProvisioningError('Realm as seen by pdb_samba_dsdb [%s] does not match Realm as seen by the provision script [%s]!' % (domain_info["dns_domain"].upper(), dnsdomain.upper()))
# Set the SYSVOL_ACL on the sysvol folder and subfolder (first level)
for direct_db_access in [True, False]: