diff options
-rw-r--r-- | source4/scripting/ejs/smbcalls_config.c | 41 | ||||
-rw-r--r-- | source4/scripting/libjs/provision.js | 26 | ||||
-rwxr-xr-x | source4/setup/provision | 3 | ||||
-rw-r--r-- | source4/setup/provision.ldif | 28 | ||||
-rw-r--r-- | source4/setup/provision.smb.conf | 6 | ||||
-rw-r--r-- | source4/setup/provision_group_policy.ldif | 28 |
6 files changed, 94 insertions, 38 deletions
diff --git a/source4/scripting/ejs/smbcalls_config.c b/source4/scripting/ejs/smbcalls_config.c index 64310c08fd..6f15ee5a4a 100644 --- a/source4/scripting/ejs/smbcalls_config.c +++ b/source4/scripting/ejs/smbcalls_config.c @@ -89,7 +89,8 @@ static int ejs_lpGet(MprVarHandle eid, int argc, char **argv) /* its a share parameter */ int snum = lp_servicenumber(argv[0]); if (snum == -1) { - return -1; + mpr_Return(eid, mprCreateUndefinedVar()); + return 0; } if (strchr(argv[1], ':')) { /* its a parametric option on a share */ @@ -98,16 +99,23 @@ static int ejs_lpGet(MprVarHandle eid, int argc, char **argv) strcspn(argv[1], ":")); const char *option = strchr(argv[1], ':') + 1; const char *value; - if (type == NULL || option == NULL) return -1; + if (type == NULL || option == NULL) { + mpr_Return(eid, mprCreateUndefinedVar()); + return 0; + } value = lp_get_parametric(snum, type, option); - if (value == NULL) return -1; + if (value == NULL) { + mpr_Return(eid, mprCreateUndefinedVar()); + return 0; + } mpr_ReturnString(eid, value); return 0; } parm = lp_parm_struct(argv[1]); if (parm == NULL || parm->class == P_GLOBAL) { - return -1; + mpr_Return(eid, mprCreateUndefinedVar()); + return 0; } parm_ptr = lp_parm_ptr(snum, parm); } else if (strchr(argv[0], ':')) { @@ -116,20 +124,30 @@ static int ejs_lpGet(MprVarHandle eid, int argc, char **argv) argv[0], strcspn(argv[0], ":")); const char *option = strchr(argv[0], ':') + 1; const char *value; - if (type == NULL || option == NULL) return -1; + if (type == NULL || option == NULL) { + mpr_Return(eid, mprCreateUndefinedVar()); + return 0; + } value = lp_get_parametric(-1, type, option); - if (value == NULL) return -1; + if (value == NULL) { + mpr_Return(eid, mprCreateUndefinedVar()); + return 0; + } mpr_ReturnString(eid, value); return 0; } else { /* its a global parameter */ parm = lp_parm_struct(argv[0]); - if (parm == NULL) return -1; + if (parm == NULL) { + mpr_Return(eid, mprCreateUndefinedVar()); + return 0; + } parm_ptr = lp_parm_ptr(-1, parm); } if (parm == NULL || parm_ptr == NULL) { - return -1; + mpr_Return(eid, mprCreateUndefinedVar()); + return 0; } /* construct and return the right type of ejs object */ @@ -142,6 +160,7 @@ static int ejs_lpGet(MprVarHandle eid, int argc, char **argv) mpr_Return(eid, mprCreateBoolVar(*(BOOL *)parm_ptr)); break; case P_INTEGER: + case P_OCTAL: case P_BYTES: mpr_Return(eid, mprCreateIntegerVar(*(int *)parm_ptr)); break; @@ -152,12 +171,14 @@ static int ejs_lpGet(MprVarHandle eid, int argc, char **argv) return 0; } } - return -1; + mpr_Return(eid, mprCreateUndefinedVar()); + return 0; case P_LIST: mpr_Return(eid, mprList(parm->label, *(const char ***)parm_ptr)); break; case P_SEP: - return -1; + mpr_Return(eid, mprCreateUndefinedVar()); + return 0; } return 0; } diff --git a/source4/scripting/libjs/provision.js b/source4/scripting/libjs/provision.js index deaa97114a..c417d7b64b 100644 --- a/source4/scripting/libjs/provision.js +++ b/source4/scripting/libjs/provision.js @@ -389,6 +389,19 @@ function provision_default_paths(subobj) paths.ldap_basedn_ldif = paths.ldapdir + "/" + subobj.DNSDOMAIN + ".ldif"; paths.ldap_config_basedn_ldif = paths.ldapdir + "/" + subobj.DNSDOMAIN + "-config.ldif"; paths.ldap_schema_basedn_ldif = paths.ldapdir + "/" + subobj.DNSDOMAIN + "-schema.ldif"; + + paths.netlogon = lp.get("netlogon", "path"); + + if (paths.netlogon == undefined) { + paths.netlogon = lp.get("lock dir") + "/netlogon"; + } + + paths.sysvol = lp.get("sysvol", "path"); + + if (paths.sysvol == undefined) { + paths.sysvol = lp.get("lock dir") + "/sysvol"; + } + return paths; } @@ -466,6 +479,9 @@ function provision_fix_subobj(subobj, paths) subobj.LDAPMANAGERDN = "cn=Manager," + subobj.DOMAINDN; + subobj.NETLOGONPATH = paths.netlogon; + subobj.SYSVOLPATH = paths.sysvol; + return true; } @@ -703,6 +719,16 @@ function provision(subobj, message, blank, paths, session_info, credentials, lda if (lp.get("server role") == "domain controller") { message("Setting up self join\n"); setup_add_ldif("provision_self_join.ldif", info, samdb, false); + setup_add_ldif("provision_group_policy.ldif", info, samdb, false); + + sys.mkdir(paths.sysvol, 0755); + sys.mkdir(paths.sysvol + "/"+ subobj.DNSDOMAIN, 0755); + sys.mkdir(paths.sysvol + "/"+ subobj.DNSDOMAIN + "/Policies", 0755); + sys.mkdir(paths.sysvol + "/"+ subobj.DNSDOMAIN + "/Policies/{" + subobj.POLICYGUID + "}", 0755); + sys.mkdir(paths.sysvol + "/"+ subobj.DNSDOMAIN + "/Policies/{" + subobj.POLICYGUID + "}/Machine", 0755); + sys.mkdir(paths.sysvol + "/"+ subobj.DNSDOMAIN + "/Policies/{" + subobj.POLICYGUID + "}/User", 0755); + + sys.mkdir(paths.netlogon, 0755); } if (setup_name_mappings(info, samdb) == false) { diff --git a/source4/setup/provision b/source4/setup/provision index 175ed8f161..ddb424477b 100755 --- a/source4/setup/provision +++ b/source4/setup/provision @@ -14,7 +14,9 @@ options = GetOptions(ARGV, 'realm=s', 'domain=s', 'domain-guid=s', + 'domain-guid=s', 'domain-sid=s', + 'policy-guid=s', 'host-name=s', 'host-ip=s', 'host-guid=s', @@ -69,6 +71,7 @@ provision [options] --host-name HOSTNAME set hostname --host-ip IPADDRESS set ipaddress --host-guid GUID set hostguid (otherwise random) + --policy-guid GUID set group policy guid (otherwise random) --invocationid GUID set invocationid (otherwise random) --adminpass PASSWORD choose admin password (otherwise random) --krbtgtpass PASSWORD choose krbtgt password (otherwise random) diff --git a/source4/setup/provision.ldif b/source4/setup/provision.ldif index e44a4642b2..d531f831d6 100644 --- a/source4/setup/provision.ldif +++ b/source4/setup/provision.ldif @@ -99,31 +99,3 @@ dn: CN=Policies,CN=System,${DOMAINDN} objectClass: top objectClass: container -dn: CN={${POLICYGUID}},CN=Policies,CN=System,${DOMAINDN} -objectClass: top -objectClass: container -objectClass: groupPolicyContainer -displayName: Default Domain Policy -objectCategory: CN=Group-Policy-Container,${SCHEMADN} -gPCFunctionalityVersion: 2 -gPCFileSysPath: \\${DNSDOMAIN}\sysvol\${DNSDOMAIN}\Policies\{${POLICYGUID}} -versionNumber: 1 -flags: 0 -gPCMachineExtensionNames: [{35378EAC-683F-11D2-A89A-00C04FBBCFA2}{53D6AB1B-248 - 8-11D1-A28C-00C04FB94F17}][{827D319E-6EAC-11D2-A4EA-00C04F79F83A}{803E14A0-B4 - FB-11D0-A0D0-00A0C90F574B}][{B1BE8D72-6EAC-11D2-A4EA-00C04F79F83A}{53D6AB1B-2 - 488-11D1-A28C-00C04FB94F17}] -gPCUserExtensionNames: [{3060E8D0-7020-11D2-842D-00C04FA372D4}{3060E8CE-7020-1 - 1D2-842D-00C04FA372D4}][{35378EAC-683F-11D2-A89A-00C04FBBCFA2}{0F6B957E-509E- - 11D1-A7CC-0000F87571E3}] -nTSecurityDescriptor: O:${DOMAINSID}-512G:${DOMAINSID}-512D:PAI(A;CI;RPWPCCDCLCLORCWOWDSDDTSW;;;${DOMAINSID}-512)(A;CI;RPWPCCDCLCLORCWOWDSDDTSW;;;${DOMAINSID}-519)(A;;RPWPCCDCLCLORCWOWDSDDTSW;;;${DOMAINSID}-512)(A;CIIO;RPWPCCDCLCLORCWOWDSDDTSW;;;CO)(A;CI;RPWPCCDCLCLORCWOWDSDDTSW;;;SY)(A;CI;RPLCLORC;;;AU)(OA;CI;CR;edacfd8f-ffb3-11d1-b41d-00a0c968f939;;AU)(A;CI;RPLCLORC;;;ED)S:AI(OU;CIIDSA;WPWD;;f30e3bc2-9ff0-11d1-b603-0000f80367c1;WD)(OU;CIIOIDSA;WP;f30e3bbe-9ff0-11d1-b603-0000f80367c1;bf967aa5-0de6-11d0-a285-00aa003049e2;WD)(OU;CIIOIDSA;WP;f30e3bbf-9ff0-11d1-b603-0000f80367c1;bf967aa5-0de6-11d0-a285-00aa003049e2;WD) - -dn: CN=User,CN={${POLICYGUID}},CN=Policies,CN=System,${DOMAINDN} -objectClass: top -objectClass: container -objectCategory: CN=Container,${SCHEMADN} - -dn: CN=Machine,CN={${POLICYGUID}},CN=Policies,CN=System,${DOMAINDN} -objectClass: top -objectClass: container -objectCategory: CN=Container,${SCHEMADN} diff --git a/source4/setup/provision.smb.conf b/source4/setup/provision.smb.conf index 9d922c49c9..fe08d7e3be 100644 --- a/source4/setup/provision.smb.conf +++ b/source4/setup/provision.smb.conf @@ -4,4 +4,10 @@ realm = ${REALM} server role = domain controller +[netlogon] + path = ${NETLOGONPATH} + read only = no +[sysvol] + path = ${SYSVOLPATH} + read only = no diff --git a/source4/setup/provision_group_policy.ldif b/source4/setup/provision_group_policy.ldif new file mode 100644 index 0000000000..b5a2ef17e2 --- /dev/null +++ b/source4/setup/provision_group_policy.ldif @@ -0,0 +1,28 @@ +dn: CN={${POLICYGUID}},CN=Policies,CN=System,${DOMAINDN} +objectClass: top +objectClass: container +objectClass: groupPolicyContainer +displayName: Default Domain Policy +objectCategory: CN=Group-Policy-Container,${SCHEMADN} +gPCFunctionalityVersion: 2 +gPCFileSysPath: \\${DNSDOMAIN}\sysvol\${DNSDOMAIN}\Policies\{${POLICYGUID}} +versionNumber: 1 +flags: 0 +gPCMachineExtensionNames: [{35378EAC-683F-11D2-A89A-00C04FBBCFA2}{53D6AB1B-248 + 8-11D1-A28C-00C04FB94F17}][{827D319E-6EAC-11D2-A4EA-00C04F79F83A}{803E14A0-B4 + FB-11D0-A0D0-00A0C90F574B}][{B1BE8D72-6EAC-11D2-A4EA-00C04F79F83A}{53D6AB1B-2 + 488-11D1-A28C-00C04FB94F17}] +gPCUserExtensionNames: [{3060E8D0-7020-11D2-842D-00C04FA372D4}{3060E8CE-7020-1 + 1D2-842D-00C04FA372D4}][{35378EAC-683F-11D2-A89A-00C04FBBCFA2}{0F6B957E-509E- + 11D1-A7CC-0000F87571E3}] +nTSecurityDescriptor: O:${DOMAINSID}-512G:${DOMAINSID}-512D:PAI(A;CI;RPWPCCDCLCLORCWOWDSDDTSW;;;${DOMAINSID}-512)(A;CI;RPWPCCDCLCLORCWOWDSDDTSW;;;${DOMAINSID}-519)(A;;RPWPCCDCLCLORCWOWDSDDTSW;;;${DOMAINSID}-512)(A;CIIO;RPWPCCDCLCLORCWOWDSDDTSW;;;CO)(A;CI;RPWPCCDCLCLORCWOWDSDDTSW;;;SY)(A;CI;RPLCLORC;;;AU)(OA;CI;CR;edacfd8f-ffb3-11d1-b41d-00a0c968f939;;AU)(A;CI;RPLCLORC;;;ED)S:AI(OU;CIIDSA;WPWD;;f30e3bc2-9ff0-11d1-b603-0000f80367c1;WD)(OU;CIIOIDSA;WP;f30e3bbe-9ff0-11d1-b603-0000f80367c1;bf967aa5-0de6-11d0-a285-00aa003049e2;WD)(OU;CIIOIDSA;WP;f30e3bbf-9ff0-11d1-b603-0000f80367c1;bf967aa5-0de6-11d0-a285-00aa003049e2;WD) + +dn: CN=User,CN={${POLICYGUID}},CN=Policies,CN=System,${DOMAINDN} +objectClass: top +objectClass: container +objectCategory: CN=Container,${SCHEMADN} + +dn: CN=Machine,CN={${POLICYGUID}},CN=Policies,CN=System,${DOMAINDN} +objectClass: top +objectClass: container +objectCategory: CN=Container,${SCHEMADN} |