summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--source4/scripting/python/samba/provision/__init__.py22
-rw-r--r--source4/scripting/python/samba/provision/backend.py6
-rwxr-xr-xsource4/scripting/python/samba/upgradehelpers.py6
-rwxr-xr-xsource4/setup/provision25
-rwxr-xr-xsource4/setup/tests/blackbox_provision-backend.sh10
5 files changed, 21 insertions, 48 deletions
diff --git a/source4/scripting/python/samba/provision/__init__.py b/source4/scripting/python/samba/provision/__init__.py
index a8a5a572a6..be0e903cd9 100644
--- a/source4/scripting/python/samba/provision/__init__.py
+++ b/source4/scripting/python/samba/provision/__init__.py
@@ -1641,10 +1641,10 @@ def provision(logger, session_info, credentials, smbconf=None,
dns_backend=None, dnspass=None,
invocationid=None, machinepass=None, ntdsguid=None,
root=None, nobody=None, users=None, wheel=None, backup=None, aci=None,
- serverrole=None, dom_for_fun_level=None, ldap_backend_extra_port=None,
- ldap_backend_forced_uri=None, backend_type=None, sitename=None,
- ol_mmr_urls=None, ol_olc=None, setup_ds_path=None, slapd_path=None,
- nosync=False, ldap_dryrun_mode=False, useeadb=False, am_rodc=False,
+ serverrole=None, dom_for_fun_level=None,
+ backend_type=None, sitename=None,
+ ol_mmr_urls=None, ol_olc=None, slapd_path=None,
+ useeadb=False, am_rodc=False,
lp=None):
"""Provision samba4
@@ -1759,30 +1759,24 @@ def provision(logger, session_info, credentials, smbconf=None,
lp=lp, credentials=credentials,
names=names, logger=logger)
elif backend_type == "existing":
+ # If support for this is ever added back, then the URI will need to be specified again
provision_backend = ExistingBackend(backend_type, paths=paths,
lp=lp, credentials=credentials,
names=names, logger=logger,
- ldap_backend_forced_uri=ldap_backend_forced_uri)
+ ldap_backend_forced_uri=None)
elif backend_type == "fedora-ds":
provision_backend = FDSBackend(backend_type, paths=paths,
lp=lp, credentials=credentials,
names=names, logger=logger, domainsid=domainsid,
schema=schema, hostname=hostname, ldapadminpass=ldapadminpass,
slapd_path=slapd_path,
- ldap_backend_extra_port=ldap_backend_extra_port,
- ldap_dryrun_mode=ldap_dryrun_mode, root=root,
- setup_ds_path=setup_ds_path,
- ldap_backend_forced_uri=ldap_backend_forced_uri)
+ root=root)
elif backend_type == "openldap":
provision_backend = OpenLDAPBackend(backend_type, paths=paths,
lp=lp, credentials=credentials,
names=names, logger=logger, domainsid=domainsid,
schema=schema, hostname=hostname, ldapadminpass=ldapadminpass,
- slapd_path=slapd_path,
- ldap_backend_extra_port=ldap_backend_extra_port,
- ldap_dryrun_mode=ldap_dryrun_mode, ol_mmr_urls=ol_mmr_urls,
- nosync=nosync,
- ldap_backend_forced_uri=ldap_backend_forced_uri)
+ slapd_path=slapd_path, ol_mmr_urls=ol_mmr_urls)
else:
raise ValueError("Unknown LDAP backend type selected")
diff --git a/source4/scripting/python/samba/provision/backend.py b/source4/scripting/python/samba/provision/backend.py
index f9dbba85f6..4ab827b545 100644
--- a/source4/scripting/python/samba/provision/backend.py
+++ b/source4/scripting/python/samba/provision/backend.py
@@ -133,7 +133,7 @@ class LDAPBackend(ProvisionBackend):
credentials=None, names=None, logger=None, domainsid=None,
schema=None, hostname=None, ldapadminpass=None,
slapd_path=None, ldap_backend_extra_port=None,
- ldap_backend_forced_uri=None, ldap_dryrun_mode=False):
+ ldap_backend_forced_uri=None, ldap_dryrun_mode=True):
super(LDAPBackend, self).__init__(backend_type=backend_type,
paths=paths, lp=lp,
@@ -286,7 +286,7 @@ class OpenLDAPBackend(LDAPBackend):
def __init__(self, backend_type, paths=None, lp=None,
credentials=None, names=None, logger=None, domainsid=None,
schema=None, hostname=None, ldapadminpass=None, slapd_path=None,
- ldap_backend_extra_port=None, ldap_dryrun_mode=False,
+ ldap_backend_extra_port=None, ldap_dryrun_mode=True,
ol_mmr_urls=None, nosync=False, ldap_backend_forced_uri=None):
from samba.provision import setup_path
super(OpenLDAPBackend, self).__init__( backend_type=backend_type,
@@ -568,7 +568,7 @@ class FDSBackend(LDAPBackend):
def __init__(self, backend_type, paths=None, lp=None,
credentials=None, names=None, logger=None, domainsid=None,
schema=None, hostname=None, ldapadminpass=None, slapd_path=None,
- ldap_backend_extra_port=None, ldap_dryrun_mode=False, root=None,
+ ldap_backend_extra_port=None, ldap_dryrun_mode=True, root=None,
setup_ds_path=None):
from samba.provision import setup_path
diff --git a/source4/scripting/python/samba/upgradehelpers.py b/source4/scripting/python/samba/upgradehelpers.py
index 043f629ce5..3d1aa7a23a 100755
--- a/source4/scripting/python/samba/upgradehelpers.py
+++ b/source4/scripting/python/samba/upgradehelpers.py
@@ -266,11 +266,11 @@ def newprovision(names, creds, session, smbconf, provdir, logger):
invocationid=names.invocation, adminpass=names.adminpass,
krbtgtpass=None, machinepass=None, dnspass=None, root=None,
nobody=None, wheel=None, users=None,
- serverrole="domain controller", ldap_backend_extra_port=None,
+ serverrole="domain controller",
backend_type=None, ldapadminpass=None, ol_mmr_urls=None,
- slapd_path=None, setup_ds_path=None, nosync=None,
+ slapd_path=None,
dom_for_fun_level=names.domainlevel, dns_backend=dns_backend,
- ldap_dryrun_mode=None, useeadb=True)
+ useeadb=True)
def dn_sort(x, y):
diff --git a/source4/setup/provision b/source4/setup/provision
index bae86ee658..1d847decef 100755
--- a/source4/setup/provision
+++ b/source4/setup/provision
@@ -102,14 +102,9 @@ parser.add_option("--users", type="string", metavar="GROUPNAME",
parser.add_option("--quiet", help="Be quiet", action="store_true")
parser.add_option("--blank", action="store_true",
help="do not add users or groups, just the structure")
-parser.add_option("--ldap-backend-extra-port", type="int", metavar="LDAP-BACKEND-EXTRA-PORT",
- help="Additional TCP port for LDAP backend server (to use for replication)")
-parser.add_option("--ldap-backend-forced-uri", type="string", metavar="LDAP-BACKEND-FORCED-URI",
- help="Force the LDAP backend connection to be to a particular URI. Use this ONLY for 'existing' backends, or when debugging the interaction with the LDAP backend and you need to intercept the LDAP traffic")
parser.add_option("--ldap-backend-type", type="choice", metavar="LDAP-BACKEND-TYPE",
- help="LDAP backend type (fedora-ds or openldap)",
+ help="Test initialisation support for unsupported LDAP backend type (fedora-ds or openldap) DO NOT USE",
choices=["fedora-ds", "openldap"])
-parser.add_option("--ldap-backend-nosync", help="Configure LDAP backend not to call fsync() (for performance in test environments)", action="store_true")
parser.add_option("--server-role", type="choice", metavar="ROLE",
choices=["domain controller", "dc", "member server", "member", "standalone"],
help="The server role (domain controller | dc | member server | member | standalone). Default is dc.")
@@ -126,10 +121,7 @@ parser.add_option("--ol-mmr-urls", type="string", metavar="LDAPSERVER",
help="List of LDAP-URLS [ ldap://<FQHN>:<PORT>/ (where <PORT> has to be different than 389!) ] separated with comma (\",\") for use with OpenLDAP-MMR (Multi-Master-Replication), e.g.: \"ldap://s4dc1:9000,ldap://s4dc2:9000\"")
parser.add_option("--slapd-path", type="string", metavar="SLAPD-PATH",
help="Path to slapd for LDAP backend [e.g.:'/usr/local/libexec/slapd']. Required for Setup with LDAP-Backend. OpenLDAP Version >= 2.4.17 should be used.")
-parser.add_option("--setup-ds-path", type="string", metavar="SETUP_DS-PATH",
- help="Path to setup-ds.pl script for Fedora DS LDAP backend [e.g.:'/usr/sbin/setup-ds.pl']. Required for Setup with Fedora DS backend.")
parser.add_option("--use-xattrs", type="choice", choices=["yes", "no", "auto"], help="Define if we should use the native fs capabilities or a tdb file for storing attributes likes ntacl, auto tries to make an inteligent guess based on the user rights and system capabilities", default="auto")
-parser.add_option("--ldap-dryrun-mode", help="Configure LDAP backend, but do not run any binaries and exit early. Used only for the test environment. DO NOT USE", action="store_true")
opts = parser.parse_args()[0]
@@ -248,16 +240,6 @@ elif opts.use_xattrs == "auto" and not lp.get("posix:eadb"):
"If you intend to use this provision in production, rerun the script as root on a system supporting xattrs.")
file.close()
-
-if opts.ldap_backend_type == "existing":
- if opts.ldap_backend_forced_uri is not None:
- logger.warn("You have specified to use an existing LDAP server as the backend, please make sure an LDAP server is running at %s" % opts.ldap_backend_forced_uri)
- else:
- logger.info("You have specified to use an existing LDAP server as the backend, please make sure an LDAP server is running at the default location")
-else:
- if opts.ldap_backend_forced_uri is not None:
- logger.warn("You have specified to use an fixed URI %s for connecting to your LDAP server backend. This is NOT RECOMMENDED, as our default communiation over ldapi:// is more secure and much less prone to unexpected failure or interaction" % opts.ldap_backend_forced_uri)
-
session = system_session()
try:
provision(logger,
@@ -273,12 +255,9 @@ try:
dnspass=opts.dnspass, root=opts.root, nobody=opts.nobody,
wheel=opts.wheel, users=opts.users,
serverrole=server_role, dom_for_fun_level=dom_for_fun_level,
- ldap_backend_extra_port=opts.ldap_backend_extra_port,
- ldap_backend_forced_uri=opts.ldap_backend_forced_uri,
backend_type=opts.ldap_backend_type,
ldapadminpass=opts.ldapadminpass, ol_mmr_urls=opts.ol_mmr_urls,
- slapd_path=opts.slapd_path, setup_ds_path=opts.setup_ds_path,
- nosync=opts.ldap_backend_nosync, ldap_dryrun_mode=opts.ldap_dryrun_mode,
+ slapd_path=opts.slapd_path,
useeadb=eadb, next_rid=opts.next_rid, lp=lp)
except ProvisioningError, e:
print str(e)
diff --git a/source4/setup/tests/blackbox_provision-backend.sh b/source4/setup/tests/blackbox_provision-backend.sh
index 58fde63469..96ff753ace 100755
--- a/source4/setup/tests/blackbox_provision-backend.sh
+++ b/source4/setup/tests/blackbox_provision-backend.sh
@@ -12,13 +12,13 @@ shift 1
. `dirname $0`/../../../testprogs/blackbox/subunit.sh
-testit "openldap-backend" $PYTHON $SRCDIR/source4/setup/provision --domain=FOO --realm=foo.example.com --ldap-backend-type=openldap --targetdir=$PREFIX/openldap-backend --ldap-dryrun-mode --slapd-path=/dev/null
-testit "openldap-mmr-backend" $PYTHON $SRCDIR/source4/setup/provision --domain=FOO --realm=foo.example.com --ldap-backend-type=openldap --targetdir=$PREFIX/openldap-mmr-backend --ol-mmr-urls="ldap://s4dc1.test:9000,ldap://s4dc2.test:9000" --ldap-dryrun-mode --slapd-path=/dev/null --username=samba-admin --password=linux --adminpass=linux --ldapadminpass=linux
-testit "fedora-ds-backend" $PYTHON $SRCDIR/source4/setup/provision --domain=FOO --realm=foo.example.com --ldap-backend-type=openldap --targetdir=$PREFIX/openldap-backend --ldap-dryrun-mode --slapd-path=/dev/null
+testit "openldap-backend" $PYTHON $SRCDIR/source4/setup/provision --domain=FOO --realm=foo.example.com --ldap-backend-type=openldap --targetdir=$PREFIX/openldap-backend --slapd-path=/dev/null
+testit "openldap-mmr-backend" $PYTHON $SRCDIR/source4/setup/provision --domain=FOO --realm=foo.example.com --ldap-backend-type=openldap --targetdir=$PREFIX/openldap-mmr-backend --ol-mmr-urls="ldap://s4dc1.test:9000,ldap://s4dc2.test:9000" --slapd-path=/dev/null --username=samba-admin --password=linux --adminpass=linux --ldapadminpass=linux
+testit "fedora-ds-backend" $PYTHON $SRCDIR/source4/setup/provision --domain=FOO --realm=foo.example.com --ldap-backend-type=openldap --targetdir=$PREFIX/openldap-backend --slapd-path=/dev/null
reprovision() {
- $PYTHON $SRCDIR/source4/setup/provision --domain=FOO --realm=foo.example.com --ldap-backend-type=openldap --targetdir=$PREFIX/openldap-backend-reprovision --ldap-dryrun-mode --slapd-path=/dev/null
- $PYTHON $SRCDIR/source4/setup/provision --domain=FOO --realm=foo.example.com --ldap-backend-type=openldap --targetdir=$PREFIX/openldap-backend-reprovision --ldap-dryrun-mode --slapd-path=/dev/null
+ $PYTHON $SRCDIR/source4/setup/provision --domain=FOO --realm=foo.example.com --ldap-backend-type=openldap --targetdir=$PREFIX/openldap-backend-reprovision --slapd-path=/dev/null
+ $PYTHON $SRCDIR/source4/setup/provision --domain=FOO --realm=foo.example.com --ldap-backend-type=openldap --targetdir=$PREFIX/openldap-backend-reprovision --slapd-path=/dev/null
}
testit "reprovision-backend" reprovision