summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--source4/scripting/libjs/provision.js17
-rwxr-xr-xsource4/setup/provision18
-rw-r--r--source4/setup/provision_partitions.ldif12
3 files changed, 29 insertions, 18 deletions
diff --git a/source4/scripting/libjs/provision.js b/source4/scripting/libjs/provision.js
index 39810e1f94..461550d5b5 100644
--- a/source4/scripting/libjs/provision.js
+++ b/source4/scripting/libjs/provision.js
@@ -508,7 +508,7 @@ function provision(subobj, message, blank, paths, session_info, credentials, lda
var modify_ok = setup_ldb_modify("provision_basedn_modify.ldif", info, samdb);
if (!modify_ok) {
if (!add_ok) {
- message("Failed to both add and modify " + subobj.DOMAINDN + " in target " + subobj.LDAPBACKEND + "\n");
+ message("Failed to both add and modify " + subobj.DOMAINDN + " in target " + subobj.DOMAINDN_LDB + "\n");
message("Perhaps you need to run the provision script with the --ldap-base-dn option, and add this record to the backend manually\n");
};
assert(modify_ok);
@@ -691,20 +691,25 @@ function provision_guess()
subobj.WHEEL = findnss(nss.getgrnam, "wheel", "root", "staff", "adm");
subobj.BACKUP = findnss(nss.getgrnam, "backup", "wheel", "root", "staff");
subobj.USERS = findnss(nss.getgrnam, "users", "guest", "other", "unknown", "usr");
+
subobj.DNSDOMAIN = strlower(subobj.REALM);
subobj.DNSNAME = sprintf("%s.%s",
strlower(subobj.HOSTNAME),
subobj.DNSDOMAIN);
rdn_list = split(".", subobj.DNSDOMAIN);
- subobj.DOMAINDN = "DC=" + join(",DC=", rdn_list);
+ subobj.DOMAINDN = "DC=" + join(",DC=", rdn_list);
+ subobj.DOMAINDN_LDB = "users.ldb";
+ subobj.DOMAINDN_MOD = "objectguid";
subobj.ROOTDN = subobj.DOMAINDN;
subobj.CONFIGDN = "CN=Configuration," + subobj.ROOTDN;
+ subobj.CONFIGDN_LDB = "configuration.ldb";
+ subobj.CONFIGDN_MOD = "objectguid";
subobj.SCHEMADN = "CN=Schema," + subobj.CONFIGDN;
- subobj.LDAPBACKEND = "users.ldb";
- subobj.LDAPMODULE = "entryUUID";
- subobj.LDAPMODULES = "objectguid";
+ subobj.SCHEMADN_LDB = "schema.ldb";
+ subobj.SCHEMADN_MOD = "objectguid";
+
subobj.EXTENSIBLEOBJECT = "# no objectClass: extensibleObject for local ldb";
- subobj.ACI = "# no aci for local ldb";
+ subobj.ACI = "# no aci for local ldb";
return subobj;
}
diff --git a/source4/setup/provision b/source4/setup/provision
index 8f1d422f51..dcc92b924f 100755
--- a/source4/setup/provision
+++ b/source4/setup/provision
@@ -113,18 +113,24 @@ for (r in options) {
var key = strupper(join("", split("-", r)));
subobj[key] = options[r];
}
+
+var blank = (options["blank"] != undefined);
+var ldapbase = (options["ldap-base"] != undefined);
+var ldapbackend = (options["ldap-backend"] != undefined);
+var ldapmodule = (options["ldap-module"] != undefined);
+
if (options["aci"] != undefined) {
println("set ACI: " + subobj["ACI"]);
}
-if (options["ldap-backend"] != undefined) {
- subobj["LDAPMODULES"] = subobj["LDAPMODULE"] + ",paged_searches";
+if (ldapbackend) {
+ if (!ldapmodule) {
+ subobj["LDAPMODULE"] = "objectUUID";
+ }
+ subobj["DOMAINDN_LDB"] = subobj["LDAPBACKEND"];
+ subobj["DOMAINDN_MOD"] = subobj["LDAPMODULE"] + ",paged_searches";
}
-var blank = (options["blank"] != undefined);
-var ldapbase = (options["ldap-base"] != undefined);
-var ldapbackend = (options["ldap-backend"] != undefined);
-
if (!provision_validate(subobj, message)) {
return -1;
}
diff --git a/source4/setup/provision_partitions.ldif b/source4/setup/provision_partitions.ldif
index b713e4e31d..3988c16610 100644
--- a/source4/setup/provision_partitions.ldif
+++ b/source4/setup/provision_partitions.ldif
@@ -1,13 +1,13 @@
dn: @PARTITION
-partition: ${SCHEMADN}:schema.ldb
-partition: ${CONFIGDN}:configuration.ldb
-partition: ${DOMAINDN}:${LDAPBACKEND}
+partition: ${SCHEMADN}:${SCHEMADN_LDB}
+partition: ${CONFIGDN}:${CONFIGDN_LDB}
+partition: ${DOMAINDN}:${DOMAINDN_LDB}
replicateEntries: @SUBCLASSES
replicateEntries: @ATTRIBUTES
replicateEntries: @INDEXLIST
-modules:${SCHEMADN}:objectguid
-modules:${CONFIGDN}:objectguid
-modules:${DOMAINDN}:${LDAPMODULES}
+modules:${SCHEMADN}:${SCHEMADN_MOD}
+modules:${CONFIGDN}:${CONFIGDN_MOD}
+modules:${DOMAINDN}:${DOMAINDN_MOD}
#Add modules to the list to activate them by default
#beware often order is important