diff options
-rw-r--r-- | source4/dsdb/common/util.c | 2 | ||||
-rw-r--r-- | source4/dsdb/samdb/ldb_modules/password_hash.c | 2 | ||||
-rw-r--r-- | source4/rpc_server/samr/dcesrv_samr.c | 2 | ||||
-rw-r--r-- | source4/scripting/python/samba/provision.py | 6 | ||||
-rw-r--r-- | source4/selftest/target/Samba4.pm | 2 | ||||
-rw-r--r-- | source4/setup/provision_basedn.ldif | 3 | ||||
-rw-r--r-- | source4/setup/schema_samba4.ldif | 38 |
7 files changed, 49 insertions, 6 deletions
diff --git a/source4/dsdb/common/util.c b/source4/dsdb/common/util.c index 88c8afd6cc..3be60ac452 100644 --- a/source4/dsdb/common/util.c +++ b/source4/dsdb/common/util.c @@ -1464,7 +1464,7 @@ int samdb_search_for_parent_domain(struct ldb_context *ldb, TALLOC_CTX *mem_ctx, while ((sdn = ldb_dn_get_parent(local_ctx, sdn))) { ret = ldb_search(ldb, sdn, LDB_SCOPE_BASE, - "(|(objectClass=domain)(objectClass=builtinDomain))", attrs, &res); + "(|(|(objectClass=domain)(objectClass=builtinDomain))(objectClass=samba4LocalDomain))", attrs, &res); if (ret == LDB_SUCCESS) { talloc_steal(local_ctx, res); if (res->count == 1) { diff --git a/source4/dsdb/samdb/ldb_modules/password_hash.c b/source4/dsdb/samdb/ldb_modules/password_hash.c index aa64700f2f..ec19e0d49e 100644 --- a/source4/dsdb/samdb/ldb_modules/password_hash.c +++ b/source4/dsdb/samdb/ldb_modules/password_hash.c @@ -1220,7 +1220,7 @@ static int build_domain_data_request(struct ph_context *ac) ac->dom_req->op.search.base = ldb_get_default_basedn(ac->module->ldb); ac->dom_req->op.search.scope = LDB_SCOPE_SUBTREE; - filter = talloc_asprintf(ac->dom_req, "(&(objectSid=%s)(|(objectClass=domain)(objectClass=builtinDomain)))", + filter = talloc_asprintf(ac->dom_req, "(&(objectSid=%s)(|(|(objectClass=domain)(objectClass=builtinDomain))(objectClass=samba4LocalDomain)))", ldap_encode_ndr_dom_sid(ac->dom_req, ac->domain_sid)); if (filter == NULL) { ldb_debug(ac->module->ldb, LDB_DEBUG_ERROR, "Out of Memory!\n"); diff --git a/source4/rpc_server/samr/dcesrv_samr.c b/source4/rpc_server/samr/dcesrv_samr.c index 8193e0a882..da03d83dbc 100644 --- a/source4/rpc_server/samr/dcesrv_samr.c +++ b/source4/rpc_server/samr/dcesrv_samr.c @@ -425,7 +425,7 @@ static NTSTATUS dcesrv_samr_OpenDomain(struct dcesrv_call_state *dce_call, TALLO ret = gendb_search(c_state->sam_ctx, mem_ctx, NULL, &dom_msgs, dom_attrs, - "(&(objectSid=%s)(&(|(objectclass=domain)(objectClass=builtinDomain))))", + "(&(objectSid=%s)(|(|(objectClass=domain)(objectClass=builtinDomain))(objectClass=samba4LocalDomain)))", ldap_encode_ndr_dom_sid(mem_ctx, r->in.sid)); if (ret == 0) { return NT_STATUS_NO_SUCH_DOMAIN; diff --git a/source4/scripting/python/samba/provision.py b/source4/scripting/python/samba/provision.py index f9604a84b2..25316e888a 100644 --- a/source4/scripting/python/samba/provision.py +++ b/source4/scripting/python/samba/provision.py @@ -763,9 +763,15 @@ def setup_samdb(path, setup_path, session_info, credentials, lp, try: message("Adding DomainDN: %s (permitted to fail)" % names.domaindn) + if serverrole == "domain controller": + domain_oc = "domainDNS" + else: + domain_oc = "samba4LocalDomain" + setup_add_ldif(samdb, setup_path("provision_basedn.ldif"), { "DOMAINDN": names.domaindn, "ACI": aci, + "DOMAIN_OC": domain_oc }) message("Modifying DomainDN: " + names.domaindn + "") diff --git a/source4/selftest/target/Samba4.pm b/source4/selftest/target/Samba4.pm index 2b94135355..416a376f68 100644 --- a/source4/selftest/target/Samba4.pm +++ b/source4/selftest/target/Samba4.pm @@ -544,7 +544,7 @@ sub provision($$$$$$) my $localbasedn = $basedn; - $localbasedn = "DC=$netbiosname" if $server_role eq "member server"; + $localbasedn = "CN=$netbiosname" if $server_role eq "member server"; open(CONFFILE, ">$conffile"); print CONFFILE " diff --git a/source4/setup/provision_basedn.ldif b/source4/setup/provision_basedn.ldif index 11eb0593e8..7fdecfa3c0 100644 --- a/source4/setup/provision_basedn.ldif +++ b/source4/setup/provision_basedn.ldif @@ -3,7 +3,6 @@ ################################ dn: ${DOMAINDN} objectClass: top -objectClass: domain -objectClass: domainDNS +objectClass: ${DOMAIN_OC} ${ACI} diff --git a/source4/setup/schema_samba4.ldif b/source4/setup/schema_samba4.ldif index 8bd1705468..7146091c8e 100644 --- a/source4/setup/schema_samba4.ldif +++ b/source4/setup/schema_samba4.ldif @@ -194,3 +194,41 @@ attributeID: 1.3.6.1.4.1.7165.4.1.11 attributeSyntax: 2.5.5.4 oMSyntax: 20 +# +# Based on domainDNS, but without the DNS bits. +# + +dn: CN=Samba4-Local-Domain,${SCHEMADN} +objectClass: top +objectClass: classSchema +subClassOf: top +governsID: 1.3.6.1.4.1.7165.4.2.2 +possibleInferiors: group +possibleInferiors: lostAndFound +possibleInferiors: builtinDomain +possibleInferiors: computer +possibleInferiors: user +possibleInferiors: container +possibleInferiors: groupPolicyContainer +possibleInferiors: organization +possibleInferiors: domainDNS +possibleInferiors: locality +possibleInferiors: msDS-AzAdminManager +possibleInferiors: country +possibleInferiors: organizationalUnit +rDNAttID: cn +showInAdvancedViewOnly: TRUE +adminDisplayName: Samba4-Local-Domain +adminDescription: Samba4-Local-Domain +systemMayContain: msDS-Behavior-Version +systemMayContain: managedBy +objectClassCategory: 1 +lDAPDisplayName: samba4LocalDomain +schemaIDGUID: 07be1647-8310-4fba-91ae-34e55d5a8293 +systemOnly: FALSE +systemAuxiliaryClass: samDomainBase +defaultSecurityDescriptor: D:(A;;RPLCLORC;;;DA)(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;SY)(A;;RPLCLORC;;;AU) +systemFlags: 16 +defaultHidingValue: TRUE +defaultObjectCategory: CN=Builtin-Domain,${SCHEMADN} + |