summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--source4/dsdb/common/util.c2
-rw-r--r--source4/dsdb/samdb/ldb_modules/password_hash.c2
-rw-r--r--source4/rpc_server/samr/dcesrv_samr.c2
-rw-r--r--source4/scripting/python/samba/provision.py6
-rw-r--r--source4/selftest/target/Samba4.pm2
-rw-r--r--source4/setup/provision_basedn.ldif3
-rw-r--r--source4/setup/schema_samba4.ldif38
7 files changed, 49 insertions, 6 deletions
diff --git a/source4/dsdb/common/util.c b/source4/dsdb/common/util.c
index 88c8afd6cc..3be60ac452 100644
--- a/source4/dsdb/common/util.c
+++ b/source4/dsdb/common/util.c
@@ -1464,7 +1464,7 @@ int samdb_search_for_parent_domain(struct ldb_context *ldb, TALLOC_CTX *mem_ctx,
while ((sdn = ldb_dn_get_parent(local_ctx, sdn))) {
ret = ldb_search(ldb, sdn, LDB_SCOPE_BASE,
- "(|(objectClass=domain)(objectClass=builtinDomain))", attrs, &res);
+ "(|(|(objectClass=domain)(objectClass=builtinDomain))(objectClass=samba4LocalDomain))", attrs, &res);
if (ret == LDB_SUCCESS) {
talloc_steal(local_ctx, res);
if (res->count == 1) {
diff --git a/source4/dsdb/samdb/ldb_modules/password_hash.c b/source4/dsdb/samdb/ldb_modules/password_hash.c
index aa64700f2f..ec19e0d49e 100644
--- a/source4/dsdb/samdb/ldb_modules/password_hash.c
+++ b/source4/dsdb/samdb/ldb_modules/password_hash.c
@@ -1220,7 +1220,7 @@ static int build_domain_data_request(struct ph_context *ac)
ac->dom_req->op.search.base = ldb_get_default_basedn(ac->module->ldb);
ac->dom_req->op.search.scope = LDB_SCOPE_SUBTREE;
- filter = talloc_asprintf(ac->dom_req, "(&(objectSid=%s)(|(objectClass=domain)(objectClass=builtinDomain)))",
+ filter = talloc_asprintf(ac->dom_req, "(&(objectSid=%s)(|(|(objectClass=domain)(objectClass=builtinDomain))(objectClass=samba4LocalDomain)))",
ldap_encode_ndr_dom_sid(ac->dom_req, ac->domain_sid));
if (filter == NULL) {
ldb_debug(ac->module->ldb, LDB_DEBUG_ERROR, "Out of Memory!\n");
diff --git a/source4/rpc_server/samr/dcesrv_samr.c b/source4/rpc_server/samr/dcesrv_samr.c
index 8193e0a882..da03d83dbc 100644
--- a/source4/rpc_server/samr/dcesrv_samr.c
+++ b/source4/rpc_server/samr/dcesrv_samr.c
@@ -425,7 +425,7 @@ static NTSTATUS dcesrv_samr_OpenDomain(struct dcesrv_call_state *dce_call, TALLO
ret = gendb_search(c_state->sam_ctx,
mem_ctx, NULL, &dom_msgs, dom_attrs,
- "(&(objectSid=%s)(&(|(objectclass=domain)(objectClass=builtinDomain))))",
+ "(&(objectSid=%s)(|(|(objectClass=domain)(objectClass=builtinDomain))(objectClass=samba4LocalDomain)))",
ldap_encode_ndr_dom_sid(mem_ctx, r->in.sid));
if (ret == 0) {
return NT_STATUS_NO_SUCH_DOMAIN;
diff --git a/source4/scripting/python/samba/provision.py b/source4/scripting/python/samba/provision.py
index f9604a84b2..25316e888a 100644
--- a/source4/scripting/python/samba/provision.py
+++ b/source4/scripting/python/samba/provision.py
@@ -763,9 +763,15 @@ def setup_samdb(path, setup_path, session_info, credentials, lp,
try:
message("Adding DomainDN: %s (permitted to fail)" % names.domaindn)
+ if serverrole == "domain controller":
+ domain_oc = "domainDNS"
+ else:
+ domain_oc = "samba4LocalDomain"
+
setup_add_ldif(samdb, setup_path("provision_basedn.ldif"), {
"DOMAINDN": names.domaindn,
"ACI": aci,
+ "DOMAIN_OC": domain_oc
})
message("Modifying DomainDN: " + names.domaindn + "")
diff --git a/source4/selftest/target/Samba4.pm b/source4/selftest/target/Samba4.pm
index 2b94135355..416a376f68 100644
--- a/source4/selftest/target/Samba4.pm
+++ b/source4/selftest/target/Samba4.pm
@@ -544,7 +544,7 @@ sub provision($$$$$$)
my $localbasedn = $basedn;
- $localbasedn = "DC=$netbiosname" if $server_role eq "member server";
+ $localbasedn = "CN=$netbiosname" if $server_role eq "member server";
open(CONFFILE, ">$conffile");
print CONFFILE "
diff --git a/source4/setup/provision_basedn.ldif b/source4/setup/provision_basedn.ldif
index 11eb0593e8..7fdecfa3c0 100644
--- a/source4/setup/provision_basedn.ldif
+++ b/source4/setup/provision_basedn.ldif
@@ -3,7 +3,6 @@
################################
dn: ${DOMAINDN}
objectClass: top
-objectClass: domain
-objectClass: domainDNS
+objectClass: ${DOMAIN_OC}
${ACI}
diff --git a/source4/setup/schema_samba4.ldif b/source4/setup/schema_samba4.ldif
index 8bd1705468..7146091c8e 100644
--- a/source4/setup/schema_samba4.ldif
+++ b/source4/setup/schema_samba4.ldif
@@ -194,3 +194,41 @@ attributeID: 1.3.6.1.4.1.7165.4.1.11
attributeSyntax: 2.5.5.4
oMSyntax: 20
+#
+# Based on domainDNS, but without the DNS bits.
+#
+
+dn: CN=Samba4-Local-Domain,${SCHEMADN}
+objectClass: top
+objectClass: classSchema
+subClassOf: top
+governsID: 1.3.6.1.4.1.7165.4.2.2
+possibleInferiors: group
+possibleInferiors: lostAndFound
+possibleInferiors: builtinDomain
+possibleInferiors: computer
+possibleInferiors: user
+possibleInferiors: container
+possibleInferiors: groupPolicyContainer
+possibleInferiors: organization
+possibleInferiors: domainDNS
+possibleInferiors: locality
+possibleInferiors: msDS-AzAdminManager
+possibleInferiors: country
+possibleInferiors: organizationalUnit
+rDNAttID: cn
+showInAdvancedViewOnly: TRUE
+adminDisplayName: Samba4-Local-Domain
+adminDescription: Samba4-Local-Domain
+systemMayContain: msDS-Behavior-Version
+systemMayContain: managedBy
+objectClassCategory: 1
+lDAPDisplayName: samba4LocalDomain
+schemaIDGUID: 07be1647-8310-4fba-91ae-34e55d5a8293
+systemOnly: FALSE
+systemAuxiliaryClass: samDomainBase
+defaultSecurityDescriptor: D:(A;;RPLCLORC;;;DA)(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;SY)(A;;RPLCLORC;;;AU)
+systemFlags: 16
+defaultHidingValue: TRUE
+defaultObjectCategory: CN=Builtin-Domain,${SCHEMADN}
+