summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--source4/lib/ldb/ldb.i25
-rw-r--r--source4/lib/ldb/ldb_wrap.c65
-rwxr-xr-xsource4/setup/newuser141
-rwxr-xr-xsource4/setup/newuser.py61
-rwxr-xr-xsource4/setup/provision.js198
5 files changed, 116 insertions, 374 deletions
diff --git a/source4/lib/ldb/ldb.i b/source4/lib/ldb/ldb.i
index b0723a8ecd..e01a1107d2 100644
--- a/source4/lib/ldb/ldb.i
+++ b/source4/lib/ldb/ldb.i
@@ -469,6 +469,8 @@ typedef struct ldb_ldif ldb_ldif;
#ifdef SWIGPYTHON
%{
+static void py_ldb_debug(void *context, enum ldb_debug_level level, const char *fmt, va_list ap) PRINTF_ATTRIBUTE(3, 0);
+
static void py_ldb_debug(void *context, enum ldb_debug_level level, const char *fmt, va_list ap)
{
char *text;
@@ -564,22 +566,29 @@ PyObject *PyExc_LdbError;
};
%typemap(in,numinputs=1) ldb_msg *add_msg {
- int dict_pos, msg_pos;
- PyObject *key, *value;
+ Py_ssize_t dict_pos, msg_pos;
ldb_msg_element *msgel;
+ PyObject *key, *value;
if (PyDict_Check($input)) {
+ PyObject *dn_value = PyDict_GetItemString($input, "dn");
$1 = ldb_msg_new(NULL);
$1->elements = talloc_zero_array($1, struct ldb_message_element, PyDict_Size($input));
msg_pos = dict_pos = 0;
- while (PyDict_Next($input, &dict_pos, &key, &value)) {
- if (strcmp(PyString_AsString(key), "dn") == 0) {
- /* using argp0 (magic SWIG value) here is a hack */
- if (ldb_dn_from_pyobject($1, value, argp1, &$1->dn) != 0) {
+ if (dn_value) {
+ /* using argp1 (magic SWIG value) here is a hack */
+ if (ldb_dn_from_pyobject($1, dn_value, argp1, &$1->dn) != 0) {
SWIG_exception(SWIG_TypeError, "unable to import dn object");
}
- } else {
- msgel = ldb_msg_element_from_pyobject($1->elements, value, 0, PyString_AsString(key));
+ if ($1->dn == NULL) {
+ SWIG_exception(SWIG_TypeError, "dn set but not found");
+ }
+ }
+
+ while (PyDict_Next($input, &dict_pos, &key, &value)) {
+ char *key_str = PyString_AsString(key);
+ if (strcmp(key_str, "dn") != 0) {
+ msgel = ldb_msg_element_from_pyobject($1->elements, value, 0, key_str);
if (msgel == NULL) {
SWIG_exception(SWIG_TypeError, "unable to import element");
}
diff --git a/source4/lib/ldb/ldb_wrap.c b/source4/lib/ldb/ldb_wrap.c
index cf05048b02..082c6d9cad 100644
--- a/source4/lib/ldb/ldb_wrap.c
+++ b/source4/lib/ldb/ldb_wrap.c
@@ -2471,7 +2471,7 @@ SWIG_Python_MustGetPtr(PyObject *obj, swig_type_info *ty, int argnum, int flags)
#define SWIGTYPE_p_ldb_module_ops swig_types[9]
#define SWIGTYPE_p_ldb_result swig_types[10]
#define SWIGTYPE_p_ldb_val swig_types[11]
-#define SWIGTYPE_p_long_long swig_types[12]
+#define SWIGTYPE_p_long swig_types[12]
#define SWIGTYPE_p_p_char swig_types[13]
#define SWIGTYPE_p_p_ldb_control swig_types[14]
#define SWIGTYPE_p_p_ldb_result swig_types[15]
@@ -2480,11 +2480,10 @@ SWIG_Python_MustGetPtr(PyObject *obj, swig_type_info *ty, int argnum, int flags)
#define SWIGTYPE_p_unsigned_char swig_types[18]
#define SWIGTYPE_p_unsigned_int swig_types[19]
#define SWIGTYPE_p_unsigned_long swig_types[20]
-#define SWIGTYPE_p_unsigned_long_long swig_types[21]
-#define SWIGTYPE_p_unsigned_short swig_types[22]
-#define SWIGTYPE_p_void swig_types[23]
-static swig_type_info *swig_types[25];
-static swig_module_info swig_module = {swig_types, 24, 0, 0, 0, 0};
+#define SWIGTYPE_p_unsigned_short swig_types[21]
+#define SWIGTYPE_p_void swig_types[22]
+static swig_type_info *swig_types[24];
+static swig_module_info swig_module = {swig_types, 23, 0, 0, 0, 0};
#define SWIG_TypeQuery(name) SWIG_TypeQueryModule(&swig_module, &swig_module, name)
#define SWIG_MangledTypeQuery(name) SWIG_MangledTypeQueryModule(&swig_module, &swig_module, name)
@@ -2713,12 +2712,19 @@ int ldb_dn_from_pyobject(TALLOC_CTX *mem_ctx, PyObject *object,
int ret;
struct ldb_dn *odn;
if (ldb_ctx != NULL && PyString_Check(object)) {
- *dn = ldb_dn_new(mem_ctx, ldb_ctx, PyString_AsString(object));
+ odn = ldb_dn_new(mem_ctx, ldb_ctx, PyString_AsString(object));
+ if (!odn) {
+ return SWIG_ERROR;
+ }
+ *dn = odn;
return 0;
}
ret = SWIG_ConvertPtr(object, (void **)&odn, SWIGTYPE_p_ldb_dn,
SWIG_POINTER_EXCEPTION);
*dn = ldb_dn_copy(mem_ctx, odn);
+ if (odn && !*dn) {
+ return SWIG_ERROR;
+ }
return ret;
}
@@ -2992,6 +2998,8 @@ SWIGINTERN PyObject *ldb_msg___iter__(ldb_msg *self){
return PyObject_GetIter(ldb_msg_list_elements(self));
}
+static void py_ldb_debug(void *context, enum ldb_debug_level level, const char *fmt, va_list ap) PRINTF_ATTRIBUTE(3, 0);
+
static void py_ldb_debug(void *context, enum ldb_debug_level level, const char *fmt, va_list ap)
{
char *text;
@@ -4708,22 +4716,29 @@ SWIGINTERN PyObject *_wrap_Ldb_add(PyObject *SWIGUNUSEDPARM(self), PyObject *arg
}
arg1 = (ldb *)(argp1);
{
- int dict_pos, msg_pos;
- PyObject *key, *value;
+ Py_ssize_t dict_pos, msg_pos;
ldb_msg_element *msgel;
+ PyObject *key, *value;
if (PyDict_Check(obj1)) {
+ PyObject *dn_value = PyDict_GetItemString(obj1, "dn");
arg2 = ldb_msg_new(NULL);
arg2->elements = talloc_zero_array(arg2, struct ldb_message_element, PyDict_Size(obj1));
msg_pos = dict_pos = 0;
+ if (dn_value) {
+ /* using argp1 (magic SWIG value) here is a hack */
+ if (ldb_dn_from_pyobject(arg2, dn_value, argp1, &arg2->dn) != 0) {
+ SWIG_exception(SWIG_TypeError, "unable to import dn object");
+ }
+ if (arg2->dn == NULL) {
+ SWIG_exception(SWIG_TypeError, "dn set but not found");
+ }
+ }
+
while (PyDict_Next(obj1, &dict_pos, &key, &value)) {
- if (!strcmp(PyString_AsString(key), "dn")) {
- /* using argp0 (magic SWIG value) here is a hack */
- if (ldb_dn_from_pyobject(arg2, value, argp1, &arg2->dn) != 0) {
- SWIG_exception(SWIG_TypeError, "unable to import dn object");
- }
- } else {
- msgel = ldb_msg_element_from_pyobject(arg2->elements, value, 0, PyString_AsString(key));
+ char *key_str = PyString_AsString(key);
+ if (strcmp(key_str, "dn") != 0) {
+ msgel = ldb_msg_element_from_pyobject(arg2->elements, value, 0, key_str);
if (msgel == NULL) {
SWIG_exception(SWIG_TypeError, "unable to import element");
}
@@ -5696,7 +5711,7 @@ static PyMethodDef SwigMethods[] = {
static swig_type_info _swigt__p_TALLOC_CTX = {"_p_TALLOC_CTX", "TALLOC_CTX *", 0, 0, (void*)0, 0};
static swig_type_info _swigt__p_char = {"_p_char", "char *", 0, 0, (void*)0, 0};
static swig_type_info _swigt__p_f_p_void_enum_ldb_debug_level_p_q_const__char_va_list__void = {"_p_f_p_void_enum_ldb_debug_level_p_q_const__char_va_list__void", "void (*)(void *,enum ldb_debug_level,char const *,va_list)", 0, 0, (void*)0, 0};
-static swig_type_info _swigt__p_int = {"_p_int", "intptr_t *|int *|int_least32_t *|int_fast32_t *|int32_t *|int_fast16_t *", 0, 0, (void*)0, 0};
+static swig_type_info _swigt__p_int = {"_p_int", "int *|int_least32_t *|int32_t *", 0, 0, (void*)0, 0};
static swig_type_info _swigt__p_ldb_context = {"_p_ldb_context", "struct ldb_context *|ldb *", 0, 0, (void*)0, 0};
static swig_type_info _swigt__p_ldb_dn = {"_p_ldb_dn", "struct ldb_dn *|ldb_dn *", 0, 0, (void*)0, 0};
static swig_type_info _swigt__p_ldb_ldif = {"_p_ldb_ldif", "struct ldb_ldif *|ldb_ldif *", 0, 0, (void*)0, 0};
@@ -5705,16 +5720,15 @@ static swig_type_info _swigt__p_ldb_message_element = {"_p_ldb_message_element",
static swig_type_info _swigt__p_ldb_module_ops = {"_p_ldb_module_ops", "struct ldb_module_ops *", 0, 0, (void*)0, 0};
static swig_type_info _swigt__p_ldb_result = {"_p_ldb_result", "struct ldb_result *", 0, 0, (void*)0, 0};
static swig_type_info _swigt__p_ldb_val = {"_p_ldb_val", "struct ldb_val *", 0, 0, (void*)0, 0};
-static swig_type_info _swigt__p_long_long = {"_p_long_long", "int_least64_t *|int_fast64_t *|int64_t *|long long *|intmax_t *", 0, 0, (void*)0, 0};
+static swig_type_info _swigt__p_long = {"_p_long", "intptr_t *|int_least64_t *|int_fast32_t *|int_fast64_t *|int64_t *|long *|int_fast16_t *|intmax_t *", 0, 0, (void*)0, 0};
static swig_type_info _swigt__p_p_char = {"_p_p_char", "char **", 0, 0, (void*)0, 0};
static swig_type_info _swigt__p_p_ldb_control = {"_p_p_ldb_control", "struct ldb_control **", 0, 0, (void*)0, 0};
static swig_type_info _swigt__p_p_ldb_result = {"_p_p_ldb_result", "struct ldb_result **", 0, 0, (void*)0, 0};
static swig_type_info _swigt__p_short = {"_p_short", "short *|int_least16_t *|int16_t *", 0, 0, (void*)0, 0};
static swig_type_info _swigt__p_signed_char = {"_p_signed_char", "signed char *|int_least8_t *|int_fast8_t *|int8_t *", 0, 0, (void*)0, 0};
static swig_type_info _swigt__p_unsigned_char = {"_p_unsigned_char", "unsigned char *|uint_least8_t *|uint_fast8_t *|uint8_t *", 0, 0, (void*)0, 0};
-static swig_type_info _swigt__p_unsigned_int = {"_p_unsigned_int", "uintptr_t *|uint_least32_t *|uint_fast32_t *|uint32_t *|unsigned int *|uint_fast16_t *", 0, 0, (void*)0, 0};
-static swig_type_info _swigt__p_unsigned_long = {"_p_unsigned_long", "unsigned long *|time_t *", 0, 0, (void*)0, 0};
-static swig_type_info _swigt__p_unsigned_long_long = {"_p_unsigned_long_long", "uint_least64_t *|uint_fast64_t *|uint64_t *|unsigned long long *|uintmax_t *", 0, 0, (void*)0, 0};
+static swig_type_info _swigt__p_unsigned_int = {"_p_unsigned_int", "uint_least32_t *|uint32_t *|unsigned int *", 0, 0, (void*)0, 0};
+static swig_type_info _swigt__p_unsigned_long = {"_p_unsigned_long", "uintptr_t *|uint_least64_t *|uint_fast32_t *|uint_fast64_t *|uint64_t *|unsigned long *|time_t *|uint_fast16_t *|uintmax_t *", 0, 0, (void*)0, 0};
static swig_type_info _swigt__p_unsigned_short = {"_p_unsigned_short", "unsigned short *|uint_least16_t *|uint16_t *", 0, 0, (void*)0, 0};
static swig_type_info _swigt__p_void = {"_p_void", "void *", 0, 0, (void*)0, 0};
@@ -5731,7 +5745,7 @@ static swig_type_info *swig_type_initial[] = {
&_swigt__p_ldb_module_ops,
&_swigt__p_ldb_result,
&_swigt__p_ldb_val,
- &_swigt__p_long_long,
+ &_swigt__p_long,
&_swigt__p_p_char,
&_swigt__p_p_ldb_control,
&_swigt__p_p_ldb_result,
@@ -5740,7 +5754,6 @@ static swig_type_info *swig_type_initial[] = {
&_swigt__p_unsigned_char,
&_swigt__p_unsigned_int,
&_swigt__p_unsigned_long,
- &_swigt__p_unsigned_long_long,
&_swigt__p_unsigned_short,
&_swigt__p_void,
};
@@ -5757,7 +5770,7 @@ static swig_cast_info _swigc__p_ldb_message_element[] = { {&_swigt__p_ldb_messa
static swig_cast_info _swigc__p_ldb_module_ops[] = { {&_swigt__p_ldb_module_ops, 0, 0, 0},{0, 0, 0, 0}};
static swig_cast_info _swigc__p_ldb_result[] = { {&_swigt__p_ldb_result, 0, 0, 0},{0, 0, 0, 0}};
static swig_cast_info _swigc__p_ldb_val[] = { {&_swigt__p_ldb_val, 0, 0, 0},{0, 0, 0, 0}};
-static swig_cast_info _swigc__p_long_long[] = { {&_swigt__p_long_long, 0, 0, 0},{0, 0, 0, 0}};
+static swig_cast_info _swigc__p_long[] = { {&_swigt__p_long, 0, 0, 0},{0, 0, 0, 0}};
static swig_cast_info _swigc__p_p_char[] = { {&_swigt__p_p_char, 0, 0, 0},{0, 0, 0, 0}};
static swig_cast_info _swigc__p_p_ldb_control[] = { {&_swigt__p_p_ldb_control, 0, 0, 0},{0, 0, 0, 0}};
static swig_cast_info _swigc__p_p_ldb_result[] = { {&_swigt__p_p_ldb_result, 0, 0, 0},{0, 0, 0, 0}};
@@ -5766,7 +5779,6 @@ static swig_cast_info _swigc__p_signed_char[] = { {&_swigt__p_signed_char, 0, 0
static swig_cast_info _swigc__p_unsigned_char[] = { {&_swigt__p_unsigned_char, 0, 0, 0},{0, 0, 0, 0}};
static swig_cast_info _swigc__p_unsigned_int[] = { {&_swigt__p_unsigned_int, 0, 0, 0},{0, 0, 0, 0}};
static swig_cast_info _swigc__p_unsigned_long[] = { {&_swigt__p_unsigned_long, 0, 0, 0},{0, 0, 0, 0}};
-static swig_cast_info _swigc__p_unsigned_long_long[] = { {&_swigt__p_unsigned_long_long, 0, 0, 0},{0, 0, 0, 0}};
static swig_cast_info _swigc__p_unsigned_short[] = { {&_swigt__p_unsigned_short, 0, 0, 0},{0, 0, 0, 0}};
static swig_cast_info _swigc__p_void[] = { {&_swigt__p_void, 0, 0, 0},{0, 0, 0, 0}};
@@ -5783,7 +5795,7 @@ static swig_cast_info *swig_cast_initial[] = {
_swigc__p_ldb_module_ops,
_swigc__p_ldb_result,
_swigc__p_ldb_val,
- _swigc__p_long_long,
+ _swigc__p_long,
_swigc__p_p_char,
_swigc__p_p_ldb_control,
_swigc__p_p_ldb_result,
@@ -5792,7 +5804,6 @@ static swig_cast_info *swig_cast_initial[] = {
_swigc__p_unsigned_char,
_swigc__p_unsigned_int,
_swigc__p_unsigned_long,
- _swigc__p_unsigned_long_long,
_swigc__p_unsigned_short,
_swigc__p_void,
};
diff --git a/source4/setup/newuser b/source4/setup/newuser
index 7c80e9e8de..03ae4e5ffb 100755
--- a/source4/setup/newuser
+++ b/source4/setup/newuser
@@ -1,80 +1,61 @@
-#!/bin/sh
-exec smbscript "$0" ${1+"$@"}
-/*
- add a new user to a Samba4 server
- Copyright Andrew Tridgell 2005
- Released under the GNU GPL v2 or later
-*/
-
-options = GetOptions(ARGV,
- "POPT_AUTOHELP",
- 'username=s',
- 'unixname=s',
- 'password=s',
- "POPT_COMMON_SAMBA",
- "POPT_COMMON_VERSION",
- "POPT_COMMON_CREDENTIALS",
- 'quiet');
-
-if (options == undefined) {
- println("Failed to parse options");
- return -1;
-}
-
-libinclude("base.js");
-libinclude("provision.js");
-
-/*
- print a message if quiet is not set
-*/
-function message()
-{
- if (options["quiet"] == undefined) {
- print(vsprintf(arguments));
- }
-}
-
-/*
- show some help
-*/
-function ShowHelp()
-{
- print("
-Samba4 newuser
-
-newuser [options]
- --username USERNAME choose new username
- --unixname USERNAME choose unix name of new user
- --password PASSWORD set password
-
-You must provide at least a username
-");
- exit(1);
-}
-
-if (options['username'] == undefined) {
- ShowHelp();
-}
-
-if (options['password'] == undefined) {
- random_init(local);
- options.password = randpass(12);
- printf("chose random password %s\n", options.password);
-}
-if (options['unixname'] == undefined) {
- options.unixname = options.username;
-}
-
-var nss = nss_init();
-if (nss.getpwnam(options.unixname) == undefined) {
- printf("ERROR: Unix user '%s' does not exist\n", options.unixname);
- exit(1);
-}
-
-var creds = options.get_credentials();
-var system_session = system_session();
-
-
-newuser(options.username, options.unixname, options.password, message, system_session, creds);
-
-return 0;
+#!/usr/bin/python
+#
+# add a new user to a Samba4 server
+# Copyright Andrew Tridgell 2005
+# Copyright Jelmer Vernooij 2008
+# Released under the GNU GPL v2 or later
+#
+
+import samba.getopt as options
+import optparse
+import pwd
+import sys
+
+from auth import system_session
+from samba.samdb import SamDB
+
+parser = optparse.OptionParser("newuser [options] <username> [<password>]")
+sambaopts = options.SambaOptions(parser)
+parser.add_option_group(sambaopts)
+parser.add_option_group(options.VersionOptions(parser))
+credopts = options.CredentialsOptions(parser)
+parser.add_option_group(credopts)
+parser.add_option("--quiet", help="Be quiet", action="store_true")
+parser.add_option("--unixname", help="Unix Username", type=str)
+
+opts, args = parser.parse_args()
+
+#
+# print a message if quiet is not set
+#
+def message(text):
+ if not opts.quiet:
+ print text
+
+if len(args) == 0:
+ parser.print_usage()
+ sys.exit(1)
+
+username = args[0]
+if len(args) > 1:
+ password = args[1]
+else:
+ random_init(local)
+ options.password = randpass(12)
+ print "chose random password %s\n" % password
+
+if opts.unixname is None:
+ opts.unixname = username
+
+try:
+ pwd.getpwnam(opts.unixname)
+except KeyError:
+ print "ERROR: Unix user '%s' does not exist" % opts.unixname
+ sys.exit(1)
+
+creds = credopts.get_credentials()
+
+lp = sambaopts.get_loadparm()
+samdb = SamDB(url=lp.get("sam database"), session_info=system_session(),
+ credentials=creds, lp=lp)
+samdb.newuser(username, opts.unixname, password)
diff --git a/source4/setup/newuser.py b/source4/setup/newuser.py
deleted file mode 100755
index 03ae4e5ffb..0000000000
--- a/source4/setup/newuser.py
+++ /dev/null
@@ -1,61 +0,0 @@
-#!/usr/bin/python
-#
-# add a new user to a Samba4 server
-# Copyright Andrew Tridgell 2005
-# Copyright Jelmer Vernooij 2008
-# Released under the GNU GPL v2 or later
-#
-
-import samba.getopt as options
-import optparse
-import pwd
-import sys
-
-from auth import system_session
-from samba.samdb import SamDB
-
-parser = optparse.OptionParser("newuser [options] <username> [<password>]")
-sambaopts = options.SambaOptions(parser)
-parser.add_option_group(sambaopts)
-parser.add_option_group(options.VersionOptions(parser))
-credopts = options.CredentialsOptions(parser)
-parser.add_option_group(credopts)
-parser.add_option("--quiet", help="Be quiet", action="store_true")
-parser.add_option("--unixname", help="Unix Username", type=str)
-
-opts, args = parser.parse_args()
-
-#
-# print a message if quiet is not set
-#
-def message(text):
- if not opts.quiet:
- print text
-
-if len(args) == 0:
- parser.print_usage()
- sys.exit(1)
-
-username = args[0]
-if len(args) > 1:
- password = args[1]
-else:
- random_init(local)
- options.password = randpass(12)
- print "chose random password %s\n" % password
-
-if opts.unixname is None:
- opts.unixname = username
-
-try:
- pwd.getpwnam(opts.unixname)
-except KeyError:
- print "ERROR: Unix user '%s' does not exist" % opts.unixname
- sys.exit(1)
-
-creds = credopts.get_credentials()
-
-lp = sambaopts.get_loadparm()
-samdb = SamDB(url=lp.get("sam database"), session_info=system_session(),
- credentials=creds, lp=lp)
-samdb.newuser(username, opts.unixname, password)
diff --git a/source4/setup/provision.js b/source4/setup/provision.js
deleted file mode 100755
index 328754fd9c..0000000000
--- a/source4/setup/provision.js
+++ /dev/null
@@ -1,198 +0,0 @@
-#!/bin/sh
-exec smbscript "$0" ${1+"$@"}
-/*
- provision a Samba4 server
- Copyright Andrew Tridgell 2005
- Released under the GNU GPL v2 or later
-*/
-
-options = GetOptions(ARGV,
- "POPT_AUTOHELP",
- "POPT_COMMON_SAMBA",
- "POPT_COMMON_VERSION",
- "POPT_COMMON_CREDENTIALS",
- 'realm=s',
- 'domain=s',
- 'domain-guid=s',
- 'domain-sid=s',
- 'policy-guid=s',
- 'host-name=s',
- 'host-ip=s',
- 'host-guid=s',
- 'invocationid=s',
- 'adminpass=s',
- 'krbtgtpass=s',
- 'machinepass=s',
- 'dnspass=s',
- 'root=s',
- 'nobody=s',
- 'nogroup=s',
- 'wheel=s',
- 'users=s',
- 'quiet',
- 'blank',
- 'server-role=s',
- 'partitions-only',
- 'ldap-base',
- 'ldap-backend=s',
- 'ldap-backend-type=s',
- 'aci=s');
-
-if (options == undefined) {
- println("Failed to parse options");
- return -1;
-}
-
-libinclude("base.js");
-libinclude("provision.js");
-
-/*
- print a message if quiet is not set
-*/
-function message()
-{
- if (options["quiet"] == undefined) {
- print(vsprintf(arguments));
- }
-}
-
-/*
- show some help
-*/
-function ShowHelp()
-{
- print("
-Samba4 provisioning
-
-provision [options]
- --realm REALM set realm
- --domain DOMAIN set domain
- --domain-guid GUID set domainguid (otherwise random)
- --domain-sid SID set domainsid (otherwise random)
- --host-name HOSTNAME set hostname
- --host-ip IPADDRESS set ipaddress
- --host-guid GUID set hostguid (otherwise random)
- --policy-guid GUID set group policy guid (otherwise random)
- --invocationid GUID set invocationid (otherwise random)
- --adminpass PASSWORD choose admin password (otherwise random)
- --krbtgtpass PASSWORD choose krbtgt password (otherwise random)
- --machinepass PASSWORD choose machine password (otherwise random)
- --root USERNAME choose 'root' unix username
- --nobody USERNAME choose 'nobody' user
- --nogroup GROUPNAME choose 'nogroup' group
- --wheel GROUPNAME choose 'wheel' privileged group
- --users GROUPNAME choose 'users' group
- --quiet Be quiet
- --blank do not add users or groups, just the structure
- --server-role ROLE Set server role to provision for (default standalone)
- --partitions-only Configure Samba's partitions, but do not modify them (ie, join a BDC)
- --ldap-base output only an LDIF file, suitable for creating an LDAP baseDN
- --ldap-backend LDAPSERVER LDAP server to use for this provision
- --ldap-backend-type TYPE OpenLDAP or Fedora DS
- --aci ACI An arbitary LDIF fragment, particularly useful to loading a backend ACI value into a target LDAP server
-You must provide at least a realm and domain
-
-");
- exit(1);
-}
-
-if (options['host-name'] == undefined) {
- options['host-name'] = hostname();
-}
-
-/*
- main program
-*/
-if (options["realm"] == undefined ||
- options["domain"] == undefined ||
- options["host-name"] == undefined) {
- ShowHelp();
-}
-
-/* cope with an initially blank smb.conf */
-var lp = loadparm_init();
-lp.set("realm", options.realm);
-lp.set("workgroup", options.domain);
-lp.set("server role", options["server-role"]);
-lp.reload();
-
-var subobj = provision_guess();
-for (r in options) {
- var key = strupper(join("", split("-", r)));
- subobj[key] = options[r];
-}
-
-var blank = (options["blank"] != undefined);
-var ldapbackend = (options["ldap-backend"] != undefined);
-var ldapbackendtype = options["ldap-backend-type"];
-var partitions_only = (options["partitions-only"] != undefined);
-var paths = provision_default_paths(subobj);
-if (options["aci"] != undefined) {
- message("set ACI: %s\n", subobj["ACI"]);
-}
-
-message("set DOMAIN SID: %s\n", subobj["DOMAINSID"]);
-
-provision_fix_subobj(subobj, paths);
-
-if (ldapbackend) {
- if (options["ldap-backend"] == "ldapi") {
- subobj.LDAPBACKEND = subobj.LDAPI_URI;
- }
- if (ldapbackendtype == undefined) {
-
- } else if (ldapbackendtype == "openldap") {
- subobj.LDAPMODULE = "normalise,entryuuid";
- subobj.TDB_MODULES_LIST = "";
- } else if (ldapbackendtype == "fedora-ds") {
- subobj.LDAPMODULE = "nsuniqueid";
- }
- subobj.BACKEND_MOD = subobj.LDAPMODULE + ",paged_searches";
- subobj.DOMAINDN_LDB = subobj.LDAPBACKEND;
- subobj.CONFIGDN_LDB = subobj.LDAPBACKEND;
- subobj.SCHEMADN_LDB = subobj.LDAPBACKEND;
- message("LDAP module: %s on backend: %s\n", subobj.LDAPMODULE, subobj.LDAPBACKEND);
-}
-
-if (!provision_validate(subobj, message)) {
- return -1;
-}
-
-var system_session = system_session();
-var creds = options.get_credentials();
-message("Provisioning for %s in realm %s\n", subobj.DOMAIN, subobj.REALM);
-message("Using administrator password: %s\n", subobj.ADMINPASS);
-if (partitions_only) {
- provision_become_dc(subobj, message, false, paths, system_session);
-} else {
- provision(subobj, message, blank, paths, system_session, creds, ldapbackend);
- provision_dns(subobj, message, paths, system_session, creds);
- message("To reproduce this provision, run with:\n");
-/* There has to be a better way than this... */
- message("--realm='%s' --domain='%s' \\\n", subobj.REALM_CONF, subobj.DOMAIN_CONF);
- if (subobj.DOMAINGUID != undefined) {
- message("--domain-guid='%s' \\\n", subobj.DOMAINGUID);
- }
- if (subobj.HOSTGUID != undefined) {
- message("--host-guid='%s' \\\n", subobj.HOSTGUID);
- }
- message("--policy-guid='%s' --host-name='%s' --host-ip='%s' \\\n", subobj.POLICYGUID, subobj.HOSTNAME, subobj.HOSTIP);
- if (subobj.INVOCATIONID != undefined) {
- message("--invocationid='%s' \\\n", subobj.INVOCATIONID);
- }
- message("--adminpass='%s' --krbtgtpass='%s' \\\n", subobj.ADMINPASS, subobj.KRBTGTPASS);
- message("--machinepass='%s' --dnspass='%s' \\\n", subobj.MACHINEPASS, subobj.DNSPASS);
- message("--root='%s' --nobody='%s' --nogroup='%s' \\\n", subobj.ROOT, subobj.NOBODY, subobj.NOGROUP);
- message("--wheel='%s' --users='%s' --server-role='%s' \\\n", subobj.WHEEL, subobj.USERS, subobj.SERVERROLE);
- if (ldapbackend) {
- message("--ldap-backend='%s' \\\n", subobj.LDAPBACKEND);
- }
- if (ldapbackendtype != undefined) {
- message("--ldap-backend-type='%s' \\\n", + ldapbackendtype);
- }
- message("--aci='" + subobj.ACI + "' \\\n")
-}
-
-
-message("All OK\n");
-return 0;