diff options
-rw-r--r-- | source4/lib/ldb/ldb.i | 25 | ||||
-rw-r--r-- | source4/lib/ldb/ldb_wrap.c | 65 | ||||
-rwxr-xr-x | source4/setup/newuser | 141 | ||||
-rwxr-xr-x | source4/setup/newuser.py | 61 | ||||
-rwxr-xr-x | source4/setup/provision.js | 198 |
5 files changed, 116 insertions, 374 deletions
diff --git a/source4/lib/ldb/ldb.i b/source4/lib/ldb/ldb.i index b0723a8ecd..e01a1107d2 100644 --- a/source4/lib/ldb/ldb.i +++ b/source4/lib/ldb/ldb.i @@ -469,6 +469,8 @@ typedef struct ldb_ldif ldb_ldif; #ifdef SWIGPYTHON %{ +static void py_ldb_debug(void *context, enum ldb_debug_level level, const char *fmt, va_list ap) PRINTF_ATTRIBUTE(3, 0); + static void py_ldb_debug(void *context, enum ldb_debug_level level, const char *fmt, va_list ap) { char *text; @@ -564,22 +566,29 @@ PyObject *PyExc_LdbError; }; %typemap(in,numinputs=1) ldb_msg *add_msg { - int dict_pos, msg_pos; - PyObject *key, *value; + Py_ssize_t dict_pos, msg_pos; ldb_msg_element *msgel; + PyObject *key, *value; if (PyDict_Check($input)) { + PyObject *dn_value = PyDict_GetItemString($input, "dn"); $1 = ldb_msg_new(NULL); $1->elements = talloc_zero_array($1, struct ldb_message_element, PyDict_Size($input)); msg_pos = dict_pos = 0; - while (PyDict_Next($input, &dict_pos, &key, &value)) { - if (strcmp(PyString_AsString(key), "dn") == 0) { - /* using argp0 (magic SWIG value) here is a hack */ - if (ldb_dn_from_pyobject($1, value, argp1, &$1->dn) != 0) { + if (dn_value) { + /* using argp1 (magic SWIG value) here is a hack */ + if (ldb_dn_from_pyobject($1, dn_value, argp1, &$1->dn) != 0) { SWIG_exception(SWIG_TypeError, "unable to import dn object"); } - } else { - msgel = ldb_msg_element_from_pyobject($1->elements, value, 0, PyString_AsString(key)); + if ($1->dn == NULL) { + SWIG_exception(SWIG_TypeError, "dn set but not found"); + } + } + + while (PyDict_Next($input, &dict_pos, &key, &value)) { + char *key_str = PyString_AsString(key); + if (strcmp(key_str, "dn") != 0) { + msgel = ldb_msg_element_from_pyobject($1->elements, value, 0, key_str); if (msgel == NULL) { SWIG_exception(SWIG_TypeError, "unable to import element"); } diff --git a/source4/lib/ldb/ldb_wrap.c b/source4/lib/ldb/ldb_wrap.c index cf05048b02..082c6d9cad 100644 --- a/source4/lib/ldb/ldb_wrap.c +++ b/source4/lib/ldb/ldb_wrap.c @@ -2471,7 +2471,7 @@ SWIG_Python_MustGetPtr(PyObject *obj, swig_type_info *ty, int argnum, int flags) #define SWIGTYPE_p_ldb_module_ops swig_types[9] #define SWIGTYPE_p_ldb_result swig_types[10] #define SWIGTYPE_p_ldb_val swig_types[11] -#define SWIGTYPE_p_long_long swig_types[12] +#define SWIGTYPE_p_long swig_types[12] #define SWIGTYPE_p_p_char swig_types[13] #define SWIGTYPE_p_p_ldb_control swig_types[14] #define SWIGTYPE_p_p_ldb_result swig_types[15] @@ -2480,11 +2480,10 @@ SWIG_Python_MustGetPtr(PyObject *obj, swig_type_info *ty, int argnum, int flags) #define SWIGTYPE_p_unsigned_char swig_types[18] #define SWIGTYPE_p_unsigned_int swig_types[19] #define SWIGTYPE_p_unsigned_long swig_types[20] -#define SWIGTYPE_p_unsigned_long_long swig_types[21] -#define SWIGTYPE_p_unsigned_short swig_types[22] -#define SWIGTYPE_p_void swig_types[23] -static swig_type_info *swig_types[25]; -static swig_module_info swig_module = {swig_types, 24, 0, 0, 0, 0}; +#define SWIGTYPE_p_unsigned_short swig_types[21] +#define SWIGTYPE_p_void swig_types[22] +static swig_type_info *swig_types[24]; +static swig_module_info swig_module = {swig_types, 23, 0, 0, 0, 0}; #define SWIG_TypeQuery(name) SWIG_TypeQueryModule(&swig_module, &swig_module, name) #define SWIG_MangledTypeQuery(name) SWIG_MangledTypeQueryModule(&swig_module, &swig_module, name) @@ -2713,12 +2712,19 @@ int ldb_dn_from_pyobject(TALLOC_CTX *mem_ctx, PyObject *object, int ret; struct ldb_dn *odn; if (ldb_ctx != NULL && PyString_Check(object)) { - *dn = ldb_dn_new(mem_ctx, ldb_ctx, PyString_AsString(object)); + odn = ldb_dn_new(mem_ctx, ldb_ctx, PyString_AsString(object)); + if (!odn) { + return SWIG_ERROR; + } + *dn = odn; return 0; } ret = SWIG_ConvertPtr(object, (void **)&odn, SWIGTYPE_p_ldb_dn, SWIG_POINTER_EXCEPTION); *dn = ldb_dn_copy(mem_ctx, odn); + if (odn && !*dn) { + return SWIG_ERROR; + } return ret; } @@ -2992,6 +2998,8 @@ SWIGINTERN PyObject *ldb_msg___iter__(ldb_msg *self){ return PyObject_GetIter(ldb_msg_list_elements(self)); } +static void py_ldb_debug(void *context, enum ldb_debug_level level, const char *fmt, va_list ap) PRINTF_ATTRIBUTE(3, 0); + static void py_ldb_debug(void *context, enum ldb_debug_level level, const char *fmt, va_list ap) { char *text; @@ -4708,22 +4716,29 @@ SWIGINTERN PyObject *_wrap_Ldb_add(PyObject *SWIGUNUSEDPARM(self), PyObject *arg } arg1 = (ldb *)(argp1); { - int dict_pos, msg_pos; - PyObject *key, *value; + Py_ssize_t dict_pos, msg_pos; ldb_msg_element *msgel; + PyObject *key, *value; if (PyDict_Check(obj1)) { + PyObject *dn_value = PyDict_GetItemString(obj1, "dn"); arg2 = ldb_msg_new(NULL); arg2->elements = talloc_zero_array(arg2, struct ldb_message_element, PyDict_Size(obj1)); msg_pos = dict_pos = 0; + if (dn_value) { + /* using argp1 (magic SWIG value) here is a hack */ + if (ldb_dn_from_pyobject(arg2, dn_value, argp1, &arg2->dn) != 0) { + SWIG_exception(SWIG_TypeError, "unable to import dn object"); + } + if (arg2->dn == NULL) { + SWIG_exception(SWIG_TypeError, "dn set but not found"); + } + } + while (PyDict_Next(obj1, &dict_pos, &key, &value)) { - if (!strcmp(PyString_AsString(key), "dn")) { - /* using argp0 (magic SWIG value) here is a hack */ - if (ldb_dn_from_pyobject(arg2, value, argp1, &arg2->dn) != 0) { - SWIG_exception(SWIG_TypeError, "unable to import dn object"); - } - } else { - msgel = ldb_msg_element_from_pyobject(arg2->elements, value, 0, PyString_AsString(key)); + char *key_str = PyString_AsString(key); + if (strcmp(key_str, "dn") != 0) { + msgel = ldb_msg_element_from_pyobject(arg2->elements, value, 0, key_str); if (msgel == NULL) { SWIG_exception(SWIG_TypeError, "unable to import element"); } @@ -5696,7 +5711,7 @@ static PyMethodDef SwigMethods[] = { static swig_type_info _swigt__p_TALLOC_CTX = {"_p_TALLOC_CTX", "TALLOC_CTX *", 0, 0, (void*)0, 0}; static swig_type_info _swigt__p_char = {"_p_char", "char *", 0, 0, (void*)0, 0}; static swig_type_info _swigt__p_f_p_void_enum_ldb_debug_level_p_q_const__char_va_list__void = {"_p_f_p_void_enum_ldb_debug_level_p_q_const__char_va_list__void", "void (*)(void *,enum ldb_debug_level,char const *,va_list)", 0, 0, (void*)0, 0}; -static swig_type_info _swigt__p_int = {"_p_int", "intptr_t *|int *|int_least32_t *|int_fast32_t *|int32_t *|int_fast16_t *", 0, 0, (void*)0, 0}; +static swig_type_info _swigt__p_int = {"_p_int", "int *|int_least32_t *|int32_t *", 0, 0, (void*)0, 0}; static swig_type_info _swigt__p_ldb_context = {"_p_ldb_context", "struct ldb_context *|ldb *", 0, 0, (void*)0, 0}; static swig_type_info _swigt__p_ldb_dn = {"_p_ldb_dn", "struct ldb_dn *|ldb_dn *", 0, 0, (void*)0, 0}; static swig_type_info _swigt__p_ldb_ldif = {"_p_ldb_ldif", "struct ldb_ldif *|ldb_ldif *", 0, 0, (void*)0, 0}; @@ -5705,16 +5720,15 @@ static swig_type_info _swigt__p_ldb_message_element = {"_p_ldb_message_element", static swig_type_info _swigt__p_ldb_module_ops = {"_p_ldb_module_ops", "struct ldb_module_ops *", 0, 0, (void*)0, 0}; static swig_type_info _swigt__p_ldb_result = {"_p_ldb_result", "struct ldb_result *", 0, 0, (void*)0, 0}; static swig_type_info _swigt__p_ldb_val = {"_p_ldb_val", "struct ldb_val *", 0, 0, (void*)0, 0}; -static swig_type_info _swigt__p_long_long = {"_p_long_long", "int_least64_t *|int_fast64_t *|int64_t *|long long *|intmax_t *", 0, 0, (void*)0, 0}; +static swig_type_info _swigt__p_long = {"_p_long", "intptr_t *|int_least64_t *|int_fast32_t *|int_fast64_t *|int64_t *|long *|int_fast16_t *|intmax_t *", 0, 0, (void*)0, 0}; static swig_type_info _swigt__p_p_char = {"_p_p_char", "char **", 0, 0, (void*)0, 0}; static swig_type_info _swigt__p_p_ldb_control = {"_p_p_ldb_control", "struct ldb_control **", 0, 0, (void*)0, 0}; static swig_type_info _swigt__p_p_ldb_result = {"_p_p_ldb_result", "struct ldb_result **", 0, 0, (void*)0, 0}; static swig_type_info _swigt__p_short = {"_p_short", "short *|int_least16_t *|int16_t *", 0, 0, (void*)0, 0}; static swig_type_info _swigt__p_signed_char = {"_p_signed_char", "signed char *|int_least8_t *|int_fast8_t *|int8_t *", 0, 0, (void*)0, 0}; static swig_type_info _swigt__p_unsigned_char = {"_p_unsigned_char", "unsigned char *|uint_least8_t *|uint_fast8_t *|uint8_t *", 0, 0, (void*)0, 0}; -static swig_type_info _swigt__p_unsigned_int = {"_p_unsigned_int", "uintptr_t *|uint_least32_t *|uint_fast32_t *|uint32_t *|unsigned int *|uint_fast16_t *", 0, 0, (void*)0, 0}; -static swig_type_info _swigt__p_unsigned_long = {"_p_unsigned_long", "unsigned long *|time_t *", 0, 0, (void*)0, 0}; -static swig_type_info _swigt__p_unsigned_long_long = {"_p_unsigned_long_long", "uint_least64_t *|uint_fast64_t *|uint64_t *|unsigned long long *|uintmax_t *", 0, 0, (void*)0, 0}; +static swig_type_info _swigt__p_unsigned_int = {"_p_unsigned_int", "uint_least32_t *|uint32_t *|unsigned int *", 0, 0, (void*)0, 0}; +static swig_type_info _swigt__p_unsigned_long = {"_p_unsigned_long", "uintptr_t *|uint_least64_t *|uint_fast32_t *|uint_fast64_t *|uint64_t *|unsigned long *|time_t *|uint_fast16_t *|uintmax_t *", 0, 0, (void*)0, 0}; static swig_type_info _swigt__p_unsigned_short = {"_p_unsigned_short", "unsigned short *|uint_least16_t *|uint16_t *", 0, 0, (void*)0, 0}; static swig_type_info _swigt__p_void = {"_p_void", "void *", 0, 0, (void*)0, 0}; @@ -5731,7 +5745,7 @@ static swig_type_info *swig_type_initial[] = { &_swigt__p_ldb_module_ops, &_swigt__p_ldb_result, &_swigt__p_ldb_val, - &_swigt__p_long_long, + &_swigt__p_long, &_swigt__p_p_char, &_swigt__p_p_ldb_control, &_swigt__p_p_ldb_result, @@ -5740,7 +5754,6 @@ static swig_type_info *swig_type_initial[] = { &_swigt__p_unsigned_char, &_swigt__p_unsigned_int, &_swigt__p_unsigned_long, - &_swigt__p_unsigned_long_long, &_swigt__p_unsigned_short, &_swigt__p_void, }; @@ -5757,7 +5770,7 @@ static swig_cast_info _swigc__p_ldb_message_element[] = { {&_swigt__p_ldb_messa static swig_cast_info _swigc__p_ldb_module_ops[] = { {&_swigt__p_ldb_module_ops, 0, 0, 0},{0, 0, 0, 0}}; static swig_cast_info _swigc__p_ldb_result[] = { {&_swigt__p_ldb_result, 0, 0, 0},{0, 0, 0, 0}}; static swig_cast_info _swigc__p_ldb_val[] = { {&_swigt__p_ldb_val, 0, 0, 0},{0, 0, 0, 0}}; -static swig_cast_info _swigc__p_long_long[] = { {&_swigt__p_long_long, 0, 0, 0},{0, 0, 0, 0}}; +static swig_cast_info _swigc__p_long[] = { {&_swigt__p_long, 0, 0, 0},{0, 0, 0, 0}}; static swig_cast_info _swigc__p_p_char[] = { {&_swigt__p_p_char, 0, 0, 0},{0, 0, 0, 0}}; static swig_cast_info _swigc__p_p_ldb_control[] = { {&_swigt__p_p_ldb_control, 0, 0, 0},{0, 0, 0, 0}}; static swig_cast_info _swigc__p_p_ldb_result[] = { {&_swigt__p_p_ldb_result, 0, 0, 0},{0, 0, 0, 0}}; @@ -5766,7 +5779,6 @@ static swig_cast_info _swigc__p_signed_char[] = { {&_swigt__p_signed_char, 0, 0 static swig_cast_info _swigc__p_unsigned_char[] = { {&_swigt__p_unsigned_char, 0, 0, 0},{0, 0, 0, 0}}; static swig_cast_info _swigc__p_unsigned_int[] = { {&_swigt__p_unsigned_int, 0, 0, 0},{0, 0, 0, 0}}; static swig_cast_info _swigc__p_unsigned_long[] = { {&_swigt__p_unsigned_long, 0, 0, 0},{0, 0, 0, 0}}; -static swig_cast_info _swigc__p_unsigned_long_long[] = { {&_swigt__p_unsigned_long_long, 0, 0, 0},{0, 0, 0, 0}}; static swig_cast_info _swigc__p_unsigned_short[] = { {&_swigt__p_unsigned_short, 0, 0, 0},{0, 0, 0, 0}}; static swig_cast_info _swigc__p_void[] = { {&_swigt__p_void, 0, 0, 0},{0, 0, 0, 0}}; @@ -5783,7 +5795,7 @@ static swig_cast_info *swig_cast_initial[] = { _swigc__p_ldb_module_ops, _swigc__p_ldb_result, _swigc__p_ldb_val, - _swigc__p_long_long, + _swigc__p_long, _swigc__p_p_char, _swigc__p_p_ldb_control, _swigc__p_p_ldb_result, @@ -5792,7 +5804,6 @@ static swig_cast_info *swig_cast_initial[] = { _swigc__p_unsigned_char, _swigc__p_unsigned_int, _swigc__p_unsigned_long, - _swigc__p_unsigned_long_long, _swigc__p_unsigned_short, _swigc__p_void, }; diff --git a/source4/setup/newuser b/source4/setup/newuser index 7c80e9e8de..03ae4e5ffb 100755 --- a/source4/setup/newuser +++ b/source4/setup/newuser @@ -1,80 +1,61 @@ -#!/bin/sh -exec smbscript "$0" ${1+"$@"} -/* - add a new user to a Samba4 server - Copyright Andrew Tridgell 2005 - Released under the GNU GPL v2 or later -*/ - -options = GetOptions(ARGV, - "POPT_AUTOHELP", - 'username=s', - 'unixname=s', - 'password=s', - "POPT_COMMON_SAMBA", - "POPT_COMMON_VERSION", - "POPT_COMMON_CREDENTIALS", - 'quiet'); - -if (options == undefined) { - println("Failed to parse options"); - return -1; -} - -libinclude("base.js"); -libinclude("provision.js"); - -/* - print a message if quiet is not set -*/ -function message() -{ - if (options["quiet"] == undefined) { - print(vsprintf(arguments)); - } -} - -/* - show some help -*/ -function ShowHelp() -{ - print(" -Samba4 newuser - -newuser [options] - --username USERNAME choose new username - --unixname USERNAME choose unix name of new user - --password PASSWORD set password - -You must provide at least a username -"); - exit(1); -} - -if (options['username'] == undefined) { - ShowHelp(); -} - -if (options['password'] == undefined) { - random_init(local); - options.password = randpass(12); - printf("chose random password %s\n", options.password); -} -if (options['unixname'] == undefined) { - options.unixname = options.username; -} - -var nss = nss_init(); -if (nss.getpwnam(options.unixname) == undefined) { - printf("ERROR: Unix user '%s' does not exist\n", options.unixname); - exit(1); -} - -var creds = options.get_credentials(); -var system_session = system_session(); - - -newuser(options.username, options.unixname, options.password, message, system_session, creds); - -return 0; +#!/usr/bin/python +# +# add a new user to a Samba4 server +# Copyright Andrew Tridgell 2005 +# Copyright Jelmer Vernooij 2008 +# Released under the GNU GPL v2 or later +# + +import samba.getopt as options +import optparse +import pwd +import sys + +from auth import system_session +from samba.samdb import SamDB + +parser = optparse.OptionParser("newuser [options] <username> [<password>]") +sambaopts = options.SambaOptions(parser) +parser.add_option_group(sambaopts) +parser.add_option_group(options.VersionOptions(parser)) +credopts = options.CredentialsOptions(parser) +parser.add_option_group(credopts) +parser.add_option("--quiet", help="Be quiet", action="store_true") +parser.add_option("--unixname", help="Unix Username", type=str) + +opts, args = parser.parse_args() + +# +# print a message if quiet is not set +# +def message(text): + if not opts.quiet: + print text + +if len(args) == 0: + parser.print_usage() + sys.exit(1) + +username = args[0] +if len(args) > 1: + password = args[1] +else: + random_init(local) + options.password = randpass(12) + print "chose random password %s\n" % password + +if opts.unixname is None: + opts.unixname = username + +try: + pwd.getpwnam(opts.unixname) +except KeyError: + print "ERROR: Unix user '%s' does not exist" % opts.unixname + sys.exit(1) + +creds = credopts.get_credentials() + +lp = sambaopts.get_loadparm() +samdb = SamDB(url=lp.get("sam database"), session_info=system_session(), + credentials=creds, lp=lp) +samdb.newuser(username, opts.unixname, password) diff --git a/source4/setup/newuser.py b/source4/setup/newuser.py deleted file mode 100755 index 03ae4e5ffb..0000000000 --- a/source4/setup/newuser.py +++ /dev/null @@ -1,61 +0,0 @@ -#!/usr/bin/python -# -# add a new user to a Samba4 server -# Copyright Andrew Tridgell 2005 -# Copyright Jelmer Vernooij 2008 -# Released under the GNU GPL v2 or later -# - -import samba.getopt as options -import optparse -import pwd -import sys - -from auth import system_session -from samba.samdb import SamDB - -parser = optparse.OptionParser("newuser [options] <username> [<password>]") -sambaopts = options.SambaOptions(parser) -parser.add_option_group(sambaopts) -parser.add_option_group(options.VersionOptions(parser)) -credopts = options.CredentialsOptions(parser) -parser.add_option_group(credopts) -parser.add_option("--quiet", help="Be quiet", action="store_true") -parser.add_option("--unixname", help="Unix Username", type=str) - -opts, args = parser.parse_args() - -# -# print a message if quiet is not set -# -def message(text): - if not opts.quiet: - print text - -if len(args) == 0: - parser.print_usage() - sys.exit(1) - -username = args[0] -if len(args) > 1: - password = args[1] -else: - random_init(local) - options.password = randpass(12) - print "chose random password %s\n" % password - -if opts.unixname is None: - opts.unixname = username - -try: - pwd.getpwnam(opts.unixname) -except KeyError: - print "ERROR: Unix user '%s' does not exist" % opts.unixname - sys.exit(1) - -creds = credopts.get_credentials() - -lp = sambaopts.get_loadparm() -samdb = SamDB(url=lp.get("sam database"), session_info=system_session(), - credentials=creds, lp=lp) -samdb.newuser(username, opts.unixname, password) diff --git a/source4/setup/provision.js b/source4/setup/provision.js deleted file mode 100755 index 328754fd9c..0000000000 --- a/source4/setup/provision.js +++ /dev/null @@ -1,198 +0,0 @@ -#!/bin/sh -exec smbscript "$0" ${1+"$@"} -/* - provision a Samba4 server - Copyright Andrew Tridgell 2005 - Released under the GNU GPL v2 or later -*/ - -options = GetOptions(ARGV, - "POPT_AUTOHELP", - "POPT_COMMON_SAMBA", - "POPT_COMMON_VERSION", - "POPT_COMMON_CREDENTIALS", - 'realm=s', - 'domain=s', - 'domain-guid=s', - 'domain-sid=s', - 'policy-guid=s', - 'host-name=s', - 'host-ip=s', - 'host-guid=s', - 'invocationid=s', - 'adminpass=s', - 'krbtgtpass=s', - 'machinepass=s', - 'dnspass=s', - 'root=s', - 'nobody=s', - 'nogroup=s', - 'wheel=s', - 'users=s', - 'quiet', - 'blank', - 'server-role=s', - 'partitions-only', - 'ldap-base', - 'ldap-backend=s', - 'ldap-backend-type=s', - 'aci=s'); - -if (options == undefined) { - println("Failed to parse options"); - return -1; -} - -libinclude("base.js"); -libinclude("provision.js"); - -/* - print a message if quiet is not set -*/ -function message() -{ - if (options["quiet"] == undefined) { - print(vsprintf(arguments)); - } -} - -/* - show some help -*/ -function ShowHelp() -{ - print(" -Samba4 provisioning - -provision [options] - --realm REALM set realm - --domain DOMAIN set domain - --domain-guid GUID set domainguid (otherwise random) - --domain-sid SID set domainsid (otherwise random) - --host-name HOSTNAME set hostname - --host-ip IPADDRESS set ipaddress - --host-guid GUID set hostguid (otherwise random) - --policy-guid GUID set group policy guid (otherwise random) - --invocationid GUID set invocationid (otherwise random) - --adminpass PASSWORD choose admin password (otherwise random) - --krbtgtpass PASSWORD choose krbtgt password (otherwise random) - --machinepass PASSWORD choose machine password (otherwise random) - --root USERNAME choose 'root' unix username - --nobody USERNAME choose 'nobody' user - --nogroup GROUPNAME choose 'nogroup' group - --wheel GROUPNAME choose 'wheel' privileged group - --users GROUPNAME choose 'users' group - --quiet Be quiet - --blank do not add users or groups, just the structure - --server-role ROLE Set server role to provision for (default standalone) - --partitions-only Configure Samba's partitions, but do not modify them (ie, join a BDC) - --ldap-base output only an LDIF file, suitable for creating an LDAP baseDN - --ldap-backend LDAPSERVER LDAP server to use for this provision - --ldap-backend-type TYPE OpenLDAP or Fedora DS - --aci ACI An arbitary LDIF fragment, particularly useful to loading a backend ACI value into a target LDAP server -You must provide at least a realm and domain - -"); - exit(1); -} - -if (options['host-name'] == undefined) { - options['host-name'] = hostname(); -} - -/* - main program -*/ -if (options["realm"] == undefined || - options["domain"] == undefined || - options["host-name"] == undefined) { - ShowHelp(); -} - -/* cope with an initially blank smb.conf */ -var lp = loadparm_init(); -lp.set("realm", options.realm); -lp.set("workgroup", options.domain); -lp.set("server role", options["server-role"]); -lp.reload(); - -var subobj = provision_guess(); -for (r in options) { - var key = strupper(join("", split("-", r))); - subobj[key] = options[r]; -} - -var blank = (options["blank"] != undefined); -var ldapbackend = (options["ldap-backend"] != undefined); -var ldapbackendtype = options["ldap-backend-type"]; -var partitions_only = (options["partitions-only"] != undefined); -var paths = provision_default_paths(subobj); -if (options["aci"] != undefined) { - message("set ACI: %s\n", subobj["ACI"]); -} - -message("set DOMAIN SID: %s\n", subobj["DOMAINSID"]); - -provision_fix_subobj(subobj, paths); - -if (ldapbackend) { - if (options["ldap-backend"] == "ldapi") { - subobj.LDAPBACKEND = subobj.LDAPI_URI; - } - if (ldapbackendtype == undefined) { - - } else if (ldapbackendtype == "openldap") { - subobj.LDAPMODULE = "normalise,entryuuid"; - subobj.TDB_MODULES_LIST = ""; - } else if (ldapbackendtype == "fedora-ds") { - subobj.LDAPMODULE = "nsuniqueid"; - } - subobj.BACKEND_MOD = subobj.LDAPMODULE + ",paged_searches"; - subobj.DOMAINDN_LDB = subobj.LDAPBACKEND; - subobj.CONFIGDN_LDB = subobj.LDAPBACKEND; - subobj.SCHEMADN_LDB = subobj.LDAPBACKEND; - message("LDAP module: %s on backend: %s\n", subobj.LDAPMODULE, subobj.LDAPBACKEND); -} - -if (!provision_validate(subobj, message)) { - return -1; -} - -var system_session = system_session(); -var creds = options.get_credentials(); -message("Provisioning for %s in realm %s\n", subobj.DOMAIN, subobj.REALM); -message("Using administrator password: %s\n", subobj.ADMINPASS); -if (partitions_only) { - provision_become_dc(subobj, message, false, paths, system_session); -} else { - provision(subobj, message, blank, paths, system_session, creds, ldapbackend); - provision_dns(subobj, message, paths, system_session, creds); - message("To reproduce this provision, run with:\n"); -/* There has to be a better way than this... */ - message("--realm='%s' --domain='%s' \\\n", subobj.REALM_CONF, subobj.DOMAIN_CONF); - if (subobj.DOMAINGUID != undefined) { - message("--domain-guid='%s' \\\n", subobj.DOMAINGUID); - } - if (subobj.HOSTGUID != undefined) { - message("--host-guid='%s' \\\n", subobj.HOSTGUID); - } - message("--policy-guid='%s' --host-name='%s' --host-ip='%s' \\\n", subobj.POLICYGUID, subobj.HOSTNAME, subobj.HOSTIP); - if (subobj.INVOCATIONID != undefined) { - message("--invocationid='%s' \\\n", subobj.INVOCATIONID); - } - message("--adminpass='%s' --krbtgtpass='%s' \\\n", subobj.ADMINPASS, subobj.KRBTGTPASS); - message("--machinepass='%s' --dnspass='%s' \\\n", subobj.MACHINEPASS, subobj.DNSPASS); - message("--root='%s' --nobody='%s' --nogroup='%s' \\\n", subobj.ROOT, subobj.NOBODY, subobj.NOGROUP); - message("--wheel='%s' --users='%s' --server-role='%s' \\\n", subobj.WHEEL, subobj.USERS, subobj.SERVERROLE); - if (ldapbackend) { - message("--ldap-backend='%s' \\\n", subobj.LDAPBACKEND); - } - if (ldapbackendtype != undefined) { - message("--ldap-backend-type='%s' \\\n", + ldapbackendtype); - } - message("--aci='" + subobj.ACI + "' \\\n") -} - - -message("All OK\n"); -return 0; |