diff options
| -rw-r--r-- | source4/dsdb/samdb/ldb_modules/entryUUID.c | 27 | ||||
| -rw-r--r-- | source4/lib/ldb/tools/ad2oLschema.c | 82 | ||||
| -rw-r--r-- | source4/setup/schema-map-openldap-2.3 | 12 | ||||
| -rw-r--r-- | source4/setup/schema_samba4.ldif | 4 |
4 files changed, 101 insertions, 24 deletions
diff --git a/source4/dsdb/samdb/ldb_modules/entryUUID.c b/source4/dsdb/samdb/ldb_modules/entryUUID.c index 3196069fa8..314e44111a 100644 --- a/source4/dsdb/samdb/ldb_modules/entryUUID.c +++ b/source4/dsdb/samdb/ldb_modules/entryUUID.c @@ -352,6 +352,15 @@ const struct ldb_map_attribute entryUUID_attributes[] = } }, { + .local_name = "objectClasses", + .type = MAP_RENAME, + .u = { + .rename = { + .remote_name = "sambaObjectClasses" + } + } + }, + { .local_name = "sambaPassword", .type = MAP_RENAME, .u = { @@ -446,9 +455,21 @@ const struct ldb_map_attribute entryUUID_attributes[] = } }; +/* This objectClass conflicts with builtin classes on OpenLDAP */ +const struct ldb_map_objectclass entryUUID_objectclasses[] = +{ + { + .local_name = "subSchema", + .remote_name = "samba4SubSchema" + }, + { + .local_name = NULL + } +}; + /* These things do not show up in wildcard searches in OpenLDAP, but * we need them to show up in the AD-like view */ -const char * const wildcard_attributes[] = { +const char * const entryUUID_wildcard_attributes[] = { "objectGUID", "whenCreated", "whenChanged", @@ -471,7 +492,7 @@ const struct ldb_map_attribute nsuniqueid_attributes[] = }, }, }, - /* objectSid */ + /* objectSid */ { .local_name = "objectSid", .type = MAP_CONVERT, @@ -751,7 +772,7 @@ static int entryUUID_init(struct ldb_module *module) struct entryUUID_private *entryUUID_private; struct ldb_dn *schema_dn; - ret = ldb_map_init(module, entryUUID_attributes, NULL, wildcard_attributes, NULL); + ret = ldb_map_init(module, entryUUID_attributes, entryUUID_objectclasses, entryUUID_wildcard_attributes, NULL); if (ret != LDB_SUCCESS) return ret; diff --git a/source4/lib/ldb/tools/ad2oLschema.c b/source4/lib/ldb/tools/ad2oLschema.c index 285820b512..16e3c8941e 100644 --- a/source4/lib/ldb/tools/ad2oLschema.c +++ b/source4/lib/ldb/tools/ad2oLschema.c @@ -246,7 +246,12 @@ static struct schema_conv process_convert(struct ldb_context *ldb, enum convert_ char *old_oid; char *new_oid; } *oid_map = NULL; - int num_maps = 0; + int num_oid_maps = 0; + struct attr_map { + char *old_attr; + char *new_attr; + } *attr_map = NULL; + int num_attr_maps = 0; struct ldb_result *attrs_res, *objectclasses_res; struct ldb_dn *schemadn; struct schema_conv ret; @@ -269,25 +274,36 @@ static struct schema_conv process_convert(struct ldb_context *ldb, enum convert_ if (isdigit(line[0])) { char *p = strchr(line, ':'); IF_NULL_FAIL_RET(p); - if (!p) { - ret.failures = 1; - return ret; - } p[0] = '\0'; p++; - oid_map = talloc_realloc(mem_ctx, oid_map, struct oid_map, num_maps + 2); + oid_map = talloc_realloc(mem_ctx, oid_map, struct oid_map, num_oid_maps + 2); trim_string(line, " ", " "); - oid_map[num_maps].old_oid = talloc_move(oid_map, &line); + oid_map[num_oid_maps].old_oid = talloc_move(oid_map, &line); trim_string(p, " ", " "); - oid_map[num_maps].new_oid = p; - num_maps++; - oid_map[num_maps].old_oid = NULL; + oid_map[num_oid_maps].new_oid = p; + num_oid_maps++; + oid_map[num_oid_maps].old_oid = NULL; } else { - attrs_skip = talloc_realloc(mem_ctx, attrs_skip, const char *, num_skip + 2); - trim_string(line, " ", " "); - attrs_skip[num_skip] = talloc_move(attrs_skip, &line); - num_skip++; - attrs_skip[num_skip] = NULL; + char *p = strchr(line, ':'); + if (p) { + /* remap attribute/objectClass */ + p[0] = '\0'; + p++; + attr_map = talloc_realloc(mem_ctx, attr_map, struct attr_map, num_attr_maps + 2); + trim_string(line, " ", " "); + attr_map[num_attr_maps].old_attr = talloc_move(attr_map, &line); + trim_string(p, " ", " "); + attr_map[num_attr_maps].new_attr = p; + num_attr_maps++; + attr_map[num_attr_maps].old_attr = NULL; + } else { + /* skip attribute/objectClass */ + attrs_skip = talloc_realloc(mem_ctx, attrs_skip, const char *, num_skip + 2); + trim_string(line, " ", " "); + attrs_skip[num_skip] = talloc_move(attrs_skip, &line); + num_skip++; + attrs_skip[num_skip] = NULL; + } } } @@ -327,7 +343,7 @@ static struct schema_conv process_convert(struct ldb_context *ldb, enum convert_ if (!name) { printf("Failed to find lDAPDisplayName for schema DN: %s\n", ldb_dn_get_linearized(msg->dn)); - ret.failures = 1; + ret.failures++; continue; } @@ -359,6 +375,14 @@ static struct schema_conv process_convert(struct ldb_context *ldb, enum convert_ } IF_NULL_FAIL_RET(schema_entry); + /* We might have been asked to remap this name, due to a conflict */ + for (j=0; name && attr_map && attr_map[j].old_attr; j++) { + if (strcmp(name, attr_map[j].old_attr) == 0) { + name = attr_map[j].new_attr; + break; + } + } + schema_entry = talloc_asprintf_append(schema_entry, " NAME '%s'\n", name); IF_NULL_FAIL_RET(schema_entry); @@ -437,6 +461,12 @@ static struct schema_conv process_convert(struct ldb_context *ldb, enum convert_ char *schema_entry = NULL; int j; + if (!name) { + printf("Failed to find lDAPDisplayName for schema DN: %s\n", ldb_dn_get_linearized(msg->dn)); + ret.failures++; + continue; + } + /* We have been asked to skip some attributes/objectClasses */ if (attrs_skip && str_list_check_ci(attrs_skip, name)) { ret.skipped++; @@ -469,6 +499,14 @@ static struct schema_conv process_convert(struct ldb_context *ldb, enum convert_ break; } + /* We might have been asked to remap this name, due to a conflict */ + for (j=0; name && attr_map && attr_map[j].old_attr; j++) { + if (strcmp(name, attr_map[j].old_attr) == 0) { + name = attr_map[j].new_attr; + break; + } + } + schema_entry = talloc_asprintf_append(schema_entry, " NAME '%s'\n", name); IF_NULL_FAIL_RET(schema_entry); @@ -509,9 +547,19 @@ static struct schema_conv process_convert(struct ldb_context *ldb, enum convert_ do { \ int k; \ for (k=0; attributes && k < attributes->num_values; k++) { \ + int attr_idx; \ + const char *attr_name = (const char *)attributes->values[k].data; \ + /* We might have been asked to remap this name, due to a conflict */ \ + for (attr_idx=0; attr_name && attr_map && attr_map[attr_idx].old_attr; attr_idx++) { \ + if (strcmp(attr_name, attr_map[attr_idx].old_attr) == 0) { \ + attr_name = attr_map[attr_idx].new_attr; \ + break; \ + } \ + } \ + \ schema_entry = talloc_asprintf_append(schema_entry, \ " %s", \ - (const char *)attributes->values[k].data); \ + attr_name); \ IF_NULL_FAIL_RET(schema_entry); \ if (k != (attributes->num_values - 1)) { \ schema_entry = talloc_asprintf_append(schema_entry, \ diff --git a/source4/setup/schema-map-openldap-2.3 b/source4/setup/schema-map-openldap-2.3 index bedf402a9f..9268b1c969 100644 --- a/source4/setup/schema-map-openldap-2.3 +++ b/source4/setup/schema-map-openldap-2.3 @@ -1,7 +1,6 @@ #Standard OpenLDAP attributes name labeledURI -objectClasses createTimeStamp attributeTypes objectClass @@ -10,7 +9,6 @@ seeAlso uid subSchemaSubEntry structuralObjectClass -modifyTimeStamp distinguishedName description cn @@ -18,8 +16,14 @@ dITContentRules top #This shouldn't make it to the ldap server sambaPassword -#Skip ObjectClasses -subSchema +#These conflict with OpenLDAP builtins +objectClasses:samba4ObjectClasses +2.5.21.6:1.3.6.1.4.1.7165.4.255.5 +subSchema:samba4SubSchema +2.5.20.1:1.3.6.1.4.1.7165.4.255.4 +#Remap these so that we don't put operational attributes in a schema MAY +modifyTimeStamp:samba4ModifyTimestamp +2.5.18.2:1.3.6.1.4.1.7165.4.255.3 #MiddleName has a conflicting OID 2.16.840.1.113730.3.1.34:1.3.6.1.4.1.7165.4.255.1 #defaultGroup has a conflicting OID diff --git a/source4/setup/schema_samba4.ldif b/source4/setup/schema_samba4.ldif index 150586976f..c0a50bd508 100644 --- a/source4/setup/schema_samba4.ldif +++ b/source4/setup/schema_samba4.ldif @@ -165,3 +165,7 @@ oMSyntax: 20 #Allocated: (middleName) attributeID: 1.3.6.1.4.1.7165.4.255.1 #Allocated: (defaultGroup) attributeID: 1.3.6.1.4.1.7165.4.255.2 + +#Allocated: (modifyTimestamp) samba4ModifyTimestamp: 1.3.6.1.4.1.7165.4.255.3 +#Allocated: (subSchema) samba4SubSchema: 1.3.6.1.4.1.7165.4.255.4 +#Allocated: (objectClasses) samba4ObjectClasses: 1.3.6.1.4.1.7165.4.255.5 |