summaryrefslogtreecommitdiff
path: root/source4/scripting/libjs/provision.js
diff options
context:
space:
mode:
Diffstat (limited to 'source4/scripting/libjs/provision.js')
-rw-r--r--source4/scripting/libjs/provision.js53
1 files changed, 44 insertions, 9 deletions
diff --git a/source4/scripting/libjs/provision.js b/source4/scripting/libjs/provision.js
index fd6de2695f..870e33f84a 100644
--- a/source4/scripting/libjs/provision.js
+++ b/source4/scripting/libjs/provision.js
@@ -162,7 +162,6 @@ function ldb_erase(info, ldb)
/* delete the specials */
ldb.del("@INDEXLIST");
ldb.del("@ATTRIBUTES");
- ldb.del("@SUBCLASSES");
ldb.del("@MODULES");
ldb.del("@PARTITION");
ldb.del("@KLUDGEACL");
@@ -356,6 +355,11 @@ function setup_file(template, message, fname, subobj)
var f = fname;
var src = lp.get("setup directory") + "/" + template;
+ if (! sys.stat(src)) {
+ message("Template file not found: %s\n",src);
+ assert(0);
+ }
+
sys.unlink(f);
var data = sys.file_load(src);
@@ -490,6 +494,17 @@ function provision_fix_subobj(subobj, paths)
subobj.NETLOGONPATH = paths.netlogon;
subobj.SYSVOLPATH = paths.sysvol;
+ if (subobj.DOMAIN_CONF == undefined) {
+ subobj.DOMAIN_CONF = subobj.DOMAIN;
+ }
+ if (subobj.REALM_CONF == undefined) {
+ subobj.REALM_CONF = subobj.REALM;
+ }
+ if (subobj.SERVERROLE != "domain controller") {
+ subobj.REALM = subobj.HOSTNAME;
+ subobj.DOMAIN = subobj.HOSTNAME;
+ }
+
return true;
}
@@ -537,6 +552,8 @@ function provision_become_dc(subobj, message, erase, paths, session_info)
setup_ldb("secrets.ldif", info, paths.secrets, false);
+ setup_ldb("secrets_dc.ldif", info, paths.secrets, false);
+
return true;
}
@@ -572,8 +589,16 @@ function provision(subobj, message, blank, paths, session_info, credentials, lda
/* only install a new smb.conf if there isn't one there already */
var st = sys.stat(paths.smbconf);
if (st == undefined) {
+ var smbconfsuffix;
+ if (subobj.SERVERROLE == "domain controller") {
+ smbconfsuffix = "dc";
+ } else if (subobj.SERVERROLE == "member server") {
+ smbconfsuffix = "member";
+ } else {
+ smbconfsuffix = subobj.SERVERROLE;
+ }
message("Setting up " + paths.smbconf +"\n");
- setup_file("provision.smb.conf", info.message, paths.smbconf, subobj);
+ setup_file("provision.smb.conf." + smbconfsuffix, info.message, paths.smbconf, subobj);
lp.reload();
}
/* only install a new shares config db if there is none */
@@ -725,7 +750,7 @@ function provision(subobj, message, blank, paths, session_info, credentials, lda
message("Setting up sam.ldb users and groups\n");
setup_add_ldif("provision_users.ldif", info, samdb, false);
- if (lp.get("server role") == "domain controller") {
+ if (subobj.SERVERROLE == "domain controller") {
message("Setting up self join\n");
setup_add_ldif("provision_self_join.ldif", info, samdb, false);
setup_add_ldif("provision_group_policy.ldif", info, samdb, false);
@@ -738,6 +763,9 @@ function provision(subobj, message, blank, paths, session_info, credentials, lda
sys.mkdir(paths.sysvol + "/"+ subobj.DNSDOMAIN + "/Policies/{" + subobj.POLICYGUID + "}/User", 0755);
sys.mkdir(paths.netlogon, 0755);
+
+ setup_ldb("secrets_dc.ldif", info, paths.secrets, false);
+
}
if (setup_name_mappings(info, samdb) == false) {
@@ -810,8 +838,8 @@ function provision_schema(subobj, message, tmp_schema_path, paths)
function provision_dns(subobj, message, paths, session_info, credentials)
{
var lp = loadparm_init();
- if (lp.get("server role") != "domain controller") {
- message("No DNS zone required for role %s\n", lp.get("server role"));
+ if (subobj.SERVERROLE != "domain controller") {
+ message("No DNS zone required for role %s\n", subobj.SERVERROLE);
return;
}
message("Setting up DNS zone: " + subobj.DNSDOMAIN + " \n");
@@ -887,6 +915,7 @@ function provision_guess()
var rdn_list;
random_init(local);
+ subobj.SERVERROLE = strlower(lp.get("server role"));
subobj.REALM = strupper(lp.get("realm"));
subobj.DOMAIN = lp.get("workgroup");
subobj.HOSTNAME = hostname();
@@ -1101,15 +1130,21 @@ function provision_validate(subobj, message)
}
- if (strupper(lp.get("workgroup")) != strupper(subobj.DOMAIN)) {
+ if (strupper(lp.get("workgroup")) != strupper(subobj.DOMAIN_CONF)) {
message("workgroup '%s' in smb.conf must match chosen domain '%s'\n",
- lp.get("workgroup"), subobj.DOMAIN);
+ lp.get("workgroup"), subobj.DOMAIN_CONF);
return false;
}
- if (strupper(lp.get("realm")) != strupper(subobj.REALM)) {
+ if (strupper(lp.get("realm")) != strupper(subobj.REALM_CONF)) {
message("realm '%s' in smb.conf must match chosen realm '%s'\n",
- lp.get("realm"), subobj.REALM);
+ lp.get("realm"), subobj.REALM_CONF);
+ return false;
+ }
+
+ if (strupper(lp.get("server role")) != strupper(subobj.SERVERROLE)) {
+ message("server role '%s' in smb.conf must match chosen role '%s'\n",
+ lp.get("server role"), subobj.SERVERROLE);
return false;
}
generated by cgit (git 2.34.1) at 2025-01-02 15:20:03 +0000