diff options
Diffstat (limited to 'source4/scripting/python/samba/provision.py')
-rw-r--r-- | source4/scripting/python/samba/provision.py | 122 |
1 files changed, 2 insertions, 120 deletions
diff --git a/source4/scripting/python/samba/provision.py b/source4/scripting/python/samba/provision.py index a6b8420994..f570599e62 100644 --- a/source4/scripting/python/samba/provision.py +++ b/source4/scripting/python/samba/provision.py @@ -43,7 +43,7 @@ import shutil from credentials import Credentials, DONT_USE_KERBEROS from auth import system_session, admin_session from samba import version, Ldb, substitute_var, valid_netbios_name -from samba import check_all_substituted +from samba import check_all_substituted, read_and_sub_file from samba import DS_DOMAIN_FUNCTION_2003, DS_DOMAIN_FUNCTION_2008, DS_DC_FUNCTION_2008 from samba.samdb import SamDB from samba.idmap import IDmapDB @@ -51,8 +51,8 @@ from samba.dcerpc import security from samba.ndr import ndr_pack import urllib from ldb import SCOPE_SUBTREE, SCOPE_ONELEVEL, SCOPE_BASE, LdbError, timestring -from ms_schema import read_ms_schema from ms_display_specifiers import read_ms_ldif +from schema import Schema from signal import SIGTERM from dcerpc.misc import SEC_CHAN_BDC, SEC_CHAN_WKSTA @@ -73,20 +73,6 @@ def find_setup_dir(): return ret raise Exception("Unable to find setup directory.") -def get_schema_descriptor(domain_sid): - sddl = "O:SAG:SAD:(A;CI;RPLCLORC;;;AU)(A;CI;RPWPCRCCLCLORCWOWDSW;;;SA)" \ - "(A;CI;RPWPCRCCDCLCLORCWOWDSDDTSW;;;SY)" \ - "(OA;;CR;1131f6ad-9c07-11d1-f79f-00c04fc2dcd2;;ED)" \ - "(OA;;CR;89e95b76-444d-4c62-991a-0facbeda640c;;ED)" \ - "(OA;;CR;1131f6ad-9c07-11d1-f79f-00c04fc2dcd2;;BA)" \ - "(OA;;CR;89e95b76-444d-4c62-991a-0facbeda640c;;BA)" \ - "S:(AU;SA;WPCCDCWOWDSDDTSW;;;WD)" \ - "(AU;CISA;WP;;;WD)(AU;SA;CR;;;BA)" \ - "(AU;SA;CR;;;DU)(OU;SA;CR;e12b56b6-0a95-11d1-adbb-00c04fd8d5cd;;WD)" \ - "(OU;SA;CR;45ec5156-db7e-47bb-b53f-dbeb2d03c40f;;WD)" - sec = security.descriptor.from_sddl(sddl, domain_sid) - return b64encode(ndr_pack(sec)) - def get_config_descriptor(domain_sid): sddl = "O:EAG:EAD:(OA;;CR;1131f6aa-9c07-11d1-f79f-00c04fc2dcd2;;ED)" \ "(OA;;CR;1131f6ab-9c07-11d1-f79f-00c04fc2dcd2;;ED)" \ @@ -182,97 +168,6 @@ class ProvisionResult(object): self.lp = None self.samdb = None - -class Schema(object): - def __init__(self, setup_path, domain_sid, schemadn=None, - serverdn=None, sambadn=None): - """Load schema for the SamDB from the AD schema files and samba4_schema.ldif - - :param samdb: Load a schema into a SamDB. - :param setup_path: Setup path function. - :param schemadn: DN of the schema - :param serverdn: DN of the server - - Returns the schema data loaded, to avoid double-parsing when then needing to add it to the db - """ - - self.schemadn = schemadn - self.ldb = Ldb() - self.schema_data = read_ms_schema(setup_path('ad-schema/MS-AD_Schema_2K8_Attributes.txt'), - setup_path('ad-schema/MS-AD_Schema_2K8_Classes.txt')) - self.schema_data += open(setup_path("schema_samba4.ldif"), 'r').read() - self.schema_data = substitute_var(self.schema_data, {"SCHEMADN": schemadn}) - check_all_substituted(self.schema_data) - - self.schema_dn_modify = read_and_sub_file(setup_path("provision_schema_basedn_modify.ldif"), - {"SCHEMADN": schemadn, - "SERVERDN": serverdn, - }) - - descr = get_schema_descriptor(domain_sid) - self.schema_dn_add = read_and_sub_file(setup_path("provision_schema_basedn.ldif"), - {"SCHEMADN": schemadn, - "DESCRIPTOR": descr - }) - - prefixmap = open(setup_path("prefixMap.txt"), 'r').read() - prefixmap = b64encode(prefixmap) - - - - # We don't actually add this ldif, just parse it - prefixmap_ldif = "dn: cn=schema\nprefixMap:: %s\n\n" % prefixmap - self.ldb.set_schema_from_ldif(prefixmap_ldif, self.schema_data) - - def write_to_tmp_ldb(self, schemadb_path): - self.ldb.connect(schemadb_path) - self.ldb.transaction_start() - - self.ldb.add_ldif("""dn: @ATTRIBUTES -linkID: INTEGER - -dn: @INDEXLIST -@IDXATTR: linkID -@IDXATTR: attributeSyntax -""") - # These bits of LDIF are supplied when the Schema object is created - self.ldb.add_ldif(self.schema_dn_add) - self.ldb.modify_ldif(self.schema_dn_modify) - self.ldb.add_ldif(self.schema_data) - self.ldb.transaction_commit() - - # Return a hash with the forward attribute as a key and the back as the value - def linked_attributes(self): - return get_linked_attributes(self.schemadn, self.ldb) - - def dnsyntax_attributes(self): - return get_dnsyntax_attributes(self.schemadn, self.ldb) - -# Return a hash with the forward attribute as a key and the back as the value -def get_linked_attributes(schemadn,schemaldb): - attrs = ["linkID", "lDAPDisplayName"] - res = schemaldb.search(expression="(&(linkID=*)(!(linkID:1.2.840.113556.1.4.803:=1))(objectclass=attributeSchema)(attributeSyntax=2.5.5.1))", base=schemadn, scope=SCOPE_ONELEVEL, attrs=attrs) - attributes = {} - for i in range (0, len(res)): - expression = "(&(objectclass=attributeSchema)(linkID=%d)(attributeSyntax=2.5.5.1))" % (int(res[i]["linkID"][0])+1) - target = schemaldb.searchone(basedn=schemadn, - expression=expression, - attribute="lDAPDisplayName", - scope=SCOPE_SUBTREE) - if target is not None: - attributes[str(res[i]["lDAPDisplayName"])]=str(target) - - return attributes - -def get_dnsyntax_attributes(schemadn,schemaldb): - attrs = ["linkID", "lDAPDisplayName"] - res = schemaldb.search(expression="(&(!(linkID=*))(objectclass=attributeSchema)(attributeSyntax=2.5.5.1))", base=schemadn, scope=SCOPE_ONELEVEL, attrs=attrs) - attributes = [] - for i in range (0, len(res)): - attributes.append(str(res[i]["lDAPDisplayName"])) - - return attributes - def check_install(lp, session_info, credentials): """Check whether the current install seems ok. @@ -307,19 +202,6 @@ findnss_uid = lambda names: findnss(pwd.getpwnam, names)[2] findnss_gid = lambda names: findnss(grp.getgrnam, names)[2] -def read_and_sub_file(file, subst_vars): - """Read a file and sub in variables found in it - - :param file: File to be read (typically from setup directory) - param subst_vars: Optional variables to subsitute in the file. - """ - data = open(file, 'r').read() - if subst_vars is not None: - data = substitute_var(data, subst_vars) - check_all_substituted(data) - return data - - def setup_add_ldif(ldb, ldif_path, subst_vars=None,controls=["relax:0"]): """Setup a ldb in the private dir. |