summaryrefslogtreecommitdiff
path: root/source4/scripting
diff options
context:
space:
mode:
Diffstat (limited to 'source4/scripting')
-rw-r--r--source4/scripting/libjs/provision.js47
1 files changed, 39 insertions, 8 deletions
diff --git a/source4/scripting/libjs/provision.js b/source4/scripting/libjs/provision.js
index d6d4909499..502583507b 100644
--- a/source4/scripting/libjs/provision.js
+++ b/source4/scripting/libjs/provision.js
@@ -489,6 +489,17 @@ function provision_fix_subobj(subobj, paths)
subobj.NETLOGONPATH = paths.netlogon;
subobj.SYSVOLPATH = paths.sysvol;
+ if (subobj.DOMAIN_CONF == undefined) {
+ subobj.DOMAIN_CONF = subobj.DOMAIN;
+ }
+ if (subobj.REALM_CONF == undefined) {
+ subobj.REALM_CONF = subobj.REALM;
+ }
+ if (subobj.SERVERROLE != "domain controller") {
+ subobj.REALM = subobj.HOSTNAME;
+ subobj.DOMAIN = subobj.HOSTNAME;
+ }
+
return true;
}
@@ -536,6 +547,8 @@ function provision_become_dc(subobj, message, erase, paths, session_info)
setup_ldb("secrets.ldif", info, paths.secrets, false);
+ setup_ldb("secrets_dc.ldif", info, paths.secrets, false);
+
return true;
}
@@ -571,8 +584,16 @@ function provision(subobj, message, blank, paths, session_info, credentials, lda
/* only install a new smb.conf if there isn't one there already */
var st = sys.stat(paths.smbconf);
if (st == undefined) {
+ var smbconfsuffix;
+ if (subobj.ROLE == "domain controller") {
+ smbconfsuffix = "dc";
+ } else if (subobj.ROLE == "member server") {
+ smbconfsuffix = "member";
+ } else {
+ smbconfsuffix = subobj.ROLE;
+ }
message("Setting up " + paths.smbconf +"\n");
- setup_file("provision.smb.conf", info.message, paths.smbconf, subobj);
+ setup_file("provision.smb.conf." + smbconfsuffix, info.message, paths.smbconf, subobj);
lp.reload();
}
/* only install a new shares config db if there is none */
@@ -724,7 +745,7 @@ function provision(subobj, message, blank, paths, session_info, credentials, lda
message("Setting up sam.ldb users and groups\n");
setup_add_ldif("provision_users.ldif", info, samdb, false);
- if (lp.get("server role") == "domain controller") {
+ if (subobj.SERVERROLE == "domain controller") {
message("Setting up self join\n");
setup_add_ldif("provision_self_join.ldif", info, samdb, false);
setup_add_ldif("provision_group_policy.ldif", info, samdb, false);
@@ -737,6 +758,9 @@ function provision(subobj, message, blank, paths, session_info, credentials, lda
sys.mkdir(paths.sysvol + "/"+ subobj.DNSDOMAIN + "/Policies/{" + subobj.POLICYGUID + "}/User", 0755);
sys.mkdir(paths.netlogon, 0755);
+
+ setup_ldb("secrets_dc.ldif", info, paths.secrets, false);
+
}
if (setup_name_mappings(info, samdb) == false) {
@@ -809,8 +833,8 @@ function provision_schema(subobj, message, tmp_schema_path, paths)
function provision_dns(subobj, message, paths, session_info, credentials)
{
var lp = loadparm_init();
- if (lp.get("server role") != "domain controller") {
- message("No DNS zone required for role %s\n", lp.get("server role"));
+ if (subobj.SERVERROLE != "domain controller") {
+ message("No DNS zone required for role %s\n", subobj.SERVERROLE);
return;
}
message("Setting up DNS zone: " + subobj.DNSDOMAIN + " \n");
@@ -886,6 +910,7 @@ function provision_guess()
var rdn_list;
random_init(local);
+ subobj.SERVERROLE = strlower(lp.get("server role"));
subobj.REALM = strupper(lp.get("realm"));
subobj.DOMAIN = lp.get("workgroup");
subobj.HOSTNAME = hostname();
@@ -1100,15 +1125,21 @@ function provision_validate(subobj, message)
}
- if (strupper(lp.get("workgroup")) != strupper(subobj.DOMAIN)) {
+ if (strupper(lp.get("workgroup")) != strupper(subobj.DOMAIN_CONF)) {
message("workgroup '%s' in smb.conf must match chosen domain '%s'\n",
- lp.get("workgroup"), subobj.DOMAIN);
+ lp.get("workgroup"), subobj.DOMAIN_CONF);
return false;
}
- if (strupper(lp.get("realm")) != strupper(subobj.REALM)) {
+ if (strupper(lp.get("realm")) != strupper(subobj.REALM_CONF)) {
message("realm '%s' in smb.conf must match chosen realm '%s'\n",
- lp.get("realm"), subobj.REALM);
+ lp.get("realm"), subobj.REALM_CONF);
+ return false;
+ }
+
+ if (strupper(lp.get("server role")) != strupper(subobj.SERVERROLE)) {
+ message("server role '%s' in smb.conf must match chosen role '%s'\n",
+ lp.get("server role"), subobj.SERVERROLE);
return false;
}
generated by cgit (git 2.34.1) at 2024-07-11 05:51:54 +0000