diff options
Diffstat (limited to 'source4/scripting')
| -rw-r--r-- | source4/scripting/python/pyglue.c | 46 | ||||
| -rw-r--r-- | source4/scripting/python/samba/__init__.py | 46 | ||||
| -rw-r--r-- | source4/scripting/python/samba/provision.py | 19 |
3 files changed, 94 insertions, 17 deletions
diff --git a/source4/scripting/python/pyglue.c b/source4/scripting/python/pyglue.c index 42c04c1f38..753f2df464 100644 --- a/source4/scripting/python/pyglue.c +++ b/source4/scripting/python/pyglue.c @@ -508,10 +508,46 @@ void initglue(void) PyModule_AddObject(m, "version", PyString_FromString(SAMBA_VERSION_STRING)); - PyModule_AddObject(m, "DS_BEHAVIOR_WIN2000", PyInt_FromLong(DS_BEHAVIOR_WIN2000)); - PyModule_AddObject(m, "DS_BEHAVIOR_WIN2003_INTERIM", PyInt_FromLong(DS_BEHAVIOR_WIN2003_INTERIM)); - PyModule_AddObject(m, "DS_BEHAVIOR_WIN2003", PyInt_FromLong(DS_BEHAVIOR_WIN2003)); - PyModule_AddObject(m, "DS_BEHAVIOR_WIN2008", PyInt_FromLong(DS_BEHAVIOR_WIN2008)); - + /* "userAccountControl" flags */ + PyModule_AddObject(m, "UF_NORMAL_ACCOUNT", PyInt_FromLong(UF_NORMAL_ACCOUNT)); + PyModule_AddObject(m, "UF_TEMP_DUPLICATE_ACCOUNT", PyInt_FromLong(UF_TEMP_DUPLICATE_ACCOUNT)); + PyModule_AddObject(m, "UF_SERVER_TRUST_ACCOUNT", PyInt_FromLong(UF_SERVER_TRUST_ACCOUNT)); + PyModule_AddObject(m, "UF_WORKSTATION_TRUST_ACCOUNT", PyInt_FromLong(UF_WORKSTATION_TRUST_ACCOUNT)); + PyModule_AddObject(m, "UF_INTERDOMAIN_TRUST_ACCOUNT", PyInt_FromLong(UF_INTERDOMAIN_TRUST_ACCOUNT)); + PyModule_AddObject(m, "UF_PASSWD_NOTREQD", PyInt_FromLong(UF_PASSWD_NOTREQD)); + PyModule_AddObject(m, "UF_ACCOUNTDISABLE", PyInt_FromLong(UF_ACCOUNTDISABLE)); + + /* "groupType" flags */ + PyModule_AddObject(m, "GTYPE_SECURITY_BUILTIN_LOCAL_GROUP", PyInt_FromLong(GTYPE_SECURITY_BUILTIN_LOCAL_GROUP)); + PyModule_AddObject(m, "GTYPE_SECURITY_GLOBAL_GROUP", PyInt_FromLong(GTYPE_SECURITY_GLOBAL_GROUP)); + PyModule_AddObject(m, "GTYPE_SECURITY_DOMAIN_LOCAL_GROUP", PyInt_FromLong(GTYPE_SECURITY_DOMAIN_LOCAL_GROUP)); + PyModule_AddObject(m, "GTYPE_SECURITY_UNIVERSAL_GROUP", PyInt_FromLong(GTYPE_SECURITY_UNIVERSAL_GROUP)); + PyModule_AddObject(m, "GTYPE_DISTRIBUTION_GLOBAL_GROUP", PyInt_FromLong(GTYPE_DISTRIBUTION_GLOBAL_GROUP)); + PyModule_AddObject(m, "GTYPE_DISTRIBUTION_DOMAIN_LOCAL_GROUP", PyInt_FromLong(GTYPE_DISTRIBUTION_DOMAIN_LOCAL_GROUP)); + PyModule_AddObject(m, "GTYPE_DISTRIBUTION_UNIVERSAL_GROUP", PyInt_FromLong(GTYPE_DISTRIBUTION_UNIVERSAL_GROUP)); + + /* "sAMAccountType" flags */ + PyModule_AddObject(m, "ATYPE_NORMAL_ACCOUNT", PyInt_FromLong(ATYPE_NORMAL_ACCOUNT)); + PyModule_AddObject(m, "ATYPE_WORKSTATION_TRUST", PyInt_FromLong(ATYPE_WORKSTATION_TRUST)); + PyModule_AddObject(m, "ATYPE_INTERDOMAIN_TRUST", PyInt_FromLong(ATYPE_INTERDOMAIN_TRUST)); + PyModule_AddObject(m, "ATYPE_SECURITY_GLOBAL_GROUP", PyInt_FromLong(ATYPE_SECURITY_GLOBAL_GROUP)); + PyModule_AddObject(m, "ATYPE_SECURITY_LOCAL_GROUP", PyInt_FromLong(ATYPE_SECURITY_LOCAL_GROUP)); + PyModule_AddObject(m, "ATYPE_SECURITY_UNIVERSAL_GROUP", PyInt_FromLong(ATYPE_SECURITY_UNIVERSAL_GROUP)); + PyModule_AddObject(m, "ATYPE_DISTRIBUTION_GLOBAL_GROUP", PyInt_FromLong(ATYPE_DISTRIBUTION_GLOBAL_GROUP)); + PyModule_AddObject(m, "ATYPE_DISTRIBUTION_LOCAL_GROUP", PyInt_FromLong(ATYPE_DISTRIBUTION_LOCAL_GROUP)); + PyModule_AddObject(m, "ATYPE_DISTRIBUTION_UNIVERSAL_GROUP", PyInt_FromLong(ATYPE_DISTRIBUTION_UNIVERSAL_GROUP)); + + /* "domainFunctionality", "forestFunctionality" flags in the rootDSE */ + PyModule_AddObject(m, "DS_DOMAIN_FUNCTION_2000", PyInt_FromLong(DS_DOMAIN_FUNCTION_2000)); + PyModule_AddObject(m, "DS_DOMAIN_FUNCTION_2003_MIXED", PyInt_FromLong(DS_DOMAIN_FUNCTION_2003_MIXED)); + PyModule_AddObject(m, "DS_DOMAIN_FUNCTION_2003", PyInt_FromLong(DS_DOMAIN_FUNCTION_2003)); + PyModule_AddObject(m, "DS_DOMAIN_FUNCTION_2008", PyInt_FromLong(DS_DOMAIN_FUNCTION_2008)); + PyModule_AddObject(m, "DS_DOMAIN_FUNCTION_2008_R2", PyInt_FromLong(DS_DOMAIN_FUNCTION_2008_R2)); + + /* "domainControllerFunctionality" flags in the rootDSE */ + PyModule_AddObject(m, "DS_DC_FUNCTION_2000", PyInt_FromLong(DS_DC_FUNCTION_2000)); + PyModule_AddObject(m, "DS_DC_FUNCTION_2003", PyInt_FromLong(DS_DC_FUNCTION_2003)); + PyModule_AddObject(m, "DS_DC_FUNCTION_2008", PyInt_FromLong(DS_DC_FUNCTION_2008)); + PyModule_AddObject(m, "DS_DC_FUNCTION_2008_R2", PyInt_FromLong(DS_DC_FUNCTION_2008_R2)); } diff --git a/source4/scripting/python/samba/__init__.py b/source4/scripting/python/samba/__init__.py index fe365bdf94..82df4960cf 100644 --- a/source4/scripting/python/samba/__init__.py +++ b/source4/scripting/python/samba/__init__.py @@ -345,7 +345,45 @@ def dom_sid_to_rid(sid_str): version = glue.version -DS_BEHAVIOR_WIN2000 = glue.DS_BEHAVIOR_WIN2000 -DS_BEHAVIOR_WIN2003_INTERIM = glue.DS_BEHAVIOR_WIN2003_INTERIM -DS_BEHAVIOR_WIN2003 = glue.DS_BEHAVIOR_WIN2003 -DS_BEHAVIOR_WIN2008 = glue.DS_BEHAVIOR_WIN2008 +# "userAccountControl" flags +UF_NORMAL_ACCOUNT = glue.UF_NORMAL_ACCOUNT +UF_TEMP_DUPLICATE_ACCOUNT = glue.UF_TEMP_DUPLICATE_ACCOUNT +UF_SERVER_TRUST_ACCOUNT = glue.UF_SERVER_TRUST_ACCOUNT +UF_WORKSTATION_TRUST_ACCOUNT = glue.UF_WORKSTATION_TRUST_ACCOUNT +UF_INTERDOMAIN_TRUST_ACCOUNT = glue.UF_INTERDOMAIN_TRUST_ACCOUNT +UF_PASSWD_NOTREQD = glue.UF_PASSWD_NOTREQD +UF_ACCOUNTDISABLE = glue.UF_ACCOUNTDISABLE + +# "groupType" flags +GTYPE_SECURITY_BUILTIN_LOCAL_GROUP = glue.GTYPE_SECURITY_BUILTIN_LOCAL_GROUP +GTYPE_SECURITY_GLOBAL_GROUP = glue.GTYPE_SECURITY_GLOBAL_GROUP +GTYPE_SECURITY_DOMAIN_LOCAL_GROUP = glue.GTYPE_SECURITY_DOMAIN_LOCAL_GROUP +GTYPE_SECURITY_UNIVERSAL_GROUP = glue.GTYPE_SECURITY_UNIVERSAL_GROUP +GTYPE_DISTRIBUTION_GLOBAL_GROUP = glue.GTYPE_DISTRIBUTION_GLOBAL_GROUP +GTYPE_DISTRIBUTION_DOMAIN_LOCAL_GROUP = glue.GTYPE_DISTRIBUTION_DOMAIN_LOCAL_GROUP +GTYPE_DISTRIBUTION_UNIVERSAL_GROUP = glue.GTYPE_DISTRIBUTION_UNIVERSAL_GROUP + +# "sAMAccountType" flags +ATYPE_NORMAL_ACCOUNT = glue.ATYPE_NORMAL_ACCOUNT +ATYPE_WORKSTATION_TRUST = glue.ATYPE_WORKSTATION_TRUST +ATYPE_INTERDOMAIN_TRUST = glue.ATYPE_INTERDOMAIN_TRUST +ATYPE_SECURITY_GLOBAL_GROUP = glue.ATYPE_SECURITY_GLOBAL_GROUP +ATYPE_SECURITY_LOCAL_GROUP = glue.ATYPE_SECURITY_LOCAL_GROUP +ATYPE_SECURITY_UNIVERSAL_GROUP = glue.ATYPE_SECURITY_UNIVERSAL_GROUP +ATYPE_DISTRIBUTION_GLOBAL_GROUP = glue.ATYPE_DISTRIBUTION_GLOBAL_GROUP +ATYPE_DISTRIBUTION_LOCAL_GROUP = glue.ATYPE_DISTRIBUTION_LOCAL_GROUP +ATYPE_DISTRIBUTION_UNIVERSAL_GROUP = glue.ATYPE_DISTRIBUTION_UNIVERSAL_GROUP + +# "domainFunctionality", "forestFunctionality" flags in the rootDSE */ +DS_DOMAIN_FUNCTION_2000 = glue.DS_DOMAIN_FUNCTION_2000 +DS_DOMAIN_FUNCTION_2003_MIXED = glue.DS_DOMAIN_FUNCTION_2003_MIXED +DS_DOMAIN_FUNCTION_2003 = glue.DS_DOMAIN_FUNCTION_2003 +DS_DOMAIN_FUNCTION_2008 = glue.DS_DOMAIN_FUNCTION_2008 +DS_DOMAIN_FUNCTION_2008_R2 = glue.DS_DOMAIN_FUNCTION_2008_R2 + +# "domainControllerFunctionality" flags in the rootDSE */ +DS_DC_FUNCTION_2000 = glue.DS_DC_FUNCTION_2000 +DS_DC_FUNCTION_2003 = glue.DS_DC_FUNCTION_2003 +DS_DC_FUNCTION_2008 = glue.DS_DC_FUNCTION_2008 +DS_DC_FUNCTION_2008_R2 = glue.DS_DC_FUNCTION_2008_R2 + diff --git a/source4/scripting/python/samba/provision.py b/source4/scripting/python/samba/provision.py index 8f7859c215..4840efcb63 100644 --- a/source4/scripting/python/samba/provision.py +++ b/source4/scripting/python/samba/provision.py @@ -42,8 +42,9 @@ import ldb import shutil from credentials import Credentials, DONT_USE_KERBEROS from auth import system_session, admin_session -from samba import version, Ldb, substitute_var, valid_netbios_name, check_all_substituted, \ - DS_BEHAVIOR_WIN2008 +from samba import version, Ldb, substitute_var, valid_netbios_name +from samba import check_all_substituted +from samba import DS_DOMAIN_FUNCTION_2008_R2, DS_DC_FUNCTION_2008_R2 from samba.samdb import SamDB from samba.idmap import IDmapDB from samba.dcerpc import security @@ -584,6 +585,7 @@ def setup_samdb_partitions(samdb_path, setup_path, message, lp, session_info, "extended_dn_in", "rdn_name", "objectclass", + "descriptor", "samldb", "password_hash", "operational", @@ -833,9 +835,9 @@ def setup_samdb(path, setup_path, session_info, credentials, lp, :note: This will wipe the main SAM database file! """ - domainFunctionality = DS_BEHAVIOR_WIN2008 - forestFunctionality = DS_BEHAVIOR_WIN2008 - domainControllerFunctionality = DS_BEHAVIOR_WIN2008 + domainFunctionality = DS_DOMAIN_FUNCTION_2008_R2 + forestFunctionality = DS_DOMAIN_FUNCTION_2008_R2 + domainControllerFunctionality = DS_DC_FUNCTION_2008_R2 # Also wipes the database setup_samdb_partitions(path, setup_path, message=message, lp=lp, @@ -910,7 +912,7 @@ def setup_samdb(path, setup_path, session_info, credentials, lp, domainguid_mod = "" setup_modify_ldif(samdb, setup_path("provision_basedn_modify.ldif"), { - "LDAPTIME": timestring(int(time.time())), + "CREATTIME": str(int(time.time()) * 1e7), # seconds -> ticks "DOMAINSID": str(domainsid), "SCHEMADN": names.schemadn, "NETBIOSNAME": names.netbiosname, @@ -920,7 +922,8 @@ def setup_samdb(path, setup_path, session_info, credentials, lp, "POLICYGUID": policyguid, "DOMAINDN": names.domaindn, "DOMAINGUID_MOD": domainguid_mod, - "DOMAIN_FUNCTIONALITY": str(domainFunctionality) + "DOMAIN_FUNCTIONALITY": str(domainFunctionality), + "SAMBA_VERSION_STRING": version }) message("Adding configuration container") @@ -1203,7 +1206,7 @@ def provision(setup_dir, message, session_info, "{" + policyguid + "}") os.makedirs(policy_path, 0755) open(os.path.join(policy_path, "GPT.INI"), 'w').write( - "[General]\r\nVersion=65544") + "[General]\r\nVersion=65543") os.makedirs(os.path.join(policy_path, "MACHINE"), 0755) os.makedirs(os.path.join(policy_path, "USER"), 0755) |