8 files changed, 152 insertions, 149 deletions
diff --git a/source4/setup/enableaccount b/source4/setup/enableaccount
new file mode 100644
index 0000000000..849b515675
--- /dev/null
+++ b/source4/setup/enableaccount
@@ -0,0 +1,75 @@
+#!/usr/bin/python
+#
+#	add a new user to a Samba4 server
+#	Copyright Andrew Tridgell 2005
+#	Copyright Jelmer Vernooij 2008
+#	Released under the GNU GPL version 3 or later
+#
+
+import samba.getopt as options
+import optparse
+import pwd
+import sys
+import ldb
+
+from auth import system_session
+from samba.samdb import SamDB
+
+parser = optparse.OptionParser("setpassword [username] [options]")
+sambaopts = options.SambaOptions(parser)
+parser.add_option_group(sambaopts)
+parser.add_option_group(options.VersionOptions(parser))
+credopts = options.CredentialsOptions(parser)
+parser.add_option_group(credopts)
+parser.add_option("-H", help="LDB URL for database or target server", type=str)
+parser.add_option("--base", help="Base DN to search for user under", type=str)
+
+opts, args = parser.parse_args()
+
+#
+#  print a message if quiet is not set
+#
+def message(text):
+	if not opts.quiet:
+		print text
+
+if len(args) == 0:
+	parser.print_usage()
+	sys.exit(1)
+
+username = args[0]
+
+if username is None:
+	print "username must be specified"
+
+lp = sambaopts.get_loadparm()
+
+creds = credopts.get_credentials(lp)
+
+if opts.H is not None:
+	url = opts.H
+else:
+	url = lp.get("sam database")
+
+samdb = SamDB(url=url, session_info=system_session(), 
+              credentials=creds, lp=lp)
+
+domain_dn = opts.base
+if opts.base is None:
+	res = samdb.search("", scope=ldb.SCOPE_BASE, 
+			  expression="(defaultNamingContext=*)", 
+			  attrs=["defaultNamingContext"])
+	assert(len(res) == 1 and res[0]["defaultNamingContext"] is not None)
+	domain_dn = res[0]["defaultNamingContext"][0]
+else:
+	domain_dn = opts.base
+
+filter = "(&(objectClass=user)(samAccountName=%s))" % username
+
+res = samdb.search(domain_dn, scope=ldb.SCOPE_SUBTREE, 
+		  expression=filter,
+		  attrs=[])
+assert(len(res) == 1)
+user_dn = res[0].dn
+
+samdb.enable_account(user_dn)
diff --git a/source4/setup/newuser b/source4/setup/newuser
index 03ae4e5ffb..f622058a5d 100755
--- a/source4/setup/newuser
+++ b/source4/setup/newuser
@@ -3,14 +3,14 @@
 #	add a new user to a Samba4 server
 #	Copyright Andrew Tridgell 2005
 #	Copyright Jelmer Vernooij 2008
-#	Released under the GNU GPL v2 or later
+#	Released under the GNU GPL version 3 or later
 #
 
 import samba.getopt as options
 import optparse
 import pwd
 import sys
-
+from getpass import getpass
 from auth import system_session
 from samba.samdb import SamDB
 
@@ -40,9 +40,7 @@ username = args[0]
 if len(args) > 1:
 	password = args[1]
 else:
-	random_init(local)
-	options.password = randpass(12)
-	print "chose random password %s\n" % password
+	password = getpass("New Password: ")
 
 if opts.unixname is None:
 	opts.unixname = username
diff --git a/source4/setup/provision b/source4/setup/provision
index b0363d8a8f..259bd814a4 100755
--- a/source4/setup/provision
+++ b/source4/setup/provision
@@ -52,14 +52,14 @@ parser.add_option("--domain-sid", type="string", metavar="SID",
 		help="set domainsid (otherwise random)")
 parser.add_option("--policy-guid", type="string", metavar="GUID",
 				  help="set policy guid")
+parser.add_option("--invocationid", type="string", metavar="GUID", 
+		  help="set invocationid (otherwise random)")
 parser.add_option("--host-name", type="string", metavar="HOSTNAME", 
 		help="set hostname")
 parser.add_option("--host-ip", type="string", metavar="IPADDRESS", 
-		help="set ipaddress")
-parser.add_option("--host-guid", type="string", metavar="GUID", 
-		help="set hostguid (otherwise random)")
-parser.add_option("--invocationid", type="string", metavar="GUID", 
-		help="set invocationid (otherwise random)")
+		help="set IPv4 ipaddress")
+parser.add_option("--host-ip6", type="string", metavar="IP6ADDRESS", 
+		help="set IPv6 ipaddress")
 parser.add_option("--adminpass", type="string", metavar="PASSWORD", 
 		help="choose admin password (otherwise random)")
 parser.add_option("--krbtgtpass", type="string", metavar="PASSWORD", 
@@ -111,7 +111,8 @@ if opts.realm is None or opts.domain is None:
 	parser.print_usage()
 	sys.exit(1)
 
-smbconf = sambaopts.get_loadparm().configfile()
+lp = sambaopts.get_loadparm()
+smbconf = lp.configfile()
 
 if opts.aci is not None:
 	print "set ACI: %s" % opts.aci
@@ -123,7 +124,7 @@ elif opts.server_role == "member":
 else:
         server_role = opts.server_role
 
-creds = credopts.get_credentials()
+creds = credopts.get_credentials(lp)
 
 setup_dir = opts.setupdir
 if setup_dir is None:
@@ -140,7 +141,7 @@ provision(setup_dir, message,
           samdb_fill=samdb_fill, realm=opts.realm, domain=opts.domain,
           domainguid=opts.domain_guid, domainsid=opts.domain_sid,
           policyguid=opts.policy_guid, hostname=opts.host_name,
-          hostip=opts.host_ip, hostguid=opts.host_guid, 
+          hostip=opts.host_ip, hostip6=opts.host_ip6,
           invocationid=opts.invocationid, adminpass=opts.adminpass,
           krbtgtpass=opts.krbtgtpass, machinepass=opts.machinepass,
           dnspass=opts.dnspass, root=opts.root, nobody=opts.nobody,
@@ -148,12 +149,3 @@ provision(setup_dir, message,
           aci=opts.aci, serverrole=server_role, 
           ldap_backend=opts.ldap_backend, 
           ldap_backend_type=opts.ldap_backend_type)
-
-message("To reproduce this provision, run with:")
-def shell_escape(arg):
-    if " " in arg:
-        return '"%s"' % arg
-    return arg
-message(" ".join([shell_escape(arg) for arg in sys.argv]))
-
-message("All OK")
diff --git a/source4/setup/provision-backend.js b/source4/setup/provision-backend.js
index edc09907a8..9482d8c435 100644
--- a/source4/setup/provision-backend.js
+++ b/source4/setup/provision-backend.js
@@ -3,7 +3,7 @@ exec smbscript "$0" ${1+"$@"}
 /*
 	provision a Samba4 server
 	Copyright Andrew Tridgell 2005
-	Released under the GNU GPL v2 or later
+	Released under the GNU GPL version 3 or later
 */
 
 options = GetOptions(ARGV,
diff --git a/source4/setup/provision.zone b/source4/setup/provision.zone
index 371dfd9e72..28c1c29762 100644
--- a/source4/setup/provision.zone
+++ b/source4/setup/provision.zone
@@ -9,8 +9,10 @@ $TTL 1W
                                 6W              ; expiry
                                 1W )            ; minimum
 			IN NS	${HOSTNAME}
+${HOSTIP6_BASE_LINE}
 			IN A	${HOSTIP}
 ;
+${HOSTIP6_HOST_LINE}
 ${HOSTNAME}		IN A	${HOSTIP}
 ${HOSTGUID}._msdcs	IN CNAME ${HOSTNAME}
 ;
diff --git a/source4/setup/provision_self_join.ldif b/source4/setup/provision_self_join.ldif
index 503656a9bf..a0cfa7eb23 100644
--- a/source4/setup/provision_self_join.ldif
+++ b/source4/setup/provision_self_join.ldif
@@ -19,7 +19,6 @@ servicePrincipalName: HOST/${DNSNAME}/${REALM}
 servicePrincipalName: HOST/${NETBIOSNAME}/${REALM}
 servicePrincipalName: HOST/${DNSNAME}/${DOMAIN}
 servicePrincipalName: HOST/${NETBIOSNAME}/${DOMAIN}
-${HOSTGUID_ADD}
 
 #Provide a account for DNS keytab export
 dn: CN=dns,CN=Users,${DOMAINDN}
diff --git a/source4/setup/setpassword b/source4/setup/setpassword
index 618e304077..31b2f73a25 100644
--- a/source4/setup/setpassword
+++ b/source4/setup/setpassword
@@ -1,123 +1,58 @@
-#!/bin/sh
-exec smbscript "$0" ${1+"$@"}
-/*
-	set a user's password on a Samba4 server
-	Copyright Andrew Tridgell 2005
-	Copyright Andrew Bartlett 2006
-	Released under the GNU GPL v2 or later
-*/
-
-options = GetOptions(ARGV,
-		"POPT_AUTOHELP",
-		'username=s',
-		'filter=s',
-		'newpassword=s',
-		"POPT_COMMON_SAMBA",
-		"POPT_COMMON_VERSION",
-		"POPT_COMMON_CREDENTIALS",
-		'quiet');
-
-if (options == undefined) {
-   println("Failed to parse options");
-   return -1;
-}
-
-libinclude("base.js");
-libinclude("provision.js");
-
-/*
-  print a message if quiet is not set
-*/
-function message() 
-{
-	if (options["quiet"] == undefined) {
-		print(vsprintf(arguments));
-	}
-}
-
-/*
- show some help
-*/
-function ShowHelp()
-{
-	print("
-Samba4 newuser
-
-newuser [options]
-  --username     USERNAME     username
-  --filter       LDAPFILTER   LDAP Filter to set password on
-  --newpassword  PASSWORD     set password
-
-You must provide either a filter or a username, as well as password
-");
-	exit(1);
-}
-
-if (options['username'] == undefined && options['filter'] == undefined) {
-	ShowHelp();
-}
-
-if (options['newpassword'] == undefined) {
-	ShowHelp();
-}
-
-	var lp = loadparm_init();
-	var samdb = lp.get("sam database");
-	var ldb = ldb_init();
-	random_init(local);
-	ldb.session_info = system_session();
-	ldb.credentials = options.get_credentials();
-
-	/* connect to the sam */
-	var ok = ldb.connect(samdb);
-	assert(ok);
-
-	ldb.transaction_start();
-
-/* find the DNs for the domain and the domain users group */
-var attrs = new Array("defaultNamingContext");
-var attrs2 = new Array("cn");
-res = ldb.search("defaultNamingContext=*", "", ldb.SCOPE_BASE, attrs);
-assert(res.error == 0);
-assert(res.msgs.length == 1 && res.msgs[0].defaultNamingContext != undefined);
-var domain_dn = res.msgs[0].defaultNamingContext;
-assert(domain_dn != undefined);
-
-if (options['filter'] != undefined) {
-    var res = ldb.search(options['filter'],
-	domain_dn, ldb.SCOPE_SUBTREE, attrs2);
-    if (res.error != 0 || res.msgs.length != 1) {
-	message("Failed to find record for filter %s\n", options['filter']);
-	exit(1);
-    }
-} else {
-    var res = ldb.search(sprintf("samAccountName=%s", options['username']), 
-    domain_dn, ldb.SCOPE_SUBTREE, attrs2);
-    if (res.error != 0 || res.msgs.length != 1) {
-	message("Failed to find record for user %s\n", options['username']);
-	exit(1);
-    }
-}
-
-var mod = sprintf("
-dn: %s
-changetype: modify
-replace: sambaPassword
-sambaPassword: %s
-",
-    res[0].dn, options['newpassword']);
-var ok = ldb.modify(mod);
-if (ok.error != 0) {
-	message("set password for %s failed - %s\n",
-	    res[0].dn, ok.errstr);
-	ldb.transaction_cancel();
-	exit(1);
-} else {
-	message("set password for %s (%s) succeded\n",
-	    res[0].dn, res[0].cn);
-	
-	ldb.transaction_commit();
-}
-
-
-return 0;
+#!/usr/bin/python
+#
+#	add a new user to a Samba4 server
+#	Copyright Andrew Tridgell 2005
+#	Copyright Jelmer Vernooij 2008
+#	Released under the GNU GPL version 3 or later
+#
+
+import samba.getopt as options
+import optparse
+import pwd
+import sys
+from getpass import getpass
+from auth import system_session
+from samba.samdb import SamDB
+
+parser = optparse.OptionParser("setpassword [username] [options]")
+sambaopts = options.SambaOptions(parser)
+parser.add_option_group(sambaopts)
+parser.add_option_group(options.VersionOptions(parser))
+credopts = options.CredentialsOptions(parser)
+parser.add_option_group(credopts)
+parser.add_option("--filter", help="LDAP Filter to set password on", type=str)
+parser.add_option("--newpassword", help="Set password", type=str)
+
+opts, args = parser.parse_args()
+
+#
+#  print a message if quiet is not set
+#
+def message(text):
+	if not opts.quiet:
+		print text
+
+if len(args) == 0:
+	parser.print_usage()
+	sys.exit(1)
+
+password = opts.password;
+if password is None:
+	password = getpass("New Password: ")
+
+filter = opts.filter
+
+if filter is None:
+	username = args[0]
+	if username is None:
+		print "Either username or --filter must be specified"
+
+	filter = "(&(objectclass=user)(samAccountName=" + username + "))"
+
+
+creds = credopts.get_credentials()
+
+lp = sambaopts.get_loadparm()
+samdb = SamDB(url=lp.get("sam database"), session_info=system_session(), 
+              credentials=creds, lp=lp)
+samdb.setpassword(filter, password)
diff --git a/source4/setup/upgrade.py b/source4/setup/upgrade.py
index 569b179544..3bcc57ab64 100755
--- a/source4/setup/upgrade.py
+++ b/source4/setup/upgrade.py
@@ -57,7 +57,9 @@ setup_dir = opts.setupdir
 if setup_dir is None:
 	setup_dir = "setup"
 
-creds = credopts.get_credentials()
+lp = sambaopts.get_loadparm()
+smbconf = lp.configfile()
+creds = credopts.get_credentials(lp)
 
 upgrade_provision(samba3, setup_dir, message, credentials=creds, session_info=system_session(), 
-                  smbconf=sambaopts.get_loadparm_path(), targetdir=opts.targetdir)
+                  smbconf=smbconf, targetdir=opts.targetdir)