diff options
Diffstat (limited to 'source4')
-rw-r--r-- | source4/scripting/python/samba/__init__.py | 41 | ||||
-rw-r--r-- | source4/scripting/python/samba/provision.py | 256 | ||||
-rw-r--r-- | source4/scripting/python/samba/samdb.py | 4 | ||||
-rw-r--r-- | source4/scripting/python/samba/tests/__init__.py | 2 | ||||
-rw-r--r-- | source4/scripting/python/samba/tests/provision.py | 5 | ||||
-rw-r--r-- | source4/scripting/python/samba/upgrade.py | 4 |
6 files changed, 164 insertions, 148 deletions
diff --git a/source4/scripting/python/samba/__init__.py b/source4/scripting/python/samba/__init__.py index d185464a58..2c46f72883 100644 --- a/source4/scripting/python/samba/__init__.py +++ b/source4/scripting/python/samba/__init__.py @@ -87,7 +87,8 @@ class Ldb(ldb.Ldb): set_session_info = misc.ldb_set_session_info set_loadparm = misc.ldb_set_loadparm - def searchone(self, basedn, attribute, expression=None, scope=ldb.SCOPE_BASE): + def searchone(self, basedn, attribute, expression=None, + scope=ldb.SCOPE_BASE): """Search for one attribute as a string.""" res = self.search(basedn, scope, expression, [attribute]) if len(res) != 1 or res[0][attribute] is None: @@ -112,11 +113,47 @@ class Ldb(ldb.Ldb): for msg in self.search(basedn, ldb.SCOPE_SUBTREE, "(&(|(objectclass=*)(dn=*))(!(dn=@BASEINFO)))", ["dn"]): - self.delete(msg.dn) + try: + self.delete(msg.dn) + except ldb.LdbError, (LDB_ERR_NO_SUCH_OBJECT, _): + # Ignor eno such object errors + pass res = self.search(basedn, ldb.SCOPE_SUBTREE, "(&(|(objectclass=*)(dn=*))(!(dn=@BASEINFO)))", ["dn"]) assert len(res) == 0 + def erase_partitions(self): + """Erase an ldb, removing all records.""" + res = self.search(ldb.Dn(self, ""), ldb.SCOPE_BASE, "(objectClass=*)", + ["namingContexts"]) + assert len(res) == 1 + if not "namingContexts" in res[0]: + return + for basedn in res[0]["namingContexts"]: + previous_remaining = 1 + current_remaining = 0 + + k = 0 + while ++k < 10 and (previous_remaining != current_remaining): + # and the rest + res2 = self.search(ldb.Dn(self, basedn), ldb.SCOPE_SUBTREE, "(|(objectclass=*)(dn=*))", ["dn"]) + previous_remaining = current_remaining + current_remaining = len(res2) + for msg in res2: + self.delete(msg.dn) + + def load_ldif_file_add(self, ldif_path): + """Load a LDIF file. + + :param ldif_path: Path to LDIF file. + """ + self.load_ldif_add(open(ldif_path, 'r').read()) + + def load_ldif_add(self, ldif): + for changetype, msg in self.parse_ldif(ldif): + assert changetype == ldb.CHANGETYPE_NONE + self.add(msg) + def substitute_var(text, values): """substitute strings of the form ${NAME} in str, replacing diff --git a/source4/scripting/python/samba/provision.py b/source4/scripting/python/samba/provision.py index f3fc138e6b..90f7cd0697 100644 --- a/source4/scripting/python/samba/provision.py +++ b/source4/scripting/python/samba/provision.py @@ -21,7 +21,7 @@ from samba import Ldb, substitute_var, valid_netbios_name from samba.samdb import SamDB import security from ldb import Dn, SCOPE_SUBTREE, SCOPE_ONELEVEL, SCOPE_BASE, LdbError, \ - LDB_ERR_NO_SUCH_OBJECT, timestring + LDB_ERR_NO_SUCH_OBJECT, timestring, CHANGETYPE_MODIFY, CHANGETYPE_NONE DEFAULTSITE = "Default-First-Site-Name" @@ -58,7 +58,7 @@ def install_ok(lp, session_info, credentials): return False ldb = Ldb(lp.get("sam database"), session_info=session_info, credentials=credentials, lp=lp) - if len(ldb.search("(cn=Administrator)")) != 1: + if len(ldb.search(ldb.Dn("(cn=Administrator)"))) != 1: return False return True @@ -85,62 +85,56 @@ def open_ldb(session_info, credentials, lp, dbname): lp=lp) -def setup_add_ldif(ldb, setup_dir, ldif, subst_vars=None): +def setup_add_ldif(ldb, ldif_path, subst_vars=None): """Setup a ldb in the private dir.""" - assert isinstance(ldif, str) - assert isinstance(setup_dir, str) - src = os.path.join(setup_dir, ldif) + assert isinstance(ldif_path, str) - data = open(src, 'r').read() + data = open(ldif_path, 'r').read() if subst_vars is not None: data = substitute_var(data, subst_vars) assert "${" not in data - for msg in ldb.parse_ldif(data): - ldb.add(msg[1]) + ldb.load_ldif_add(data) -def setup_modify_ldif(ldb, setup_dir, ldif, substvars=None): +def setup_modify_ldif(ldb, ldif_path, substvars=None): """Modify a ldb in the private dir. :param ldb: LDB object. - :param setup_dir: Setup directory. - :param ldif: LDIF file path. + :param ldif_path: LDIF file path. :param substvars: Optional dictionary with substitution variables. """ - src = os.path.join(setup_dir, ldif) - - data = open(src, 'r').read() + data = open(ldif_path, 'r').read() if substvars is not None: data = substitute_var(data, substvars) assert "${" not in data for (changetype, msg) in ldb.parse_ldif(data): + assert changetype == CHANGETYPE_MODIFY ldb.modify(msg) -def setup_ldb(ldb, setup_dir, ldif, subst_vars=None): +def setup_ldb(ldb, ldif_path, subst_vars): assert ldb is not None ldb.transaction_start() try: - setup_add_ldif(ldb, setup_dir, ldif, subst_vars) + setup_add_ldif(ldb, ldif_path, subst_vars) except: ldb.transaction_cancel() raise ldb.transaction_commit() -def setup_file(setup_dir, template, fname, substvars): +def setup_file(template, fname, substvars): """Setup a file in the private dir.""" f = fname - src = os.path.join(setup_dir, template) if os.path.exists(f): os.unlink(f) - data = open(src, 'r').read() + data = open(template, 'r').read() if substvars: data = substitute_var(data, substvars) assert not "${" in data @@ -218,40 +212,44 @@ def setup_name_mappings(ldb, sid, domaindn, root, nobody, nogroup, users, def provision_become_dc(setup_dir, message, paths, lp, session_info, credentials): assert session_info is not None + erase = False + + def setup_path(file): + return os.path.join(setup_dir, file) + os.path.unlink(paths.samdb) - message("Setting up templates into %s" % paths.templates) - setup_templatesdb(paths.templates, setup_dir, session_info, + message("Setting up templates db") + setup_templatesdb(paths.templates, setup_path, session_info, credentials, lp) # Also wipes the database - message("Setting up samdb") - os.path.unlink(paths.samdb) + message("Setting up sam.ldb") samdb = SamDB(paths.samdb, credentials=credentials, session_info=session_info, lp=lp) - samdb.erase() - message("Setting up %s partitions" % paths.samdb) - setup_samdb_partitions(samdb, setup_dir, schemadn, - configdn, domaindn) + message("Setting up sam.ldb partitions") + setup_samdb_partitions(samdb, setup_path, schemadn, + configdn, domaindn) samdb = SamDB(paths.samdb, credentials=credentials, session_info=session_info, lp=lp) ldb.transaction_start() try: - message("Setting up %s attributes" % paths.samdb) - setup_add_ldif(samdb, setup_dir, "provision_init.ldif") + message("Setting up sam.ldb attributes") + samdb.load_ldif_file_add(setup_path("provision_init.ldif")) - message("Setting up %s rootDSE" % paths.samdb) - setup_samdb_rootdse(samdb, setup_dir, schemadn, domaindn, + message("Setting up sam.ldb rootDSE") + setup_samdb_rootdse(samdb, setup_path, schemadn, domaindn, hostname, dnsdomain, realm, rootdn, configdn, netbiosname) - message("Erasing data from partitions") - ldb_erase_partitions(domaindn, message, samdb, None) + if erase: + message("Erasing data from partitions") + samdb.erase_partitions() - message("Setting up %s indexes" % paths.samdb) - setup_add_ldif(samdb, setup_dir, "provision_index.ldif") + message("Setting up sam.ldb indexes") + samdb.load_ldif_file_add(setup_path("provision_index.ldif")) except: samdb.transaction_cancel() raise @@ -259,39 +257,39 @@ def provision_become_dc(setup_dir, message, paths, lp, session_info, samdb.transaction_commit() message("Setting up %s" % paths.secrets) - secrets_ldb = setup_secretsdb(paths.secrets, setup_dir, session_info, credentials, lp) - setup_ldb(secrets_ldb, setup_dir, "secrets_dc.ldif", + secrets_ldb = setup_secretsdb(paths.secrets, setup_path, session_info, credentials, lp) + setup_ldb(secrets_ldb, setup_path("secrets_dc.ldif"), { "MACHINEPASS_B64": b64encode(machinepass) }) -def setup_secretsdb(path, setup_dir, session_info, credentials, lp): +def setup_secretsdb(path, setup_path, session_info, credentials, lp): secrets_ldb = Ldb(path, session_info=session_info, credentials=credentials, lp=lp) secrets_ldb.erase() - setup_ldb(secrets_ldb, setup_dir, "secrets_init.ldif") - setup_ldb(secrets_ldb, setup_dir, "secrets.ldif") + secrets_ldb.load_ldif_file_add(setup_path("secrets_init.ldif")) + secrets_ldb.load_ldif_file_add(setup_path("secrets.ldif")) return secrets_ldb -def setup_templatesdb(path, setup_dir, session_info, credentials, lp): - templates_ldb = Ldb(path, session_info=session_info, +def setup_templatesdb(path, setup_path, session_info, credentials, lp): + templates_ldb = SamDB(path, session_info=session_info, credentials=credentials, lp=lp) templates_ldb.erase() - setup_ldb(templates_ldb, setup_dir, "provision_templates.ldif", None) + templates_ldb.load_ldif_file_add(setup_path("provision_templates.ldif")) -def setup_registry(path, setup_dir, session_info, credentials, lp): +def setup_registry(path, setup_path, session_info, credentials, lp): reg = registry.Registry() hive = registry.Hive(path, session_info=session_info, credentials=credentials, lp_ctx=lp) reg.mount_hive(hive, "HKEY_LOCAL_MACHINE") - provision_reg = os.path.join(setup_dir, "provision.reg") + provision_reg = setup_path("provision.reg") assert os.path.exists(provision_reg) reg.apply_patchfile(provision_reg) -def setup_samdb_rootdse(samdb, setup_dir, schemadn, domaindn, hostname, +def setup_samdb_rootdse(samdb, setup_path, schemadn, domaindn, hostname, dnsdomain, realm, rootdn, configdn, netbiosname): - setup_add_ldif(samdb, setup_dir, "provision_rootdse_add.ldif", { + setup_add_ldif(samdb, setup_path("provision_rootdse_add.ldif"), { "SCHEMADN": schemadn, "NETBIOSNAME": netbiosname, "DNSDOMAIN": dnsdomain, @@ -305,7 +303,7 @@ def setup_samdb_rootdse(samdb, setup_dir, schemadn, domaindn, hostname, }) -def setup_samdb_partitions(samdb, setup_dir, schemadn, configdn, domaindn): +def setup_samdb_partitions(samdb, setup_path, schemadn, configdn, domaindn): #Add modules to the list to activate them by default #beware often order is important # @@ -335,7 +333,7 @@ def setup_samdb_partitions(samdb, setup_dir, schemadn, configdn, domaindn): modules_list2 = ["show_deleted", "partition"] - setup_ldb(samdb, setup_dir, "provision_partitions.ldif", { + setup_add_ldif(samdb, setup_path("provision_partitions.ldif"), { "SCHEMADN": schemadn, "SCHEMADN_LDB": "schema.ldb", "SCHEMADN_MOD2": ",objectguid", @@ -367,6 +365,11 @@ def provision(lp, setup_dir, message, blank, paths, session_info, :note: caution, this wipes all existing data! """ + def setup_path(file): + return os.path.join(setup_dir, file) + + erase = False + if domainsid is None: domainsid = security.random_sid() if policyguid is None: @@ -438,6 +441,7 @@ def provision(lp, setup_dir, message, blank, paths, session_info, rdn_dc = domaindn.split(",")[0][len("DC="):] + message("set DOMAIN SID: %s" % str(domainsid)) message("Provisioning for %s in realm %s" % (domain, realm)) message("Using administrator password: %s" % adminpass) @@ -452,7 +456,14 @@ def provision(lp, setup_dir, message, blank, paths, session_info, smbconfsuffix = "member" else: assert "Invalid server role setting: %s" % serverrole - setup_file(setup_dir, "provision.smb.conf.%s" % smbconfsuffix, paths.smbconf) + setup_file(setup_path("provision.smb.conf.%s" % smbconfsuffix), paths.smbconf, { + "HOSTNAME": hostname, + "DOMAIN_CONF": domain, + "REALM_CONF": realm, + "SERVERROLE": serverrole, + "NETLOGONPATH": paths.netlogon, + "SYSVOLPATH": paths.sysvol, + }) lp.reload() # only install a new shares config db if there is none @@ -460,27 +471,26 @@ def provision(lp, setup_dir, message, blank, paths, session_info, message("Setting up share.ldb") share_ldb = Ldb(paths.shareconf, session_info=session_info, credentials=credentials, lp=lp) - setup_ldb(share_ldb, setup_dir, "share.ldif") + share_ldb.load_ldif_file_add(setup_path("share.ldif")) - message("Setting up %s" % paths.secrets) - secrets_ldb = setup_secretsdb(paths.secrets, setup_dir, session_info=session_info, + message("Setting up secrets.ldb") + secrets_ldb = setup_secretsdb(paths.secrets, setup_path, session_info=session_info, credentials=credentials, lp=lp) - message("Setting up registry") + message("Setting up the registry") # FIXME: Still fails for some reason - #setup_registry(paths.hklm, setup_dir, session_info, + #setup_registry(paths.hklm, setup_path, session_info, # credentials=credentials, lp=lp) - message("Setting up templates into %s" % paths.templates) - setup_templatesdb(paths.templates, setup_dir, session_info=session_info, + message("Setting up templates db") + setup_templatesdb(paths.templates, setup_path, session_info=session_info, credentials=credentials, lp=lp) samdb = SamDB(paths.samdb, session_info=session_info, credentials=credentials, lp=lp) - samdb.erase() message("Setting up sam.ldb partitions") - setup_samdb_partitions(samdb, setup_dir, schemadn, configdn, domaindn) + setup_samdb_partitions(samdb, setup_path, schemadn, configdn, domaindn) samdb = SamDB(paths.samdb, session_info=session_info, credentials=credentials, lp=lp) @@ -488,15 +498,16 @@ def provision(lp, setup_dir, message, blank, paths, session_info, samdb.transaction_start() try: message("Setting up sam.ldb attributes") - setup_add_ldif(samdb, setup_dir, "provision_init.ldif") + samdb.load_ldif_file_add(setup_path("provision_init.ldif")) message("Setting up sam.ldb rootDSE") - setup_samdb_rootdse(samdb, setup_dir, schemadn, domaindn, + setup_samdb_rootdse(samdb, setup_path, schemadn, domaindn, hostname, dnsdomain, realm, rootdn, configdn, netbiosname) - message("Erasing data from partitions") - ldb_erase_partitions(domaindn, message, samdb, ldapbackend) + if erase: + message("Erasing data from partitions") + samdb.erase_partitions() except: samdb.transaction_cancel() raise @@ -507,13 +518,13 @@ def provision(lp, setup_dir, message, blank, paths, session_info, samdb = SamDB(paths.samdb, session_info=session_info, credentials=credentials, lp=lp) samdb.set_domain_sid(domainsid) - load_schema(setup_dir, samdb, schemadn, netbiosname, configdn) + load_schema(setup_path, samdb, schemadn, netbiosname, configdn) samdb.transaction_start() try: message("Adding DomainDN: %s (permitted to fail)" % domaindn) - setup_add_ldif(samdb, setup_dir, "provision_basedn.ldif", { + setup_add_ldif(samdb, setup_path("provision_basedn.ldif"), { "DOMAINDN": domaindn, "ACI": aci, "EXTENSIBLEOBJECT": "# no objectClass: extensibleObject for local ldb", @@ -526,7 +537,7 @@ def provision(lp, setup_dir, message, blank, paths, session_info, else: domainguid_mod = "" - setup_modify_ldif(samdb, setup_dir, "provision_basedn_modify.ldif", { + setup_modify_ldif(samdb, setup_path("provision_basedn_modify.ldif"), { "RDN_DC": rdn_dc, "LDAPTIME": timestring(int(time.time())), "DOMAINSID": str(domainsid), @@ -540,25 +551,25 @@ def provision(lp, setup_dir, message, blank, paths, session_info, }) message("Adding configuration container (permitted to fail)") - setup_add_ldif(samdb, setup_dir, "provision_configuration_basedn.ldif", { + setup_add_ldif(samdb, setup_path("provision_configuration_basedn.ldif"), { "CONFIGDN": configdn, "ACI": aci, "EXTENSIBLEOBJECT": "# no objectClass: extensibleObject for local ldb", }) message("Modifying configuration container") - setup_modify_ldif(samdb, setup_dir, "provision_configuration_basedn_modify.ldif", { + setup_modify_ldif(samdb, setup_path("provision_configuration_basedn_modify.ldif"), { "CONFIGDN": configdn, "SCHEMADN": schemadn, }) message("Adding schema container (permitted to fail)") - setup_add_ldif(samdb, setup_dir, "provision_schema_basedn.ldif", { + setup_add_ldif(samdb, setup_path("provision_schema_basedn.ldif"), { "SCHEMADN": schemadn, "ACI": aci, "EXTENSIBLEOBJECT": "# no objectClass: extensibleObject for local ldb" }) message("Modifying schema container") - setup_modify_ldif(samdb, setup_dir, "provision_schema_basedn_modify.ldif", { + setup_modify_ldif(samdb, setup_path("provision_schema_basedn_modify.ldif"), { "SCHEMADN": schemadn, "NETBIOSNAME": netbiosname, "DEFAULTSITE": DEFAULTSITE, @@ -566,14 +577,14 @@ def provision(lp, setup_dir, message, blank, paths, session_info, }) message("Setting up sam.ldb Samba4 schema") - setup_add_ldif(samdb, setup_dir, "schema_samba4.ldif", + setup_add_ldif(samdb, setup_path("schema_samba4.ldif"), {"SCHEMADN": schemadn }) message("Setting up sam.ldb AD schema") - setup_add_ldif(samdb, setup_dir, "schema.ldif", + setup_add_ldif(samdb, setup_path("schema.ldif"), {"SCHEMADN": schemadn}) message("Setting up sam.ldb configuration data") - setup_add_ldif(samdb, setup_dir, "provision_configuration.ldif", { + setup_add_ldif(samdb, setup_path("provision_configuration.ldif"), { "CONFIGDN": configdn, "NETBIOSNAME": netbiosname, "DEFAULTSITE": DEFAULTSITE, @@ -584,22 +595,23 @@ def provision(lp, setup_dir, message, blank, paths, session_info, }) message("Setting up display specifiers") - setup_add_ldif(samdb, setup_dir, "display_specifiers.ldif", {"CONFIGDN": configdn}) + setup_add_ldif(samdb, setup_path("display_specifiers.ldif"), + {"CONFIGDN": configdn}) message("Adding users container (permitted to fail)") - setup_add_ldif(samdb, setup_dir, "provision_users_add.ldif", { + setup_add_ldif(samdb, setup_path("provision_users_add.ldif"), { "DOMAINDN": domaindn}) message("Modifying users container") - setup_modify_ldif(samdb, setup_dir, "provision_users_modify.ldif", { + setup_modify_ldif(samdb, setup_path("provision_users_modify.ldif"), { "DOMAINDN": domaindn}) message("Adding computers container (permitted to fail)") - setup_add_ldif(samdb, setup_dir, "provision_computers_add.ldif", { + setup_add_ldif(samdb, setup_path("provision_computers_add.ldif"), { "DOMAINDN": domaindn}) message("Modifying computers container") - setup_modify_ldif(samdb, setup_dir, "provision_computers_modify.ldif", { + setup_modify_ldif(samdb, setup_path("provision_computers_modify.ldif"), { "DOMAINDN": domaindn}) message("Setting up sam.ldb data") - setup_add_ldif(samdb, setup_dir, "provision.ldif", { + setup_add_ldif(samdb, setup_path("provision.ldif"), { "DOMAINDN": domaindn, "NETBIOSNAME": netbiosname, "DEFAULTSITE": DEFAULTSITE, @@ -622,7 +634,7 @@ def provision(lp, setup_dir, message, blank, paths, session_info, # samdb = open_ldb(info, paths.samdb, False) # message("Setting up sam.ldb users and groups") - setup_add_ldif(samdb, setup_dir, "provision_users.ldif", { + setup_add_ldif(samdb, setup_path("provision_users.ldif"), { "DOMAINDN": domaindn, "DOMAINSID": str(domainsid), "CONFIGDN": configdn, @@ -637,7 +649,7 @@ def provision(lp, setup_dir, message, blank, paths, session_info, else: hostguid_add = "" - setup_add_ldif(samdb, setup_dir, "provision_self_join.ldif", { + setup_add_ldif(samdb, setup_path("provision_self_join.ldif"), { "CONFIGDN": configdn, "SCHEMADN": schemadn, "DOMAINDN": domaindn, @@ -651,7 +663,7 @@ def provision(lp, setup_dir, message, blank, paths, session_info, "DOMAIN": domain, "HOSTGUID_ADD": hostguid_add, "DNSDOMAIN": dnsdomain}) - setup_add_ldif(samdb, setup_dir, "provision_group_policy.ldif", { + setup_add_ldif(samdb, setup_path("provision_group_policy.ldif"), { "POLICYGUID": policyguid, "DNSDOMAIN": dnsdomain, "DOMAINSID": str(domainsid), @@ -662,7 +674,7 @@ def provision(lp, setup_dir, message, blank, paths, session_info, os.makedirs(os.path.join(paths.sysvol, dnsdomain, "Policies", "{" + policyguid + "}", "User"), 0755) if not os.path.isdir(paths.netlogon): os.makedirs(paths.netlogon, 0755) - setup_ldb(secrets_ldb, setup_dir, "secrets_dc.ldif", { + setup_ldb(secrets_ldb, setup_path("secrets_dc.ldif"), { "MACHINEPASS_B64": b64encode(machinepass), "DOMAIN": domain, "REALM": realm, @@ -682,10 +694,10 @@ def provision(lp, setup_dir, message, blank, paths, session_info, backup=backup) message("Setting up sam.ldb index") - setup_add_ldif(samdb, setup_dir, "provision_index.ldif") + samdb.load_ldif_file_add(setup_path("provision_index.ldif")) message("Setting up sam.ldb rootDSE marking as syncronized") - setup_modify_ldif(samdb, setup_dir, "provision_rootdse_modify.ldif") + setup_modify_ldif(samdb, setup_path("provision_rootdse_modify.ldif")) except: samdb.transaction_cancel() raise @@ -693,38 +705,33 @@ def provision(lp, setup_dir, message, blank, paths, session_info, samdb.transaction_commit() message("Setting up phpLDAPadmin configuration") - create_phplpapdadmin_config(paths.phpldapadminconfig, setup_dir, paths.s4_ldapi_path) + create_phplpapdadmin_config(paths.phpldapadminconfig, setup_path, paths.s4_ldapi_path) message("Please install the phpLDAPadmin configuration located at %s into /etc/phpldapadmin/config.php" % paths.phpldapadminconfig) message("Setting up DNS zone: %s" % dnsdomain) - provision_dns(setup_dir, paths, session_info, credentials, lp, + create_zone_file(paths.dns, setup_path, samdb, hostname=hostname, hostip=hostip, dnsdomain=dnsdomain, domaindn=domaindn, dnspass=dnspass, realm=realm) message("Please install the zone located in %s into your DNS server" % paths.dns) -def create_phplpapdadmin_config(path, setup_dir, s4_ldapi_path): - setup_file(setup_dir, "phpldapadmin-config.php", +def create_phplpapdadmin_config(path, setup_path, s4_ldapi_path): + setup_file(setup_path("phpldapadmin-config.php"), path, {"S4_LDAPI_URI": "ldapi://%s" % s4_ldapi_path.replace("/", "%2F")}) -def provision_dns(setup_dir, paths, session_info, - credentials, lp, dnsdomain, domaindn, +def create_zone_file(path, setup_path, samdb, dnsdomain, domaindn, hostip, hostname, dnspass, realm): """Write out a DNS zone file, from the info in the current database.""" # connect to the sam - ldb = SamDB(paths.samdb, session_info=session_info, credentials=credentials, - lp=lp) - # These values may have changed, due to an incoming SamSync, # or may not have been specified, so fetch them from the database - domainguid = str(ldb.searchone(Dn(ldb, domaindn), "objectGUID")) + domainguid = samdb.searchone(Dn(samdb, domaindn), "objectGUID") + hostguid = samdb.searchone(Dn(samdb, domaindn), "objectGUID" , + expression="(&(objectClass=computer)(cn=%s))" % hostname) - hostguid = str(ldb.searchone(Dn(ldb, domaindn), "objectGUID" , - expression="(&(objectClass=computer)(cn=%s))" % hostname)) - - setup_file(setup_dir, "provision.zone", paths.dns, { + setup_file(setup_path("provision.zone"), path, { "DNSPASS_B64": b64encode(dnspass), "HOSTNAME": hostname, "DNSDOMAIN": dnsdomain, @@ -744,13 +751,16 @@ def provision_ldapbase(setup_dir, message, paths): rdn_dc = rdns[0][len("DC="):] - setup_file(setup_dir, "provision_basedn.ldif", + def setup_path(file): + return os.path.join(setup_dir, file) + + setup_file(setup_path("provision_basedn.ldif"), paths.ldap_basedn_ldif) - setup_file(setup_dir, "provision_configuration_basedn.ldif", + setup_file(setup_path("provision_configuration_basedn.ldif"), paths.ldap_config_basedn_ldif) - setup_file(setup_dir, "provision_schema_basedn.ldif", + setup_file(setup_path("provision_schema_basedn.ldif"), paths.ldap_schema_basedn_ldif, { "SCHEMADN": schemadn, "ACI": "# no aci for local ldb", @@ -759,15 +769,12 @@ def provision_ldapbase(setup_dir, message, paths): message("Please install the LDIF located in " + paths.ldap_basedn_ldif + ", " + paths.ldap_config_basedn_ldif + " and " + paths.ldap_schema_basedn_ldif + " into your LDAP server, and re-run with --ldap-backend=ldap://my.ldap.server") -def load_schema(setup_dir, samdb, schemadn, netbiosname, configdn): +def load_schema(setup_path, samdb, schemadn, netbiosname, configdn): """Load schema.""" - src = os.path.join(setup_dir, "schema.ldif") - schema_data = open(src, 'r').read() - src = os.path.join(setup_dir, "schema_samba4.ldif") - schema_data += open(src, 'r').read() + schema_data = open(setup_path("schema.ldif"), 'r').read() + schema_data += open(setup_path("schema_samba4.ldif"), 'r').read() schema_data = substitute_var(schema_data, {"SCHEMADN": schemadn}) - src = os.path.join(setup_dir, "provision_schema_basedn_modify.ldif") - head_data = open(src, 'r').read() + head_data = open(setup_path("provision_schema_basedn_modify.ldif"), 'r').read() head_data = substitute_var(head_data, { "SCHEMADN": schemadn, "NETBIOSNAME": netbiosname, @@ -803,33 +810,4 @@ def vampire(domain, session_info, credentials, message): raise Exception("Migration of remote domain to Samba failed: %s " % vampire_ctx.error_string) -def ldb_erase_partitions(domaindn, message, ldb, ldapbackend): - """Erase an ldb, removing all records.""" - assert ldb is not None - res = ldb.search(Dn(ldb, ""), SCOPE_BASE, "(objectClass=*)", - ["namingContexts"]) - assert len(res) == 1 - if not "namingContexts" in res[0]: - return - for basedn in res[0]["namingContexts"]: - anything = "(|(objectclass=*)(dn=*))" - previous_remaining = 1 - current_remaining = 0 - - if ldapbackend and (basedn == domaindn): - # Only delete objects that were created by provision - anything = "(objectcategory=*)" - - k = 0 - while ++k < 10 and (previous_remaining != current_remaining): - # and the rest - res2 = ldb.search(Dn(ldb, basedn), SCOPE_SUBTREE, anything, ["dn"]) - previous_remaining = current_remaining - current_remaining = len(res2) - for msg in res2: - try: - ldb.delete(msg.dn) - except LdbError, (_, text): - message("Unable to delete %s: %s" % (msg.dn, text)) - diff --git a/source4/scripting/python/samba/samdb.py b/source4/scripting/python/samba/samdb.py index 7061e22ce4..84b604dbc4 100644 --- a/source4/scripting/python/samba/samdb.py +++ b/source4/scripting/python/samba/samdb.py @@ -29,8 +29,8 @@ class SamDB(samba.Ldb): modules_dir=None, lp=None): super(SamDB, self).__init__(session_info=session_info, credentials=credentials, modules_dir=modules_dir, lp=lp) - misc.dsdb_set_global_schema(self) - misc.ldb_register_samba_handlers(self) + assert misc.dsdb_set_global_schema(self) == 0 + assert misc.ldb_register_samba_handlers(self) == 0 if url: self.connect(url) diff --git a/source4/scripting/python/samba/tests/__init__.py b/source4/scripting/python/samba/tests/__init__.py index 45588ecb5a..e213c1cc1f 100644 --- a/source4/scripting/python/samba/tests/__init__.py +++ b/source4/scripting/python/samba/tests/__init__.py @@ -67,6 +67,6 @@ class SubstituteVarTestCase(unittest.TestCase): class LdbExtensionTests(TestCaseInTempDir): def test_searchone(self): l = samba.Ldb(self.tempdir + "/searchone.ldb") - l.add({"dn": ldb.Dn(l, "foo=dc"), "bar": "bla"}) + l.add({"dn": "foo=dc", "bar": "bla"}) self.assertEquals("bla", l.searchone(ldb.Dn(l, "foo=dc"), "bar")) diff --git a/source4/scripting/python/samba/tests/provision.py b/source4/scripting/python/samba/tests/provision.py index c8bd99283b..bf7182dbd3 100644 --- a/source4/scripting/python/samba/tests/provision.py +++ b/source4/scripting/python/samba/tests/provision.py @@ -23,11 +23,14 @@ import samba.tests from ldb import Dn setup_dir = "setup" +def setup_path(file): + return os.path.join(setup_dir, file) + class ProvisionTestCase(samba.tests.TestCaseInTempDir): def test_setup_secretsdb(self): ldb = setup_secretsdb(os.path.join(self.tempdir, "secrets.ldb"), - setup_dir, None, None, None) + setup_path, None, None, None) self.assertEquals("LSA Secrets", ldb.searchone(Dn(ldb, "CN=LSA Secrets"), "CN")) diff --git a/source4/scripting/python/samba/upgrade.py b/source4/scripting/python/samba/upgrade.py index 4521d4604d..1c27f8ec25 100644 --- a/source4/scripting/python/samba/upgrade.py +++ b/source4/scripting/python/samba/upgrade.py @@ -537,9 +537,7 @@ replace: @LIST @LIST: samldb,operational,objectguid,rdn_name,samba3sam """) - samdb.add(""" -dn: @MAP=samba3sam -@MAP_URL: %s""" % ldapurl) + samdb.add({"dn": "@MAP=samba3sam", "@MAP_URL": ldapurl}) return ret |