summaryrefslogtreecommitdiff
path: root/source4/scripting/python/samba/provision.py
AgeCommit message (Collapse)AuthorFilesLines
2008-09-08Make it clear that the MMR password can differ from the admin passswordAndrew Bartlett1-6/+8
In the future, we might simply randomly generate this, or allow the admin to specify it seperate to the admin password. However, both are highly sensitive, as they imply read access to the krbtgt. Andrew Bartlett (This used to be commit 57d19ad002c523fb9a09694e6710ab7f588d44ec)
2008-09-08Use DIGEST-MD5 authentication for OpenLDAP replicationOliver Liebel1-0/+12
This avoids passing rootdn passwords or replicated data in cleartext across the network. Signed-of-by: Andrew Bartlett <abartlet@samba.org> (This used to be commit 67373c143a1d8a9f310fd116dbf81c1dd123b75f)
2008-08-21The index handling is now configured from the schema load, not by aAndrew Bartlett1-9/+0
template. Andrew Bartlett (This used to be commit b36c6a21ad12fdc1b53efdc3f29cde7614b4fa9e)
2008-08-20Update OpenLDAP MMR configuration per comments by Oliver LiebelAndrew Bartlett1-19/+18
<oliver@itc.li> This changes the RIDs to be <serverID><DBID>, to ease later debugging. The need to specify the port on the MMR URLs is now included in the help. Andrew Bartlett (This used to be commit a5cbe8c09c6f14f95ff9ba9b8782e2100fc55695)
2008-08-19Merge branch 'v4-0-test' of ssh://git.samba.org/data/git/samba into 4-0-abartletAndrew Bartlett1-1/+11
(This used to be commit fc6b4f03ebba015a13a6ab93221b0bc3ef8ef2ed)
2008-08-19Fix up new OpenLDAP MMR code.Andrew Bartlett1-41/+26
This changes the MMR password from hard-coded value of 'linux', adds tests and fixes the Fedora DS backend. Currently the MMR password matches the admin password, but we can change this to be another random value if required. Also require the port to be specified on the command line, so we don't hard-code a port of 9000. Andrew Bartlett (This used to be commit 08257c6d6ce809fcd53f9b2b4d558fef616b74ce)
2008-08-19Generate Multi-Master Replication configuration for OpenLDAPOliver Liebel1-7/+79
This patches provision-backend and the related scripts to generate the correct configuration blobs for N-way multi-master replication using OpenLDAP. Signed-off-by: Andrew Bartlett <abartlet@samba.org> (This used to be commit 6ed0b3f2475022288f636605492ca27fde97cd52)
2008-08-19Fix templates.ldb reprovision handling.Andrew Bartlett1-1/+11
This sets the attributes in a seperate transaction, and allows a forced delete of the whole file. Andrew Bartlett (This used to be commit 423db2468ba3dac89cebc59c8498c0b08c5f3d7b)
2008-08-01Use new style python classes.Jelmer Vernooij1-3/+5
(This used to be commit 2a39aae0cef310a79427feb1b85f6794ea36849a)
2008-08-01Actually fix missing substitution variables.Jelmer Vernooij1-4/+10
(This used to be commit 783412ecb27d646b171993da0ac2f11a821901d3)
2008-08-01Merge branch 'v4-0-test' of ssh://git.samba.org/data/git/samba into manpageJelmer Vernooij1-27/+9
(This used to be commit c87a8ba1fef1ba508ad6527d0bae4bcdd5b3cb69)
2008-08-01Fix some forgotten substitute variables in provision, add check to prevent ↵Jelmer Vernooij1-0/+2
this sort of regression in the future. (This used to be commit a461118f3b668779f907c4d77cebe1e76fa4e39f)
2008-07-28We don't use EXTENSIBLEOBJECT any more.Andrew Bartlett1-3/+0
(This used to be commit 4b137085c8b89773d4639372bbffd516a41dfc8f)
2008-07-28Make it even clearer what to do next in the LDAP backend setupAndrew Bartlett1-1/+5
(This used to be commit bace931ad674b5071d53bf9c99c383f1d8957e1b)
2008-07-28Always print the slapd startup commandAndrew Bartlett1-1/+2
(This used to be commit b1d05e7d14c65133e8ab0ff9d41a26fa7e3d41d3)
2008-07-28Remove unused function and make sensitive directories private.Andrew Bartlett1-22/+2
(This used to be commit e23333d16397606d38e90684d2d916b5b967cde4)
2008-07-25Merge branch 'v4-0-test' of ssh://git.samba.org/data/git/samba into 4-0-localAndrew Bartlett1-3/+28
(This used to be commit b12dd8ee5443ebfc204d1684f541d68ffb351197)
2008-07-25Complain if we are told to use an ldap backend, without the typeAndrew Bartlett1-0/+2
(This used to be commit e9c3c9ad8289ee48efa998ab6b486250dcd40b52)
2008-07-22Install'named.txt' to private/ as documentation.Andrew Bartlett1-2/+26
This document is much more use when subbed with all the right things. Andrew Bartlett (This used to be commit 136a85599815670c807f212d7d4003ec53a13729)
2008-07-22Improve DNS and Group poicy configurations.Matthias Dieter Wallnöfer1-2/+3
- fixes bug #4813 (simplify DNS setup) - This reworks the named.conf to be a fully fledged include - This also moves the documentation into named.txt - improves bug #4900 (Group policy support in Samba) - by creating an empty GPT.INI - fixes bug #5582 (DNS: Enhanced zone file) - This is now closer to the zone file AD creates committed by Andrew Bartlett (This used to be commit 74d684f6b329d7dd573cdc55e16bb8e629474b02)
2008-07-18Make a seperate template for the refint configuration tooAndrew Bartlett1-3/+4
(This used to be commit d2a527acc5ee6fe9b943657dc9c3ace920b2d619)
2008-07-18Put the memberof template into a seperate setup/ file.Andrew Bartlett1-33/+27
Set a memberof-dn in a fruitless attempt to fix the ACL problem I'm having with OpenLDAP Andrew Bartlett (This used to be commit 6d6e03834a1a77a8ceba41fbe8c9d49680065ba3)
2008-07-16Reorder whitespace in generated slapd.confAndrew Bartlett1-4/+4
This helps us see the real groupings in the generated memberOf handling. Andrew Bartlett (This used to be commit ec70ebb8310e563324233662f8e779c55fb87514)
2008-07-15Fix asking for credentials for non-LDAP provisions.Andrew Bartlett1-1/+1
(This used to be commit 78416f4840df4f8d1f9cc5e46a48b19c86888050)
2008-07-15Rework provision to handle both simple and SASL binds.Andrew Bartlett1-4/+6
Fedora DS is still setup for simple binds only, at this point. (it also fails on other issues). Andrew Bartlett (This used to be commit b24c572d5a38c1f6906751c2ad2f809e1995b510)
2008-07-15Connect to the LDAP backend with SASL credentials.Andrew Bartlett1-9/+38
This reworks our LDAP backend code to move from anonymous access to a shared-secret SASL-protected connection. (SASL selects NTLM or DIGEST-MD5 on my system). To get this working, we must pre-populate the LDAP backend with a DN to store ths SASL secret on, and we use back-ldif for this. This gives us a reasonable basis to deploy a replicated OpenLDAP backend solution. Andrew Bartlett (This used to be commit cd0745253c4a9ec59a035e830e54d74a05b71aaa)
2008-06-19Add a blackbox test for the provision-backend script.Andrew Bartlett1-27/+30
This test (as most tests do :-) found a few bugs, also fixed in this commit. Andrew Bartlett (This used to be commit d96a6482dad54d1d27a87107865e833a9c32cf53)
2008-06-16Try to get a bit further with provisioningSimo Sorce1-1/+4
(This used to be commit 649f6c0c1084828dda7d50bd2904208192de77da)
2008-05-30Fix samdb python test.Jelmer Vernooij1-3/+3
(This used to be commit 0e3d488cc108174ca0f875aab16b9771c2933f19)
2008-05-30Fix up provision and samdb tests.Andrew Bartlett1-2/+3
This fixes up the provision to operate with a target directory - it must override the smb.conf in this case. Andrew Bartlett (This used to be commit 89fc39f7edb214065aff461bc225f41443eae3c7)
2008-05-29Print prefixMap in a human-readable format.Andrew Bartlett1-2/+10
This should allow the prefixMap to be edited, until we find the right way to autogenerate it. Andrew Bartlett (This used to be commit 24ae9a55ec326807afd8d5bfa0a422a6668bd7c3)
2008-05-28provision: Add missing string parameter token when assigning ldap_backend.Andrew Kroeger1-1/+1
(This used to be commit 7d26145a7fba22b2e1c7c57053aab3180a22089d)
2008-05-24Add docstrings to a couple more python modules.Jelmer Vernooij1-2/+2
(This used to be commit b4560c90e5e8d3a35367d3a21d361dc4c9c0de23)
2008-05-23Fix indentation, add docstring in provisioning script.Jelmer Vernooij1-14/+15
(This used to be commit 86a8a085496c292b390c0d6362e3e4d9980df83f)
2008-05-23Some more PEP improvements.Jelmer Vernooij1-17/+18
(This used to be commit 015ca850df9b4c8112b033130023909b1d0b78b7)
2008-05-23Merge branch 'v4-0-test' of ssh://git.samba.org/data/git/samba into v4-0-wsgiJelmer Vernooij1-87/+176
Conflicts: source/scripting/python/samba/provision.py (This used to be commit d27de633656f8a699222df77c4c58326890889a2)
2008-05-23Use restructuredText formatting for docstrings.Jelmer Vernooij1-0/+2
(This used to be commit 0cc58decd74d20f3d7dff93ddef1c8bce4d49ad0)
2008-05-21provision: Generate krb5.conf template separate from named.conf template.Andrew Kroeger1-22/+52
(This used to be commit ebf130e9e57b640129cf0d05dbd7d210b71ea371)
2008-05-18provision: Create instructions for enabling DNS GSS-TSIG updates.Andrew Kroeger1-7/+25
Added code to the python provisioning to create the named.conf file that was previously generated by the EJS provisioning. Updated the named.conf template to provide the additional details necessary to get things working. (This used to be commit 0b7a6bfcba1b906dc4d461882b4c3fe3c91c44e0)
2008-05-11make sure to always use string version of uuid rather than object.Jelmer Vernooij1-2/+3
(This used to be commit bcd5fc7dc9899deb9fa84fdeeb21ed2ddb921308)
2008-05-11Use consistent function names with the standard Python uuid module that is ↵Jelmer Vernooij1-2/+2
available in >= 2.4. (This used to be commit 60d458e3195eef6baf655fee0da7c3f68517e8e6)
2008-04-15Re-add 'db' subdirectory for LDAP backend provisionAndrew Bartlett1-3/+3
Andrew Bartlett (This used to be commit 19890c0d15adf4f099365f276a4bfdd3f4de52b6)
2008-04-15Fix provision-backend scriptAndrew Bartlett1-3/+4
Andrew Bartlett (This used to be commit ee6e4f8da229ddeca856a6db94236367aae06f63)
2008-04-11Don't reopen the sam.ldb againAndrew Bartlett1-2/+0
Andrew Bartlett (This used to be commit b51b8a2d846284de4dff736fc18cf747c188de96)
2008-04-11Far less cryptic traceback when you have an existing smb.confAndrew Bartlett1-6/+21
When the user has an existing smb.conf, but no [netlogon] or [sysvol] share, the provision script would trigger a traceback. While we still need to abort in this situation, we do so now with a useful error. Andrew Bartlett (This used to be commit 10a8b7ea487f9725f69b02c4dd9cf5e1f67a23ab)
2008-04-11Fix merge errors on C provision interface after jelmer's good work.Andrew Bartlett1-1/+1
Merge branch 'v4-0-test' of ssh://git.samba.org/data/git/samba into 4-0-abartlet Conflicts: source/torture/local/torture.c (This used to be commit 5bf1c89cf8af08fbcf4f5089079920840daad7b8)
2008-04-10Add infrastructure for returning ProvisionResult in C provision code.Jelmer Vernooij1-1/+1
(This used to be commit 98c3d34eb233be284e8c8994cca337be25c72968)
2008-04-09Fix up provision to specify SERVERDN in more places.Andrew Bartlett1-0/+5
Andrew Bartlett (This used to be commit d01d542502f25d6c731204ecb3d33720a1706581)
2008-04-09Don't fill in the secrets DB unless we make the entries.Andrew Bartlett1-7/+8
Leave filling in (we still initialise it) the secrets DB for the join or vampire code. Andrew Bartlett (This used to be commit c93208c13ce91b334eadf0ea02fa41354e761e97)
2008-04-09Add docstring, PEP8.Jelmer Vernooij1-5/+15
(This used to be commit f8cac3735c9a19baa313c4b61abee144da303ce1)
generated by cgit (git 2.34.1) at 2025-07-15 20:25:47 +0000