summaryrefslogtreecommitdiff
path: root/source4/scripting/python
AgeCommit message (Collapse)AuthorFilesLines
2010-08-25s4-dsdb: added get_attid_from_lDAPDisplayName() on samdbAndrew Tridgell1-0/+3
This can be used to form the partial_attribute_set list for GetNCChanges Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
2010-08-25s4-rodc: next step in RODC join codeAndrew Tridgell1-126/+218
a RODC net join can now replicate the schame, config and base partitions, by calling the net.replicate*() python hooks, and driving the GetNCChanges calls from python Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
2010-08-23s4-net: role should be case insensitive for joinAndrew Tridgell1-1/+4
Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
2010-08-23s4-net: added initial implemention of RODC joinAndrew Tridgell2-6/+311
This does the join using python code Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
2010-08-23s4-net: moved the net join command to pythonAndrew Tridgell2-2/+4
Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
2010-08-23s4-python: added ndr_print() method in ndrAndrew Tridgell1-0/+3
2010-08-22s4-net: better error message on net setpasswordAndrew Tridgell1-3/+5
2010-08-20s4-pysamdb: fixed get_domain_sid()Andrew Tridgell1-1/+1
we need to actually return the SID! Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
2010-08-19s4 provision: POLICY_ACL is already an FS acl no need to translate itMatthieu Patou1-2/+1
2010-08-19s4 provision: Add some documentation to GPO related functionsMatthieu Patou2-15/+58
2010-08-19s4 upgradeprovision: add more attrbutes the ignore listMatthieu Patou1-0/+11
Also format in a pretty way the int64 ranges
2010-08-19s4 upgradeprovision: upgrade_delta_samdb return a msg_diff of @ATTRIBUTESMatthieu Patou1-9/+14
This is used by upgradeprovision to readd this delta just before loading a merged schema
2010-08-19s4 upgradeprovision: Fixes for increment_keyversionMatthieu Patou2-2/+20
fix
2010-08-19s4 upgradeprovision: fix a typo and pass correct parameter to ↵Matthieu Patou1-1/+1
increment_calculated_keyversion
2010-08-17s4-net: use an encrypted ldap session when setting passwordsAndrew Tridgell1-0/+3
this allows for "net setpassword -H ldap://server -Uusername%password USERNAME" to set a password remotely on a windows DC Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
2010-08-17s3-provision: cope with the policy directory already existingAndrew Tridgell1-3/+8
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
2010-07-16s4-loadparm: 2nd half of lp_ to lpcfg_ conversionAndrew Tridgell1-2/+2
this converts all callers that use the Samba4 loadparm lp_ calling convention to use the lpcfg_ prefix. Signed-off-by: Andrew Bartlett <abartlet@samba.org>
2010-07-15s4:provision Handle machine account password changes while keeping keytabAndrew Bartlett1-15/+23
The challenge here is to update the existing record if it already exists, rather than deleting the old record. This ensures that the secrets.keytab handling code keeps the previous password in the keytab. Andrew Bartlett
2010-07-15s4: Add unit test for increment_calculated_keyversion_numberMatthieu Patou1-1/+25
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
2010-07-15s4 upgradeprovision: introduce a new function to update the field use for ↵Matthieu Patou1-3/+37
calculating msds-keyversionnumber This function change the version field of the unicodePwd in the replPropertyMetaData so that the version is equal or superior to the reference value passed. Signed-off-by: Andrew Bartlett <abartlet@samba.org>
2010-07-15s4 python: Add functions to samdb to manipulate version of ↵Matthieu Patou2-1/+128
replPropertyMetaData attribute This change contains also helpers for attribute id to attribute oid conversion and from attribute id to attribute name. It brings also unit tests Signed-off-by: Andrew Bartlett <abartlet@samba.org>
2010-07-15s4 dsdb: Use the changereplmetadata controlMatthieu Patou1-11/+78
This control allow to specify the replPropertyMetaData attribute to be specified on modify request. It can be used for very specific needs to tweak the content of the replication data. Signed-off-by: Andrew Bartlett <abartlet@samba.org>
2010-07-15s4 provision: move update_machine_account_password to helpersMatthieu Patou1-1/+44
This is to allow reuse of this function and also unit tests Signed-off-by: Andrew Bartlett <abartlet@samba.org>
2010-07-10s4:provision: also use fixed GUID names of the default group policies for ↵Stefan Metzmacher1-2/+3
domain and domain controllers in tests metze
2010-07-10s4 provision: use correct GUID for default policiesMatthieu Patou1-2/+7
The value of GUID for policy is not random for default policies, it is described here ("How Core Group Policy Works"): http://technet.microsoft.com/en-us/library/cc784268%28WS.10%29.aspx at paragraph System\Policies Container. Signed-off-by: Stefan Metzmacher <metze@samba.org>
2010-07-10s4 net: Add spn module to list/add/remove spn on objectsMatthieu Patou2-0/+219
Signed-off-by: Stefan Metzmacher <metze@samba.org>
2010-07-08s4:samdb.py - "setpassword" - performs password sets using the "unicodePwd" ↵Matthias Dieter Wallnöfer1-7/+3
attribute This does work per default on each AD-compatible DC. "userPassword" support on Windows however has to be activated explicitly by the "dSHeuristics".
2010-07-03s4:pwsettings net utility - change also here the "minPwdAge" to be the real ↵Matthias Dieter Wallnöfer1-2/+2
default Which is one day.
2010-06-29s4:provision Add an msDS-SupportedEncryptionTypes entry to our DCAndrew Bartlett1-1/+16
This ensures that our DC will use all the available encyption types. (The KDC reads this entry to determine what the server supports) Andrew Bartlett
2010-06-26s4:provision.py - fix comment regarding DNS entriesMatthias Dieter Wallnöfer1-1/+1
I think this should mean partially Samba4 specified (all beside the "dns" account is standard)
2010-06-26s4:provision: move Samba4 specific DNS stuff to its own fileStefan Metzmacher1-1/+8
metze
2010-06-26s4:provision: add --next-rid optionStefan Metzmacher1-2/+13
Make it possible to provision a domain with a given next rid counter. This will be useful for upgrades, where we want to import users with already given SIDs. metze
2010-06-26s4:provision: don't use hardcoded values for 'nextRid' and 'rIDAvailablePool'Stefan Metzmacher1-3/+11
On Windows dcpromo imports nextRid from the local SAM, which means it's not hardcoded to 1000. The initlal rIDAvailablePool starts at nextRid + 100. I also found that the RID Set of the local dc should be created via provision and not at runtime, when the first rid is needed. (Tested with dcpromo on w2k8r2, while disabling the DNS check box). After provision we should have this (assuming nextRid=1000): rIDAllocationPool: 1100-1599 rIDPrevAllocationPool: 1100-1599 rIDUsedPool: 0 rIDNextRID: 1100 rIDAvailablePool: 1600-1073741823 Because provision sets rIDNextRid=1100, the first created account (typically DNS related accounts) will get 1101 as rid! metze
2010-06-26s4:provision: pass relax control also to modify_ldifStefan Metzmacher1-2/+2
metze
2010-06-25s4 python: Add unit tests related to PyLong/PyInt handlingMatthieu Patou1-2/+11
Signed-off-by: Jelmer Vernooij <jelmer@samba.org>
2010-06-25s4 upgradeprovision: Try to support older Pythons.Michael Wood1-1/+1
Use "...".split(sep, 1) instead of "...".partition(sep). Signed-off-by: Matthias Dieter Wallnöfer <mdw@samba.org>
2010-06-24s4-python: python is not always in /usr/binAndrew Tridgell53-53/+53
Using "#!/usr/bin/env python" is more portable. It still isn't ideal though, as we should really use the python path found at configure time. We do that in many places already, but some don't. Signed-off-by: Andrew Bartlett <abartlet@samba.org>
2010-06-23Fix to undo nasty hack for for grouptype conversionLukasz Zalewski1-1/+1
Signed-off-by: Jelmer Vernooij <jelmer@samba.org>
2010-06-23s4:net Remove warnings for 2000 native mode and Samba4.Andrew Bartlett1-5/+5
We now support 2000 native mode, and so we just need to warn about mixed mode. Andrew Bartlett
2010-06-23s4:provision Raise default max functional level to 2008R2Andrew Bartlett1-3/+3
We don't support many of the extra features, but that applies across many other parts of AD. Allow the admin to join a 2008R2 domain if he or she wants. This also makes it possible to test 2008R2 domain code in 'make test' Andrew Bartlett
2010-06-23s4:provision Remove am_rodc from SchemaAndrew Bartlett2-5/+5
The SamDB created in the schema code isn't real enough to care if it's an rodc or not.
2010-06-23libds:common Remove DS_DC_* domain functionality flagsAndrew Bartlett2-11/+7
These are just a subset of the DS_DOMAIN_ functionality flags, are compared and often confused with each other. Just make them one set. Andrew Bartlett
2010-06-20s4:python LDB __init__.py - remove completely unused "erase_partitions" callMatthias Dieter Wallnöfer2-36/+0
Seems to be a relict from the past.
2010-06-20provision: Look for Samba prefix a bit harder.Jelmer Vernooij1-4/+6
2010-06-20pydsdb: Mark all SamDB and Schema methods that are in pydsdb asJelmer Vernooij3-17/+17
private, to discourage them being called directly.
2010-06-20provision: Properly cancel transactions on the secrets ldb.Jelmer Vernooij1-122/+131
2010-06-20s4-python: Remove more unused imports, fix use of sets in upgradehelpers.Jelmer Vernooij1-2/+2
2010-06-20Use standard Python syntax, booleans and set()'s where appropriate.Jelmer Vernooij3-23/+28
2010-06-20Remove unnecessary use of transactions.Jelmer Vernooij1-11/+3
2010-06-20ldb: Remove last import of dsdb.Jelmer Vernooij1-12/+0