summaryrefslogtreecommitdiff
path: root/source4/scripting/python
AgeCommit message (Collapse)AuthorFilesLines
2010-02-12s4:getopt.py - set the password callback only when no password has been providedMatthias Dieter Wallnöfer1-4/+6
Previously the "no_pass" and "no_pass2" variables weren't handled correctly. Since at the initialisation of the "CredentialsOptions" we don't have any password at all. Only afterwards we could get one through "set_password". If a password is specified, use it. If no password is specified, consider the use fo an input mask on STDOUT. But if the loadparm context contains one prefer it over the input.
2010-02-12s4-provision: import the R2 functional levelAndrew Tridgell1-1/+1
this makes it easier to modify the script to set us at R2 level in provision. We should make this a parameter.
2010-02-12s4-build: avoid finding python symlinksAndrew Tridgell1-1/+1
emacs creates symlinks to .py files while you are editing them. This could cause build failures.
2010-02-11provision: Use short name for assignee of ACE (BA, SA, CO, ...)Matthieu Patou1-8/+6
Use short name (shortcut for wellknown SID/RID) for assignee in each entry of ACL (when possible) of sysvol files (GPO objects and netlogon folders). This avoid error prone substitution of DOMAINSID in ACL and make ACL clearer by using shortname for assignee accordingly with SDDL synthax rules. Translation to real SID is handled internaly by the from_sddl function. Signed-off-by: Matthias Dieter Wallnöfer <mwallnoefer@yahoo.de>
2010-02-11python-s4: use secrets.ldb instead of sam.ldb for reading domain SIDMatthieu Patou1-2/+2
This allow to be able to run net acl set xxx yyy on DC, but also on domain member. Signed-off-by: Matthias Dieter Wallnöfer <mwallnoefer@yahoo.de>
2010-02-11provision: Fix an error with eadb when using not default install dir and ↵Matthieu Patou1-1/+5
running as a non root user Signed-off-by: Matthias Dieter Wallnöfer <mwallnoefer@yahoo.de>
2010-02-11s4-provision: cope with umask in creating private/dnsAndrew Tridgell1-0/+2
2010-02-11s4-provision: pre-create a named.conf.update fileAndrew Tridgell1-1/+5
The named.conf.update file will be filled in at runtime by Samba to contain the list of bind9 grant rules for granting DNS dynamic update permissions on the domain.
2010-02-11s4-provision: move zone file to dns subdirectoryAndrew Tridgell1-12/+52
This allows the permissions to be correctly set for bind to write to a journal file. It also sets the right group ownership and permissions on the files that bind needs to access. Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
2010-02-11s4:provision Be more polite to long-suffering Samba testers.Andrew Bartlett1-2/+3
Our testers put up with a lot of odd things when testing out Samba4. Andrew Bartlett
2010-02-10s4:provision Just 'do the right thing' with empty smb.conf filesAndrew Bartlett1-2/+10
For some reason, JHT keeps on creating an empty smb.conf file, expecting it to be the same as a non-existant one. It is easier to just realise what he meant. Andrew Bartlett
2010-02-09s4:Remove "Py_RETURN_NONE" compatibility codeMatthias Dieter Wallnöfer1-4/+0
This was needed only by Python 2.3 which we no longer support.
2010-01-29Fixed a bug caused by a typo. Infrastructure role didn't work.Nadezhda Ivanova1-1/+1
2010-01-27Implemented net fsmo command for transferring fsmo rolesNadezhda Ivanova2-0/+204
The command allows the user to transfer a fsmo role to the server to which the connection is established. Roles can be transferred or seized. By default a transfer is attempted even if seize option is chosen, as it is dangerous to seize a role if the current owner is still running. example use: net fsmo show --host=hostnameoraddress --username=username --password=password net fsmo transfer --role=role --host=hostnameoraddress --username=username --password=password net fsmo seize --role=role --host=hostnameoraddress --username=username --password=password [--force] Tested against Win2008. Does not work for samba 4 yet as we are missing the GetNCChanges extensions.
2010-01-25s4-python: Fix formatting.Jelmer Vernooij3-33/+27
2010-01-25pyxattr: Move to the same directory as the xattr code.Jelmer Vernooij3-269/+0
2010-01-23s4-provision: Fixed typos and redundant codeEndi S. Dewata1-10/+10
Signed-off-by: Matthias Dieter Wallnöfer <mwallnoefer@yahoo.de>
2010-01-21pyxattr: Factor out helper functions.Jelmer Vernooij1-24/+24
2010-01-21pyxattr: Simplify tests.Jelmer Vernooij2-57/+62
2010-01-21pyxattr: Fix tests by not opening tdb files multiple times.Jelmer Vernooij1-2/+0
2010-01-21pyxattr: Fix tests by avoiding opening tdb files multiple times.Jelmer Vernooij1-8/+8
2010-01-21pyxattr: Fix memory leaks.Jelmer Vernooij2-8/+20
2010-01-21pyxattr: Simplify tests.Jelmer Vernooij1-80/+50
2010-01-21pyxattr: Use standard functions for error handling.Jelmer Vernooij2-21/+23
2010-01-21pyxattr: Remove unnecessary hacks.Jelmer Vernooij2-26/+1
2010-01-21s4-python: add some helper for converting ldb_flag to textMatthieu Patou1-0/+33
2010-01-21s4: utils recreate in python setntacl and getntaclMatthieu Patou3-5/+126
setntacl is able to set NTACL attribute from command line getntacl now use getopt for parsing command line option and is also able to dump the acl in the SDDL format.
2010-01-21provision: introduce use-xattr parameter for defining where to store attributesMatthieu Patou1-25/+35
This option allow simple user (non root) to invoke provision without facing an error while insuring that ACL on shared files will always be set
2010-01-21s4-tests: register new unit testsMatthieu Patou2-37/+106
make unit test emit a visible warning
2010-01-21s4-python: add unit test for ntacls manipulation in pythonMatthieu Patou1-0/+99
2010-01-21s4-python: add more unit tests for xattr manipulation in pythonMatthieu Patou1-11/+39
2010-01-21s4: update setntacl and getntacl to select the adaquate backend (fs/tdb) for ↵Matthieu Patou1-16/+54
storing xattr
2010-01-21s4: Set acls correctly on all sysvol and scripts sharesMatthieu Patou1-26/+45
2010-01-21s4: Make unixid optionalMatthieu Patou1-2/+26
Make unixid optional, if value not supplied next id from id pool will be used. Create a function to get next id in id pool.
2010-01-21s4: regroup gpo modification in one function, set acl on files accordingly ↵Matthieu Patou2-19/+164
with ACL in LDAP
2010-01-21s4: Create unit tests for python "samba.xattr" moduleMatthieu Patou2-4/+53
2010-01-21s4: add python bindings for wrap_(s|g)etxattrMatthieu Patou4-2/+286
2010-01-16Import testtools as well, required for subunit.Jelmer Vernooij1-1/+1
2010-01-16Fix permissions - net subcommand modules don't need to be executable.Jelmer Vernooij2-0/+0
2010-01-13Fixed a problem with incorrect default SD owner/group.Nadezhda Ivanova1-1/+1
2010-01-13Comparison tool for LDAP servers (using Ldb)Zahari Zahariev1-0/+52
This tool is integrated with Samba4 Ldb. It provides a useful output where you can find easy differences in objects or attributes within naming context (Domain, Configuration or Schema). Added functionality for two sets of credentials.
2010-01-09s4-schema: fixed the SDDL for the schema root security descriptorAndrew Tridgell1-10/+14
This was preventing a DCPROMO client from allowing outgoing replication
2010-01-08s4-schema: switch to W2K8-R2 schemaAndrew Tridgell1-2/+2
Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
2010-01-08s4-schema: added adminDisplayName and adminDescriptionAndrew Tridgell1-0/+2
These are missing from the WSPP schemas Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
2010-01-08s4-provision: do a self join for all server typesAndrew Tridgell1-22/+17
We need a machine account so the RID allocation code can work. It seems better to use the same code paths for a domain controller and standalone server to avoid testing headaches with little used code.
2010-01-08s4-provision: re-open sam.ldb after creating the schemaAndrew Tridgell1-0/+9
This enables the full schema during the rest of the provision, which means indexing is enabled (along with index error checking, such as duplicate SIDs)
2010-01-08s4-provision: don't hard wire the creation of the RID Set objectAndrew Tridgell1-2/+2
We now create it automatically in the samldb module when the first user is created. The creation of the dns user also had to move to the _modify.ldif as it now relies on the fSMO role being setup for the RID Manager Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
2010-01-08s4-provision: allow provision modifies to add recordsAndrew Tridgell1-1/+4
we need to recognise a changetype of 'add'
2010-01-08s4-provision: the DC object itself needs a fixed objectSIDAndrew Tridgell1-0/+1
We can't allocate a objectSID until we have rIDSetReferences, but that is in the DC object, so we have to force the objectSID of the DC Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
2009-12-31s4-net: fixed pwsettings commandAndrew Tridgell1-6/+6
Don't override user settings with current settings