summaryrefslogtreecommitdiff
path: root/source4/scripting
AgeCommit message (Collapse)AuthorFilesLines
2007-10-10r23966: It isn't great, but at least now we have some access control in SWATAndrew Bartlett1-0/+45
This patch prevents non-root and non-administrator users from running the provision, upgrade and vampire pages. *I think* the rest of SWAT is LDB operations, or otherwise authenticated, so we should now be secure. I wish I had a better way to 'prove' we got this right, but this is better than nothing, and moves us closer to an alpha. Andrew Bartlett (This used to be commit d61061052dc4711f886199e49bc303002c8f9b11)
2007-10-10r23907: Fix bug 4790 reported by mwallnoefer@yahoo.de:Andrew Bartlett1-5/+7
Before the provisioning enters to the function provision_default_paths (in scripting/libjs/provision.js), the variable subobj.DNSDOMAIN isn't properly set (for example for the filename of the DNS zonefile). Andrew Bartlett (This used to be commit 07a9db1438df93442c5b50b1b97ca69662749608)
2007-10-10r23875: As pointed out by mwallnoefer@yahoo.de:Andrew Bartlett1-6/+6
On default Active Directory installations, the NETLOGON share isn't an indipendent directory. In fact it's mapped to the subdirectory "scripts" from the share SYSVOL under <Domain name>. Andrew Bartlett (This used to be commit 923d67ea9d78da46235221375b49b6f1d0d6a862)
2007-10-10r23859: Work to have Group Policy work 'out of the box' in Samba4.Andrew Bartlett2-10/+57
This involves creating the SYSVOL and NETLOGON shares at provision time, and creating the right subdirectories. This also changes the behaviour of lp.get("foo") in ejs - we now return undefined, rather than syntax error, if the parameter doesn't exist (perhaps because the share isn't defined). Andrew Bartlett (This used to be commit 45cadf3bc0d38f6600666511a392e1ce353adee7)
2007-10-10r23848: Thanks to derrell for pointing out that I had not finished my patch toAndrew Bartlett1-2/+6
split out the auth methods. This caused all SWAT logins to fail, except when using local system authentication. Andrew Bartlett (This used to be commit b5a9d507a37cd46bd325ff3118c08b4362f267f2)
2007-10-10r23798: updated old Temple Place FSF addresses to new URLAndrew Tridgell1-2/+1
(This used to be commit 40c0919aaa9c1b14bbaebb95ecce53eb0380fdbb)
2007-10-10r23795: more v2->v3 conversionAndrew Tridgell1-1/+1
(This used to be commit 84b468b2f8f2dffda89593f816e8bc6a8b6d42ac)
2007-10-10r23792: convert Samba4 to GPLv3Andrew Tridgell27-81/+54
There are still a few tidyups of old FSF addresses to come (in both s3 and s4). More commits soon. (This used to be commit fcf38a38ac691abd0fa51b89dc951a08e89fdafa)
2007-10-10r23720: Allow the member server to work against an LDAP Backend. Another caseAndrew Bartlett1-0/+10
where LDB isn't as strict as OpenLDAP, the self join record contains duplicate servicePrincipalNames once the DNS name and domain name are made equal. (Easier to just skip the useless self-join). Andrew Bartlett (This used to be commit 49ff929be6fcf57721532de13bdd7a7e1617af6f)
2007-10-10r23717: We need to remove the _ in LDAP_MANAGERPASS for theAndrew Bartlett1-2/+2
--ldap-manager-pass= option to work. Andrew Bartlett (This used to be commit fbcb1ec14125a4ca57922ec75b01af9a99dcd954)
2007-10-10r23716: Clarify LDAP Manager DN and fix slapd startup syntax.Andrew Bartlett1-1/+3
Andrew Bartlett (This used to be commit 17dad5d8c345c2c3a7643bff7a43473339a22d40)
2007-10-10r23715: Make the provision-backend script print out the exact commands to run,Andrew Bartlett1-4/+6
to set up the LDAP backend. Andrew Bartlett (This used to be commit cc7900210a2e473060d5897ec729923ac6b2f18d)
2007-10-10r23703: Start to get Samba4 to again work with LDAP backends, after I turnedAndrew Bartlett1-3/+3
on metze's schema work. Andrew Bartlett (This used to be commit 3111bbdf64f57bf8d2638fd9829c071dcfeb4af1)
2007-10-10r23680: Make it easier to setup a domain member server - the 'server role'Andrew Bartlett1-1/+1
will now control the auth methods, but an override is still available, ex: auth methods:domain controller = <methods> Andrew Bartlett (This used to be commit b7e727186ed8eda6a68c873e089f655dc24fe8ae)
2007-10-10r23560: - Activate metze's schema modules (from metze's schema-loading-13 ↵Andrew Bartlett1-6/+8
patch). - samba3sam.js: rework the samba3sam test to not use objectCategory, as it's has special rules (dnsName a simple match) - ldap.js: Test the ordering of the objectClass attributes for the baseDN - schema_init.c: Load the mayContain and mustContain (and system...) attributes when reading the schema from ldb - To make the schema load not suck in terms of performance, write the schema into a static global variable - ldif_handlers.c: Match objectCategory for equality and canonicolisation based on the loaded schema, not simple tring manipuation - ldb_msg.c: don't duplicate attributes when adding attributes to a list - kludge_acl.c: return allowedAttributesEffective based on schema results and privilages Andrew Bartlett (This used to be commit dcff83ebe463bc7391841f55856d7915c204d000)
2007-10-10r23361: Merge from SAMBA_4_0_RELEASE:Andrew Bartlett1-1/+1
Print the smb.conf path being created in provision. Andrew Bartlett (This used to be commit bb583463bf483e1b355647f9fc93afbfcb9d41d3)
2007-10-10r23351: Merge from SAMBA_4_0_RELEASE:Andrew Bartlett1-18/+22
Fix a nasty issue we had with SWAT. We could not provision into a different domain, as we didn't re-calcuate the DOMAINDN after the user changed it in the form. Andrew Bartlett (This used to be commit 430c998dc9ea41ea29cf184d03404b50ef14f78d)
2007-10-10r23264: Make it more clear what this is actually setting upAndrew Bartlett1-1/+1
(This used to be commit f687bc92aea00aa489d310ac31e08a5718a36ec4)
2007-10-10r23189: Work towards a totally scripted setup of LDAP backends, so others canAndrew Bartlett1-4/+5
easily try this out. I also intend to use this for the selftest, but I'm chasing issues with the OpenlDAP (but not Fedora DS) backend. Andrew Bartlett (This used to be commit 0f457b1d2e20c36ab220b4a6711ce7930c4c7d21)
2007-10-10r23177: Add in a new provision-backend script. This helps set up the ↵Andrew Bartlett2-2/+80
OpenLDAP or Fedora DS backend. This required a new mkdir() call in ejs. We can now provision just the schema for ad2oLschema to operate on (with provision_schema(), without performing the whole provision, just to wipe it again (adjustments to 'make test' to come soon). Andrew Bartlett (This used to be commit 01d54d13dc66ef2127ac52c64ede53d0790738ec)
2007-10-10r23126: this was sitting on my laptop for a while...Rafal Szczesniak2-18/+14
change the way the ejs object is being created and return listing context (with status) rather than collecting all entries gathered from libnet call. rafal (This used to be commit b16787a56120498c985f2617f43250df725c285a)
2007-10-10r23125: add host manager subcontext function.Rafal Szczesniak1-0/+2
rafal (This used to be commit 2f16ff04d22e13cfb2dc5d8b69004d969a4c25fb)
2007-10-10r23124: add host subcontext providing (at the moment) list of domainsRafal Szczesniak3-1/+203
hosted on the server. rafal (This used to be commit 385a094443e29990a2895693f2b6435e3d32c0f3)
2007-10-10r23065: revert local includes to prevent security problems (at leastRafal Szczesniak1-17/+0
temporarily...) rafal (This used to be commit 0ecb8fd81ebbd7327aa5c6b9347aa4dcb1ba6421)
2007-10-10r23047: Allow local inclusion of js files as well as from predefinedRafal Szczesniak1-4/+22
path(s). rafal (This used to be commit 278d26576a625d0fa161f492b902074ea82ef1a8)
2007-10-10r23032: Remove calls to println(), and ensure we print the ldb errstring().Andrew Bartlett1-9/+11
Andrew Bartlett (This used to be commit 5b6f704b24f7da40ce917fe8ed1a500684d1f3cd)
2007-10-10r23012: we need a POLICYGUID in provisionAndrew Tridgell1-0/+1
(This used to be commit b9f8650b20e5132410153f5b61a68dca5df548ff)
2007-10-10r23011: initialisation functions must return NTSTATUS, otherwise we get busAndrew Tridgell1-1/+2
errors on platforms like sparc. This is why sun1 died during provision. (This used to be commit ad6a672ec3cf077d419458e2f07ebe6d9a2b94b2)
2007-10-10r22993: - make it possible to load a dsdb_schema from ldif via the ejs bindingsStefan Metzmacher2-0/+126
- make it possible to set ntds_objectGUID and ntds_invocationId via the ejy bindings metze (This used to be commit df7863ea1c964ec58feedd0bf72ef64456e3a3d1)
2007-10-10r22756: Make it easier to setup an LDAP replica. Provision withAndrew Bartlett1-3/+5
--partitions-only (suggestions for a better name welcome) will setup the partitions records, but no any data in those partitions. This can then point at the already configured remote LDAP server. Andrew Bartlett (This used to be commit ee7b06fc832ca7c572205c7c268c3c7c552effa0)
2007-10-10r22748: fix memleaks by passing an mem_ctx toStefan Metzmacher1-1/+1
irpc_servers_byname() metze (This used to be commit b54584dfabee77ec7743cab431bda9765057a295)
2007-10-10r22622: make it possible to pass the config file via 'SMB_CONF_PATH' envvarStefan Metzmacher1-0/+4
very usefull for make testenv! this makes it also possible to pass a config file to smbscript metze (This used to be commit f65fcd764b656ba9953d88dc7b002e4977af5011)
2007-10-10r22575: move script/tests/ -> selftest/Stefan Metzmacher1-1/+1
as discussed with jelmer and abartlet metze (This used to be commit e9fe3c40e10accb63d7a2124d3a7e77e499c4209)
2007-10-10r22478: Update the LDAP backend code to handle initialisation of multipleAndrew Bartlett1-3/+39
partitions onto the target LDAP server. Make the LDAP provision run before smbd starts, then stop the LDAP server. This ensures this occurs synchronously, We then restart it for the 'real run' (with slapd's stdin being the FIFO). This required fixing a few things in the provision scripts, with more containers being created via a add/modify pair. Andrew Bartlett (This used to be commit 860dfa4ea1ab2b62d4d4fe0644e0a9b882fdafa1)
2007-10-10r22406: this dependencies should also be privateStefan Metzmacher1-3/+3
metze (This used to be commit 7f07895cac3e933b39f81bf67812834352184af0)
2007-10-10r22323: - add credentials property to NetContext objectRafal Szczesniak2-7/+25
- change a comment (matches the idea better) rafal (This used to be commit 4e8d9d3f6066d86af0e6dbe1f7091ce848dceb4f)
2007-10-10r21673: Fix Samba 3 data read tests. I can't figure out why the upgrade one ↵Jelmer Vernooij1-2/+20
is broken, so that one is still disabled. (This used to be commit ef794f03d50022a77303c77045a04d9407d07cbc)
2007-10-10r21541: Export mgmt, samr and atsvc for use in samba-gtk.Jelmer Vernooij1-1/+1
(This used to be commit 7f451cbb8da26cfe27861c402e06b3f34f7ac647)
2007-10-10r21513: I don't know how long this has been wrong, but fix this up so we canAndrew Bartlett1-1/+1
re-provision (as is required for the TEST_LDAP=yes version of make test). Andrew Bartlett (This used to be commit ea4c2ea22fb3975d80130f52edecaf6d1790adde)
2007-10-10r21496: A number of ldb control and LDAP changes, surrounding theAndrew Bartlett1-3/+45
'phantom_root' flag in the search_options control - Add in support for LDB controls to the js layer - Test the behaviour - Implement support for the 'phantom_root' flag in the partitions module - Make the LDAP server set the 'phantom_root' flag in the search_options control - This replaces the global_catalog flag passed down as an opaque pointer - Rework the string-format control parsing function into ldb_parse_control_strings(), returning errors by ldb_errorstring() method, rather than with printf to stderr - Rework some of the ldb_control handling logic Andrew Bartlett (This used to be commit 2b3df7f38d7790358dbb4de1b8609bf794a351fb)
2007-10-10r21419: Give some more clue about what's going onSimo Sorce1-2/+2
(This used to be commit 76b377d5ad5c115e5fbb24a10d543883f04283a6)
2007-10-10r21351: Change ldb ejs bindings return codes.Simo Sorce4-68/+87
We were returning just true/false and discarding error number and string. This checking probably breaks swat, will fix it in next round as swat is what made me look into this as I had no way to get back error messages to show to the users. Simo. (This used to be commit 35886b4ae68be475b0fc8b2689ca04d766661261)
2007-10-10r21294: this is useless, now that there's no operation in between...Stefan Metzmacher1-7/+0
metze (This used to be commit 838d307e6ca0740bc330a5ebc46b95f3181a5c14)
2007-10-10r21135: Instead of having hooks to update keytabs as an explicit thing, updateAndrew Bartlett2-23/+6
them as a hook on ldb modify, via a module. This should allow the secrets.ldb to be edited by the admin, and to have things update in the on-disk keytab just as an in-memory keytab would. This isn't really a dsdb plugin, but I don't have any other good ideas about where to put it. Andrew Bartlett (This used to be commit 6ce557a1aff4754d2622be8f1c6695d9ee788d54)
2007-10-10r20953: add templates in provision_become_dc()Stefan Metzmacher1-0/+3
metze (This used to be commit 306ea74f85c8cd0df767a25c45304cb33410e03c)
2007-10-10r20922: use the show_deleted module by defaultStefan Metzmacher1-0/+1
metze (This used to be commit edc37501d6ecdaf7b13006b732914e21ae0be657)
2007-10-10r20910: fix crash bugStefan Metzmacher1-1/+1
metze (This used to be commit e668d3bd6955f0bd4e37560925c4107fd870c02f)
2007-10-10r20908: - fix uninitialized usage of 'ctx'Stefan Metzmacher1-16/+14
- remove unused mem_ctx variable - copy the userman_domain string as child of obj metze (This used to be commit 575938753bb2f3b8593f240234cff71995a28df8)
2007-10-10r20885: - I forgot the page size passed to enumeration function is actuallyRafal Szczesniak2-4/+10
size of a buffer for result returned, not number of entries - pass libnet function returned status to UserListCtx creation to properly mark the last chunk of the list rafal (This used to be commit 05d307546f93794a0a981c3aa942669b9b18afd1)
2007-10-10r20882: Formatting.Rafal Szczesniak1-0/+1
rafal (This used to be commit fd0650283b750aec7952b025db54ab46020a547d)