summaryrefslogtreecommitdiff
path: root/source4/scripting
AgeCommit message (Collapse)AuthorFilesLines
2010-07-17s4: create a simple version of ktpassMatthieu Patou1-0/+93
This script is intended to be a replacement for the ktutil of Windows. It's use is for exporting keytab that will be used for kerberized services.
2010-07-16s4-loadparm: 2nd half of lp_ to lpcfg_ conversionAndrew Tridgell1-2/+2
this converts all callers that use the Samba4 loadparm lp_ calling convention to use the lpcfg_ prefix. Signed-off-by: Andrew Bartlett <abartlet@samba.org>
2010-07-15s4:provision Handle machine account password changes while keeping keytabAndrew Bartlett1-15/+23
The challenge here is to update the existing record if it already exists, rather than deleting the old record. This ensures that the secrets.keytab handling code keeps the previous password in the keytab. Andrew Bartlett
2010-07-15s4 upgradeprovision: Adapt the list of attribute modifiedMatthieu Patou1-4/+25
* isMemberOfPartialAttributeSet is now allowed to be deleted (on schema objects) * attributeDisplayNames is now allowed to be added and modified (used on display specifiers) * spnMapping is now allowed to be altered on Directory Service objects * minPwdAge is now modified if the previous value was 0 We issue a clear information about the userControl attribute for administrator to invite the user to modify himself the value. Signed-off-by: Andrew Bartlett <abartlet@samba.org>
2010-07-15s4 upgradeprovision: Synchronize the calculated keyversionnumber with the ↵Matthieu Patou1-1/+22
one previously stored Signed-off-by: Andrew Bartlett <abartlet@samba.org>
2010-07-15s4 upgradeprovision: do not copy RID Set it's automaticaly created by the ↵Matthieu Patou1-24/+34
RID manager Signed-off-by: Andrew Bartlett <abartlet@samba.org>
2010-07-15s4 upgradeprovision: add function to backup the provision before updatingMatthieu Patou1-152/+268
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
2010-07-15s4 upgradeprovision: fix whitespacesMatthieu Patou1-13/+13
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
2010-07-15s4: Add unit test for increment_calculated_keyversion_numberMatthieu Patou1-1/+25
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
2010-07-15s4 upgradeprovision: introduce a new function to update the field use for ↵Matthieu Patou1-3/+37
calculating msds-keyversionnumber This function change the version field of the unicodePwd in the replPropertyMetaData so that the version is equal or superior to the reference value passed. Signed-off-by: Andrew Bartlett <abartlet@samba.org>
2010-07-15s4 python: Add functions to samdb to manipulate version of ↵Matthieu Patou2-1/+128
replPropertyMetaData attribute This change contains also helpers for attribute id to attribute oid conversion and from attribute id to attribute name. It brings also unit tests Signed-off-by: Andrew Bartlett <abartlet@samba.org>
2010-07-15s4 dsdb: Use the changereplmetadata controlMatthieu Patou1-11/+78
This control allow to specify the replPropertyMetaData attribute to be specified on modify request. It can be used for very specific needs to tweak the content of the replication data. Signed-off-by: Andrew Bartlett <abartlet@samba.org>
2010-07-15s4: Add a simple script to change dc passwordMatthieu Patou1-0/+63
This script will mostly be used by unit test (blackbox type) to test the change of the dc password Signed-off-by: Andrew Bartlett <abartlet@samba.org>
2010-07-15s4 provision: move update_machine_account_password to helpersMatthieu Patou2-49/+51
This is to allow reuse of this function and also unit tests Signed-off-by: Andrew Bartlett <abartlet@samba.org>
2010-07-10s4:provision: also use fixed GUID names of the default group policies for ↵Stefan Metzmacher1-2/+3
domain and domain controllers in tests metze
2010-07-10s4 provision: use correct GUID for default policiesMatthieu Patou1-2/+7
The value of GUID for policy is not random for default policies, it is described here ("How Core Group Policy Works"): http://technet.microsoft.com/en-us/library/cc784268%28WS.10%29.aspx at paragraph System\Policies Container. Signed-off-by: Stefan Metzmacher <metze@samba.org>
2010-07-10s4 net: Add spn module to list/add/remove spn on objectsMatthieu Patou2-0/+219
Signed-off-by: Stefan Metzmacher <metze@samba.org>
2010-07-08s4:samdb.py - "setpassword" - performs password sets using the "unicodePwd" ↵Matthias Dieter Wallnöfer1-7/+3
attribute This does work per default on each AD-compatible DC. "userPassword" support on Windows however has to be activated explicitly by the "dSHeuristics".
2010-07-08s4 upgradeprovision: For SID > 1000 do not copy them, let the system ↵Matthieu Patou1-0/+6
regenerated a new one This should avoid colliion with newly added objects that use the same SID as existing users in the upgraded provision. Signed-off-by: Matthias Dieter Wallnöfer <mdw@samba.org>
2010-07-05DNS objects should not be ignoredZahari Zahariev1-21/+9
Recently I have found that after vampireing from a clean Windows server we have the same DNS objects in the ldb. So ldapcmp has to no longer ignore them. Signed-off-by: Kamen Mazdrashki <kamenim@samba.org>
2010-07-03s4:pwsettings net utility - change also here the "minPwdAge" to be the real ↵Matthias Dieter Wallnöfer1-2/+2
default Which is one day.
2010-06-29s4:provision Add an msDS-SupportedEncryptionTypes entry to our DCAndrew Bartlett1-1/+16
This ensures that our DC will use all the available encyption types. (The KDC reads this entry to determine what the server supports) Andrew Bartlett
2010-06-28s4/spnupdate: Fixed spnupdate to use secrets credentials when accessing SamDB.Endi S. Dewata1-3/+30
Signed-off-by: Matthias Dieter Wallnöfer <mdw@samba.org>
2010-06-26s4:provision.py - fix comment regarding DNS entriesMatthias Dieter Wallnöfer1-1/+1
I think this should mean partially Samba4 specified (all beside the "dns" account is standard)
2010-06-26s4:provision: move Samba4 specific DNS stuff to its own fileStefan Metzmacher1-1/+8
metze
2010-06-26s4:provision: add --next-rid optionStefan Metzmacher1-2/+13
Make it possible to provision a domain with a given next rid counter. This will be useful for upgrades, where we want to import users with already given SIDs. metze
2010-06-26s4:provision: don't use hardcoded values for 'nextRid' and 'rIDAvailablePool'Stefan Metzmacher1-3/+11
On Windows dcpromo imports nextRid from the local SAM, which means it's not hardcoded to 1000. The initlal rIDAvailablePool starts at nextRid + 100. I also found that the RID Set of the local dc should be created via provision and not at runtime, when the first rid is needed. (Tested with dcpromo on w2k8r2, while disabling the DNS check box). After provision we should have this (assuming nextRid=1000): rIDAllocationPool: 1100-1599 rIDPrevAllocationPool: 1100-1599 rIDUsedPool: 0 rIDNextRID: 1100 rIDAvailablePool: 1600-1073741823 Because provision sets rIDNextRid=1100, the first created account (typically DNS related accounts) will get 1101 as rid! metze
2010-06-26s4:provision: pass relax control also to modify_ldifStefan Metzmacher1-2/+2
metze
2010-06-25s4 python: Add unit tests related to PyLong/PyInt handlingMatthieu Patou1-2/+11
Signed-off-by: Jelmer Vernooij <jelmer@samba.org>
2010-06-25s4 upgradeprovision: Try to support older Pythons.Michael Wood1-1/+1
Use "...".split(sep, 1) instead of "...".partition(sep). Signed-off-by: Matthias Dieter Wallnöfer <mdw@samba.org>
2010-06-24s4-python: python is not always in /usr/binAndrew Tridgell54-54/+54
Using "#!/usr/bin/env python" is more portable. It still isn't ideal though, as we should really use the python path found at configure time. We do that in many places already, but some don't. Signed-off-by: Andrew Bartlett <abartlet@samba.org>
2010-06-24s4:upgradeprovision - fix include order for "ldb"Matthias Dieter Wallnöfer1-1/+1
Patch originally posted on the list by Matthieu Patou.
2010-06-23Fix to undo nasty hack for for grouptype conversionLukasz Zalewski1-1/+1
Signed-off-by: Jelmer Vernooij <jelmer@samba.org>
2010-06-23s4:net Remove warnings for 2000 native mode and Samba4.Andrew Bartlett1-5/+5
We now support 2000 native mode, and so we just need to warn about mixed mode. Andrew Bartlett
2010-06-23s4:provision Raise default max functional level to 2008R2Andrew Bartlett1-3/+3
We don't support many of the extra features, but that applies across many other parts of AD. Allow the admin to join a 2008R2 domain if he or she wants. This also makes it possible to test 2008R2 domain code in 'make test' Andrew Bartlett
2010-06-23s4:provision Remove am_rodc from SchemaAndrew Bartlett2-5/+5
The SamDB created in the schema code isn't real enough to care if it's an rodc or not.
2010-06-23libds:common Remove DS_DC_* domain functionality flagsAndrew Bartlett2-11/+7
These are just a subset of the DS_DOMAIN_ functionality flags, are compared and often confused with each other. Just make them one set. Andrew Bartlett
2010-06-22s4/test: fix DC password in selftest-vars.shKamen Mazdrashki1-2/+2
2010-06-21s4 upgradeprovision: fix the logging stuff so that it actually logMatthieu Patou1-0/+2
Signed-off-by: Jelmer Vernooij <jelmer@samba.org>
2010-06-20s4:python LDB __init__.py - remove completely unused "erase_partitions" callMatthias Dieter Wallnöfer2-36/+0
Seems to be a relict from the past.
2010-06-20provision: Look for Samba prefix a bit harder.Jelmer Vernooij1-4/+6
2010-06-20pydsdb: Mark all SamDB and Schema methods that are in pydsdb asJelmer Vernooij3-17/+17
private, to discourage them being called directly.
2010-06-20testparm: Check netbios name and workgroup characters and length.Jelmer Vernooij1-14/+36
2010-06-20provision: Properly cancel transactions on the secrets ldb.Jelmer Vernooij1-122/+131
2010-06-20selftest: Use scripted testparm.Jelmer Vernooij1-2/+2
2010-06-20testparm: Simplify default option handling.Jelmer Vernooij1-19/+14
2010-06-20testparm: Fix suppress prompt option.Jelmer Vernooij1-7/+5
2010-06-20testparm: Fix exit value, install.Jelmer Vernooij2-14/+21
2010-06-20s4-python: Implement LoadParm.dump().Jelmer Vernooij1-1/+1
2010-06-20testparm: Split up functions that do multiple things.Jelmer Vernooij1-40/+33