summaryrefslogtreecommitdiff
path: root/source4/scripting
AgeCommit message (Collapse)AuthorFilesLines
2010-10-19s4:samdb.py - remove a pointless commentMatthias Dieter Wallnöfer1-1/+0
We are only looking for the default DN - but the method name already tells us this. Autobuild-User: Matthias Dieter Wallnöfer <mdw@samba.org> Autobuild-Date: Tue Oct 19 10:03:12 UTC 2010 on sn-devel-104
2010-10-19s4:samdb.py - use a more standard way to get to the domain realm/dns nameMatthias Dieter Wallnöfer1-1/+2
We do always use the canonical name as a base if we don't have it around yet.
2010-10-19Addition of userPrincipalName attribute when new account is createdLukasz Zalewski1-0/+2
2010-10-19s4-provisionbackend Allow a fixed URI to be specified for LDAP backendAndrew Bartlett2-54/+60
This is added to make the 'existing' LDAP backend class more useful, and to allow debuging of our OpenLDAP backend class with wireshark, by forcing the traffic over loopback TCP, which is much easier to sniff. Andrew Bartlett
2010-10-19s4-provision Remove serverdn parameter from Schema()Andrew Bartlett4-14/+7
We don't need to know the server DN here any more, and it makes no sense for many callers. Andrew Bartlett
2010-10-10wafsamba: Fix handling of pyembed/pyext.Jelmer Vernooij1-19/+19
2010-10-10wafsamba: Clarify needs_python argument name, use pyembed/pyext whereJelmer Vernooij1-9/+9
applicable. Allow using both pyembed and pyext, to prevent unresolved symbols. Autobuild-User: Jelmer Vernooij <jelmer@samba.org> Autobuild-Date: Sun Oct 10 03:54:01 UTC 2010 on sn-devel-104
2010-10-06waf: fixed some python3.x portability issuesAndrew Tridgell1-3/+4
these have crept into the tree over time. Maybe we should add testing of a range of python versions to autobuild?
2010-10-05s4-provision: Reset "debuglevel" after "provision" take placeKamen Mazdrashki1-7/+9
Otherwise "provision" resets our current debug level and we don't get debug messages we may expect onwards Autobuild-User: Kamen Mazdrashki <kamenim@samba.org> Autobuild-Date: Tue Oct 5 11:32:50 UTC 2010 on sn-devel-104
2010-10-03s4:dsdb python stuff - introduce also here the "show_recycled" controlMatthias Dieter Wallnöfer2-5/+8
But also here beside "show_deleted" to not loose compatibility with older provisions. Signed-off-by: Andrew Bartlett <abartlet@samba.org>
2010-10-02s4-selftest: silence warnings about bind chownAndrew Tridgell1-2/+2
2010-10-02s4-test: silence the Failed to chown message in make testAndrew Tridgell1-3/+5
2010-10-02s4-ldapcmp.py: Don't guess credentials for second Credentials objectKamen Mazdrashki1-1/+1
This allow us to fallback to first credentials given. Autobuild-User: Kamen Mazdrashki <kamenim@samba.org> Autobuild-Date: Sat Oct 2 23:05:20 UTC 2010 on sn-devel-104
2010-10-03s4-getopt.py: Make Anonymous creds when no credentialsKamen Mazdrashki1-2/+7
are supplied on command line and caller doesn't want us to guess credentials from environment
2010-10-03s4-python-test: Common implementation for getting environment variable valueKamen Mazdrashki1-0/+11
Unit-test based python tests require certain input parameters to be set in environment, otherwise they can't be run
2010-10-03s4-python-samba: Remove trailing ';'sKamen Mazdrashki2-29/+29
2010-10-03s4-python-test: Implement global connect_samdb() functionKamen Mazdrashki1-0/+46
This helper makes proper ldb url to connect to and is a shorthand for test to create SamDB connections
2010-10-03s4-samba.samdb: Fix masking names from outer contextKamen Mazdrashki1-17/+17
- 'filter' is built-in - 'ldb' is a module name we imported
2010-10-03s4-python-samba: 'file' is a built-inKamen Mazdrashki1-3/+3
2010-10-03s4-samba.samdb: Fix leading indention and trailing ';'Kamen Mazdrashki1-10/+10
2010-10-03s4-python-samba: Fix few cosmeticsKamen Mazdrashki1-4/+3
- we have sys module already imported - _glue module is part of samba package so be more precise how to import
2010-09-30s4-spn: don't try and send an empty SPN listAndrew Tridgell1-0/+2
Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
2010-09-30s4-provision: wipe the old keytabs when provisioningAndrew Tridgell2-7/+29
Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
2010-09-30s4-rodc: fixed the keyVersionNumber on the RODC account in secrets.keytabAndrew Tridgell1-2/+5
we need to fetch the msDS-keyVersionNumber from the writeable DC Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
2010-09-30LDAPCmp feature to compare nTSecurityDescriptorsZahari Zahariev1-34/+252
New feature that enables LDAPCmp users to find unmatched or missing ACEs in objects for the three naming contexts between DCs in one domain (default) or different domains. Comparing security descriptors is not the default action but attribute compatison. So to activate the new mode there is --sd switch. However there are two view modes to the new --sd action which are 'section' (default) or 'collision'. In 'section' mode you can only find differences connected to missing or value unmatched ACEs but not disorder unmatch if ACE values and count are the same. All of the mentioned differences plus disorder ACE unmatch you can observe under 'collision' view however it is more verbose. Signed-off-by: Anatoliy Atanasov <anatoliy.atanasov@postpath.com>
2010-09-30s4-dns: send A record updates via TKEYAndrew Tridgell1-1/+6
2010-09-29s4-devel: added new options to getncchanges scriptAndrew Tridgell1-9/+65
added --pas, --dest-dsa and --replica-flags options Pair-Programmed-With: Anatoliy Atanasov <anatoliy.atanasov@postpath.com>
2010-09-29s4-spnupdate: when we are a RODC we need to use the WriteSPN DRS callAndrew Tridgell1-10/+57
we can't do SPN updates via sam writes and replication, as the sam is read-only
2010-09-29s4-drsutils: expose DsBind() call in drs_utils.pyAndrew Tridgell1-37/+38
this will be used by samba_spnupdate
2010-09-29s4-kerberos: use TZ=GMT when we are invoking krb5 code in helpersAndrew Tridgell2-0/+12
Our helper scripts can fail on Fedora with the PDT timezone (Western USA). This is the same issue we found with Heimdal earlier today, the 24 second difference between GMT and UTC, but this time in MIT Kerberos as linked into bind9. By forcing TZ=GMT in these scripts we avoid the problem Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
2010-09-27s4-dns: added --update-list option to samba_dnsupdateAndrew Tridgell1-8/+14
this allows us to use it for RODC netlogon updates
2010-09-27s4-dns: use the generated krb5.conf in samba_dnsupdateAndrew Tridgell1-0/+5
this gives one less thing that an admin can get wrong Autobuild-User: Andrew Tridgell <tridge@samba.org> Autobuild-Date: Mon Sep 27 02:35:29 UTC 2010 on sn-devel-104
2010-09-27s4-provision: fixed the generation of the krb5.conf for vampireAndrew Tridgell1-6/+6
we need a correct krb5.conf for nsupdate from bind9
2010-09-26s4-spn: don't try to do SPN updates as a RODCAndrew Tridgell1-0/+4
we don't have the permissions to do it
2010-09-26upgradeprovision: fix a typoMatthieu Patou1-1/+1
2010-09-26upgradeprovision: Fix a bug with renamed entriesMatthieu Patou1-2/+13
The SD was not refetched for renamed entries, resulting with a try to add an additional SD when there was already one.
2010-09-26upgradeprovision: fix a bug with not updated linksMatthieu Patou1-0/+1
2010-09-26s4 provision: start with gpo of version 0 and be consistent between ↵Matthieu Patou1-1/+1
different policies
2010-09-26s4 upgradeprovision: fix a bug with empty reference objectsMatthieu Patou1-1/+9
Thanks to lukas@eecs.qmul.ac.uk for poiting it to me
2010-09-26s4 upgradeprovision: Copy versionNumber if not present it helps to make gpo ↵Matthieu Patou1-3/+3
valid
2010-09-26s4 provision: Make GPO folder group writableMatthieu Patou1-3/+3
The group of this folder is domain administrator and it seems sensible that all domain administrators have the right to modify the gpo (they have it at the NT ACLs level ...)
2010-09-26upgradeprovision: use the same case for hostname in reference provision as ↵Matthieu Patou1-1/+1
in the current provision Autobuild-User: Andrew Tridgell <tridge@samba.org> Autobuild-Date: Sun Sep 26 01:21:52 UTC 2010 on sn-devel-104
2010-09-26s4-provision: switch to dns-HOSTNAME instead of dnsAndrew Tridgell1-7/+23
We now use a host specific account name for the DNS account, which is the account used for dynamic DNS updates. We also setup the servicePrincipalName for automatic update, and add both DNS/${DNSDOMAIN} and DNS/${DNSNAME} for compatibility with both the old and new SPNs Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
2010-09-26s4-ldapcmp: Fix usage of 'paged_search' module for remote LDB connectionsKamen Mazdrashki1-2/+3
2010-09-26s4-ldapcmp: Extend ldapcmp to be able to compare more than one context at a timeKamen Mazdrashki1-20/+33
If no arguments given, ldapcmp will compare all NCs
2010-09-25s4-net: added --ipaddress option to net commandsAndrew Tridgell6-6/+13
this allows override of server IP address, bypassing NBT or DNS name resolution of DCs Pair-Programmed-With: Stefan Metzmacher <metze@samba.org>
2010-09-24s4:provision - rootdse - remove static "ldapServiceName" attributeMatthias Dieter Wallnöfer1-3/+0
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
2010-09-24s4:provision - rootdse - remove static "dnsHostName" attributeMatthias Dieter Wallnöfer1-1/+0
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
2010-09-24s4:provision.py - support still not fully provisioned trees regarding the ↵Matthias Dieter Wallnöfer1-2/+11
rootDSE module We simply override the NTDS settings path manually Signed-off-by: Andrew Bartlett <abartlet@samba.org>
2010-09-24s4:provision.py - make more use of "names.serverdn" on NTDS settings locationMatthias Dieter Wallnöfer1-2/+2
Signed-off-by: Andrew Bartlett <abartlet@samba.org>