summaryrefslogtreecommitdiff
path: root/source4/scripting
AgeCommit message (Collapse)AuthorFilesLines
2012-07-13s4-provision: Provide YP/NIS subtree to allow ADUC to see and set rfc2307 attrsGeza Gemes1-1/+26
When provisioning with --use_rfc2307=yes populate the subtree: CN=ypServ30,CN=RpcServices,CN=System,${DOMAINDN} This makes it possible to manipulate the posix attributes via ADUC (commit message adjusted by abartlet) Signed-off-by: Andrew Bartlett <abartlet@samba.org>
2012-07-06s4-dbcheck: Check for an object without a parentAndrew Bartlett1-0/+44
Such objects are then moved to the appropriate LostAndFound container, just as they would be if replicated. Andrew Bartlett
2012-07-06pydsdb: Add bindings for dsdb_wellknown_dn()Andrew Bartlett1-0/+3
2012-07-06s4-pydsdb: Add bindings for dsdb_find_nc_root()Andrew Bartlett1-0/+3
2012-07-06s4-classicupgrade: Demote any other 'BDC' accounts back to a member server ↵Andrew Bartlett1-2/+12
during upgrade This makes it clear that they cannot be a DC until they are upgraded with samba-tool domain dcpromo. Andrew Bartlett Autobuild-User(master): Andrew Bartlett <abartlet@samba.org> Autobuild-Date(master): Fri Jul 6 09:59:13 CEST 2012 on sn-devel-104
2012-07-06s4-samba-tool: Provide a samba-tool domain dcpromo that upgrades a member to ↵Andrew Bartlett2-10/+121
a DC This command is like dcpromo in that it upgrades the existing workstation account to be a domain controller. The SID (and therefore any file ownerships) is preserved. Andrew Bartlett
2012-07-03samba-tool: gpo: Update copyrightAmitay Isaacs1-1/+1
Autobuild-User(master): Amitay Isaacs <amitay@samba.org> Autobuild-Date(master): Tue Jul 3 09:10:21 CEST 2012 on sn-devel-104
2012-07-03samba-tool: gpo: Improve error messagesAmitay Isaacs1-26/+28
Signed-off-by: Amitay Isaacs <amitay@gmail.com>
2012-07-03samba-tool: gpo: Add del subcommand to delete GPOAmitay Isaacs1-0/+79
Thanks to Denis Bonnenfant <denis.bonnenfant@diderot.org> for patch.
2012-07-03samba-tool: gpo: Add listcontainers subcommand to list containers using ↵Amitay Isaacs1-0/+37
given GPO Thanks to Denis Bonnenfant <denis.bonnenfant@diderot.org> for patch.
2012-07-03samba-tool: gpo: Use utility function dc_url() to set the connection urlAmitay Isaacs1-9/+18
In create and fetch subcommands, we also need to know DC hostname. So first find a DC and use DC hostname to construct connection url. If ldap:// url is specified with -H, then use that to construct DC hostname.
2012-07-03samba-tool: gpo: Refactor code using utility functionsAmitay Isaacs1-40/+8
2012-07-03samba-tool: gpo: Add utility functions get_gpo_containers and del_gpo_linkAmitay Isaacs1-0/+50
Thanks to Denis Bonnenfant <denis.bonnenfant@diderot.org> for patch
2012-07-03samba-tool: Fix indentationAmitay Isaacs2-4/+4
Thanks to Denis Bonnenfant <denis.bonnenfant@diderot.org> for patch.
2012-07-03samba-tool: gpo: Use gpo (id) instead of gpo_dn (DN)Amitay Isaacs1-3/+3
Thanks to Denis Bonnenfant <denis.bonnenfant@diderot.org> for patch.
2012-07-03samba-tool: gpo: Correct the attribute name from gPlink to gPLinkAmitay Isaacs1-3/+3
Thanks to Denis Bonnenfant <denis.bonnenfant@diderot.org> for patch.
2012-07-03samba-tool: gpo: Fix policy DNAmitay Isaacs1-1/+1
Thanks to Denis Bonnenfant <denis.bonnenfant@diderot.org> for patch.
2012-06-24s4-join: Setup correct DNS configurationAndrew Bartlett2-28/+76
This means we do not need to run samba_upgradedns any more. Andrew Bartlett Autobuild-User(master): Andrew Bartlett <abartlet@samba.org> Autobuild-Date(master): Sun Jun 24 18:10:10 CEST 2012 on sn-devel-104
2012-06-25s4-samba_upgradedns: Do not set DNS account for internal serverAndrew Bartlett1-32/+32
The internal DNS server does not need the samba-only NAME-dns account. Andrew Bartlett
2012-06-25s4-join: Import DNS zones in AD DC joinAndrew Bartlett2-20/+57
2012-06-24s4-classicupgrade: Allow DNS backend to be specifiedAndrew Bartlett2-6/+12
2012-06-21samdb: Accept a list of member variables rather than a comma-separated string.Jelmer Vernooij2-6/+8
2012-06-21s4-provision: Give better clues on what Samba needs for s3fs ACL supportAndrew Bartlett1-1/+7
Autobuild-User(master): Andrew Bartlett <abartlet@samba.org> Autobuild-Date(master): Thu Jun 21 14:07:55 CEST 2012 on sn-devel-104
2012-06-21samba-tool: gpo: Fix creation of filesystem ACL from directory ACLAmitay Isaacs1-2/+8
Autobuild-User(master): Amitay Isaacs <amitay@samba.org> Autobuild-Date(master): Thu Jun 21 03:25:57 CEST 2012 on sn-devel-104
2012-06-20s4-idmap: Add parameter 'idmap_ldb:use rfc2307' and correct implementation ↵Andrew Bartlett2-2/+6
errors
2012-06-20s4-provision: Remove --slapd-path optionAndrew Bartlett1-1/+1
This just leaves a default enough for the test code to still check the start of the provision. This may well be removed in future, and we wish to reduce the extra options to provision. Andrew Bartlett
2012-06-20s4-provision: Remove last unused remenants of the 'sid generator' configurationAndrew Bartlett1-10/+3
This was part of the now-abandoned S4 AD LDAP backend project. Andrew Bartlett
2012-06-16s4-classicupgrade: Also ask testparm for 'smb passwd file'Andrew Bartlett1-0/+2
2012-06-16s4-classicupgrade: Use "samba classic" description for samba3 NT4-like ↵Andrew Bartlett1-8/+9
domains in samba3upgrade
2012-06-16s4-lib/param: FLAG DAY for the default FILE SERVERAndrew Bartlett1-4/+4
This commit changes the default file server to be s3fs. Existing installs wishing to keep the ntvfs file server need to set this in their smb.conf: server services = +smb -s3fs dcerpc endpoint services = +winreg +srvsvc Andrew Bartlett
2012-06-16s4-s3upgrade: Assert that administrator has a SID of -500, and only skip ↵Andrew Bartlett1-2/+9
root if it is -500 Many upgraded installations have root as -1000, and so that account needs to be kept. Andrew Bartlett
2012-06-16s4-s3upgrade: Add my wins.dat and fix the parsing errorAndrew Bartlett1-1/+2
The issue was that the numbers at the end of the lines are space padded. Andrew Bartlett
2012-06-16s4-s3upgrade: improve idmap import to use posixAccount and posixGroup entriesAndrew Bartlett1-2/+32
2012-06-16s4-dbcheck: Always specify the dhcheck controlAndrew Bartlett1-0/+1
This will then allow us to make schema modifications, overriding the default ban. Andrew Bartlett
2012-06-15lib/param: Use server role = 'standalone server' to be consistant with ↵Andrew Bartlett2-7/+11
member server standalne is left as an alias. Andrew Bartlett
2012-06-15lib/param: Create a seperate server role for "active directory domain ↵Andrew Bartlett1-13/+14
controller" This will allow us to detect from the smb.conf if this is a Samba4 AD DC which will allow smarter handling of (for example) accidentially starting smbd rather than samba. To cope with upgrades from existing Samba4 installs, 'domain controller' is a synonym of 'active directory domain controller' and new parameters 'classic primary domain controller' and 'classic backup domain controller' are added. Andrew Bartlett
2012-06-12s4:tests: fix use of a non-existent word (existant)Michael Adam3-4/+4
2012-06-12s4:provision: fix use of non-existent word (existant)Michael Adam1-1/+1
2012-06-06s4 dns: Correctly handle A questions for CNAMEsKai Blin1-0/+76
When an A/AAAA lookup is made for a name that actually is a CNAME record, we need to return the CNAME record, and then do the A/AAAA lookup for the name the CNAME points at. This still fails for CNAMEs pointing at records for domains we need to ask our forwarders for. Autobuild-User: Kai Blin <kai@samba.org> Autobuild-Date: Wed Jun 6 15:23:55 CEST 2012 on sn-devel-104
2012-06-06s4 dns: Structure tests a bit betterKai Blin1-0/+3
2012-06-05s4-provision: Test for posix ACLs in the actual sysvol pathAndrew Bartlett1-12/+16
This avoids issues in the previous location where lp may not be initialised at this point and instead simply waits until we have a known sysvol path, and test for ACL support there. Andrew Bartlett
2012-06-05s4-provision: Place xattr.tdb in the actual state directoryAndrew Bartlett1-13/+14
This patch does two things: it fixes up the spelling of "state dir" to "state directory" so that we actually find the smb.conf parameter, and we move it to after we process the global settings in case this is changed in the future. Andrew Bartlett
2012-06-05Add '--use-ntvfs' option to 'samba-tool domain join'Andriy Syrovenko2-13/+17
2012-05-30s4-provision: Use the s3fs file server by default in migrationsAndrew Bartlett1-1/+1
This covers both migrations from s3 and joining a domain as a new DC. Andrew Bartlett Autobuild-User: Andrew Bartlett <abartlet@samba.org> Autobuild-Date: Wed May 30 14:57:22 CEST 2012 on sn-devel-104
2012-05-29s4:dbchecker - handle the "none" case correctlyMatthias Dieter Wallnöfer1-1/+1
This means that *no* fixing will be done, also the first possible one will be omitted as well. Reviewed-by: abartlet Autobuild-User: Matthias Dieter Wallnöfer <mdw@samba.org> Autobuild-Date: Tue May 29 21:36:25 CEST 2012 on sn-devel-104
2012-05-27Avoid all(), as it's not available in Python 2.4.Jelmer Vernooij1-1/+5
Autobuild-User: Jelmer Vernooij <jelmer@samba.org> Autobuild-Date: Sun May 27 16:13:34 CEST 2012 on sn-devel-104
2012-05-24s4/scripting: in MIT build do not install samba-tool, it is not usable yetAlexander Bokovoy2-7/+4
2012-05-23Introduce system MIT krb5 build with --with-system-mitkrb5 option.Alexander Bokovoy2-9/+15
System MIT krb5 build also enabled by specifying --without-ad-dc When --with-system-mitkrb5 (or --withou-ad-dc) option is passed to top level configure in WAF build we are trying to detect and use system-wide MIT krb5 libraries. As result, Samba 4 DC functionality will be disabled due to the fact that it is currently impossible to implement embedded KDC server with MIT krb5. Thus, --with-system-mitkrb5/--without-ad-dc build will only produce * Samba 4 client libraries and their Python bindings * Samba 3 server (smbd, nmbd, winbindd from source3/) * Samba 3 client libraries In addition, Samba 4 DC server-specific tests will not be compiled into smbtorture. This in particular affects spoolss_win, spoolss_notify, and remote_pac rpc tests.
2012-05-23s4: samba-tool is usable without export-keytab command, make sure it does ↵Alexander Bokovoy1-19/+22
not break When export_keytab is not compiled in (pure client-side Samba 4 build as with system MIT krb5), export-keytab command of samba-tool will not be available. Make sure it is not provided but its absence does not break the Python tool.
2012-05-15samba-upgradedns: Use the correct magic incantation of sys.path.insert()Amitay Isaacs1-1/+1
This replaces "bin/python" with the correct path for python libraries. The pattern requires double quotes (") instead of single quotes ('). Autobuild-User: Amitay Isaacs <amitay@samba.org> Autobuild-Date: Tue May 15 05:19:46 CEST 2012 on sn-devel-104