summaryrefslogtreecommitdiff
path: root/source4/scripting
AgeCommit message (Collapse)AuthorFilesLines
2009-11-27s4:upgradeprovision Rework script, and reset machine account pwAndrew Bartlett1-27/+58
The rework corrects some duplication and errors in the original script, found when preparing an automated test of the script. The code to reset the machine account password avoids issues with AES keys and salting, which may not otherwise be solved by the upgrade. Andrew Bartlett
2009-11-27s4:provision Make setting the domain SID in the self join optionalAndrew Bartlett1-3/+4
2009-11-27s4: Improve updateprovisionMatthieu Patou1-33/+52
* Define a simple upgrade process mode (module storage change, file name change, copy of new file) * Move the schema, configuration and current object upgrade into full upgrade mode * Added the --full switch to select the full upgrade mode, and made simple upgrade mode the default * Make updateprovision works without any switch (update the provision in the default location) * Cleanup the messages * Create the reference provision in a subdirectory of the updated provision
2009-11-27s4: Rename the scriptMatthieu Patou1-45/+45
2009-11-25s4:upgradeschema.py Update to reflect recent change in provisionMatthieu Patou1-27/+31
- define which modules we want to use when loading the ldb - move partition in sam.ldb.d dir Changes have been suggested by Andrew Bartlett. (commit message clarified by Andrew Bartlett) Signed-off-by: Andrew Bartlett <abartlet@samba.org>
2009-11-25s4:upgradeschema.py CleanupMatthieu Patou1-6/+1
- remove some useless comments - remove hardcoded paths (commit message clarified by Andrew Bartlett) Signed-off-by: Andrew Bartlett <abartlet@samba.org>
2009-11-24s4: Fix missing TLS dir when targetdir is not the default oneMatthieu Patou1-0/+2
2009-11-24s4:provision Move exceptions into a new fileAndrew Bartlett3-9/+36
This allows provisionbackend and provision to both raise ProvisionException
2009-11-24s4:provision Don't bother with a template for the LDAP backend startup script.Andrew Bartlett1-2/+1
2009-11-23s4:dsdb Move module configuration from each ldb into samba_dsdb.cAndrew Bartlett1-75/+4
This makes getting the module order correct, the obligation of Samba4 developers, and not system administrators. In particular, once an ldb is updated to use only the 'samba_dsdb' module, no further changes to the ldb should be required when upgrading to later Samba4 versions. (thanks to metze for the suggestion of samba_dsdb as a long-term stable name for the module) Andrew Bartlett
2009-11-23s4:provision Simplify the module listAndrew Bartlett1-19/+25
This makes the member server much more like the DC, the objectGUID module replaces the repl_meta_data module. We also generally rework the construction of the list, building a full list in python, and then transforming it into a string, rather than playing string concatonation games Andrew Bartlett
2009-11-20Some changes to allow processing of ldap controls on modify requests.Nadezhda Ivanova2-3/+15
ldap_backend used to filter out ldap controls on modify. Also, modified python binding for ldap_modify to allow writing tests for such controls.
2009-11-17s4:provision Split up reference creation, load schema earlier in the stackAndrew Bartlett1-6/+8
The schema needs to be loaded above the extended_dn_out modules as otherwise we don't get an extended DN in the search results. The reference split is to ensure we create references after the objects they reference exist. Andrew Bartlett
2009-11-17s4:provision Generate a random objectGUID for each schema recordAndrew Bartlett1-0/+2
This is needed to then create extended DNs with GUID attributes in them, when importing from the LDIF Andrew Bartlett
2009-11-16s4:provision - Removed dependency on full Samba 3 schema from FDSEndi S. Dewata3-68/+99
2009-11-12s4:provision - Added LDBBackend and ExistingBackend.Endi S. Dewata2-32/+62
2009-11-12s4:provision - Added constructors for FDSBackend and OpenLDAPBackend.Endi S. Dewata2-43/+95
2009-11-12s4:provision - Added setup() method in LDAPBackend.Endi S. Dewata2-26/+32
2009-11-12s4:provision - Moved provision_xxx_backend() into backend-specific ↵Endi S. Dewata2-318/+287
provision() method.
2009-11-12s4:provision - Added start() method in LDAPBackend.Endi S. Dewata2-13/+20
2009-11-12s4:provision - Added initial implementation of FDSBackend and OpenLDAPBackend.Endi S. Dewata2-37/+68
2009-11-12s4:provision Add C binding to get at the generate schemaAndrew Bartlett1-0/+23
This will allow us to do local tests against that schema
2009-11-12s4:provision Remove unused 'sambadn' parameterAndrew Bartlett2-10/+4
2009-11-05Version 1.0 of the directory service acls module.Nadezhda Ivanova1-1/+1
At this point, support for checks on LDAP add, delete, rename and modify. Old kludge_acl is still there to handle the searches. This module is synchronous as the async version was impossible to debug, will be converted to async after some user testing.
2009-11-05s4:samdb python bindings - add a wrapper for "dsdb_make_schema_global"Matthias Dieter Wallnöfer1-0/+17
2009-11-05s4:samdb python bindings - make the python wrap connect more like the C oneMatthias Dieter Wallnöfer1-3/+10
Add call for setting the create permissions.
2009-11-05s4:samdb python bindings - Reorder some function bodies to match the order ↵Matthias Dieter Wallnöfer1-25/+24
in "ldb_wrap_connect"
2009-11-04Added security descriptor for the domain NC to provisioning.Nadezhda Ivanova1-1/+60
Necessary for correct descriptor inheritance. Based on the default state of a single DC. Will be modified later when we support multiple DCs.
2009-11-04s4:provisioning - Fixed minor bugs in provisioning tool and partition module.Endi S. Dewata1-1/+2
2009-11-02s4:provision Remove LDB backend files in provisionAndrew Bartlett2-41/+12
Rather than try and remove the records in the LDB files, make the provision remove the whole file. This also removes the need to try and carry forward the old ldb filenames. Andrew Bartlett
2009-11-02s4:provision Split ProvisionBackend out of the main provision scriptAndrew Bartlett3-590/+631
This splits the code, while keeping the original behaviour. The provision.py file had become just too long. Andrew Bartlett
2009-11-02s4:provision Inline 'ldap_backend_shutdown' for clarityAndrew Bartlett1-15/+15
2009-11-02s4:provision Fix samdb test with new provision codeAndrew Bartlett1-3/+12
2009-11-02s4:provision Move 'Schema' into it's own fileAndrew Bartlett5-123/+160
2009-11-02s4:provision Make 'linked_attributes' and 'dnsyntax_attributes' a property ↵Andrew Bartlett1-17/+33
of the Schema
2009-11-02s4:provision Rework provision to always have a ProvisionBackendAndrew Bartlett1-165/+188
Rather than treat the LDAP backend as a special case, treat all backends the same, with different callbacks. Andrew Bartlett
2009-11-02s4 - SID allocation using FDS DNA pluginEndi S. Dewata1-7/+32
2009-11-02s4:dsdb - Fixed attribute dereferencing for FDSEndi S. Dewata1-2/+2
2009-11-02s4: Create a script for updating a running provision with change introduced ↵Matthieu Patou1-0/+694
since the initial provision
2009-10-25s4-python: fixed annoyance where control-C doesn't kill our python scriptsAndrew Tridgell1-0/+10
We want our scripts to die immediately when a user hits control-C. Otherwise we not only annoy the hell out of the user, we also risk db corruption as the control-C could get delivered as an exception which gets mis-interpreted (eg. as a missing db object). We use transactions for all our databases, so the right thing to do in all our command line tools is to die immediately.
2009-10-23s4-python: we need to include Python.h firstAndrew Tridgell3-3/+3
If we don't include Python.h first then we get a pile of warnings due to broken redefines of XOPEN_SOURCE in the Python includes.
2009-10-23s4:dsdb Split schema loading and schema data managementAndrew Bartlett1-2/+3
By splitting the module this way, we can load the schema at startup, after the partitions module is operational, but we leave the 'mess with details of entries in the partitions' module to operate only on the partitions module. Loading the schema later allows us to set the @ATTRIBUTES correctly on all the databases. Andrew Bartlett
2009-10-22s4:provision - Reintroduce accidentally removed parameters and checks from ↵Matthias Dieter Wallnöfer1-13/+38
"guess_names" abartlet pointed out that those are essential for a safe and consistent provision.
2009-10-21s4:provision - rework the "guess_names" and "make_smbconf" methodMatthias Dieter Wallnöfer1-37/+18
- Cleans it up from unnecessary "lower()/upper()" and parameters which can be derived through "lp" calls. - Substitute the "HOSTNAME" caption in the "smb.conf" templates with "NETBIOS_NAME" which fits better. - Now the "realm" and "domain" parameter of the provision are totally case insensitive and the script itself up/downcases them appropriately depending on the use (e.g. "realm" upcase for KERBEROS, lowcase for DNS domainname).
2009-10-21s4:provision - important fix for DNS domainname: lower realmMatthias Dieter Wallnöfer1-1/+1
2009-10-21s4:provision Use schema to casefold partitions on 'upgrade'.Andrew Bartlett1-8/+20
This helps us upgrade from sam.ldb files before the dynamic partitions work, and ensures we use the right casefolding functions. Andrew Bartlett
2009-10-21s4:Handle reprovision with existing partitionsAndrew Bartlett1-3/+20
The issue here is that if we don't put the partitions metadata in the database before we wipe it, we won't wipe the partitions contents, and so the provision will later fail (entry already exists) Andrew Bartlett
2009-10-21s4:provision Set @OPTIONS in the provision_init.ldifAndrew Bartlett1-3/+0
The new partitions code knows to copy these items in when creating a new parition, so we can set it from the start. Andrew Bartlett
2009-10-21s4:dsdb Rework modules create new partitions at runtimeAndrew Bartlett1-13/+7
This is done by passing an extended operation to the partitions module to extend the @PARTITION record and to extend the in-memory list of partitions. This also splits things up into module parts that belong above and below repl_meta_data Also slit the partitions module into two files due to the complexity of the code Andrew Barltett
2009-10-17s4-provision: added the default privileges dbAndrew Tridgell1-0/+21
privileges are now stored in a separate database