Age | Commit message (Collapse) | Author | Files | Lines |
|
This file is substituted at runtime by samba_dnsupdate
|
|
|
|
|
|
This script checks a list of DNS names that we should have, and does
dynamic DNS updates using our machine account credentials to add any
missing DNS entries.
This allows us to correctly add all the DNS entries we need when we
join an existing domain as a DC
Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
|
|
|
|
|
|
|
|
|
|
|
|
We don't generally want loopback addresses in the python code
|
|
The merge from metze of my dns tree means we now depend on this. This
is a placeholder until Andrew and I have finished the full script.
|
|
By doing the unmount, we can avoid double-mounting st and bin
|
|
Signed-off-by: Matthias Dieter Wallnöfer <mwallnoefer@yahoo.de>
|
|
This allows a python script to query the internal network interface
lists from Samba
|
|
On production systems a user for sure strongly disagrees to use local IP
addresses (how should the server be accessible?). Therefore if the user didn't
specify an IP as provision option and in the "/etc/hosts" file we have at
least one not-local IP which resolves to our hostname use this or one of them.
Notice: if a host has more public IP addresses with the same name assigned the
behaviour is non-deterministic (well, okay - by the entries order it is). But
then the user is invited to specify the host IP manually.
This should address bug #5484.
|
|
This allows the integration of external tools that can't be linked
into C or python, but need to authenticate as the local machine
account.
The machineaccountccache script demonstrates this, and debugging has
been improved in cli_credentials_set_secrets() by passing back and
error string.
Andrew Bartlett
|
|
This prevents bind from getting confused if it has a journal for the
zone.
|
|
The zone file needs to be writeable by bind to allow for it to flush
its journal on dynamic updates
Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
|
|
Returns both uSNHighest and uSNUrgent as a dict object in Python
from a given partition dn.
Signed-off-by: Andrew Tridgell <tridge@samba.org>
|
|
Previously the "no_pass" and "no_pass2" variables weren't handled correctly.
Since at the initialisation of the "CredentialsOptions" we don't have any
password at all. Only afterwards we could get one through "set_password".
If a password is specified, use it. If no password is specified, consider the
use fo an input mask on STDOUT. But if the loadparm context contains one prefer
it over the input.
|
|
this makes it easier to modify the script to set us at R2 level in
provision. We should make this a parameter.
|
|
emacs creates symlinks to .py files while you are editing them. This
could cause build failures.
|
|
This allows it to work against our local ldb
|
|
Use short name (shortcut for wellknown SID/RID) for assignee in each entry of ACL (when possible)
of sysvol files (GPO objects and netlogon folders).
This avoid error prone substitution of DOMAINSID in ACL and make ACL clearer by using shortname
for assignee accordingly with SDDL synthax rules. Translation to real SID is handled internaly by the
from_sddl function.
Signed-off-by: Matthias Dieter Wallnöfer <mwallnoefer@yahoo.de>
|
|
This allow to be able to run net acl set xxx yyy on DC, but also on domain
member.
Signed-off-by: Matthias Dieter Wallnöfer <mwallnoefer@yahoo.de>
|
|
running as a non root user
Signed-off-by: Matthias Dieter Wallnöfer <mwallnoefer@yahoo.de>
|
|
|
|
The named.conf.update file will be filled in at runtime by Samba to
contain the list of bind9 grant rules for granting DNS dynamic update
permissions on the domain.
|
|
This allows the permissions to be correctly set for bind to write to
a journal file. It also sets the right group ownership and permissions
on the files that bind needs to access.
Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
|
|
Our testers put up with a lot of odd things when testing out Samba4.
Andrew Bartlett
|
|
For some reason, JHT keeps on creating an empty smb.conf file,
expecting it to be the same as a non-existant one. It is easier to
just realise what he meant.
Andrew Bartlett
|
|
This was needed only by Python 2.3 which we no longer support.
|
|
|
|
The command allows the user to transfer a fsmo role to the server to which
the connection is established. Roles can be transferred or seized. By default a
transfer is attempted even if seize option is chosen, as it is dangerous to
seize a role if the current owner is still running.
example use:
net fsmo show --host=hostnameoraddress --username=username --password=password
net fsmo transfer --role=role --host=hostnameoraddress --username=username --password=password
net fsmo seize --role=role --host=hostnameoraddress --username=username --password=password [--force]
Tested against Win2008. Does not work for samba 4 yet as we are missing the GetNCChanges extensions.
|
|
|
|
|
|
Signed-off-by: Matthias Dieter Wallnöfer <mwallnoefer@yahoo.de>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
handle properly the fact that missing object might depend on some other in order to be correctly created
debug change also if we are in debugall mode
|
|
|
|
|