summaryrefslogtreecommitdiff
path: root/source4/scripting
AgeCommit message (Collapse)AuthorFilesLines
2010-02-26s4-provision: setup the dns_update_list at provision timeAndrew Tridgell1-0/+5
This file is substituted at runtime by samba_dnsupdate
2010-02-26s4-provision: if we aren't doing variable substitution then don't check for varsAndrew Tridgell1-1/+1
2010-02-26dns: auto-delete incorrect SRV entries for our hostnameAndrew Tridgell1-8/+15
2010-02-26s4-dns: add automatic dynamic DNS updating scriptAndrew Tridgell1-1/+223
This script checks a list of DNS names that we should have, and does dynamic DNS updates using our machine account credentials to add any missing DNS entries. This allows us to correctly add all the DNS entries we need when we join an existing domain as a DC Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
2010-02-26samdb: added get_ntds_GUID() methodAndrew Tridgell2-0/+39
2010-02-26py-samdb: added server_site_name methodAndrew Tridgell1-0/+3
2010-02-26pyglue: added py_samdb_server_site_name()Andrew Tridgell1-0/+29
2010-02-26py-samdb: added get_invocation_id() methodAndrew Tridgell1-0/+5
2010-02-26pyglue: added py_samdb_ntds_invocation_id()Andrew Tridgell1-0/+36
2010-02-26pyglue: don't return 127.0.0.0/8 IPs in interface_ips()Andrew Tridgell1-5/+18
We don't generally want loopback addresses in the python code
2010-02-26dns: dummy samba_dnsupdate scriptAndrew Tridgell1-0/+38
The merge from metze of my dns tree means we now depend on this. This is a placeholder until Andrew and I have finished the full script.
2010-02-25s4:scripting/devel Allow tmpfs script to be re-runAndrew Bartlett1-1/+4
By doing the unmount, we can avoid double-mounting st and bin
2010-02-24python: ntacls, fix a leftover that is not in the try/except branchMatthieu Patou1-1/+0
Signed-off-by: Matthias Dieter Wallnöfer <mwallnoefer@yahoo.de>
2010-02-23s4-pyglue: added interface_ips() callAndrew Tridgell1-0/+43
This allows a python script to query the internal network interface lists from Samba
2010-02-21s4:provision.py - try to use other addresses than "127.0.0.x" and "::1"Matthias Dieter Wallnöfer1-2/+10
On production systems a user for sure strongly disagrees to use local IP addresses (how should the server be accessible?). Therefore if the user didn't specify an IP as provision option and in the "/etc/hosts" file we have at least one not-local IP which resolves to our hostname use this or one of them. Notice: if a host has more public IP addresses with the same name assigned the behaviour is non-deterministic (well, okay - by the entries order it is). But then the user is invited to specify the host IP manually. This should address bug #5484.
2010-02-20s4:credentials Add hooks to extract a named Kerberos credentials cacheAndrew Bartlett1-0/+30
This allows the integration of external tools that can't be linked into C or python, but need to authenticate as the local machine account. The machineaccountccache script demonstrates this, and debugging has been improved in cli_credentials_set_secrets() by passing back and error string. Andrew Bartlett
2010-02-17s4-provision: freeze the DNS zone before creating the zone fileAndrew Tridgell1-2/+10
This prevents bind from getting confused if it has a journal for the zone.
2010-02-17s4-provision: fix permissions on generated DNS zone fileAndrew Tridgell1-9/+11
The zone file needs to be writeable by bind to allow for it to flush its journal on dynamic updates Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
2010-02-15s4-drs: Function for accessing dsdb_load_partition_usn from PythonFernando J V da Silva1-0/+50
Returns both uSNHighest and uSNUrgent as a dict object in Python from a given partition dn. Signed-off-by: Andrew Tridgell <tridge@samba.org>
2010-02-12s4:getopt.py - set the password callback only when no password has been providedMatthias Dieter Wallnöfer1-4/+6
Previously the "no_pass" and "no_pass2" variables weren't handled correctly. Since at the initialisation of the "CredentialsOptions" we don't have any password at all. Only afterwards we could get one through "set_password". If a password is specified, use it. If no password is specified, consider the use fo an input mask on STDOUT. But if the loadparm context contains one prefer it over the input.
2010-02-12s4-provision: import the R2 functional levelAndrew Tridgell1-1/+1
this makes it easier to modify the script to set us at R2 level in provision. We should make this a parameter.
2010-02-12s4-build: avoid finding python symlinksAndrew Tridgell1-1/+1
emacs creates symlinks to .py files while you are editing them. This could cause build failures.
2010-02-12s4-script: make enablerecyclebin use system_sessionAndrew Tridgell1-1/+2
This allows it to work against our local ldb
2010-02-11provision: Use short name for assignee of ACE (BA, SA, CO, ...)Matthieu Patou1-8/+6
Use short name (shortcut for wellknown SID/RID) for assignee in each entry of ACL (when possible) of sysvol files (GPO objects and netlogon folders). This avoid error prone substitution of DOMAINSID in ACL and make ACL clearer by using shortname for assignee accordingly with SDDL synthax rules. Translation to real SID is handled internaly by the from_sddl function. Signed-off-by: Matthias Dieter Wallnöfer <mwallnoefer@yahoo.de>
2010-02-11python-s4: use secrets.ldb instead of sam.ldb for reading domain SIDMatthieu Patou1-2/+2
This allow to be able to run net acl set xxx yyy on DC, but also on domain member. Signed-off-by: Matthias Dieter Wallnöfer <mwallnoefer@yahoo.de>
2010-02-11provision: Fix an error with eadb when using not default install dir and ↵Matthieu Patou1-1/+5
running as a non root user Signed-off-by: Matthias Dieter Wallnöfer <mwallnoefer@yahoo.de>
2010-02-11s4-provision: cope with umask in creating private/dnsAndrew Tridgell1-0/+2
2010-02-11s4-provision: pre-create a named.conf.update fileAndrew Tridgell1-1/+5
The named.conf.update file will be filled in at runtime by Samba to contain the list of bind9 grant rules for granting DNS dynamic update permissions on the domain.
2010-02-11s4-provision: move zone file to dns subdirectoryAndrew Tridgell1-12/+52
This allows the permissions to be correctly set for bind to write to a journal file. It also sets the right group ownership and permissions on the files that bind needs to access. Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
2010-02-11s4:provision Be more polite to long-suffering Samba testers.Andrew Bartlett1-2/+3
Our testers put up with a lot of odd things when testing out Samba4. Andrew Bartlett
2010-02-10s4:provision Just 'do the right thing' with empty smb.conf filesAndrew Bartlett1-2/+10
For some reason, JHT keeps on creating an empty smb.conf file, expecting it to be the same as a non-existant one. It is easier to just realise what he meant. Andrew Bartlett
2010-02-09s4:Remove "Py_RETURN_NONE" compatibility codeMatthias Dieter Wallnöfer1-4/+0
This was needed only by Python 2.3 which we no longer support.
2010-01-29Fixed a bug caused by a typo. Infrastructure role didn't work.Nadezhda Ivanova1-1/+1
2010-01-27Implemented net fsmo command for transferring fsmo rolesNadezhda Ivanova2-0/+204
The command allows the user to transfer a fsmo role to the server to which the connection is established. Roles can be transferred or seized. By default a transfer is attempted even if seize option is chosen, as it is dangerous to seize a role if the current owner is still running. example use: net fsmo show --host=hostnameoraddress --username=username --password=password net fsmo transfer --role=role --host=hostnameoraddress --username=username --password=password net fsmo seize --role=role --host=hostnameoraddress --username=username --password=password [--force] Tested against Win2008. Does not work for samba 4 yet as we are missing the GetNCChanges extensions.
2010-01-25s4-python: Fix formatting.Jelmer Vernooij3-33/+27
2010-01-25pyxattr: Move to the same directory as the xattr code.Jelmer Vernooij3-269/+0
2010-01-23s4-provision: Fixed typos and redundant codeEndi S. Dewata1-10/+10
Signed-off-by: Matthias Dieter Wallnöfer <mwallnoefer@yahoo.de>
2010-01-21pyxattr: Factor out helper functions.Jelmer Vernooij1-24/+24
2010-01-21pyxattr: Simplify tests.Jelmer Vernooij2-57/+62
2010-01-21pyxattr: Fix tests by not opening tdb files multiple times.Jelmer Vernooij1-2/+0
2010-01-21pyxattr: Fix tests by avoiding opening tdb files multiple times.Jelmer Vernooij1-8/+8
2010-01-21pyxattr: Fix memory leaks.Jelmer Vernooij2-8/+20
2010-01-21pyxattr: Simplify tests.Jelmer Vernooij1-80/+50
2010-01-21pyxattr: Use standard functions for error handling.Jelmer Vernooij2-21/+23
2010-01-21pyxattr: Remove unnecessary hacks.Jelmer Vernooij2-26/+1
2010-01-21s4-python: add some helper for converting ldb_flag to textMatthieu Patou1-0/+33
2010-01-21upgradeprovision: forbid running upgradeprovision when there is more than 1 DCMatthieu Patou1-0/+20
2010-01-21upgradeprovision: mark rIDAvailablePool never upgradedMatthieu Patou1-16/+121
handle properly the fact that missing object might depend on some other in order to be correctly created debug change also if we are in debugall mode
2010-01-21upgradeprovision: reformat + add groupType as possibly overwrittenMatthieu Patou1-9/+12
2010-01-21upgradeprovision: improve info messagesMatthieu Patou1-7/+5