summaryrefslogtreecommitdiff
path: root/source4/setup/provision
AgeCommit message (Collapse)AuthorFilesLines
2011-02-07s4-provision Remove setup_path, setup_dir and find_setup_dirAndrew Bartlett1-8/+2
We now have a reliable way to know the current location of the templates: dyn_SETUPDIR, which is updated for both the in-build and installed binaries. This replaces the function arguments and the distributed resolution of the setup directory with one 'global' function (imported as required). This also removes the ability to specify an alternate setup directory on the command line, as this was rarely if ever used and never tested. Andrew Bartlett
2010-11-26s4-provision: fixed eadb automatic and manual setting in provisionAndrew Tridgell1-4/+2
we should not set posix:eadb in lp in the acl native test code Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
2010-11-17s4-provision: don't test for xattrs if posix:eadb is setAndrew Tridgell1-1/+1
when it is set in smb.conf or on the command line, obey the setting and don't try to test for system xattr support
2010-11-17s4-provision: don't try to autodetect xattr is posix:eadb is setAndrew Tridgell1-1/+1
when posix:eadb is set then we know we should be using an eadb
2010-11-17s4-provision: use the command line lp in provisionAndrew Tridgell1-1/+1
this ensures that provision options are stored in the generated smb.conf
2010-10-19s4-provisionbackend Allow a fixed URI to be specified for LDAP backendAndrew Bartlett1-0/+12
This is added to make the 'existing' LDAP backend class more useful, and to allow debuging of our OpenLDAP backend class with wireshark, by forcing the traffic over loopback TCP, which is much easier to sniff. Andrew Bartlett
2010-10-18s4-provision Use --ldap-backend-nosync rather than just --nosyncAndrew Bartlett1-2/+1
For some reason we had both options, and --ldap-backend-nosync is the better name. Andrew Bartlett
2010-07-10s4:provision: remove --policy-guid and --policy-guid-dc cmdline optionsStefan Metzmacher1-5/+0
metze
2010-06-26s4:provision: add --next-rid optionStefan Metzmacher1-1/+3
Make it possible to provision a domain with a given next rid counter. This will be useful for upgrades, where we want to import users with already given SIDs. metze
2010-06-20selftest: Use scripted testparm.Jelmer Vernooij1-1/+2
2010-06-16s4:provision Add import for DS_DOMAIN_FUNCTION_2000Andrew Bartlett1-0/+1
2010-06-16s4:provision Allow functional level 2000 to be chosenAndrew Bartlett1-1/+3
2010-06-13Friendlier message.Jelmer Vernooij1-2/+2
2010-06-13s4-python: Start using standard python logging infrastructure ratherJelmer Vernooij1-8/+11
than simple messaging callbacks.
2010-04-21s4-provision: cope with --realm being in getopt.pyAndrew Tridgell1-1/+2
we still need to allow for interactive querying of the realm Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
2010-04-08s4-python: More cleanups.Jelmer Vernooij1-1/+2
2010-04-08s4-python: Simplify code, improve formatting.Jelmer Vernooij1-8/+5
2010-04-04s4-python: Move dsdb constants to a separate python module.Jelmer Vernooij1-2/+5
2010-03-25python: use '#!/usr/bin/env python' to cope with varying install locationsAndrew Tridgell1-1/+1
this should be much more portable
2010-03-18Fixed --ol-mmr-url helplineOliver Liebel1-1/+1
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
2010-03-14Reintroduce "s4:provision Improve the handling of provision errors""Matthias Dieter Wallnöfer1-18/+23
This mainly reverts commit f0bc02d74c16bc013e9fdab46ef271cf45873453. Jelmer pointed out a way how we can achieve the same error handling with an older syntax also on Python 2.4+.
2010-03-13Revert "s4:provision Improve the handling of provision errors"Matthias Dieter Wallnöfer1-25/+18
This reverts partially commit 027123199e13cc02ae4edadd8f0dd0f0660e1193. Andrew, this is not Python 2.4+ compatible
2010-03-11s4:provision Improve the handling of provision errorsAndrew Bartlett1-18/+25
The backtraces were too confusing for our users, and didn't tell them what to do to fix the problem. By printing the string (rather than a backtrace), and including in the error what to do, and what file to remove, we give them a chance. Andrew Bartlett
2010-02-12s4-provision: fixed --function-level option to provisionAndrew Tridgell1-0/+1
we need the DS_DOMAIN_* levels imported
2010-01-21provision: use message and do not display warning if the user choosed ↵Matthieu Patou1-3/+4
delibarately posix:eadb
2010-01-21provision: introduce use-xattr parameter for defining where to store attributesMatthieu Patou1-6/+21
This option allow simple user (non root) to invoke provision without facing an error while insuring that ACL on shared files will always be set
2010-01-21s4: Set acls correctly on all sysvol and scripts sharesMatthieu Patou1-2/+7
2010-01-21s4: regroup gpo modification in one function, set acl on files accordingly ↵Matthieu Patou1-1/+2
with ACL in LDAP
2009-11-28s4:setup/provision - ReworkMatthias Dieter Wallnöfer1-5/+24
- Revert change in "ask" - was previously correct - Readd accidentally removed checks for non-null realm and domainname - On interactive mode perform only one "ask" call per question - Inform the user about the unset administrator password
2009-11-27s4:setup/provision - make the interactive mode work againMatthias Dieter Wallnöfer1-13/+3
2009-11-02s4:provision Rework provision to always have a ProvisionBackendAndrew Bartlett1-1/+1
Rather than treat the LDAP backend as a special case, treat all backends the same, with different callbacks. Andrew Bartlett
2009-10-21s4:provison Allow the NTDS guid on the command line (for testing)Andrew Bartlett1-0/+3
This allows a blackbox test to confirm this can be set. Andrew Bartlett
2009-10-02s4:provision - Change the default forest/domain function level back to ↵Matthias Dieter Wallnöfer1-1/+1
Windows 2003 Native
2009-09-30s4:provision - Lets the user choose between the supported forest/domain ↵Matthias Dieter Wallnöfer1-8/+17
function levels Adds a parameter "--function-level" which allows to specify the domain and forest function level.
2009-09-11s4:group policies - add the domain controller group policyMatthias Dieter Wallnöfer1-2/+5
This patches fixes the last difference between s4 and Windows Server regarding group policy objects: we hadn't the domain controller policy. - Adds the domain controller policy as it is found in the "original" AD - Adds also the right version number in the GPT.INI file for the domain group policy (was missing)
2009-08-17s4: Re-add --ldapadminpass as an option to provisionAndrew Bartlett1-0/+3
This should make setting up LDAP servers more predictable. When not specified, it is random Andrew Bartlett
2009-08-17s4:provision Rework provision-backend into provisionAndrew Bartlett1-14/+21
This removes a *lot* of duplicated code and the cause of much administrator frustration. We now handle starting and stopping the slapd (at least for the provision), and ensure that there is only one 'right' way to configure the OpenLDAP and Fedora DS backend We now run OpenLDAP in 'cn=config' mode for online configuration. To test what was the provision-backend code, a new --ldap-dryrun-mode option has been added to provision. It quits the provision just before it would start the LDAP binaries Andrew Bartlett
2009-07-19provision: Remove unused imports.Jelmer Vernooij1-4/+0
2009-02-11Use convenience function for finding setup_dir based on location ofJelmer Vernooij1-2/+2
python module.
2009-02-11--interactive doesn't take any argument.Jelmer Vernooij1-1/+1
2009-01-21Use script path to find the setup directory.Jelmer Vernooij1-1/+1
2009-01-19Make sure server_role gets initialized in backend provisioning code -Jelmer Vernooij1-1/+1
fixes test.
2009-01-19Don't give fatal python errors when guessing the realmAndrew Bartlett1-2/+12
2009-01-05Use fqdn rather than gethostname when guessing realm.Jelmer Vernooij1-1/+1
2008-12-21Move tests for ParamFile.Jelmer Vernooij1-1/+1
2008-12-21Fix various Python-related bugs.Jelmer Vernooij1-1/+2
2008-12-19Avoid use of parentheses in Python import statements, as it's not supported ↵Jelmer Vernooij1-3/+1
by Python2.3.
2008-12-16s4/provision: Upper case default realm, use only first part of realm as ↵Jelmer Vernooij1-2/+2
default domain name.
2008-12-11Add interactive flag to setup/provision (also the default when no arguments ↵Jelmer Vernooij1-2/+27
are given).
2008-07-15Connect to the LDAP backend with SASL credentials.Andrew Bartlett1-1/+3
This reworks our LDAP backend code to move from anonymous access to a shared-secret SASL-protected connection. (SASL selects NTLM or DIGEST-MD5 on my system). To get this working, we must pre-populate the LDAP backend with a DN to store ths SASL secret on, and we use back-ldif for this. This gives us a reasonable basis to deploy a replicated OpenLDAP backend solution. Andrew Bartlett (This used to be commit cd0745253c4a9ec59a035e830e54d74a05b71aaa)