summaryrefslogtreecommitdiff
path: root/source4/setup/provision
AgeCommit message (Collapse)AuthorFilesLines
2010-02-12s4-provision: fixed --function-level option to provisionAndrew Tridgell1-0/+1
we need the DS_DOMAIN_* levels imported
2010-01-21provision: use message and do not display warning if the user choosed ↵Matthieu Patou1-3/+4
delibarately posix:eadb
2010-01-21provision: introduce use-xattr parameter for defining where to store attributesMatthieu Patou1-6/+21
This option allow simple user (non root) to invoke provision without facing an error while insuring that ACL on shared files will always be set
2010-01-21s4: Set acls correctly on all sysvol and scripts sharesMatthieu Patou1-2/+7
2010-01-21s4: regroup gpo modification in one function, set acl on files accordingly ↵Matthieu Patou1-1/+2
with ACL in LDAP
2009-11-28s4:setup/provision - ReworkMatthias Dieter Wallnöfer1-5/+24
- Revert change in "ask" - was previously correct - Readd accidentally removed checks for non-null realm and domainname - On interactive mode perform only one "ask" call per question - Inform the user about the unset administrator password
2009-11-27s4:setup/provision - make the interactive mode work againMatthias Dieter Wallnöfer1-13/+3
2009-11-02s4:provision Rework provision to always have a ProvisionBackendAndrew Bartlett1-1/+1
Rather than treat the LDAP backend as a special case, treat all backends the same, with different callbacks. Andrew Bartlett
2009-10-21s4:provison Allow the NTDS guid on the command line (for testing)Andrew Bartlett1-0/+3
This allows a blackbox test to confirm this can be set. Andrew Bartlett
2009-10-02s4:provision - Change the default forest/domain function level back to ↵Matthias Dieter Wallnöfer1-1/+1
Windows 2003 Native
2009-09-30s4:provision - Lets the user choose between the supported forest/domain ↵Matthias Dieter Wallnöfer1-8/+17
function levels Adds a parameter "--function-level" which allows to specify the domain and forest function level.
2009-09-11s4:group policies - add the domain controller group policyMatthias Dieter Wallnöfer1-2/+5
This patches fixes the last difference between s4 and Windows Server regarding group policy objects: we hadn't the domain controller policy. - Adds the domain controller policy as it is found in the "original" AD - Adds also the right version number in the GPT.INI file for the domain group policy (was missing)
2009-08-17s4: Re-add --ldapadminpass as an option to provisionAndrew Bartlett1-0/+3
This should make setting up LDAP servers more predictable. When not specified, it is random Andrew Bartlett
2009-08-17s4:provision Rework provision-backend into provisionAndrew Bartlett1-14/+21
This removes a *lot* of duplicated code and the cause of much administrator frustration. We now handle starting and stopping the slapd (at least for the provision), and ensure that there is only one 'right' way to configure the OpenLDAP and Fedora DS backend We now run OpenLDAP in 'cn=config' mode for online configuration. To test what was the provision-backend code, a new --ldap-dryrun-mode option has been added to provision. It quits the provision just before it would start the LDAP binaries Andrew Bartlett
2009-07-19provision: Remove unused imports.Jelmer Vernooij1-4/+0
2009-02-11Use convenience function for finding setup_dir based on location ofJelmer Vernooij1-2/+2
python module.
2009-02-11--interactive doesn't take any argument.Jelmer Vernooij1-1/+1
2009-01-21Use script path to find the setup directory.Jelmer Vernooij1-1/+1
2009-01-19Make sure server_role gets initialized in backend provisioning code -Jelmer Vernooij1-1/+1
fixes test.
2009-01-19Don't give fatal python errors when guessing the realmAndrew Bartlett1-2/+12
2009-01-05Use fqdn rather than gethostname when guessing realm.Jelmer Vernooij1-1/+1
2008-12-21Move tests for ParamFile.Jelmer Vernooij1-1/+1
2008-12-21Fix various Python-related bugs.Jelmer Vernooij1-1/+2
2008-12-19Avoid use of parentheses in Python import statements, as it's not supported ↵Jelmer Vernooij1-3/+1
by Python2.3.
2008-12-16s4/provision: Upper case default realm, use only first part of realm as ↵Jelmer Vernooij1-2/+2
default domain name.
2008-12-11Add interactive flag to setup/provision (also the default when no arguments ↵Jelmer Vernooij1-2/+27
are given).
2008-07-15Connect to the LDAP backend with SASL credentials.Andrew Bartlett1-1/+3
This reworks our LDAP backend code to move from anonymous access to a shared-secret SASL-protected connection. (SASL selects NTLM or DIGEST-MD5 on my system). To get this working, we must pre-populate the LDAP backend with a DN to store ths SASL secret on, and we use back-ldif for this. This gives us a reasonable basis to deploy a replicated OpenLDAP backend solution. Andrew Bartlett (This used to be commit cd0745253c4a9ec59a035e830e54d74a05b71aaa)
2008-05-21Move more modules inside of the samba package.Jelmer Vernooij1-2/+2
(This used to be commit 9b39e99f48266a54ed0b8890c2efde218b4b118a)
2008-05-11Set sys.path for running inside source tree.Jelmer Vernooij1-1/+2
(This used to be commit b507109bb676715f7d9616e13b0e19305e9c2559)
2008-05-11Use system python rather than smbpython.Jelmer Vernooij1-0/+2
(This used to be commit d3df51cd01e53383dcc05923d248db03bc6f62e9)
2008-04-14make the SMB2 negotiated read and write size settable in smb.confAndrew Tridgell1-0/+2
parametic options: smb2:max read size = NNN smb2:max write size = NNN The defaults are 65536, which is what Vista sets, and what we previously set (This used to be commit 9e60164cae42b5dd95720e48301a2ac57e95482a)
2008-04-02Fix conflicts in setup/provision script.Andrew Bartlett1-8/+0
(This used to be commit 696b58f5dd8370b7ee0670c7a3e5db10234b41ff)
2008-04-02Fix merge of my host GUID removal and the IPv6 addition to provisionAndrew Bartlett1-1/+11
Merge branch 'v4-0-ipv6' of git://git.id10ts.net/samba into 4-0-abartlet Andrew Bartlett (This used to be commit d3336684f084f984500dd0893dd01bcfc5be0ab1)
2008-04-01provision: Add support for IPv6 (bz #4593).Andrew Kroeger1-2/+4
(This used to be commit 8585a3c77d5dfe97bca3f08716fc06ac2819f578)
2008-04-02Remove references to setting the host GUID, as the repl_meta_dataAndrew Bartlett1-5/+3
module prohibits it anyway. Andrew Bartlett (This used to be commit c5b287c056855892f30fbbf32efe7d65da31ce91)
2008-03-29Rework 'compleated' message in provision to be more useful.Andrew Bartlett1-9/+0
In particular, this should draw attention to accidential 'standalone' server provisions and therefore cause less frustration. Andrew Bartlett (This used to be commit e906ae041a2b589ffceff97b74f7c4b01386382a)
2008-03-28Fix and test python scripts and kerberosAndrew Bartlett1-2/+3
This fixes up the python credentials interface in a number of areas, with the aim of supporting '-k yes' as a command line option. (This enables the use of kerberos). As such, I've had to change the get_credentials call to take a loadparm context, so that the credentials can be initialised correctly. The test_kinit script has been modified to prove that this continues to work, as well as to provide greater code coverage of the kerberos paths. Andrew Bartlett (This used to be commit 727ef40c2b56910028ef3c1092b8eab1bfa6ce63)
2008-03-11Fix provision script to work without smb.conf location specified.Andrew Bartlett1-1/+2
Andrew Bartlett (This used to be commit b4da374a998caac18c288a0a6e3fcd2c50cbffa7)
2008-03-07Rework provision scripts for more testingAndrew Bartlett1-8/+12
This fixes up some issues with testdir (was not honoured) and increases test coverage. We now check all the major provision modes. In doing so, to make it possible to call from the multiple layers of 'sh', I have allowed 'dc' to alias 'domain controller' and 'member' to alias 'member server'. Fighting shell quoting in the test system was just too hard... Also fix upgrade.py Andrew Bartlett (This used to be commit 0923de12282b0e063dd73bc3e056dd5c3663c190)
2008-03-06Make Samba4 pass the NET-API-BECOMEDC test against Win2k3 (again).Andrew Bartlett1-21/+5
To make Samba4, using the python provision system, pass this test required some major rework. Untested code is broken code, and some of the refactoring for a seperate provision test (which also now passes) broke things. Similarly, the iconv work has compiled, but these codepaths have never been run (NULL pointer de-reference). In working to use a local, rather than global, loadparm context, and to support using a target directory, a few things needed to be reworked, particularly around path handling. Andrew Bartlett (This used to be commit 1169e8d7bee20477b0efbfea3534ac63c83fb3d6)
2008-02-21Make setup/provision the name of the python provision script now that that ↵Jelmer Vernooij1-198/+170
is the default. (This used to be commit a0a05c5a3d614d0f2936ecfcab5273a2ef7d61a8)
2008-02-21Be consistant about --ldap-backend-typeAndrew Bartlett1-6/+10
Make the EJS provision and the selftest scripts both use the new syntax for speicifying the ldap backend type. Andrew Bartlett (This used to be commit b1d2584277304be3f2a640465cbf6b2a3ec571cc)
2008-02-08Revert to ejs for 'provision'Andrew Bartlett1-173/+194
Andrew Bartlett (This used to be commit fa1098959ad0016770ce1c327665df08ce3f69d2)
2008-02-08Remove unused argument to provision().Andrew Bartlett1-194/+173
Andrew Bartlett (This used to be commit 2f98ec1e6417c70a48370a62e7a54dfc4f6291c1)
2008-01-24Make the repl_meta_data module the default for domain controllers.Andrew Bartlett1-4/+4
Andrew Bartlett (This used to be commit ae2ea1bd0cd2b326b09b372428969f2cf52ce519)
2008-01-17provision: simplfy by removing old code to manually create baseDNs.Andrew Bartlett1-5/+1
Previously, we would create the first record in the DB as an LDIF file, with the expectation that the administrator would use slapadd to create the database. We now do everything over LDAP, which is far simpler, and allows the LDB module chain to do its work, without special cases. Also fix naming of the output schema when suggesting the comamnd line to run ad2oLschema in provision-backend. Andrew Bartlett (This used to be commit e77375758d66e94e5e0b6e61a97c9281c3d9c71f)
2008-01-11Add in new module to normalise DNs being returned from OpenLDAP. ThisAndrew Bartlett1-2/+2
fixes the case of the attribute in teh DN. Fix option spelling for example re-provision Andrew Bartlett (This used to be commit e3a76be04760a81a9c1b7ad9b139f088decc9ee6)
2008-01-06r26686: Fix bug 5143 by Jason Tarbet. This prevented an easy cut-and-paste ofAndrew Bartlett1-1/+1
the provision options used. Andrew Bartlett (This used to be commit 51cd93344dfeb3556fada523e38bbcd7e51fbbe1)
2007-12-21r26245: Make it easier to handle the LDAP backend, with it's differing needs,Andrew Bartlett1-0/+1
by seperating the modules list into parts. That way, we can remove the modules that the backend will provide. Andrew Bartlett (This used to be commit d67e5c7896f6d3064298897ae4d3204498824b06)
2007-12-21r26137: Rename the entryUUID module to better match it's purpose: being aAndrew Bartlett1-1/+1
simple ldap mapping (a complex mapping will follow). Fix the module to handle 'name' better, rather than using the 'name' attribute built into OpenLDAP, rename to samba4RDN. We need to see if this can be handled in the backend. Also rename the functions and inernal module name to entryuuid for consistancy. Andrew Bartlett (This used to be commit a7be80766f4270d63433bbd6a976ebf302ed3433)