summaryrefslogtreecommitdiff
path: root/source4/setup
AgeCommit message (Collapse)AuthorFilesLines
2008-05-18provision: Create instructions for enabling DNS GSS-TSIG updates.Andrew Kroeger1-27/+108
Added code to the python provisioning to create the named.conf file that was previously generated by the EJS provisioning. Updated the named.conf template to provide the additional details necessary to get things working. (This used to be commit 0b7a6bfcba1b906dc4d461882b4c3fe3c91c44e0)
2008-05-18provision: Allow DNS GSS-TSIG updates to work.Andrew Kroeger1-0/+1
This change ensures the KVNO of the principal in secrets.ldb (which is also exported to the dns.keytab) matches the KVNO associated with the "dns" user. Without explicitly setting msDS-KeyVersionNumber, the KVNO exported into the dns.keytab was 0. KVNO needs to be > 0, as the client libs (at least MIT libs on Fedora) consider KVNO == 0 as a sign to ignore that particular key. (This used to be commit 572efc8e65457a982a8cbb04d3b10e3aae22d574)
2008-05-11Remove python extension from upgrade script.Jelmer Vernooij1-0/+0
(This used to be commit 5268649b7ef60a2caae9cdf66dfeaf6d2037aba3)
2008-04-25Remove vampire.py as the 'net' binary is the right interface.Andrew Bartlett1-53/+0
As some future point we might get these scripting interfaces into better shape, and provide a python interface to this functionality again. Andrew Bartlett (This used to be commit 717dcb2c54b1e22b7c8efb322deec55abb7689c2)
2008-04-18change the default idmap range to 3M -> 4MAndrew Tridgell1-3/+2
This gives us a lot more headroom, and means that we have a lower chance of running into real local users (This used to be commit b2dac6645c3bce45ab2178b9f5b4e017486b5b8e)
2008-04-15Merge branch 'v4-0-test' of ssh://git.samba.org/data/git/samba into v4-0-testAndrew Tridgell3-14/+11
(This used to be commit e891157b4ec7b2f845fb20c4106d80bf169f2072)
2008-04-14make the SMB2 negotiated read and write size settable in smb.confAndrew Tridgell1-0/+2
parametic options: smb2:max read size = NNN smb2:max write size = NNN The defaults are 65536, which is what Vista sets, and what we previously set (This used to be commit 9e60164cae42b5dd95720e48301a2ac57e95482a)
2008-04-14Fix newuser and setpassword scripts, and port to idmap.Andrew Bartlett3-14/+11
The new idmap world does not use the unixUser any more, so we need to set up the entry (if wanted) in the idmap database. Users without a backing unix user will get an allocated uid by idmap later. Andrew Bartlett (This used to be commit 8bd8bc1475ddf22d4702dcd17028a9043a5e629f)
2008-04-11Actually test the different 'fill levels' in the provision process.Andrew Bartlett1-0/+2
This should cover a few more codepaths in the provision script. Andrew Bartlett (This used to be commit 75c8dc6c6f3134bb78356630f24617aaeb869344)
2008-04-09Be consistant in using ${SEVERDN}.Andrew Bartlett5-7/+7
This ensures we don't fall out of sync with the provision scripts. Andrew Bartlett (This used to be commit 566c60b4649e2b94bf467993acd4bf72c7368e5a)
2008-04-08Re-add support for the --ldap-backend-port option to provision-backendAndrew Bartlett1-7/+8
This option allows Fedora DS multi-master replication to work. I've tried to update the wiki and scripts to the largely consistant with each other. Andrew Bartlett (This used to be commit 42393c830733b2cc99ebccdafe944fcf3d82734f)
2008-04-04Clean up provision and rootdse module to hard-code less stuff.Andrew Bartlett1-3/+2
In particular, allow for the server DN to be in a different site (possible outcome of a DRS replication). Andrew Bartlett (This used to be commit 9ee4e39fe178317f42fd9a0adceea24b55dfe0f1)
2008-04-02Fix conflicts in setup/provision script.Andrew Bartlett1-8/+0
(This used to be commit 696b58f5dd8370b7ee0670c7a3e5db10234b41ff)
2008-04-02Fix merge of my host GUID removal and the IPv6 addition to provisionAndrew Bartlett2-1/+13
Merge branch 'v4-0-ipv6' of git://git.id10ts.net/samba into 4-0-abartlet Andrew Bartlett (This used to be commit d3336684f084f984500dd0893dd01bcfc5be0ab1)
2008-04-01provision: Add support for IPv6 (bz #4593).Andrew Kroeger2-2/+6
(This used to be commit 8585a3c77d5dfe97bca3f08716fc06ac2819f578)
2008-04-02Remove references to setting the host GUID, as the repl_meta_dataAndrew Bartlett2-6/+3
module prohibits it anyway. Andrew Bartlett (This used to be commit c5b287c056855892f30fbbf32efe7d65da31ce91)
2008-03-29Rework 'compleated' message in provision to be more useful.Andrew Bartlett1-9/+0
In particular, this should draw attention to accidential 'standalone' server provisions and therefore cause less frustration. Andrew Bartlett (This used to be commit e906ae041a2b589ffceff97b74f7c4b01386382a)
2008-03-28Fix and test python scripts and kerberosAndrew Bartlett3-6/+10
This fixes up the python credentials interface in a number of areas, with the aim of supporting '-k yes' as a command line option. (This enables the use of kerberos). As such, I've had to change the get_credentials call to take a loadparm context, so that the credentials can be initialised correctly. The test_kinit script has been modified to prove that this continues to work, as well as to provide greater code coverage of the kerberos paths. Andrew Bartlett (This used to be commit 727ef40c2b56910028ef3c1092b8eab1bfa6ce63)
2008-03-28Convert some more files to GPLv3.Andrew Kroeger4-4/+4
(This used to be commit ebe5e8399422eb7e2ff4deb546338823e2718907)
2008-03-28Add tool for enabling accountsAndrew Bartlett1-0/+74
(This used to be commit 2e14b4ea64ba7e223f29b5b535b1b1be326f711c)
2008-03-28Make the setup/newuser and setup/setpassword scripts actually work...Andrew Bartlett2-127/+60
These need a testsuite, but this will come soon. Andrew Bartlett (This used to be commit fbcaa622bd1929399e32326349e96b6676a49b96)
2008-03-26Remove old js versions of newuser and provision.Andrew Bartlett3-339/+61
Andrew Bartlett (This used to be commit 861a85985d2d27f58cb8fa2fef0d445c7dac94c6)
2008-03-20Explain why this attribute should be skipped.Andrew Bartlett1-0/+1
Andrew Bartlett (This used to be commit 7503f93f2f07f81ada1b5d9ec8fdd3d5509376ae)
2008-03-15Rework memberof handling in slapd.conf (used for OpenLDAP backend)Andrew Bartlett1-3/+5
Instead of using an include file, put the generated configurationd directly into slapd.conf. Andrew Bartlett (This used to be commit 95ac786136aebfe5ededeb3fb81cbd4e296e3988)
2008-03-13Rework to have member server 'domains' be CN=NETBIOSNAMEAndrew Bartlett2-2/+39
This reworks quite a few parts of our provision system to use CN=NETBIOSNAME as the domain for member servers. This makes it clear that these domains are not in the DNS structure, while complying with our own schema (found by OpenLDAP's schema validation). Andrew Bartlett (This used to be commit bda6a38b055fed2394e65cdc0b308a1442116402)
2008-03-13Update the provision scripts and selftest for LDAPAndrew Bartlett1-3/+3
This should allow us to provision onto an OpenLDAP backend again. Also ensure we always have a sysvol and netlogon share in the selftest environment. Andrew Bartlett (This used to be commit b2d9b03ba3434e76d4d476233a198728523d17f9)
2008-03-13Upgrade provision-backend to python.Andrew Bartlett2-189/+286
This required a large rework of the provision code, so as to move much of the 'guess' logic into subprocedures, rather than just inline in the provision code. Andrew Bartlett (This used to be commit a0754c2a857217ca831c2295b17255d8f38dfbc2)
2008-03-11Fix provision script to work without smb.conf location specified.Andrew Bartlett1-1/+2
Andrew Bartlett (This used to be commit b4da374a998caac18c288a0a6e3fcd2c50cbffa7)
2008-03-11Extend testsuite to cover specifying a domain SID.Andrew Bartlett1-1/+1
Andrew Bartlett (This used to be commit edb7af0685983543c321e3d8b90f6ae07af2e4e3)
2008-03-07accountExpires: Windows default is 9223372036854775807, not -1.Andrew Kroeger2-3/+3
(This used to be commit be47cc7fdfa3cae0508e564f38b793aa27b6eb92)
2008-03-07Try to fix up part of the upgrade test.Andrew Bartlett1-10/+2
There are still problems with the upgrade test, but these are not related to the provision system. Andrew Bartlett (This used to be commit d331bc400fb138bc43be88d0ca8ab3bcd590d2cd)
2008-03-07Rework provision scripts for more testingAndrew Bartlett5-15/+22
This fixes up some issues with testdir (was not honoured) and increases test coverage. We now check all the major provision modes. In doing so, to make it possible to call from the multiple layers of 'sh', I have allowed 'dc' to alias 'domain controller' and 'member' to alias 'member server'. Fighting shell quoting in the test system was just too hard... Also fix upgrade.py Andrew Bartlett (This used to be commit 0923de12282b0e063dd73bc3e056dd5c3663c190)
2008-03-06Make Samba4 pass the NET-API-BECOMEDC test against Win2k3 (again).Andrew Bartlett4-21/+11
To make Samba4, using the python provision system, pass this test required some major rework. Untested code is broken code, and some of the refactoring for a seperate provision test (which also now passes) broke things. Similarly, the iconv work has compiled, but these codepaths have never been run (NULL pointer de-reference). In working to use a local, rather than global, loadparm context, and to support using a target directory, a few things needed to be reworked, particularly around path handling. Andrew Bartlett (This used to be commit 1169e8d7bee20477b0efbfea3534ac63c83fb3d6)
2008-03-04Don't hardcode objectCategory into the schema, even in the schema.Andrew Bartlett1-545/+0
We now load the schema early enough that we can generate this too! Andrew Bartlett (This used to be commit 1adc74c65a3219fc110964ccdf9a9d60a84831da)
2008-02-28Merge branch 'v4-0-test' of git://git.samba.org/samba into 4-0-localAndrew Bartlett1-15/+24
(This used to be commit ba864cfd7ce4b69179431131cac9661cbf48bf32)
2008-02-28Users and computers now share the same template.Andrew Bartlett3-47/+1
Slowly work away at the samldb module again, it is clear that AD does not use much of a templating system. samAccountType is managed, as far as I can tell, when groupType or userAccountControl changes. Andrew Bartlett (This used to be commit 447d5a795441aa6beab2f057c5ac1bc3c04e08c4)
2008-02-27Fix cases, add version number. (#4935)Matthias Dieter Wallnöfer1-15/+24
(This used to be commit d2eb404ba1711abf6bb2718f8bb1dbbd104e7d4d)
2008-02-21idmap: Handle uid->SID mappingKai Blin1-0/+5
(This used to be commit 6ac6de8476ba036eb041e054bc37e4503dc2fde8)
2008-02-21Make setup/provision the name of the python provision script now that that ↵Jelmer Vernooij4-371/+371
is the default. (This used to be commit a0a05c5a3d614d0f2936ecfcab5273a2ef7d61a8)
2008-02-21Be consistant about --ldap-backend-typeAndrew Bartlett1-6/+10
Make the EJS provision and the selftest scripts both use the new syntax for speicifying the ldap backend type. Andrew Bartlett (This used to be commit b1d2584277304be3f2a640465cbf6b2a3ec571cc)
2008-02-13Add python version of newuser.py.Jelmer Vernooij1-0/+61
(This used to be commit f70aef8e51e1a2f186fe71edaa4c81a39b837573)
2008-02-12Add blackbox test for provisioning code to make sure it can be run more than ↵Jelmer Vernooij1-0/+39
once in a row. (This used to be commit 42466d960c86b692ef5e03c045ba24591c5c6f84)
2008-02-09Merge branch 'v4-0-test' of ssh://git.samba.org/data/git/samba into v4-0-trivialJelmer Vernooij2-1/+284
(This used to be commit d4fb8b0d8644cddfa39655fac87a96edc71b2a73)
2008-02-09Fix provision python test.Jelmer Vernooij2-7/+3
(This used to be commit b173fa6bd2b24b5a3e7b4fbcb926f6c9771c10ba)
2008-02-09From a request from Peter Huang, include IPsec sechema.Andrew Bartlett2-1/+284
(We may need to include more defaults in the template, but I want to start small for now). Andrew Bartlett (This used to be commit a466dda118f785bf784548106637577a5e25a30e)
2008-02-08Remove unused parameter from provision()Andrew Bartlett1-1/+1
Andrew Bartlett (This used to be commit c8b0a8a196d8d187a86aef497953d0105436aff8)
2008-01-25python/provision: Create private dir if it didn't exist yet.Jelmer Vernooij1-6/+8
(This used to be commit 66df250ff355d3c1b7f0252fc1f95a8c79a28c6d)
2008-01-25python/provision: Reconcile code partitions-only provisioning and generic ↵Jelmer Vernooij1-42/+41
provisioning, some other minor refactoring of the provisioning. Pair-programmed by Andrew and me using obby :-) (This used to be commit 688adcbb635af87fcfedb869b7f1857a947fd2f9)
2008-01-24Make the repl_meta_data module the default for domain controllers.Andrew Bartlett2-7/+7
Andrew Bartlett (This used to be commit ae2ea1bd0cd2b326b09b372428969f2cf52ce519)
2008-01-24Kill another sub that the modules will handle for us.Andrew Bartlett2-4/+0
(This used to be commit e9bb130d63e86fafc4cbf379e2e237354b88bcf8)