summaryrefslogtreecommitdiff
path: root/source4/setup
AgeCommit message (Collapse)AuthorFilesLines
2010-01-08s4-provision: RID 1000 is consumed by the machine accountAndrew Tridgell1-1/+1
2010-01-08s4-dsdb: added an extended operation for allocating a new RID poolAndrew Tridgell1-0/+1
This will be called by getncchanges when a client asks for a DRSUAPI_EXOP_FSMO_RID_ALLOC operation Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
2010-01-08s4-provision: don't hard wire the creation of the RID Set objectAndrew Tridgell3-27/+16
We now create it automatically in the samldb module when the first user is created. The creation of the dns user also had to move to the _modify.ldif as it now relies on the fSMO role being setup for the RID Manager Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
2010-01-08s4-provision: the DC object itself needs a fixed objectSIDAndrew Tridgell1-1/+2
We can't allocate a objectSID until we have rIDSetReferences, but that is in the DC object, so we have to force the objectSID of the DC Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
2010-01-08s4-provision: added an initial RID SetAndrew Tridgell2-2/+12
We will allocate RIDs from this set Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
2009-12-31net: Move 'newuser' to 'net newuser'Jelmer Vernooij3-78/+12
Signed-off-by: Andrew Tridgell <tridge@samba.org>
2009-12-31net: Fix tests and documentation of setexpiry.Jelmer Vernooij1-65/+0
Signed-off-by: Andrew Tridgell <tridge@samba.org>
2009-12-31net: Move setexpiry to 'net setexpiry'Jelmer Vernooij1-72/+0
Signed-off-by: Andrew Tridgell <tridge@samba.org>
2009-12-31net: Move 'setpassword' to 'net setpassword'.Jelmer Vernooij1-74/+0
Signed-off-by: Andrew Tridgell <tridge@samba.org>
2009-12-29s4/net: Add domainlevel subcommand.Jelmer Vernooij1-250/+0
2009-12-29s4/net: Make pwsettings a net subcommand.Jelmer Vernooij1-198/+0
2009-12-15s4:provision - Remap conflicting thumbnailPhoto and thumbnailLogo OID's.Endi Sukma Dewata2-0/+8
2009-12-01s4:setup Adjust upgradeprovision blackbox test now we don't have --targetdirAndrew Bartlett1-2/+2
2009-11-28s4:upgrade_from_s3 - Move it back to "setup"Matthias Dieter Wallnöfer1-0/+86
Suggested by Jelmer
2009-11-28s4:setup/provision - ReworkMatthias Dieter Wallnöfer1-5/+24
- Revert change in "ask" - was previously correct - Readd accidentally removed checks for non-null realm and domainname - On interactive mode perform only one "ask" call per question - Inform the user about the unset administrator password
2009-11-28s4: fix SD update and password change in upgrade scriptMatthieu Patou1-1/+1
- reserve a new Samba OID for recalculate SD control - fix the update SD function - fix handling of kvno in the update_machine_account_password function - fix handling of handles in RPC winreg server Signed-off-by: Andrew Tridgell <tridge@samba.org>
2009-11-27s4:setup/provision - make the interactive mode work againMatthias Dieter Wallnöfer1-13/+3
2009-11-27s4:upgrade script - rename it to "upgrade_from_s3" and do some reworkMatthias Dieter Wallnöfer1-83/+0
- Give a better name to the script - Move it to the location where also "upgradeprovision" resides - Fix up trailing whitespaces and tabs
2009-11-27s4:upgradeprovision add 'exit $failed' to blackbox testAndrew Bartlett1-0/+2
2009-11-27s4:selftest Add tests for upgradeprovisionAndrew Bartlett1-0/+26
2009-11-24s4:provision Don't bother with a template for the LDAP backend startup script.Andrew Bartlett1-2/+0
2009-11-24s4:provision Move secrets.ldb over to .c file module lists, like sam.ldbAndrew Bartlett1-1/+1
2009-11-24s4:provision Remove 'operational' from secrets.ldb module listAndrew Bartlett1-1/+1
2009-11-23s4:dsdb Move module configuration from each ldb into samba_dsdb.cAndrew Bartlett2-6/+7
This makes getting the module order correct, the obligation of Samba4 developers, and not system administrators. In particular, once an ldb is updated to use only the 'samba_dsdb' module, no further changes to the ldb should be required when upgrading to later Samba4 versions. (thanks to metze for the suggestion of samba_dsdb as a long-term stable name for the module) Andrew Bartlett
2009-11-23s4:provision Simplify the module listAndrew Bartlett1-1/+1
This makes the member server much more like the DC, the objectGUID module replaces the repl_meta_data module. We also generally rework the construction of the list, building a full list in python, and then transforming it into a string, rather than playing string concatonation games Andrew Bartlett
2009-11-17s4:provision_users.ldif - Descriptions generally begin with a majuscleMatthias Dieter Wallnöfer1-2/+2
2009-11-17s4:provision Split up reference creation, load schema earlier in the stackAndrew Bartlett2-13/+23
The schema needs to be loaded above the extended_dn_out modules as otherwise we don't get an extended DN in the search results. The reference split is to ensure we create references after the objects they reference exist. Andrew Bartlett
2009-11-17s4:dsdb Add 'dsdb_flags' to dsdb_module_search() to enable often-used featuresAndrew Bartlett1-0/+0
These flags, also on dsdb_module_search_dn() allow us to add commonly set controls to this pre-packaged blocking search, without rebuilding the whole function in each caller. Andrew Bartlett
2009-11-16s4:provision - Removed dependency on full Samba 3 schema from FDSEndi S. Dewata3-39/+14
2009-11-04Added security descriptor for the domain NC to provisioning.Nadezhda Ivanova1-0/+1
Necessary for correct descriptor inheritance. Based on the default state of a single DC. Will be modified later when we support multiple DCs.
2009-11-02s4:provision Rework provision to always have a ProvisionBackendAndrew Bartlett1-1/+1
Rather than treat the LDAP backend as a special case, treat all backends the same, with different callbacks. Andrew Bartlett
2009-11-02s4 - SID allocation using FDS DNA pluginEndi S. Dewata6-0/+32
2009-11-02s4:dsdb - Store SID as string in FDS.Endi S. Dewata1-0/+2
2009-11-02s4 - Mapped AD schema to existing FDS schema.Endi S. Dewata3-1/+68
2009-10-23s4:setup Mark 'cn' in secrets as case insensitiveAndrew Bartlett1-0/+1
While this does not matter very much, others may later expect 'cn' to be case insensitive. Andrew Bartlett
2009-10-21s4:provision - rework the "guess_names" and "make_smbconf" methodMatthias Dieter Wallnöfer3-3/+3
- Cleans it up from unnecessary "lower()/upper()" and parameters which can be derived through "lp" calls. - Substitute the "HOSTNAME" caption in the "smb.conf" templates with "NETBIOS_NAME" which fits better. - Now the "realm" and "domain" parameter of the provision are totally case insensitive and the script itself up/downcases them appropriately depending on the use (e.g. "realm" upcase for KERBEROS, lowcase for DNS domainname).
2009-10-21s4:provision Test ability to set GUIDs from provision command lineAndrew Bartlett1-0/+1
2009-10-21s4:provison Allow the NTDS guid on the command line (for testing)Andrew Bartlett1-0/+3
This allows a blackbox test to confirm this can be set. Andrew Bartlett
2009-10-21s4:provision Set @OPTIONS in the provision_init.ldifAndrew Bartlett2-3/+3
The new partitions code knows to copy these items in when creating a new parition, so we can set it from the start. Andrew Bartlett
2009-10-21s4:dsdb Rework modules create new partitions at runtimeAndrew Bartlett2-3/+3
This is done by passing an extended operation to the partitions module to extend the @PARTITION record and to extend the in-memory list of partitions. This also splits things up into module parts that belong above and below repl_meta_data Also slit the partitions module into two files due to the complexity of the code Andrew Barltett
2009-10-19s4-idmap: the idmap database should be indexedAndrew Tridgell1-0/+4
2009-10-17s4-schema: We should not need Samba4TopExtra nowAndrew Tridgell1-23/+0
The last attribute this contained was 'privilege' which is now gone
2009-10-17s4-provision: added the default privileges dbAndrew Tridgell1-0/+78
privileges are now stored in a separate database
2009-10-17s4-provision: removed the old privilege attributesAndrew Tridgell2-53/+14
Our schema is getting a bit cleaner :-)
2009-10-16s4:provision - replaced linked_attributes with FDS pluginsEndi S. Dewata6-0/+46
When FDS is used as a backend, Samba should not use the linked_attributes LDB module, but instead use the built-in DS plugins for attribute linking, indexing, and referential integrity.
2009-10-12s4:provision Remove all references to samba4LocalDomainAndrew Bartlett2-21/+24
This was a bad idea all along, as Simo said at the time. With the full MS schema and enforcement of it, it is an even worse idea. This fixes the provision of the member server in 'make test' Andrew Bartlett
2009-10-06s4-provision: match win2003 functional levelAndrew Tridgell3-4/+4
We are now defaulting to win2003 functional level, and see to report the right revisions of our db and schema
2009-10-02s4:provision_users.ldif - Put potential primary groups in front of the fileMatthias Dieter Wallnöfer1-19/+20
(So they can be always found by the SAMLDB module)
2009-10-02s4:dsdb rework instanceType module - put instanceType in provisionAndrew Bartlett3-0/+3
The instanceType needs to be specified in future because that's how the partitions are actually created.
2009-10-02s4: Improve provisioning: use relax controlMatthieu Patou3-2/+2
Give the possibility to specify controls when loading ldif files. Relax control is specified by default for all ldb_add_diff (request Andrew B). Set domainguid if specified at the creation of object instead of modifying afterward Allow to specify objectGUID for NTDS object of the first DC this option is used during provision upgrade.