summaryrefslogtreecommitdiff
path: root/source4/setup
AgeCommit message (Collapse)AuthorFilesLines
2010-06-14s4:provision: Make gc._msdcs DNS entries A/AAAA recordsAndrew Kroeger1-1/+2
When adding an additional DC as a GC server, the new DC attempts to register its own gc._msdcs records. If the existing gc._msdcs record is a CNAME, BIND fails the update with the message "attempt to add non-CNAME alongside CNAME ignored", and the new DC is not registered as a GC server. The A & AAAA record types for gc._msdcs have been verified against the DNS server of a W2K8 DC.
2010-06-13s4:fix allocated control OIDs for "password_hash" LDB moduleMatthias Dieter Wallnöfer1-3/+5
The password hash module controls overlapped others. Sorry, but the "schema_samba4.ldif" hasn't been kept up-to-date.
2010-06-13Friendlier message.Jelmer Vernooij1-2/+2
2010-06-13upgradeprovision: Use logging infrastructure.Jelmer Vernooij1-7/+11
2010-06-13s4-python: Start using standard python logging infrastructure ratherJelmer Vernooij1-8/+11
than simple messaging callbacks.
2010-06-06s4:provision - fix typo in substitution variableMatthias Dieter Wallnöfer1-1/+1
2010-05-24s4:setup/*.ldif - remove unneeded "cn" attributesMatthias Dieter Wallnöfer2-2/+0
Should be generated automatically
2010-05-13s4:domain functional level - it is also specified in the domain object under ↵Matthias Dieter Wallnöfer1-0/+1
partitions Discovered by the "ldapcmp" tool
2010-05-13s4:provision_configuration.ldif - add more extended rights objectsMatthias Dieter Wallnöfer1-0/+60
2010-05-13s4:provision_users.ldif - fix up and reorder the well-known security principalsMatthias Dieter Wallnöfer1-5/+10
2010-05-13s4:provision_configuration.ldif - add more Windows 2008 forest operationsMatthias Dieter Wallnöfer1-0/+120
2010-05-13s4:provision_configuration.ldif - the revision level of "Windows2003Update" ↵Matthias Dieter Wallnöfer1-1/+1
should obviously be 10 Compared against my Windows Server 2008 and Zahari's output.
2010-05-13s4:provision_configuration.ldif - "CN=94fdebc6-8eeb-4640-80de-ec52b9ca17fa" ↵Matthias Dieter Wallnöfer1-0/+1
operation is of version 3
2010-05-13s4:provision*.ldif - always set the "msDS-NcType" attribute correctlyMatthias Dieter Wallnöfer2-1/+2
2010-05-13s4:provision_configuration.ldif - set the right schedule on the default site ↵Matthias Dieter Wallnöfer1-0/+1
in the NTDS site settings
2010-05-13s4:provision_configuration.ldif - The "NTDS Quotas" object is system-criticalMatthias Dieter Wallnöfer1-0/+1
2010-05-13s4:provision_configuration.ldif - "sites" objectMatthias Dieter Wallnöfer1-6/+2
- The default site doesn't contain a licensing object - Adequate two other values (a "showInAdvancedViewOnly" and a "systemFlags" one)
2010-05-13s4:provision.ldif - add IP security objects as they exist on Windows ServerMatthias Dieter Wallnöfer1-0/+282
2010-05-13s4:provision.ldif - add more Windows 2008 domain operationsMatthias Dieter Wallnöfer1-0/+72
2010-05-13s4:provision_users.ldif - On Windows Server >= 2008 security principal ↵Matthias Dieter Wallnöfer1-6/+0
S-1-5-20 doesn't exist anymore
2010-05-13s4:provision.ldif - "passwordSettingsContainer" add "showInAdvancedViewOnly"Matthias Dieter Wallnöfer1-0/+1
2010-05-13s4:provision.ldif - fix up "NTDS Quotas" "systemFlags"Matthias Dieter Wallnöfer1-1/+1
2010-05-13s4:provision_users.ldif - fix up Administrator's "userAccountControl"Matthias Dieter Wallnöfer1-1/+1
2010-05-13s4:provision_basedn_modify.ldif - fix up "maxPwdAge"Matthias Dieter Wallnöfer1-2/+2
2010-05-13s4:provision_users.ldif - Fix typos in user/group objectsMatthias Dieter Wallnöfer1-13/+13
2010-05-10s4:dsdb: add new controlsMatthias Dieter Wallnöfer1-0/+3
- Add a new control for getting status informations (domain informations, password change status) directly from the module - Add a new control for allowing direct hash changes - Introduce an addtional control "change_old password checked" for the password
2010-05-10s4:setup: mark DSDB_CONTROL_DN_STORAGE_FORMAT_OID 1.3.6.1.4.1.7165.4.3.4 as ↵Stefan Metzmacher1-2/+4
allocated metze
2010-05-10s4:blackbox password tests - more complex passwordsStefan Metzmacher2-5/+5
2010-05-10s3:provision_basedn_modify.ldif - add "msDS-NcType" attribute and fix commentsMatthias Dieter Wallnöfer1-1/+5
2010-04-27Install spn_update_list to setup/ dirMarcel Ritter1-0/+1
Signed-off-by: Matthias Dieter Wallnöfer <mdw@samba.org>
2010-04-27s4-dsdb: added samba_spnupdateAndrew Tridgell1-0/+27
this script adds all our required servicePrincipalName entries at runtime. The admin can add more entries to spn_update_list as needed
2010-04-27s4-dns: explain what the file is forAndrew Tridgell1-0/+2
2010-04-27s4-dns: fixed dc.dc duplication in DNS update listAndrew Tridgell1-2/+2
2010-04-22s4:provision Remove moduleload for 'hdb' (wrong name).Andrew Bartlett1-1/+0
The backends are not normally modules anyway
2010-04-22s4:provision Make OpenLDAP backend more robustAndrew Bartlett1-1/+11
With the extra moduleload lines (which succeed if it's already staticly linked), we now work with OpenLDAP overlays as modules. Andrew Bartlett
2010-04-22s4:provison Pass nosync in for the OpenLDAP cn=config tooAndrew Bartlett1-0/+1
2010-04-22s4:OpenLDAP-backend Use the new rdnval module in OpenLDAPAndrew Bartlett2-2/+7
This is rather than rdn_name, which tries to do the job on the client side. We need to leave this module in the stack for Fedora DS (and of course the LDB backend). Andrew Bartlett
2010-04-22s4:provision Use more reasonable values for DB_CONFIGAndrew Bartlett1-5/+13
With the OpenLDAP backend, the old DB_CONFIG caused OpenLDAP to abort on startup, and was very inefficient. This new one, kindly supplied by Matthew Backes <mbackes@symas.com> uses a more reasonable set of buffer sizes. Andrew Bartlett
2010-04-21s4-upgradeprovision: fixed --realm option duplicate in upgrade_from_s3Andrew Tridgell1-1/+0
2010-04-21s4-provision: cope with --realm being in getopt.pyAndrew Tridgell1-1/+2
we still need to allow for interactive querying of the realm Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
2010-04-15s4 provision: Remove hard coded ACL for GPO objectsMatthieu Patou1-2/+0
It is no longer needed to hard code ACL for GPO object as we have now code that calculate ACL from defaultSecurityDescriptor and inheritance correctly. In fact the resulting ACL returned by this hard coded value is a bit wrong as some ACE are duplicated. Signed-off-by: Jelmer Vernooij <jelmer@samba.org>
2010-04-15s4:setup/wscript_build: install dns_update_list into ${SETUPDIR}Stefan Metzmacher1-1/+1
metze
2010-04-08s4-python: More cleanups.Jelmer Vernooij1-1/+2
2010-04-08s4-python: Simplify code, improve formatting.Jelmer Vernooij1-8/+5
2010-04-08build: allow the waf build to work with python 3.0 and 3.1Thomas Nagy1-1/+2
Python 3.x is a bit fussier about print statements and indentation. Signed-off-by: Andrew Tridgell <tridge@samba.org>
2010-04-06s4-waf: mark the wscript files as python so vim/emacs knows how to highlight ↵Andrew Tridgell1-0/+2
them
2010-04-06s4-waf: install the rest of our python filesAndrew Tridgell1-8/+0
2010-04-06s4-waf: forgot these filesAndrew Tridgell1-0/+20
2010-04-04s4-python: Move dsdb constants to a separate python module.Jelmer Vernooij1-2/+5
2010-03-25python: use '#!/usr/bin/env python' to cope with varying install locationsAndrew Tridgell2-2/+2
this should be much more portable