summaryrefslogtreecommitdiff
path: root/source4/setup
AgeCommit message (Collapse)AuthorFilesLines
2009-07-16s4:dsdb Handle dc/domain/forest functional levels properlyAndrew Bartlett4-8/+5
Rather than have the functional levels scattered in 4 different, unconnected locations, the provision script now sets it, and the rootdse module maintains it's copy only as a cached view onto the original values. We also use the functional level to determine if we should store AES Kerberos keys. Andrew Bartlett
2009-07-02[SAMBA 4 directory] Changes "forceLogoff" and corrects the "subRefs"Matthias Dieter Wallnöfer1-2/+4
- This changes the attribute "forceLogoff" to its' default values according to Windows Server 2003 R2 - Also this corrects the "subRefs" attribute of the base-DN which only refers to direct child partitions (and therefore not to the complete transitive closure)
2009-07-01[SAMBA 4 directory] Corrects the "systemFlags" attributesMatthias Dieter Wallnöfer7-32/+39
Set the values like Windows Server 2003 R2.
2009-07-01[SAMBA 4 directory] Adds the complete "objectclass path" to our self-created ↵Matthias Dieter Wallnöfer1-0/+4
DC object Found after some comparisons against Windows Server 2003 R2.
2009-07-01[SAMBA 4 directory] Adds the object version and "systemFlags" attribute to ↵Matthias Dieter Wallnöfer1-0/+2
the display specifiers The object version showed up in the Windows 2003 Server R2 AD. The "systemFlags" attribute has been set to the right value.
2009-06-29Correct the headers of some SAMBA 4 setup python scriptsMatthias Dieter Wallnöfer3-3/+3
2009-06-18s4: Add tests and 'must change password' flags in setpassword and newuserAndrew Bartlett2-2/+3
In particular, ensure that we can acutally change the password under these circumstances. Andrew Bartlett
2009-06-18s4:setup Add an option to 'setpassword' to force password change at next loginAndrew Bartlett2-1/+5
2009-06-12ad-schema/license.txt: Fix typo.Jelmer Vernooij1-2/+2
2009-06-12Add supportedCapabilities to our rootDSEAndrew Bartlett1-0/+3
This makes AD client tools happier, as they know they are talking to an AD server. per Bug 6229 by Matthieu Patou <mat@matws.net> Andrew Bartlett
2009-05-29s4:setup Remove generated attributes from provision_configurationAndrew Bartlett1-195/+0
Incorrectly added in 95eeef91d3ed7daf8e19029eadcc610caf26db63, and found by OpenLDAP backend tests run by Theodor Chirana <office@adaptcom.ro> Andrew Bartlett
2009-05-26s4:provision: Added ComPartitionSets entry.Andrew Kroeger1-0/+5
Without this entry, opening the COM+ tab under the properties of an OU within ADUC results in the following error: "Unable to retrieve all user properties, 0x80072030"
2009-05-26s4:Added Extended-Rights and subentries.Andrew Kroeger1-0/+881
Without these entries, using the 'Delegate Control' option in ADUC results in the following error message in the Delegation of Control Wizard: "The templates could not be applied. One or more of the templates is not applicable. Click Back and select different templates, and then try again."
2009-05-26s4:provision: Update DisplaySpecifiers (#5139).Andrew Kroeger1-0/+369
The classDisplayName attribute controls the actual text displayed to the user for the top-level menus, so added it to the existing entries. The attributeDisplayNames attribute contains both the text displayed to the user and a mapping to the internal directory attribute name for the particular field, so added these to the existing entries as well. Added new entries as appropriate to properly complete all menus and labels within ADUC.
2009-04-15Enable software rollout through ADMatthias Dieter Wallnöfer1-0/+10
This enables the sofware rollout feature in Samba4 Signed-off-by: Andrew Bartlett <abartlet@samba.org>
2009-04-09we should not be supplying a generated attribute in our schemaAndrew Tridgell1-13/+0
2009-04-03s4:schema Update Windows 2008 schema from Microsoft to latest versionAndrew Bartlett2-5145/+5148
2009-04-03Remove minschema generated schema - we now generate from setup/ad-schema/Andrew Bartlett1-10390/+0
2009-04-03Add parentGUID as an allowed attribute in samba4TopAndrew Bartlett1-0/+1
This is required to get provision against OpenLDAP working again
2009-03-20Merge branch 'master' of ssh://git.samba.org/data/git/samba into wspp-schemaAndrew Bartlett1-0/+15
2009-03-17added support for parentGUIDAndrew Tridgell1-0/+15
This is made up of 4 parts: 1) change our schema to include the parentGUID attribute type 2) in the add hook in the objectclass module, get the objectGUID of the parent and add it to the message as parentGUID 3) in the rename hook in the objectclass module, get the objectGUID of the new parent, and insert an async modify request after the renmam is done 4) added a simple test suite
2009-02-25Add the new, updated AD schema file from MicrosoftAndrew Bartlett3-1621/+1583
Also remove the copy of the licence text from licence.txt, to ensure we don't get variations between the copies. Andrew Bartlett
2009-02-25Updates to the recent cn=config support for the OpenLDAP backendOliver Liebel2-13/+3
- removed workaround for olcSyncprovConfig - creation (works perfect now with 2.4.15, release was today) - added 1 message-helpline, which is displayed when running provision-backend with olc and/or mmr setup - corrected 1 wrong slapcommand-helpline - slapd.conf is removed now in case of olc-setup - added 1 copyright-line to provision.py and provision-backend Signed-off-by: Andrew Bartlett <abartlet@samba.org>
2009-02-24Added mmr and olc to the OpenLDAP backend provisioning-scriptsOliver Liebel12-22/+78
These extensions add mmr (multi-master-replication) and olc (openldap-online-configuration) capabilities to the provisioning-scripts (provision-backend and provision.py), for use with the openldap-backend (only versions >=2.4.15!). Changes / additions made to the provision-backend -script: added new command-line-options: --ol-mmr-urls=<list of whitespace separated ldap-urls> for use with mmr (can be combined with --ol-olc=yes), --ol-olc=[yes/no] (activate automatic conversion from static slapd.conf to olc), --ol-slaptest=<path to slaptest binary> (needed in conjunction with --ol-olc=yes) Changes / additions made to the provision.py -script: added extensions, that will automatically generate the chosen mmr and/or olc setup for the openldap backend, according to the to chosen parameters set in the provision-backend script Signed-off-by: Andrew Bartlett <abartlet@samba.org>
2009-02-11Use convenience function for finding setup_dir based on location ofJelmer Vernooij3-5/+6
python module.
2009-02-11--interactive doesn't take any argument.Jelmer Vernooij1-1/+1
2009-01-21Use script path to find the setup directory.Jelmer Vernooij3-3/+3
2009-01-19Make sure server_role gets initialized in backend provisioning code -Jelmer Vernooij2-2/+2
fixes test.
2009-01-19Don't give fatal python errors when guessing the realmAndrew Bartlett1-2/+12
2009-01-16Add copyright headers.Jelmer Vernooij3-14/+53
2009-01-05Merge branch 'master' of ssh://git.samba.org/data/git/sambaJelmer Vernooij2-1/+6
2009-01-05More work to have OpenLDAP accept the full AD schemaAndrew Bartlett2-1/+6
We need to avoid handling DN+Binary and DN+String with the refint module for now, as this is a currently unsupported syntax. Also rename entryTTL to avoid a conflict with the operational attribute of the same name. Andrew Bartlett
2009-01-05Use fqdn rather than gethostname when guessing realm.Jelmer Vernooij1-1/+1
2008-12-21Fix more tests, improve repr() functions for various Python types.Jelmer Vernooij2-2/+2
2008-12-21Move tests for ParamFile.Jelmer Vernooij1-1/+1
2008-12-21Fix various Python-related bugs.Jelmer Vernooij1-1/+2
2008-12-20Corrections to Microsoft's schema and the OpenLDAP mapping fileAndrew Bartlett2-0/+63
2008-12-19Merge branch 'master' of ssh://git.samba.org/data/git/sambaJelmer Vernooij8-45/+24
2008-12-19Avoid use of parentheses in Python import statements, as it's not supported ↵Jelmer Vernooij2-4/+2
by Python2.3.
2008-12-19Fix errors in MS-AD_Schema_Attributes_v20080618.txtSreepathi Pai2-36/+9
- Remove spurious line breaks - Add missing attributeId from docs - Remove incorrect multiple values of systemFlags - Fix duplicate attributeId - Fix schemaIdGuid syntax Signed-off-by: Andrew Bartlett <abartlet@samba.org>
2008-12-19Here's the prefixMap from w2k8.Stefan (metze) Metzmacher1-2/+9
We need to move 1.3.6.1.4.1.7165.4.1 and 1.3.6.1.4.1.7165.4.2 to the end...(if we still need them, which we should avoid) metze Signed-off-by: Andrew Bartlett <abartlet@samba.org>
2008-12-19Move aggregate schema stub to it's own fileAndrew Bartlett2-3/+3
This should make it easier to import just the schema entries from the WSPP docs. Andrew Bartlett
2008-12-17s4:provision: use extended_dn_out_ldb or extended_dn_out_dereference ↵Andrew Bartlett1-0/+2
depending on the backend This just changes the existing stratagy of loading different modules for the OpenLDAP backend to also include extended_dn_out_* When we provision the OpenLDAP backend, we make sure to include the 'deref' overlay (which must be made available by the OpenLDAP build) Signed-off-by: Stefan Metzmacher <metze@samba.org>
2008-12-17s4:setup: fix cut-n-paste error Builtin-Domain => Samba4-Local-DomainAndrew Bartlett1-1/+1
Signed-off-by: Stefan Metzmacher <metze@samba.org>
2008-12-17s4:setup: don't set objectCategory: CN=Domain-DNS,${SCHEMADN}Andrew Bartlett1-3/+0
Signed-off-by: Stefan Metzmacher <metze@samba.org>
2008-12-16s4/provision: Upper case default realm, use only first part of realm as ↵Jelmer Vernooij1-2/+2
default domain name.
2008-12-11Add interactive flag to setup/provision (also the default when no arguments ↵Jelmer Vernooij1-2/+27
are given).
2008-12-10Add AD schema from Microsoft's WSPP documentation.Andrew Bartlett3-0/+19124
This schema is *NOT* licenced under a standard Free Software licence, but does provide us the freedoms we need to use the schema, and the requirement to distribute as 'part of an implemenation' is similar to common Free font licences that are accepted by major linux distributions. Andrew Bartlett
2008-12-02Don't treat the DN+binary syntax as a DN.Andrew Bartlett2-4/+4
This should fix the OpenLDAP backend
2008-10-30Don't create LanMan Directory Replication Service key (bug 4934).Jelmer Vernooij1-4/+0