summaryrefslogtreecommitdiff
path: root/source4/setup
AgeCommit message (Collapse)AuthorFilesLines
2010-03-02s4:provision - Moved default FDS SASL mappings deletion from post_setup() to ↵Endi S. Dewata1-0/+11
init(). Signed-off-by: Andrew Bartlett <abartlet@samba.org>
2010-03-02s4:provision - Use netbios name for FDS instance name.Endi S. Dewata1-12/+12
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
2010-02-26s4:provision.zone - fix port of "_ldap._tcp.gc._msdcs"Matthias Dieter Wallnöfer1-1/+1
2010-02-26s4-provision: added dns_update_listAndrew Tridgell1-0/+20
This contains the list of DNS names we should have as a DC
2010-02-26s4-provision: fixed port number for gc ldap DNS SRV entryAndrew Tridgell1-1/+1
Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
2010-02-26Revert "s4:AD content - adequate some revision levels to match Windows ↵Andrew Tridgell2-5/+5
Server 2008" This reverts commit 973ea198677c581064fad62cdac30baac7103ef8. This change breaks DRS dcpromo.
2010-02-21s4:AD content - Implement the new password settings containerMatthias Dieter Wallnöfer1-0/+5
2010-02-21s4:AD content - adequate some revision levels to match Windows Server 2008Matthias Dieter Wallnöfer2-5/+5
2010-02-21s4:AD content - Add the DFSR objects which exist on Windows Server >= 2008Matthias Dieter Wallnöfer2-4/+22
Those replace the FRS ones.
2010-02-16s4-drs: enable the recyclebin optional featureEduardo Lima1-0/+12
Signed-off-by: Andrew Tridgell <tridge@samba.org>
2010-02-12s4-provision: fixed --function-level option to provisionAndrew Tridgell1-0/+1
we need the DS_DOMAIN_* levels imported
2010-02-11s4-provision: pre-create a named.conf.update fileAndrew Tridgell2-35/+8
The named.conf.update file will be filled in at runtime by Samba to contain the list of bind9 grant rules for granting DNS dynamic update permissions on the domain.
2010-02-11s4-provision: move zone file to dns subdirectoryAndrew Tridgell1-2/+2
This allows the permissions to be correctly set for bind to write to a journal file. It also sets the right group ownership and permissions on the files that bind needs to access. Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
2010-02-10s4:provision Just 'do the right thing' with empty smb.conf filesAndrew Bartlett1-0/+16
For some reason, JHT keeps on creating an empty smb.conf file, expecting it to be the same as a non-existant one. It is easier to just realise what he meant. Andrew Bartlett
2010-01-25upgrade_from_s3: Remove unused imports.Jelmer Vernooij1-2/+0
2010-01-23s4-provision: Added msDS-NcType into samba4Top object classEndi S. Dewata1-0/+1
Signed-off-by: Matthias Dieter Wallnöfer <mwallnoefer@yahoo.de>
2010-01-23s4-provision: Disable populating FDS during instance creation.Endi S. Dewata1-0/+1
Signed-off-by: Matthias Dieter Wallnöfer <mwallnoefer@yahoo.de>
2010-01-21provision: use message and do not display warning if the user choosed ↵Matthieu Patou1-3/+4
delibarately posix:eadb
2010-01-21provision: introduce use-xattr parameter for defining where to store attributesMatthieu Patou4-6/+24
This option allow simple user (non root) to invoke provision without facing an error while insuring that ACL on shared files will always be set
2010-01-21s4: Set acls correctly on all sysvol and scripts sharesMatthieu Patou1-2/+7
2010-01-21s4: regroup gpo modification in one function, set acl on files accordingly ↵Matthieu Patou1-1/+2
with ACL in LDAP
2010-01-16s4-provision: added w2k8r2 ldap capabilitiesAndrew Tridgell1-0/+2
2010-01-16s4-provision: added "check-names ignore;" to allow for _msdcs A recordsAndrew Tridgell1-0/+3
2010-01-14s4:provision_users.ldif - Add a comment that some objects under "Users" are ↵Matthias Dieter Wallnöfer1-0/+3
now located elsewhere This is needed due to the new RID/SID distribution system
2010-01-14s4:provision_users.ldif - Add objects for IISMatthias Dieter Wallnöfer1-0/+21
Some WSPP locations point out that beginning with Windows Server 2008 they're also per default present. Compared against Windows Server 2008
2010-01-14s4:provision_users.ldif - Add additional BUILTIN objectsMatthias Dieter Wallnöfer1-0/+30
Compared against Windows Server 2008
2010-01-14s4:provision_users.ldif - add the restant part of the objects needing for ↵Matthias Dieter Wallnöfer1-0/+26
RODC support RODC = Read Only Domain Controllers Compared against Windows Server 2008
2010-01-14s4:provision_users.ldif - Fix up errors on existing entriesMatthias Dieter Wallnöfer1-6/+8
Compared against Windows Server 2008
2010-01-14s4:provision_users.ldif - Simple reorderingMatthias Dieter Wallnöfer1-70/+70
Sorted according the SID - easier for later enhancements.
2010-01-14s4:provision_users.ldif - Remove system objects from the wrong placeMatthias Dieter Wallnöfer1-27/+0
Objects like the "Cryptographic Operators", "Event Log Readers" don't belong here but into the builtin domain.
2010-01-11Revert "s4:provision_users.ldif - Import all essential groups for Windows ↵Andrew Tridgell1-113/+85
Server 2008 mode" This reverts commit 5c174c68ccba7506147feab1d09ad676792139b3. This series of commits broke 'make test'. Matthias, please make sure you run a _full_ make test before every push.
2010-01-11Revert "s4:provision_users.ldif - Remove foreign security principal S-1-5-17 ↵Andrew Tridgell1-0/+5
for now" This reverts commit 61dfd3dc1dce2c0dd6693de80930af312ad3e39f. This series of commits broke 'make test'. Matthias, please make sure you run a _full_ make test before every push.
2010-01-11Revert "s4:provision_users.ldif - Fix memberships regarding the denied ↵Andrew Tridgell1-8/+0
password RODC replication group" This reverts commit 9ee895fcf6327b1c2f5ee09fa565bd62974e9c58. This series of commits broke 'make test'. Matthias, please make sure you run a _full_ make test before every push.
2010-01-11Revert "s4:provision_users.ldif - Add objects for IIS"Andrew Tridgell1-21/+0
This reverts commit 91e210028790397996659116446e6add452707f6. This series of commits broke 'make test'. Matthias, please make sure you run a _full_ make test before every push.
2010-01-10s4:provision_users.ldif - Add objects for IISMatthias Dieter Wallnöfer1-0/+21
Some WSPP locations point out that they're defacto-standards for Windows Server deployments starting with 2008. So we should add them to s4 too.
2010-01-10s4:provision_self_join_modify.ldif - Point out that account "dns" is s4 specificMatthias Dieter Wallnöfer1-0/+1
2010-01-10s4:provision_users.ldif - Fix memberships regarding the denied password RODC ↵Matthias Dieter Wallnöfer1-0/+8
replication group
2010-01-10s4:provision_users.ldif - Remove foreign security principal S-1-5-17 for nowMatthias Dieter Wallnöfer1-5/+0
This belongs to the AD IIS stuff where I don't know yet if we should import it.
2010-01-10s4:provision_users.ldif - Import all essential groups for Windows Server ↵Matthias Dieter Wallnöfer1-85/+113
2008 mode Additionally I had to fix some bugs (especially wrong "groupTypes") and reordered the objects using the SID (this is easier when enhancing the file).
2010-01-08s4:provision_self_join.ldif - Adapt comment after implementation of ↵Matthias Dieter Wallnöfer1-2/+2
distributed RIDs
2010-01-08s4-schema: fixes for W2K8-R2 schemaAndrew Tridgell2-35/+143
The schema from WSPP had a number of typos that prevented it from working. These changes allow it to work with Samba, and allow w2k8r2 to run DCPROMO against Samba successfully Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
2010-01-08s4-schema: added msDS-NcType to schema containerAndrew Tridgell1-0/+1
Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
2010-01-08s4-schema: fixed attributes of aggregate schemaAndrew Tridgell1-0/+2
Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
2010-01-08s4-provision: added W2K8-R2 schema as provided by WSPPAndrew Tridgell2-0/+19529
2010-01-08s4-provision: RID 1000 is consumed by the machine accountAndrew Tridgell1-1/+1
2010-01-08s4-dsdb: added an extended operation for allocating a new RID poolAndrew Tridgell1-0/+1
This will be called by getncchanges when a client asks for a DRSUAPI_EXOP_FSMO_RID_ALLOC operation Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
2010-01-08s4-provision: don't hard wire the creation of the RID Set objectAndrew Tridgell3-27/+16
We now create it automatically in the samldb module when the first user is created. The creation of the dns user also had to move to the _modify.ldif as it now relies on the fSMO role being setup for the RID Manager Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
2010-01-08s4-provision: the DC object itself needs a fixed objectSIDAndrew Tridgell1-1/+2
We can't allocate a objectSID until we have rIDSetReferences, but that is in the DC object, so we have to force the objectSID of the DC Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
2010-01-08s4-provision: added an initial RID SetAndrew Tridgell2-2/+12
We will allocate RIDs from this set Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
2009-12-31net: Move 'newuser' to 'net newuser'Jelmer Vernooij3-78/+12
Signed-off-by: Andrew Tridgell <tridge@samba.org>