From c6b21931c6574322c8740f1a67f9125437c42c0d Mon Sep 17 00:00:00 2001 From: Stefan Metzmacher Date: Fri, 25 Jun 2010 14:01:21 +0200 Subject: s4:provision: add --next-rid option Make it possible to provision a domain with a given next rid counter. This will be useful for upgrades, where we want to import users with already given SIDs. metze --- source4/scripting/python/samba/provision.py | 15 +++++++++++++-- source4/setup/provision | 4 +++- 2 files changed, 16 insertions(+), 3 deletions(-) diff --git a/source4/scripting/python/samba/provision.py b/source4/scripting/python/samba/provision.py index 808a39db1f..bb8b93e268 100644 --- a/source4/scripting/python/samba/provision.py +++ b/source4/scripting/python/samba/provision.py @@ -957,6 +957,15 @@ def setup_samdb(path, setup_path, session_info, provision_backend, lp, names, :note: This will wipe the main SAM database file! """ + + # Provision does not make much sense values larger than 1000000000 + # as the upper range of the rIDAvailablePool is 1073741823 and + # we don't want to create a domain that cannot allocate rids. + if next_rid < 1000 or next_rid > 1000000000: + error = "You want to run SAMBA 4 with a next_rid of %u, " % (next_rid) + error += "the valid range is %u-%u. The default is %u." % (1000, 1000000000, 1000) + raise ProvisioningError(error) + # ATTENTION: Do NOT change these default values without discussion with the # team and/or release manager. They have a big impact on the whole program! domainControllerFunctionality = DS_DOMAIN_FUNCTION_2008_R2 @@ -1216,7 +1225,8 @@ def provision(setup_dir, logger, session_info, rootdn=None, domaindn=None, schemadn=None, configdn=None, serverdn=None, domain=None, hostname=None, hostip=None, hostip6=None, - domainsid=None, adminpass=None, ldapadminpass=None, + domainsid=None, next_rid=1000, + adminpass=None, ldapadminpass=None, krbtgtpass=None, domainguid=None, policyguid=None, policyguid_dc=None, invocationid=None, machinepass=None, ntdsguid=None, @@ -1436,7 +1446,8 @@ def provision(setup_dir, logger, session_info, invocationid=invocationid, machinepass=machinepass, dnspass=dnspass, ntdsguid=ntdsguid, serverrole=serverrole, - dom_for_fun_level=dom_for_fun_level, am_rodc=am_rodc) + dom_for_fun_level=dom_for_fun_level, + am_rodc=am_rodc, next_rid=next_rid) if serverrole == "domain controller": if paths.netlogon is None: diff --git a/source4/setup/provision b/source4/setup/provision index 264245a72c..e127ac8577 100755 --- a/source4/setup/provision +++ b/source4/setup/provision @@ -107,6 +107,8 @@ parser.add_option("--server-role", type="choice", metavar="ROLE", parser.add_option("--function-level", type="choice", metavar="FOR-FUN-LEVEL", choices=["2000", "2003", "2008", "2008_R2"], help="The domain and forest function level (2003 | 2008 | 2008_R2). Default is (Windows) 2003 (Native).") +parser.add_option("--next-rid", type="int", metavar="NEXTRID", default=1000, + help="The initial nextRid value (only needed for upgrades). Default is 1000.") parser.add_option("--partitions-only", help="Configure Samba's partitions, but do not modify them (ie, join a BDC)", action="store_true") parser.add_option("--targetdir", type="string", metavar="DIR", @@ -253,7 +255,7 @@ try: ldapadminpass=opts.ldapadminpass, ol_mmr_urls=opts.ol_mmr_urls, slapd_path=opts.slapd_path, setup_ds_path=opts.setup_ds_path, nosync=opts.nosync, ldap_dryrun_mode=opts.ldap_dryrun_mode, - useeadb=eadb) + useeadb=eadb, next_rid=opts.next_rid) except ProvisioningError, e: print str(e) exit(1) -- cgit