From 0549763600b26fadac443555e1cbec5680f91340 Mon Sep 17 00:00:00 2001 From: Jelmer Vernooij Date: Mon, 29 Aug 2005 12:31:32 +0000 Subject: r9735: More work on generating a valid Samba4 configuration using the Samba3 data (both console and SWAT) (This used to be commit d569465dc4def55c27878028f2fc762960f453d8) --- source4/scripting/libjs/upgrade.js | 271 ++++++++++++++++++++++++++++++++++++- 1 file changed, 269 insertions(+), 2 deletions(-) (limited to 'source4/scripting/libjs/upgrade.js') diff --git a/source4/scripting/libjs/upgrade.js b/source4/scripting/libjs/upgrade.js index 604bbac2c0..60570935f6 100644 --- a/source4/scripting/libjs/upgrade.js +++ b/source4/scripting/libjs/upgrade.js @@ -6,8 +6,275 @@ libinclude("base.js"); -function foo() +function regkey_to_dn(name) { + var dn = "hive=NONE"; + var i = 0; - return 0; + var as = split("/", name); + + for (i in as) { + if (i > 0) { + dn = sprintf("key=%s,", as[i]) + dn; + } + } + + return dn; +} + +/* Where prefix is any of: + * - HKLM + * HKU + * HKCR + * HKPD + * HKPT + */ + +function upgrade_registry(regdb,prefix) +{ + var prefix_up = strupper(prefix); + + var ldif = ""; + + for (var i in regdb.keys) { + var rk = regdb.keys[i]; + /* Only handle selected hive */ + if (strncmp(prefix_up, rk.name, strlen(prefix_up)) != 0) { + continue; + } + + var keydn = regkey_to_dn(rk.name); + + var pts = split("/", rk.name); + + /* Convert key name to dn */ + ldif = ldif + sprintf(" +dn: %s +name: %s + +", keydn, pts[0]); + + for (var j in rk.values) { + var rv = rk.values[j]; + + ldif = ldif + sprintf(" +dn: %s,value=%s +value: %s +type: %d +data:: %s", keydn, rv.value, rv.type, base64(rv.data)); + } + } + + return ldif; +} + +function upgrade_sam_domain(samba3) +{ + var ldif = sprintf(" +dn: %s +dc: FIXME +objectClass: top +objectClass: domain +objectSid: %s +objectGUID: %s +name: %s +oEMInformation: Provisioned by Samba4 (upgraded from Samba3) +minPwdLength: %d +pwdHistoryLength: %d +minPwdAge: %d +maxPwdAge: %d +lockoutDuration: %d +samba3ResetCountMinutes: %d +samba3UserMustLogonToChangePassword: %d +samba3BadLockoutMinutes: %d +samba3DisconnectTime: %d +samba3RefuseMachinePwdChange: %d + +", domaindn, domsec.sid, domsec.guid, domainname, samba3.policy.min_password_length, + samba3.policy.password_history, samba3.policy.minimum_password_age, + samba3.policy.maximum_password_age, samba3.policy.lockout_duration, + samba3.policy.reset_count_minutes, samba3.policy.user_must_logon_to_change_password, + samba3.policy.bad_lockout_minutes, samba3.policy.disconnect_time, + samba3.policy.refuse_machine_password_change +); + + return ldif; +} + +function upgrade_sam_account(acc,domaindn) +{ + var ldif = sprintf( +"dn: cn=%s,%s +objectClass: top +objectClass: person +objectClass: user +lastLogon: %d +lastLogoff: %d +unixName: %s +name: %s +cn: %s +description: %s +primaryGroupID: %d +badPwdcount: %d +logonCount: %d +samba3Domain: %s +samba3DirDrive: %s +samba3MungedDial: %s +samba3Homedir: %s +samba3LogonScript: %s +samba3ProfilePath: %s +samba3Workstations: %s +samba3KickOffTime: %d +samba3BadPwdTime: %d +samba3PassLastSetTime: %d +samba3PassCanChangeTime: %d +samba3PassMustChangeTime: %d +samba3Rid: %d + +", acc.fullname, domaindn, sam.logon_time, acc.logoff_time, acc.username, acc.nt_username, +acc.fullname, acc.acct_desc, acc.group_rid, acc.bad_password_count, acc.logon_count, +acc.domain, acc.dir_drive, acc.munged_dial, acc.homedir, acc.logon_script, +acc.profile_path, acc.workstations, acc.kickoff_time, acc.bad_password_time, +acc.pass_last_set_time, acc.pass_can_change_time, acc.pass_must_change_time, acc.user_rid); + + /* FIXME: Passwords */ + + return ldif; +} + +function upgrade_sam_group(grp,domaindn) +{ + var ldif = sprintf( +"dn: cn=%s,%s +objectClass: top +objectClass: group +description: %s +cn: %s +objectSid: %s +unixName: FIXME +samba3SidNameUse: %d", grp.nt_name, domaindn, +grp.comment, grp.nt_name, grp.sid, grp.sid_name_use); + + return ldif; +} + +function upgrade_sam(samba3,domaindn) +{ + domainname = samba3.get_param("global", "workgroup"); + + if (domainname == undefined) { + DEBUG(0, ("No domain name specified in smb.conf!\n")); + return -1; + } + + domsec = samba3.find_domainsecrets(domainname); + + var ldif = upgrade_sam_domain(samba3,domaindn); + + /* Users */ + for (var i in samba3.samaccounts) { + ldif = ldif + upgrade_sam_account(samba3.samaccounts[i],domaindn); + } + + /* Groups */ + for (var i in samba3.group.groupmappings) { + ldif = ldif + upgrade_sam_group(samba3.group.groupmappings[i],domaindn); + + } + + return count; +} + +function upgrade_winbind(samba3,domaindn) +{ + var ldif = sprintf(" + +dn: dc=none +userHwm: %d +groupHwm: %d + +", samba3.idmap.user_hwm, samba3.idmap.group_hwm); + + for (var i in samba3.idmap.mappings) { + var m = samba3.idmap.mappings[i]; + ldif = ldif + sprintf(" +dn: SID=%s,%s +SID: %s +type: %d +unixID: %d", m.sid, domaindn, m.sid, m.type, m.unix_id); + } + + return ldif; +} +*/ + +function upgrade_wins(samba3) +{ + var ldif = ""; + for (i in samba3.winsentries) { + var e = samba3.winsentries[i]; + + ldif = ldif + sprintf(" +dn: type=%d,name=%s +name: %s +objectClass: wins +nbFlags: %x +expires: %s", e.type, e.name, e.name, e.type, e.nb_flags, sys.ldap_time(e.ttl)); + + for (var i in e.ips) { + ldif = ldif + sprintf("address: %s\n", e.ips[i]); + } + } + + return ldif; +} + +function upgrade_provision(samba3) +{ + var subobj = new Object(); + var nss = nss_init(); + var lp = loadparm_init(); + var rdn_list; + + var domainname = samba3.get_param("global", "workgroup"); + var domsec = samba3.find_domainsecrets(domainname); + var hostsec = samba3.find_domainsecrets(hostname()); + var realm = samba3.get_param("global", "realm"); + random_init(local); + + subobj.REALM = realm; + subobj.DOMAIN = domainname; + subobj.HOSTNAME = hostname(); + + assert(subobj.REALM); + assert(subobj.DOMAIN); + assert(subobj.HOSTNAME); + + subobj.HOSTIP = hostip(); + subobj.DOMAINGUID = domsec.guid; + subobj.DOMAINSID = domsec.sid; + subobj.HOSTGUID = hostsec.guid; + subobj.INVOCATIONID = randguid(); + subobj.KRBTGTPASS = randpass(12); + subobj.MACHINEPASS = randpass(12); + subobj.ADMINPASS = randpass(12); + subobj.DEFAULTSITE = "Default-First-Site-Name"; + subobj.NEWGUID = randguid; + subobj.NTTIME = nttime; + subobj.LDAPTIME = ldaptime; + subobj.DATESTRING = datestring; + subobj.USN = nextusn; + subobj.ROOT = findnss(nss.getpwnam, split(samba3.get_param("global", "admin users"))); + subobj.NOBODY = findnss(nss.getpwnam, "nobody"); + subobj.NOGROUP = findnss(nss.getgrnam, "nogroup", "nobody"); + subobj.WHEEL = findnss(nss.getgrnam, "wheel", "root"); + subobj.USERS = findnss(nss.getgrnam, "users", "guest", "other"); + subobj.DNSDOMAIN = strlower(subobj.REALM); + subobj.DNSNAME = sprintf("%s.%s", + strlower(subobj.HOSTNAME), + subobj.DNSDOMAIN); + subobj.BASEDN = "DC=" + join(",DC=", split(".", subobj.REALM)); + rdn_list = split(".", subobj.REALM); + subobj.RDN_DC = rdn_list[0]; + return subobj; } -- cgit