From f83e754ae61046fd441cbaf09a825378c3ab2ff2 Mon Sep 17 00:00:00 2001 From: Sreepathi Pai Date: Mon, 5 Jan 2009 08:49:53 +1100 Subject: Create schema.ldif at runtime directly from ad-schema files Here's a first attempt at moving the minschema_wspp code into a library as Andrew requested. Since this script no longer has to generate CN=aggregate, I've simplified it quite a bit to a level where it almost does a line-by-line translation. This is faster and simpler, but it may not catch as many errors in the ad-schema files as the previous versions did. Signed-off-by: Andrew Bartlett --- source4/scripting/python/samba/ms_schema.py | 253 ++++++++++++++++++++++++++++ source4/scripting/python/samba/provision.py | 30 +++- 2 files changed, 278 insertions(+), 5 deletions(-) create mode 100644 source4/scripting/python/samba/ms_schema.py (limited to 'source4/scripting/python') diff --git a/source4/scripting/python/samba/ms_schema.py b/source4/scripting/python/samba/ms_schema.py new file mode 100644 index 0000000000..636cc3e34b --- /dev/null +++ b/source4/scripting/python/samba/ms_schema.py @@ -0,0 +1,253 @@ +# +# create schema.ldif (as a string) from WSPP documentation +# +# based on minschema.py and minschema_wspp +# + +import re +import base64 + +bitFields = {} + +# ADTS: 2.2.9 +# bit positions as labeled in the docs +bitFields["searchflags"] = { + 'fATTINDEX': 31, # IX + 'fPDNTATTINDEX': 30, # PI + 'fANR': 29, #AR + 'fPRESERVEONDELETE': 28, # PR + 'fCOPY': 27, # CP + 'fTUPLEINDEX': 26, # TP + 'fSUBTREEATTINDEX': 25, # ST + 'fCONFIDENTIAL': 24, # CF + 'fNEVERVALUEAUDIT': 23, # NV + 'fRODCAttribute': 22, # RO + + + # missing in ADTS but required by LDIF + 'fRODCFilteredAttribute': 22, # RO ? + 'fCONFIDENTAIL': 24, # typo + 'fRODCFILTEREDATTRIBUTE': 22 # case + } + +# ADTS: 2.2.10 +bitFields["systemflags"] = { + 'FLAG_ATTR_NOT_REPLICATED': 31, 'FLAG_CR_NTDS_NC': 31, # NR + 'FLAG_ATTR_REQ_PARTIAL_SET_MEMBER': 30, 'FLAG_CR_NTDS_DOMAIN': 30, # PS + 'FLAG_ATTR_IS_CONSTRUCTED': 29, 'FLAG_CR_NTDS_NOT_GC_REPLICATED': 29, # CS + 'FLAG_ATTR_IS_OPERATIONAL': 28, # OP + 'FLAG_SCHEMA_BASE_OBJECT': 27, # BS + 'FLAG_ATTR_IS_RDN': 26, # RD + 'FLAG_DISALLOW_MOVE_ON_DELETE': 6, # DE + 'FLAG_DOMAIN_DISALLOW_MOVE': 5, # DM + 'FLAG_DOMAIN_DISALLOW_RENAME': 4, # DR + 'FLAG_CONFIG_ALLOW_LIMITED_MOVE': 3, # AL + 'FLAG_CONFIG_ALLOW_MOVE': 2, # AM + 'FLAG_CONFIG_ALLOW_RENAME': 1, # AR + 'FLAG_DISALLOW_DELETE': 0 # DD + } + +# ADTS: 2.2.11 +bitFields["schemaflagsex"] = { + 'FLAG_ATTR_IS_CRITICAL': 31 + } + +# ADTS: 3.1.1.2.2.2 +oMObjectClassBER = { + '1.3.12.2.1011.28.0.702' : base64.b64encode('\x2B\x0C\x02\x87\x73\x1C\x00\x85\x3E'), + '1.2.840.113556.1.1.1.12': base64.b64encode('\x2A\x86\x48\x86\xF7\x14\x01\x01\x01\x0C'), + '2.6.6.1.2.5.11.29' : base64.b64encode('\x56\x06\x01\x02\x05\x0B\x1D'), + '1.2.840.113556.1.1.1.11': base64.b64encode('\x2A\x86\x48\x86\xF7\x14\x01\x01\x01\x0B'), + '1.3.12.2.1011.28.0.714' : base64.b64encode('\x2B\x0C\x02\x87\x73\x1C\x00\x85\x4A'), + '1.3.12.2.1011.28.0.732' : base64.b64encode('\x2B\x0C\x02\x87\x73\x1C\x00\x85\x5C'), + '1.2.840.113556.1.1.1.6' : base64.b64encode('\x2A\x86\x48\x86\xF7\x14\x01\x01\x01\x06') +} + +# separated by commas in docs, and must be broken up +multivalued_attrs = set(["auxiliaryclass","maycontain","mustcontain","posssuperiors", + "systemauxiliaryclass","systemmaycontain","systemmustcontain", + "systemposssuperiors"]) + +def __read_folded_line(f, buffer): + """ reads a line from an LDIF file, unfolding it""" + line = buffer + + while True: + l = f.readline() + + if l[:1] == " ": + # continued line + + # cannot fold an empty line + assert(line != "" and line != "\n") + + # preserves '\n ' + line = line + l + else: + # non-continued line + if line == "": + line = l + + if l == "": + # eof, definitely won't be folded + break + else: + # marks end of a folded line + # line contains the now unfolded line + # buffer contains the start of the next possibly folded line + buffer = l + break + + return (line, buffer) + + +def __read_raw_entries(f): + """reads an LDIF entry, only unfolding lines""" + + # will not match options after the attribute type + attr_type_re = re.compile("^([A-Za-z]+[A-Za-z0-9-]*):") + + buffer = "" + + while True: + entry = [] + + while True: + (l, buffer) = __read_folded_line(f, buffer) + + if l[:1] == "#": + continue + + if l == "\n" or l == "": + break + + m = attr_type_re.match(l) + + if m: + if l[-1:] == "\n": + l = l[:-1] + + entry.append(l) + else: + print >>sys.stderr, "Invalid line: %s" % l, + sys.exit(1) + + if len(entry): + yield entry + + if l == "": + break + + +def fix_dn(dn): + """fix a string DN to use ${SCHEMADN}""" + + # folding? + if dn.find("") != -1: + dn = dn.replace("\n ", "") + dn = dn.replace(" ", "") + return dn.replace("CN=Schema,CN=Configuration,", "${SCHEMADN}") + else: + return dn + +def __convert_bitfield(key, value): + """Evaluate the OR expression in 'value'""" + assert(isinstance(value, str)) + + value = value.replace("\n ", "") + value = value.replace(" ", "") + + try: + # some attributes already have numeric values + o = int(value) + except ValueError: + o = 0 + flags = value.split("|") + for f in flags: + bitpos = bitFields[key][f] + o = o | (1 << (31 - bitpos)) + + return str(o) + +def __write_ldif_one(entry): + """Write out entry as LDIF""" + out = [] + + for l in entry: + if isinstance(l[1], str): + vl = [l[1]] + else: + vl = l[1] + + if l[0].lower() == 'omobjectclass': + out.append("%s:: %s" % (l[0], l[1])) + continue + + for v in vl: + out.append("%s: %s" % (l[0], v)) + + + return "\n".join(out) + +def __transform_entry(entry, objectClass): + """Perform transformations required to convert the LDIF-like schema + file entries to LDIF, including Samba-specific stuff.""" + + entry = [l.split(":", 1) for l in entry] + + cn = "" + + for l in entry: + key = l[0].lower() + l[1] = l[1].lstrip() + + if not cn and key == "cn": + cn = l[1] + + if key in multivalued_attrs: + # unlike LDIF, these are comma-separated + l[1] = l[1].replace("\n ", "") + l[1] = l[1].replace(" ", "") + + l[1] = l[1].split(",") + + if key in bitFields: + l[1] = __convert_bitfield(key, l[1]) + + if key == "omobjectclass": + l[1] = oMObjectClassBER[l[1].strip()] + + if isinstance(l[1], str): + l[1] = fix_dn(l[1]) + + + assert(cn) + entry.insert(0, ["dn", "CN=%s,${SCHEMADN}" % cn]) + entry.insert(1, ["objectClass", ["top", objectClass]]) + + return entry + +def __parse_schema_file(filename, objectClass): + """Load and transform a schema file.""" + + out = [] + + f = open(filename, "rU") + for entry in __read_raw_entries(f): + out.append(__write_ldif_one(__transform_entry(entry, objectClass))) + + return "\n\n".join(out) + + +def read_ms_schema(attr_file, classes_file, dump_attributes = True, dump_classes = True, debug = False): + """Read WSPP documentation-derived schema files.""" + + attr_ldif = "" + classes_ldif = "" + + if dump_attributes: + attr_ldif = __parse_schema_file(attr_file, "attributeSchema") + if dump_classes: + classes_ldif = __parse_schema_file(classes_file, "classSchema") + + return attr_ldif + "\n\n" + classes_ldif + "\n\n" diff --git a/source4/scripting/python/samba/provision.py b/source4/scripting/python/samba/provision.py index c817bffbdd..4da8079e09 100644 --- a/source4/scripting/python/samba/provision.py +++ b/source4/scripting/python/samba/provision.py @@ -44,6 +44,7 @@ from samba.dcerpc import security import urllib from ldb import SCOPE_SUBTREE, SCOPE_ONELEVEL, SCOPE_BASE, LdbError, \ timestring, CHANGETYPE_MODIFY, CHANGETYPE_NONE +from ms_schema import read_ms_schema __docformat__ = "restructuredText" @@ -854,9 +855,10 @@ def setup_samdb(path, setup_path, session_info, credentials, lp, message("Setting up sam.ldb Samba4 schema") setup_add_ldif(samdb, setup_path("schema_samba4.ldif"), {"SCHEMADN": names.schemadn }) + message("Setting up sam.ldb AD schema") - setup_add_ldif(samdb, setup_path("schema.ldif"), - {"SCHEMADN": names.schemadn}) + data = get_schema_data(setup_path, {"SCHEMADN": names.schemadn}) + samdb.add_ldif(data) setup_add_ldif(samdb, setup_path("aggregate_schema.ldif"), {"SCHEMADN": names.schemadn}) @@ -1268,8 +1270,9 @@ def provision_backend(setup_dir=None, message=None, setup_add_ldif(schemadb, setup_path("schema_samba4.ldif"), {"SCHEMADN": names.schemadn }) - setup_add_ldif(schemadb, setup_path("schema.ldif"), - {"SCHEMADN": names.schemadn}) + + data = get_schema_data(setup_path, {"SCHEMADN": names.schemadn}) + schemadb.add_ldif(data) if ldap_backend_type == "fedora-ds": if ldap_backend_port is not None: @@ -1659,7 +1662,7 @@ def load_schema(setup_path, samdb, schemadn, netbiosname, configdn, sitename, :param serverdn: DN of the server :param servername: Host name of the server """ - schema_data = open(setup_path("schema.ldif"), 'r').read() + schema_data = get_schema_data(setup_path, {"SCHEMADN": schemadn}) schema_data += open(setup_path("schema_samba4.ldif"), 'r').read() schema_data = substitute_var(schema_data, {"SCHEMADN": schemadn}) check_all_substituted(schema_data) @@ -1679,3 +1682,20 @@ def load_schema(setup_path, samdb, schemadn, netbiosname, configdn, sitename, check_all_substituted(head_data) samdb.attach_schema_from_ldif(head_data, schema_data) + +def get_schema_data(setup_path, subst_vars = None): + """Get schema data from the AD schema files instead of schema.ldif. + + :param setup_path: Setup path function. + :param subst_vars: Optional variables to substitute in the file. + """ + + # this data used to be read from schema.ldif + + data = read_ms_schema(setup_path('ad-schema/MS-AD_Schema_Attributes_v20080618.txt'), + setup_path('ad-schema/MS-AD_Schema_Classes_v20080618.txt')) + + if subst_vars is not None: + data = substitute_var(data, subst_vars) + check_all_substituted(data) + return data -- cgit From 8d63387744bd01015e7d5f3fee2d9062fecb99b2 Mon Sep 17 00:00:00 2001 From: Andrew Bartlett Date: Fri, 9 Jan 2009 18:17:55 +1100 Subject: Tolerate more whitespace errors We need to trim trailing spaces in the Microsoft-supplied schema. Andrew Bartlett --- source4/scripting/python/samba/ms_schema.py | 1 + 1 file changed, 1 insertion(+) (limited to 'source4/scripting/python') diff --git a/source4/scripting/python/samba/ms_schema.py b/source4/scripting/python/samba/ms_schema.py index 636cc3e34b..1dbab4c947 100644 --- a/source4/scripting/python/samba/ms_schema.py +++ b/source4/scripting/python/samba/ms_schema.py @@ -200,6 +200,7 @@ def __transform_entry(entry, objectClass): for l in entry: key = l[0].lower() l[1] = l[1].lstrip() + l[1] = l[1].rstrip() if not cn and key == "cn": cn = l[1] -- cgit From 8be99413540f0a9f1d4a6b6630fcfd5f1e3baefc Mon Sep 17 00:00:00 2001 From: Andrew Bartlett Date: Fri, 9 Jan 2009 18:18:28 +1100 Subject: Don't parse the schema data twice --- source4/scripting/python/samba/provision.py | 20 ++++++++------------ 1 file changed, 8 insertions(+), 12 deletions(-) (limited to 'source4/scripting/python') diff --git a/source4/scripting/python/samba/provision.py b/source4/scripting/python/samba/provision.py index 4da8079e09..177f0c3639 100644 --- a/source4/scripting/python/samba/provision.py +++ b/source4/scripting/python/samba/provision.py @@ -784,10 +784,9 @@ def setup_samdb(path, setup_path, session_info, credentials, lp, if serverrole == "domain controller": samdb.set_invocation_id(invocationid) - load_schema(setup_path, samdb, names.schemadn, names.netbiosname, - names.configdn, names.sitename, names.serverdn, - names.hostname) - + schema_data = load_schema(setup_path, samdb, names.schemadn, names.netbiosname, + names.configdn, names.sitename, names.serverdn, + names.hostname) samdb.transaction_start() try: @@ -852,13 +851,8 @@ def setup_samdb(path, setup_path, session_info, credentials, lp, "PREFIXMAP_B64": b64encode(prefixmap) }) - message("Setting up sam.ldb Samba4 schema") - setup_add_ldif(samdb, setup_path("schema_samba4.ldif"), - {"SCHEMADN": names.schemadn }) - - message("Setting up sam.ldb AD schema") - data = get_schema_data(setup_path, {"SCHEMADN": names.schemadn}) - samdb.add_ldif(data) + message("Setting up sam.ldb schema") + samdb.add_ldif(schema_data) setup_add_ldif(samdb, setup_path("aggregate_schema.ldif"), {"SCHEMADN": names.schemadn}) @@ -1661,6 +1655,8 @@ def load_schema(setup_path, samdb, schemadn, netbiosname, configdn, sitename, :param configdn: DN of the configuration :param serverdn: DN of the server :param servername: Host name of the server + + Returns the schema data loaded, to avoid double-parsing when then needing to add it to the db """ schema_data = get_schema_data(setup_path, {"SCHEMADN": schemadn}) schema_data += open(setup_path("schema_samba4.ldif"), 'r').read() @@ -1681,7 +1677,7 @@ def load_schema(setup_path, samdb, schemadn, netbiosname, configdn, sitename, }) check_all_substituted(head_data) samdb.attach_schema_from_ldif(head_data, schema_data) - + return schema_data; def get_schema_data(setup_path, subst_vars = None): """Get schema data from the AD schema files instead of schema.ldif. -- cgit From 8249383efb2037bb234dd040ebe151329cc4feb9 Mon Sep 17 00:00:00 2001 From: Andrew Bartlett Date: Wed, 18 Feb 2009 15:17:02 +1100 Subject: Add the new, updated AD schema file from Microsoft Also remove the copy of the licence text from licence.txt, to ensure we don't get variations between the copies. Andrew Bartlett --- source4/scripting/python/samba/provision.py | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'source4/scripting/python') diff --git a/source4/scripting/python/samba/provision.py b/source4/scripting/python/samba/provision.py index 177f0c3639..1ac0e4553e 100644 --- a/source4/scripting/python/samba/provision.py +++ b/source4/scripting/python/samba/provision.py @@ -1688,8 +1688,8 @@ def get_schema_data(setup_path, subst_vars = None): # this data used to be read from schema.ldif - data = read_ms_schema(setup_path('ad-schema/MS-AD_Schema_Attributes_v20080618.txt'), - setup_path('ad-schema/MS-AD_Schema_Classes_v20080618.txt')) + data = read_ms_schema(setup_path('ad-schema/MS-AD_Schema_2K8Attributes.txt'), + setup_path('ad-schema/MS-AD_Schema_2K8Classes.txt')) if subst_vars is not None: data = substitute_var(data, subst_vars) -- cgit From 17aac8cad2b3fe4b23eaebd869b1538735a1954a Mon Sep 17 00:00:00 2001 From: Andrew Bartlett Date: Thu, 5 Mar 2009 16:52:11 +1100 Subject: Remove ad2oLschema, insted call it directly from provision-backend This removes a level of indirection via external binaries in the provision-backend code, and also makes better use of our internal code for loading schema from an LDIF file. Remaining to do: Sort the output again, as the load from LDIF is unsorted (also needed because the normal LDB load from sorted input is too slow anyway, and is only needed here). Andrew Bartlett --- source4/scripting/python/pyglue.c | 31 ++++++++++++++++++++++++++--- source4/scripting/python/samba/provision.py | 22 ++++++++++---------- source4/scripting/python/samba/samdb.py | 5 ++++- 3 files changed, 42 insertions(+), 16 deletions(-) (limited to 'source4/scripting/python') diff --git a/source4/scripting/python/pyglue.c b/source4/scripting/python/pyglue.c index a2c4790611..1480e54403 100644 --- a/source4/scripting/python/pyglue.c +++ b/source4/scripting/python/pyglue.c @@ -212,7 +212,7 @@ static PyObject *py_dsdb_set_global_schema(PyObject *self, PyObject *args) Py_RETURN_NONE; } -static PyObject *py_dsdb_attach_schema_from_ldif_file(PyObject *self, PyObject *args) +static PyObject *py_dsdb_attach_schema_from_ldif(PyObject *self, PyObject *args) { WERROR result; char *pf, *df; @@ -224,12 +224,35 @@ static PyObject *py_dsdb_attach_schema_from_ldif_file(PyObject *self, PyObject * PyErr_LDB_OR_RAISE(py_ldb, ldb); - result = dsdb_attach_schema_from_ldif_file(ldb, pf, df); + result = dsdb_attach_schema_from_ldif(ldb, pf, df); PyErr_WERROR_IS_ERR_RAISE(result); Py_RETURN_NONE; } +static PyObject *py_dsdb_convert_schema_to_openldap(PyObject *self, PyObject *args) +{ + char *target_str, *mapping; + PyObject *py_ldb; + struct ldb_context *ldb; + PyObject *ret; + char *retstr; + + if (!PyArg_ParseTuple(args, "Oss", &py_ldb, &target_str, &mapping)) + return NULL; + + PyErr_LDB_OR_RAISE(py_ldb, ldb); + + retstr = dsdb_convert_schema_to_openldap(ldb, target_str, mapping); + if (!retstr) { + PyErr_SetString(PyExc_RuntimeError, "dsdb_convert_schema_to_openldap failed"); + return NULL; + } + ret = PyString_FromString(retstr); + talloc_free(retstr); + return ret; +} + static PyMethodDef py_misc_methods[] = { { "generate_random_str", (PyCFunction)py_generate_random_str, METH_VARARGS, "random_password(len) -> string\n" @@ -255,7 +278,9 @@ static PyMethodDef py_misc_methods[] = { NULL }, { "dsdb_set_global_schema", (PyCFunction)py_dsdb_set_global_schema, METH_VARARGS, NULL }, - { "dsdb_attach_schema_from_ldif_file", (PyCFunction)py_dsdb_attach_schema_from_ldif_file, METH_VARARGS, + { "dsdb_attach_schema_from_ldif", (PyCFunction)py_dsdb_attach_schema_from_ldif, METH_VARARGS, + NULL }, + { "dsdb_convert_schema_to_openldap", (PyCFunction)py_dsdb_convert_schema_to_openldap, METH_VARARGS, NULL }, { NULL } }; diff --git a/source4/scripting/python/samba/provision.py b/source4/scripting/python/samba/provision.py index 8029565399..ed6548b13b 100644 --- a/source4/scripting/python/samba/provision.py +++ b/source4/scripting/python/samba/provision.py @@ -1245,7 +1245,7 @@ def provision_backend(setup_dir=None, message=None, except OSError: pass - schemadb = Ldb(schemadb_path, lp=lp) + schemadb = SamDB(schemadb_path, lp=lp) prefixmap = open(setup_path("prefixMap.txt"), 'r').read() @@ -1263,10 +1263,8 @@ def provision_backend(setup_dir=None, message=None, "PREFIXMAP_B64": b64encode(prefixmap) }) - setup_add_ldif(schemadb, setup_path("schema_samba4.ldif"), - {"SCHEMADN": names.schemadn }) - - data = get_schema_data(setup_path, {"SCHEMADN": names.schemadn}) + data = load_schema(setup_path, schemadb, names.schemadn, names.netbiosname, + names.configdn, DEFAULTSITE, names.serverdn) schemadb.add_ldif(data) if ldap_backend_type == "fedora-ds": @@ -1480,10 +1478,10 @@ def provision_backend(setup_dir=None, message=None, ldapuser = "--username=samba-admin" - - schema_command = "bin/ad2oLschema --option=convert:target=" + ldap_backend_type + " -I " + setup_path(mapping) + " -H tdb://" + schemadb_path + " -O " + os.path.join(paths.ldapdir, backend_schema) - - os.system(schema_command) + + backend_schema_data = schemadb.convert_schema_to_openldap(ldap_backend_type, open(setup_path(mapping), 'r').read()) + assert backend_schema_data is not None + open(os.path.join(paths.ldapdir, backend_schema), 'w').write(backend_schema_data) message("Your %s Backend for Samba4 is now configured, and is ready to be started" % ldap_backend_type) message("Server Role: %s" % serverrole) @@ -1646,7 +1644,7 @@ def create_krb5_conf(path, setup_path, dnsdomain, hostname, realm): def load_schema(setup_path, samdb, schemadn, netbiosname, configdn, sitename, - serverdn, servername): + serverdn): """Load schema for the SamDB. :param samdb: Load a schema into a SamDB. @@ -1655,7 +1653,6 @@ def load_schema(setup_path, samdb, schemadn, netbiosname, configdn, sitename, :param netbiosname: NetBIOS name of the host. :param configdn: DN of the configuration :param serverdn: DN of the server - :param servername: Host name of the server Returns the schema data loaded, to avoid double-parsing when then needing to add it to the db """ @@ -1674,7 +1671,6 @@ def load_schema(setup_path, samdb, schemadn, netbiosname, configdn, sitename, "DEFAULTSITE": sitename, "PREFIXMAP_B64": prefixmap, "SERVERDN": serverdn, - "SERVERNAME": servername, }) check_all_substituted(head_data) samdb.attach_schema_from_ldif(head_data, schema_data) @@ -1685,6 +1681,8 @@ def get_schema_data(setup_path, subst_vars = None): :param setup_path: Setup path function. :param subst_vars: Optional variables to substitute in the file. + + Returns the schema data after substitution """ # this data used to be read from schema.ldif diff --git a/source4/scripting/python/samba/samdb.py b/source4/scripting/python/samba/samdb.py index 614970d3ec..881f5912fb 100644 --- a/source4/scripting/python/samba/samdb.py +++ b/source4/scripting/python/samba/samdb.py @@ -198,7 +198,10 @@ userAccountControl: %u glue.samdb_set_domain_sid(self, sid) def attach_schema_from_ldif(self, pf, df): - glue.dsdb_attach_schema_from_ldif_file(self, pf, df) + glue.dsdb_attach_schema_from_ldif(self, pf, df) + + def convert_schema_to_openldap(self, target, mapping): + return glue.dsdb_convert_schema_to_openldap(self, target, mapping) def set_invocation_id(self, invocation_id): """Set the invocation id for this SamDB handle. -- cgit From 8352650fee1233e68b489efe635f3661cab2b190 Mon Sep 17 00:00:00 2001 From: Sreepathi Pai Date: Thu, 5 Mar 2009 17:03:13 +1100 Subject: Allow ms_schema.py to produce output much like minschema_wspp I've patched the new ms_schema.py (which was intended to be used as a library) to function as minschema_wspp if invoked standalone. Although this is less robust than minschema_wspp on incorrect data, having two programs doing the same thing might not be good idea. Signed-off-by: Andrew Bartlett --- source4/scripting/python/samba/ms_schema.py | 15 +++++++++++++++ 1 file changed, 15 insertions(+) (limited to 'source4/scripting/python') diff --git a/source4/scripting/python/samba/ms_schema.py b/source4/scripting/python/samba/ms_schema.py index 1dbab4c947..f23bf0cdfe 100644 --- a/source4/scripting/python/samba/ms_schema.py +++ b/source4/scripting/python/samba/ms_schema.py @@ -1,3 +1,4 @@ +#!/usr/bin/env python # # create schema.ldif (as a string) from WSPP documentation # @@ -252,3 +253,17 @@ def read_ms_schema(attr_file, classes_file, dump_attributes = True, dump_classes classes_ldif = __parse_schema_file(classes_file, "classSchema") return attr_ldif + "\n\n" + classes_ldif + "\n\n" + +if __name__ == '__main__': + import sys + + try: + attr_file = sys.argv[1] + classes_file = sys.argv[2] + except IndexError: + print >>sys.stderr, "Usage: %s attr-file.txt classes-file.txt" % (sys.argv[0]) + sys.exit(1) + + print read_ms_schema(attr_file, classes_file) + + -- cgit From 4c32d8f1a704c9d6df09f62cc5f4caa569687c5e Mon Sep 17 00:00:00 2001 From: Andrew Bartlett Date: Fri, 6 Mar 2009 12:14:08 +1100 Subject: Load the schema for provision-backend in a transaction Loading data in a transaction is faster than without. Andrew Bartlett --- source4/scripting/python/samba/provision.py | 42 ++++++++++++++++------------- 1 file changed, 24 insertions(+), 18 deletions(-) (limited to 'source4/scripting/python') diff --git a/source4/scripting/python/samba/provision.py b/source4/scripting/python/samba/provision.py index ed6548b13b..d089cb2513 100644 --- a/source4/scripting/python/samba/provision.py +++ b/source4/scripting/python/samba/provision.py @@ -1246,26 +1246,32 @@ def provision_backend(setup_dir=None, message=None, pass schemadb = SamDB(schemadb_path, lp=lp) + schemadb.transaction_start() + try: - prefixmap = open(setup_path("prefixMap.txt"), 'r').read() + prefixmap = open(setup_path("prefixMap.txt"), 'r').read() - setup_add_ldif(schemadb, setup_path("provision_schema_basedn.ldif"), - {"SCHEMADN": names.schemadn, - "ACI": "#", - }) - setup_modify_ldif(schemadb, - setup_path("provision_schema_basedn_modify.ldif"), \ - {"SCHEMADN": names.schemadn, - "NETBIOSNAME": names.netbiosname, - "DEFAULTSITE": DEFAULTSITE, - "CONFIGDN": names.configdn, - "SERVERDN": names.serverdn, - "PREFIXMAP_B64": b64encode(prefixmap) - }) - - data = load_schema(setup_path, schemadb, names.schemadn, names.netbiosname, - names.configdn, DEFAULTSITE, names.serverdn) - schemadb.add_ldif(data) + setup_add_ldif(schemadb, setup_path("provision_schema_basedn.ldif"), + {"SCHEMADN": names.schemadn, + "ACI": "#", + }) + setup_modify_ldif(schemadb, + setup_path("provision_schema_basedn_modify.ldif"), \ + {"SCHEMADN": names.schemadn, + "NETBIOSNAME": names.netbiosname, + "DEFAULTSITE": DEFAULTSITE, + "CONFIGDN": names.configdn, + "SERVERDN": names.serverdn, + "PREFIXMAP_B64": b64encode(prefixmap) + }) + + data = load_schema(setup_path, schemadb, names.schemadn, names.netbiosname, + names.configdn, DEFAULTSITE, names.serverdn) + schemadb.add_ldif(data) + except: + schemadb.transaction_cancel() + raise + schemadb.transaction_commit() if ldap_backend_type == "fedora-ds": if ldap_backend_port is not None: -- cgit From 5ffe7de34845839f2306484cf882a43d2ea2acf1 Mon Sep 17 00:00:00 2001 From: Andrew Bartlett Date: Wed, 11 Mar 2009 12:16:27 +1100 Subject: s4:provision load_schema in provision.py no longer takes a hostname This was missed in the earlier work to use this in provision-backend Andrew Bartlett --- source4/scripting/python/samba/provision.py | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) (limited to 'source4/scripting/python') diff --git a/source4/scripting/python/samba/provision.py b/source4/scripting/python/samba/provision.py index d089cb2513..1e34b11d0a 100644 --- a/source4/scripting/python/samba/provision.py +++ b/source4/scripting/python/samba/provision.py @@ -785,8 +785,7 @@ def setup_samdb(path, setup_path, session_info, credentials, lp, samdb.set_invocation_id(invocationid) schema_data = load_schema(setup_path, samdb, names.schemadn, names.netbiosname, - names.configdn, names.sitename, names.serverdn, - names.hostname) + names.configdn, names.sitename, names.serverdn) samdb.transaction_start() try: -- cgit From 13be4d7ff42bd2b8bf5702a499c482404e5cd164 Mon Sep 17 00:00:00 2001 From: Andrew Bartlett Date: Fri, 20 Mar 2009 17:32:19 +1100 Subject: s4:schema Remove 'cn' from the final output of ms_schema.py This avoids one more point of difference between this an the output from minschema and fullschema Andrew Bartlett --- source4/scripting/python/samba/ms_schema.py | 6 ++++++ 1 file changed, 6 insertions(+) (limited to 'source4/scripting/python') diff --git a/source4/scripting/python/samba/ms_schema.py b/source4/scripting/python/samba/ms_schema.py index f23bf0cdfe..2e8050e503 100644 --- a/source4/scripting/python/samba/ms_schema.py +++ b/source4/scripting/python/samba/ms_schema.py @@ -227,6 +227,12 @@ def __transform_entry(entry, objectClass): entry.insert(0, ["dn", "CN=%s,${SCHEMADN}" % cn]) entry.insert(1, ["objectClass", ["top", objectClass]]) + for l in entry: + key = l[0].lower() + + if key == "cn": + entry.remove(l) + return entry def __parse_schema_file(filename, objectClass): -- cgit From 354ba5e2e35c0adb2dd04f81a6ce7d1d721f31dc Mon Sep 17 00:00:00 2001 From: Andrew Bartlett Date: Fri, 3 Apr 2009 08:18:14 +1100 Subject: s4:schema Update Windows 2008 schema from Microsoft to latest version --- source4/scripting/python/samba/provision.py | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'source4/scripting/python') diff --git a/source4/scripting/python/samba/provision.py b/source4/scripting/python/samba/provision.py index 64908ccb4d..189c93a1fc 100644 --- a/source4/scripting/python/samba/provision.py +++ b/source4/scripting/python/samba/provision.py @@ -1692,8 +1692,8 @@ def get_schema_data(setup_path, subst_vars = None): # this data used to be read from schema.ldif - data = read_ms_schema(setup_path('ad-schema/MS-AD_Schema_2K8Attributes.txt'), - setup_path('ad-schema/MS-AD_Schema_2K8Classes.txt')) + data = read_ms_schema(setup_path('ad-schema/MS-AD_Schema_2K8_Attributes.txt'), + setup_path('ad-schema/MS-AD_Schema_2K8_Classes.txt')) if subst_vars is not None: data = substitute_var(data, subst_vars) -- cgit