From 5f2832a5dc02e6d240c398e3fada4c92ae99d4ea Mon Sep 17 00:00:00 2001 From: Matthias Dieter Wallnöfer Date: Mon, 17 Aug 2009 21:29:47 +0200 Subject: s4:samldb - Major rework This fixes up the change of the primary group of a user when using the ADUC console: - When the "primaryGroupId" attribute changes, we have to delete the "member"/"memberOf" attribute reference of the new primary group and add one for the old primary group. - Deny deletion of primary groups according to Windows Server (so we cannot have invalid "primaryGroupID" attributes in our AD). - We cannot add a primary group directly before it isn't a secondary one of a user account. - We cannot add a secondary reference ("member" attribute) when the group has been chosen as primary one. This also removes the LDB templates which are basically overhead now. This should also fix bug #6599. --- source4/scripting/python/samba/provision.py | 32 ----------------------------- 1 file changed, 32 deletions(-) (limited to 'source4/scripting') diff --git a/source4/scripting/python/samba/provision.py b/source4/scripting/python/samba/provision.py index 8bc812ac77..edce391465 100644 --- a/source4/scripting/python/samba/provision.py +++ b/source4/scripting/python/samba/provision.py @@ -317,7 +317,6 @@ def provision_paths_from_lp(lp, dnsdomain): paths.samdb = os.path.join(paths.private_dir, lp.get("sam database") or "samdb.ldb") paths.idmapdb = os.path.join(paths.private_dir, lp.get("idmap database") or "idmap.ldb") paths.secrets = os.path.join(paths.private_dir, lp.get("secrets database") or "secrets.ldb") - paths.templates = os.path.join(paths.private_dir, "templates.ldb") paths.dns = os.path.join(paths.private_dir, dnsdomain + ".zone") paths.namedconf = os.path.join(paths.private_dir, "named.conf") paths.namedtxt = os.path.join(paths.private_dir, "named.txt") @@ -712,33 +711,6 @@ def setup_secretsdb(path, setup_path, session_info, credentials, lp): return secrets_ldb - -def setup_templatesdb(path, setup_path, session_info, lp): - """Setup the templates database. - - :param path: Path to the database. - :param setup_path: Function for obtaining the path to setup files. - :param session_info: Session info - :param credentials: Credentials - :param lp: Loadparm context - """ - templates_ldb = Ldb(url=path, session_info=session_info, - lp=lp) - # Wipes the database - try: - templates_ldb.erase() - # This should be 'except LdbError', but on a re-provision the assert in ldb.erase fires, and we need to catch that too - except: - os.unlink(path) - - templates_ldb.load_ldif_file_add(setup_path("provision_templates_init.ldif")) - - templates_ldb = Ldb(url=path, session_info=session_info, - lp=lp) - - templates_ldb.load_ldif_file_add(setup_path("provision_templates.ldif")) - - def setup_registry(path, setup_path, session_info, lp): """Setup the registry. @@ -1152,10 +1124,6 @@ def provision(setup_dir, message, session_info, setup_registry(paths.hklm, setup_path, session_info, lp=lp) - message("Setting up templates db") - setup_templatesdb(paths.templates, setup_path, session_info=session_info, - lp=lp) - message("Setting up idmap db") idmap = setup_idmapdb(paths.idmapdb, setup_path, session_info=session_info, lp=lp) -- cgit