From 9983ad7a80477d8aaaa16488a93dffc6a32dd1ef Mon Sep 17 00:00:00 2001 From: Andrew Bartlett Date: Tue, 4 Sep 2012 10:27:50 +1000 Subject: s3-passdb: Rename pdb_samba4 to samba_dsdb and autoconfigure when we are a AD DC The name samba_dsdb is not ideal, but it matches the primary ldb module we use, and more importantly it avoids having '4' in the name. We should slowly avoid using the term samba4 in long-term places like the smb.conf because it is confusing to users given we are shipping Samba 4.0 as an AD DC as well as all the other supported roles (domain member/standalone server/classic DC) Additionally, samba4 will be an odd name when we eventually release Samba 5.0! samba4 remains accepted as an alias to ensure existing smb.conf files load, but to allow changes here in the future, we set the value during the smb.conf load, and not during the provision when we are an AD DC. This simplifies the default smb.conf for the vast majority of our users and reduces the number of things listed in smb.conf files that we later have to work around if we wish to change the name/implementation of the passdb glue module again. Andrew Bartlett Autobuild-User(master): Andrew Bartlett Autobuild-Date(master): Tue Sep 4 04:45:16 CEST 2012 on sn-devel-104 --- source4/scripting/python/samba/netcmd/ntacl.py | 4 ++-- .../scripting/python/samba/provision/__init__.py | 23 +++++++++++----------- 2 files changed, 14 insertions(+), 13 deletions(-) (limited to 'source4/scripting') diff --git a/source4/scripting/python/samba/netcmd/ntacl.py b/source4/scripting/python/samba/netcmd/ntacl.py index 4a0c91c289..661af80f30 100644 --- a/source4/scripting/python/samba/netcmd/ntacl.py +++ b/source4/scripting/python/samba/netcmd/ntacl.py @@ -152,8 +152,8 @@ class cmd_ntacl_sysvolreset(Command): s3conf = s3param.get_context() s3conf.load(lp.configfile) - # ensure we are using the right samba4 passdb backend, no matter what - s3conf.set("passdb backend", "samba4:%s" % samdb.url) + # ensure we are using the right samba_dsdb passdb backend, no matter what + s3conf.set("passdb backend", "samba_dsdb:%s" % samdb.url) LA_sid = security.dom_sid(str(domain_sid) +"-"+str(security.DOMAIN_RID_ADMINISTRATOR)) diff --git a/source4/scripting/python/samba/provision/__init__.py b/source4/scripting/python/samba/provision/__init__.py index c7fda92f5e..e1f0571dfd 100644 --- a/source4/scripting/python/samba/provision/__init__.py +++ b/source4/scripting/python/samba/provision/__init__.py @@ -613,7 +613,6 @@ def make_smbconf(smbconf, hostname, domain, realm, targetdir, realm = realm.upper() global_settings = { - "passdb backend": "samba4", "netbios name": netbiosname, "workgroup": domain, "realm": realm, @@ -660,6 +659,8 @@ def make_smbconf(smbconf, hostname, domain, realm, targetdir, shares["sysvol"] = os.path.join(lp.get("state directory"), "sysvol") shares["netlogon"] = os.path.join(shares["sysvol"], realm.lower(), "scripts") + else: + global_settings["passdb backend"] = "samba_dsdb" f = open(smbconf, 'w') try: @@ -1415,11 +1416,11 @@ def setsysvolacl(samdb, netlogon, sysvol, uid, gid, domainsid, dnsdomain, domain # This will ensure that the smbd code we are running when setting ACLs is initialised with the smb.conf s3conf = s3param.get_context() s3conf.load(lp.configfile) - # ensure we are using the right samba4 passdb backend, no matter what - s3conf.set("passdb backend", "samba4:%s" % samdb.url) + # ensure we are using the right samba_dsdb passdb backend, no matter what + s3conf.set("passdb backend", "samba_dsdb:%s" % samdb.url) passdb.reload_static_pdb() - # ensure that we init the samba4 backend, so the domain sid is marked in secrets.tdb + # ensure that we init the samba_dsdb backend, so the domain sid is marked in secrets.tdb s4_passdb = passdb.PDB(s3conf.get("passdb backend")) # now ensure everything matches correctly, to avoid wierd issues @@ -1428,10 +1429,10 @@ def setsysvolacl(samdb, netlogon, sysvol, uid, gid, domainsid, dnsdomain, domain domain_info = s4_passdb.domain_info() if domain_info["dom_sid"] != domainsid: - raise ProvisioningError('SID as seen by pdb_samba4 [%s] does not match SID as seen by the provision script [%s]!' % (domain_info["dom_sid"], domainsid)) + raise ProvisioningError('SID as seen by pdb_samba_dsdb [%s] does not match SID as seen by the provision script [%s]!' % (domain_info["dom_sid"], domainsid)) if domain_info["dns_domain"].upper() != dnsdomain.upper(): - raise ProvisioningError('Realm as seen by pdb_samba4 [%s] does not match Realm as seen by the provision script [%s]!' % (domain_info["dns_domain"].upper(), dnsdomain.upper())) + raise ProvisioningError('Realm as seen by pdb_samba_dsdb [%s] does not match Realm as seen by the provision script [%s]!' % (domain_info["dns_domain"].upper(), dnsdomain.upper())) try: @@ -1536,9 +1537,9 @@ def checksysvolacl(samdb, netlogon, sysvol, domainsid, dnsdomain, domaindn, # This will ensure that the smbd code we are running when setting ACLs is initialised with the smb.conf s3conf = s3param.get_context() s3conf.load(lp.configfile) - # ensure we are using the right samba4 passdb backend, no matter what - s3conf.set("passdb backend", "samba4:%s" % samdb.url) - # ensure that we init the samba4 backend, so the domain sid is marked in secrets.tdb + # ensure we are using the right samba_dsdb passdb backend, no matter what + s3conf.set("passdb backend", "samba_dsdb:%s" % samdb.url) + # ensure that we init the samba_dsdb backend, so the domain sid is marked in secrets.tdb s4_passdb = passdb.PDB(s3conf.get("passdb backend")) # now ensure everything matches correctly, to avoid wierd issues @@ -1547,10 +1548,10 @@ def checksysvolacl(samdb, netlogon, sysvol, domainsid, dnsdomain, domaindn, domain_info = s4_passdb.domain_info() if domain_info["dom_sid"] != domainsid: - raise ProvisioningError('SID as seen by pdb_samba4 [%s] does not match SID as seen by the provision script [%s]!' % (domain_info["dom_sid"], domainsid)) + raise ProvisioningError('SID as seen by pdb_samba_dsdb [%s] does not match SID as seen by the provision script [%s]!' % (domain_info["dom_sid"], domainsid)) if domain_info["dns_domain"].upper() != dnsdomain.upper(): - raise ProvisioningError('Realm as seen by pdb_samba4 [%s] does not match Realm as seen by the provision script [%s]!' % (domain_info["dns_domain"].upper(), dnsdomain.upper())) + raise ProvisioningError('Realm as seen by pdb_samba_dsdb [%s] does not match Realm as seen by the provision script [%s]!' % (domain_info["dns_domain"].upper(), dnsdomain.upper())) # Set the SYSVOL_ACL on the sysvol folder and subfolder (first level) for direct_db_access in [True, False]: -- cgit