From a6b842f9634cbeb4075c2bbaf7e49c19104602be Mon Sep 17 00:00:00 2001 From: Andrew Bartlett Date: Tue, 15 Jul 2008 15:15:12 +1000 Subject: Connect to the LDAP backend with SASL credentials. This reworks our LDAP backend code to move from anonymous access to a shared-secret SASL-protected connection. (SASL selects NTLM or DIGEST-MD5 on my system). To get this working, we must pre-populate the LDAP backend with a DN to store ths SASL secret on, and we use back-ldif for this. This gives us a reasonable basis to deploy a replicated OpenLDAP backend solution. Andrew Bartlett (This used to be commit cd0745253c4a9ec59a035e830e54d74a05b71aaa) --- source4/setup/provision | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) (limited to 'source4/setup/provision') diff --git a/source4/setup/provision b/source4/setup/provision index c1d6cd157a..7bd61fc1d8 100755 --- a/source4/setup/provision +++ b/source4/setup/provision @@ -30,7 +30,7 @@ import os, sys sys.path.insert(0, "bin/python") import samba - +from samba.credentials import DONT_USE_KERBEROS from samba.auth import system_session import samba.getopt as options from samba import param @@ -131,6 +131,8 @@ else: creds = credopts.get_credentials(lp) +creds.set_kerberos_state(DONT_USE_KERBEROS) + setup_dir = opts.setupdir if setup_dir is None: setup_dir = "setup" -- cgit