From 271b5af92e9aada36adc648a6dd43a13c5aed340 Mon Sep 17 00:00:00 2001 From: Andrew Bartlett Date: Tue, 14 Jul 2009 08:15:50 +1000 Subject: s4:dsdb Handle dc/domain/forest functional levels properly Rather than have the functional levels scattered in 4 different, unconnected locations, the provision script now sets it, and the rootdse module maintains it's copy only as a cached view onto the original values. We also use the functional level to determine if we should store AES Kerberos keys. Andrew Bartlett --- source4/setup/provision_basedn_modify.ldif | 4 ++-- source4/setup/provision_configuration.ldif | 2 +- source4/setup/provision_rootdse_add.ldif | 3 --- source4/setup/provision_self_join.ldif | 4 ++-- 4 files changed, 5 insertions(+), 8 deletions(-) (limited to 'source4/setup') diff --git a/source4/setup/provision_basedn_modify.ldif b/source4/setup/provision_basedn_modify.ldif index a7f3ce985c..36e80ec69c 100644 --- a/source4/setup/provision_basedn_modify.ldif +++ b/source4/setup/provision_basedn_modify.ldif @@ -47,10 +47,10 @@ replace: serverState serverState: 1 - replace: nTMixedDomain -nTMixedDomain: 1 +nTMixedDomain: 0 - replace: msDS-Behavior-Version -msDS-Behavior-Version: 0 +msDS-Behavior-Version: ${DOMAIN_FUNCTIONALITY} - replace: ridManagerReference ridManagerReference: CN=RID Manager$,CN=System,${DOMAINDN} diff --git a/source4/setup/provision_configuration.ldif b/source4/setup/provision_configuration.ldif index e84ac8517e..0dad24c705 100644 --- a/source4/setup/provision_configuration.ldif +++ b/source4/setup/provision_configuration.ldif @@ -6,7 +6,7 @@ objectClass: top objectClass: crossRefContainer cn: Partitions systemFlags: -2147483648 -msDS-Behavior-Version: 0 +msDS-Behavior-Version: ${FOREST_FUNCTIONALALITY} fSMORoleOwner: CN=NTDS Settings,${SERVERDN} dn: CN=Enterprise Configuration,CN=Partitions,${CONFIGDN} diff --git a/source4/setup/provision_rootdse_add.ldif b/source4/setup/provision_rootdse_add.ldif index e4e4309a90..f9ee4e5904 100644 --- a/source4/setup/provision_rootdse_add.ldif +++ b/source4/setup/provision_rootdse_add.ldif @@ -11,9 +11,6 @@ supportedLDAPVersion: 2 dnsHostName: ${DNSNAME} ldapServiceName: ${DNSDOMAIN}:${NETBIOSNAME}$@${REALM} serverName: ${SERVERDN} -domainFunctionality: 0 -forestFunctionality: 0 -domainControllerFunctionality: 2 isSynchronized: FALSE vendorName: Samba Team (http://samba.org) supportedCapabilities: 1.2.840.113556.1.4.800 diff --git a/source4/setup/provision_self_join.ldif b/source4/setup/provision_self_join.ldif index b7ca872319..b60fea6576 100644 --- a/source4/setup/provision_self_join.ldif +++ b/source4/setup/provision_self_join.ldif @@ -13,7 +13,7 @@ primaryGroupID: 516 accountExpires: 9223372036854775807 sAMAccountName: ${NETBIOSNAME}$ operatingSystem: Samba -operatingSystemVersion: 4.0 +operatingSystemVersion: ${SAMBA_VERSION_STRING} dNSHostName: ${DNSNAME} isCriticalSystemObject: TRUE userPassword:: ${MACHINEPASS_B64} @@ -57,7 +57,7 @@ options: 1 systemFlags: 33554432 dMDLocation: ${SCHEMADN} invocationId: ${INVOCATIONID} -msDS-Behavior-Version: 2 +msDS-Behavior-Version: ${DOMAIN_CONTROLLER_FUNCTIONALITY} msDS-hasMasterNCs: ${CONFIGDN} msDS-hasMasterNCs: ${SCHEMADN} msDS-hasMasterNCs: ${DOMAINDN} -- cgit