summaryrefslogtreecommitdiff
path: root/source4/scripting/python/samba/provision
AgeCommit message (Collapse)AuthorFilesLines
2011-09-13s4-subdomain: fixed invocationID and hostIPs in subdomain joinAndrew Tridgell1-9/+3
Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
2011-09-13s4-provision Perform 'modify' operations as systemAndrew Bartlett1-5/+13
We need this so that we can modify the cn=configuration partition when we are setting up a new subdomain. The serverReference on our ${SERVERDN} is in that partition, and without this change creating a new subdomain fails due to ACLs. Andrew Bartlett
2011-09-13s4-provision Split addition of users and well known principalsAndrew Bartlett1-6/+11
If we are provisioning a subdomain, then these are already in cn=configuration. Andrew Bartlett
2011-09-13s4-provision Add initial support for joining as a new subdomainAndrew Bartlett1-219/+278
To do this we need to reorganise a lot of the provision code, so that we can create the framework for the inbound replicaton of the config and schema partitions and then add in the new subdomain locally. Andrew Bartlett
2011-09-12s4-provision: Fix the informational message from dns provisioningAmitay Isaacs1-1/+1
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
2011-09-12s4-provision: Create private dir for dns in a separate functionAmitay Isaacs1-12/+29
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
2011-09-12s4-provision: Generate appropriate named.conf file depending on dns_backendAmitay Isaacs1-17/+31
For --dns_backend=BIND9, generate the dns zone file, and named.conf with zone information. For --dns-backend=BIND9_DLZ, generate the named.conf with dlz directive. If no option is specified, default dns_backend is BIND9. Signed-off-by: Andrew Bartlett <abartlet@samba.org>
2011-09-12s4-provision: Remove dupliate creation of dns/spn_update_list filesAmitay Isaacs1-8/+1
dns_update_list and spn_update_list are set up using create_dns_update_list() function. Signed-off-by: Andrew Bartlett <abartlet@samba.org>
2011-09-08s4-provision: Fill msDS-NC-Replica-Locations attribute in DNS provisioningAmitay Isaacs1-0/+1
This attribute is required by the hosting requirement. [MS_ADTS].pdf 7.1.2.3.1 DC and Application NC Replica Signed-off-by: Andrew Bartlett <abartlet@samba.org> Autobuild-User: Andrew Bartlett <abartlet@samba.org> Autobuild-Date: Thu Sep 8 02:04:51 CEST 2011 on sn-devel-104
2011-09-08s4-provision: Make DNS entries consistent with dns_update scriptAmitay Isaacs1-4/+4
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
2011-09-08s4-provision: Reworked DNS provisioning to support AD DNS schemaAmitay Isaacs1-114/+435
This changes configure DNS partitions used by AD DNS and populate with relevant entries. This has an advantage that Windows can replicate these partitions and set up dns server using them. In addition, these partitions are used by bind9_dlz module to query zone information directly and do not need to create text database for dynamic zones. Signed-off-by: Andrew Bartlett <abartlet@samba.org>
2011-09-08s4-provision: Add DNS backend option to provisionAmitay Isaacs1-4/+6
This option is introduced temporarily to test bind9 backend with and without dlz_dlopen module. Signed-off-by: Andrew Bartlett <abartlet@samba.org>
2011-09-05s4-provision: these substitutuons are not used any moreAndrew Tridgell1-4/+1
we now create partitions dynamically Pair-Programmed-With: Amitay Isaacs <amitay@gmail.com>
2011-08-26s4-provision Use samba.dns_name_to_dnAndrew Bartlett1-2/+2
2011-08-25s4-provision: pass the rootDN into guess_names()Andrew Tridgell1-2/+2
this gets the correct forest DN during provision Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
2011-08-19provision: Add idmap database handle to the result of provisionAmitay Isaacs1-0/+2
It is required in s3_upgrade script to migrate idmap database from s3 to s4. Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org> Signed-off-by: Andrew Bartlett <abartlet@samba.org>
2011-08-13s4-provision Add support for fixing the DC rid to a particular valueAndrew Bartlett1-13/+21
This will allow an upgraded DC to keep its SID, while being upgraded to AD. We also watch for the highest RID in the existing DB to set next_rid for other additional users. Andrew Bartlett
2011-08-12s4-provision: create dsServiceName in @ROOTDSE in GUID formAndrew Tridgell1-1/+2
this allows for handling of server renames as the GUID doesn't change Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
2011-07-21s4-param: use "state directory" and "cache directory" optionsBjörn Baumbach1-5/+5
instead of "state dir" and "cache dir" in order be compatible with the source3 code. Signed-off-by: Stefan Metzmacher <metze@samba.org>
2011-07-21s4-provision: run dbcheck on a minimal set of objects in provisionAndrew Tridgell1-4/+8
this speeds up the dbcheck in provision to fix only the objects that we know will need fixing Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
2011-07-13ldb: use base searches for @ special DNsAndrew Tridgell1-11/+14
subtree searches on these DNs don't work any more Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
2011-07-13dbcheck: only do the provision dbcheck if there are objects to checkAndrew Tridgell1-13/+14
when in FILL_DRS mode, there are no objects to check yet Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
2011-07-13s4-provision: fixed the GUIDs in the provision using dbcheckAndrew Tridgell1-0/+16
some DNs are are not setup with GUIDs during the provision because of circular dependencies between objects. This adds a dbcheck pass to the provision to fix those DNs Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
2011-07-12s4:provision: place the sysvol share under "state dir" instead of "lock dir"Stefan Metzmacher1-1/+1
metze
2011-07-12s4:param: add "state dir" and "cache dir" optionsStefan Metzmacher1-1/+9
metze
2011-07-11s4-provision: use samba.unix2nttime() instead of hard coding NTTIME offsetsAndrew Tridgell1-2/+2
Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org> Pair-Programmed-With: Amitay Isaacs <amitay@gmail.com>
2011-07-11s4-provision: fix the value of creation timestamp to be a MS timestampMatthieu Patou1-2/+2
Signed-off-by: Andrew Tridgell <tridge@samba.org>
2011-07-07s4 provision: Add some of the AD-specific DNS records to the directoryKai Blin2-8/+235
Signed-off-by: Kai Blin <kai@samba.org> Autobuild-User: Kai Blin <kai@samba.org> Autobuild-Date: Thu Jul 7 02:29:53 CEST 2011 on sn-devel-104
2011-07-07s4 provision: split up DNS provisioning into generic and samba-specific ldifsKai Blin1-2/+10
Signed-off-by: Kai Blin <kai@samba.org>
2011-06-19s4-provision: Remove hard coded SD for CN=Sites containerMatthieu Patou1-15/+0
With the fix introduced by Nadya in changeset 622ef6aed82a2f2f7748c2a88535486af77487de we are now able to generate correct SD (at least the same as W2k3R2 with a Forest Level of 2003), so there is no need for this fix anymore as it makes SDs for Forest Level 2003 and lower incorrect.
2011-06-19s4-upgradeprovision: introduce invocation id in lastprovisionUSNsMatthieu Patou1-17/+39
2011-06-19s4-python: fix wrong discovery of the site name in find_key_provision_parametersMatthieu Patou1-1/+1
2011-06-09s4-ipv6: don't default to 127.0.0.1 in provisionAndrew Tridgell1-5/+8
it is better to just leave the IPv4 address out of the zone file Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
2011-06-07s4-provision: fixed detection of V4/V6 addressesAndrew Tridgell1-2/+29
Autobuild-User: Andrew Tridgell <tridge@samba.org> Autobuild-Date: Tue Jun 7 06:07:24 CEST 2011 on sn-devel-104
2011-06-06s4-param Remove 'sid generator'Andrew Bartlett1-6/+0
This was only used by the Fedora DS backend for Samba4. We agreed to no longer support external LDAP backends. Andrew Bartlett
2011-06-06s4-param Remove 'idmap database'Andrew Bartlett1-2/+1
This is now just idmap.ldb in the private dir, which remains.
2011-06-06s4-param Remove 'secrets database' parameterAndrew Bartlett1-2/+1
This is now just secrets.ldb in the private dir, which remains.
2011-06-06s4-param Remove 'sam database' parameterAndrew Bartlett1-3/+2
This now just relies on the private dir parameter, which remains. Andrew Bartlett
2011-05-25s4-provision Use correct tkey-gssapi-credentialAndrew Bartlett1-1/+3
We changed to ${DNSNAME} (the fully qualified domain name) a while back, and while it's usually functionally idential to the previous setting, this breaks down if there is more than one DNS server. Andrew Bartlett
2011-05-21s4-python: Remove not used importsMatthieu Patou1-4/+2
2011-05-21s4-python: move function find_provision_key_parameters to provision ↵Matthieu Patou1-0/+106
namespace as it can be used not only for upgradeprovision
2011-04-30provision: reorganize attributes so that we don't attribute with DN syntax ↵Matthieu Patou1-0/+5
that depends on non present object Autobuild-User: Matthieu Patou <mat@samba.org> Autobuild-Date: Sat Apr 30 14:51:16 CEST 2011 on sn-devel-104
2011-04-03Avoid uppercasing server role in error message.Jelmer Vernooij1-1/+1
Autobuild-User: Jelmer Vernooij <jelmer@samba.org> Autobuild-Date: Sun Apr 3 20:01:48 CEST 2011 on sn-devel-104
2011-02-07s4-provision: added setup_path() import in two more placesAndrew Tridgell1-0/+2
Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
2011-02-07s4-provision Remove setup_path, setup_dir and find_setup_dirAndrew Bartlett2-118/+89
We now have a reliable way to know the current location of the templates: dyn_SETUPDIR, which is updated for both the in-build and installed binaries. This replaces the function arguments and the distributed resolution of the setup directory with one 'global' function (imported as required). This also removes the ability to specify an alternate setup directory on the command line, as this was rarely if ever used and never tested. Andrew Bartlett
2011-02-07s4-loadparm: removed "setup directory" optionAndrew Tridgell1-8/+0
the correct setup directory is known at both build time and install time using dyn_SETUPDIR, so we no longer have any need to override it Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
2011-02-07s4-provision: cope with top level directory for provisionAndrew Tridgell1-2/+2
to allow for top level 'make test' we need to cope with two in-tree directory layouts Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
2011-01-17s4-provision: Fixed owner/group for hard-coded Sites descriptor.Nadezhda Ivanova1-3/+1
We must not specify explicitly owner and group. As there is a difference between WIN_2003 and WIN_2008, we should let descriptor module compute the correct default ones. Also removed inherited ACEs, they are ignored during SD creation anyway. Autobuild-User: Nadezhda Ivanova <nivanova@samba.org> Autobuild-Date: Mon Jan 17 18:23:24 CET 2011 on sn-devel-104
2010-12-08s4-provision Always run slaptest to convert the config fileAndrew Bartlett1-13/+13
If the directory exists, it does not mean that it is configured - we may be on a re-run of the provision. Andrew Bartlett Autobuild-User: Andrew Bartlett <abartlet@samba.org> Autobuild-Date: Wed Dec 8 05:19:12 CET 2010 on sn-devel-104
2010-12-08s4-provision Add an invalid names check for 'domain == netbiosname'Andrew Bartlett1-1/+4
(This is also invalid) Andrew Bartlett
generated by cgit v1.2.3 (git 2.25.1) at 2026-05-07 16:58:48 +0000