diff options
| -rw-r--r-- | source4/param/loadparm.c | 2 | ||||
| -rw-r--r-- | source4/scripting/python/samba/provision.py | 29 | ||||
| -rw-r--r-- | source4/scripting/python/samba/upgrade.py | 5 | ||||
| -rwxr-xr-x | source4/setup/provision | 20 | ||||
| -rw-r--r-- | source4/setup/provision.smb.conf.dc | 4 | ||||
| -rw-r--r-- | source4/setup/provision.smb.conf.member | 4 | ||||
| -rw-r--r-- | source4/setup/provision.smb.conf.standalone | 4 | ||||
| -rwxr-xr-x | source4/setup/tests/blackbox_provision.sh | 5 |
8 files changed, 41 insertions, 32 deletions
diff --git a/source4/param/loadparm.c b/source4/param/loadparm.c index 65ce7595fc..a1d29b0771 100644 --- a/source4/param/loadparm.c +++ b/source4/param/loadparm.c @@ -316,7 +316,9 @@ static const struct enum_list enum_smb_signing_vals[] = { static const struct enum_list enum_server_role[] = { {ROLE_STANDALONE, "standalone"}, {ROLE_DOMAIN_MEMBER, "member server"}, + {ROLE_DOMAIN_MEMBER, "member"}, {ROLE_DOMAIN_CONTROLLER, "domain controller"}, + {ROLE_DOMAIN_CONTROLLER, "dc"}, {-1, NULL} }; diff --git a/source4/scripting/python/samba/provision.py b/source4/scripting/python/samba/provision.py index 37c4c5b082..25c1a995ef 100644 --- a/source4/scripting/python/samba/provision.py +++ b/source4/scripting/python/samba/provision.py @@ -572,9 +572,7 @@ def setup_samdb(path, setup_path, session_info, credentials, lp, :note: This will wipe the main SAM database file! """ - assert serverrole in ("domain controller", "member server") - - erase = (fill != FILL_DRS) + erase = (fill != FILL_DRS) # Also wipes the database setup_samdb_partitions(path, setup_path, schemadn=schemadn, configdn=configdn, @@ -796,17 +794,22 @@ def provision(setup_dir, message, session_info, if not os.path.exists(os.path.join(targetdir, "etc")): os.mkdir(os.path.join(targetdir, "etc")) - if smbconf is None: - smbconf = os.path.join(targetdir, os.path.join("etc", "smb.conf")) + smbconf = os.path.join(targetdir, os.path.join("etc", "smb.conf")) # only install a new smb.conf if there isn't one there already + if not os.path.exists(smbconf): message("Setting up smb.conf") - assert serverrole is not None + if serverrole is None: + serverrole = "standalone" + + assert serverrole in ("domain controller", "member server", "standalone") if serverrole == "domain controller": smbconfsuffix = "dc" elif serverrole == "member server": smbconfsuffix = "member" + elif serverrole == "standalone": + smbconfsuffix = "standalone" assert domain is not None assert realm is not None @@ -827,8 +830,8 @@ def provision(setup_dir, message, session_info, setup_file(setup_path("provision.smb.conf.%s" % smbconfsuffix), smbconf, { "HOSTNAME": hostname, - "DOMAIN_CONF": domain, - "REALM_CONF": realm, + "DOMAIN": domain, + "REALM": realm, "SERVERROLE": serverrole, "NETLOGONPATH": netlogon, "SYSVOLPATH": sysvol, @@ -841,7 +844,7 @@ def provision(setup_dir, message, session_info, if serverrole is None: serverrole = lp.get("server role") - assert serverrole in ("domain controller", "member server") + assert serverrole in ("domain controller", "member server", "standalone") if invocationid is None and serverrole == "domain controller": invocationid = uuid.random() @@ -851,6 +854,10 @@ def provision(setup_dir, message, session_info, assert realm is not None realm = realm.upper() + if lp.get("realm").upper() != realm.upper(): + raise Exception("realm '%s' in %s must match chosen realm '%s'" % + (lp.get("realm"), smbconf, realm)) + dnsdomain = realm.lower() paths = provision_paths_from_lp(lp, dnsdomain) @@ -896,10 +903,6 @@ def provision(setup_dir, message, session_info, message("Provisioning for %s in realm %s" % (domain, realm)) message("Using administrator password: %s" % adminpass) - if lp.get("realm").upper() != realm.upper(): - raise Exception("realm '%s' in smb.conf must match chosen realm '%s'" % - (lp.get("realm"), realm)) - # only install a new shares config db if there is none if not os.path.exists(paths.shareconf): message("Setting up share.ldb") diff --git a/source4/scripting/python/samba/upgrade.py b/source4/scripting/python/samba/upgrade.py index 01b62ff984..c5086846d8 100644 --- a/source4/scripting/python/samba/upgrade.py +++ b/source4/scripting/python/samba/upgrade.py @@ -218,11 +218,9 @@ def upgrade_provision(samba3, setup_dir, message, credentials, session_info, lp, else: serverrole = "member server" - lp.set("server role", serverrole) domainname = oldconf.get("workgroup") if domainname: domainname = str(domainname) - lp.set("workgroup", domainname) realm = oldconf.get("realm") netbiosname = oldconf.get("netbios name") @@ -235,7 +233,6 @@ def upgrade_provision(samba3, setup_dir, message, credentials, session_info, lp, if realm is None: realm = domainname.lower() message("No realm specified in smb.conf file, assuming '%s'\n" % realm) - lp.set("realm", realm) domainguid = secrets_db.get_domain_guid(domainname) domainsid = secrets_db.get_sid(domainname) @@ -247,7 +244,7 @@ def upgrade_provision(samba3, setup_dir, message, credentials, session_info, lp, else: machinepass = None - domaindn = provision(lp=lp, setup_dir=setup_dir, message=message, + domaindn = provision(setup_dir=setup_dir, message=message, samdb_fill=FILL_DRS, paths=paths, session_info=session_info, credentials=credentials, realm=realm, domain=domainname, domainsid=domainsid, domainguid=domainguid, diff --git a/source4/setup/provision b/source4/setup/provision index 606443a6ed..629bfa10e0 100755 --- a/source4/setup/provision +++ b/source4/setup/provision @@ -88,7 +88,7 @@ parser.add_option("--ldap-backend-type", type="choice", metavar="LDAP-BACKEND-TY parser.add_option("--aci", type="string", metavar="ACI", help="An arbitary LDIF fragment, particularly useful to loading a backend ACI value into a target LDAP server. You must provide at least a realm and domain") parser.add_option("--server-role", type="choice", metavar="ROLE", - choices=["domain controller", "member server"], + choices=["domain controller", "dc", "member server", "member", "standalone"], help="Set server role to provision for (default standalone)") parser.add_option("--partitions-only", help="Configure Samba's partitions, but do not modify them (ie, join a BDC)", action="store_true") @@ -110,14 +110,18 @@ if opts.realm is None or opts.domain is None: parser.print_usage() sys.exit(1) -# cope with an initially blank smb.conf - -if sambaopts.get_loadparm_path() is not None: - smbconf = sambaopts.get_loadparm_path() +smbconf = sambaopts.get_loadparm_path() if opts.aci is not None: print "set ACI: %s" % opts.aci +if opts.server_role == "dc": + server_role = "domain controller" +elif opts.server_role == "member": + server_role = "member server" +else: + server_role = opts.server_role + creds = credopts.get_credentials() setup_dir = opts.setupdir @@ -131,8 +135,8 @@ elif opts.partitions_only: samdb_fill = FILL_DRS provision(setup_dir, message, - system_session(), creds, smbconf=smbconf, - samdb_fill=samdb_fill, realm=opts.realm, + system_session(), creds, smbconf=smbconf, targetdir=opts.targetdir, + samdb_fill=samdb_fill, realm=opts.realm, domain=opts.domain, domainguid=opts.domain_guid, domainsid=opts.domain_sid, policyguid=opts.policy_guid, hostname=opts.host_name, hostip=opts.host_ip, hostguid=opts.host_guid, @@ -140,7 +144,7 @@ provision(setup_dir, message, krbtgtpass=opts.krbtgtpass, machinepass=opts.machinepass, dnspass=opts.dnspass, root=opts.root, nobody=opts.nobody, nogroup=opts.nogroup, wheel=opts.wheel, users=opts.users, - aci=opts.aci, serverrole=opts.server_role, + aci=opts.aci, serverrole=server_role, ldap_backend=opts.ldap_backend, ldap_backend_type=opts.ldap_backend_type) diff --git a/source4/setup/provision.smb.conf.dc b/source4/setup/provision.smb.conf.dc index e77e699028..ad06be4301 100644 --- a/source4/setup/provision.smb.conf.dc +++ b/source4/setup/provision.smb.conf.dc @@ -1,7 +1,7 @@ [globals] netbios name = ${HOSTNAME} - workgroup = ${DOMAIN_CONF} - realm = ${REALM_CONF} + workgroup = ${DOMAIN} + realm = ${REALM} server role = ${SERVERROLE} ${PRIVATEDIR_LINE} ${LOCKDIR_LINE} diff --git a/source4/setup/provision.smb.conf.member b/source4/setup/provision.smb.conf.member index 1d9191d8c2..0d742fb903 100644 --- a/source4/setup/provision.smb.conf.member +++ b/source4/setup/provision.smb.conf.member @@ -1,7 +1,7 @@ [globals] netbios name = ${HOSTNAME} - workgroup = ${DOMAIN_CONF} - realm = ${REALM_CONF} + workgroup = ${DOMAIN} + realm = ${REALM} server role = ${SERVERROLE} ${PRIVATEDIR_LINE} ${LOCKDIR_LINE} diff --git a/source4/setup/provision.smb.conf.standalone b/source4/setup/provision.smb.conf.standalone index 1d9191d8c2..0d742fb903 100644 --- a/source4/setup/provision.smb.conf.standalone +++ b/source4/setup/provision.smb.conf.standalone @@ -1,7 +1,7 @@ [globals] netbios name = ${HOSTNAME} - workgroup = ${DOMAIN_CONF} - realm = ${REALM_CONF} + workgroup = ${DOMAIN} + realm = ${REALM} server role = ${SERVERROLE} ${PRIVATEDIR_LINE} ${LOCKDIR_LINE} diff --git a/source4/setup/tests/blackbox_provision.sh b/source4/setup/tests/blackbox_provision.sh index 0aed7bb8b7..83c045e40d 100755 --- a/source4/setup/tests/blackbox_provision.sh +++ b/source4/setup/tests/blackbox_provision.sh @@ -27,7 +27,10 @@ testit() { return $status } -testit "simple" $PYTHON ./setup/provision $CONFIGURATION --domain=FOO --realm=foo.example.com --targetdir=$PREFIX/simple +testit "simple-default" $PYTHON ./setup/provision $CONFIGURATION --domain=FOO --realm=foo.example.com --targetdir=$PREFIX/simple-default +testit "simple-dc" $PYTHON ./setup/provision $CONFIGURATION --server-role="dc" --domain=FOO --realm=foo.example.com --targetdir=$PREFIX/simple-dc +testit "simple-member" $PYTHON ./setup/provision $CONFIGURATION --server-role="member" --domain=FOO --realm=foo.example.com --targetdir=$PREFIX/simple-member +testit "simple-standalone" $PYTHON ./setup/provision $CONFIGURATION --server-role="standalone" --domain=FOO --realm=foo.example.com --targetdir=$PREFIX/simple-standalone reprovision() { $PYTHON ./setup/provision $CONFIGURATION --domain=FOO --realm=foo.example.com --targetdir="$PREFIX/reprovision" |