summaryrefslogtreecommitdiffstats
path: root/source4/scripting/python
Commit message (Collapse)AuthorAgeFilesLines
* s4-selftest: Add test for samba-tool ntacl sysvolcheckAndrew Bartlett2012-08-231-0/+26
|
* s4-samba-tool: Add samba-tool ntacl sysvolcheck commandAndrew Bartlett2012-08-232-1/+143
| | | | | | | | | This command verifies that the current on-disk ACLs match the directory and the defaults from provision. Unlike sysvolreset, this does not change any of the permissions. Andrew Bartlett
* s3-smbd: Add security_info_wanted argument to get_nt_acl_no_snumAndrew Bartlett2012-08-231-1/+1
| | | | | | | I need to get at the owner, group, DACL and SACL when testing correct ACL storage. Andrew Bartlett
* s4-selftest: Add testing of samba-tool ntacl sysvolresetAndrew Bartlett2012-08-231-0/+44
|
* s4-provision: Fix internal documentationAndrew Bartlett2012-08-231-0/+1
|
* s3-pysmbd: Allow a mode to be specified for the simple ACLAndrew Bartlett2012-08-231-1/+1
| | | | | | The additional group for the ACL is now optional. Andrew Bartlett
* s4-samba-tool: Add 'samba-tool ntacl sysvolreset' toolAndrew Bartlett2012-08-231-1/+73
| | | | | | | This will reset the NT ACL on the sysvol share to the default from provision, with GPO objects matching the LDAP ACL (as required). Andrew Bartlett
* selftest: Cope with the multiple possible representations of -1 in posixacl.pyAndrew Bartlett2012-08-231-28/+29
|
* selftest: Extend posixacl test to check the actual ACLAndrew Bartlett2012-08-231-2/+274
| | | | | | | | | | | | | | | | | | | | Needing to be able to write this test is the primary reason I have been reworking the VFS and posix ACL layer over the past few weeks. By exposing the POSIX ACL as a IDL object we can eaisly manipulate it in python, and then verify that the ACL was handled correctly. This ensures the when we write an ACL in provision, that it will indeed allow that access at the FS layer. We need to extend this beyond just the critical two ACLs set during provision, to also include some special (hard) cases involving the merging of ACE entries, as this is the most delicate part of the ACL transfomation. A similar test should also be written to read the posix ACL and the mapped NT ACL on a file that has never had an NT ACL set. Andrew Bartlett
* selftest: Add a test of the NT ACL -> posix ACL mapping layerAndrew Bartlett2012-08-231-0/+131
| | | | | | | This is the start of what will be a series of tests confirming exactly how some NT ACLs are mapped to posix ACLs. Andrew Bartlett
* s4-scripting: Redefine getntacl() as accessing via the smbd VFS or directlyAndrew Bartlett2012-08-232-6/+11
| | | | | | | This allows us to write tests that compare the smbd vfs with what is in the DB or xattr. Andrew Bartlett
* s4-provision: set POSIX ACLs to for use with the smbd file server (s3fs)Andrew Bartlett2012-08-232-52/+92
| | | | | | | | This handles the fact that smbd will rarely override the POSIX ACL enforced by the kernel. This has caused issues with the creation of group policies by other members of the Domain Admins group. Andrew Bartlett
* s4-upgradeprovision: Use ntvfs in reference provisionAndrew Bartlett2012-08-231-1/+1
| | | | | | | We do not need filesystem ACLs set when creating the reference provision, so it is easier to use the NTVFS backend as it does not cause trouble with make test. Andrew Bartlett
* s4-classicupgrade: Add --use-ntvfs optionAndrew Bartlett2012-08-222-4/+8
| | | | | | | | This is an odd option, but is needed because I wish to add assertions about ACL setting that will not work in make test without the vfs_fake_acls module loaded. Andrew Bartlett
* s4-provision: pass use_ntvfs from C wrappers and set to true in tests/vampireAndrew Bartlett2012-08-221-2/+2
| | | | | | None of these cases need the complexity of the s3fs backend. Andrew Bartlett
* s3-libsmb: Add a simple test for python bindingsVolker Lendecke2012-08-161-0/+78
| | | | | | | Signed-off-by: Stefan Metzmacher <metze@samba.org> Autobuild-User(master): Stefan Metzmacher <metze@samba.org> Autobuild-Date(master): Thu Aug 16 22:49:06 CEST 2012 on sn-devel-104
* s4-selftest: Fix test name for samba.tests.dcerpc.bareAndrew Bartlett2012-08-151-1/+1
|
* s4:samba-tool/drs: print the dns name of the server belonging to a connectionStefan Metzmacher2012-08-141-1/+4
| | | | | | Pair-Programmed-With: Björn Baumbach <bb@sernet.de> metze
* s4-classicupgrade: Tests if sam policies exist before trying to import them.Wesley Young2012-08-141-21/+28
| | | | Signed-off-by: Andrew Bartlett <abartlet@samba.org>
* s4-dsdb: Explain better what records are written during schema setAndrew Bartlett2012-08-102-7/+7
| | | | | | This is controlled by setting write_indices_and_attributes. Andrew Bartlett
* s4-dsdb: Ensure we have indexing enabled during the provisionAndrew Bartlett2012-08-091-1/+6
| | | | | | | | | | | Because we set the schema before we connected the ldb to a file, the @INDEX records were not added until next startup. This cost 100% more time in running provision on my laptop. Andrew Bartlett Autobuild-User(master): Andrew Bartlett <abartlet@samba.org> Autobuild-Date(master): Thu Aug 9 08:20:36 CEST 2012 on sn-devel-104
* s4-pydsdb: Provide control of if we should write index attributes when ↵Andrew Bartlett2012-08-091-4/+4
| | | | | | | | reloading a schema This allows us to carefully control the loading of the schema. Andrew Bartlett
* s4-scripting: Remove unused variables from ntacl testsAndrew Bartlett2012-08-071-10/+0
| | | | | Autobuild-User(master): Andrew Bartlett <abartlet@samba.org> Autobuild-Date(master): Tue Aug 7 11:15:41 CEST 2012 on sn-devel-104
* s4:domain join: setup RODC invocationIdStefan Metzmacher2012-08-041-0/+26
| | | | | | | | | Pair-Programmed-With: Björn Baumbach <bb@sernet.de> metze Autobuild-User(master): Stefan Metzmacher <metze@samba.org> Autobuild-Date(master): Sat Aug 4 18:27:21 CEST 2012 on sn-devel-104
* s4-samba-tool ldapcmp: Fix synopsisAndrew Bartlett2012-07-301-1/+1
| | | | | Autobuild-User(master): Andrew Bartlett <abartlet@samba.org> Autobuild-Date(master): Mon Jul 30 06:25:46 CEST 2012 on sn-devel-104
* s4-samba-tool ldapcmp: Add ridNextRID and rIDPreviousAllocationPool as ↵Andrew Bartlett2012-07-301-0/+1
| | | | per-DC attributes
* s4-dbcheck: Add lastKnownParent when moving an object to lostAndFoundAndrew Bartlett2012-07-281-7/+28
| | | | | Autobuild-User(master): Andrew Bartlett <abartlet@samba.org> Autobuild-Date(master): Sat Jul 28 05:40:43 CEST 2012 on sn-devel-104
* s4-classicupgrade: Add unix attributes during upgradeGeza Gemes2012-07-221-1/+108
| | | | | | | Signed-off-by: Andrew Bartlett <abartlet@samba.org> Autobuild-User(master): Andrew Bartlett <abartlet@samba.org> Autobuild-Date(master): Sun Jul 22 13:20:20 CEST 2012 on sn-devel-104
* s4-dbcheck: Check for and correct incorrect instanceType valuesAndrew Bartlett2012-07-181-0/+45
|
* s4-provision: Provide YP/NIS subtree to allow ADUC to see and set rfc2307 attrsGeza Gemes2012-07-131-1/+26
| | | | | | | | | | When provisioning with --use_rfc2307=yes populate the subtree: CN=ypServ30,CN=RpcServices,CN=System,${DOMAINDN} This makes it possible to manipulate the posix attributes via ADUC (commit message adjusted by abartlet) Signed-off-by: Andrew Bartlett <abartlet@samba.org>
* s4-dbcheck: Check for an object without a parentAndrew Bartlett2012-07-061-0/+44
| | | | | | | Such objects are then moved to the appropriate LostAndFound container, just as they would be if replicated. Andrew Bartlett
* pydsdb: Add bindings for dsdb_wellknown_dn()Andrew Bartlett2012-07-061-0/+3
|
* s4-pydsdb: Add bindings for dsdb_find_nc_root()Andrew Bartlett2012-07-061-0/+3
|
* s4-classicupgrade: Demote any other 'BDC' accounts back to a member server ↵Andrew Bartlett2012-07-061-2/+12
| | | | | | | | | | | | during upgrade This makes it clear that they cannot be a DC until they are upgraded with samba-tool domain dcpromo. Andrew Bartlett Autobuild-User(master): Andrew Bartlett <abartlet@samba.org> Autobuild-Date(master): Fri Jul 6 09:59:13 CEST 2012 on sn-devel-104
* s4-samba-tool: Provide a samba-tool domain dcpromo that upgrades a member to ↵Andrew Bartlett2012-07-062-10/+121
| | | | | | | | | | | a DC This command is like dcpromo in that it upgrades the existing workstation account to be a domain controller. The SID (and therefore any file ownerships) is preserved. Andrew Bartlett
* samba-tool: gpo: Update copyrightAmitay Isaacs2012-07-031-1/+1
| | | | | Autobuild-User(master): Amitay Isaacs <amitay@samba.org> Autobuild-Date(master): Tue Jul 3 09:10:21 CEST 2012 on sn-devel-104
* samba-tool: gpo: Improve error messagesAmitay Isaacs2012-07-031-26/+28
| | | | Signed-off-by: Amitay Isaacs <amitay@gmail.com>
* samba-tool: gpo: Add del subcommand to delete GPOAmitay Isaacs2012-07-031-0/+79
| | | | Thanks to Denis Bonnenfant <denis.bonnenfant@diderot.org> for patch.
* samba-tool: gpo: Add listcontainers subcommand to list containers using ↵Amitay Isaacs2012-07-031-0/+37
| | | | | | given GPO Thanks to Denis Bonnenfant <denis.bonnenfant@diderot.org> for patch.
* samba-tool: gpo: Use utility function dc_url() to set the connection urlAmitay Isaacs2012-07-031-9/+18
| | | | | | In create and fetch subcommands, we also need to know DC hostname. So first find a DC and use DC hostname to construct connection url. If ldap:// url is specified with -H, then use that to construct DC hostname.
* samba-tool: gpo: Refactor code using utility functionsAmitay Isaacs2012-07-031-40/+8
|
* samba-tool: gpo: Add utility functions get_gpo_containers and del_gpo_linkAmitay Isaacs2012-07-031-0/+50
| | | | Thanks to Denis Bonnenfant <denis.bonnenfant@diderot.org> for patch
* samba-tool: Fix indentationAmitay Isaacs2012-07-032-4/+4
| | | | Thanks to Denis Bonnenfant <denis.bonnenfant@diderot.org> for patch.
* samba-tool: gpo: Use gpo (id) instead of gpo_dn (DN)Amitay Isaacs2012-07-031-3/+3
| | | | Thanks to Denis Bonnenfant <denis.bonnenfant@diderot.org> for patch.
* samba-tool: gpo: Correct the attribute name from gPlink to gPLinkAmitay Isaacs2012-07-031-3/+3
| | | | Thanks to Denis Bonnenfant <denis.bonnenfant@diderot.org> for patch.
* samba-tool: gpo: Fix policy DNAmitay Isaacs2012-07-031-1/+1
| | | | Thanks to Denis Bonnenfant <denis.bonnenfant@diderot.org> for patch.
* s4-join: Setup correct DNS configurationAndrew Bartlett2012-06-242-28/+76
| | | | | | | | | This means we do not need to run samba_upgradedns any more. Andrew Bartlett Autobuild-User(master): Andrew Bartlett <abartlet@samba.org> Autobuild-Date(master): Sun Jun 24 18:10:10 CEST 2012 on sn-devel-104
* s4-join: Import DNS zones in AD DC joinAndrew Bartlett2012-06-252-20/+57
|
* s4-classicupgrade: Allow DNS backend to be specifiedAndrew Bartlett2012-06-242-6/+12
|
* samdb: Accept a list of member variables rather than a comma-separated string.Jelmer Vernooij2012-06-212-6/+8
|
generated by cgit (git 2.34.1) at 2025-07-29 17:37:52 +0000