| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
On production systems a user for sure strongly disagrees to use local IP
addresses (how should the server be accessible?). Therefore if the user didn't
specify an IP as provision option and in the "/etc/hosts" file we have at
least one not-local IP which resolves to our hostname use this or one of them.
Notice: if a host has more public IP addresses with the same name assigned the
behaviour is non-deterministic (well, okay - by the entries order it is). But
then the user is invited to specify the host IP manually.
This should address bug #5484.
|
| |
|
|
|
| |
This prevents bind from getting confused if it has a journal for the
zone.
|
| |
|
|
|
|
|
| |
The zone file needs to be writeable by bind to allow for it to flush
its journal on dynamic updates
Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
|
| |
|
|
|
|
|
| |
Returns both uSNHighest and uSNUrgent as a dict object in Python
from a given partition dn.
Signed-off-by: Andrew Tridgell <tridge@samba.org>
|
| |
|
|
|
|
|
|
|
|
| |
Previously the "no_pass" and "no_pass2" variables weren't handled correctly.
Since at the initialisation of the "CredentialsOptions" we don't have any
password at all. Only afterwards we could get one through "set_password".
If a password is specified, use it. If no password is specified, consider the
use fo an input mask on STDOUT. But if the loadparm context contains one prefer
it over the input.
|
| |
|
|
|
| |
this makes it easier to modify the script to set us at R2 level in
provision. We should make this a parameter.
|
| |
|
|
|
| |
emacs creates symlinks to .py files while you are editing them. This
could cause build failures.
|
| |
|
|
|
|
|
|
|
|
| |
Use short name (shortcut for wellknown SID/RID) for assignee in each entry of ACL (when possible)
of sysvol files (GPO objects and netlogon folders).
This avoid error prone substitution of DOMAINSID in ACL and make ACL clearer by using shortname
for assignee accordingly with SDDL synthax rules. Translation to real SID is handled internaly by the
from_sddl function.
Signed-off-by: Matthias Dieter Wallnöfer <mwallnoefer@yahoo.de>
|
| |
|
|
|
|
|
| |
This allow to be able to run net acl set xxx yyy on DC, but also on domain
member.
Signed-off-by: Matthias Dieter Wallnöfer <mwallnoefer@yahoo.de>
|
| |
|
|
|
|
| |
running as a non root user
Signed-off-by: Matthias Dieter Wallnöfer <mwallnoefer@yahoo.de>
|
| | |
|
| |
|
|
|
|
| |
The named.conf.update file will be filled in at runtime by Samba to
contain the list of bind9 grant rules for granting DNS dynamic update
permissions on the domain.
|
| |
|
|
|
|
|
|
| |
This allows the permissions to be correctly set for bind to write to
a journal file. It also sets the right group ownership and permissions
on the files that bind needs to access.
Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
|
| |
|
|
|
|
| |
Our testers put up with a lot of odd things when testing out Samba4.
Andrew Bartlett
|
| |
|
|
|
|
|
|
| |
For some reason, JHT keeps on creating an empty smb.conf file,
expecting it to be the same as a non-existant one. It is easier to
just realise what he meant.
Andrew Bartlett
|
| |
|
|
| |
This was needed only by Python 2.3 which we no longer support.
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
The command allows the user to transfer a fsmo role to the server to which
the connection is established. Roles can be transferred or seized. By default a
transfer is attempted even if seize option is chosen, as it is dangerous to
seize a role if the current owner is still running.
example use:
net fsmo show --host=hostnameoraddress --username=username --password=password
net fsmo transfer --role=role --host=hostnameoraddress --username=username --password=password
net fsmo seize --role=role --host=hostnameoraddress --username=username --password=password [--force]
Tested against Win2008. Does not work for samba 4 yet as we are missing the GetNCChanges extensions.
|
| | |
|
| | |
|
| |
|
|
| |
Signed-off-by: Matthias Dieter Wallnöfer <mwallnoefer@yahoo.de>
|
| | |
|
| | |
|
| | |
|
| | |
|
| | |
|
| | |
|
| | |
|
| | |
|
| | |
|
| |
|
|
|
|
| |
setntacl is able to set NTACL attribute from command line
getntacl now use getopt for parsing command line option and is also able to
dump the acl in the SDDL format.
|
| |
|
|
|
| |
This option allow simple user (non root) to invoke provision without facing an error
while insuring that ACL on shared files will always be set
|
| |
|
|
| |
make unit test emit a visible warning
|
| | |
|
| | |
|
| |
|
|
| |
storing xattr
|
| | |
|
| |
|
|
|
| |
Make unixid optional, if value not supplied next id from id pool will be used.
Create a function to get next id in id pool.
|
| |
|
|
| |
with ACL in LDAP
|
| | |
|
| | |
|
| | |
|
| | |
|
| | |
|
| |
|
|
|
|
|
|
| |
This tool is integrated with Samba4 Ldb. It provides a useful output
where you can find easy differences in objects or attributes within
naming context (Domain, Configuration or Schema).
Added functionality for two sets of credentials.
|
| |
|
|
|
| |
This was preventing a DCPROMO client from allowing outgoing
replication
|
| |
|
|
| |
Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
|
| |
|
|
|
|
| |
These are missing from the WSPP schemas
Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
|
| |
|
|
|
|
| |
We need a machine account so the RID allocation code can work. It
seems better to use the same code paths for a domain controller and
standalone server to avoid testing headaches with little used code.
|
| |
|
|
|
|
| |
This enables the full schema during the rest of the provision, which
means indexing is enabled (along with index error checking, such as
duplicate SIDs)
|
