From f83e754ae61046fd441cbaf09a825378c3ab2ff2 Mon Sep 17 00:00:00 2001 From: Sreepathi Pai Date: Mon, 5 Jan 2009 08:49:53 +1100 Subject: Create schema.ldif at runtime directly from ad-schema files Here's a first attempt at moving the minschema_wspp code into a library as Andrew requested. Since this script no longer has to generate CN=aggregate, I've simplified it quite a bit to a level where it almost does a line-by-line translation. This is faster and simpler, but it may not catch as many errors in the ad-schema files as the previous versions did. Signed-off-by: Andrew Bartlett --- source4/scripting/python/samba/provision.py | 30 ++++++++++++++++++++++++----- 1 file changed, 25 insertions(+), 5 deletions(-) (limited to 'source4/scripting/python/samba/provision.py') diff --git a/source4/scripting/python/samba/provision.py b/source4/scripting/python/samba/provision.py index c817bffbdd..4da8079e09 100644 --- a/source4/scripting/python/samba/provision.py +++ b/source4/scripting/python/samba/provision.py @@ -44,6 +44,7 @@ from samba.dcerpc import security import urllib from ldb import SCOPE_SUBTREE, SCOPE_ONELEVEL, SCOPE_BASE, LdbError, \ timestring, CHANGETYPE_MODIFY, CHANGETYPE_NONE +from ms_schema import read_ms_schema __docformat__ = "restructuredText" @@ -854,9 +855,10 @@ def setup_samdb(path, setup_path, session_info, credentials, lp, message("Setting up sam.ldb Samba4 schema") setup_add_ldif(samdb, setup_path("schema_samba4.ldif"), {"SCHEMADN": names.schemadn }) + message("Setting up sam.ldb AD schema") - setup_add_ldif(samdb, setup_path("schema.ldif"), - {"SCHEMADN": names.schemadn}) + data = get_schema_data(setup_path, {"SCHEMADN": names.schemadn}) + samdb.add_ldif(data) setup_add_ldif(samdb, setup_path("aggregate_schema.ldif"), {"SCHEMADN": names.schemadn}) @@ -1268,8 +1270,9 @@ def provision_backend(setup_dir=None, message=None, setup_add_ldif(schemadb, setup_path("schema_samba4.ldif"), {"SCHEMADN": names.schemadn }) - setup_add_ldif(schemadb, setup_path("schema.ldif"), - {"SCHEMADN": names.schemadn}) + + data = get_schema_data(setup_path, {"SCHEMADN": names.schemadn}) + schemadb.add_ldif(data) if ldap_backend_type == "fedora-ds": if ldap_backend_port is not None: @@ -1659,7 +1662,7 @@ def load_schema(setup_path, samdb, schemadn, netbiosname, configdn, sitename, :param serverdn: DN of the server :param servername: Host name of the server """ - schema_data = open(setup_path("schema.ldif"), 'r').read() + schema_data = get_schema_data(setup_path, {"SCHEMADN": schemadn}) schema_data += open(setup_path("schema_samba4.ldif"), 'r').read() schema_data = substitute_var(schema_data, {"SCHEMADN": schemadn}) check_all_substituted(schema_data) @@ -1679,3 +1682,20 @@ def load_schema(setup_path, samdb, schemadn, netbiosname, configdn, sitename, check_all_substituted(head_data) samdb.attach_schema_from_ldif(head_data, schema_data) + +def get_schema_data(setup_path, subst_vars = None): + """Get schema data from the AD schema files instead of schema.ldif. + + :param setup_path: Setup path function. + :param subst_vars: Optional variables to substitute in the file. + """ + + # this data used to be read from schema.ldif + + data = read_ms_schema(setup_path('ad-schema/MS-AD_Schema_Attributes_v20080618.txt'), + setup_path('ad-schema/MS-AD_Schema_Classes_v20080618.txt')) + + if subst_vars is not None: + data = substitute_var(data, subst_vars) + check_all_substituted(data) + return data -- cgit From 8be99413540f0a9f1d4a6b6630fcfd5f1e3baefc Mon Sep 17 00:00:00 2001 From: Andrew Bartlett Date: Fri, 9 Jan 2009 18:18:28 +1100 Subject: Don't parse the schema data twice --- source4/scripting/python/samba/provision.py | 20 ++++++++------------ 1 file changed, 8 insertions(+), 12 deletions(-) (limited to 'source4/scripting/python/samba/provision.py') diff --git a/source4/scripting/python/samba/provision.py b/source4/scripting/python/samba/provision.py index 4da8079e09..177f0c3639 100644 --- a/source4/scripting/python/samba/provision.py +++ b/source4/scripting/python/samba/provision.py @@ -784,10 +784,9 @@ def setup_samdb(path, setup_path, session_info, credentials, lp, if serverrole == "domain controller": samdb.set_invocation_id(invocationid) - load_schema(setup_path, samdb, names.schemadn, names.netbiosname, - names.configdn, names.sitename, names.serverdn, - names.hostname) - + schema_data = load_schema(setup_path, samdb, names.schemadn, names.netbiosname, + names.configdn, names.sitename, names.serverdn, + names.hostname) samdb.transaction_start() try: @@ -852,13 +851,8 @@ def setup_samdb(path, setup_path, session_info, credentials, lp, "PREFIXMAP_B64": b64encode(prefixmap) }) - message("Setting up sam.ldb Samba4 schema") - setup_add_ldif(samdb, setup_path("schema_samba4.ldif"), - {"SCHEMADN": names.schemadn }) - - message("Setting up sam.ldb AD schema") - data = get_schema_data(setup_path, {"SCHEMADN": names.schemadn}) - samdb.add_ldif(data) + message("Setting up sam.ldb schema") + samdb.add_ldif(schema_data) setup_add_ldif(samdb, setup_path("aggregate_schema.ldif"), {"SCHEMADN": names.schemadn}) @@ -1661,6 +1655,8 @@ def load_schema(setup_path, samdb, schemadn, netbiosname, configdn, sitename, :param configdn: DN of the configuration :param serverdn: DN of the server :param servername: Host name of the server + + Returns the schema data loaded, to avoid double-parsing when then needing to add it to the db """ schema_data = get_schema_data(setup_path, {"SCHEMADN": schemadn}) schema_data += open(setup_path("schema_samba4.ldif"), 'r').read() @@ -1681,7 +1677,7 @@ def load_schema(setup_path, samdb, schemadn, netbiosname, configdn, sitename, }) check_all_substituted(head_data) samdb.attach_schema_from_ldif(head_data, schema_data) - + return schema_data; def get_schema_data(setup_path, subst_vars = None): """Get schema data from the AD schema files instead of schema.ldif. -- cgit From 8249383efb2037bb234dd040ebe151329cc4feb9 Mon Sep 17 00:00:00 2001 From: Andrew Bartlett Date: Wed, 18 Feb 2009 15:17:02 +1100 Subject: Add the new, updated AD schema file from Microsoft Also remove the copy of the licence text from licence.txt, to ensure we don't get variations between the copies. Andrew Bartlett --- source4/scripting/python/samba/provision.py | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'source4/scripting/python/samba/provision.py') diff --git a/source4/scripting/python/samba/provision.py b/source4/scripting/python/samba/provision.py index 177f0c3639..1ac0e4553e 100644 --- a/source4/scripting/python/samba/provision.py +++ b/source4/scripting/python/samba/provision.py @@ -1688,8 +1688,8 @@ def get_schema_data(setup_path, subst_vars = None): # this data used to be read from schema.ldif - data = read_ms_schema(setup_path('ad-schema/MS-AD_Schema_Attributes_v20080618.txt'), - setup_path('ad-schema/MS-AD_Schema_Classes_v20080618.txt')) + data = read_ms_schema(setup_path('ad-schema/MS-AD_Schema_2K8Attributes.txt'), + setup_path('ad-schema/MS-AD_Schema_2K8Classes.txt')) if subst_vars is not None: data = substitute_var(data, subst_vars) -- cgit From 17aac8cad2b3fe4b23eaebd869b1538735a1954a Mon Sep 17 00:00:00 2001 From: Andrew Bartlett Date: Thu, 5 Mar 2009 16:52:11 +1100 Subject: Remove ad2oLschema, insted call it directly from provision-backend This removes a level of indirection via external binaries in the provision-backend code, and also makes better use of our internal code for loading schema from an LDIF file. Remaining to do: Sort the output again, as the load from LDIF is unsorted (also needed because the normal LDB load from sorted input is too slow anyway, and is only needed here). Andrew Bartlett --- source4/scripting/python/samba/provision.py | 22 ++++++++++------------ 1 file changed, 10 insertions(+), 12 deletions(-) (limited to 'source4/scripting/python/samba/provision.py') diff --git a/source4/scripting/python/samba/provision.py b/source4/scripting/python/samba/provision.py index 8029565399..ed6548b13b 100644 --- a/source4/scripting/python/samba/provision.py +++ b/source4/scripting/python/samba/provision.py @@ -1245,7 +1245,7 @@ def provision_backend(setup_dir=None, message=None, except OSError: pass - schemadb = Ldb(schemadb_path, lp=lp) + schemadb = SamDB(schemadb_path, lp=lp) prefixmap = open(setup_path("prefixMap.txt"), 'r').read() @@ -1263,10 +1263,8 @@ def provision_backend(setup_dir=None, message=None, "PREFIXMAP_B64": b64encode(prefixmap) }) - setup_add_ldif(schemadb, setup_path("schema_samba4.ldif"), - {"SCHEMADN": names.schemadn }) - - data = get_schema_data(setup_path, {"SCHEMADN": names.schemadn}) + data = load_schema(setup_path, schemadb, names.schemadn, names.netbiosname, + names.configdn, DEFAULTSITE, names.serverdn) schemadb.add_ldif(data) if ldap_backend_type == "fedora-ds": @@ -1480,10 +1478,10 @@ def provision_backend(setup_dir=None, message=None, ldapuser = "--username=samba-admin" - - schema_command = "bin/ad2oLschema --option=convert:target=" + ldap_backend_type + " -I " + setup_path(mapping) + " -H tdb://" + schemadb_path + " -O " + os.path.join(paths.ldapdir, backend_schema) - - os.system(schema_command) + + backend_schema_data = schemadb.convert_schema_to_openldap(ldap_backend_type, open(setup_path(mapping), 'r').read()) + assert backend_schema_data is not None + open(os.path.join(paths.ldapdir, backend_schema), 'w').write(backend_schema_data) message("Your %s Backend for Samba4 is now configured, and is ready to be started" % ldap_backend_type) message("Server Role: %s" % serverrole) @@ -1646,7 +1644,7 @@ def create_krb5_conf(path, setup_path, dnsdomain, hostname, realm): def load_schema(setup_path, samdb, schemadn, netbiosname, configdn, sitename, - serverdn, servername): + serverdn): """Load schema for the SamDB. :param samdb: Load a schema into a SamDB. @@ -1655,7 +1653,6 @@ def load_schema(setup_path, samdb, schemadn, netbiosname, configdn, sitename, :param netbiosname: NetBIOS name of the host. :param configdn: DN of the configuration :param serverdn: DN of the server - :param servername: Host name of the server Returns the schema data loaded, to avoid double-parsing when then needing to add it to the db """ @@ -1674,7 +1671,6 @@ def load_schema(setup_path, samdb, schemadn, netbiosname, configdn, sitename, "DEFAULTSITE": sitename, "PREFIXMAP_B64": prefixmap, "SERVERDN": serverdn, - "SERVERNAME": servername, }) check_all_substituted(head_data) samdb.attach_schema_from_ldif(head_data, schema_data) @@ -1685,6 +1681,8 @@ def get_schema_data(setup_path, subst_vars = None): :param setup_path: Setup path function. :param subst_vars: Optional variables to substitute in the file. + + Returns the schema data after substitution """ # this data used to be read from schema.ldif -- cgit From 4c32d8f1a704c9d6df09f62cc5f4caa569687c5e Mon Sep 17 00:00:00 2001 From: Andrew Bartlett Date: Fri, 6 Mar 2009 12:14:08 +1100 Subject: Load the schema for provision-backend in a transaction Loading data in a transaction is faster than without. Andrew Bartlett --- source4/scripting/python/samba/provision.py | 42 ++++++++++++++++------------- 1 file changed, 24 insertions(+), 18 deletions(-) (limited to 'source4/scripting/python/samba/provision.py') diff --git a/source4/scripting/python/samba/provision.py b/source4/scripting/python/samba/provision.py index ed6548b13b..d089cb2513 100644 --- a/source4/scripting/python/samba/provision.py +++ b/source4/scripting/python/samba/provision.py @@ -1246,26 +1246,32 @@ def provision_backend(setup_dir=None, message=None, pass schemadb = SamDB(schemadb_path, lp=lp) + schemadb.transaction_start() + try: - prefixmap = open(setup_path("prefixMap.txt"), 'r').read() + prefixmap = open(setup_path("prefixMap.txt"), 'r').read() - setup_add_ldif(schemadb, setup_path("provision_schema_basedn.ldif"), - {"SCHEMADN": names.schemadn, - "ACI": "#", - }) - setup_modify_ldif(schemadb, - setup_path("provision_schema_basedn_modify.ldif"), \ - {"SCHEMADN": names.schemadn, - "NETBIOSNAME": names.netbiosname, - "DEFAULTSITE": DEFAULTSITE, - "CONFIGDN": names.configdn, - "SERVERDN": names.serverdn, - "PREFIXMAP_B64": b64encode(prefixmap) - }) - - data = load_schema(setup_path, schemadb, names.schemadn, names.netbiosname, - names.configdn, DEFAULTSITE, names.serverdn) - schemadb.add_ldif(data) + setup_add_ldif(schemadb, setup_path("provision_schema_basedn.ldif"), + {"SCHEMADN": names.schemadn, + "ACI": "#", + }) + setup_modify_ldif(schemadb, + setup_path("provision_schema_basedn_modify.ldif"), \ + {"SCHEMADN": names.schemadn, + "NETBIOSNAME": names.netbiosname, + "DEFAULTSITE": DEFAULTSITE, + "CONFIGDN": names.configdn, + "SERVERDN": names.serverdn, + "PREFIXMAP_B64": b64encode(prefixmap) + }) + + data = load_schema(setup_path, schemadb, names.schemadn, names.netbiosname, + names.configdn, DEFAULTSITE, names.serverdn) + schemadb.add_ldif(data) + except: + schemadb.transaction_cancel() + raise + schemadb.transaction_commit() if ldap_backend_type == "fedora-ds": if ldap_backend_port is not None: -- cgit From 5ffe7de34845839f2306484cf882a43d2ea2acf1 Mon Sep 17 00:00:00 2001 From: Andrew Bartlett Date: Wed, 11 Mar 2009 12:16:27 +1100 Subject: s4:provision load_schema in provision.py no longer takes a hostname This was missed in the earlier work to use this in provision-backend Andrew Bartlett --- source4/scripting/python/samba/provision.py | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) (limited to 'source4/scripting/python/samba/provision.py') diff --git a/source4/scripting/python/samba/provision.py b/source4/scripting/python/samba/provision.py index d089cb2513..1e34b11d0a 100644 --- a/source4/scripting/python/samba/provision.py +++ b/source4/scripting/python/samba/provision.py @@ -785,8 +785,7 @@ def setup_samdb(path, setup_path, session_info, credentials, lp, samdb.set_invocation_id(invocationid) schema_data = load_schema(setup_path, samdb, names.schemadn, names.netbiosname, - names.configdn, names.sitename, names.serverdn, - names.hostname) + names.configdn, names.sitename, names.serverdn) samdb.transaction_start() try: -- cgit From 354ba5e2e35c0adb2dd04f81a6ce7d1d721f31dc Mon Sep 17 00:00:00 2001 From: Andrew Bartlett Date: Fri, 3 Apr 2009 08:18:14 +1100 Subject: s4:schema Update Windows 2008 schema from Microsoft to latest version --- source4/scripting/python/samba/provision.py | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'source4/scripting/python/samba/provision.py') diff --git a/source4/scripting/python/samba/provision.py b/source4/scripting/python/samba/provision.py index 64908ccb4d..189c93a1fc 100644 --- a/source4/scripting/python/samba/provision.py +++ b/source4/scripting/python/samba/provision.py @@ -1692,8 +1692,8 @@ def get_schema_data(setup_path, subst_vars = None): # this data used to be read from schema.ldif - data = read_ms_schema(setup_path('ad-schema/MS-AD_Schema_2K8Attributes.txt'), - setup_path('ad-schema/MS-AD_Schema_2K8Classes.txt')) + data = read_ms_schema(setup_path('ad-schema/MS-AD_Schema_2K8_Attributes.txt'), + setup_path('ad-schema/MS-AD_Schema_2K8_Classes.txt')) if subst_vars is not None: data = substitute_var(data, subst_vars) -- cgit