From fa4023d6f73920765aa5fdbcdd6fd934782258cf Mon Sep 17 00:00:00 2001 From: Matthias Dieter Wallnöfer Date: Thu, 17 Sep 2009 21:19:24 +0200 Subject: s4:provision - Some rework (continuation) - Fix up "servicePrincipalNames" attributes on the DC object - Add some informative comments (most in "provision_self_join.ldif") - Add also comments where objects are missing which we may add later when we support the feature (mainly for FRS) - Add "domain updates" objects also under "CN=Configuration" (they exist twice) - Add the default services under "Services" to allow interoperability with some MS client tools - Smaller changes --- source4/scripting/python/samba/provision.py | 7 ++++--- 1 file changed, 4 insertions(+), 3 deletions(-) (limited to 'source4/scripting/python/samba/provision.py') diff --git a/source4/scripting/python/samba/provision.py b/source4/scripting/python/samba/provision.py index 4840efcb63..ca9850304e 100644 --- a/source4/scripting/python/samba/provision.py +++ b/source4/scripting/python/samba/provision.py @@ -978,6 +978,7 @@ def setup_samdb(path, setup_path, session_info, credentials, lp, "DOMAINDN": names.domaindn}) message("Setting up sam.ldb data") setup_add_ldif(samdb, setup_path("provision.ldif"), { + "CREATTIME": str(int(time.time()) * 1e7), # seconds -> ticks "DOMAINDN": names.domaindn, "NETBIOSNAME": names.netbiosname, "DEFAULTSITE": names.sitename, @@ -1005,10 +1006,10 @@ def setup_samdb(path, setup_path, session_info, credentials, lp, policyguid_dc=policyguid_dc, setup_path=setup_path, domainControllerFunctionality=domainControllerFunctionality) - # add the NTDSGUID based SPNs + ntds_dn = "CN=NTDS Settings,CN=%s,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,%s" % (names.hostname, names.domaindn) - names.ntdsguid = samdb.searchone(basedn=ntds_dn, attribute="objectGUID", - expression="", scope=SCOPE_BASE) + names.ntdsguid = samdb.searchone(basedn=ntds_dn, + attribute="objectGUID", expression="", scope=SCOPE_BASE) assert isinstance(names.ntdsguid, str) except: -- cgit From 89f5df6fa7cca1aaec81e29b8777bab5b4068003 Mon Sep 17 00:00:00 2001 From: Matthias Dieter Wallnöfer Date: Fri, 18 Sep 2009 16:21:29 +0200 Subject: s4:provision - Bump down the domain and forest level to Windows 2000 - The DC level we keep on Windows Server 2008 R2 (we should call ourself always the newest server type) - The domain/forest level we set to the minimum (Windows 2000 native) to allow all AD DC types (from Windows 2000 on) in our domain - the NT4 "mixed" mode isn't supported by us (discussed on mailing list) -> "nTMixedDomain" is set always to 0 - I'll add a script which allows to bump the DC level (basically sets the "msDS-Behaviour-Version" attributes on the "Partitions/Configuration/DC" and on the "DC" object) --- source4/scripting/python/samba/provision.py | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) (limited to 'source4/scripting/python/samba/provision.py') diff --git a/source4/scripting/python/samba/provision.py b/source4/scripting/python/samba/provision.py index ca9850304e..065677fa68 100644 --- a/source4/scripting/python/samba/provision.py +++ b/source4/scripting/python/samba/provision.py @@ -44,7 +44,7 @@ from credentials import Credentials, DONT_USE_KERBEROS from auth import system_session, admin_session from samba import version, Ldb, substitute_var, valid_netbios_name from samba import check_all_substituted -from samba import DS_DOMAIN_FUNCTION_2008_R2, DS_DC_FUNCTION_2008_R2 +from samba import DS_DOMAIN_FUNCTION_2000, DS_DC_FUNCTION_2008_R2 from samba.samdb import SamDB from samba.idmap import IDmapDB from samba.dcerpc import security @@ -835,8 +835,8 @@ def setup_samdb(path, setup_path, session_info, credentials, lp, :note: This will wipe the main SAM database file! """ - domainFunctionality = DS_DOMAIN_FUNCTION_2008_R2 - forestFunctionality = DS_DOMAIN_FUNCTION_2008_R2 + domainFunctionality = DS_DOMAIN_FUNCTION_2000 + forestFunctionality = DS_DOMAIN_FUNCTION_2000 domainControllerFunctionality = DS_DC_FUNCTION_2008_R2 # Also wipes the database -- cgit