summaryrefslogtreecommitdiffstats
path: root/source4/scripting/bin
Commit message (Collapse)AuthorAgeFilesLines
* s4:samba_kcc: Use 'dburl' passed from command line rather than lp.samdb_url()Kamen Mazdrashki2014-04-221-3/+3
| | | | | | | | This patch makes '-H, --URL' param to actually work as expected Change-Id: Ie7f4e9e3fc1f79a938473312e200f36de6886596 Signed-off-by: Kamen Mazdrashki <kamenim@samba.org> Reviewed-By: Jelmer Vernooij <jelmer@samba.org>
* s4:samba_kcc: fix reference to DSA object while building partial replica listKamen Mazdrashki2014-04-221-1/+1
| | | | | | Change-Id: I33209dfd42d8c3af8d80b862ba0022d15385311b Signed-off-by: Kamen Mazdrashki <kamenim@samba.org> Reviewed-By: Jelmer Vernooij <jelmer@samba.org>
* s4:samba_kcc: Fix error handling opening export ldif fileKamen Mazdrashki2014-04-221-2/+2
| | | | | | Change-Id: If52440272513ef244e33481476da0e884969153c Signed-off-by: Kamen Mazdrashki <kamenim@samba.org> Reviewed-By: Jelmer Vernooij <jelmer@samba.org>
* s4:KCC: Use dsdb.DS_DOMAIN_FUNCTION_2008 constant for DS-Behavior comparisonsKamen Mazdrashki2014-04-221-4/+4
| | | | | | | | | DS_BEHAVIOR_WIN2008 was used so far which is a leftover from previous KCC implementation in "C" Change-Id: Id9b6551073c0b17cc27e086faa315b01305f39a5 Signed-off-by: Kamen Mazdrashki <kamenim@samba.org> Reviewed-By: Jelmer Vernooij <jelmer@samba.org>
* script to generate content for libcli/util/nterr.c & libcli/util/ntstatus.hNoel Power2014-04-021-0/+243
| | | | | | | | | | | | | | A ropey script to generate some missing NT_STATUS error codes and and descriptions. The script generates ntstatus.c & ntstatus.h whose contents are used to extend the existing contents of libcli/util/nterr.c & libcli/util/ntstatus.h Signed-off-by: Noel Power <noel.power@suse.com> Reviewed-by: David Disseldorp <ddiss@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org> Autobuild-User(master): Stefan Metzmacher <metze@samba.org> Autobuild-Date(master): Wed Apr 2 22:40:06 CEST 2014 on sn-devel-104
* script to generate libcli/util/hresult.c & libcli/util/hresult.hNoel Power2014-04-021-0/+207
| | | | | | | | | | | This hacky script was used to generate the contents of libcli/util/hresult.c & libcli/util/hresult.h. It expects the table contents of http://msdn.microsoft.com/en-us/library/cc704587.aspx cut'n'pasted into the text file specified as it's single required input param Signed-off-by: Noel Power <noel.power@suse.com> Reviewed-by: David Disseldorp <ddiss@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org>
* samba-tool: make provision check for bind versionGarming Sam2014-03-091-1/+1
| | | | | | | | | | | | (small corrections and TODO added following Jelmer's review by abartlet) Signed-off-by: Garming Sam <garming@catalyst.net.nz> Change-Id: Iba9a709641dad9f2ae05df0b26ac4cd2ebfc84f0 Reviewed-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Jelmer Vernooij <jelmer@samba.org> Autobuild-User(master): Andrew Bartlett <abartlet@samba.org> Autobuild-Date(master): Sun Mar 9 02:52:50 CET 2014 on sn-devel-104
* samba_upgradedns: message the user if they need to change smb.confRicky Nance2014-01-071-0/+16
| | | | | | | | Reviewed-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Kai Blin <kai@samba.org> Autobuild-User(master): Andrew Bartlett <abartlet@samba.org> Autobuild-Date(master): Tue Jan 7 06:05:15 CET 2014 on sn-devel-104
* samba-tool domain join subdomain: Rework sambadns.py to allow setup of ↵Andrew Bartlett2013-10-111-2/+3
| | | | | | | | | | | | | | DomainDNSZone only This skips handling the ForestDNSZone when we are setting up a subdomain. Andrew Bartlett Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org> Autobuild-User(master): Stefan Metzmacher <metze@samba.org> Autobuild-Date(master): Fri Oct 11 10:27:49 CEST 2013 on sn-devel-104
* provision: Remove --username and --password options from samba-tool domain ↵Andrew Bartlett2013-10-111-1/+1
| | | | | | | | | | | | | | | provision This avoids confusion, because the LDAP backend does not use these, and they do not set the password for the administrator account either! This may break support for the 'existing' backend LDAP backend, but that is nothing more than a stub for future development anyway, and new work in this area should use EXTERNAL in any case. Signed-off-by: Andrew Bartlett <abartlet@samba.org> Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org>
* samba_backup: fix bug, add command line parameter, improve error messagesBrian Martin2013-10-051-15/+37
| | | | | | | | | | | Also remove .bak suffix from tdb/ldb backups for more consistent restore procedures Reviewed-by: Andreas Schneider <asn@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Matthieu Patou <mat@matws.net> Autobuild-User(master): Andrew Bartlett <abartlet@samba.org> Autobuild-Date(master): Sat Oct 5 13:51:34 CEST 2013 on sn-devel-104
* scripting/samba_upgradedns: Tighten up exception and attribute list handlingAndrew Bartlett2013-09-041-9/+10
| | | | | | | | | | This avoids asking for attributes that will not be used, and looks only for the expected exceptions, rather than all exceptions. Andrew Bartlett Reviewed-by: Stefan Metzmacher <metze@samba.org> Signed-off-by: Andrew Bartlett <abartlet@samba.org>
* scripting/join.py: Handle creating the dns-NAME account during a DC joinAndrew Bartlett2013-09-041-1/+10
| | | | | | | | | | This will ensure that the DLZ plugin works out of the box when joining a second Samba DC to the domain. Andrew Bartlett Reviewed-by: Stefan Metzmacher <metze@samba.org> Signed-off-by: Andrew Bartlett <abartlet@samba.org>
* s4:samba_upgradedns: don't pass linklocal=False to interface_ips_v6()Stefan Metzmacher2013-08-301-1/+1
| | | | | | | This is the default... Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Bjoern Jacke <bj@sernet.de>
* Avoid leaking temp file if an exception is raisedJean Raby2013-04-111-1/+5
| | | | | | | Reviewed-by: Andrew Bartlett <abartlet@samba.org> Autobuild-User(master): Andrew Bartlett <abartlet@samba.org> Autobuild-Date(master): Thu Apr 11 06:06:03 CEST 2013 on sn-devel-104
* scripting: Fill the ProvisionNames hash with strings, not ldb.MessageElement ↵Andrew Bartlett2013-03-251-15/+1
| | | | | | | | | | | | | or Dn This avoids the need to fix it up again in samba_upgradedns. Andrew Bartlett Reviewed-by: Stefan Metzmacher <metze@samba.org> Autobuild-User(master): Stefan Metzmacher <metze@samba.org> Autobuild-Date(master): Mon Mar 25 13:25:30 CET 2013 on sn-devel-104
* scripting: Move get_diff_sds from samba.upgradehelpers to samba.descriptorAndrew Bartlett2013-03-251-2/+2
| | | | | | | | This helps avoid a dependency loop when we use get_diff_sds in dbcheck. Andrew Bartlett Reviewed-by: Stefan Metzmacher <metze@samba.org>
* scripting: Modify samba.descriptor.get_wellknown_sds() use samdb calls onlyAndrew Bartlett2013-03-251-1/+1
| | | | | | | | We need this routine not to use the names context as this is tied to provision, and we end up in a circular dependency if we use that in dbcheck. Andrew Bartlett
* scripting: Move samba.provision.descriptor to samba.descriptorAndrew Bartlett2013-03-251-1/+1
| | | | | | | | | This will allow dbcheck to import it, without a cirucular dependency via samba.provision importing dbcheck. Andrew Bartlett Reviewed-by: Stefan Metzmacher <metze@samba.org>
* scripting: Make samba.provision.descriptor.get_wellknown_sds() return ldb.Dn ↵Andrew Bartlett2013-03-251-3/+2
| | | | | | | | | | | objects As we look to use this function in more places, it does not make sense to constantly create Dn objects from the strings. Andrew Bartlett Reviewed-by: Stefan Metzmacher <metze@samba.org>
* scripting: Move the list of well known SDs to samba.provision.descriptorAndrew Bartlett2013-03-251-71/+2
| | | | | | | | This will allow us to call this from dbcheck. Andrew Bartlett Reviewed-by: Stefan Metzmacher <metze@samba.org>
* samba_upgradeprovision: Do not reset every DN when changing an SDAndrew Bartlett2013-03-041-22/+8
| | | | | | | | | | | | | | | | | SD propogation is handled by an LDB module, we do not need to touch each and every DN to make it happen. Now that we do not need to put this via a hash, the dnToRecalculate list is changed to be a list of Dn objects, not strings so that: if dn in listWellknown is handled using a schema comparison (avoiding different case forms tripping it up). Andrew Bartlett Reviewed-by: Stefan Metzmacher <metze@samba.org>
* samba_upgradeprovision: do not maintain dnNotToRecalculate as a listAndrew Bartlett2013-03-041-5/+3
| | | | | | | | We only need a boolean indication, not the actual values. Andrew Bartlett Reviewed-by: Stefan Metzmacher <metze@samba.org>
* samba_upgradeprovision: only run rebuild_sd in --full modeAndrew Bartlett2013-03-041-20/+17
| | | | | | | | This is a potentially destructive routine, and should not be run by default. Andrew Bartlett Reviewed-by: Stefan Metzmacher <metze@samba.org>
* samba_upgradeprovision: Remove alwaysRecalculate, this is too dangerousAndrew Bartlett2013-03-041-4/+1
| | | | | | | | | I am unclear on why this was added, but the idea that we ever always reset data in the directory is not reasonable to me, so I am removing it. Andrew Bartlett Reviewed-by: Stefan Metzmacher <metze@samba.org>
* samba_upgradeprovision: Remove unused checkKeepAttributeOldMtdAndrew Bartlett2013-03-041-73/+6
| | | | | | | | | lastProvisionUSNs is never None, instead the code requries the administrator to populate this attribute in the directory. Andrew Bartlett Reviewed-by: Stefan Metzmacher <metze@samba.org>
* scripting: Rework samba.upgradehelpers.get_diff_sddls to be get_diff_sdsAndrew Bartlett2013-03-041-11/+10
| | | | | | | | | This moves the SDDL conversion inside the get_diff_sds function and prepares for removing inherited ACEs from the SD before comparison. Andrew Bartlett Reviewed-by: Stefan Metzmacher <metze@samba.org>
* samba_upgradeprovision: Remove auto-detection of pre-alpha9 databasesAndrew Bartlett2013-03-041-5/+6
| | | | | | | | | These are incredibly rare, and administrators running such databases not only ask the Samba Team for help personally, they can read --help. Andrew Bartlett Reviewed-by: Stefan Metzmacher <metze@samba.org>
* Remove incomplete check for IPv6 link-local addresses.Landon Fuller2013-03-021-3/+1
| | | | | | | | | | | | | This has been superceded by a check for link-local addresses in get_interfaces() Signed-Off-By: Landon Fuller <landonf@bikemonkey.org> Reviewed-By: Richard Sharpe <realrichardsharpe@gmail.com> Reviewed-by: Andrew Bartlett <abartlet@samba.org> Autobuild-User(master): Andrew Bartlett <abartlet@samba.org> Autobuild-Date(master): Sat Mar 2 08:38:54 CET 2013 on sn-devel-104
* Move python modules from source4/scripting/python/ to python/.Jelmer Vernooij2013-03-021-1/+1
| | | | | | | Reviewed-by: Andrew Bartlett <abartlet@samba.org> Autobuild-User(master): Andrew Bartlett <abartlet@samba.org> Autobuild-Date(master): Sat Mar 2 03:57:34 CET 2013 on sn-devel-104
* samba_upgradeprovision: Use tdb_util.tdb_copy not shutil.copy2Andrew Bartlett2013-02-191-13/+17
| | | | | | | | | | | | | | | This is really important, because copying a file will both ignore locks held by another process and break any locks we hold (due to POSIX brain-damage regarding multiple fds on one file in a process). By leaving this to tdbbackup in a child, both of these issues are avoided. Andrew Bartlett Reviewed-by: Matthieu Patou <mat@samba.org> Autobuild-User(master): Andrew Bartlett <abartlet@samba.org> Autobuild-Date(master): Tue Feb 19 07:48:18 CET 2013 on sn-devel-104
* samba_upgradeprovision: Do not update privileges.ldb any more (unchanged ↵Andrew Bartlett2013-02-191-16/+4
| | | | | | | | | | | | since 2009) This update was only a total oblitoration of the existing database and not a merge, and the shutil.copy would both disregard and break locks on the database that are held at this point. Andrew Bartlett Reviewed-by: Matthieu Patou <mat@samba.org>
* scripting: Make tdb_copy a common util function in samba.tdb_utilAndrew Bartlett2013-02-191-0/+1
| | | | | | | | This will allow samba_upgradeprovision to also call it. Andrew Bartlett Reviewed-by: Matthieu Patou <mat@samba.org>
* samba_upgradeprovision: Remove options to fix FS ACLsAndrew Bartlett2013-02-191-223/+204
| | | | | | | | | | | | samba-tool ntacl sysvolreset handles this better, and makes this tool much less confusing internally. Andrew Bartlett Reviewed-by: Matthieu Patou <mat@samba.org> Autobuild-User(master): Andrew Bartlett <abartlet@samba.org> Autobuild-Date(master): Tue Feb 19 06:06:41 CET 2013 on sn-devel-104
* samba_upgradeprovision: detect dns_backend for the reference provisionStefan Metzmacher2013-01-271-8/+10
| | | | | | | | | | | | | If we have a DomainDnsZone partition, we use BIND9_DLZ as backend and fix errors in the ForestDnsZone and DomainDnsZone partitions. Note: this should work fine also for SAMBA_INTERNAL. If the current setup doesn't use dns specific partitions (e.g. alpha13 setups) we pass dns_backend=BIND9_FLATFILE. Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* samba_upgradeprovision: fix the nTSecurityDescriptor on more containers (bug ↵Stefan Metzmacher2013-01-271-36/+92
| | | | | | | #9481) Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* samba_upgradeprovision: fix resetting of 'nTSecurityDescriptor' on schema ↵Stefan Metzmacher2013-01-271-1/+1
| | | | | | | | | | objects Without this schema_data_modify() will reject updates to schema objects by default. Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* samba_upgradeprovision: don't reset 'whenCreated' when resetting ↵Stefan Metzmacher2013-01-271-2/+0
| | | | | | | 'nTSecurityDescriptor' Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* scripting/samba_upgradedns: Only look for IPv4/IPv6 addresses if we actually ↵Andrew Bartlett2013-01-101-21/+22
| | | | | | | | | | | | | | them This allows the script to be used to create/remove the samba-specific dns-SERVER account when we do not need to create the in-directory partition. Andrew Bartlett Reviewed-by: Stefan Metzmacher <metze@samba.org> Autobuild-User(master): Stefan Metzmacher <metze@samba.org> Autobuild-Date(master): Thu Jan 10 20:56:50 CET 2013 on sn-devel-104
* samba_dnsupdate: set KRB5_CONFIG for nsupdate commandBjörn Baumbach2013-01-091-4/+5
| | | | | | | | | Let nslookup use krb5.conf, which is set in our KRB5_CONFIG. Signed-off-by: Björn Baumbach <bb@sernet.de> Reviewed-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* s4:samba_upgradeprovision: use the sd_flags:1:15 control with an empty sdStefan Metzmacher2012-11-301-7/+14
| | | | | | | | The sd_flags:1:15 control together with an empty security_descriptor has the same effect as the recalculate_sd:0 control (which is samba only). Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Michael Adam <obnox@samba.org>
* provision: No longer use the wheel group in new AD DomainsAndrew Bartlett2012-10-181-1/+1
| | | | | | | | | | | The issue here is that if we set S-1-5-32-544 (administrators) to a GID only, then users cannot force a mandetory profile to be owned by administrators (which is a requirement). There is no particularly useful reason for us to enforce this matching a system group. Andrew Bartlett
* s4: samba_backup: Fix typos.Björn Baumbach2012-10-031-2/+2
| | | | Signed-off-by: Stefan Metzmacher <metze@samba.org>
* s4-python: Various formatting fixes.Jelmer Vernooij2012-09-273-72/+76
| | | | | | * Trailing whitespace * use of "==" where "is" should be used * double spaces
* samba_dnsupdate: Safely update/create names for Samba3 targets as wellAndrew Bartlett2012-09-261-4/+14
| | | | | | | | | | This avoids unlocked writes to the dns_hosts_file, and may fix some of our issues on the build farm where large numbers of tests fail due to failed name resolution. Andrew Bartlett Autobuild-User(master): Andrew Bartlett <abartlet@samba.org> Autobuild-Date(master): Wed Sep 26 05:48:25 CEST 2012 on sn-devel-104
* samba_dnsupdate: Move to using tmpfile/rename to keep the dns_hosts_file ↵Andrew Bartlett2012-09-261-3/+10
| | | | | | | | consistent This may be the cause of some of the large failure modes on the build farm. Andrew Bartlett
* s4-python: Override SIGINT handler in scripts only.Jelmer Vernooij2012-09-254-1/+26
| | | | | | | | | | | | Override the SIGINT handler in a few select cases only, rather than doing so in one of the samba Python modules. I've done this where it matters most; we can add this code to other scripts too if necessary. This means that importing the 'samba' module from a third party application does not have side-effects on the state of the signal handlers. Bug: https://bugzilla.samba.org/show_bug.cgi?id=9068
* s4:samba_upgradedns: delete dns-HOSTNAME account if using the internal dns ↵Stefan Metzmacher2012-09-121-0/+28
| | | | | | server metze
* s4 dns: use the internal DNS server per defaultKai Blin2012-09-121-3/+3
|
* s4:scripting: rename upgradeprovision -> samba_upgradeprovisionStefan Metzmacher2012-09-122-1/+1
| | | | metze
generated by cgit (git 2.34.1) at 2025-06-15 03:20:13 +0000