samba.git - Unnamed repository; edit this file 'description' to name the repository.

	Commit message (Collapse)	Author	Age	Files	Lines
*	Move python modules from source4/scripting/python/ to python/.	Jelmer Vernooij	2013-03-02	5	-4695/+0
\| \| \| \| \| \| \|	Reviewed-by: Andrew Bartlett <abartlet@samba.org> Autobuild-User(master): Andrew Bartlett <abartlet@samba.org> Autobuild-Date(master): Sat Mar 2 03:57:34 CET 2013 on sn-devel-104
*	scripting: Make tdb_copy a common util function in samba.tdb_util	Andrew Bartlett	2013-02-19	1	-20/+1
\| \| \| \| \| \| \| \|	This will allow samba_upgradeprovision to also call it. Andrew Bartlett Reviewed-by: Matthieu Patou <mat@samba.org>
*	scripting: Make tdb_copy use the python subprocess module	Andrew Bartlett	2013-02-19	1	-7/+9
\| \| \| \| \| \| \| \|	This makes the code more robust to spaces in the file names (etc). Andrew Bartlett Reviewed-by: Matthieu Patou <mat@samba.org>
*	samba-tool/domain provision: add support for utf-8 passwords for --adminpass	Stefan Metzmacher	2013-02-04	1	-0/+1
\| \| \| \| \| \| \| \|	Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Michael Adam <obnox@samba.org> Autobuild-User(master): Michael Adam <obnox@samba.org> Autobuild-Date(master): Mon Feb 4 18:54:32 CET 2013 on sn-devel-104
*	provision: setup names.dns_backend	Stefan Metzmacher	2013-01-27	1	-0/+26
\| \| \| \| \| \| \| \| \| \| \| \| \|	If we have a DomainDnsZone partition: - we use BIND9_DLZ as backend if a dns-<netbiosname> account is available - otherwise, we use SAMBA_INTERNAL else: - we use BIND9_FLATFILE if a dns or dns-<netbiosname> account is available - otherwise, we use NONE Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
*	provision: fix nTSecurityDescriptor of containers in the DnsZones (bug #9481)	Stefan Metzmacher	2013-01-27	1	-11/+19
\| \| \| \| \|	Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
*	provision: fix nTSecurityDescriptor attributes of CN=*,${CONFIGDN} (bug #9481)	Stefan Metzmacher	2013-01-27	1	-0/+21
\| \| \| \| \|	Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
*	provision: fix nTSecurityDescriptor of CN={LostAndFound,System},${DOMAINDN} ↵	Stefan Metzmacher	2013-01-27	1	-0/+4
\| \| \| \| \| \| \|	(bug #9481) Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
*	provision: setup names.name_map['DnsAdmins']	Stefan Metzmacher	2013-01-27	1	-0/+5
\| \| \| \| \|	Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
*	provision: introduce names.name_map = {}	Stefan Metzmacher	2013-01-27	1	-0/+1
\| \| \| \| \| \| \| \|	This will be used to translated names in SDDL values, which are not wellknown, e.g. 'DnsAdmins'. Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
*	provision: add get_dns_{forest,domain}_microsoft_dns_descriptor()	Stefan Metzmacher	2013-01-27	2	-0/+16
\| \| \| \| \|	Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
*	provision: add get_config_ntds_quotas_descriptor()	Stefan Metzmacher	2013-01-27	2	-0/+8
\| \| \| \| \|	Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
*	provision: add get_{config,domain}_delete_protected*_descriptor()	Stefan Metzmacher	2013-01-27	2	-0/+40
\| \| \| \| \|	Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
*	provision: add optional name_map={} argument to get_*_descriptor()	Stefan Metzmacher	2013-01-27	1	-32/+30
\| \| \| \| \| \| \| \|	This will allow subsitute non-wellkown names in the SDDL, e.g. 'DnsAdmins'. Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
*	provision: import/export get_dns_partition_descriptor()	Stefan Metzmacher	2013-01-27	1	-1/+2
\| \| \| \| \|	Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
*	provision: setup names.dns{forest,domain}dn	Stefan Metzmacher	2013-01-27	1	-1/+22
\| \| \| \| \|	Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
*	scripting-provision: Set sysvol ACLs on the sysvol share	Andrew Bartlett	2013-01-07	1	-14/+23
\| \| \| \| \| \| \| \| \| \|	This allows us to correctly load any modules that have been specified by the smb.conf for [sysvol] and issue a VFS connect operation which may be required by some VFS modules. Andrew Bartlett Reviewed-by: Jeremy Allison <jra@samba.org>
*	s4:provision: set the correct nTSecurityDescriptor on CN=Domain ↵	Stefan Metzmacher	2012-12-11	2	-0/+15
\| \| \| \| \| \| \| \| \| \|	Controllers,... (bug #9481) Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Michael Adam <obnox@samba.org> Autobuild-User(master): Michael Adam <obnox@samba.org> Autobuild-Date(master): Tue Dec 11 07:05:39 CET 2012 on sn-devel-104
*	s4:provision: set the correct nTSecurityDescriptor on CN=Users,... (bug #9481)	Stefan Metzmacher	2012-12-11	2	-1/+18
\| \| \| \| \|	Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Michael Adam <obnox@samba.org>
*	s4:provision: set the correct nTSecurityDescriptor on CN=Computers,... (bug ↵	Stefan Metzmacher	2012-12-11	2	-1/+19
\| \| \| \| \| \| \|	#9481) Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Michael Adam <obnox@samba.org>
*	s4:provision: set the correct nTSecurityDescriptor on CN=Builtin,... (bug #9481)	Stefan Metzmacher	2012-12-11	2	-0/+60
\| \| \| \| \|	Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Michael Adam <obnox@samba.org>
*	s4:provision: set the correct nTSecurityDescriptor on CN=Infrastructure,... ↵	Stefan Metzmacher	2012-12-11	2	-2/+14
\| \| \| \| \| \| \|	(bug #9481) Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Michael Adam <obnox@samba.org>
*	s4:provision: set the correct nTSecurityDescriptor on ↵	Stefan Metzmacher	2012-12-11	2	-0/+18
\| \| \| \| \| \| \|	CN=Sites,CN=Configuration... (bug #9481) Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Michael Adam <obnox@samba.org>
*	s4:provision: set the correct nTSecurityDescriptor on ↵	Stefan Metzmacher	2012-12-11	2	-0/+20
\| \| \| \| \| \| \|	CN=Partitions,CN=Configuration... (bug #9481) Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Michael Adam <obnox@samba.org>
*	s4:provision: add get_empty_descriptor()	Stefan Metzmacher	2012-11-30	2	-0/+6
\| \| \| \| \|	Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Michael Adam <obnox@samba.org>
*	provision: Make dsacl2fsacl() take a security.dom_sid, not str	Andrew Bartlett	2012-11-06	1	-2/+2
\| \| \| \| \| \| \| \|	Reviewed-by: Jelmer Vernooij <jelmer@samba.org> Signed-off-by: Andrew Bartlett <abartlet@samba.org> Autobuild-User(master): Andrew Bartlett <abartlet@samba.org> Autobuild-Date(master): Tue Nov 6 00:12:43 CET 2012 on sn-devel-104
*	provision: Also walk directories checking ACLs	Andrew Bartlett	2012-11-06	1	-1/+1
\| \| \| \| \| \| \| \| \|	The directory walk was missed due to a cut-and-paste error. Andrew Bartlett Reviewed-by: Jelmer Vernooij <jelmer@samba.org> Signed-off-by: Andrew Bartlett <abartlet@samba.org>
*	provision: Fix comments in checksysvolacl	Andrew Bartlett	2012-10-27	1	-1/+2
\|
*	provision: No longer use the wheel group in new AD Domains	Andrew Bartlett	2012-10-18	1	-19/+20
\| \| \| \| \| \| \| \| \| \| \|	The issue here is that if we set S-1-5-32-544 (administrators) to a GID only, then users cannot force a mandetory profile to be owned by administrators (which is a requirement). There is no particularly useful reason for us to enforce this matching a system group. Andrew Bartlett
*	Removed phpldapadmin inclusion for Samba 4.	Ricky Nance	2012-10-17	1	-20/+0
\| \| \| \| \| \| \|	Signed-off-by: Andrew Bartlett <abartlet@samba.org> Autobuild-User(master): Andrew Bartlett <abartlet@samba.org> Autobuild-Date(master): Wed Oct 17 12:55:44 CEST 2012 on sn-devel-104
*	Revert "provision: Always create DNS user."	Stefan Metzmacher	2012-10-16	1	-13/+18
\| \| \| \| \| \| \| \| \| \| \|	This reverts commit c2d14747d608d406de6410556807d467cd0b85ef. samba_upgradedns handles creates/removed the dns acount. See https://lists.samba.org/archive/samba-technical/2012-October/thread.html#87578 metze
*	samba.provision.sambadns: Use == to compare strings, not 'is'.	Jelmer Vernooij	2012-10-11	1	-1/+1
\|
*	provision: Always create DNS user.	Jelmer Vernooij	2012-10-11	1	-18/+13
\| \| \| \| \| \| \| \| \| \| \| \|	The DNS user is currently only used by the bind9 plugin. This makes it easier to later on switch between the builtin DNS server and bind backend. In addition, ideally the internal DNS server would use that (separate) user too. Autobuild-User(master): Jelmer Vernooij <jelmer@samba.org> Autobuild-Date(master): Thu Oct 11 17:05:40 CEST 2012 on sn-devel-104
*	samba-tool: skip chown in sysvolreset when it would fail on a GID	Andrew Bartlett	2012-10-09	1	-11/+13
\| \| \| \| \| \| \| \| \| \| \| \| \|	This skips the chown of the files if (for example) the domain Admins group were to own the file and not be able to because the group maps only to a GID. This essentially papers over the problem, but may be enough to get us past the Samba 4.0 release. Andrew Bartlett Autobuild-User(master): Andrew Bartlett <abartlet@samba.org> Autobuild-Date(master): Tue Oct 9 15:24:44 CEST 2012 on sn-devel-104
*	provision: Use logger rather than print.	Jelmer Vernooij	2012-10-03	1	-1/+1
\| \| \| \| \|	Autobuild-User(master): Jelmer Vernooij <jelmer@samba.org> Autobuild-Date(master): Wed Oct 3 14:24:09 CEST 2012 on sn-devel-104
*	s4-provision: do not skip setting the acls on sysvol	Matthieu Patou	2012-10-03	1	-1/+3
\| \| \| \| \|	Autobuild-User(master): Matthieu Patou <mat@samba.org> Autobuild-Date(master): Wed Oct 3 10:26:06 CEST 2012 on sn-devel-104
*	s4-python: Various formatting fixes.	Jelmer Vernooij	2012-09-27	2	-3/+3
\| \| \| \| \| \|	* Trailing whitespace * use of "==" where "is" should be used * double spaces
*	samba.provision.common: Fix formatting.	Jelmer Vernooij	2012-09-16	1	-2/+0
\|
*	samba.provision.sambadns: Fix formatting.	Jelmer Vernooij	2012-09-16	1	-57/+126
\|
*	samba.provision.backend: Fix formatting.	Jelmer Vernooij	2012-09-16	1	-0/+1
\|
*	samba.provision: Fix formatting, NameErrors.	Jelmer Vernooij	2012-09-16	1	-68/+80
\|
*	s4 provision: Ask for the dns forwarder IP address during interactive provision	Kai Blin	2012-09-12	1	-1/+4
\| \| \| \|	Signed-off-by: Stefan Metzmacher <metze@samba.org>
*	s4:provision: don't add the dns-HOSTNAME account if we use the internal dns ↵	Stefan Metzmacher	2012-09-12	1	-6/+10
\| \| \| \| \| \|	server metze
*	s4 dns: use the internal DNS server per default	Kai Blin	2012-09-12	1	-2/+2
\|
*	provision: Only give the "no posix ACLs" exception if we could not set the SD	Andrew Bartlett	2012-09-11	1	-6/+6
\| \| \| \| \| \| \|	This will allow us to run make test on all platforms again, as we emululate the posix ACLs using the fake_acls module. By then testing smbd.have_posix_acls() we gain a more specific error message. Andrew Bartlett
*	s4-provision: Fix error message to contain the string SSDL of the ↵	Andrew Bartlett	2012-09-05	1	-2/+2
\| \| \| \|	failed-to-match ACL
*	s3-passdb: Rename pdb_samba4 to samba_dsdb and autoconfigure when we are a AD DC	Andrew Bartlett	2012-09-04	1	-11/+12
\| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \|	The name samba_dsdb is not ideal, but it matches the primary ldb module we use, and more importantly it avoids having '4' in the name. We should slowly avoid using the term samba4 in long-term places like the smb.conf because it is confusing to users given we are shipping Samba 4.0 as an AD DC as well as all the other supported roles (domain member/standalone server/classic DC) Additionally, samba4 will be an odd name when we eventually release Samba 5.0! samba4 remains accepted as an alias to ensure existing smb.conf files load, but to allow changes here in the future, we set the value during the smb.conf load, and not during the provision when we are an AD DC. This simplifies the default smb.conf for the vast majority of our users and reduces the number of things listed in smb.conf files that we later have to work around if we wish to change the name/implementation of the passdb glue module again. Andrew Bartlett Autobuild-User(master): Andrew Bartlett <abartlet@samba.org> Autobuild-Date(master): Tue Sep 4 04:45:16 CEST 2012 on sn-devel-104
*	s4-classicupgrade: Do the setting of the sysvol ACLs last, after idmap is ↵	Andrew Bartlett	2012-08-28	1	-5/+8
\| \| \| \| \| \| \| \| \| \| \|	configured This will allow files to be correctly owned by the idmap that is imported. This appears to fix an issue that came up after s3fs-compatible ACLs were merged into provision. Andrew Bartlett
*	s3-passdb: Allow reload of the static passdb from python	Andrew Bartlett	2012-08-28	1	-0/+2
\| \| \| \| \| \|	This is then used in provision when the passdb backend is forced. Andrew Bartlett
*	s4-samba-tool: Add samba-tool ntacl sysvolcheck command	Andrew Bartlett	2012-08-23	1	-1/+109
\| \| \| \| \| \| \| \| \|	This command verifies that the current on-disk ACLs match the directory and the defaults from provision. Unlike sysvolreset, this does not change any of the permissions. Andrew Bartlett