summaryrefslogtreecommitdiffstats
path: root/source4/scripting/python/samba
Commit message (Collapse)AuthorAgeFilesLines
* Added a net acl ds command for modification of ACLs on directory objectsNadezhda Ivanova2010-03-165-2/+227
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | At present the command supports only addition of control access rigts, done so DRS access checks can be tested. It will be expanded to deal with most ways to modify and view a DS ACL. Shifted commands a bit. What used to be net acl is now "net acl nt" as apposed to this, which is "net acl ds" ./bin/net acl ds set --help Usage: set --objectdn=objectdn --car=control right --action=[deny|allow] --trusteedn=trustee-dn Options: -h, --help show this help message and exit --host=HOST LDB URL for database or target server --car=CAR The access control right to allow or deny --action=ACTION Deny or allow access --objectdn=OBJECTDN DN of the object whose SD to modify --trusteedn=TRUSTEEDN DN of the entity that gets access Samba Common Options: -s FILE, --configfile=FILE Configuration file Credentials Options: --simple-bind-dn=DN DN to use for a simple bind --password=PASSWORD Password -U USERNAME, --username=USERNAME Username -W WORKGROUP, --workgroup=WORKGROUP Workgroup -N, --no-pass Don't ask for a password -k KERBEROS, --kerberos=KERBEROS Use Kerberos
* s4:provision.py - small output improvementMatthias Dieter Wallnöfer2010-03-121-1/+1
|
* s4:provision Improve the handling of provision errorsAndrew Bartlett2010-03-112-11/+17
| | | | | | | | | The backtraces were too confusing for our users, and didn't tell them what to do to fix the problem. By printing the string (rather than a backtrace), and including in the error what to do, and what file to remove, we give them a chance. Andrew Bartlett
* s4:samba_dnsupdate Add a 'file based' mode to samba_dnsupdateAndrew Bartlett2010-03-111-1/+1
| | | | | | | | | For the testsuite to use DNS like names, we need to write these names to a file. Also, to have this run in 'make test' the usual rules about 'no 127.*' IP addresses in DNS must be skipped, so glue.interface_ips takes two arguments now
* s4-python: allow us to have samba copies of python libraries we depend onAndrew Tridgell2010-03-051-0/+50
| | | | | | | | For python libraries like dns.resolver it is useful to be able to install a copy of the library with Samba. This set of functions allows us to do that while using the locally installed version if it is available Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
* s4:provision - use the new "interface_ips" python call to detect the right ↵Matthias Dieter Wallnöfer2010-03-041-8/+8
| | | | | | | | | | | host IPv4 address Inform the user when there are more possibilities (so he can check for the right address and otherwise he is able to do an immediate reprovision) and no possibility at all (then we fall back to the loopback address "127.0.0.1" - this is thought for testing purposes). I think this should be enough for closing bug #5484.
* s4:provision - Moved default FDS SASL mappings deletion from post_setup() to ↵Endi S. Dewata2010-03-021-7/+0
| | | | | | init(). Signed-off-by: Andrew Bartlett <abartlet@samba.org>
* s4:provision - Moved setup_db_config() into OpenLDAPBackend class.Endi S. Dewata2010-03-021-16/+16
| | | | Signed-off-by: Andrew Bartlett <abartlet@samba.org>
* s4:provision - Moved backend-specific variables into backend class.Endi S. Dewata2010-03-022-75/+60
| | | | Signed-off-by: Andrew Bartlett <abartlet@samba.org>
* s4:provision - Use netbios name for FDS instance name.Endi S. Dewata2010-03-021-3/+5
| | | | Signed-off-by: Andrew Bartlett <abartlet@samba.org>
* Fix the build, add filtered subunit runner.Jelmer Vernooij2010-03-011-1/+1
|
* More formatting fixes, pointed out by pylint.Jelmer Vernooij2010-03-018-44/+51
|
* General cleanups of python code, hinted by pyflakes.Jelmer Vernooij2010-03-0114-152/+124
|
* ntacl: Use existing infrastructure.Jelmer Vernooij2010-03-012-27/+27
|
* Remove __contains__ from mock object for consistency with actualJelmer Vernooij2010-03-011-3/+0
| | | | implementation.
* Fix SharesContainer.__len__.Ricardo Jorge2010-03-011-1/+1
| | | | Signed-off-by: Jelmer Vernooij <jelmer@samba.org>
* More formatting fixes.Jelmer Vernooij2010-03-011-16/+10
|
* Fix formatting.Jelmer Vernooij2010-03-011-172/+174
|
* upgradeprovision: Remove unused imports, use shutil.rmtree rather thanJelmer Vernooij2010-03-011-30/+11
| | | | rmall.
* upgradeprovision: Move to pythondoc formatMatthieu Patou2010-03-011-9/+33
| | | | Signed-off-by: Jelmer Vernooij <jelmer@samba.org>
* upgradeprovision: code cleanupMatthieu Patou2010-03-011-6/+7
| | | | Signed-off-by: Jelmer Vernooij <jelmer@samba.org>
* upgradeprovision: split the big script to put reusable functions appartMatthieu Patou2010-03-011-0/+220
| | | | Signed-off-by: Jelmer Vernooij <jelmer@samba.org>
* s4:provision: use generate_random_password()Stefan Metzmacher2010-02-261-5/+5
| | | | metze
* s4-provision: fixed use of rndc command from pythonAndrew Tridgell2010-02-261-1/+1
| | | | rndc command is now a list
* s4-provision: also create the dns_update_list when running net vampireAndrew Tridgell2010-02-261-0/+10
| | | | | We need the list when joining a windows domain, so we can automatically maintain the right DNS entries on the Windows DNS server
* s4-provision: setup the dns_update_list at provision timeAndrew Tridgell2010-02-261-0/+5
| | | | This file is substituted at runtime by samba_dnsupdate
* s4-provision: if we aren't doing variable substitution then don't check for varsAndrew Tridgell2010-02-261-1/+1
|
* samdb: added get_ntds_GUID() methodAndrew Tridgell2010-02-261-0/+4
|
* py-samdb: added server_site_name methodAndrew Tridgell2010-02-261-0/+3
|
* py-samdb: added get_invocation_id() methodAndrew Tridgell2010-02-261-0/+5
|
* python: ntacls, fix a leftover that is not in the try/except branchMatthieu Patou2010-02-241-1/+0
| | | | Signed-off-by: Matthias Dieter Wallnöfer <mwallnoefer@yahoo.de>
* s4:provision.py - try to use other addresses than "127.0.0.x" and "::1"Matthias Dieter Wallnöfer2010-02-211-2/+10
| | | | | | | | | | | | | On production systems a user for sure strongly disagrees to use local IP addresses (how should the server be accessible?). Therefore if the user didn't specify an IP as provision option and in the "/etc/hosts" file we have at least one not-local IP which resolves to our hostname use this or one of them. Notice: if a host has more public IP addresses with the same name assigned the behaviour is non-deterministic (well, okay - by the entries order it is). But then the user is invited to specify the host IP manually. This should address bug #5484.
* s4-provision: freeze the DNS zone before creating the zone fileAndrew Tridgell2010-02-171-2/+10
| | | | | This prevents bind from getting confused if it has a journal for the zone.
* s4-provision: fix permissions on generated DNS zone fileAndrew Tridgell2010-02-171-9/+11
| | | | | | | The zone file needs to be writeable by bind to allow for it to flush its journal on dynamic updates Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
* s4:getopt.py - set the password callback only when no password has been providedMatthias Dieter Wallnöfer2010-02-121-4/+6
| | | | | | | | | | Previously the "no_pass" and "no_pass2" variables weren't handled correctly. Since at the initialisation of the "CredentialsOptions" we don't have any password at all. Only afterwards we could get one through "set_password". If a password is specified, use it. If no password is specified, consider the use fo an input mask on STDOUT. But if the loadparm context contains one prefer it over the input.
* s4-provision: import the R2 functional levelAndrew Tridgell2010-02-121-1/+1
| | | | | this makes it easier to modify the script to set us at R2 level in provision. We should make this a parameter.
* provision: Use short name for assignee of ACE (BA, SA, CO, ...)Matthieu Patou2010-02-111-8/+6
| | | | | | | | | | Use short name (shortcut for wellknown SID/RID) for assignee in each entry of ACL (when possible) of sysvol files (GPO objects and netlogon folders). This avoid error prone substitution of DOMAINSID in ACL and make ACL clearer by using shortname for assignee accordingly with SDDL synthax rules. Translation to real SID is handled internaly by the from_sddl function. Signed-off-by: Matthias Dieter Wallnöfer <mwallnoefer@yahoo.de>
* python-s4: use secrets.ldb instead of sam.ldb for reading domain SIDMatthieu Patou2010-02-111-2/+2
| | | | | | | This allow to be able to run net acl set xxx yyy on DC, but also on domain member. Signed-off-by: Matthias Dieter Wallnöfer <mwallnoefer@yahoo.de>
* provision: Fix an error with eadb when using not default install dir and ↵Matthieu Patou2010-02-111-1/+5
| | | | | | running as a non root user Signed-off-by: Matthias Dieter Wallnöfer <mwallnoefer@yahoo.de>
* s4-provision: cope with umask in creating private/dnsAndrew Tridgell2010-02-111-0/+2
|
* s4-provision: pre-create a named.conf.update fileAndrew Tridgell2010-02-111-1/+5
| | | | | | The named.conf.update file will be filled in at runtime by Samba to contain the list of bind9 grant rules for granting DNS dynamic update permissions on the domain.
* s4-provision: move zone file to dns subdirectoryAndrew Tridgell2010-02-111-12/+52
| | | | | | | | This allows the permissions to be correctly set for bind to write to a journal file. It also sets the right group ownership and permissions on the files that bind needs to access. Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
* s4:provision Be more polite to long-suffering Samba testers.Andrew Bartlett2010-02-111-2/+3
| | | | | | Our testers put up with a lot of odd things when testing out Samba4. Andrew Bartlett
* s4:provision Just 'do the right thing' with empty smb.conf filesAndrew Bartlett2010-02-101-2/+10
| | | | | | | | For some reason, JHT keeps on creating an empty smb.conf file, expecting it to be the same as a non-existant one. It is easier to just realise what he meant. Andrew Bartlett
* Fixed a bug caused by a typo. Infrastructure role didn't work.Nadezhda Ivanova2010-01-291-1/+1
|
* Implemented net fsmo command for transferring fsmo rolesNadezhda Ivanova2010-01-272-0/+204
| | | | | | | | | | | | | The command allows the user to transfer a fsmo role to the server to which the connection is established. Roles can be transferred or seized. By default a transfer is attempted even if seize option is chosen, as it is dangerous to seize a role if the current owner is still running. example use: net fsmo show --host=hostnameoraddress --username=username --password=password net fsmo transfer --role=role --host=hostnameoraddress --username=username --password=password net fsmo seize --role=role --host=hostnameoraddress --username=username --password=password [--force] Tested against Win2008. Does not work for samba 4 yet as we are missing the GetNCChanges extensions.
* s4-python: Fix formatting.Jelmer Vernooij2010-01-253-33/+27
|
* s4-provision: Fixed typos and redundant codeEndi S. Dewata2010-01-231-10/+10
| | | | Signed-off-by: Matthias Dieter Wallnöfer <mwallnoefer@yahoo.de>
* pyxattr: Factor out helper functions.Jelmer Vernooij2010-01-211-24/+24
|
* pyxattr: Simplify tests.Jelmer Vernooij2010-01-211-52/+60
|
generated by cgit (git 2.34.1) at 2025-09-26 15:34:46 +0000