summaryrefslogtreecommitdiffstats
path: root/source4/scripting
Commit message (Collapse)AuthorAgeFilesLines
...
* s4 upgradeprovision: fix a typo and pass correct parameter to ↵Matthieu Patou2010-08-192-4/+5
| | | | increment_calculated_keyversion
* s4-net: use an encrypted ldap session when setting passwordsAndrew Tridgell2010-08-171-0/+3
| | | | | | | this allows for "net setpassword -H ldap://server -Uusername%password USERNAME" to set a password remotely on a windows DC Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
* s3-provision: cope with the policy directory already existingAndrew Tridgell2010-08-171-3/+8
| | | | Signed-off-by: Andrew Bartlett <abartlet@samba.org>
* s4 upgradeprovision, fix a typo preventing the ridset to be correctly identifiedMatthieu Patou2010-08-101-1/+1
|
* s4: create a simple version of ktpassMatthieu Patou2010-07-171-0/+93
| | | | | | This script is intended to be a replacement for the ktutil of Windows. It's use is for exporting keytab that will be used for kerberized services.
* s4-loadparm: 2nd half of lp_ to lpcfg_ conversionAndrew Tridgell2010-07-161-2/+2
| | | | | | | this converts all callers that use the Samba4 loadparm lp_ calling convention to use the lpcfg_ prefix. Signed-off-by: Andrew Bartlett <abartlet@samba.org>
* s4:provision Handle machine account password changes while keeping keytabAndrew Bartlett2010-07-151-15/+23
| | | | | | | | | The challenge here is to update the existing record if it already exists, rather than deleting the old record. This ensures that the secrets.keytab handling code keeps the previous password in the keytab. Andrew Bartlett
* s4 upgradeprovision: Adapt the list of attribute modifiedMatthieu Patou2010-07-151-4/+25
| | | | | | | | | | | | | | * isMemberOfPartialAttributeSet is now allowed to be deleted (on schema objects) * attributeDisplayNames is now allowed to be added and modified (used on display specifiers) * spnMapping is now allowed to be altered on Directory Service objects * minPwdAge is now modified if the previous value was 0 We issue a clear information about the userControl attribute for administrator to invite the user to modify himself the value. Signed-off-by: Andrew Bartlett <abartlet@samba.org>
* s4 upgradeprovision: Synchronize the calculated keyversionnumber with the ↵Matthieu Patou2010-07-151-1/+22
| | | | | | one previously stored Signed-off-by: Andrew Bartlett <abartlet@samba.org>
* s4 upgradeprovision: do not copy RID Set it's automaticaly created by the ↵Matthieu Patou2010-07-151-24/+34
| | | | | | RID manager Signed-off-by: Andrew Bartlett <abartlet@samba.org>
* s4 upgradeprovision: add function to backup the provision before updatingMatthieu Patou2010-07-151-152/+268
| | | | Signed-off-by: Andrew Bartlett <abartlet@samba.org>
* s4 upgradeprovision: fix whitespacesMatthieu Patou2010-07-151-13/+13
| | | | Signed-off-by: Andrew Bartlett <abartlet@samba.org>
* s4: Add unit test for increment_calculated_keyversion_numberMatthieu Patou2010-07-151-1/+25
| | | | Signed-off-by: Andrew Bartlett <abartlet@samba.org>
* s4 upgradeprovision: introduce a new function to update the field use for ↵Matthieu Patou2010-07-151-3/+37
| | | | | | | | | | calculating msds-keyversionnumber This function change the version field of the unicodePwd in the replPropertyMetaData so that the version is equal or superior to the reference value passed. Signed-off-by: Andrew Bartlett <abartlet@samba.org>
* s4 python: Add functions to samdb to manipulate version of ↵Matthieu Patou2010-07-152-1/+128
| | | | | | | | | | replPropertyMetaData attribute This change contains also helpers for attribute id to attribute oid conversion and from attribute id to attribute name. It brings also unit tests Signed-off-by: Andrew Bartlett <abartlet@samba.org>
* s4 dsdb: Use the changereplmetadata controlMatthieu Patou2010-07-151-11/+78
| | | | | | | | This control allow to specify the replPropertyMetaData attribute to be specified on modify request. It can be used for very specific needs to tweak the content of the replication data. Signed-off-by: Andrew Bartlett <abartlet@samba.org>
* s4: Add a simple script to change dc passwordMatthieu Patou2010-07-151-0/+63
| | | | | | | This script will mostly be used by unit test (blackbox type) to test the change of the dc password Signed-off-by: Andrew Bartlett <abartlet@samba.org>
* s4 provision: move update_machine_account_password to helpersMatthieu Patou2010-07-152-49/+51
| | | | | | This is to allow reuse of this function and also unit tests Signed-off-by: Andrew Bartlett <abartlet@samba.org>
* s4:provision: also use fixed GUID names of the default group policies for ↵Stefan Metzmacher2010-07-101-2/+3
| | | | | | domain and domain controllers in tests metze
* s4 provision: use correct GUID for default policiesMatthieu Patou2010-07-101-2/+7
| | | | | | | | | The value of GUID for policy is not random for default policies, it is described here ("How Core Group Policy Works"): http://technet.microsoft.com/en-us/library/cc784268%28WS.10%29.aspx at paragraph System\Policies Container. Signed-off-by: Stefan Metzmacher <metze@samba.org>
* s4 net: Add spn module to list/add/remove spn on objectsMatthieu Patou2010-07-102-0/+219
| | | | Signed-off-by: Stefan Metzmacher <metze@samba.org>
* s4:samdb.py - "setpassword" - performs password sets using the "unicodePwd" ↵Matthias Dieter Wallnöfer2010-07-081-7/+3
| | | | | | | attribute This does work per default on each AD-compatible DC. "userPassword" support on Windows however has to be activated explicitly by the "dSHeuristics".
* s4 upgradeprovision: For SID > 1000 do not copy them, let the system ↵Matthieu Patou2010-07-081-0/+6
| | | | | | | | | regenerated a new one This should avoid colliion with newly added objects that use the same SID as existing users in the upgraded provision. Signed-off-by: Matthias Dieter Wallnöfer <mdw@samba.org>
* DNS objects should not be ignoredZahari Zahariev2010-07-051-21/+9
| | | | | | | | Recently I have found that after vampireing from a clean Windows server we have the same DNS objects in the ldb. So ldapcmp has to no longer ignore them. Signed-off-by: Kamen Mazdrashki <kamenim@samba.org>
* s4:pwsettings net utility - change also here the "minPwdAge" to be the real ↵Matthias Dieter Wallnöfer2010-07-031-2/+2
| | | | | | default Which is one day.
* s4:provision Add an msDS-SupportedEncryptionTypes entry to our DCAndrew Bartlett2010-06-291-1/+16
| | | | | | | | This ensures that our DC will use all the available encyption types. (The KDC reads this entry to determine what the server supports) Andrew Bartlett
* s4/spnupdate: Fixed spnupdate to use secrets credentials when accessing SamDB.Endi S. Dewata2010-06-281-3/+30
| | | | Signed-off-by: Matthias Dieter Wallnöfer <mdw@samba.org>
* s4:provision.py - fix comment regarding DNS entriesMatthias Dieter Wallnöfer2010-06-261-1/+1
| | | | | I think this should mean partially Samba4 specified (all beside the "dns" account is standard)
* s4:provision: move Samba4 specific DNS stuff to its own fileStefan Metzmacher2010-06-261-1/+8
| | | | metze
* s4:provision: add --next-rid optionStefan Metzmacher2010-06-261-2/+13
| | | | | | | | Make it possible to provision a domain with a given next rid counter. This will be useful for upgrades, where we want to import users with already given SIDs. metze
* s4:provision: don't use hardcoded values for 'nextRid' and 'rIDAvailablePool'Stefan Metzmacher2010-06-261-3/+11
| | | | | | | | | | | | | | | | | | | | | | | | | | | On Windows dcpromo imports nextRid from the local SAM, which means it's not hardcoded to 1000. The initlal rIDAvailablePool starts at nextRid + 100. I also found that the RID Set of the local dc should be created via provision and not at runtime, when the first rid is needed. (Tested with dcpromo on w2k8r2, while disabling the DNS check box). After provision we should have this (assuming nextRid=1000): rIDAllocationPool: 1100-1599 rIDPrevAllocationPool: 1100-1599 rIDUsedPool: 0 rIDNextRID: 1100 rIDAvailablePool: 1600-1073741823 Because provision sets rIDNextRid=1100, the first created account (typically DNS related accounts) will get 1101 as rid! metze
* s4:provision: pass relax control also to modify_ldifStefan Metzmacher2010-06-261-2/+2
| | | | metze
* s4 python: Add unit tests related to PyLong/PyInt handlingMatthieu Patou2010-06-251-2/+11
| | | | Signed-off-by: Jelmer Vernooij <jelmer@samba.org>
* s4 upgradeprovision: Try to support older Pythons.Michael Wood2010-06-251-1/+1
| | | | | | Use "...".split(sep, 1) instead of "...".partition(sep). Signed-off-by: Matthias Dieter Wallnöfer <mdw@samba.org>
* s4-python: python is not always in /usr/binAndrew Tridgell2010-06-2454-54/+54
| | | | | | | | Using "#!/usr/bin/env python" is more portable. It still isn't ideal though, as we should really use the python path found at configure time. We do that in many places already, but some don't. Signed-off-by: Andrew Bartlett <abartlet@samba.org>
* s4:upgradeprovision - fix include order for "ldb"Matthias Dieter Wallnöfer2010-06-241-1/+1
| | | | Patch originally posted on the list by Matthieu Patou.
* Fix to undo nasty hack for for grouptype conversionLukasz Zalewski2010-06-231-1/+1
| | | | Signed-off-by: Jelmer Vernooij <jelmer@samba.org>
* s4:net Remove warnings for 2000 native mode and Samba4.Andrew Bartlett2010-06-231-5/+5
| | | | | | We now support 2000 native mode, and so we just need to warn about mixed mode. Andrew Bartlett
* s4:provision Raise default max functional level to 2008R2Andrew Bartlett2010-06-231-3/+3
| | | | | | | | | We don't support many of the extra features, but that applies across many other parts of AD. Allow the admin to join a 2008R2 domain if he or she wants. This also makes it possible to test 2008R2 domain code in 'make test' Andrew Bartlett
* s4:provision Remove am_rodc from SchemaAndrew Bartlett2010-06-232-5/+5
| | | | | The SamDB created in the schema code isn't real enough to care if it's an rodc or not.
* libds:common Remove DS_DC_* domain functionality flagsAndrew Bartlett2010-06-232-11/+7
| | | | | | These are just a subset of the DS_DOMAIN_ functionality flags, are compared and often confused with each other. Just make them one set. Andrew Bartlett
* s4/test: fix DC password in selftest-vars.shKamen Mazdrashki2010-06-221-2/+2
|
* s4 upgradeprovision: fix the logging stuff so that it actually logMatthieu Patou2010-06-211-0/+2
| | | | Signed-off-by: Jelmer Vernooij <jelmer@samba.org>
* s4:python LDB __init__.py - remove completely unused "erase_partitions" callMatthias Dieter Wallnöfer2010-06-202-36/+0
| | | | Seems to be a relict from the past.
* provision: Look for Samba prefix a bit harder.Jelmer Vernooij2010-06-201-4/+6
|
* pydsdb: Mark all SamDB and Schema methods that are in pydsdb asJelmer Vernooij2010-06-203-17/+17
| | | | private, to discourage them being called directly.
* testparm: Check netbios name and workgroup characters and length.Jelmer Vernooij2010-06-201-14/+36
|
* provision: Properly cancel transactions on the secrets ldb.Jelmer Vernooij2010-06-201-122/+131
|
* selftest: Use scripted testparm.Jelmer Vernooij2010-06-201-2/+2
|
* testparm: Simplify default option handling.Jelmer Vernooij2010-06-201-19/+14
|
generated by cgit (git 2.34.1) at 2025-09-25 18:13:25 +0000