{
my ($self, $prefix, $server_role, $hostname,
$domain, $realm, $functional_level,
- $password, $kdc_ipv4, $use_ntvfs) = @_;
+ $password, $kdc_ipv4) = @_;
my $ctx;
my $netbiosname = uc($hostname);
push (@provision_options, "--root=$ctx->{unix_name}");
push (@provision_options, "--server-role=\"$ctx->{server_role}\"");
push (@provision_options, "--function-level=\"$ctx->{functional_level}\"");
- push (@provision_options, "--dns-backend=BIND9_DLZ");
-
- if ($use_ntvfs) {
- push (@provision_options, "--use-ntvfs");
- }
@{$ctx->{provision_options}} = @provision_options;
mkdir($_, 0777) foreach (@{$ctx->{directories}});
+ ##
+ ## lockdir and piddir must be 0755
+ ##
+ chmod 0755, $ctx->{lockdir};
+ chmod 0755, $ctx->{piddir};
+
unless (open(CONFFILE, ">$ctx->{smb_conf}")) {
warn("can't open $ctx->{smb_conf}$?");
return undef;
}
- my $acl = "false";
- $acl = "true" if (defined $ENV{WITH_ACL});
print CONFFILE "
[global]
- acl:search = $acl
netbios name = $ctx->{netbiosname}
posix:eadb = $ctx->{statedir}/eadb.tdb
workgroup = $ctx->{domain}
panic action = $RealBin/gdb_backtrace \%d
wins support = yes
server role = $ctx->{server_role}
- server services = +echo +dns +smb -s3fs
+ server services = +echo +smb -s3fs
dcerpc endpoint servers = +winreg +srvsvc
notify:inotify = false
ldb:nosync = true
# remove this again, when our smb2 client library
# supports signin on compound related requests
server signing = on
+
+ idmap_ldb:use rfc2307=yes
";
print CONFFILE "
pdbtest:x:65533:65533:pdbtest gecos:$ctx->{prefix_abs}:/bin/false
";
close(PWD);
+ my $uid_rfc2307test = 65533;
open(GRP, ">$ctx->{nsswrap_group}");
print GRP "
nogroup:x:65534:nobody
";
close(GRP);
+ my $gid_rfc2307test = 65532;
my $configuration = "--configfile=$ctx->{smb_conf}";
SAMBA_TEST_FIFO => "$ctx->{prefix}/samba_test.fifo",
SAMBA_TEST_LOG => "$ctx->{prefix}/samba_test.log",
SAMBA_TEST_LOG_POS => 0,
- NSS_WRAPPER_WINBIND_SO_PATH => Samba::bindir_path($self, "default/nsswitch/libnss-winbind.so"),
- LOCAL_PATH => $ctx->{share}
+ NSS_WRAPPER_WINBIND_SO_PATH => Samba::nss_wrapper_winbind_so_path($self),
+ LOCAL_PATH => $ctx->{share},
+ UID_RFC2307TEST => $uid_rfc2307test,
+ GID_RFC2307TEST => $gid_rfc2307test
};
return $ret;
{
my ($self, $prefix, $server_role, $hostname,
$domain, $realm, $functional_level,
- $password, $kdc_ipv4, $extra_smbconf_options, $extra_smbconf_shares, $use_ntvfs) = @_;
+ $password, $kdc_ipv4, $extra_smbconf_options, $extra_smbconf_shares,
+ $extra_provision_options) = @_;
my $ctx = $self->provision_raw_prepare($prefix, $server_role,
$hostname,
$domain, $realm, $functional_level,
- $password, $kdc_ipv4, $use_ntvfs);
+ $password, $kdc_ipv4);
+
+ if (defined($extra_provision_options)) {
+ push (@{$ctx->{provision_options}}, @{$extra_provision_options});
+ } else {
+ push (@{$ctx->{provision_options}}, "--use-ntvfs");
+ }
$ctx->{share} = "$ctx->{prefix_abs}/share";
push(@{$ctx->{directories}}, "$ctx->{share}");
[sysvol]
path = $ctx->{statedir}/sysvol
- read only = yes
+ read only = no
[netlogon]
path = $ctx->{statedir}/sysvol/$ctx->{dnsname}/scripts
"2008",
"locMEMpass3",
$dcvars->{SERVER_IP},
- "", "", 1);
+ "", "", undef);
unless ($ret) {
return undef;
}
"2008",
"locRPCproxypass4",
$dcvars->{SERVER_IP},
- $extra_smbconf_options, "", 1);
+ $extra_smbconf_options, "", undef);
unless ($ret) {
return undef;
return $ret;
}
-sub provision_promoted_vampire_dc($$$)
+sub provision_promoted_dc($$$)
{
my ($self, $prefix, $dcvars) = @_;
print "PROVISIONING VAMPIRE DC...";
"samba.example.com",
"2008",
$dcvars->{PASSWORD},
- $dcvars->{SERVER_IP}, 1);
+ $dcvars->{SERVER_IP});
+
+ push (@{$ctx->{provision_options}}, "--use-ntvfs");
$ctx->{smb_conf_extra_options} = "
max xmit = 32K
$cmd .= "KRB5_CONFIG=\"$ret->{KRB5_CONFIG}\" ";
$cmd .= "$samba_tool domain dcpromo $ret->{CONFIGURATION} $dcvars->{REALM} DC --realm=$dcvars->{REALM}";
$cmd .= " -U$dcvars->{DC_USERNAME}\%$dcvars->{DC_PASSWORD}";
- $cmd .= " --machinepass=machine$ret->{password} --use-ntvfs";
+ $cmd .= " --machinepass=machine$ret->{password} --use-ntvfs --dns-backend=BIND9_DLZ";
unless (system($cmd) == 0) {
warn("Join failed\n$cmd");
return undef;
}
- $ret->{PROMOTED_VAMPIRE_DC_SERVER} = $ret->{SERVER};
- $ret->{PROMOTED_VAMPIRE_DC_SERVER_IP} = $ret->{SERVER_IP};
- $ret->{PROMOTED_VAMPIRE_DC_NETBIOSNAME} = $ret->{NETBIOSNAME};
+ $ret->{PROMOTED_DC_SERVER} = $ret->{SERVER};
+ $ret->{PROMOTED_DC_SERVER_IP} = $ret->{SERVER_IP};
+ $ret->{PROMOTED_DC_NETBIOSNAME} = $ret->{NETBIOSNAME};
$ret->{DC_SERVER} = $dcvars->{DC_SERVER};
$ret->{DC_SERVER_IP} = $dcvars->{DC_SERVER_IP};
"samba.example.com",
"2008",
$dcvars->{PASSWORD},
- $dcvars->{SERVER_IP}, 1);
+ $dcvars->{SERVER_IP});
+
+ push (@{$ctx->{provision_options}}, "--use-ntvfs");
$ctx->{smb_conf_extra_options} = "
max xmit = 32K
"sub.samba.example.com",
"2008",
$dcvars->{PASSWORD},
- undef, 1);
+ undef);
+
+ push (@{$ctx->{provision_options}}, "--use-ntvfs");
$ctx->{smb_conf_extra_options} = "
max xmit = 32K
my ($self, $prefix) = @_;
print "PROVISIONING DC...";
- my $extra_conf_options = "netbios aliases = localDC1-a
-allow dns updates = signed";
+ my $extra_conf_options = "netbios aliases = localDC1-a";
my $ret = $self->provision($prefix,
"domain controller",
"localdc",
"samba.example.com",
"2008",
"locDCpass1",
- undef, $extra_conf_options, "", 1);
+ undef, $extra_conf_options, "", undef);
return undef unless(defined $ret);
unless($self->add_wins_config("$prefix/private")) {
"samba2000.example.com",
"2000",
"locDCpass5",
- undef, "", "", 1);
+ undef, "", "", undef);
unless($self->add_wins_config("$prefix/private")) {
warn("Unable to add wins configuration");
"samba2003.example.com",
"2003",
"locDCpass6",
- undef, "allow dns updates = True", "", 1);
+ undef, "allow dns updates = nonsecure and secure", "", undef);
unless($self->add_wins_config("$prefix/private")) {
warn("Unable to add wins configuration");
"samba2008R2.example.com",
"2008_R2",
"locDCpass7",
- undef, "", "", 1);
+ undef, "", "", undef);
unless ($self->add_wins_config("$prefix/private")) {
warn("Unable to add wins configuration");
"samba.example.com",
"2008",
$dcvars->{PASSWORD},
- $dcvars->{SERVER_IP}, 1);
+ $dcvars->{SERVER_IP});
unless ($ctx) {
return undef;
}
+ push (@{$ctx->{provision_options}}, "--use-ntvfs");
+
$ctx->{share} = "$ctx->{prefix_abs}/share";
push(@{$ctx->{directories}}, "$ctx->{share}");
printing = bsd
printcap name = /dev/null
- max protocol = SMB2
+ max protocol = SMB3
read only = no
server signing = auto
smbd:sharedelay = 100000
smbd:writetimeupdatedelay = 500000
- create mask = 755
+ create mask = 0777
+ directory mask = 0777
dos filemode = yes
dcerpc endpoint servers = -winreg -srvsvc
"2008",
"locDCpass1",
undef, $extra_smbconf_options,
- $extra_smbconf_shares, 0);
+ $extra_smbconf_shares, undef);
return undef unless(defined $ret);
unless($self->add_wins_config("$prefix/private")) {
my ($self, $prefix) = @_;
print "PROVISIONING CHGDCPASS...";
+ my $extra_provision_options = undef;
+ push (@{$extra_provision_options}, "--dns-backend=BIND9_DLZ");
my $ret = $self->provision($prefix,
"domain controller",
"chgdcpass",
"chgdcpassword.samba.example.com",
"2008",
"chgDCpass1",
- undef, "", "", 1);
+ undef, "server services = -dns", "",
+ $extra_provision_options);
return undef unless(defined $ret);
unless($self->add_wins_config("$prefix/private")) {
$self->setup_dc("$path/dc");
}
return $self->setup_vampire_dc("$path/vampire_dc", $self->{vars}->{dc});
- } elsif ($envname eq "promoted_vampire_dc") {
+ } elsif ($envname eq "promoted_dc") {
if (not defined($self->{vars}->{dc})) {
$self->setup_dc("$path/dc");
}
- return $self->setup_promoted_vampire_dc("$path/promoted_vampire_dc", $self->{vars}->{dc});
+ return $self->setup_promoted_dc("$path/promoted_dc", $self->{vars}->{dc});
} elsif ($envname eq "subdom_dc") {
if (not defined($self->{vars}->{dc})) {
$self->setup_dc("$path/dc");
return $env;
}
-sub setup_promoted_vampire_dc($$$)
+sub setup_promoted_dc($$$)
{
my ($self, $path, $dc_vars) = @_;
- my $env = $self->provision_promoted_vampire_dc($path, $dc_vars);
+ my $env = $self->provision_promoted_dc($path, $dc_vars);
if (defined $env) {
$self->check_or_start($env, "single");
$self->wait_for_start($env);
- $self->{vars}->{promoted_vampire_dc} = $env;
+ $self->{vars}->{promoted_dc} = $env;
# force replicated DC to update repsTo/repsFrom
# for vampired partitions