fixed up add_foreign again

[metze/samba/wip.git] / source4 / scripting / python / samba / provision.py

diff --git a/source4/scripting/python/samba/provision.py b/source4/scripting/python/samba/provision.py
index 026e85dfdc530038c24967cb74dfa3d69e333196..e2abb05f68f4eb12679d9b12c7a4b07534195de8 100644 (file)
--- a/source4/scripting/python/samba/provision.py
+++ b/source4/scripting/python/samba/provision.py
@@ -474,18 +474,30 @@ def setup_name_mappings(samdb, idmap, sid, domaindn, root_uid, nobody_uid,
     :param users_gid: gid of the UNIX users group.
     :param wheel_gid: gid of the UNIX wheel group."""
 
-def add_foreign(self, domaindn, sid, desc):
-    """Add a foreign security principle."""
-    add = """
+    def add_foreign(self, domaindn, sid, desc):
+        """Add a foreign security principle."""
+        add = """
 dn: CN=%s,CN=ForeignSecurityPrincipals,%s
 objectClass: top
 objectClass: foreignSecurityPrincipal
 description: %s
 """ % (sid, domaindn, desc)
-    # deliberately ignore errors from this, as the records may
-    # already exist
-    for msg in self.parse_ldif(add):
-        self.add(msg[1])
+        # deliberately ignore errors from this, as the records may
+        # already exist
+        for msg in self.parse_ldif(add):
+            self.add(msg[1])
+
+    add_foreign(samdb, self.domaindn, "S-1-5-7", "Anonymous")
+    add_foreign(samdb, self.domaindn, "S-1-1-0", "World")
+    add_foreign(samdb, self.domaindn, "S-1-5-2", "Network")
+    add_foreign(samdb, self.domaindn, "S-1-5-18", "System")
+    add_foreign(samdb, self.domaindn, "S-1-5-11", "Authenticated Users")
+    
+    idmap.setup_name_mapping("S-1-5-7", idmap.TYPE_UID, nobody_uid)
+    idmap.setup_name_mapping("S-1-5-32-544", idmap.TYPE_GID, wheel_gid)
+    
+    idmap.setup_name_mapping(sid + "-500", idmap.TYPE_UID, root_uid)
+    idmap.setup_name_mapping(sid + "-513", idmap.TYPE_GID, users_gid)
 
 def setup_samdb_partitions(samdb_path, setup_path, message, lp, session_info, 
                            credentials, names,