2 Unix SMB/CIFS implementation.
3 Samba utility functions
4 Copyright (C) Jelmer Vernooij <jelmer@samba.org> 2008
5 Copyright (C) Andrew Bartlett <abartlet@samba.org> 2005
7 This program is free software; you can redistribute it and/or modify
8 it under the terms of the GNU General Public License as published by
9 the Free Software Foundation; either version 3 of the License, or
10 (at your option) any later version.
12 This program is distributed in the hope that it will be useful,
13 but WITHOUT ANY WARRANTY; without even the implied warranty of
14 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
15 GNU General Public License for more details.
17 You should have received a copy of the GNU General Public License
18 along with this program. If not, see <http://www.gnu.org/licenses/>.
22 #include "auth/auth.h"
23 #include "lib/ldb_wrap.h"
24 #include "ldb/include/ldb.h"
25 #include "ldb_errors.h"
26 #include "libcli/raw/libcliraw.h"
27 #include "librpc/ndr/libndr.h"
29 #include "param/param.h"
30 #include "param/provision.h"
31 #include "param/secrets.h"
33 #include "lib/talloc/pytalloc.h"
34 #include "librpc/rpc/pyrpc.h"
35 #include "scripting/python/modules.h"
36 #include "lib/ldb/pyldb.h"
37 #include "param/pyparam.h"
38 #include "librpc/ndr/py_security.h"
40 NTSTATUS provision_bare(TALLOC_CTX *mem_ctx, struct loadparm_context *lp_ctx,
41 struct provision_settings *settings,
42 struct provision_result *result)
44 const char *configfile;
45 PyObject *provision_mod, *provision_dict, *provision_fn, *py_result, *parameters;
47 DEBUG(0,("Provision for Become-DC test using python\n"));
49 py_load_samba_modules();
51 py_update_path("bin"); /* FIXME: Can't assume this is always the case */
53 provision_mod = PyImport_Import(PyString_FromString("samba.provision"));
55 if (provision_mod == NULL) {
57 DEBUG(0, ("Unable to import provision Python module.\n"));
58 return NT_STATUS_UNSUCCESSFUL;
61 provision_dict = PyModule_GetDict(provision_mod);
63 if (provision_dict == NULL) {
64 DEBUG(0, ("Unable to get dictionary for provision module\n"));
65 return NT_STATUS_UNSUCCESSFUL;
68 provision_fn = PyDict_GetItemString(provision_dict, "provision_become_dc");
69 if (provision_fn == NULL) {
71 DEBUG(0, ("Unable to get provision_become_dc function\n"));
72 return NT_STATUS_UNSUCCESSFUL;
75 DEBUG(0,("New Server in Site[%s]\n",
76 settings->site_name));
78 DEBUG(0,("DSA Instance [%s]\n"
79 "\tinvocationId[%s]\n",
80 settings->ntds_dn_str,
81 settings->invocation_id == NULL?"None":GUID_string(mem_ctx, settings->invocation_id)));
83 DEBUG(0,("Pathes under targetdir[%s]\n",
84 settings->targetdir));
85 parameters = PyDict_New();
87 configfile = lp_configfile(lp_ctx);
88 if (configfile != NULL) {
89 PyDict_SetItemString(parameters, "smbconf",
90 PyString_FromString(configfile));
93 PyDict_SetItemString(parameters, "rootdn",
94 PyString_FromString(settings->root_dn_str));
95 if (settings->targetdir != NULL)
96 PyDict_SetItemString(parameters, "targetdir",
97 PyString_FromString(settings->targetdir));
98 PyDict_SetItemString(parameters, "setup_dir",
99 PyString_FromString("setup"));
100 PyDict_SetItemString(parameters, "hostname",
101 PyString_FromString(settings->netbios_name));
102 PyDict_SetItemString(parameters, "domain",
103 PyString_FromString(settings->domain));
104 PyDict_SetItemString(parameters, "realm",
105 PyString_FromString(settings->realm));
106 if (settings->root_dn_str)
107 PyDict_SetItemString(parameters, "rootdn",
108 PyString_FromString(settings->root_dn_str));
110 if (settings->domain_dn_str)
111 PyDict_SetItemString(parameters, "domaindn",
112 PyString_FromString(settings->domain_dn_str));
114 if (settings->schema_dn_str)
115 PyDict_SetItemString(parameters, "schemadn",
116 PyString_FromString(settings->schema_dn_str));
118 if (settings->config_dn_str)
119 PyDict_SetItemString(parameters, "configdn",
120 PyString_FromString(settings->config_dn_str));
122 if (settings->server_dn_str)
123 PyDict_SetItemString(parameters, "serverdn",
124 PyString_FromString(settings->server_dn_str));
126 if (settings->site_name)
127 PyDict_SetItemString(parameters, "sitename",
128 PyString_FromString(settings->site_name));
130 PyDict_SetItemString(parameters, "machinepass",
131 PyString_FromString(settings->machine_password));
134 PyDict_SetItemString(parameters, "debuglevel", PyInt_FromLong(DEBUGLEVEL));
136 py_result = PyEval_CallObjectWithKeywords(provision_fn, NULL, parameters);
138 Py_DECREF(parameters);
140 if (py_result == NULL) {
143 return NT_STATUS_UNSUCCESSFUL;
146 result->domaindn = talloc_strdup(mem_ctx, PyString_AsString(PyObject_GetAttrString(py_result, "domaindn")));
149 result->lp_ctx = lp_from_py_object(PyObject_GetAttrString(py_result, "lp"));
150 result->samdb = PyLdb_AsLdbContext(PyObject_GetAttrString(py_result, "samdb"));
155 extern void initldb(void);
156 extern void initsecurity(void);
158 NTSTATUS provision_store_self_join(TALLOC_CTX *mem_ctx, struct loadparm_context *lp_ctx,
159 struct tevent_context *event_ctx,
160 struct provision_store_self_join_settings *settings,
161 const char **error_string)
164 PyObject *provision_mod, *provision_dict, *provision_fn, *py_result, *parameters, *py_sid;
165 struct ldb_context *ldb;
166 TALLOC_CTX *tmp_mem = talloc_new(mem_ctx);
168 return NT_STATUS_NO_MEMORY;
171 /* Open the secrets database */
172 ldb = secrets_db_connect(tmp_mem, event_ctx, lp_ctx);
175 = talloc_asprintf(mem_ctx,
176 "Could not open secrets database");
177 talloc_free(tmp_mem);
178 return NT_STATUS_CANT_ACCESS_DOMAIN_INFO;
181 ret = ldb_transaction_start(ldb);
183 if (ret != LDB_SUCCESS) {
185 = talloc_asprintf(mem_ctx,
186 "Could not start transaction on secrets database: %s", ldb_errstring(ldb));
187 talloc_free(tmp_mem);
188 return NT_STATUS_CANT_ACCESS_DOMAIN_INFO;
191 py_load_samba_modules();
193 py_update_path("bin"); /* FIXME: Can't assume this is always the case */
196 provision_mod = PyImport_Import(PyString_FromString("samba.provision"));
198 if (provision_mod == NULL) {
201 = talloc_asprintf(mem_ctx, "Unable to import provision Python module.");
202 talloc_free(tmp_mem);
203 return NT_STATUS_UNSUCCESSFUL;
206 provision_dict = PyModule_GetDict(provision_mod);
208 if (provision_dict == NULL) {
210 = talloc_asprintf(mem_ctx, "Unable to get dictionary for provision module");
211 talloc_free(tmp_mem);
212 return NT_STATUS_UNSUCCESSFUL;
215 provision_fn = PyDict_GetItemString(provision_dict, "secretsdb_self_join");
216 if (provision_fn == NULL) {
219 = talloc_asprintf(mem_ctx, "Unable to get provision_become_dc function");
220 talloc_free(tmp_mem);
221 return NT_STATUS_UNSUCCESSFUL;
224 parameters = PyDict_New();
226 PyDict_SetItemString(parameters, "secretsdb",
227 PyLdb_FromLdbContext(ldb));
228 PyDict_SetItemString(parameters, "domain",
229 PyString_FromString(settings->domain_name));
230 PyDict_SetItemString(parameters, "domain",
231 PyString_FromString(settings->domain_name));
232 PyDict_SetItemString(parameters, "realm",
233 PyString_FromString(settings->realm));
234 PyDict_SetItemString(parameters, "machinepass",
235 PyString_FromString(settings->machine_password));
236 PyDict_SetItemString(parameters, "netbiosname",
237 PyString_FromString(settings->netbios_name));
239 py_sid = py_dom_sid_FromSid(settings->domain_sid);
241 PyDict_SetItemString(parameters, "domainsid",
244 PyDict_SetItemString(parameters, "secure_channel_type",
245 PyInt_FromLong(settings->secure_channel_type));
247 PyDict_SetItemString(parameters, "key_version_number",
248 PyInt_FromLong(settings->key_version_number));
250 py_result = PyEval_CallObjectWithKeywords(provision_fn, NULL, parameters);
252 Py_DECREF(parameters);
254 if (py_result == NULL) {
255 ldb_transaction_cancel(ldb);
256 talloc_free(tmp_mem);
260 return NT_STATUS_UNSUCCESSFUL;
263 ret = ldb_transaction_commit(ldb);
264 if (ret != LDB_SUCCESS) {
266 = talloc_asprintf(mem_ctx,
267 "Could not commit transaction on secrets database: %s", ldb_errstring(ldb));
268 talloc_free(tmp_mem);
269 return NT_STATUS_INTERNAL_DB_ERROR;
272 talloc_free(tmp_mem);