return findnss(grp.getgrnam, names)[2]
+def get_root_uid(root, logger):
+ try:
+ root_uid = findnss_uid(root)
+ except KeyError as e:
+ logger.info(e)
+ logger.info("Assuming root user has UID zero")
+ root_uid = 0
+ return root_uid
+
+
def provision_paths_from_lp(lp, dnsdomain):
"""Set the default paths for provisioning.
if dnsdomain is None:
dnsdomain = lp.get("realm")
if dnsdomain is None or dnsdomain == "":
- raise ProvisioningError("guess_names: 'realm' not specified in supplied %s!", lp.configfile)
+ raise ProvisioningError(
+ "guess_names: 'realm' not specified in supplied %s!" %
+ lp.configfile)
dnsdomain = dnsdomain.lower()
"DOMAIN_CONTROLLER_FUNCTIONALITY": str(
domainControllerFunctionality)})
- # Setup fSMORoleOwner entries to point at the newly created DC entry
+ # Setup fSMORoleOwner entries to point at the newly created DC entry
+ setup_modify_ldif(samdb,
+ setup_path("provision_self_join_modify_schema.ldif"), {
+ "SCHEMADN": names.schemadn,
+ "SERVERDN": names.serverdn,
+ },
+ controls=["provision:0", "relax:0"])
setup_modify_ldif(samdb,
setup_path("provision_self_join_modify_config.ldif"), {
"CONFIGDN": names.configdn,
- "SCHEMADN": names.schemadn,
"DEFAULTSITE": names.sitename,
"NETBIOSNAME": names.netbiosname,
"SERVERDN": names.serverdn,
# The LDIF here was created when the Schema object was constructed
ignore_checks_oid = "local_oid:%s:0" % samba.dsdb.DSDB_CONTROL_SKIP_DUPLICATES_CHECK_OID
+ schema_controls = [
+ "provision:0",
+ "relax:0",
+ ignore_checks_oid
+ ]
+
logger.info("Setting up sam.ldb schema")
- samdb.add_ldif(schema.schema_dn_add,
- controls=["relax:0", ignore_checks_oid])
- samdb.modify_ldif(schema.schema_dn_modify,
- controls=[ignore_checks_oid])
+ samdb.add_ldif(schema.schema_dn_add, controls=schema_controls)
+ samdb.modify_ldif(schema.schema_dn_modify, controls=schema_controls)
samdb.write_prefixes_from_schema()
- samdb.add_ldif(schema.schema_data, controls=["relax:0", ignore_checks_oid])
+ samdb.add_ldif(schema.schema_data, controls=schema_controls)
setup_add_ldif(samdb, setup_path("aggregate_schema.ldif"),
{"SCHEMADN": names.schemadn},
- controls=["relax:0", ignore_checks_oid])
+ controls=schema_controls)
# Now register this container in the root of the forest
msg = ldb.Message(ldb.Dn(samdb, names.domaindn))
fsacl = getntacl(lp, os.path.join(root, name),
direct_db_access=direct_db_access, service=SYSVOL_SERVICE)
if fsacl is None:
- raise ProvisioningError('%s ACL on GPO file %s %s not found!' % (acl_type(direct_db_access), os.path.join(root, name)))
+ raise ProvisioningError('%s ACL on GPO file %s not found!' %
+ (acl_type(direct_db_access),
+ os.path.join(root, name)))
fsacl_sddl = fsacl.as_sddl(domainsid)
if fsacl_sddl != acl:
raise ProvisioningError('%s ACL on GPO file %s %s does not match expected value %s from GPO object' % (acl_type(direct_db_access), os.path.join(root, name), fsacl_sddl, acl))
fsacl = getntacl(lp, os.path.join(root, name),
direct_db_access=direct_db_access, service=SYSVOL_SERVICE)
if fsacl is None:
- raise ProvisioningError('%s ACL on GPO directory %s %s not found!' % (acl_type(direct_db_access), os.path.join(root, name)))
+ raise ProvisioningError('%s ACL on GPO directory %s not found!'
+ % (acl_type(direct_db_access),
+ os.path.join(root, name)))
fsacl_sddl = fsacl.as_sddl(domainsid)
if fsacl_sddl != acl:
raise ProvisioningError('%s ACL on GPO directory %s %s does not match expected value %s from GPO object' % (acl_type(direct_db_access), os.path.join(root, name), fsacl_sddl, acl))
direct_db_access)
-def interface_ips_v4(lp):
+def interface_ips_v4(lp, all_interfaces=False):
"""return only IPv4 IPs"""
- ips = samba.interface_ips(lp, False)
+ ips = samba.interface_ips(lp, all_interfaces)
ret = []
for i in ips:
if i.find(':') == -1:
if domainsid is None:
domainsid = security.random_sid()
- root_uid = findnss_uid([root or "root"])
+ root_uid = get_root_uid([root or "root"], logger)
nobody_uid = findnss_uid([nobody or "nobody"])
users_gid = findnss_gid([users or "users", 'users', 'other', 'staff'])
root_gid = pwd.getpwuid(root_uid).pw_gid