samba-tool: gpo load add Registry ext by default

Signed-off-by: David Mulder <dmulder@suse.com>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Tested-by: Kees van Vloten <keesvanvloten@gmail.com>

diff --git a/python/samba/netcmd/gpo.py b/python/samba/netcmd/gpo.py
index 24a9b1f2b65813a040b83419ba10e9e269057bce..aa214d38188d34a7f54be8aeedbc6449e1582132 100644 (file)
--- a/python/samba/netcmd/gpo.py
+++ b/python/samba/netcmd/gpo.py
@@ -723,6 +723,8 @@ class cmd_load(GPOCommand):
     names for Windows Group Policy to work correctly. These GUIDs represent
     the client side extensions to apply on the machine. Linux Group Policy does
     not enforce this constraint.
+    {35378EAC-683F-11D2-A89A-00C04FBBCFA2} is provided by default, which
+    enables most Registry policies.
     """
 
     synopsis = "%prog <gpo> [options]"
@@ -739,14 +741,18 @@ class cmd_load(GPOCommand):
         Option("-H", help="LDB URL for database or target server", type=str),
         Option("--content", help="JSON file of policy inputs", type=str),
         Option("--machine-ext-name",
-            action="append", default=[], dest="machine_exts",
+            action="append", dest="machine_exts",
+            default=['{35378EAC-683F-11D2-A89A-00C04FBBCFA2}'],
             help="A machine extension name to add to gPCMachineExtensionNames"),
         Option("--user-ext-name",
-            action="append", default=[], dest="user_exts",
+            action="append", dest="user_exts",
+            default=['{35378EAC-683F-11D2-A89A-00C04FBBCFA2}'],
             help="A user extension name to add to gPCUserExtensionNames")
     ]
 
-    def run(self, gpo, H=None, content=None, machine_exts=[], user_exts=[],
+    def run(self, gpo, H=None, content=None,
+            machine_exts=['{35378EAC-683F-11D2-A89A-00C04FBBCFA2}'],
+            user_exts=['{35378EAC-683F-11D2-A89A-00C04FBBCFA2}'],
             sambaopts=None, credopts=None, versionopts=None):
         if content is None:
             policy_defs = json.loads(sys.stdin.read())

diff --git a/python/samba/tests/samba_tool/gpo.py b/python/samba/tests/samba_tool/gpo.py
index 2583f71a6f0a220fbc45ac7124e8d7ccfe4e130d..9849207fbe4b09ae83790f94328b4a3d9c9d1820 100644 (file)
--- a/python/samba/tests/samba_tool/gpo.py
+++ b/python/samba/tests/samba_tool/gpo.py
@@ -1583,6 +1583,20 @@ class GpoCmdTestCase(SambaToolCmdTest):
                                                  (os.environ["USERNAME"],
                                                  os.environ["PASSWORD"]))
             self.assertCmdSuccess(result, out, err, 'Loading policy failed')
+        # Write the default registry extension
+        with NamedTemporaryFile() as f:
+            f.write(b'[]') # Intentionally empty policy
+            f.flush()
+            # Load an empty policy, taking the default client extension
+            (result, out, err) = self.runsubcmd("gpo", "load",
+                                                 self.gpo_guid,
+                                                 "--content=%s" % f.name,
+                                                 "-H", "ldap://%s" %
+                                                 os.environ["SERVER"],
+                                                 "-U%s%%%s" %
+                                                 (os.environ["USERNAME"],
+                                                 os.environ["PASSWORD"]))
+            self.assertCmdSuccess(result, out, err, 'Loading policy failed')
 
         (result, out, err) = self.runsubcmd("gpo", "show", self.gpo_guid, "-H",
                                             "ldap://%s" % os.environ["SERVER"])
@@ -1591,6 +1605,8 @@ class GpoCmdTestCase(SambaToolCmdTest):
         self.assertIn('samba.org', out, 'Homepage policy not loaded')
         self.assertIn(ext_guids[0], out, 'Machine extension not loaded')
         self.assertIn(ext_guids[1], out, 'User extension not loaded')
+        self.assertIn('{35378eac-683f-11d2-a89a-00c04fbbcfa2}', out,
+                      'Default extension not loaded')
         toolbar_data = '"valuename": "IEToolbar",\n        "class": "USER",' + \
                        '\n        "type": "REG_BINARY",' + \
                        '\n        "data": [\n            0\n        ]'