names for Windows Group Policy to work correctly. These GUIDs represent
the client side extensions to apply on the machine. Linux Group Policy does
not enforce this constraint.
+ {35378EAC-683F-11D2-A89A-00C04FBBCFA2} is provided by default, which
+ enables most Registry policies.
"""
synopsis = "%prog <gpo> [options]"
Option("-H", help="LDB URL for database or target server", type=str),
Option("--content", help="JSON file of policy inputs", type=str),
Option("--machine-ext-name",
- action="append", default=[], dest="machine_exts",
+ action="append", dest="machine_exts",
+ default=['{35378EAC-683F-11D2-A89A-00C04FBBCFA2}'],
help="A machine extension name to add to gPCMachineExtensionNames"),
Option("--user-ext-name",
- action="append", default=[], dest="user_exts",
+ action="append", dest="user_exts",
+ default=['{35378EAC-683F-11D2-A89A-00C04FBBCFA2}'],
help="A user extension name to add to gPCUserExtensionNames")
]
- def run(self, gpo, H=None, content=None, machine_exts=[], user_exts=[],
+ def run(self, gpo, H=None, content=None,
+ machine_exts=['{35378EAC-683F-11D2-A89A-00C04FBBCFA2}'],
+ user_exts=['{35378EAC-683F-11D2-A89A-00C04FBBCFA2}'],
sambaopts=None, credopts=None, versionopts=None):
if content is None:
policy_defs = json.loads(sys.stdin.read())
(os.environ["USERNAME"],
os.environ["PASSWORD"]))
self.assertCmdSuccess(result, out, err, 'Loading policy failed')
+ # Write the default registry extension
+ with NamedTemporaryFile() as f:
+ f.write(b'[]') # Intentionally empty policy
+ f.flush()
+ # Load an empty policy, taking the default client extension
+ (result, out, err) = self.runsubcmd("gpo", "load",
+ self.gpo_guid,
+ "--content=%s" % f.name,
+ "-H", "ldap://%s" %
+ os.environ["SERVER"],
+ "-U%s%%%s" %
+ (os.environ["USERNAME"],
+ os.environ["PASSWORD"]))
+ self.assertCmdSuccess(result, out, err, 'Loading policy failed')
(result, out, err) = self.runsubcmd("gpo", "show", self.gpo_guid, "-H",
"ldap://%s" % os.environ["SERVER"])
self.assertIn('samba.org', out, 'Homepage policy not loaded')
self.assertIn(ext_guids[0], out, 'Machine extension not loaded')
self.assertIn(ext_guids[1], out, 'User extension not loaded')
+ self.assertIn('{35378eac-683f-11d2-a89a-00c04fbbcfa2}', out,
+ 'Default extension not loaded')
toolbar_data = '"valuename": "IEToolbar",\n "class": "USER",' + \
'\n "type": "REG_BINARY",' + \
'\n "data": [\n 0\n ]'