talloc_free(new_tree);
talloc_free(newattrs);
+ if (mpret == -1) {
+ struct map_private *map_private = module->private_data;
+ map_private->last_err_string = ldb_errstring(privdat->mapped_ldb);
+ return -1;
+ }
+
/*
- - per returned record, search local one for additional data (by dn)
+ - per returned record, search fallback database for additional data (by dn)
- test if (full expression) is now true
*/
-
*res = talloc_array(module, struct ldb_message *, mpret);
ret = 0;
if (extraret == -1) {
ldb_debug(module->ldb, LDB_DEBUG_ERROR, "Error searching for extra data!\n");
} else if (extraret > 1) {
- ldb_debug(module->ldb, LDB_DEBUG_ERROR, "More then one result for extra data!\n");
+ ldb_debug(module->ldb, LDB_DEBUG_ERROR, "More than one result for extra data!\n");
talloc_free(newres);
return -1;
} else if (extraret == 0) {
int ret_fb, ret_mp;
ret_fb = map_search_bytree_fb(module, base, scope, tree, attrs, &fbres);
- if (ret_fb == -1)
+ if (ret_fb == -1)
return -1;
ret_mp = map_search_bytree_mp(module, base, scope, tree, attrs, &mpres);
- if (ret_mp == -1)
+ if (ret_mp == -1) {
return -1;
+ }
/* Merge results */
*res = talloc_array(module, struct ldb_message *, ret_fb + ret_mp);
-dn: uid=nobody,ou=Users,dc=test,dc=vernstok,dc=nl
+dn: ou=Users,ou=Tests,dc=vernstok,dc=nl
+objectClass: organizationalUnit
+ou: Users
+
+dn: ou=Groups,ou=Tests,dc=vernstok,dc=nl
+objectClass: organizationalUnit
+ou: Groups
+
+dn: uid=nobody,ou=Users,ou=Tests,dc=vernstok,dc=nl
cn: nobody
sn: nobody
objectClass: inetOrgPerson
sambaSID: S-1-5-21-4231626423-2410014848-2360679739-2998
loginShell: /bin/false
-dn: cn=Domain Admins,ou=Groups,dc=test,dc=vernstok,dc=nl
+dn: cn=Domain Admins,ou=Groups,ou=Tests,dc=vernstok,dc=nl
objectClass: posixGroup
objectClass: sambaGroupMapping
gidNumber: 512
sambaGroupType: 2
displayName: Domain Admins
-dn: cn=Domain Users,ou=Groups,dc=test,dc=vernstok,dc=nl
+dn: cn=Domain Users,ou=Groups,ou=Tests,dc=vernstok,dc=nl
objectClass: posixGroup
objectClass: sambaGroupMapping
gidNumber: 513
sambaGroupType: 2
displayName: Domain Users
-dn: cn=Domain Guests,ou=Groups,dc=test,dc=vernstok,dc=nl
+dn: cn=Domain Guests,ou=Groups,ou=Tests,dc=vernstok,dc=nl
objectClass: posixGroup
objectClass: sambaGroupMapping
gidNumber: 514
sambaGroupType: 2
displayName: Domain Guests
-dn: cn=Print Operators,ou=Groups,dc=test,dc=vernstok,dc=nl
+dn: cn=Print Operators,ou=Groups,ou=Tests,dc=vernstok,dc=nl
objectClass: posixGroup
objectClass: sambaGroupMapping
gidNumber: 550
sambaGroupType: 2
displayName: Print Operators
-dn: cn=Backup Operators,ou=Groups,dc=test,dc=vernstok,dc=nl
+dn: cn=Backup Operators,ou=Groups,ou=Tests,dc=vernstok,dc=nl
objectClass: posixGroup
objectClass: sambaGroupMapping
gidNumber: 551
sambaGroupType: 2
displayName: Backup Operators
-dn: cn=Replicator,ou=Groups,dc=test,dc=vernstok,dc=nl
+dn: cn=Replicator,ou=Groups,ou=Tests,dc=vernstok,dc=nl
objectClass: posixGroup
objectClass: sambaGroupMapping
gidNumber: 552
sambaGroupType: 2
displayName: Replicator
-dn: cn=Domain Computers,ou=Groups,dc=test,dc=vernstok,dc=nl
+dn: cn=Domain Computers,ou=Groups,ou=Tests,dc=vernstok,dc=nl
objectClass: posixGroup
objectClass: sambaGroupMapping
gidNumber: 553
sambaGroupType: 2
displayName: Domain Computers
-dn: cn=Administrators,ou=Groups,dc=test,dc=vernstok,dc=nl
+dn: cn=Administrators,ou=Groups,ou=Tests,dc=vernstok,dc=nl
objectClass: posixGroup
objectClass: sambaGroupMapping
gidNumber: 544
sambaGroupType: 2
displayName: Administrators
-dn: cn=Users,ou=Groups,dc=test,dc=vernstok,dc=nl
+dn: cn=Users,ou=Groups,ou=Tests,dc=vernstok,dc=nl
objectClass: posixGroup
objectClass: sambaGroupMapping
gidNumber: 545
sambaGroupType: 2
displayName: users
-dn: cn=Guests,ou=Groups,dc=test,dc=vernstok,dc=nl
+dn: cn=Guests,ou=Groups,ou=Tests,dc=vernstok,dc=nl
objectClass: posixGroup
objectClass: sambaGroupMapping
gidNumber: 546
sambaGroupType: 2
displayName: Guests
-dn: cn=Power Users,ou=Groups,dc=test,dc=vernstok,dc=nl
+dn: cn=Power Users,ou=Groups,ou=Tests,dc=vernstok,dc=nl
objectClass: posixGroup
objectClass: sambaGroupMapping
gidNumber: 547
sambaGroupType: 2
displayName: Power Users
-dn: cn=Account Operators,ou=Groups,dc=test,dc=vernstok,dc=nl
+dn: cn=Account Operators,ou=Groups,ou=Tests,dc=vernstok,dc=nl
objectClass: posixGroup
objectClass: sambaGroupMapping
gidNumber: 548
sambaGroupType: 2
displayName: Account Operators
-dn: cn=Server Operators,ou=Groups,dc=test,dc=vernstok,dc=nl
+dn: cn=Server Operators,ou=Groups,ou=Tests,dc=vernstok,dc=nl
objectClass: posixGroup
objectClass: sambaGroupMapping
gidNumber: 549
sambaGroupType: 2
displayName: Server Operators
-dn: ou=Computers,dc=test,dc=vernstok,dc=nl
+dn: ou=Computers,ou=Tests,dc=vernstok,dc=nl
objectClass: organizationalUnit
ou: Computers
-dn: uid=Administrator,ou=Users,dc=test,dc=vernstok,dc=nl
+
+dn: uid=Administrator,ou=Users,ou=Tests,dc=vernstok,dc=nl
cn: Administrator
sn: Administrator
objectClass: inetOrgPerson
#!/bin/sh
-rm -f samba3.ldb samba4.ldb
+S3URL=$1
-echo "Adding samba3 LDIF..."
-$VALGRIND ldbadd -H tdb://samba3.ldb < samba3.ldif || exit 1
+if [ -z "$S3URL" ];
+then
+ rm -f samba3.ldb
+ S3URL="tdb://samba3.ldb"
+ echo "Adding samba3 LDIF..."
+ $VALGRIND ldbadd -H tdb://samba3.ldb < samba3.ldif || exit 1
+fi
-echo "Adding samba4 LDIF..."
+rm -f samba4.ldb
+
+echo "Initial samba4 LDIF..."
$VALGRIND ldbadd -H tdb://samba4.ldb <<EOF
dn: @MODULES
@LIST: samba3sam
dn: @MAP=samba3sam
-@MAP_URL: tdb://samba3.ldb
+@MAP_URL: $S3URL
EOF
-Three possible viable approaches:
- 1) TDB conversion approach. Read in TDB dump out LDIF (one-way)
- - samr.ldb: from tdbsam/smbpasswd, account_policy.tdb, secrets.tdb, group_mapping.tdb
- - registry.ldb: from registry.tdb
- - wins.ldif: from wins.tdb/wins.dat
- - smb.conf/ea's: generated from the old smb.conf + share_info.tdb
- - winbind.ldif: from winbindd_idmap.tdb (custom file format, not used
- by samba4 yet as it doesn't
- have Winbind yet)
-
- (one-way upgrades can be done by using ldbsearch -a on these dynamically
- generated ldb's)
- Since TDB's are local, there isn't much point in writing back backwards
- compatible data.
-
- 2) samr "mapping" backend (alternative for samr.ldb) (two-way)
- This would allow users to keep mixed domains containing Samba3 and Samba4.
-
- 3) The vampire way of doing things (one-way)
- - samba3 pidl backend
- - Samba4 vampire + server side samsync support in Samba3
- - unixinfo (\unixinfo)
- - in Samba4 (client side)
- - in Samba3 (server side)
- - winsrepl (thru seperate pipe?)
- - enum/add shares (\srvsvc)
- - enum/add registry (\winreg)
- - enum/add printers (\winreg, perhaps also \spoolss(?))
- - convert smb.conf (using Jerry's registry hack)
-
-(going with a combination of 1 and 2)
-
-ldb mapping backend:
-
-
-Upgrade process:
- - take libdir & smb.conf
- - read various tdb files / old smb.conf
- - write new smb.conf (ejs)
- - list of parameters to keep.. generate some of the others
- - add generated LDIF (ejs). Call out to current provisioning
-
-TODO:
+TODO (SoC project):
- move ini parsing stuff to seperate file param/ini.c
+ - test ldb_map backend (testsuite?)
+ - parse "passdb backend" setting and parse tdbsam/passdb based on it
return False;
}
- if (lm_pw_len != 16) {
- return False;
- }
-
- if (nt_pw_len != 16) {
- return False;
- }
-
return True;
}
return False;
}
- if (lm_pw_len != 16) {
- return False;
- }
-
- if (nt_pw_len != 16) {
- return False;
- }
-
return True;
}
return False;
}
- if (lm_pw_len != 16) {
- return False;
- }
-
- if (nt_pw_len != 16) {
- return False;
- }
-
return True;
}
}
blob = mprToDataBlob(argv[0]);
+ mprAssert(blob);
ret = ldb_base64_encode(mprMemCtx(), (char *)blob->data, blob->length);
if (!ret) {
if (ret == -1) {
mpr_Return(eid, mprCreateUndefinedVar());
} else {
- mpr_Return(eid, mprData((uint8_t *)tmp, ret));
+ DATA_BLOB blob;
+ blob.data = (uint8_t *)tmp;
+ blob.length = ret;
+ mpr_Return(eid, mprDataBlob(blob));
}
talloc_free(tmp);
{
struct MprVar v, e = mprObject("domainsecrets");
char *tmp;
+ DATA_BLOB blob;
mprSetVar(&e, "name", mprString(ds->name));
v = mprObject("hash_pw");
- mprSetVar(&v, "hash", mprData(ds->hash_pw.hash, 16));
+ blob.data = ds->hash_pw.hash;
+ blob.length = 16;
+ mprSetVar(&v, "hash", mprDataBlob(blob));
mprSetVar(&v, "mod_time", mprCreateIntegerVar(ds->hash_pw.mod_time));
for (j = 0; j < 8; j++) {
struct MprVar k = mprObject("entry");
+ DATA_BLOB blob;
mprSetVar(&k, "kvno", mprCreateIntegerVar(sec->afs_keyfiles[i].entry[j].kvno));
- mprSetVar(&k, "key", mprData((uint8_t*)sec->afs_keyfiles[i].entry[j].key, 8));
+ blob.data = (uint8_t*)sec->afs_keyfiles[i].entry[j].key;
+ blob.length = 8;
+ mprSetVar(&k, "key", mprDataBlob(blob));
mprAddArray(&ks, j, k);
}
for (i = 0; i < samba3->samaccount_count; i++) {
struct samba3_samaccount *a = &samba3->samaccounts[i];
+ DATA_BLOB blob;
m = mprObject("samba3_samaccount");
mprSetVar(&m, "profile_path", mprString(a->profile_path));
mprSetVar(&m, "acct_desc", mprString(a->acct_desc));
mprSetVar(&m, "workstations", mprString(a->workstations));
- mprSetVar(&m, "lm_pw", mprData(a->lm_pw.hash, 16));
- mprSetVar(&m, "nt_pw", mprData(a->nt_pw.hash, 16));
+ blob.length = 16;
+ blob.data = a->lm_pw.hash;
+ mprSetVar(&m, "lm_pw", mprDataBlob(blob));
+ blob.data = a->nt_pw.hash;
+ mprSetVar(&m, "nt_pw", mprDataBlob(blob));
mprAddArray(&mpv, i, m);
}
erase = arguments[4];
}
- var dbfile = dbname;
var src = lp.get("setup directory") + "/" + ldif;
var data = sys.file_load(src);
data = data + extra;
data = substitute_var(data, subobj);
- var ok = ldb.connect(dbfile);
+ var ok = ldb.connect(dbname);
assert(ok);
if (erase) {
primaryGroupID: %d
badPwdcount: %d
logonCount: %d
-ntPwdHash:: %s
-lmPwdHash:: %s
samba3Domain: %s
samba3DirDrive: %s
samba3MungedDial: %s
samba3PassCanChangeTime: %d
samba3PassMustChangeTime: %d
samba3Rid: %d
+ntPwdHash:: %s
+lmPwdHash:: %s
", acc.fullname, domaindn, acc.logon_time, acc.logoff_time, acc.username, acc.nt_username,
acc.fullname, acc.acct_desc, acc.group_rid, acc.bad_password_count, acc.logon_count,
message("Importing users\n");
for (var i in samba3.samaccounts) {
- message("... " + samba3.samaccounts[i].username + "\n");
+ message("... " + samba3.samaccounts[i].username);
var ldif = upgrade_sam_account(samba3.samaccounts[i],subobj.BASEDN);
ok = samdb.add(ldif);
- assert(ok);
+ if (!ok) { message("... error!"); }
+ message("\n");
}
message("Importing groups\n");
for (var i in samba3.groupmappings) {
- message("... " + samba3.groupmappings[i].nt_name + "\n");
+ message("... " + samba3.groupmappings[i].nt_name);
var ldif = upgrade_sam_group(samba3.groupmappings[i],subobj.BASEDN);
ok = samdb.add(ldif);
- assert(ok);
+ if (!ok) { message("... error!"); }
+ message("\n");
}
message("Importing registry data\n");