r25483: More work converting provision to python.

diff --git a/source/param/generic.c b/source/param/generic.c
index 6e9a8e60e4fc7580bc331607a5746a68a232a297..2d15452dedb6a93fe51e37b9578f1b083644633f 100644 (file)
--- a/source/param/generic.c
+++ b/source/param/generic.c
@@ -72,7 +72,7 @@ static struct param_opt *param_get_add(struct param_context *ctx, const char *se
                        return NULL;
 
                section->name = talloc_strdup(section, section_name);
-               DLIST_ADD(ctx->sections, section);
+               DLIST_ADD_END(ctx->sections, section, struct param_section *);
        }
 
        p = param_section_get(section, name);
@@ -82,7 +82,7 @@ static struct param_opt *param_get_add(struct param_context *ctx, const char *se
                        return NULL;
 
                p->key = talloc_strdup(p, name);
-               DLIST_ADD(section->parameters, p);
+               DLIST_ADD_END(section->parameters, p, struct param_opt *);
        }
        
        return p;
@@ -185,7 +185,7 @@ static bool param_sfunc (const char *name, void *_ctx)
 
                section->name = talloc_strdup(section, name);
 
-               DLIST_ADD(ctx->sections, section);
+               DLIST_ADD_END(ctx->sections, section, struct param_section *);
        }
 
        /* Make sure this section is on top of the list for param_pfunc */
@@ -235,6 +235,32 @@ int param_read(struct param_context *ctx, const char *fn)
        return 0;
 }
 
+int param_use(struct loadparm_context *lp_ctx, struct param_context *ctx)
+{
+       struct param_section *section;
+
+       for (section = ctx->sections; section; section = section->next) {
+               struct param_opt *param;
+               bool isglobal = strcmp(section->name, "global") == 0;
+               for (param = section->parameters; param; param = param->next) {
+                       if (isglobal)
+                               lp_do_global_parameter(lp_ctx, param->key,
+                                                      param->value);
+                       else {
+                               struct loadparm_service *service = 
+                                                       lp_service(lp_ctx, section->name);
+                               if (service == NULL)
+                                       service = lp_add_service(lp_ctx, &sDefault, section->name);
+                               lp_do_service_parameter(lp_ctx, 
+                                                       service,
+                                                       param->key,
+                                                       param->value);
+                       }
+               }
+       }
+       return 0;
+}
+
 int param_write(struct param_context *ctx, const char *fn)
 {
        int file;

diff --git a/source/param/loadparm.c b/source/param/loadparm.c
index c54932aa47306d5c73b17a37576d683f3daab95c..8e2b8b555c2dac51602260541b0afa0c9631af2f 100644 (file)
--- a/source/param/loadparm.c
+++ b/source/param/loadparm.c
@@ -222,7 +222,7 @@ struct loadparm_service
 
 
 /* This is a default service used to prime a services structure */
-static struct loadparm_service sDefault = {
+struct loadparm_service sDefault = {
        .szService = NULL,
        .szPath = NULL,
        .szCopy = NULL,
@@ -1031,7 +1031,7 @@ static bool string_set(TALLOC_CTX *mem_ctx, char **dest, const char *src)
  service. 
 ***************************************************************************/
 
-static struct loadparm_service *add_a_service(struct loadparm_context *lp_ctx, 
+struct loadparm_service *lp_add_service(struct loadparm_context *lp_ctx, 
                                     const struct loadparm_service *pservice, 
                                     const char *name)
 {
@@ -1073,7 +1073,7 @@ static struct loadparm_service *add_a_service(struct loadparm_context *lp_ctx,
                                num_to_alloc);
                                           
                if (!tsp) {
-                       DEBUG(0,("add_a_service: failed to enlarge ServicePtrs!\n"));
+                       DEBUG(0,("lp_add_service: failed to enlarge ServicePtrs!\n"));
                        return NULL;
                }
                else {
@@ -1086,7 +1086,7 @@ static struct loadparm_service *add_a_service(struct loadparm_context *lp_ctx,
 
        lp_ctx->ServicePtrs[i] = init_service(talloc_autofree_context());
        if (lp_ctx->ServicePtrs[i] == NULL) {
-               DEBUG(0,("add_a_service: out of memory!\n"));
+               DEBUG(0,("lp_add_service: out of memory!\n"));
                return NULL;
        }
        copy_service(lp_ctx->ServicePtrs[i], &tservice, NULL);
@@ -1107,7 +1107,7 @@ bool lp_add_home(struct loadparm_context *lp_ctx,
 {
        struct loadparm_service *service;
 
-       service = add_a_service(lp_ctx, default_service, pszHomename);
+       service = lp_add_service(lp_ctx, default_service, pszHomename);
 
        if (service == NULL)
                return false;
@@ -1131,17 +1131,6 @@ bool lp_add_home(struct loadparm_context *lp_ctx,
        return true;
 }
 
-/***************************************************************************
- Add a new service, based on an old one.
-***************************************************************************/
-
-struct loadparm_service *lp_add_service(struct loadparm_context *lp_ctx, 
-                              const char *pszService, 
-                              struct loadparm_service *default_service)
-{
-       return add_a_service(lp_ctx, default_service, pszService);
-}
-
 /***************************************************************************
  Add the IPC service.
 ***************************************************************************/
@@ -1149,7 +1138,7 @@ struct loadparm_service *lp_add_service(struct loadparm_context *lp_ctx,
 static bool lp_add_hidden(struct loadparm_context *lp_ctx, const char *name, 
                          const char *fstype)
 {
-       struct loadparm_service *service = add_a_service(lp_ctx, &sDefault, name);
+       struct loadparm_service *service = lp_add_service(lp_ctx, &sDefault, name);
 
        if (service == NULL)
                return false;
@@ -1185,7 +1174,7 @@ bool lp_add_printer(struct loadparm_context *lp_ctx,
 {
        const char *comment = "From Printcap";
        struct loadparm_service *service;
-       service = add_a_service(lp_ctx, default_service, pszPrintername);
+       service = lp_add_service(lp_ctx, default_service, pszPrintername);
 
        if (service == NULL)
                return false;
@@ -2024,7 +2013,7 @@ static bool do_section(const char *pszSectionName, void *userdata)
                /* issued by the post-processing of a previous section. */
                DEBUG(2, ("Processing section \"[%s]\"\n", pszSectionName));
 
-               if ((lp_ctx->currentService = add_a_service(lp_ctx, &sDefault, 
+               if ((lp_ctx->currentService = lp_add_service(lp_ctx, &sDefault, 
                                                             pszSectionName))
                    == NULL) {
                        DEBUG(0, ("Failed to add a new service\n"));

diff --git a/source/param/param.h b/source/param/param.h
index 1dd5950e31210dc707058ab106b766eeb0d267ff..210b21d9a003c41ead72df7760e5552afc144cdc 100644 (file)
--- a/source/param/param.h
+++ b/source/param/param.h
@@ -63,5 +63,6 @@ struct loadparm_service;
 #include "param/proto.h"
 
 extern struct loadparm_context *global_loadparm;
+extern struct loadparm_service sDefault;
 
 #endif /* _PARAM_H */

diff --git a/source/scripting/python/config.mk b/source/scripting/python/config.mk
index 6a29bb05a005fd9b8c13474c30e189e0217019c8..42117d2ecef87b6fc5fa54b101df3012c39e5123 100644 (file)
--- a/source/scripting/python/config.mk
+++ b/source/scripting/python/config.mk
@@ -5,10 +5,16 @@ PUBLIC_PROTO_HEADER = talloc.h
 
 [PYTHON::python_param]
 PRIVATE_DEPENDENCIES = LIBSAMBA-CONFIG talloc_python
-OBJ_FILES = \
-                       parammodule.o
+OBJ_FILES = parammodule.o
 
 [PYTHON::python_uuid]
 PRIVATE_DEPENDENCIES = LIBNDR talloc_python
-OBJ_FILES = \
-                       uuidmodule.o
+OBJ_FILES = uuidmodule.o
+
+[PYTHON::python_sid]
+PRIVATE_DEPENDENCIES = LIBNDR talloc_python
+OBJ_FILES = sidmodule.o
+
+[PYTHON::python_misc]
+PRIVATE_DEPENDENCIES = LIBNDR talloc_python
+OBJ_FILES = miscmodule.o

diff --git a/source/scripting/python/miscmodule.c b/source/scripting/python/miscmodule.c
new file mode 100644 (file)
index 0000000..84e9348
--- /dev/null
+++ b/source/scripting/python/miscmodule.c
@@ -0,0 +1,54 @@
+/* 
+   Unix SMB/CIFS implementation.
+   Samba utility functions
+   Copyright (C) Jelmer Vernooij <jelmer@samba.org> 2007
+   
+   This program is free software; you can redistribute it and/or modify
+   it under the terms of the GNU General Public License as published by
+   the Free Software Foundation; either version 3 of the License, or
+   (at your option) any later version.
+   
+   This program is distributed in the hope that it will be useful,
+   but WITHOUT ANY WARRANTY; without even the implied warranty of
+   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+   GNU General Public License for more details.
+   
+   You should have received a copy of the GNU General Public License
+   along with this program.  If not, see <http://www.gnu.org/licenses/>.
+*/
+
+#include "includes.h"
+#include "scripting/python/talloc.h"
+#include "Python.h"
+
+static PyObject *py_random_password(PyObject *self, PyObject *args)
+{
+       int length;
+       char *str;
+
+       if (!PyArg_ParseTuple(args, "d", &length))
+               return NULL;
+
+       str = generate_random_str(PyMemCtx(), length);
+
+       if (str == NULL) {
+               PyErr_SetString(PyExc_TypeError, "can't generate random password");
+               return NULL;
+       }
+
+       return PyString_FromString(str);
+}
+
+static PyMethodDef methods[] = {
+       { "random_password", (PyCFunction)py_random_password, METH_VARARGS, NULL},
+       { NULL, NULL }
+};
+
+PyDoc_STRVAR(param_doc, "Misc helper routines");
+
+PyMODINIT_FUNC initmisc(void)
+{
+       PyObject *mod = Py_InitModule3("misc", methods, param_doc);
+       if (mod == NULL)
+               return;
+}

diff --git a/source/scripting/python/parammodule.c b/source/scripting/python/parammodule.c
index d2756257426a6e05e16388ac7bd68f7cb433982b..e6cb173c870954e67c6508a52500707237119284 100644 (file)
--- a/source/scripting/python/parammodule.c
+++ b/source/scripting/python/parammodule.c
@@ -69,11 +69,11 @@ param_dealloc(PyObject* self)
 
 static PyObject *py_param_get(PyObject *_self, PyObject *args)
 {
-       struct param *param;
+       struct param_opt *param;
        const char *section_name = NULL, *param_name = NULL;
        param_ParamFileObject *self = (param_ParamFileObject *)_self;
 
-       if (!PyArg_ParseTuple(args, "s|s", &param_name, &section_name))
+       if (!PyArg_ParseTuple(args, (char *)"s|s", &param_name, &section_name))
                return NULL;
 
        param = param_get(self->param_ctx, section_name, param_name);
@@ -86,7 +86,6 @@ static PyObject *py_param_get(PyObject *_self, PyObject *args)
 static PyObject *py_param_set(PyObject *_self, PyObject *args)
 {
        param_ParamFileObject *self = (param_ParamFileObject *)_self;
-       struct param *param;
        const char *section_name = NULL, *param_name = NULL, *param_value = NULL;
 
        if (!PyArg_ParseTuple(args, "ss|s", &param_name, &param_value, &section_name))
@@ -116,6 +115,21 @@ static PyObject *py_param_save(PyObject *_self, PyObject *args)
        return Py_None;
 }
 
+static PyObject *py_param_use(PyObject *_self, PyObject *args)
+{
+       param_ParamFileObject *self = (param_ParamFileObject *)_self;
+
+       if (!PyArg_ParseTuple(args, ""))
+               return NULL;
+
+       if (param_use(global_loadparm, self->param_ctx) != 0) {
+               PyErr_SetString(PyExc_TypeError, "unable to use");
+               return NULL;
+       }
+
+       return Py_None;
+}
+
 static PyMethodDef param_methods[] = {
        {"get", (PyCFunction)py_param_get, METH_VARARGS,
                "Get a parameter."},
@@ -123,6 +137,8 @@ static PyMethodDef param_methods[] = {
                "Set a parameter."},
        {"save", (PyCFunction)py_param_save, METH_VARARGS,
                "Save file" },
+       {"use", (PyCFunction)py_param_use, METH_VARARGS,
+               "Use param file" },
        {NULL, NULL, 0, NULL}
 };
 
@@ -155,5 +171,5 @@ PyMODINIT_FUNC initparam(void)
                return;
 
        PyModule_AddObject(mod, "configfile", 
-                          PyString_FromString(lp_configfile()));
+                          PyString_FromString(lp_configfile(global_loadparm)));
 }

diff --git a/source/scripting/python/provision.py b/source/scripting/python/provision.py
index 2def56df0ec36d4e47f9c605faf407a0b9c283e2..7c0e7954991376d05ebf2e374cfadaf203aae78a 100644 (file)
--- a/source/scripting/python/provision.py
+++ b/source/scripting/python/provision.py
@@ -8,10 +8,62 @@
 import os
 import pwd
 import grp
-import uuid
-from socket import gethostname
+import uuid, sid, misc
+from socket import gethostname, gethostbyname
 import param
 
+class InvalidNetbiosName(Exception):
+    def __init__(self, name):
+        super(InvalidNetbiosName, self).__init__("The name '%r' is not a valid NetBIOS name" % name)
+
+class ProvisionSettings(object):
+    def __init__(self):
+        self.realm = None
+        self.domain = None
+        self.hostname = None
+        self.hostip = None
+        self.domainsid = None
+        self.invocationid = None
+        self.krbtgtpass = None
+        self.machinepass = None
+        self.adminpass = None
+        self.defaultsite = None
+        self.newguid = None
+        self.nttime = None
+        self.ldaptime = None
+        self.datestring = None
+        self.root = None
+        self.nobody = None
+        self.nogroup = None
+        self.wheel = None
+        self.backup = None
+        self.users = None
+        self.dnsdomain = None
+        self.dnsname = None
+        self.domaindn = None
+        self.domaindn_ldb = None
+        self.rootdn = None
+        self.configdn = None
+        self.configdn_ldb = None
+        self.schemedn = None
+        self.schemedn_ldb = None
+
+    def fix(self, paths):
+        self.realm       = self.realm.upper()
+        self.hostname    = self.hostname.lower()
+        self.domain      = self.domain.upper()
+        if not valid_netbios_name(self.domain):
+            raise InvalidNetbiosName(self.domain)
+        self.netbiosname = self.hostname.upper()
+        if not valid_netbios_name(self.netbiosname):
+            raise InvalidNetbiosName(self.netbiosname)
+        rdns = self.domaindn.split(",")
+        self.rdn_dc = rdns[0][len("DC="):]
+
+        self.sam_ldb        = paths.samdb
+        self.secrets_ldb    = paths.secrets
+        self.secrets_keytab    = paths.keytab
+
 #
 #  return True if the current install seems to be OK
 #
@@ -53,9 +105,8 @@ description: %s
 #  setup a mapping between a sam name and a unix name
 #
 def setup_name_mapping(info, ldb, sid, unixname):
-    attrs = ["dn"]
     res = ldb.search("objectSid=%s" % sid, 
-                 info.subobj.DOMAINDN, ldb.SCOPE_SUBTREE, attrs)
+                 info.subobj.domaindn, ldb.SCOPE_SUBTREE, ["dn"])
     if len(res) != 1:
         info.message("Failed to find record for objectSid %s\n" % sid)
         return False
@@ -87,8 +138,7 @@ def datestring():
 #  return first host IP
 #
 def hostip():
-    list = sys.interfaces()
-    return list[0]
+    return gethostbyname(hostname())
 
 #
 #  return first part of hostname
@@ -122,17 +172,16 @@ def ldb_erase(ldb):
     ldb.delete("@KLUDGEACL")
 
     # and the rest
-    attrs = ["dn"]
     basedn = ""
     try:
         for msg in ldb.search("(&(|(objectclass=*)(dn=*))(!(dn=@BASEINFO)))", \
-                basedn, ldb.SCOPE_SUBTREE, attrs):
+                basedn, ldb.SCOPE_SUBTREE, ["dn"]):
             ldb.delete(msg.dn)
     except LdbError:
         ldb_delete(ldb)
 
     try:
-        res = ldb.search("(&(|(objectclass=*)(dn=*))(!(dn=@BASEINFO)))", basedn, ldb.SCOPE_SUBTREE, attrs)
+        res = ldb.search("(&(|(objectclass=*)(dn=*))(!(dn=@BASEINFO)))", basedn, ldb.SCOPE_SUBTREE, ["dn"])
     except LdbError:
         ldb_delete(ldb)
         return
@@ -143,17 +192,13 @@ def ldb_erase(ldb):
 #
 #  erase an ldb, removing all records
 #
-def ldb_erase_partitions(info, ldb, ldapbackend):
-    rootDSE_attrs = ["namingContexts"]
-    lp = loadparm_init()
-
-    res = ldb.search("(objectClass=*)", "", ldb.SCOPE_BASE, rootDSE_attrs)
+def ldb_erase_partitions(lp, info, ldb, ldapbackend):
+    res = ldb.search("(objectClass=*)", "", ldb.SCOPE_BASE, ["namingContexts"])
     assert len(res) == 1
     if res[0].namingContexts is None:
         return
     for basedn in res[0].namingContexts:
         anything = "(|(objectclass=*)(dn=*))"
-        attrs = ["dn"]
         previous_remaining = 1
         current_remaining = 0
 
@@ -165,7 +210,7 @@ def ldb_erase_partitions(info, ldb, ldapbackend):
         while ++k < 10 and (previous_remaining != current_remaining):
             # and the rest
             try:
-                res2 = ldb.search(anything, basedn, ldb.SCOPE_SUBTREE, attrs)
+                res2 = ldb.search(anything, basedn, ldb.SCOPE_SUBTREE, ["dn"])
             except LdbError, e:
                 info.message("ldb search failed: " + e + "\n")
                 continue
@@ -175,7 +220,7 @@ def ldb_erase_partitions(info, ldb, ldapbackend):
                 ldb.delete(msg.dn)
             
             try:
-                res3 = ldb.search(anything, basedn, ldb.SCOPE_SUBTREE, attrs)
+                res3 = ldb.search(anything, basedn, ldb.SCOPE_SUBTREE, ["dn"])
             except LdbError, e:
                 info.message("ldb search failed: " + e + "\n")
                 continue
@@ -201,8 +246,7 @@ def open_ldb(info, dbname, erase):
 #
 #  setup a ldb in the private dir
 #
-def setup_add_ldif(ldif, info, ldb, failok):
-    lp = loadparm_init()
+def setup_add_ldif(lp, ldif, info, ldb, failok):
     src = lp.get("setup directory") + "/" + ldif
 
     data = open(src, 'r').read()
@@ -236,7 +280,7 @@ def setup_modify_ldif(ldif, info, ldb, failok):
 
 def setup_ldb(ldif, info, dbname, erase=True, failok=False):
     ldb = open_ldb(info, dbname, erase)
-    if setup_add_ldif(ldif, info, ldb, failok):
+    if setup_add_ldif(lp, ldif, info, ldb, failok):
         ldb.transaction_commit()
 
 #
@@ -298,10 +342,10 @@ def provision_default_paths(subobj):
 #
 def setup_name_mappings(info, ldb):
     lp = loadparm_init()
-    attrs = ["objectSid"]
     subobj = info.subobj
 
-    res = ldb.search("objectSid=*", subobj.DOMAINDN, ldb.SCOPE_BASE, attrs)
+    res = ldb.search("objectSid=*", subobj.domaindn, ldb.SCOPE_BASE, 
+                     ["objectSid"])
     assert(len(res) == 1 and res[0].objectSid is not None)
     sid = res[0].objectSid
 
@@ -333,62 +377,46 @@ def setup_name_mappings(info, ldb):
 
     return True
 
-def provision_fix_subobj(subobj, message, paths):
-    subobj.REALM       = strupper(subobj.REALM)
-    subobj.HOSTNAME    = strlower(subobj.HOSTNAME)
-    subobj.DOMAIN      = strupper(subobj.DOMAIN)
-    assert valid_netbios_name(subobj.DOMAIN)
-    subobj.NETBIOSNAME = strupper(subobj.HOSTNAME)
-    assert valid_netbios_name(subobj.NETBIOSNAME)
-    rdns = subobj.DOMAINDN.split(",")
-    subobj.RDN_DC = rdns[0][len("DC="):]
-
-    subobj.SAM_LDB        = paths.samdb
-    subobj.SECRETS_LDB    = paths.secrets
-    subobj.SECRETS_KEYTAB    = paths.keytab
 
-    return True
 
 def provision_become_dc(subobj, message, paths, session_info):
     lp = loadparm_init()
     info = Object()
 
-    provision_fix_subobj(subobj, message, paths)
+    subobj.fix(paths)
 
     info.subobj = subobj
     info.message = message
     info.session_info = session_info
 
     # Also wipes the database
-    message("Setting up " + paths.samdb + " partitions\n")
+    message("Setting up %s partitions\n" % paths.samdb)
     setup_ldb("provision_partitions.ldif", info, paths.samdb)
 
     samdb = open_ldb(info, paths.samdb, False)
 
-    message("Setting up " + paths.samdb + " attributes\n")
-    setup_add_ldif("provision_init.ldif", info, samdb, False)
+    message("Setting up %s attributes\n" % paths.samdb)
+    setup_add_ldif(lp, "provision_init.ldif", info, samdb, False)
 
-    message("Setting up " + paths.samdb + " rootDSE\n")
-    setup_add_ldif("provision_rootdse_add.ldif", info, samdb, False)
+    message("Setting up %s rootDSE\n" % paths.samdb)
+    setup_add_ldif(lp, "provision_rootdse_add.ldif", info, samdb, False)
 
     message("Erasing data from partitions\n")
-    ldb_erase_partitions(info, samdb, undefined)
+    ldb_erase_partitions(lp, info, samdb, undefined)
 
-    message("Setting up " + paths.samdb + " indexes\n")
-    setup_add_ldif("provision_index.ldif", info, samdb, False)
+    message("Setting up %s indexes\n" % paths.samdb)
+    setup_add_ldif(lp, "provision_index.ldif", info, samdb, False)
 
-    message("Setting up " + paths.samdb + " templates\n")
-    setup_add_ldif("provision_templates.ldif", info, samdb, False)
+    message("Setting up %s templates\n" % paths.samdb)
+    setup_add_ldif(lp, "provision_templates.ldif", info, samdb, False)
 
     samdb.transaction_commit()
 
-    message("Setting up " + paths.secrets + "\n")
+    message("Setting up %s\n" % paths.secrets)
     setup_ldb("secrets_init.ldif", info, paths.secrets)
 
     setup_ldb("secrets.ldif", info, paths.secrets, False)
 
-    return True
-
 #
 # provision samba4 - caution, this wipes all existing data!
 #
@@ -396,17 +424,17 @@ def provision(subobj, message, blank, paths, session_info, credentials, ldapback
     lp = loadparm_init()
     info = Object()
 
-    provision_fix_subobj(subobj, message, paths)
+    subobj.fix(paths)
 
-    if subobj.DOMAINGUID is not None:
-        subobj.DOMAINGUID_MOD = "replace: objectGUID\nobjectGUID: %s\n-" % subobj.DOMAINGUID
+    if subobj.domainguid is not None:
+        subobj.domainguid_mod = "replace: objectGUID\nobjectGUID: %s\n-" % subobj.domainguid
     else:
-        subobj.DOMAINGUID_MOD = ""
+        subobj.domainguid_mod = ""
 
-    if subobj.HOSTGUID is not None:
-        subobj.HOSTGUID_ADD = "objectGUID: %s" % subobj.HOSTGUID
+    if subobj.hostguid is not None:
+        subobj.hostguid_add = "objectGUID: %s" % subobj.hostguid
     else:
-        subobj.HOSTGUID_ADD = ""
+        subobj.hostguid_add = ""
 
     info.subobj = subobj
     info.message = message
@@ -439,27 +467,27 @@ def provision(subobj, message, blank, paths, session_info, credentials, ldapback
     samdb = open_ldb(info, paths.samdb, False)
 
     message("Setting up sam.ldb attributes\n")
-    setup_add_ldif("provision_init.ldif", info, samdb, False)
+    setup_add_ldif(lp, "provision_init.ldif", info, samdb, False)
 
     message("Setting up sam.ldb rootDSE\n")
-    setup_add_ldif("provision_rootdse_add.ldif", info, samdb, False)
+    setup_add_ldif(lp, "provision_rootdse_add.ldif", info, samdb, False)
 
     message("Erasing data from partitions\n")
-    ldb_erase_partitions(info, samdb, ldapbackend)
+    ldb_erase_partitions(lp, info, samdb, ldapbackend)
     
-    message("Adding DomainDN: " + subobj.DOMAINDN + " (permitted to fail)\n")
-    setup_add_ldif("provision_basedn.ldif", info, samdb, True)
-    message("Modifying DomainDN: " + subobj.DOMAINDN + "\n")
+    message("Adding DomainDN: " + subobj.domaindn + " (permitted to fail)\n")
+    setup_add_ldif(lp, "provision_basedn.ldif", info, samdb, True)
+    message("Modifying DomainDN: " + subobj.domaindn + "\n")
     setup_ldb_modify("provision_basedn_modify.ldif", info, samdb)
 
     if not modify_ok:
         if not add_ok:
-            message("Failed to both add and modify " + subobj.DOMAINDN + " in target " + subobj.DOMAINDN_LDB + "\n")
+            message("Failed to both add and modify " + subobj.domaindn + " in target " + subobj.domaindn_ldb + "\n")
             message("Perhaps you need to run the provision script with the --ldap-base-dn option, and add this record to the backend manually\n"); 
         assert(modify_ok)
 
     message("Adding configuration container (permitted to fail)\n")
-    add_ok = setup_add_ldif("provision_configuration_basedn.ldif", info, samdb, True)
+    add_ok = setup_add_ldif(lp, "provision_configuration_basedn.ldif", info, samdb, True)
     message("Modifying configuration container\n")
     modify_ok = setup_ldb_modify("provision_configuration_basedn_modify.ldif", info, samdb)
     if not modify_ok:
@@ -469,7 +497,7 @@ def provision(subobj, message, blank, paths, session_info, credentials, ldapback
         assert(modify_ok)
 
     message("Adding schema container (permitted to fail)\n")
-    add_ok = setup_add_ldif("provision_schema_basedn.ldif", info, samdb, True)
+    add_ok = setup_add_ldif(lp, "provision_schema_basedn.ldif", info, samdb, True)
     message("Modifying schema container\n")
     modify_ok = setup_ldb_modify("provision_schema_basedn_modify.ldif", info, samdb)
     if not modify_ok:
@@ -480,9 +508,9 @@ def provision(subobj, message, blank, paths, session_info, credentials, ldapback
         assert(modify_ok)
 
     message("Setting up sam.ldb Samba4 schema\n")
-    setup_add_ldif("schema_samba4.ldif", info, samdb, False)
+    setup_add_ldif(lp, "schema_samba4.ldif", info, samdb, False)
     message("Setting up sam.ldb AD schema\n")
-    setup_add_ldif("schema.ldif", info, samdb, False)
+    setup_add_ldif(lp, "schema.ldif", info, samdb, False)
 
     # (hack) Reload, now we have the schema loaded.  
     samdb.transaction_commit()
@@ -491,15 +519,15 @@ def provision(subobj, message, blank, paths, session_info, credentials, ldapback
     samdb = open_ldb(info, paths.samdb, False)
 
     message("Setting up sam.ldb configuration data\n")
-    setup_add_ldif("provision_configuration.ldif", info, samdb, False)
+    setup_add_ldif(lp, "provision_configuration.ldif", info, samdb, False)
 
     message("Setting up display specifiers\n")
-    setup_add_ldif("display_specifiers.ldif", info, samdb, False)
+    setup_add_ldif(lp, "display_specifiers.ldif", info, samdb, False)
     message("Setting up sam.ldb templates\n")
-    setup_add_ldif("provision_templates.ldif", info, samdb, False)
+    setup_add_ldif(lp, "provision_templates.ldif", info, samdb, False)
 
     message("Adding users container (permitted to fail)\n")
-    add_ok = setup_add_ldif("provision_users_add.ldif", info, samdb, True)
+    add_ok = setup_add_ldif(lp, "provision_users_add.ldif", info, samdb, True)
     message("Modifying users container\n")
     modify_ok = setup_ldb_modify("provision_users_modify.ldif", info, samdb)
     if not modify_ok:
@@ -508,7 +536,7 @@ def provision(subobj, message, blank, paths, session_info, credentials, ldapback
             assert(modify_ok)
         assert(modify_ok)
     message("Adding computers container (permitted to fail)\n")
-    add_ok = setup_add_ldif("provision_computers_add.ldif", info, samdb, True)
+    add_ok = setup_add_ldif(lp, "provision_computers_add.ldif", info, samdb, True)
     message("Modifying computers container\n")
     modify_ok = setup_ldb_modify("provision_computers_modify.ldif", info, samdb)
     if not modify_ok:
@@ -518,11 +546,11 @@ def provision(subobj, message, blank, paths, session_info, credentials, ldapback
         assert(modify_ok)
 
     message("Setting up sam.ldb data\n")
-    setup_add_ldif("provision.ldif", info, samdb, False)
+    setup_add_ldif(lp, "provision.ldif", info, samdb, False)
 
     if blank:
         message("Setting up sam.ldb index\n")
-        setup_add_ldif("provision_index.ldif", info, samdb, False)
+        setup_add_ldif(lp, "provision_index.ldif", info, samdb, False)
 
         message("Setting up sam.ldb rootDSE marking as syncronized\n")
         setup_modify_ldif("provision_rootdse_modify.ldif", info, samdb, False)
@@ -544,13 +572,13 @@ def provision(subobj, message, blank, paths, session_info, credentials, ldapback
 #    samdb = open_ldb(info, paths.samdb, False)
 #
     message("Setting up sam.ldb users and groups\n")
-    setup_add_ldif("provision_users.ldif", info, samdb, False)
+    setup_add_ldif(lp, "provision_users.ldif", info, samdb, False)
 
     if not setup_name_mappings(info, samdb):
         return False
 
     message("Setting up sam.ldb index\n")
-    setup_add_ldif("provision_index.ldif", info, samdb, False)
+    setup_add_ldif(lp, "provision_index.ldif", info, samdb, False)
 
     message("Setting up sam.ldb rootDSE marking as syncronized\n")
     setup_modify_ldif("provision_rootdse_modify.ldif", info, samdb, False)
@@ -561,21 +589,21 @@ def provision(subobj, message, blank, paths, session_info, credentials, ldapback
 
 # Write out a DNS zone file, from the info in the current database
 def provision_dns(subobj, message, paths, session_info, credentials):
-    message("Setting up DNS zone: " + subobj.DNSDOMAIN + " \n")
+    message("Setting up DNS zone: " + subobj.dnsdomain + " \n")
     # connect to the sam
     ldb = Ldb(paths.samdb, session_info=session_info, credentials=credentials)
 
     # These values may have changed, due to an incoming SamSync,
     # or may not have been specified, so fetch them from the database
 
-    attrs = ["objectGUID"]
-    res = ldb.search("objectGUID=*", subobj.DOMAINDN, ldb.SCOPE_BASE, attrs)
+    res = ldb.search("objectGUID=*", subobj.domaindn, ldb.SCOPE_BASE, 
+                     ["objectGUID"])
     assert(len(res) == 1)
     assert(res[0].objectGUID is not None)
-    subobj.DOMAINGUID = res[0].objectGUID
+    subobj.domainguid = res[0].objectGUID
 
-    subobj.HOSTGUID = searchone(ldb, subobj.DOMAINDN, "(&(objectClass=computer)(cn=" + subobj.NETBIOSNAME + "))", "objectGUID")
-    assert(subobj.HOSTGUID is not None)
+    subobj.hostguid = searchone(ldb, subobj.domaindn, "(&(objectClass=computer)(cn=" + subobj.netbiosname + "))", "objectGUID")
+    assert(subobj.hostguid is not None)
 
     setup_file("provision.zone", 
            message, paths.dns, 
@@ -585,11 +613,11 @@ def provision_dns(subobj, message, paths, session_info, credentials):
 
 # Write out a DNS zone file, from the info in the current database
 def provision_ldapbase(subobj, message, paths):
-    message("Setting up LDAP base entry: " + subobj.DOMAINDN + " \n")
-    rdns = subobj.DOMAINDN.split(",")
-    subobj.EXTENSIBLEOBJECT = "objectClass: extensibleObject"
+    message("Setting up LDAP base entry: " + subobj.domaindn + " \n")
+    rdns = subobj.domaindn.split(",")
+    subobj.extensibleobject = "objectClass: extensibleObject"
 
-    subobj.RDN_DC = rdns[0][len("DC="):]
+    subobj.rdn_dc = rdns[0][len("DC="):]
 
     setup_file("provision_basedn.ldif", 
            message, paths.ldap_basedn_ldif, 
@@ -609,50 +637,45 @@ def provision_ldapbase(subobj, message, paths):
 #
 #  guess reasonably default options for provisioning
 #
-def provision_guess():
-    subobj = Object()
-    nss = nss_init()
-    lp = loadparm_init()
-    rdn_list
-    random_init(local)
+def provision_guess(lp):
+    subobj = ProvisionSettings()
 
-    subobj.REALM        = strupper(lp.get("realm"))
-    subobj.DOMAIN       = lp.get("workgroup")
-    subobj.HOSTNAME     = hostname()
+    subobj.realm        = lp.get("realm").upper()
+    subobj.domain       = lp.get("workgroup")
+    subobj.hostname     = hostname()
 
-    assert subobj.REALM is not None
-    assert subobj.DOMAIN is not None
-    assert subobj.HOSTNAME is not None
+    assert subobj.realm is not None
+    assert subobj.domain is not None
+    assert subobj.hostname is not None
     
-    subobj.VERSION      = version()
-    subobj.HOSTIP       = hostip()
-    subobj.DOMAINSID    = randsid()
-    subobj.INVOCATIONID = uuid.random()
-    subobj.KRBTGTPASS   = randpass(12)
-    subobj.MACHINEPASS  = randpass(12)
-    subobj.ADMINPASS    = randpass(12)
-    subobj.DEFAULTSITE  = "Default-First-Site-Name"
-    subobj.NEWGUID      = uuid.random()
-    subobj.NTTIME       = sys.nttime()
-    subobj.LDAPTIME     = ldaptime
-    subobj.DATESTRING   = datestring
-    subobj.ROOT         = findnss(pwd.getpwnam, "root")[4]
-    subobj.NOBODY       = findnss(pwd.getpwnam, "nobody")[4]
-    subobj.NOGROUP      = findnss(grp.getgrnam, "nogroup", "nobody")[2]
-    subobj.WHEEL        = findnss(grp.getgrnam, "wheel", "root", "staff", "adm")[2]
-    subobj.BACKUP       = findnss(grp.getgrnam, "backup", "wheel", "root", "staff")[2]
-    subobj.USERS        = findnss(grp.getgrnam, "users", "guest", "other", "unknown", "usr")[2]
-
-    subobj.DNSDOMAIN    = strlower(subobj.REALM)
-    subobj.DNSNAME      = "%s.%s" % (subobj.HOSTNAME.lower(), subobj.DNSDOMAIN)
-    rdn_list = split(".", subobj.DNSDOMAIN)
-    subobj.DOMAINDN     = "DC=" + ",DC=".join(rdn_list)
-    subobj.DOMAINDN_LDB = "users.ldb"
-    subobj.ROOTDN       = subobj.DOMAINDN
-    subobj.CONFIGDN     = "CN=Configuration," + subobj.ROOTDN
-    subobj.CONFIGDN_LDB = "configuration.ldb"
-    subobj.SCHEMADN     = "CN=Schema," + subobj.CONFIGDN
-    subobj.SCHEMADN_LDB = "schema.ldb"
+    subobj.hostip       = hostip()
+    subobj.domainsid    = sid.random()
+    subobj.invocationid = uuid.random()
+    subobj.krbtgtpass   = misc.random_password(12)
+    subobj.machinepass  = misc.random_password(12)
+    subobj.adminpass    = misc.random_password(12)
+    subobj.defaultsite  = "Default-First-Site-Name"
+    subobj.newguid      = uuid.random()
+    subobj.nttime       = sys.nttime()
+    subobj.ldaptime     = ldaptime
+    subobj.datestring   = datestring
+    subobj.root         = findnss(pwd.getpwnam, "root")[4]
+    subobj.nobody       = findnss(pwd.getpwnam, "nobody")[4]
+    subobj.nogroup      = findnss(grp.getgrnam, "nogroup", "nobody")[2]
+    subobj.wheel        = findnss(grp.getgrnam, "wheel", "root", "staff", "adm")[2]
+    subobj.backup       = findnss(grp.getgrnam, "backup", "wheel", "root", "staff")[2]
+    subobj.users        = findnss(grp.getgrnam, "users", "guest", "other", "unknown", "usr")[2]
+
+    subobj.dnsdomain    = subobj.realm.lower()
+    subobj.dnsname      = "%s.%s" % (subobj.hostname.lower(), subobj.dnsdomain)
+    rdn_list = split(".", subobj.dnsdomain)
+    subobj.domaindn     = "DC=" + ",DC=".join(rdn_list)
+    subobj.domaindn_ldb = "users.ldb"
+    subobj.rootdn       = subobj.domaindn
+    subobj.configdn     = "CN=Configuration," + subobj.rootdn
+    subobj.configdn_ldb = "configuration.ldb"
+    subobj.schemadn     = "CN=Schema," + subobj.configdn
+    subobj.schemadn_ldb = "schema.ldb"
 
     #:Add modules to the list to activate them by default
     #beware often order is important
@@ -663,7 +686,7 @@ def provision_guess():
     #   that the objectclass is of type person (filled in by samldb)
     # - partition must be last
     # - each partition has its own module list then
-    modules_list        = ["rootdse",
+    subobj.modules_list = join(",", ["rootdse",
                     "kludge_acl",
                     "paged_results",
                     "server_sort",
@@ -675,22 +698,20 @@ def provision_guess():
                     "objectclass",
                     "rdn_name",
                     "show_deleted",
-                    "partition"]
-    subobj.MODULES_LIST = join(",", modules_list)
-    subobj.DOMAINDN_MOD = "objectguid"
-    subobj.CONFIGDN_MOD = "objectguid"
-    subobj.SCHEMADN_MOD = "objectguid"
-
-    subobj.EXTENSIBLEOBJECT = "# no objectClass: extensibleObject for local ldb"
-    subobj.ACI        = "# no aci for local ldb"
+                    "partition"])
+    subobj.domaindn_mod = "objectguid"
+    subobj.configdn_mod = "objectguid"
+    subobj.schemadn_mod = "objectguid"
+
+    subobj.extensibleobject = "# no objectClass: extensibleObject for local ldb"
+    subobj.aci        = "# no aci for local ldb"
     return subobj
 
 #
 #  search for one attribute as a string
 #
 def searchone(ldb, basedn, expression, attribute):
-    attrs = [attribute]
-    res = ldb.search(expression, basedn, ldb.SCOPE_SUBTREE, attrs)
+    res = ldb.search(expression, basedn, ldb.SCOPE_SUBTREE, [attribute])
     if len(res) != 1 or res[0][attribute] is None:
         return None
     return res[0][attribute]
@@ -699,9 +720,8 @@ def searchone(ldb, basedn, expression, attribute):
 #  modify an account to remove the 
 #
 def enable_account(ldb, user_dn):
-    attrs = ["userAccountControl"]
-    res = ldb.search(NULL, user_dn, ldb.SCOPE_ONELEVEL, attrs)
-    assert(len(res) == 1)
+    res = ldb.search(NULL, user_dn, ldb.SCOPE_ONELEVEL, ["userAccountControl"])
+    assert len(res) == 1
     userAccountControl = res[0].userAccountControl
     userAccountControl = userAccountControl - 2 # remove disabled bit
     mod = """
@@ -715,18 +735,14 @@ userAccountControl: %u
 #
 #  add a new user record
 #
-def newuser(username, unixname, password, message, session_info, credentials):
-    lp = loadparm_init()
-    random_init(local)
+def newuser(sam, username, unixname, password, message, session_info, 
+            credentials):
     # connect to the sam 
-    samdb = Ldb(lp.get("sam database"), session_info=session_info, 
-            credentials=credentials)
-
     ldb.transaction_start()
 
     # find the DNs for the domain and the domain users group
-    attrs = ["defaultNamingContext"]
-    res = ldb.search("defaultNamingContext=*", "", ldb.SCOPE_BASE, attrs)
+    res = ldb.search("defaultNamingContext=*", "", ldb.SCOPE_BASE, 
+                     ["defaultNamingContext"])
     assert(len(res) == 1 and res[0].defaultNamingContext is not None)
     domain_dn = res[0].defaultNamingContext
     assert(domain_dn is not None)
@@ -770,10 +786,8 @@ member: %s
     #
     #  modify the userAccountControl to remove the disabled bit
     #
-    ok = enable_account(ldb, user_dn)
-    if ok:
-        ldb.transaction_commit()
-    return ok
+    enable_account(ldb, user_dn)
+    ldb.transaction_commit()
 
 # Check whether a name is valid as a NetBIOS name. 
 # FIXME: There are probably more constraints here. 
@@ -783,9 +797,7 @@ def valid_netbios_name(name):
         return False
     return True
 
-def provision_validate(subobj, message):
-    lp = loadparm_init()
-
+def provision_validate(lp, subobj, message):
     if not valid_netbios_name(subobj.DOMAIN):
         message("Invalid NetBIOS name for domain\n")
         return False
@@ -794,12 +806,12 @@ def provision_validate(subobj, message):
         message("Invalid NetBIOS name for host\n")
         return False
 
-    if strupper(lp.get("workgroup")) != strupper(subobj.DOMAIN):
+    if lp.get("workgroup").upper() != subobj.DOMAIN.upper():
         message("workgroup '%s' in smb.conf must match chosen domain '%s'\n",
             lp.get("workgroup"), subobj.DOMAIN)
         return False
 
-    if strupper(lp.get("realm")) != strupper(subobj.REALM):
+    if lp.get("realm").upper() != subobj.REALM.upper():
         message("realm '%s' in smb.conf must match chosen realm '%s'\n" %
             (lp.get("realm"), subobj.REALM))
         return False

diff --git a/source/scripting/python/sidmodule.c b/source/scripting/python/sidmodule.c
new file mode 100644 (file)
index 0000000..24afd74
--- /dev/null
+++ b/source/scripting/python/sidmodule.c
@@ -0,0 +1,57 @@
+/* 
+   Unix SMB/CIFS implementation.
+   Samba utility functions
+   Copyright (C) Jelmer Vernooij <jelmer@samba.org> 2007
+   
+   This program is free software; you can redistribute it and/or modify
+   it under the terms of the GNU General Public License as published by
+   the Free Software Foundation; either version 3 of the License, or
+   (at your option) any later version.
+   
+   This program is distributed in the hope that it will be useful,
+   but WITHOUT ANY WARRANTY; without even the implied warranty of
+   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+   GNU General Public License for more details.
+   
+   You should have received a copy of the GNU General Public License
+   along with this program.  If not, see <http://www.gnu.org/licenses/>.
+*/
+
+#include "includes.h"
+#include "scripting/python/talloc.h"
+#include "Python.h"
+#include "libcli/security/security.h"
+
+static PyObject *sid_random(PyObject *self, PyObject *args)
+{
+       char *str;
+
+       if (!PyArg_ParseTuple(args, ""))
+               return NULL;
+
+       str = talloc_asprintf(PyMemCtx(), "S-1-5-21-%8u-%8u-%8u", 
+                                 (unsigned)generate_random(), 
+                                 (unsigned)generate_random(), 
+                                 (unsigned)generate_random());
+
+       if (str == NULL) {
+               PyErr_SetString(PyExc_TypeError, "can't generate random sid");
+               return NULL;
+       }
+
+       return PyString_FromString(str);
+}
+
+static PyMethodDef methods[] = {
+       { "random", (PyCFunction)sid_random, METH_VARARGS, NULL},
+       { NULL, NULL }
+};
+
+PyDoc_STRVAR(param_doc, "SID helper routines");
+
+PyMODINIT_FUNC initsid(void)
+{
+       PyObject *mod = Py_InitModule3("sid", methods, param_doc);
+       if (mod == NULL)
+               return;
+}

diff --git a/source/scripting/python/tests/param.py b/source/scripting/python/tests/param.py
index f55ef3613875f7e4f3cc2cf3c56fd6e4dde1571d..3d64c9b09404637f0fed113d6021282600a4eb6c 100644 (file)
--- a/source/scripting/python/tests/param.py
+++ b/source/scripting/python/tests/param.py
@@ -5,7 +5,7 @@
 #
 # Copyright (C) 2007 Jelmer Vernooij <jelmer@samba.org>
 # Published under the GNU LGPL
-from param import ParamFile, global_params
+from param import ParamFile
 from unittest import TestCase
 
 class SimpleParamTest(TestCase):

diff --git a/source/selftest/env/Samba4.pm b/source/selftest/env/Samba4.pm
index bead568b1045281127155a1d9a8f7d5597c1ab4e..18a34a1ea455f34a2c33122ecb7f84f7bbb852df 100644 (file)
--- a/source/selftest/env/Samba4.pm
+++ b/source/selftest/env/Samba4.pm
@@ -423,7 +423,7 @@ my @provision_options = ($ENV{PYTHON} or "python", "$self->{setupdir}/provision"
        push (@provision_options, split(' ', $configuration));
        push (@provision_options, "--host-name=$netbiosname");
        push (@provision_options, "--host-ip=$ifaceipv4");
-       push (@provision_options, "--quiet");
+       push (@provision_options, "--quiet=True");
        push (@provision_options, "--domain=$domain");
        push (@provision_options, "--realm=$realm");
        push (@provision_options, "--adminpass=$password");

diff --git a/source/setup/provision b/source/setup/provision
index 4ca8c036e79605637af85eb8fa1413df25e2d3b8..5818746e7bcc8085b27304e08a44b0c49ad8f399 100755 (executable)
--- a/source/setup/provision
+++ b/source/setup/provision
@@ -89,8 +89,13 @@ if hostname is None:
 #
 #   main program
 #
-realm = opts.realm
 if opts.realm is None or opts.domain is None or opts.host_name is None:
+       if opts.realm is None:
+               print >>sys.stderr, "No realm set"
+       if opts.domain is None:
+               print >>sys.stderr, "No domain set"
+       if opts.host_name is None:
+               print >>sys.stderr, "No host name set"
        parser.print_help()
        sys.exit(1)
 
@@ -99,9 +104,9 @@ lp = param.ParamFile(opts.configfile)
 lp.set("realm", opts.realm);
 lp.set("workgroup", opts.domain);
 lp.set("server role", opts.server_role);
-lp.reload()
+lp.use()
 
-subobj = provision_guess();
+subobj = provision_guess(lp);
 # FIXME
 # for (r in options) {
 #      var key = strupper(join("", split("-", r)));
@@ -109,34 +114,34 @@ subobj = provision_guess();
 #}
 
 if opts.aci is not None:
-       print "set ACI: %s\n" % subobj["ACI"]
+       print "set ACI: %s\n" % subobj.aci
 
-print "set DOMAIN SID: %s\n" % subobj["DOMAINSID"]
+print "set DOMAIN SID: %s\n" % subobj.domainsid
 
-provision_fix_subobj(subobj, paths);
+subobj.fix(paths);
 
 if opts.ldap_backend:
        if opts.ldap_backend == "ldapi":
-               subobj.LDAPBACKEND = subobj.LDAPI_URI
+               subobj.ldapbackend = subobj.ldapi_uri
 
        if not opts.ldap_module:
-               subobj.LDAPMODULE = "entryUUID"
+               subobj.ldapmodule = "entryUUID"
 
-       subobj.DOMAINDN_LDB = subobj.LDAPBACKEND
-       subobj.DOMAINDN_MOD2 = "," + subobj.LDAPMODULE + ",paged_searches"
-       subobj.CONFIGDN_LDB = subobj.LDAPBACKEND
-       subobj.CONFIGDN_MOD2 = "," + subobj.LDAPMODULE + ",paged_searches"
-       subobj.SCHEMADN_LDB = subobj.LDAPBACKEND
-       subobj.SCHEMADN_MOD2 = "," + subobj.LDAPMODULE + ",paged_searches"
-       message("LDAP module: %s on backend: %s\n" % (subobj.LDAPMODULE, subobj.LDAPBACKEND))
+       subobj.domaindn_ldb = subobj.ldapbackend
+       subobj.domaindn_mod2 = "," + subobj.ldapmodule + ",paged_searches"
+       subobj.configdn_ldb = subobj.ldapbackend
+       subobj.configdn_mod2 = "," + subobj.ldapmodule + ",paged_searches"
+       subobj.schemadn_ldb = subobj.ldapbackend
+       subobj.schemadn_mod2 = "," + subobj.ldapmodule + ",paged_searches"
+       message("LDAP module: %s on backend: %s\n" % (subobj.ldapmodule, subobj.ldapbackend))
 
-if not provision_validate(subobj, message):
+if not provision_validate(lp, subobj, message):
        sys.exit(1)
 
 system_session = system_session()
 creds = options.get_credentials()
-message("Provisioning for %s in realm %s\n", subobj.DOMAIN, subobj.REALM)
-message("Using administrator password: %s\n", subobj.ADMINPASS)
+message("Provisioning for %s in realm %s\n", subobj.domain, subobj.realm)
+message("Using administrator password: %s\n", subobj.adminpass)
 if ldapbase:
        provision_ldapbase(subobj, message, paths)
        message("Please install the LDIF located in " + paths.ldap_basedn_ldif + ", " + paths.ldap_config_basedn_ldif + " and " + paths.ldap_schema_basedn_ldif + " into your LDAP server, and re-run with --ldap-backend=ldap://my.ldap.server\n")
@@ -146,14 +151,14 @@ else:
        provision(subobj, message, blank, paths, system_session, creds, ldapbackend)
        provision_dns(subobj, message, paths, system_session, creds)
        message("To reproduce this provision, run with:\n")
-       message("--realm='" + subobj.REALM_CONF + "' --domain='" + subobj.DOMAIN_CONF + "' --domain-guid='" + subobj.DOMAINGUID + "' \\\n")
-       message("--policy-guid='" + subobj.POLICYGUID + "' --host-name='" + subobj.HOSTNAME + "' --host-ip='" + subobj.HOSTIP + "' \\\n")
-       message("--host-guid='" + subobj.HOSTGUID + "' --invocationid='" + subobj.INVOCATIONID + "' \\\n")
-       message("--adminpass='" + subobj.ADMINPASS + "' --krbtgtpass='" + subobj.KRBTGTPASS + "' \\\n")
-       message("--machinepass='" + subobj.MACHINEPASS + "' --dnspass='" + subobj.DNSPASS + "' \\\n")
-       message("--root='" + subobj.ROOT + "' --nobody='" + subobj.NOBODY + "' --nogroup-'" + subobj.NOGROUP + "' \\\n")
-       message("--wheel='" + subobj.WHEEL + "' --users='" + subobj.USERS + "' --server-role='" + subobj.SERVERROLE + "' \\\n")
-       message("--ldap-backend='" + subobj.LDAPBACKEND + "' --ldap-mdoule='" + subobj.LDAPMODULE + "' \\\n")
-       message("--aci='" + subobj.ACI + "' \\\n")
+       message("--realm='" + subobj.realm_conf + "' --domain='" + subobj.domain_conf + "' --domain-guid='" + subobj.domainguid + "' \\\n")
+       message("--policy-guid='" + subobj.policyguid + "' --host-name='" + subobj.hostname + "' --host-ip='" + subobj.hostip + "' \\\n")
+       message("--host-guid='" + subobj.hostguid + "' --invocationid='" + subobj.invocationid + "' \\\n")
+       message("--adminpass='" + subobj.adminpass + "' --krbtgtpass='" + subobj.krbtgtpass + "' \\\n")
+       message("--machinepass='" + subobj.machinepass + "' --dnspass='" + subobj.dnspass + "' \\\n")
+       message("--root='" + subobj.root + "' --nobody='" + subobj.nobody + "' --nogroup-'" + subobj.nogroup + "' \\\n")
+       message("--wheel='" + subobj.wheel + "' --users='" + subobj.users + "' --server-role='" + subobj.serverrole + "' \\\n")
+       message("--ldap-backend='" + subobj.ldapbackend + "' --ldap-mdoule='" + subobj.ldapmodule + "' \\\n")
+       message("--aci='" + subobj.aci + "' \\\n")
 
 message("All OK\n")