2 backend code for upgrading from Samba3
3 Copyright Jelmer Vernooij 2005
4 Released under the GNU GPL v2 or later
9 function regkey_to_dn(name)
14 var as = split("/", name);
18 dn = sprintf("key=%s,", as[i]) + dn;
25 /* Where prefix is any of:
33 function upgrade_registry(regdb,prefix)
35 var prefix_up = strupper(prefix);
39 for (var i in regdb.keys) {
40 var rk = regdb.keys[i];
41 /* Only handle selected hive */
42 if (strncmp(prefix_up, rk.name, strlen(prefix_up)) != 0) {
46 var keydn = regkey_to_dn(rk.name);
48 var pts = split("/", rk.name);
50 /* Convert key name to dn */
51 ldif = ldif + sprintf("
57 for (var j in rk.values) {
58 var rv = rk.values[j];
60 ldif = ldif + sprintf("
64 data:: %s", keydn, rv.value, rv.type, base64(rv.data));
71 function upgrade_sam_domain(samba3)
81 oEMInformation: Provisioned by Samba4 (upgraded from Samba3)
87 samba3ResetCountMinutes: %d
88 samba3UserMustLogonToChangePassword: %d
89 samba3BadLockoutMinutes: %d
90 samba3DisconnectTime: %d
91 samba3RefuseMachinePwdChange: %d
93 ", domaindn, domsec.sid, domsec.guid, domainname, samba3.policy.min_password_length,
94 samba3.policy.password_history, samba3.policy.minimum_password_age,
95 samba3.policy.maximum_password_age, samba3.policy.lockout_duration,
96 samba3.policy.reset_count_minutes, samba3.policy.user_must_logon_to_change_password,
97 samba3.policy.bad_lockout_minutes, samba3.policy.disconnect_time,
98 samba3.policy.refuse_machine_password_change
104 function upgrade_sam_account(acc,domaindn)
124 samba3LogonScript: %s
125 samba3ProfilePath: %s
126 samba3Workstations: %s
127 samba3KickOffTime: %d
129 samba3PassLastSetTime: %d
130 samba3PassCanChangeTime: %d
131 samba3PassMustChangeTime: %d
134 ", acc.fullname, domaindn, sam.logon_time, acc.logoff_time, acc.username, acc.nt_username,
135 acc.fullname, acc.acct_desc, acc.group_rid, acc.bad_password_count, acc.logon_count,
136 acc.domain, acc.dir_drive, acc.munged_dial, acc.homedir, acc.logon_script,
137 acc.profile_path, acc.workstations, acc.kickoff_time, acc.bad_password_time,
138 acc.pass_last_set_time, acc.pass_can_change_time, acc.pass_must_change_time, acc.user_rid);
140 /* FIXME: Passwords */
145 function upgrade_sam_group(grp,domaindn)
155 samba3SidNameUse: %d", grp.nt_name, domaindn,
156 grp.comment, grp.nt_name, grp.sid, grp.sid_name_use);
161 function upgrade_sam(samba3,domaindn)
163 domainname = samba3.get_param("global", "workgroup");
165 if (domainname == undefined) {
166 DEBUG(0, ("No domain name specified in smb.conf!\n"));
170 domsec = samba3.find_domainsecrets(domainname);
172 var ldif = upgrade_sam_domain(samba3,domaindn);
175 for (var i in samba3.samaccounts) {
176 ldif = ldif + upgrade_sam_account(samba3.samaccounts[i],domaindn);
180 for (var i in samba3.group.groupmappings) {
181 ldif = ldif + upgrade_sam_group(samba3.group.groupmappings[i],domaindn);
188 function upgrade_winbind(samba3,domaindn)
196 ", samba3.idmap.user_hwm, samba3.idmap.group_hwm);
198 for (var i in samba3.idmap.mappings) {
199 var m = samba3.idmap.mappings[i];
200 ldif = ldif + sprintf("
204 unixID: %d", m.sid, domaindn, m.sid, m.type, m.unix_id);
211 function upgrade_wins(samba3)
214 for (i in samba3.winsentries) {
215 var e = samba3.winsentries[i];
217 ldif = ldif + sprintf("
222 expires: %s", e.type, e.name, e.name, e.type, e.nb_flags, sys.ldap_time(e.ttl));
224 for (var i in e.ips) {
225 ldif = ldif + sprintf("address: %s\n", e.ips[i]);
232 function upgrade_provision(samba3)
234 var subobj = new Object();
235 var nss = nss_init();
236 var lp = loadparm_init();
239 var domainname = samba3.get_param("global", "workgroup");
240 var domsec = samba3.find_domainsecrets(domainname);
241 var hostsec = samba3.find_domainsecrets(hostname());
242 var realm = samba3.get_param("global", "realm");
245 subobj.REALM = realm;
246 subobj.DOMAIN = domainname;
247 subobj.HOSTNAME = hostname();
249 assert(subobj.REALM);
250 assert(subobj.DOMAIN);
251 assert(subobj.HOSTNAME);
253 subobj.HOSTIP = hostip();
254 subobj.DOMAINGUID = domsec.guid;
255 subobj.DOMAINSID = domsec.sid;
256 subobj.HOSTGUID = hostsec.guid;
257 subobj.INVOCATIONID = randguid();
258 subobj.KRBTGTPASS = randpass(12);
259 subobj.MACHINEPASS = randpass(12);
260 subobj.ADMINPASS = randpass(12);
261 subobj.DEFAULTSITE = "Default-First-Site-Name";
262 subobj.NEWGUID = randguid;
263 subobj.NTTIME = nttime;
264 subobj.LDAPTIME = ldaptime;
265 subobj.DATESTRING = datestring;
266 subobj.USN = nextusn;
267 subobj.ROOT = findnss(nss.getpwnam, split(samba3.get_param("global", "admin users")));
268 subobj.NOBODY = findnss(nss.getpwnam, "nobody");
269 subobj.NOGROUP = findnss(nss.getgrnam, "nogroup", "nobody");
270 subobj.WHEEL = findnss(nss.getgrnam, "wheel", "root");
271 subobj.USERS = findnss(nss.getgrnam, "users", "guest", "other");
272 subobj.DNSDOMAIN = strlower(subobj.REALM);
273 subobj.DNSNAME = sprintf("%s.%s",
274 strlower(subobj.HOSTNAME),
276 subobj.BASEDN = "DC=" + join(",DC=", split(".", subobj.REALM));
277 rdn_list = split(".", subobj.REALM);
278 subobj.RDN_DC = rdn_list[0];