Update the provision scripts and selftest for LDAP
authorAndrew Bartlett <abartlet@samba.org>
Wed, 12 Mar 2008 22:55:06 +0000 (09:55 +1100)
committerAndrew Bartlett <abartlet@samba.org>
Wed, 12 Mar 2008 22:55:06 +0000 (09:55 +1100)
This should allow us to provision onto an OpenLDAP backend again.

Also ensure we always have a sysvol and netlogon share in the selftest
environment.

Andrew Bartlett
(This used to be commit b2d9b03ba3434e76d4d476233a198728523d17f9)

source4/scripting/python/samba/provision.py
source4/selftest/target/Samba4.pm
source4/setup/provision-backend

index 2ede4b8d3d3bd4b5f2e25e989ccc7bfd32e0836a..f9604a84b2e3d53f15ea4d25018f0e87e46e9714 100644 (file)
@@ -1192,16 +1192,18 @@ def provision_backend(setup_dir=None, message=None,
        for i in range (0, len(res)):
             linkid = res[i]["linkID"][0]
             linkid = str(int(linkid) + 1)
        for i in range (0, len(res)):
             linkid = res[i]["linkID"][0]
             linkid = str(int(linkid) + 1)
+            expression = "(&(objectclass=attributeSchema)(linkID=" + (linkid) + "))"
             target = schemadb.searchone(basedn=names.schemadn, 
             target = schemadb.searchone(basedn=names.schemadn, 
-                                        expression="(&(objectclass=attributeSchema)(linkID=" + (linkid) + "))", 
-                                        attribute="lDAPDisplayName");
+                                        expression=expression, 
+                                        attribute="lDAPDisplayName", 
+                                        scope=SCOPE_SUBTREE);
             if target is not None:
             if target is not None:
-                refint_attributes = refint_attributes + " " + target + " " + res[i]["lDAPDisplayName"];
+                refint_attributes = refint_attributes + " " + target + " " + res[i]["lDAPDisplayName"][0];
                 memberof_config = memberof_config + """overlay memberof
 memberof-dangling error
 memberof-refint TRUE
 memberof-group-oc top
                 memberof_config = memberof_config + """overlay memberof
 memberof-dangling error
 memberof-refint TRUE
 memberof-group-oc top
-memberof-member-ad """ + res[i]["lDAPDisplayName"] + """
+memberof-member-ad """ + res[i]["lDAPDisplayName"][0] + """
 memberof-memberof-ad """ + target + """
 memberof-dangling-error 32
 
 memberof-memberof-ad """ + target + """
 memberof-dangling-error 32
 
@@ -1214,7 +1216,7 @@ refint_attributes""" + refint_attributes + "\n";
         if os.path.exists(paths.memberofconf):
             os.unlink(paths.memberof.conf)
 
         if os.path.exists(paths.memberofconf):
             os.unlink(paths.memberof.conf)
 
-            open(paths.memberofconf, 'w').write(memberof_config)
+        open(paths.memberofconf, 'w').write(memberof_config)
 
         ldapi_uri = "ldapi://" + urllib.quote(os.path.join(paths.private_dir, "ldap", "ldapi"), safe="")
         message("Start slapd with: slapd -f " + paths.ldapdir + "/slapd.conf -h " + ldapi_uri)
 
         ldapi_uri = "ldapi://" + urllib.quote(os.path.join(paths.private_dir, "ldap", "ldapi"), safe="")
         message("Start slapd with: slapd -f " + paths.ldapdir + "/slapd.conf -h " + ldapi_uri)
index 48fda1759930477d67ff9f2d53c6c29e8084a1e2..2b94135355d02d854a0d737927e18e25ad9f7e24 100644 (file)
@@ -617,6 +617,14 @@ sub provision($$$$$$)
        read only = no
        ntvfs handler = simple
 
        read only = no
        ntvfs handler = simple
 
+[sysvol]
+       path = $lockdir/sysvol
+       read only = yes
+
+[netlogon]
+       path = $lockdir/sysvol/$dnsname/scripts
+       read only = no
+
 [cifsposix]
        copy = simple
        ntvfs handler = cifsposix   
 [cifsposix]
        copy = simple
        ntvfs handler = cifsposix   
@@ -746,7 +754,7 @@ nogroup:x:65534:nobody
        if (defined($self->{ldap})) {
 
                 push (@provision_options, "--ldap-backend=$ldap_uri");
        if (defined($self->{ldap})) {
 
                 push (@provision_options, "--ldap-backend=$ldap_uri");
-               system("$self->{bindir}/smbscript $self->{setupdir}/provision-backend $configuration --ldap-manager-pass=$password --root=$unix_name --realm=$realm --host-name=$netbiosname --ldap-backend-type=$self->{ldap}>&2") == 0 or die("backend provision failed");
+               system("$self->{bindir}/smbpython $self->{setupdir}/provision-backend $configuration --ldap-manager-pass=$password --root=$unix_name --realm=$realm --domain=$domain --host-name=$netbiosname --ldap-backend-type=$self->{ldap}>&2") == 0 or die("backend provision failed");
 
                if ($self->{ldap} eq "openldap") {
                       ($ret->{SLAPD_CONF}, $ret->{OPENLDAP_PIDFILE}) = $self->mk_openldap($ldapdir, $configuration) or die("Unable to create openldap directories");
 
                if ($self->{ldap} eq "openldap") {
                       ($ret->{SLAPD_CONF}, $ret->{OPENLDAP_PIDFILE}) = $self->mk_openldap($ldapdir, $configuration) or die("Unable to create openldap directories");
index 91d7bdcb0a0db1b89a4c2ac835d4d78404a4ea33..ada6dcef8dd6a3c78accec78cb59aa300d35f385 100755 (executable)
@@ -46,8 +46,8 @@ parser.add_option("--domain", type="string", metavar="DOMAIN",
                                  help="set domain")
 parser.add_option("--host-name", type="string", metavar="HOSTNAME", 
                help="set hostname")
                                  help="set domain")
 parser.add_option("--host-name", type="string", metavar="HOSTNAME", 
                help="set hostname")
-parser.add_option("--adminpass", type="string", metavar="PASSWORD", 
-               help="choose admin password (otherwise random)")
+parser.add_option("--ldap-manager-pass", type="string", metavar="PASSWORD", 
+               help="choose LDAP manager password (otherwise random)")
 parser.add_option("--root", type="string", metavar="USERNAME", 
                help="choose 'root' unix username")
 parser.add_option("--quiet", help="Be quiet", action="store_true")
 parser.add_option("--root", type="string", metavar="USERNAME", 
                help="choose 'root' unix username")
 parser.add_option("--quiet", help="Be quiet", action="store_true")
@@ -91,7 +91,7 @@ if setup_dir is None:
 provision_backend(setup_dir=setup_dir, message=message, smbconf=smbconf, targetdir=opts.targetdir,
           realm=opts.realm, domain=opts.domain,
           hostname=opts.host_name,
 provision_backend(setup_dir=setup_dir, message=message, smbconf=smbconf, targetdir=opts.targetdir,
           realm=opts.realm, domain=opts.domain,
           hostname=opts.host_name,
-          adminpass=opts.adminpass,
+          adminpass=opts.ldap_manager_pass,
           root=opts.root, serverrole=server_role, 
           ldap_backend_type=opts.ldap_backend_type)
 
           root=opts.root, serverrole=server_role, 
           ldap_backend_type=opts.ldap_backend_type)