From 07a7c8fa0d76cb7cb10cc88fb5bbe5439b746d01 Mon Sep 17 00:00:00 2001
From: Andrew Bartlett <abartlet@samba.org>
Date: Thu, 13 Mar 2008 09:55:06 +1100
Subject: [PATCH] Update the provision scripts and selftest for LDAP

This should allow us to provision onto an OpenLDAP backend again.

Also ensure we always have a sysvol and netlogon share in the selftest
environment.

Andrew Bartlett
(This used to be commit b2d9b03ba3434e76d4d476233a198728523d17f9)
---
 source4/scripting/python/samba/provision.py | 12 +++++++-----
 source4/selftest/target/Samba4.pm           | 10 +++++++++-
 source4/setup/provision-backend             |  6 +++---
 3 files changed, 19 insertions(+), 9 deletions(-)

diff --git a/source4/scripting/python/samba/provision.py b/source4/scripting/python/samba/provision.py
index 2ede4b8d3d3..f9604a84b2e 100644
--- a/source4/scripting/python/samba/provision.py
+++ b/source4/scripting/python/samba/provision.py
@@ -1192,16 +1192,18 @@ def provision_backend(setup_dir=None, message=None,
 	for i in range (0, len(res)):
             linkid = res[i]["linkID"][0]
             linkid = str(int(linkid) + 1)
+            expression = "(&(objectclass=attributeSchema)(linkID=" + (linkid) + "))"
             target = schemadb.searchone(basedn=names.schemadn, 
-                                        expression="(&(objectclass=attributeSchema)(linkID=" + (linkid) + "))", 
-                                        attribute="lDAPDisplayName");
+                                        expression=expression, 
+                                        attribute="lDAPDisplayName", 
+                                        scope=SCOPE_SUBTREE);
             if target is not None:
-                refint_attributes = refint_attributes + " " + target + " " + res[i]["lDAPDisplayName"];
+                refint_attributes = refint_attributes + " " + target + " " + res[i]["lDAPDisplayName"][0];
                 memberof_config = memberof_config + """overlay memberof
 memberof-dangling error
 memberof-refint TRUE
 memberof-group-oc top
-memberof-member-ad """ + res[i]["lDAPDisplayName"] + """
+memberof-member-ad """ + res[i]["lDAPDisplayName"][0] + """
 memberof-memberof-ad """ + target + """
 memberof-dangling-error 32
 
@@ -1214,7 +1216,7 @@ refint_attributes""" + refint_attributes + "\n";
         if os.path.exists(paths.memberofconf):
             os.unlink(paths.memberof.conf)
 
-            open(paths.memberofconf, 'w').write(memberof_config)
+        open(paths.memberofconf, 'w').write(memberof_config)
 
         ldapi_uri = "ldapi://" + urllib.quote(os.path.join(paths.private_dir, "ldap", "ldapi"), safe="")
         message("Start slapd with: slapd -f " + paths.ldapdir + "/slapd.conf -h " + ldapi_uri)
diff --git a/source4/selftest/target/Samba4.pm b/source4/selftest/target/Samba4.pm
index 48fda175993..2b94135355d 100644
--- a/source4/selftest/target/Samba4.pm
+++ b/source4/selftest/target/Samba4.pm
@@ -617,6 +617,14 @@ sub provision($$$$$$)
 	read only = no
 	ntvfs handler = simple
 
+[sysvol]
+	path = $lockdir/sysvol
+	read only = yes
+
+[netlogon]
+	path = $lockdir/sysvol/$dnsname/scripts
+	read only = no
+
 [cifsposix]
 	copy = simple
 	ntvfs handler = cifsposix   
@@ -746,7 +754,7 @@ nogroup:x:65534:nobody
 	if (defined($self->{ldap})) {
 
                 push (@provision_options, "--ldap-backend=$ldap_uri");
-	        system("$self->{bindir}/smbscript $self->{setupdir}/provision-backend $configuration --ldap-manager-pass=$password --root=$unix_name --realm=$realm --host-name=$netbiosname --ldap-backend-type=$self->{ldap}>&2") == 0 or die("backend provision failed");
+	        system("$self->{bindir}/smbpython $self->{setupdir}/provision-backend $configuration --ldap-manager-pass=$password --root=$unix_name --realm=$realm --domain=$domain --host-name=$netbiosname --ldap-backend-type=$self->{ldap}>&2") == 0 or die("backend provision failed");
 
 	        if ($self->{ldap} eq "openldap") {
 		       ($ret->{SLAPD_CONF}, $ret->{OPENLDAP_PIDFILE}) = $self->mk_openldap($ldapdir, $configuration) or die("Unable to create openldap directories");
diff --git a/source4/setup/provision-backend b/source4/setup/provision-backend
index 91d7bdcb0a0..ada6dcef8dd 100755
--- a/source4/setup/provision-backend
+++ b/source4/setup/provision-backend
@@ -46,8 +46,8 @@ parser.add_option("--domain", type="string", metavar="DOMAIN",
 				  help="set domain")
 parser.add_option("--host-name", type="string", metavar="HOSTNAME", 
 		help="set hostname")
-parser.add_option("--adminpass", type="string", metavar="PASSWORD", 
-		help="choose admin password (otherwise random)")
+parser.add_option("--ldap-manager-pass", type="string", metavar="PASSWORD", 
+		help="choose LDAP manager password (otherwise random)")
 parser.add_option("--root", type="string", metavar="USERNAME", 
 		help="choose 'root' unix username")
 parser.add_option("--quiet", help="Be quiet", action="store_true")
@@ -91,7 +91,7 @@ if setup_dir is None:
 provision_backend(setup_dir=setup_dir, message=message, smbconf=smbconf, targetdir=opts.targetdir,
           realm=opts.realm, domain=opts.domain,
           hostname=opts.host_name,
-          adminpass=opts.adminpass,
+          adminpass=opts.ldap_manager_pass,
           root=opts.root, serverrole=server_role, 
           ldap_backend_type=opts.ldap_backend_type)
 
-- 
2.34.1