static const struct enum_list enum_server_role[] = {
{ROLE_STANDALONE, "standalone"},
{ROLE_DOMAIN_MEMBER, "member server"},
+ {ROLE_DOMAIN_MEMBER, "member"},
{ROLE_DOMAIN_CONTROLLER, "domain controller"},
+ {ROLE_DOMAIN_CONTROLLER, "dc"},
{-1, NULL}
};
:note: This will wipe the main SAM database file!
"""
- assert serverrole in ("domain controller", "member server")
-
- erase = (fill != FILL_DRS)
+ erase = (fill != FILL_DRS)
# Also wipes the database
setup_samdb_partitions(path, setup_path, schemadn=schemadn, configdn=configdn,
if not os.path.exists(os.path.join(targetdir, "etc")):
os.mkdir(os.path.join(targetdir, "etc"))
- if smbconf is None:
- smbconf = os.path.join(targetdir, os.path.join("etc", "smb.conf"))
+ smbconf = os.path.join(targetdir, os.path.join("etc", "smb.conf"))
# only install a new smb.conf if there isn't one there already
+
if not os.path.exists(smbconf):
message("Setting up smb.conf")
- assert serverrole is not None
+ if serverrole is None:
+ serverrole = "standalone"
+
+ assert serverrole in ("domain controller", "member server", "standalone")
if serverrole == "domain controller":
smbconfsuffix = "dc"
elif serverrole == "member server":
smbconfsuffix = "member"
+ elif serverrole == "standalone":
+ smbconfsuffix = "standalone"
assert domain is not None
assert realm is not None
setup_file(setup_path("provision.smb.conf.%s" % smbconfsuffix),
smbconf, {
"HOSTNAME": hostname,
- "DOMAIN_CONF": domain,
- "REALM_CONF": realm,
+ "DOMAIN": domain,
+ "REALM": realm,
"SERVERROLE": serverrole,
"NETLOGONPATH": netlogon,
"SYSVOLPATH": sysvol,
if serverrole is None:
serverrole = lp.get("server role")
- assert serverrole in ("domain controller", "member server")
+ assert serverrole in ("domain controller", "member server", "standalone")
if invocationid is None and serverrole == "domain controller":
invocationid = uuid.random()
assert realm is not None
realm = realm.upper()
+ if lp.get("realm").upper() != realm.upper():
+ raise Exception("realm '%s' in %s must match chosen realm '%s'" %
+ (lp.get("realm"), smbconf, realm))
+
dnsdomain = realm.lower()
paths = provision_paths_from_lp(lp, dnsdomain)
message("Provisioning for %s in realm %s" % (domain, realm))
message("Using administrator password: %s" % adminpass)
- if lp.get("realm").upper() != realm.upper():
- raise Exception("realm '%s' in smb.conf must match chosen realm '%s'" %
- (lp.get("realm"), realm))
-
# only install a new shares config db if there is none
if not os.path.exists(paths.shareconf):
message("Setting up share.ldb")
else:
serverrole = "member server"
- lp.set("server role", serverrole)
domainname = oldconf.get("workgroup")
if domainname:
domainname = str(domainname)
- lp.set("workgroup", domainname)
realm = oldconf.get("realm")
netbiosname = oldconf.get("netbios name")
if realm is None:
realm = domainname.lower()
message("No realm specified in smb.conf file, assuming '%s'\n" % realm)
- lp.set("realm", realm)
domainguid = secrets_db.get_domain_guid(domainname)
domainsid = secrets_db.get_sid(domainname)
else:
machinepass = None
- domaindn = provision(lp=lp, setup_dir=setup_dir, message=message,
+ domaindn = provision(setup_dir=setup_dir, message=message,
samdb_fill=FILL_DRS, paths=paths, session_info=session_info,
credentials=credentials, realm=realm,
domain=domainname, domainsid=domainsid, domainguid=domainguid,
parser.add_option("--aci", type="string", metavar="ACI",
help="An arbitary LDIF fragment, particularly useful to loading a backend ACI value into a target LDAP server. You must provide at least a realm and domain")
parser.add_option("--server-role", type="choice", metavar="ROLE",
- choices=["domain controller", "member server"],
+ choices=["domain controller", "dc", "member server", "member", "standalone"],
help="Set server role to provision for (default standalone)")
parser.add_option("--partitions-only",
help="Configure Samba's partitions, but do not modify them (ie, join a BDC)", action="store_true")
parser.print_usage()
sys.exit(1)
-# cope with an initially blank smb.conf
-
-if sambaopts.get_loadparm_path() is not None:
- smbconf = sambaopts.get_loadparm_path()
+smbconf = sambaopts.get_loadparm_path()
if opts.aci is not None:
print "set ACI: %s" % opts.aci
+if opts.server_role == "dc":
+ server_role = "domain controller"
+elif opts.server_role == "member":
+ server_role = "member server"
+else:
+ server_role = opts.server_role
+
creds = credopts.get_credentials()
setup_dir = opts.setupdir
samdb_fill = FILL_DRS
provision(setup_dir, message,
- system_session(), creds, smbconf=smbconf,
- samdb_fill=samdb_fill, realm=opts.realm,
+ system_session(), creds, smbconf=smbconf, targetdir=opts.targetdir,
+ samdb_fill=samdb_fill, realm=opts.realm, domain=opts.domain,
domainguid=opts.domain_guid, domainsid=opts.domain_sid,
policyguid=opts.policy_guid, hostname=opts.host_name,
hostip=opts.host_ip, hostguid=opts.host_guid,
krbtgtpass=opts.krbtgtpass, machinepass=opts.machinepass,
dnspass=opts.dnspass, root=opts.root, nobody=opts.nobody,
nogroup=opts.nogroup, wheel=opts.wheel, users=opts.users,
- aci=opts.aci, serverrole=opts.server_role,
+ aci=opts.aci, serverrole=server_role,
ldap_backend=opts.ldap_backend,
ldap_backend_type=opts.ldap_backend_type)
[globals]
netbios name = ${HOSTNAME}
- workgroup = ${DOMAIN_CONF}
- realm = ${REALM_CONF}
+ workgroup = ${DOMAIN}
+ realm = ${REALM}
server role = ${SERVERROLE}
${PRIVATEDIR_LINE}
${LOCKDIR_LINE}
[globals]
netbios name = ${HOSTNAME}
- workgroup = ${DOMAIN_CONF}
- realm = ${REALM_CONF}
+ workgroup = ${DOMAIN}
+ realm = ${REALM}
server role = ${SERVERROLE}
${PRIVATEDIR_LINE}
${LOCKDIR_LINE}
[globals]
netbios name = ${HOSTNAME}
- workgroup = ${DOMAIN_CONF}
- realm = ${REALM_CONF}
+ workgroup = ${DOMAIN}
+ realm = ${REALM}
server role = ${SERVERROLE}
${PRIVATEDIR_LINE}
${LOCKDIR_LINE}
return $status
}
-testit "simple" $PYTHON ./setup/provision $CONFIGURATION --domain=FOO --realm=foo.example.com --targetdir=$PREFIX/simple
+testit "simple-default" $PYTHON ./setup/provision $CONFIGURATION --domain=FOO --realm=foo.example.com --targetdir=$PREFIX/simple-default
+testit "simple-dc" $PYTHON ./setup/provision $CONFIGURATION --server-role="dc" --domain=FOO --realm=foo.example.com --targetdir=$PREFIX/simple-dc
+testit "simple-member" $PYTHON ./setup/provision $CONFIGURATION --server-role="member" --domain=FOO --realm=foo.example.com --targetdir=$PREFIX/simple-member
+testit "simple-standalone" $PYTHON ./setup/provision $CONFIGURATION --server-role="standalone" --domain=FOO --realm=foo.example.com --targetdir=$PREFIX/simple-standalone
reprovision() {
$PYTHON ./setup/provision $CONFIGURATION --domain=FOO --realm=foo.example.com --targetdir="$PREFIX/reprovision"