git.samba.org / jra / samba / .git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
r23875: As pointed out by mwallnoefer@yahoo.de:
[jra/samba/.git] / source4 / scripting / libjs / provision.js
diff --git a/source4/scripting/libjs/provision.js b/source4/scripting/libjs/provision.js
index f94c34e932696c6903f015f2cebdee74ea000638..c0816cc2a5758deb6e9294f58c599c829a55346d 100644 (file)
--- a/source4/scripting/libjs/provision.js
+++ b/source4/scripting/libjs/provision.js
@@ -389,6 +389,19 @@ function provision_default_paths(subobj)
        paths.ldap_basedn_ldif = paths.ldapdir + "/" + subobj.DNSDOMAIN + ".ldif";
        paths.ldap_config_basedn_ldif = paths.ldapdir + "/" + subobj.DNSDOMAIN + "-config.ldif";
        paths.ldap_schema_basedn_ldif = paths.ldapdir + "/" + subobj.DNSDOMAIN + "-schema.ldif";
+
+       paths.sysvol = lp.get("sysvol", "path");
+
+       if (paths.sysvol == undefined) {
+               paths.sysvol = lp.get("lock dir") + "/sysvol";
+       }
+       
+       paths.netlogon = lp.get("netlogon", "path");
+       
+       if (paths.netlogon == undefined) {
+               paths.netlogon = paths.sysvol + "/" + subobj.DNSDOMAIN + "/scripts";
+       }
+
        return paths;
 }
 
@@ -448,14 +461,11 @@ function provision_fix_subobj(subobj, paths)
        subobj.DNSNAME      = sprintf("%s.%s", 
                                      strlower(subobj.HOSTNAME), 
                                      subobj.DNSDOMAIN);
-       rdn_list = split(".", subobj.DNSDOMAIN);
+       var rdn_list = split(".", subobj.DNSDOMAIN);
        subobj.DOMAINDN     = "DC=" + join(",DC=", rdn_list);
-       subobj.DOMAINDN_LDB = "users.ldb";
        subobj.ROOTDN       = subobj.DOMAINDN;
        subobj.CONFIGDN     = "CN=Configuration," + subobj.ROOTDN;
-       subobj.CONFIGDN_LDB = "configuration.ldb";
        subobj.SCHEMADN     = "CN=Schema," + subobj.CONFIGDN;
-       subobj.SCHEMADN_LDB = "schema.ldb";
 
        var rdns = split(",", subobj.DOMAINDN);
        subobj.RDN_DC = substr(rdns[0], strlen("DC="));
@@ -464,6 +474,13 @@ function provision_fix_subobj(subobj, paths)
        subobj.SECRETS_KEYTAB   = paths.keytab;
 
        subobj.LDAPDIR = paths.ldapdir;
+       var ldap_path_list = split("/", paths.ldapdir);
+       subobj.LDAPI_URI = "ldapi://" + join("%2F", ldap_path_list) + "%2Fldapi";
+
+       subobj.LDAPMANAGERDN = "cn=Manager," + subobj.DOMAINDN;
+
+       subobj.NETLOGONPATH = paths.netlogon;
+       subobj.SYSVOLPATH = paths.sysvol;
 
        return true;
 }
@@ -586,7 +603,7 @@ function provision(subobj, message, blank, paths, session_info, credentials, lda
        var modify_ok = setup_ldb_modify("provision_basedn_modify.ldif", info, samdb);
        if (!modify_ok) {
                if (!add_ok) {
-                       message("Failed to both add and modify " + subobj.DOMAINDN + " in target " + subobj.DOMAINDN_LDB + ": " + samdb.errstring() + "\n");
+                       message("%s", "Failed to both add and modify " + subobj.DOMAINDN + " in target " + subobj.DOMAINDN_LDB + ": " + samdb.errstring() + "\n");
                        message("Perhaps you need to run the provision script with the --ldap-base-dn option, and add this record to the backend manually\n"); 
                };
                assert(modify_ok);
@@ -598,7 +615,7 @@ function provision(subobj, message, blank, paths, session_info, credentials, lda
        var modify_ok = setup_ldb_modify("provision_configuration_basedn_modify.ldif", info, samdb);
        if (!modify_ok) {
                if (!add_ok) {
-                       message("Failed to both add and modify configuration dn: " + samdb.errstring() + "\n");
+                       message("%s", "Failed to both add and modify " + subobj.CONFIGDN + " in target " + subobj.CONFIGDN_LDB + ": " + samdb.errstring() + "\n");
                        message("Perhaps you need to run the provision script with the --ldap-base-dn option, and add this record to the backend manually\n"); 
                        assert(modify_ok);
                }
@@ -611,7 +628,7 @@ function provision(subobj, message, blank, paths, session_info, credentials, lda
        var modify_ok = setup_ldb_modify("provision_schema_basedn_modify.ldif", info, samdb);
        if (!modify_ok) {
                if (!add_ok) {
-                       message("Failed to both add and modify schema dn:" + samdb.errstring() + "\n");
+                       message("%s", "Failed to both add and modify " + subobj.SCHEMADN + " in target " + subobj.SCHEMADN_LDB + ": " + samdb.errstring() + "\n");
                        message("Perhaps you need to run the provision script with the --ldap-base-dn option, and add this record to the backend manually\n"); 
                        assert(modify_ok);
                }
@@ -699,6 +716,21 @@ function provision(subobj, message, blank, paths, session_info, credentials, lda
        message("Setting up sam.ldb users and groups\n");
        setup_add_ldif("provision_users.ldif", info, samdb, false);
 
+       if (lp.get("server role") == "domain controller") {
+               message("Setting up self join\n");
+               setup_add_ldif("provision_self_join.ldif", info, samdb, false);
+               setup_add_ldif("provision_group_policy.ldif", info, samdb, false);
+
+               sys.mkdir(paths.sysvol, 0755);
+               sys.mkdir(paths.sysvol + "/"+ subobj.DNSDOMAIN, 0755);
+               sys.mkdir(paths.sysvol + "/"+ subobj.DNSDOMAIN + "/Policies", 0755);
+               sys.mkdir(paths.sysvol + "/"+ subobj.DNSDOMAIN + "/Policies/{" + subobj.POLICYGUID + "}", 0755);
+               sys.mkdir(paths.sysvol + "/"+ subobj.DNSDOMAIN + "/Policies/{" + subobj.POLICYGUID + "}/Machine", 0755);
+               sys.mkdir(paths.sysvol + "/"+ subobj.DNSDOMAIN + "/Policies/{" + subobj.POLICYGUID + "}/User", 0755);
+
+               sys.mkdir(paths.netlogon, 0755);
+       }
+
        if (setup_name_mappings(info, samdb) == false) {
                return false;
        }
@@ -768,6 +800,11 @@ function provision_schema(subobj, message, tmp_schema_path, paths)
 /* Write out a DNS zone file, from the info in the current database */
 function provision_dns(subobj, message, paths, session_info, credentials)
 {
+       var lp = loadparm_init();
+       if (lp.get("server role") != "domain controller") {
+               message("No DNS zone required for role %s\n", lp.get("server role"));
+               return;
+       }
        message("Setting up DNS zone: " + subobj.DNSDOMAIN + " \n");
        var ldb = ldb_init();
        ldb.session_info = session_info;
@@ -888,6 +925,9 @@ function provision_guess()
                                        "show_deleted",
                                        "partition");
        subobj.MODULES_LIST = join(",", modules_list);
+       subobj.DOMAINDN_LDB = "users.ldb";
+       subobj.CONFIGDN_LDB = "configuration.ldb";
+       subobj.SCHEMADN_LDB = "schema.ldb";
        subobj.DOMAINDN_MOD = "pdc_fsmo,password_hash";
        subobj.CONFIGDN_MOD = "naming_fsmo";
        subobj.SCHEMADN_MOD = "schema_fsmo";
Experimental branches for jra