invocationid=None, machinepass=None, ntdsguid=None,
dns_backend=None, dnspass=None,
serverrole=None, dom_for_fun_level=None,
- am_rodc=False, lp=None, use_ntvfs=False):
+ am_rodc=False, lp=None, use_ntvfs=False, skip_sysvolacl=True):
# create/adapt the group policy GUIDs
# Default GUID for default policy are described at
# "How Core Group Policy Works"
# policy)
create_default_gpo(paths.sysvol, names.dnsdomain, policyguid,
policyguid_dc)
- setsysvolacl(samdb, paths.netlogon, paths.sysvol, paths.root_uid, paths.wheel_gid,
- domainsid, names.dnsdomain, names.domaindn, lp, use_ntvfs)
+ if not skip_sysvolacl:
+ setsysvolacl(samdb, paths.netlogon, paths.sysvol, paths.root_uid, paths.wheel_gid,
+ domainsid, names.dnsdomain, names.domaindn, lp, use_ntvfs)
secretsdb_self_join(secrets_ldb, domain=names.domain,
realm=names.realm, dnsdomain=names.dnsdomain,
ol_mmr_urls=None, ol_olc=None, slapd_path="/bin/false",
useeadb=False, am_rodc=False,
lp=None, use_ntvfs=False,
- use_rfc2307=False, maxuid=None, maxgid=None):
+ use_rfc2307=False, maxuid=None, maxgid=None,
+ skip_sysvolacl=True):
"""Provision samba4
:note: caution, this wipes all existing data!
ntdsguid=ntdsguid, dns_backend=dns_backend,
dnspass=dnspass, serverrole=serverrole,
dom_for_fun_level=dom_for_fun_level, am_rodc=am_rodc,
- lp=lp, use_ntvfs=use_ntvfs)
+ lp=lp, use_ntvfs=use_ntvfs,
+ skip_sysvolacl=skip_sysvolacl)
create_krb5_conf(paths.krb5conf,
dnsdomain=names.dnsdomain, hostname=names.hostname,
from samba import Ldb, registry
from samba.param import LoadParm
-from samba.provision import provision, FILL_FULL, ProvisioningError
+from samba.provision import provision, FILL_FULL, ProvisioningError, setsysvolacl
from samba.samba3 import passdb
from samba.samba3 import param as s3param
from samba.dcerpc import lsa, samr, security
hostname=netbiosname.lower(), machinepass=machinepass,
serverrole=serverrole, samdb_fill=FILL_FULL,
useeadb=useeadb, dns_backend=dns_backend, use_rfc2307=True,
- use_ntvfs=use_ntvfs)
+ use_ntvfs=use_ntvfs, skip_sysvolacl=True)
result.report_logger(logger)
# Import WINS database
s4_passdb.update_sam_account(admin_userdata)
logger.info("Administrator password has been set to password of user '%s'", admin_user)
+ if result.server_role == "active directory domain controller":
+ setsysvolacl(result.samdb, result.paths.netlogon, result.paths.sysvol, result.paths.root_uid, result.paths.wheel_gid,
+ security.dom_sid(result.domainsid), result.names.dnsdomain, result.names.domaindn, result.lp, use_ntvfs)
+
# FIXME: import_registry(registry.Registry(), samba3.get_registry())
# FIXME: shares
git.samba.org / ambi / samba-autobuild / .git / commitdiff