schema: Add option of specifying the base schema for a provision

author Tim Beale <timbeale@catalyst.net.nz>

Tue, 3 Oct 2017 23:30:59 +0000 (12:30 +1300)

committer Andrew Bartlett <abartlet@samba.org>

Thu, 14 Dec 2017 07:20:16 +0000 (08:20 +0100)
author Tim Beale <timbeale@catalyst.net.nz>
Tue, 3 Oct 2017 23:30:59 +0000 (12:30 +1300)
committer Andrew Bartlett <abartlet@samba.org>
Thu, 14 Dec 2017 07:20:16 +0000 (08:20 +0100)
diff --git a/python/samba/provision/__init__.py b/python/samba/provision/__init__.py

index 09bd2197901b008c3915e39c2bfca048c34df4c6..5de986463a5648d3cf6324fa9098162a31de5889 100644 (file)
--- a/python/samba/provision/__init__.py
+++ b/python/samba/provision/__init__.py
@@ -1355,6 +1355,12 @@ def fill_samdb(samdb, lp, names, logger, policyguid,
          protected1wd_descr = b64encode(get_config_delete_protected1wd_descriptor(names.domainsid))
          protected2_descr = b64encode(get_config_delete_protected2_descriptor(names.domainsid))
  
+        if "2008" in schema.base_schema:
+            # exclude 2012-specific changes if we're using a 2008 schema
+            incl_2012 = "#"
+        else:
+            incl_2012 = ""
+
          setup_add_ldif(samdb, setup_path("provision_configuration.ldif"), {
                  "CONFIGDN": names.configdn,
                  "NETBIOSNAME": names.netbiosname,
@@ -1378,7 +1384,7 @@ def fill_samdb(samdb, lp, names, logger, policyguid,
  
          setup_add_ldif(samdb, setup_path("extended-rights.ldif"), {
                  "CONFIGDN": names.configdn,
-                "INC2012" : "#",
+                "INC2012" : incl_2012,
                  })
  
          logger.info("Setting up display specifiers")
@@ -1968,7 +1974,8 @@ def provision(logger, session_info, smbconf=None,
          sitename=None, ol_mmr_urls=None, ol_olc=None, slapd_path=None,
          useeadb=False, am_rodc=False, lp=None, use_ntvfs=False,
          use_rfc2307=False, maxuid=None, maxgid=None, skip_sysvolacl=True,
-        ldap_backend_forced_uri=None, nosync=False, ldap_dryrun_mode=False, ldap_backend_extra_port=None):
+        ldap_backend_forced_uri=None, nosync=False, ldap_dryrun_mode=False,
+        ldap_backend_extra_port=None, base_schema=None):
      """Provision samba4
  
      :note: caution, this wipes all existing data!
@@ -2101,7 +2108,7 @@ def provision(logger, session_info, smbconf=None,
      ldapi_url = "ldapi://%s" % urllib.quote(paths.s4_ldapi_path, safe="")
  
      schema = Schema(domainsid, invocationid=invocationid,
-        schemadn=names.schemadn)
+        schemadn=names.schemadn, base_schema=base_schema)
  
      if backend_type == "ldb":
          provision_backend = LDBBackend(backend_type, paths=paths,
diff --git a/python/samba/schema.py b/python/samba/schema.py

index eaa01640c64ababc13e7bb7b6af923d3579d3e22..bc3ae05748416f3f58e82708dc3522b38831bfc2 100644 (file)
--- a/python/samba/schema.py
+++ b/python/samba/schema.py
@@ -76,7 +76,8 @@ class Schema(object):
      }
  
      def __init__(self, domain_sid, invocationid=None, schemadn=None,
-                 files=None, override_prefixmap=None, additional_prefixmap=None):
+                 files=None, override_prefixmap=None, additional_prefixmap=None,
+                 base_schema=None):
          from samba.provision import setup_path
  
          """Load schema for the SamDB from the AD schema files and
@@ -89,6 +90,11 @@ class Schema(object):
          needing to add it to the db
          """
  
+        if base_schema is None:
+            base_schema = Schema.default_base_schema()
+
+        self.base_schema = base_schema
+
          self.schemadn = schemadn
          # We need to have the am_rodc=False just to keep some warnings quiet -
          # this isn't a real SAM, so it's meaningless.
@@ -97,8 +103,8 @@ class Schema(object):
              self.ldb.set_invocation_id(invocationid)
  
          self.schema_data = read_ms_schema(
-            setup_path('ad-schema/MS-AD_Schema_2K8_R2_Attributes.txt'),
-            setup_path('ad-schema/MS-AD_Schema_2K8_R2_Classes.txt'))
+            setup_path('ad-schema/%s' % Schema.base_schemas[base_schema][0]),
+            setup_path('ad-schema/%s' % Schema.base_schemas[base_schema][1]))
  
          if files is not None:
              for file in files:
@@ -108,9 +114,10 @@ class Schema(object):
              {"SCHEMADN": schemadn})
          check_all_substituted(self.schema_data)
  
+        schema_version = str(Schema.get_version(base_schema))
          self.schema_dn_modify = read_and_sub_file(
              setup_path("provision_schema_basedn_modify.ldif"),
-            {"SCHEMADN": schemadn})
+            {"SCHEMADN": schemadn, "OBJVERSION" : schema_version})
  
          descr = b64encode(get_schema_descriptor(domain_sid))
          self.schema_dn_add = read_and_sub_file(
diff --git a/source4/setup/provision_schema_basedn_modify.ldif b/source4/setup/provision_schema_basedn_modify.ldif

index 93266db6249bd46b58b62f6c3cd6b78d1e40e0da..e4057c3caf385ff19596ba7d1c929d217bd8866f 100644 (file)
--- a/source4/setup/provision_schema_basedn_modify.ldif
+++ b/source4/setup/provision_schema_basedn_modify.ldif
@@ -6,5 +6,5 @@ changetype: modify
  -
  # "masteredBy", "msDs-masteredBy" filled in later
  replace: objectVersion
-objectVersion: 47
+objectVersion: ${OBJVERSION}
author	Tim Beale <timbeale@catalyst.net.nz>
	Tue, 3 Oct 2017 23:30:59 +0000 (12:30 +1300)
committer	Andrew Bartlett <abartlet@samba.org>
	Thu, 14 Dec 2017 07:20:16 +0000 (08:20 +0100)
python/samba/provision/__init__.py		patch \| blob \| history
python/samba/schema.py		patch \| blob \| history
source4/setup/provision_schema_basedn_modify.ldif		patch \| blob \| history