"UUID": str(uuid.uuid4()),
"LDAPTIME": timestring(int(time.time()))} )
-#"LDAPMANAGERDN": names.ldapmanagerdn,
-
-
mapping = "schema-map-openldap-2.3"
backend_schema = "backend-schema.schema"
message("Hostname: %s" % names.hostname)
message("DNS Domain: %s" % names.dnsdomain)
message("Base DN: %s" % names.domaindn)
- message("LDAP admin DN: %s" % names.ldapmanagerdn)
+
+ if ldap_backend_type == "openldap":
+ message("LDAP admin user: samba-admin")
+ else:
+ message("LDAP admin DN: %s" % names.ldapmanagerdn)
+
message("LDAP admin password: %s" % adminpass)
message(slapdcommand)
server max protocol = SMB2
notify:inotify = false
ldb:nosync = true
- system:anonymous = true
#We don't want to pass our self-tests if the PAC code is wrong
gensec:require_pac = true
log level = $smbd_loglevel
push (@provision_options, "--krbtgtpass=krbtgt$password");
push (@provision_options, "--machinepass=machine$password");
push (@provision_options, "--root=$unix_name");
- push (@provision_options, "--username=samba-admin");
- push (@provision_options, "--password=$password");
+
push (@provision_options, "--server-role=\"$server_role\"");
my $ldap_uri= "$ldapdir/ldapi";
if (defined($self->{ldap})) {
push (@provision_options, "--ldap-backend=$ldap_uri");
- system("$self->{setupdir}/provision-backend $configuration --ldap-manager-pass=$password --root=$unix_name --realm=$realm --domain=$domain --host-name=$netbiosname --ldap-backend-type=$self->{ldap}>&2") == 0 or die("backend provision failed");
+ system("$self->{setupdir}/provision-backend $configuration --ldap-admin-pass=$password --root=$unix_name --realm=$realm --domain=$domain --host-name=$netbiosname --ldap-backend-type=$self->{ldap}>&2") == 0 or die("backend provision failed");
+
+ push (@provision_options, "--password=$password");
if ($self->{ldap} eq "openldap") {
+ push (@provision_options, "--username=samba-admin");
($ret->{SLAPD_CONF}, $ret->{OPENLDAP_PIDFILE}) = $self->mk_openldap($ldapdir, $configuration) or die("Unable to create openldap directories");
push (@provision_options, "--ldap-backend-type=openldap");
} elsif ($self->{ldap} eq "fedora-ds") {
+ push (@provision_options, "--simple-bind-dn=cn=Manager,$localbasedn");
($ret->{FEDORA_DS_DIR}, $ret->{FEDORA_DS_PIDFILE}) = $self->mk_fedora_ds($ldapdir, $configuration) or die("Unable to create fedora ds directories");
push (@provision_options, "--ldap-backend-type=fedora-ds");
- push (@provision_options, "'--aci=aci:: KHRhcmdldGF0dHIgPSAiKiIpICh2ZXJzaW9uIDMuMDthY2wgImZ1bGwgYWNjZXNzIHRvIGFsbCBieSBhbGwiO2FsbG93IChhbGwpKHVzZXJkbiA9ICJsZGFwOi8vL2FueW9uZSIpOykK'");
}
$self->slapd_start($ret) or
help="set domain")
parser.add_option("--host-name", type="string", metavar="HOSTNAME",
help="set hostname")
-parser.add_option("--ldap-manager-pass", type="string", metavar="PASSWORD",
- help="choose LDAP manager password (otherwise random)")
+parser.add_option("--ldap-admin-pass", type="string", metavar="PASSWORD",
+ help="choose LDAP admin password (otherwise random)")
parser.add_option("--root", type="string", metavar="USERNAME",
help="choose 'root' unix username")
parser.add_option("--quiet", help="Be quiet", action="store_true")
provision_backend(setup_dir=setup_dir, message=message, smbconf=smbconf, targetdir=opts.targetdir,
realm=opts.realm, domain=opts.domain,
hostname=opts.host_name,
- adminpass=opts.ldap_manager_pass,
+ adminpass=opts.ldap_admin_pass,
root=opts.root, serverrole=server_role,
ldap_backend_type=opts.ldap_backend_type,
ldap_backend_port=opts.ldap_backend_port)
git.samba.org / gd / samba / .git / commitdiff