Added "admin_session" method.
[ira/wip.git] / source4 / scripting / python / samba / provision.py
index 27b5369ea146666076d04973b654e053e4e8c47c..778271f1d5ce520457425533ffbe627d6496a266 100644 (file)
@@ -40,7 +40,7 @@ import subprocess
 
 import shutil
 from credentials import Credentials, DONT_USE_KERBEROS
-from auth import system_session
+from auth import system_session, admin_session
 from samba import version, Ldb, substitute_var, valid_netbios_name, check_all_substituted, \
   DS_BEHAVIOR_WIN2008
 from samba.samdb import SamDB
@@ -863,6 +863,10 @@ def setup_samdb(path, setup_path, session_info, credentials, lp,
         else:
             domain_oc = "samba4LocalDomain"
 
+#impersonate domain admin
+        admin_session_info = admin_session(lp, str(domainsid))
+        samdb.set_session_info(admin_session_info)
+
         setup_add_ldif(samdb, setup_path("provision_basedn.ldif"), {
                 "DOMAINDN": names.domaindn,
                 "DOMAIN_OC": domain_oc