source4/scripting/libjs/upgrade.js

   1 /*
   2         backend code for upgrading from Samba3
   3         Copyright Jelmer Vernooij 2005
   4         Released under the GNU GPL v2 or later
   5 */
   6
   7 libinclude("base.js");
   8
   9 function regkey_to_dn(name)
  10 {
  11         var dn = "hive=NONE";
  12         var i = 0;
  13
  14         var as = split("/", name);
  15
  16         for (i in as) {
  17                 if (i > 0) {
  18                         dn = sprintf("key=%s,", as[i]) + dn;
  19                 }
  20         }
  21
  22         return dn;
  23 }
  24
  25 /* Where prefix is any of:
  26  * - HKLM
  27  *   HKU
  28  *   HKCR
  29  *   HKPD
  30  *   HKPT
  31  */
  32
  33 function upgrade_registry(regdb,prefix)
  34 {
  35         var prefix_up = strupper(prefix);
  36
  37         var ldif = "";
  38
  39         for (var i in regdb.keys) {
  40                 var rk = regdb.keys[i];
  41                 /* Only handle selected hive */
  42                 if (strncmp(prefix_up, rk.name, strlen(prefix_up)) != 0) {
  43                         continue;
  44                 }
  45
  46                 var keydn = regkey_to_dn(rk.name);
  47
  48                 var pts = split("/", rk.name);
  49
  50                 /* Convert key name to dn */
  51                 ldif = ldif + sprintf("
  52 dn: %s
  53 name: %s
  54
  55 ", keydn, pts[0]);
  56
  57                 for (var j in rk.values) {
  58                         var rv = rk.values[j];
  59
  60                         ldif = ldif + sprintf("
  61 dn: %s,value=%s
  62 value: %s
  63 type: %d
  64 data:: %s", keydn, rv.value, rv.type, base64(rv.data));
  65                 }
  66         }
  67
  68         return ldif;
  69 }
  70
  71 function upgrade_sam_policy(samba3,dn)
  72 {
  73         var ldif = sprintf("
  74 dn: %s
  75 minPwdLength: %d
  76 pwdHistoryLength: %d
  77 minPwdAge: %d
  78 maxPwdAge: %d
  79 lockoutDuration: %d
  80 samba3ResetCountMinutes: %d
  81 samba3UserMustLogonToChangePassword: %d
  82 samba3BadLockoutMinutes: %d
  83 samba3DisconnectTime: %d
  84 samba3RefuseMachinePwdChange: %d
  85
  86 ", dn, samba3.policy.min_password_length,
  87         samba3.policy.password_history, samba3.policy.minimum_password_age,
  88         samba3.policy.maximum_password_age, samba3.policy.lockout_duration,
  89         samba3.policy.reset_count_minutes, samba3.policy.user_must_logon_to_change_password,
  90         samba3.policy.bad_lockout_minutes, samba3.policy.disconnect_time,
  91         samba3.policy.refuse_machine_password_change
  92 );
  93
  94         return ldif;
  95 }
  96
  97 function upgrade_sam_account(acc,domaindn)
  98 {
  99         var ldif = sprintf(
 100 "dn: cn=%s,%s
 101 objectClass: top
 102 objectClass: person
 103 objectClass: user
 104 lastLogon: %d
 105 lastLogoff: %d
 106 unixName: %s
 107 name: %s
 108 cn: %s
 109 description: %s
 110 primaryGroupID: %d
 111 badPwdcount: %d
 112 logonCount: %d
 113 samba3Domain: %s
 114 samba3DirDrive: %s
 115 samba3MungedDial: %s
 116 samba3Homedir: %s
 117 samba3LogonScript: %s
 118 samba3ProfilePath: %s
 119 samba3Workstations: %s
 120 samba3KickOffTime: %d
 121 samba3BadPwdTime: %d
 122 samba3PassLastSetTime: %d
 123 samba3PassCanChangeTime: %d
 124 samba3PassMustChangeTime: %d
 125 samba3Rid: %d
 126
 127 ", acc.fullname, domaindn, sam.logon_time, acc.logoff_time, acc.username, acc.nt_username,
 128 acc.fullname, acc.acct_desc, acc.group_rid, acc.bad_password_count, acc.logon_count,
 129 acc.domain, acc.dir_drive, acc.munged_dial, acc.homedir, acc.logon_script,
 130 acc.profile_path, acc.workstations, acc.kickoff_time, acc.bad_password_time,
 131 acc.pass_last_set_time, acc.pass_can_change_time, acc.pass_must_change_time, acc.user_rid);
 132
 133                 /* FIXME: Passwords */
 134
 135         return ldif;
 136 }
 137
 138 function upgrade_sam_group(grp,domaindn)
 139 {
 140         var ldif = sprintf(
 141 "dn: cn=%s,%s
 142 objectClass: top
 143 objectClass: group
 144 description: %s
 145 cn: %s
 146 objectSid: %s
 147 unixName: FIXME
 148 samba3SidNameUse: %d", grp.nt_name, domaindn,
 149 grp.comment, grp.nt_name, grp.sid, grp.sid_name_use);
 150
 151         return ldif;
 152 }
 153
 154 function upgrade_winbind(samba3,domaindn)
 155 {
 156         var ldif = sprintf("
 157
 158 dn: dc=none
 159 userHwm: %d
 160 groupHwm: %d
 161
 162 ", samba3.idmap.user_hwm, samba3.idmap.group_hwm);
 163
 164         for (var i in samba3.idmap.mappings) {
 165                 var m = samba3.idmap.mappings[i];
 166                 ldif = ldif + sprintf("
 167 dn: SID=%s,%s
 168 SID: %s
 169 type: %d
 170 unixID: %d", m.sid, domaindn, m.sid, m.type, m.unix_id);
 171         }
 172
 173         return ldif;
 174 }
 175 */
 176
 177 function upgrade_wins(samba3)
 178 {
 179         var ldif = "";
 180         for (i in samba3.winsentries) {
 181                 var e = samba3.winsentries[i];
 182
 183                 ldif = ldif + sprintf("
 184 dn: type=%d,name=%s
 185 name: %s
 186 objectClass: wins
 187 nbFlags: %x
 188 expires: %s", e.type, e.name, e.name, e.type, e.nb_flags, sys.ldap_time(e.ttl));
 189
 190                 for (var i in e.ips) {
 191                         ldif = ldif + sprintf("address: %s\n", e.ips[i]);
 192                 }
 193         }
 194
 195         return ldif;
 196 }
 197
 198 function upgrade_provision(samba3)
 199 {
 200         var subobj = new Object();
 201         var nss = nss_init();
 202         var lp = loadparm_init();
 203         var rdn_list;
 204
 205         var domainname = samba3.get_param("global", "workgroup");
 206         var domsec = samba3.find_domainsecrets(domainname);
 207         var hostsec = samba3.find_domainsecrets(hostname());
 208         var realm = samba3.get_param("global", "realm");
 209         random_init(local);
 210
 211         subobj.REALM        = realm;
 212         subobj.DOMAIN       = domainname;
 213         subobj.HOSTNAME     = hostname();
 214
 215         assert(subobj.REALM);
 216         assert(subobj.DOMAIN);
 217         assert(subobj.HOSTNAME);
 218
 219         subobj.HOSTIP       = hostip();
 220         subobj.DOMAINGUID   = domsec.guid;
 221         subobj.DOMAINSID    = domsec.sid;
 222         subobj.HOSTGUID     = hostsec.guid;
 223         subobj.INVOCATIONID = randguid();
 224         subobj.KRBTGTPASS   = randpass(12);
 225         subobj.MACHINEPASS  = randpass(12);
 226         subobj.ADMINPASS    = randpass(12);
 227         subobj.DEFAULTSITE  = "Default-First-Site-Name";
 228         subobj.NEWGUID      = randguid;
 229         subobj.NTTIME       = nttime;
 230         subobj.LDAPTIME     = ldaptime;
 231         subobj.DATESTRING   = datestring;
 232         subobj.USN          = nextusn;
 233         subobj.ROOT         = findnss(nss.getpwnam, split(samba3.get_param("global", "admin users")));
 234         subobj.NOBODY       = findnss(nss.getpwnam, "nobody");
 235         subobj.NOGROUP      = findnss(nss.getgrnam, "nogroup", "nobody");
 236         subobj.WHEEL        = findnss(nss.getgrnam, "wheel", "root");
 237         subobj.USERS        = findnss(nss.getgrnam, "users", "guest", "other");
 238         subobj.DNSDOMAIN    = strlower(subobj.REALM);
 239         subobj.DNSNAME      = sprintf("%s.%s",
 240                                       strlower(subobj.HOSTNAME),
 241                                       subobj.DNSDOMAIN);
 242         subobj.BASEDN       = "DC=" + join(",DC=", split(".", subobj.REALM));
 243         rdn_list = split(".", subobj.REALM);
 244         subobj.RDN_DC       = rdn_list[0];
 245         return subobj;
 246 }
 247
 248 var keep = new Array(
 249         "dos charset",
 250         "unix charset",
 251         "display charset",
 252         "comment",
 253         "path",
 254         "directory",
 255         "workgroup",
 256         "realm",
 257         "netbios name",
 258         "netbios aliases",
 259         "netbios scope",
 260         "server string",
 261         "interfaces",
 262         "bind interfaces only",
 263         "security",
 264         "auth methods",
 265         "encrypt passwords",
 266         "null passwords",
 267         "obey pam restrictions",
 268         "password server",
 269         "smb passwd file",
 270         "sam database",
 271         "spoolss database",
 272         "wins database",
 273         "private dir",
 274         "passwd chat",
 275         "password level",
 276         "lanman auth",
 277         "ntlm auth",
 278         "client NTLMv2 auth",
 279         "client lanman auth",
 280         "client plaintext auth",
 281         "read only",
 282         "hosts allow",
 283         "hosts deny",
 284         "log level",
 285         "debuglevel",
 286         "log file",
 287         "smb ports",
 288         "nbt port",
 289         "dgram port",
 290         "cldap port",
 291         "krb5 port",
 292         "web port",
 293         "tls enabled",
 294         "tls keyfile",
 295         "tls certfile",
 296         "tls cafile",
 297         "tls crlfile",
 298         "swat directory",
 299         "large readwrite",
 300         "max protocol",
 301         "min protocol",
 302         "unicode",
 303         "read raw",
 304         "write raw",
 305         "disable netbios",
 306         "nt status support",
 307         "announce version",
 308         "announce as",
 309         "max mux",
 310         "max xmit",
 311         "name resolve order",
 312         "max wins ttl",
 313         "min wins ttl",
 314         "time server",
 315         "unix extensions",
 316         "use spnego",
 317         "server signing",
 318         "client signing",
 319         "rpc big endian",
 320         "max connections",
 321         "paranoid server security",
 322         "socket options",
 323         "strict sync",
 324         "case insensitive filesystem",
 325         "max print jobs",
 326         "printable",
 327         "print ok",
 328         "printer name",
 329         "printer",
 330         "map system",
 331         "map hidden",
 332         "map archive",
 333         "domain logons",
 334         "preferred master",
 335         "prefered master",
 336         "local master",
 337         "domain master",
 338         "browseable",
 339         "browsable",
 340         "wins server",
 341         "wins support",
 342         "csc policy",
 343         "strict locking",
 344         "config file",
 345         "preload",
 346         "auto services",
 347         "lock dir",
 348         "lock directory",
 349         "pid directory",
 350         "js include",
 351         "setup directory",
 352         "socket address",
 353         "-valid",
 354         "copy",
 355         "include",
 356         "available",
 357         "volume",
 358         "fstype",
 359         "panic action",
 360         "msdfs root",
 361         "host msdfs",
 362         "winbind separator");
 363
 364 function upgrade_smbconf(samba3)
 365 {
 366         //FIXME
 367 }