return false;
}
var res = ldb.search("(cn=Administrator)");
- if (res.length != 1) {
+ if (res.error != 0 || res.msgs.length != 1) {
return false;
}
return true;
var attrs = new Array("dn");
var res = ldb.search(sprintf("objectSid=%s", sid),
info.subobj.DOMAINDN, ldb.SCOPE_SUBTREE, attrs);
- if (res.length != 1) {
+ if (res.error != 0 || res.msgs.length != 1) {
info.message("Failed to find record for objectSid %s\n", sid);
return false;
}
replace: unixName
unixName: %s
",
- res[0].dn, unixname);
+ res.msgs[0].dn, unixname);
var ok = ldb.modify(mod);
- if (!ok) {
+ if (ok.error != 0) {
info.message("name mapping for %s failed - %s\n",
sid, ldb.errstring());
return false;
var basedn = "";
var res = ldb.search("(&(|(objectclass=*)(dn=*))(!(dn=@BASEINFO)))", basedn, ldb.SCOPE_SUBTREE, attrs);
var i;
- if (typeof(res) == "undefined") {
+ if (res.error != 0) {
ldb_delete(ldb);
return;
}
- for (i=0;i<res.length;i++) {
- ldb.del(res[i].dn);
+ for (i=0;i<res.msgs.length;i++) {
+ ldb.del(res.msgs[i].dn);
}
var res = ldb.search("(&(|(objectclass=*)(dn=*))(!(dn=@BASEINFO)))", basedn, ldb.SCOPE_SUBTREE, attrs);
- if (res.length != 0) {
+ if (res.error != 0 || res.msgs.length != 0) {
ldb_delete(ldb);
return;
}
- assert(res.length == 0);
+ assert(res.msgs.length == 0);
}
/*
var j;
var res = ldb.search("(objectClass=*)", "", ldb.SCOPE_BASE, rootDSE_attrs);
- assert(typeof(res) != "undefined");
- assert(res.length == 1);
- if (typeof(res[0].namingContexts) == "undefined") {
+ assert(res.error == 0);
+ assert(res.msgs.length == 1);
+ if (typeof(res.msgs[0].namingContexts) == "undefined") {
return;
}
- for (j=0; j<res[0].namingContexts.length; j++) {
+ for (j=0; j<res.msgs[0].namingContexts.length; j++) {
var anything = "(|(objectclass=*)(dn=*))";
var attrs = new Array("dn");
- var basedn = res[0].namingContexts[j];
+ var basedn = res.msgs[0].namingContexts[j];
var k;
var previous_remaining = 1;
var current_remaining = 0;
/* and the rest */
var res2 = ldb.search(anything, basedn, ldb.SCOPE_SUBTREE, attrs);
var i;
- if (typeof(res2) == "undefined") {
- info.message("ldb search failed: " + ldb.errstring() + "\n");
+ if (res2.error != 0) {
+ info.message("ldb search failed: " + res.errstr + "\n");
continue;
}
previous_remaining = current_remaining;
- current_remaining = res2.length;
- for (i=0;i<res2.length;i++) {
- ldb.del(res2[i].dn);
+ current_remaining = res2.msgs.length;
+ for (i=0;i<res2.msgs.length;i++) {
+ ldb.del(res2.msgs[i].dn);
}
var res3 = ldb.search(anything, basedn, ldb.SCOPE_SUBTREE, attrs);
- if (typeof(res3) == "undefined") {
- info.message("ldb search failed: " + ldb.errstring() + "\n");
+ if (res3.error != 0) {
+ info.message("ldb search failed: " + res.errstr + "\n");
continue;
}
- if (res3.length != 0) {
- info.message("Failed to delete all records under " + basedn + ", " + res3.length + " records remaining\n");
+ if (res3.msgs.length != 0) {
+ info.message("Failed to delete all records under " + basedn + ", " + res3.msgs.length + " records remaining\n");
}
}
}
var data = sys.file_load(src);
data = substitute_var(data, info.subobj);
- var add_ok = ldb.add(data);
- if (!add_ok) {
- info.message("ldb load failed: " + ldb.errstring() + "\n");
+ var add_res = ldb.add(data);
+ if (add_res.error != 0) {
+ info.message("ldb load failed: " + add_res.errstr + "\n");
if (!failok) {
- assert(add_ok);
+ assert(add_res.error == 0);
}
}
- return add_ok;
+ return (add_res.error == 0);
}
function setup_modify_ldif(ldif, info, ldb, failok)
var data = sys.file_load(src);
data = substitute_var(data, info.subobj);
- var mod_ok = ldb.modify(data);
- if (!mod_ok) {
- info.message("ldb load failed: " + ldb.errstring() + "\n");
+ var mod_res = ldb.modify(data);
+ if (mod_res.error != 0) {
+ info.message("ldb load failed: " + mod_res.errstr + "\n");
if (!failok) {
- assert(mod_ok);
+ assert(mod_res.error == 0);
}
}
- return mod_ok;
+ return (mod_res.error == 0);
}
var data = sys.file_load(src);
data = substitute_var(data, info.subobj);
- var mod_ok = ldb.modify(data);
- if (!mod_ok) {
- info.message("ldb load failed: " + ldb.errstring() + "\n");
- return mod_ok;
+ var mod_res = ldb.modify(data);
+ if (mod_res.error != 0) {
+ info.message("ldb load failed: " + mod_res.errstr + "\n");
+ return (mod_res.error == 0);
}
- return mod_ok;
+ return (mod_res.error == 0);
}
/*
paths.dns = lp.get("private dir") + "/" + subobj.DNSDOMAIN + ".zone";
paths.winsdb = "wins.ldb";
paths.ldap_basedn_ldif = lp.get("private dir") + "/" + subobj.DNSDOMAIN + ".ldif";
+ paths.ldap_config_basedn_ldif = lp.get("private dir") + "/" + subobj.DNSDOMAIN + "-config.ldif";
+ paths.ldap_schema_basedn_ldif = lp.get("private dir") + "/" + subobj.DNSDOMAIN + "-schema.ldif";
return paths;
}
var subobj = info.subobj;
res = ldb.search("objectSid=*", subobj.DOMAINDN, ldb.SCOPE_BASE, attrs);
- assert(res.length == 1 && res[0].objectSid != undefined);
- var sid = res[0].objectSid;
+ assert(res.error == 0);
+ assert(res.msgs.length == 1 && res.msgs[0].objectSid != undefined);
+ var sid = res.msgs[0].objectSid;
/* add some foreign sids if they are not present already */
add_foreign(ldb, subobj, "S-1-5-7", "Anonymous");
return true;
}
-function provision_become_dc(subobj, message, paths, session_info)
+function provision_become_dc(subobj, message, erase, paths, session_info)
{
var lp = loadparm_init();
var sys = sys_init();
message("Setting up " + paths.samdb + " rootDSE\n");
setup_add_ldif("provision_rootdse_add.ldif", info, samdb, false);
- message("Erasing data from partitions\n");
- ldb_erase_partitions(info, samdb, undefined);
+ if (erase) {
+ message("Erasing data from partitions\n");
+ ldb_erase_partitions(info, samdb, undefined);
+ }
message("Setting up " + paths.samdb + " indexes\n");
setup_add_ldif("provision_index.ldif", info, samdb, false);
+ message("Setting up " + paths.samdb + " templates\n");
+ setup_add_ldif("provision_templates.ldif", info, samdb, false);
+
ok = samdb.transaction_commit();
assert(ok);
message("Setting up " + paths.secrets + "\n");
- setup_ldb("secrets.ldif", info, paths.secrets);
-
- tmp = lp.get("secrets database");
- ok = lp.set("secrets database", paths.secrets);
- assert(ok);
-
- message("Setting up keytabs\n");
- var keytab_ok = credentials_update_all_keytabs();
- assert(keytab_ok);
+ setup_ldb("secrets_init.ldif", info, paths.secrets);
- ok = lp.set("secrets database", tmp);
- assert(ok);
+ setup_ldb("secrets.ldif", info, paths.secrets, false);
return true;
}
setup_ldb("share.ldif", info, paths.shareconf);
}
- message("Setting up secrets.ldb\n");
- setup_ldb("secrets.ldif", info, paths.secrets);
-
- message("Setting up keytabs\n");
- var keytab_ok = credentials_update_all_keytabs();
- assert(keytab_ok);
+ message("Setting up " + paths.secrets + "\n");
+ setup_ldb("secrets_init.ldif", info, paths.secrets);
+ setup_ldb("secrets.ldif", info, paths.secrets, false);
message("Setting up hklm.ldb\n");
setup_ldb("hklm.ldif", info, paths.hklm);
assert(modify_ok);
};
+ message("Adding configuration container (permitted to fail)\n");
+ var add_ok = setup_add_ldif("provision_configuration_basedn.ldif", info, samdb, true);
+ message("Modifying configuration container\n");
+ var modify_ok = setup_ldb_modify("provision_configuration_basedn_modify.ldif", info, samdb);
+ if (!modify_ok) {
+ if (!add_ok) {
+ message("Failed to both add and modify the configuration container\n");
+ assert(modify_ok);
+ }
+ assert(modify_ok);
+ }
+
+ message("Adding schema container (permitted to fail)\n");
+ var add_ok = setup_add_ldif("provision_schema_basedn.ldif", info, samdb, true);
+ message("Modifying schema container\n");
+ var modify_ok = setup_ldb_modify("provision_schema_basedn_modify.ldif", info, samdb);
+ if (!modify_ok) {
+ if (!add_ok) {
+ message("Failed to both add and modify the schema container: " + samdb.errstring() + "\n");
+ assert(modify_ok);
+ }
+ message("Failed to modify the schema container: " + samdb.errstring() + "\n");
+ assert(modify_ok);
+ }
+
message("Setting up sam.ldb Samba4 schema\n");
setup_add_ldif("schema_samba4.ldif", info, samdb, false);
message("Setting up sam.ldb AD schema\n");
samdb = open_ldb(info, paths.samdb, false);
+ message("Setting up sam.ldb configuration data\n");
+ setup_add_ldif("provision_configuration.ldif", info, samdb, false);
+
message("Setting up display specifiers\n");
setup_add_ldif("display_specifiers.ldif", info, samdb, false);
message("Setting up sam.ldb templates\n");
message("Setting up sam.ldb data\n");
setup_add_ldif("provision.ldif", info, samdb, false);
- message("Setting up sam.ldb configuration data\n");
- setup_add_ldif("provision_configuration.ldif", info, samdb, false);
if (blank != false) {
message("Setting up sam.ldb index\n");
var attrs = new Array("objectGUID");
res = ldb.search("objectGUID=*", subobj.DOMAINDN, ldb.SCOPE_BASE, attrs);
- assert(res.length == 1);
- assert(res[0].objectGUID != undefined);
- subobj.DOMAINGUID = res[0].objectGUID;
+ assert(res.error == 0);
+ assert(res.msgs.length == 1);
+ assert(res.msgs[0].objectGUID != undefined);
+ subobj.DOMAINGUID = res.msgs[0].objectGUID;
subobj.HOSTGUID = searchone(ldb, subobj.DOMAINDN, "(&(objectClass=computer)(cn=" + subobj.NETBIOSNAME + "))", "objectGUID");
assert(subobj.HOSTGUID != undefined);
message, paths.ldap_basedn_ldif,
subobj);
- message("Please install the LDIF located in " + paths.ldap_basedn_ldif + " into your LDAP server, and re-run with --ldap-backend=ldap://my.ldap.server\n");
+ setup_file("provision_configuration_basedn.ldif",
+ message, paths.ldap_config_basedn_ldif,
+ subobj);
+
+ setup_file("provision_schema_basedn.ldif",
+ message, paths.ldap_schema_basedn_ldif,
+ subobj);
+
+ message("Please install the LDIF located in " + paths.ldap_basedn_ldif + ", " + paths.ldap_config_basedn_ldif + " and " + paths.ldap_schema_basedn_ldif + " into your LDAP server, and re-run with --ldap-backend=ldap://my.ldap.server\n");
}
{
var attrs = new Array(attribute);
res = ldb.search(expression, basedn, ldb.SCOPE_SUBTREE, attrs);
- if (res.length != 1 ||
- res[0][attribute] == undefined) {
+ if (res.error != 0 ||
+ res.msgs.length != 1 ||
+ res.msgs[0][attribute] == undefined) {
return undefined;
}
- return res[0][attribute];
+ return res.msgs[0][attribute];
}
/*
{
var attrs = new Array("userAccountControl");
var res = ldb.search(NULL, user_dn, ldb.SCOPE_ONELEVEL, attrs);
- assert(res.length == 1);
- var userAccountControl = res[0].userAccountControl;
+ assert(res.error == 0);
+ assert(res.msgs.length == 1);
+ var userAccountControl = res.msgs[0].userAccountControl;
userAccountControl = userAccountControl - 2; /* remove disabled bit */
var mod = sprintf("
dn: %s
",
user_dn, userAccountControl);
var ok = ldb.modify(mod);
- return ok;
+ return (ok.error == 0);
}
/* find the DNs for the domain and the domain users group */
var attrs = new Array("defaultNamingContext");
res = ldb.search("defaultNamingContext=*", "", ldb.SCOPE_BASE, attrs);
- assert(res.length == 1 && res[0].defaultNamingContext != undefined);
- var domain_dn = res[0].defaultNamingContext;
+ assert(res.error == 0);
+ assert(res.msgs.length == 1 && res.msgs[0].defaultNamingContext != undefined);
+ var domain_dn = res.msgs[0].defaultNamingContext;
assert(domain_dn != undefined);
var dom_users = searchone(ldb, domain_dn, "name=Domain Users", "dn");
assert(dom_users != undefined);
*/
message("Adding user %s\n", user_dn);
ok = ldb.add(ldif);
- if (ok != true) {
- message("Failed to add %s - %s\n", user_dn, ldb.errstring());
+ if (ok.error != 0) {
+ message("Failed to add %s - %s\n", user_dn, ok.errstr);
return false;
}
message("Modifying group %s\n", dom_users);
ok = ldb.modify(modgroup);
- if (ok != true) {
- message("Failed to modify %s - %s\n", dom_users, ldb.errstring());
+ if (ok.error != 0) {
+ message("Failed to modify %s - %s\n", dom_users, ok.errstr);
return false;
}