From: Andrew Bartlett <abartlet@samba.org>
Date: Fri, 6 Jan 2006 12:29:06 +0000 (+0000)
Subject: r12739: Add support for using credentials in the provision process.
X-Git-Url: http://git.samba.org/samba.git/?p=kai%2Fsamba.git;a=commitdiff_plain;h=8f4dc51345dc48f5a6bfb1a49297f205ba53ef0a

r12739: Add support for using credentials in the provision process.

This should allow us to provision to a 'normal' LDAP server.

Also add in 'session info' hooks (unused).  Both of these need to be
hooked in on the webserver.

Andrew Bartlett
(This used to be commit b349d2fbfefd0e0d4620b9e8e0c4136f900be1ae)
---

diff --git a/source4/scripting/libjs/provision.js b/source4/scripting/libjs/provision.js
index b5f8527bd01..17382cc0147 100644
--- a/source4/scripting/libjs/provision.js
+++ b/source4/scripting/libjs/provision.js
@@ -16,6 +16,7 @@ function install_ok()
 {
 	var lp = loadparm_init();
 	var ldb = ldb_init();
+	ldb.credentials = credentials_cmdline();
 	if (lp.get("realm") == "") {
 		return false;
 	}
@@ -174,19 +175,21 @@ function ldb_erase(ldb)
 /*
   setup a ldb in the private dir
  */
-function setup_ldb(ldif, dbname, subobj)
+function setup_ldb(ldif, session_info, credentials, dbname, subobj)
 {
 	var erase = true;
 	var extra = "";
 	var ldb = ldb_init();
 	var lp = loadparm_init();
+	ldb.session_info = session_info;
+	ldb.credentials = credentials;
 
-	if (arguments.length >= 4) {
-		extra = arguments[3];
+	if (arguments.length >= 6) {
+		extra = arguments[5];
 	}
 
-	if (arguments.length == 5) {
-	        erase = arguments[4];
+	if (arguments.length == 7) {
+	        erase = arguments[6];
         }
 
 	var src = lp.get("setup directory") + "/" + ldif;
@@ -257,12 +260,12 @@ function provision_default_paths(subobj)
 /*
   provision samba4 - caution, this wipes all existing data!
 */
-function provision(subobj, message, blank, paths)
+function provision(subobj, message, blank, paths, session_info, credentials)
 {
 	var data = "";
 	var lp = loadparm_init();
 	var sys = sys_init();
-	
+
 	/*
 	  some options need to be upper/lower case
 	*/
@@ -291,7 +294,7 @@ function provision(subobj, message, blank, paths)
 		lp.reload();
 	}
 	message("Setting up secrets.ldb\n");
-	setup_ldb("secrets.ldif", paths.secrets, subobj);
+	setup_ldb("secrets.ldif", session_info, credentials, paths.secrets, subobj);
 	message("Setting up DNS zone file\n");
 	setup_file("provision.zone", 
 		   paths.dns, 
@@ -300,20 +303,20 @@ function provision(subobj, message, blank, paths)
 	var keytab_ok = credentials_update_all_keytabs();
 	assert(keytab_ok);
 	message("Setting up hklm.ldb\n");
-	setup_ldb("hklm.ldif", paths.hklm, subobj);
+	setup_ldb("hklm.ldif", session_info, credentials, paths.hklm, subobj);
 	message("Setting up sam.ldb attributes\n");
-	setup_ldb("provision_init.ldif", paths.samdb, subobj);
+	setup_ldb("provision_init.ldif", session_info, credentials, paths.samdb, subobj);
 	message("Setting up sam.ldb schema\n");
-	setup_ldb("schema.ldif", paths.samdb, subobj, NULL, false);
+	setup_ldb("schema.ldif", session_info, credentials, paths.samdb, subobj, NULL, false);
 	message("Setting up display specifiers\n");
-	setup_ldb("display_specifiers.ldif", paths.samdb, subobj, NULL, false);
+	setup_ldb("display_specifiers.ldif", session_info, credentials, paths.samdb, subobj, NULL, false);
 	message("Setting up sam.ldb templates\n");
-	setup_ldb("provision_templates.ldif", paths.samdb, subobj, NULL, false);
+	setup_ldb("provision_templates.ldif", session_info, credentials, paths.samdb, subobj, NULL, false);
 	message("Setting up sam.ldb data\n");
-	setup_ldb("provision.ldif", paths.samdb, subobj, NULL, false);
+	setup_ldb("provision.ldif", session_info, credentials, paths.samdb, subobj, NULL, false);
 	if (blank == false) {
 		message("Setting up sam.ldb users and groups\n");
-		setup_ldb("provision_users.ldif", paths.samdb, subobj, data, false);
+		setup_ldb("provision_users.ldif", session_info, credentials, paths.samdb, subobj, data, false);
 	}
 }
 
@@ -403,12 +406,14 @@ userAccountControl: %u
 /*
   add a new user record
 */
-function newuser(username, unixname, password, message)
+function newuser(username, unixname, password, message, subobj, session_info, credentials)
 {
 	var lp = loadparm_init();
 	var samdb = lp.get("sam database");
 	var ldb = ldb_init();
 	random_init(local);
+	ldb.session_info = session_info;
+	ldb.credentials = credentials;
 
 	/* connect to the sam */
 	var ok = ldb.connect(samdb);
diff --git a/source4/setup/provision b/source4/setup/provision
index 44b7ee7a4f1..51e62016a87 100755
--- a/source4/setup/provision
+++ b/source4/setup/provision
@@ -10,6 +10,7 @@ options = GetOptions(ARGV,
 		"POPT_AUTOHELP",
 		"POPT_COMMON_SAMBA",
 		"POPT_COMMON_VERSION",
+		"POPT_COMMON_CREDENTIALS",
 		'realm=s',
 		'domain=s',
 		'domain-guid=s',
@@ -112,9 +113,11 @@ if (!provision_validate(subobj, message)) {
 	return -1;
 }
 
+var creds = options.get_credentials();
 
 message("Provisioning for %s in realm %s\n", subobj.DOMAIN, subobj.REALM);
 message("Using administrator password: %s\n", subobj.ADMINPASS);
-provision(subobj, message, blank, provision_default_paths(subobj));
+message("Credentials: %s\n", creds);
+provision(subobj, message, blank, provision_default_paths(subobj), NULL, creds);
 message("All OK\n");
 return 0;
diff --git a/swat/install/provision.esp b/swat/install/provision.esp
index 5f91451cbc3..38983c96dc6 100644
--- a/swat/install/provision.esp
+++ b/swat/install/provision.esp
@@ -61,7 +61,7 @@ if (form['submit'] == "Provision") {
 	} else if (!provision_validate(subobj, writefln)) {
 		f.display();
 	} else {
-		provision(subobj, writefln, false, provision_default_paths(subobj));
+		provision(subobj, writefln, false, provision_default_paths(subobj), NULL, NULL);
 	}
 } else {
 	f.display();