__docformat__ = "restructuredText"
from samba.compat import urllib_quote
+from samba.compat import string_types
+from samba.compat import binary_type
from base64 import b64encode
import errno
import os
if backend_credentials.get_bind_dn() is not None:
setup_add_ldif(secrets_ldb,
setup_path("secrets_simple_ldap.ldif"), {
- "LDAPMANAGERDN": backend_credentials.get_bind_dn(),
- "LDAPMANAGERPASS_B64": b64encode(backend_credentials.get_password()).decode('utf8')
- })
+ "LDAPMANAGERDN": backend_credentials.get_bind_dn(),
+ "LDAPMANAGERPASS_B64": b64encode(backend_credentials.get_password()).decode('utf8')
+ })
else:
setup_add_ldif(secrets_ldb,
setup_path("secrets_sasl_ldap.ldif"), {
- "LDAPADMINUSER": backend_credentials.get_username(),
- "LDAPADMINREALM": backend_credentials.get_realm(),
- "LDAPADMINPASS_B64": b64encode(backend_credentials.get_password()).decode('utf8')
- })
+ "LDAPADMINUSER": backend_credentials.get_username(),
+ "LDAPADMINREALM": backend_credentials.get_realm(),
+ "LDAPADMINPASS_B64": b64encode(backend_credentials.get_password()).decode('utf8')
+ })
except:
secrets_ldb.transaction_cancel()
raise
finally:
os.umask(umask_original)
- with os.fdopen(fd, 'w') as f:
+ with os.fdopen(fd, 'wb') as f:
key = samba.generate_random_bytes(16)
f.write(key)
"""Join a host to its own domain."""
assert isinstance(invocationid, str)
if ntdsguid is not None:
- ntdsguid_line = "objectGUID: %s\n" %ntdsguid
+ ntdsguid_line = "objectGUID: %s\n" % ntdsguid
else:
ntdsguid_line = ""
# Setup fSMORoleOwner entries to point at the newly created DC entry
setup_modify_ldif(samdb,
setup_path("provision_self_join_modify_config.ldif"), {
- "CONFIGDN": names.configdn,
- "SCHEMADN": names.schemadn,
- "DEFAULTSITE": names.sitename,
- "NETBIOSNAME": names.netbiosname,
- "SERVERDN": names.serverdn,
- })
+ "CONFIGDN": names.configdn,
+ "SCHEMADN": names.schemadn,
+ "DEFAULTSITE": names.sitename,
+ "NETBIOSNAME": names.netbiosname,
+ "SERVERDN": names.serverdn,
+ })
system_session_info = system_session()
samdb.set_session_info(system_session_info)
setup_add_ldif(samdb, setup_path("extended-rights.ldif"), {
"CONFIGDN": names.configdn,
- "INC2012" : incl_2012,
+ "INC2012": incl_2012,
})
logger.info("Setting up display specifiers")
logger.info("Modifying display specifiers and extended rights")
setup_modify_ldif(samdb,
setup_path("provision_configuration_modify.ldif"), {
- "CONFIGDN": names.configdn,
- "DISPLAYSPECIFIERS_DESCRIPTOR": protected2_descr
- })
+ "CONFIGDN": names.configdn,
+ "DISPLAYSPECIFIERS_DESCRIPTOR": protected2_descr
+ })
logger.info("Adding users container")
users_desc = b64encode(get_domain_users_descriptor(names.domainsid)).decode('utf8')
logger.info("Modifying computers container")
setup_modify_ldif(samdb,
setup_path("provision_computers_modify.ldif"), {
- "DOMAINDN": names.domaindn})
+ "DOMAINDN": names.domaindn})
logger.info("Setting up sam.ldb data")
infrastructure_desc = b64encode(get_domain_infrastructure_descriptor(names.domainsid)).decode('utf8')
lostandfound_desc = b64encode(get_domain_delete_protected2_descriptor(names.domainsid)).decode('utf8')
ntds_dn = "CN=NTDS Settings,%s" % names.serverdn
names.ntdsguid = samdb.searchone(basedn=ntds_dn,
- attribute="objectGUID", expression="", scope=ldb.SCOPE_BASE)
- assert isinstance(names.ntdsguid, str)
+ attribute="objectGUID", expression="", scope=ldb.SCOPE_BASE).decode('utf8')
+ assert isinstance(names.ntdsguid, string_types)
return samdb
for policy in res:
acl = ndr_unpack(security.descriptor,
- str(policy["nTSecurityDescriptor"])).as_sddl()
+ policy["nTSecurityDescriptor"][0]).as_sddl()
policy_path = getpolicypath(sysvol, dnsdomain, str(policy["cn"]))
set_dir_acl(policy_path, dsacl2fsacl(acl, domainsid), lp,
str(domainsid), use_ntvfs,
for policy in res:
acl = ndr_unpack(security.descriptor,
- str(policy["nTSecurityDescriptor"])).as_sddl()
+ policy["nTSecurityDescriptor"][0]).as_sddl()
policy_path = getpolicypath(sysvol, dnsdomain, str(policy["cn"]))
check_dir_acl(policy_path, dsacl2fsacl(acl, domainsid), lp,
domainsid, direct_db_access)
backend_store=backend_store)
domainguid = samdb.searchone(basedn=samdb.get_default_basedn(),
- attribute="objectGUID")
- assert isinstance(domainguid, str)
+ attribute="objectGUID").decode('utf8')
+ assert isinstance(domainguid, string_types)
lastProvisionUSNs = get_last_provision_usn(samdb)
maxUSN = get_max_usn(samdb, str(names.rootdn))
adminpass = samba.generate_random_password(12, 32)
adminpass_generated = True
else:
- adminpass = unicode(adminpass, 'utf-8')
+ if isinstance(adminpass, binary_type):
+ adminpass = adminpass.decode('utf-8')
adminpass_generated = False
if samdb_fill == FILL_FULL: