r2804: - setup some reasonable default SAM to unixName mappings in the provisioning.

- enable the unixuid module by default on all backends
(This used to be commit e335cd4933fccc1bb53641131eb6505faca857ce)

diff --git a/source4/param/loadparm.c b/source4/param/loadparm.c
index 8448cdeb0440792def28d495acec8c53711de0f4..bc5ceb00d8054700cb02903b4cd3b476792ad427 100644 (file)
--- a/source4/param/loadparm.c
+++ b/source4/param/loadparm.c
@@ -886,7 +886,7 @@ static void init_globals(void)
        init_printer_values();
 
        do_parameter("fstype", FSTYPE_STRING);
-       do_parameter("ntvfs handler", "default");
+       do_parameter("ntvfs handler", "unixuid default");
 
        do_parameter("dcerpc endpoint servers", "epmapper srvsvc wkssvc rpcecho samr netlogon lsarpc spoolss");
        do_parameter("server services", "smb rpc");

diff --git a/source4/provision.ldif b/source4/provision.ldif
index ac2f69b086c5ad34ed424bca153fed1572f56cde..3d21fd8b6ed572516693c26d0a1818dfbd0ab2ce 100644 (file)
--- a/source4/provision.ldif
+++ b/source4/provision.ldif
@@ -191,6 +191,8 @@ sAMAccountName: Administrator
 sAMAccountType: 0x30000000
 objectCategory: CN=Person,CN=Schema,CN=Configuration,${BASEDN}
 isCriticalSystemObject: TRUE
+unicodePwd: ${ADMINPASS}
+unixName: root
 
 dn: CN=Guest,CN=Users,${BASEDN}
 objectClass: top
@@ -247,6 +249,7 @@ systemFlags: 0x8c000000
 groupType: 0x80000005
 objectCategory: CN=Group,CN=Schema,CN=Configuration,${BASEDN}
 isCriticalSystemObject: TRUE
+unixName: root
 
 dn: CN=Users,CN=Builtin,${BASEDN}
 objectClass: top
@@ -290,6 +293,7 @@ systemFlags: 0x8c000000
 groupType: 0x80000005
 objectCategory: CN=Group,CN=Schema,CN=Configuration,${BASEDN}
 isCriticalSystemObject: TRUE
+unixName: nogroup
 
 dn: CN=Print Operators,CN=Builtin,${BASEDN}
 objectClass: top
@@ -562,6 +566,7 @@ sAMAccountType: 268435456
 groupType: -2147483646
 objectCategory: CN=Group,CN=Schema,CN=Configuration,${BASEDN}
 isCriticalSystemObject: TRUE
+unixName: root
 
 dn: CN=Enterprise Admins,CN=Users,${BASEDN}
 objectClass: top
@@ -584,6 +589,7 @@ sAMAccountType: 268435456
 groupType: -2147483646
 objectCategory: CN=Group,CN=Schema,CN=Configuration,${BASEDN}
 isCriticalSystemObject: TRUE
+unixName: root
 
 dn: CN=Cert Publishers,CN=Users,${BASEDN}
 objectClass: top
@@ -625,6 +631,7 @@ sAMAccountType: 268435456
 groupType: -2147483646
 objectCategory: CN=Group,CN=Schema,CN=Configuration,${BASEDN}
 isCriticalSystemObject: TRUE
+unixName: root
 
 dn: CN=Domain Users,CN=Users,${BASEDN}
 objectClass: top
@@ -645,6 +652,7 @@ sAMAccountType: 268435456
 groupType: -2147483646
 objectCategory: CN=Group,CN=Schema,CN=Configuration,${BASEDN}
 isCriticalSystemObject: TRUE
+unixName: users
 
 dn: CN=Domain Guests,CN=Users,${BASEDN}
 objectClass: top
@@ -685,6 +693,7 @@ sAMAccountType: 268435456
 groupType: -2147483646
 objectCategory: CN=Group,CN=Schema,CN=Configuration,${BASEDN}
 isCriticalSystemObject: TRUE
+unixName: root
 
 dn: CN=RAS and IAS Servers,CN=Users,${BASEDN}
 objectClass: top
@@ -839,3 +848,4 @@ cn: TemplateGroup
 name: TemplateGroup
 instanceType: 4
 sAMAccountType: 0x10000000
+

diff --git a/source4/script/provision.pl b/source4/script/provision.pl
index 60ab5653a0b24bd484ae5f3a4b3cc7a4261746a4..cc08c94bfbe0defa5eee8a5211aeaa601e4fdaf9 100755 (executable)
--- a/source4/script/provision.pl
+++ b/source4/script/provision.pl
@@ -139,10 +139,11 @@ sub FileLoad($)
 
 #######################################################################
 # add a foreign security principle
-sub add_foreign($$)
+sub add_foreign($$$)
 {
        my $sid = shift;
        my $desc = shift;
+       my $unixname = shift;
        return "
 dn: CN=$sid,CN=ForeignSecurityPrincipals,\${BASEDN}
 objectClass: top
@@ -160,6 +161,7 @@ name: $sid
 objectGUID: \${NEWGUID}
 objectSid: $sid
 objectCategory: CN=Foreign-Security-Principal,CN=Schema,CN=Configuration,\${BASEDN}
+unixName: $unixname
 
 ";
 }
@@ -209,9 +211,9 @@ $basedn = "DC=" . join(",DC=", split(/\./, $opt_realm));
 
 my $data = FileLoad("provision.ldif") || die "Unable to load provision.ldif\n";
 
-$data .= add_foreign("S-1-5-7", "Anonymous");
-$data .= add_foreign("S-1-5-18", "System");
-$data .= add_foreign("S-1-5-11", "Authenticated Users");
+$data .= add_foreign("S-1-5-7", "Anonymous", "nobody");
+$data .= add_foreign("S-1-5-18", "System", "root");
+$data .= add_foreign("S-1-5-11", "Authenticated Users", "users");
 
 if (!$opt_adminpass) {
        $opt_adminpass = randpass();