samba-tool domain: Extend --backend-store to join and dcpromo by moving to common options

This allows the choice of ldb backend for a domain join as well as a new provision.

Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Gary Lockyer <gary@catalyst.net.nz>

2 files changed, 34 insertions, 19 deletions

diff --git a/python/samba/join.py b/python/samba/join.py
index e164d9b5cf2..dc6d234d0ed 100644
--- a/python/samba/join.py
+++ b/python/samba/join.py
@@ -57,7 +57,7 @@ class dc_join(object):
                  netbios_name=None, targetdir=None, domain=None,
                  machinepass=None, use_ntvfs=False, dns_backend=None,
                  promote_existing=False, clone_only=False,
-                 plaintext_secrets=False):
+                 plaintext_secrets=False, backend_store=None):
         if site is None:
             site = "Default-First-Site-Name"
 
@@ -70,6 +70,7 @@ class dc_join(object):
         ctx.targetdir = targetdir
         ctx.use_ntvfs = use_ntvfs
         ctx.plaintext_secrets = plaintext_secrets
+        ctx.backend_store = backend_store
 
         ctx.promote_existing = promote_existing
         ctx.promote_from_dn = None
@@ -849,7 +850,9 @@ class dc_join(object):
                 machinepass=ctx.acct_pass, serverrole="active directory domain controller",
                 sitename=ctx.site, lp=ctx.lp, ntdsguid=ctx.ntds_guid,
                 use_ntvfs=ctx.use_ntvfs, dns_backend=ctx.dns_backend,
-                plaintext_secrets=ctx.plaintext_secrets)
+                plaintext_secrets=ctx.plaintext_secrets,
+                backend_store=ctx.backend_store
+        )
         print("Provision OK for domain DN %s" % presult.domaindn)
         ctx.local_samdb = presult.samdb
         ctx.lp          = presult.lp
@@ -1411,12 +1414,13 @@ class dc_join(object):
 def join_RODC(logger=None, server=None, creds=None, lp=None, site=None, netbios_name=None,
               targetdir=None, domain=None, domain_critical_only=False,
               machinepass=None, use_ntvfs=False, dns_backend=None,
-              promote_existing=False, plaintext_secrets=False):
+              promote_existing=False, plaintext_secrets=False,
+              backend_store=None):
     """Join as a RODC."""
 
     ctx = dc_join(logger, server, creds, lp, site, netbios_name, targetdir, domain,
                   machinepass, use_ntvfs, dns_backend, promote_existing,
-                  plaintext_secrets)
+                  plaintext_secrets, backend_store=backend_store)
 
     lp.set("workgroup", ctx.domain_name)
     logger.info("workgroup is %s" % ctx.domain_name)
@@ -1463,11 +1467,12 @@ def join_RODC(logger=None, server=None, creds=None, lp=None, site=None, netbios_
 def join_DC(logger=None, server=None, creds=None, lp=None, site=None, netbios_name=None,
             targetdir=None, domain=None, domain_critical_only=False,
             machinepass=None, use_ntvfs=False, dns_backend=None,
-            promote_existing=False, plaintext_secrets=False):
+            promote_existing=False, plaintext_secrets=False,
+            backend_store=None):
     """Join as a DC."""
     ctx = dc_join(logger, server, creds, lp, site, netbios_name, targetdir, domain,
                   machinepass, use_ntvfs, dns_backend, promote_existing,
-                  plaintext_secrets)
+                  plaintext_secrets, backend_store=backend_store)
 
     lp.set("workgroup", ctx.domain_name)
     logger.info("workgroup is %s" % ctx.domain_name)
@@ -1513,10 +1518,12 @@ def join_clone(logger=None, server=None, creds=None, lp=None,
 def join_subdomain(logger=None, server=None, creds=None, lp=None, site=None,
         netbios_name=None, targetdir=None, parent_domain=None, dnsdomain=None,
         netbios_domain=None, machinepass=None, adminpass=None, use_ntvfs=False,
-        dns_backend=None, plaintext_secrets=False):
+        dns_backend=None, plaintext_secrets=False,
+        backend_store=None):
     """Join as a DC."""
     ctx = dc_join(logger, server, creds, lp, site, netbios_name, targetdir, parent_domain,
-                  machinepass, use_ntvfs, dns_backend, plaintext_secrets)
+                  machinepass, use_ntvfs, dns_backend, plaintext_secrets,
+                  backend_store=backend_store)
     ctx.subdomain = True
     if adminpass is None:
         ctx.adminpass = samba.generate_random_password(12, 32)
diff --git a/python/samba/netcmd/domain.py b/python/samba/netcmd/domain.py
index c346430dbec..a1a936d98d9 100644
--- a/python/samba/netcmd/domain.py
+++ b/python/samba/netcmd/domain.py
@@ -111,6 +111,10 @@ common_provision_join_options = [
     Option("--plaintext-secrets", action="store_true",
            help="Store secret/sensitive values as plain text on disk" +
            "(default is to encrypt secret/ensitive values)"),
+    Option("--backend-store", type="choice", metavar="BACKENDSTORE",
+           choices=["tdb", "mdb"],
+           help="Specify the database backend to be used "
+           "(default is %s)" % get_default_backend_store()),
     Option("--targetdir", metavar="DIR",
            help="Set target directory (where to store provision)", type=str),
     Option("--quiet", help="Be quiet", action="store_true"),
@@ -255,10 +259,6 @@ class cmd_domain_provision(Command):
          Option("--partitions-only",
                 help="Configure Samba's partitions, but do not modify them (ie, join a BDC)", action="store_true"),
          Option("--use-rfc2307", action="store_true", help="Use AD to store posix attributes (default = no)"),
-         Option("--backend-store", type="choice", metavar="BACKENDSTORE",
-                choices=["tdb", "mdb"],
-                help="Specify the database backend to be used "
-                     "(default is %s)" % get_default_backend_store()),
         ]
 
     openldap_options = [
@@ -599,7 +599,8 @@ class cmd_domain_dcpromo(Command):
             versionopts=None, server=None, site=None, targetdir=None,
             domain_critical_only=False, parent_domain=None, machinepass=None,
             use_ntvfs=False, dns_backend=None,
-            quiet=False, verbose=False, plaintext_secrets=False):
+            quiet=False, verbose=False, plaintext_secrets=False,
+            backend_store=None):
         lp = sambaopts.get_loadparm()
         creds = credopts.get_credentials(lp)
         net = Net(creds, lp, server=credopts.ipaddress)
@@ -623,13 +624,15 @@ class cmd_domain_dcpromo(Command):
                     domain_critical_only=domain_critical_only,
                     machinepass=machinepass, use_ntvfs=use_ntvfs,
                     dns_backend=dns_backend,
-                    promote_existing=True, plaintext_secrets=plaintext_secrets)
+                    promote_existing=True, plaintext_secrets=plaintext_secrets,
+                    backend_store=backend_store)
         elif role == "RODC":
             join_RODC(logger=logger, server=server, creds=creds, lp=lp, domain=domain,
                       site=site, netbios_name=netbios_name, targetdir=targetdir,
                       domain_critical_only=domain_critical_only,
                       machinepass=machinepass, use_ntvfs=use_ntvfs, dns_backend=dns_backend,
-                      promote_existing=True, plaintext_secrets=plaintext_secrets)
+                      promote_existing=True, plaintext_secrets=plaintext_secrets,
+                      backend_store=backend_store)
         else:
             raise CommandError("Invalid role '%s' (possible values: DC, RODC)" % role)
 
@@ -678,7 +681,9 @@ class cmd_domain_join(Command):
             versionopts=None, server=None, site=None, targetdir=None,
             domain_critical_only=False, parent_domain=None, machinepass=None,
             use_ntvfs=False, dns_backend=None, adminpass=None,
-            quiet=False, verbose=False, plaintext_secrets=False):
+            quiet=False, verbose=False,
+            plaintext_secrets=False,
+            backend_store=None):
         lp = sambaopts.get_loadparm()
         creds = credopts.get_credentials(lp)
         net = Net(creds, lp, server=credopts.ipaddress)
@@ -711,14 +716,16 @@ class cmd_domain_join(Command):
                     domain_critical_only=domain_critical_only,
                     machinepass=machinepass, use_ntvfs=use_ntvfs,
                     dns_backend=dns_backend,
-                    plaintext_secrets=plaintext_secrets)
+                    plaintext_secrets=plaintext_secrets,
+                    backend_store=backend_store)
         elif role == "RODC":
             join_RODC(logger=logger, server=server, creds=creds, lp=lp, domain=domain,
                       site=site, netbios_name=netbios_name, targetdir=targetdir,
                       domain_critical_only=domain_critical_only,
                       machinepass=machinepass, use_ntvfs=use_ntvfs,
                       dns_backend=dns_backend,
-                      plaintext_secrets=plaintext_secrets)
+                      plaintext_secrets=plaintext_secrets,
+                      backend_store=backend_store)
         elif role == "SUBDOMAIN":
             if not adminpass:
                 logger.info("Administrator password will be set randomly!")
@@ -732,7 +739,8 @@ class cmd_domain_join(Command):
                            targetdir=targetdir, machinepass=machinepass,
                            use_ntvfs=use_ntvfs, dns_backend=dns_backend,
                            adminpass=adminpass,
-                           plaintext_secrets=plaintext_secrets)
+                           plaintext_secrets=plaintext_secrets,
+                           backend_store=backend_store)
         else:
             raise CommandError("Invalid role '%s' (possible values: MEMBER, DC, RODC, SUBDOMAIN)" % role)