summaryrefslogtreecommitdiff
path: root/python
Commit message (Collapse)AuthorAgeFilesLines
* samba-tool/dns: Set secure zone update flag after creating new zoneAmitay Isaacs2013-05-301-3/+9
| | | | | | | Windows DC ignores the secure update flag while creating new zone. Windows performs another operation to set the secure update flag. Signed-off-by: Amitay Isaacs <amitay@gmail.com>
* samba-tool/dns: Pass on additional flags when creating zonesAmitay Isaacs2013-05-301-0/+6
| | | | | | | | Windows DCs require additional flags to be set when creating zones. This fixes bug #9599. Signed-off-by: Amitay Isaacs <amitay@gmail.com>
* s4-dns: Support update of SOA recordsAmitay Isaacs2013-05-301-2/+3
| | | | Signed-off-by: Amitay Isaacs <amitay@gmail.com>
* s4-dns: Print/Set minimumTTL value in SOA recordAmitay Isaacs2013-05-281-1/+3
| | | | | | | | | Signed-off-by: Amitay Isaacs <amitay@gmail.com> Reviewed-by: Andrew Bartlett <abartlet@samba.org> Autobuild-User(master): Andrew Bartlett <abartlet@samba.org> Autobuild-Date(master): Tue May 28 08:47:56 CEST 2013 on sn-devel-104
* python-samba-tool domain classicupgrade: Use transactions when adding ↵Andrew Bartlett2013-05-161-31/+69
| | | | | | | | | | | users/groups/members This should make things a bit faster when importing very large numbers of users as we will not constantly rewrite the indicies on disk. Andrew Bartlett Reviewed-by: Stefan Metzmacher <metze@samba.org>
* samba-tool dbcheck: Use dsdb.DS_GUID_DELETED_OBJECTS_CONTAINER rather than ↵Andrew Bartlett2013-05-161-1/+1
| | | | | | | | | | the literal value This is better practice. Andrew Bartlett Reviewed-by: Stefan Metzmacher <metze@samba.org>
* python-samba-tool domain classicupgrade: Correct message about re-promoting BDCsAndrew Bartlett2013-05-161-1/+1
| | | | Reviewed-by: Stefan Metzmacher <metze@samba.org>
* python-samba-tool domain classicupgrade: Actually Skip domain trust accountsAndrew Bartlett2013-05-161-0/+1
| | | | Reviewed-by: Stefan Metzmacher <metze@samba.org>
* python-samba-tool domain classicupgrade: Skip machine accounts that do not ↵Andrew Bartlett2013-05-161-4/+11
| | | | | | | | | | end in $ These accounts will not work anyway, as all the domain member lookup code in netlogon expects the $. Andrew Bartlett Reviewed-by: Stefan Metzmacher <metze@samba.org>
* dns: Fix allocation of txt_record in txt record testsKai Blin2013-05-161-8/+12
| | | | | | | | Signed-off-by: Kai Blin <kai@samba.org> Reviewed-By: Amitay Isaacs <amitay@gmail.com> Autobuild-User(master): Amitay Isaacs <amitay@samba.org> Autobuild-Date(master): Thu May 16 15:39:15 CEST 2013 on sn-devel-104
* dns: more debug debug options in the testsKai Blin2013-05-161-4/+26
| | | | | Signed-off-by: Kai Blin <kai@samba.org> Reviewed-By: Amitay Isaacs <amitay@gmail.com>
* dns: Add support for MX queriesKai Blin2013-05-161-0/+43
| | | | | | | | | | Due to an oversight, the internal DNS server supports MX record updates, but not MX record queries. Add support for MX queries and tests. This should fix bug #9485 Signed-off-by: Kai Blin <kai@samba.org> Reviewed-By: Amitay Isaacs <amitay@gmail.com>
* samba_tool/base.py: Fix typo.Karolin Seeger2013-05-151-1/+1
| | | | | Signed-off-by: Karolin Seeger <kseeger@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
* netcmd/group.py: Fix typo.Karolin Seeger2013-05-151-2/+2
| | | | | Signed-off-by: Karolin Seeger <kseeger@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
* samba-tool/tests: Force the gecos of the user to a fixed value.Matthieu Patou2013-05-151-1/+10
| | | | | | | | | | | | | | When --gecos is not specified samba-tool user add will try to read the gecos field from a getpw call. And if user's GECOS is empty (like the build user on sn-devel-104) then the test will fail because we can't add an empty gecos. Signed-off-by: Matthieu Patou <mat@matws.net> Reviewed-by: Jelmer Vernooij <jelmer@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org> Autobuild-User(master): Stefan Metzmacher <metze@samba.org> Autobuild-Date(master): Wed May 15 16:19:23 CEST 2013 on sn-devel-104
* selftest: Output error when samba_tool user command failsMatthieu Patou2013-05-061-2/+4
| | | | | | | | It should help to debug why is it failing on some hosts in the build farm (ie. sn-devel) Signed-off-by: Matthieu Patou <mat@matws.net> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* samba-tool/dns: Fix a typo in ttl variable nameAmitay Isaacs2013-04-191-1/+1
| | | | | Signed-off-by: Amitay Isaacs <amitay@gmail.com> Reviewed-by: Jeremy Allison <jra@samba.org>
* netcmd/dns: fix typoDavid Disseldorp2013-04-181-2/+2
| | | | | | | | | Fix provided by Tobias Florek. Reviewed-by: Andreas Schneider <asn@samba.org> Autobuild-User(master): Andreas Schneider <asn@cryptomilk.org> Autobuild-Date(master): Thu Apr 18 12:40:33 CEST 2013 on sn-devel-104
* source4/scripting/python/samba/samba3: handle ntdb files.Rusty Russell2013-04-122-49/+53
| | | | | | | | | | | | | | Upgrading old Samba 3 instances seems like a place where we don't have to read ntdb files, but Andrew Bartlett points out that you can run a Samba 4.0 and even a 4.1 'classic' domain and desire to migrate that to the AD DC. So make this upgrade code generic: if it finds an ntdb file, read that, otherwise read the tdb file. Cc: Jelmer Vernooij <jelmer@samba.org> Signed-off-by: Rusty Russell <rusty@rustcorp.com.au> Reviewed-by: Jeremy Allison <jra@samba.org>
* scripting-provision: Do not enforce domain != realm if we are joining an ↵Andrew Bartlett2013-04-111-4/+5
| | | | | | | | | | | | | | existing domain This will allow us users to join existing oddly named domains without objection from provision. Andrew Bartlett Reviewed-by: Matthieu Patou <mat@matws.net> Autobuild-User(master): Andrew Bartlett <abartlet@samba.org> Autobuild-Date(master): Thu Apr 11 10:41:02 CEST 2013 on sn-devel-104
* python-samba-tool domain classicupgrade: Make failure to connect directly to ↵Andrew Bartlett2013-04-101-1/+1
| | | | | | | | | | | the LDAP backend fatal This is better than failing just a little further down the stack with a useless error about use-before-set. Andrew Bartlett Reviewed-by: Michael Adam <obnox@samba.org>
* scripting: Fill the ProvisionNames hash with strings, not ldb.MessageElement ↵Andrew Bartlett2013-03-251-8/+7
| | | | | | | | | | | | | or Dn This avoids the need to fix it up again in samba_upgradedns. Andrew Bartlett Reviewed-by: Stefan Metzmacher <metze@samba.org> Autobuild-User(master): Stefan Metzmacher <metze@samba.org> Autobuild-Date(master): Mon Mar 25 13:25:30 CET 2013 on sn-devel-104
* samba-tool ldapcmp: Remove the GUID -> name mappingsAndrew Bartlett2013-03-251-43/+4
| | | | | | | | | | | | | | | These mappings are very convenient, however because they are not one-to-one, they lead to differences being reported when none exist, dependent only on the order the schema searches return results in. Sadly the time saved by the names is offset by the time wasted chasing the 'differences' that don't exist. This in turn fixes some tests that were previously knownfail Andrew Bartlett Reviewed-by: Stefan Metzmacher <metze@samba.org>
* scripting: Modify samba.descriptor.get_diff_sds() to cope with a missing ↵Andrew Bartlett2013-03-251-2/+2
| | | | | | | | | | | | reference owner This allows the reference SD not to have an owner specified, and still have the comparison with a database SD that does have an owner pass. (And the same for owning group). Andrew Bartlett Reviewed-by: Stefan Metzmacher <metze@samba.org>
* samba-tool dbcheck: Allow dbcheck to correct an nTSecurityDescriptor without ↵Andrew Bartlett2013-03-251-0/+41
| | | | | | | | | | | | | | an owner or group This is done by making a modification to the SD, which triggers it to be filled in if we have the correct session_info established on the DB. However, we normally want dbcheck running as system, so we wrap the session_info set around this operation only. Andrew Bartlett Reviewed-by: Stefan Metzmacher <metze@samba.org>
* samba-tool dbcheck: Add --reset-well-known-aclsAndrew Bartlett2013-03-252-4/+71
| | | | | | | | | | This will allow an upgrade from Samba 4.0.0 without needing to run samba_upgradeprovision, which for now is not the preferred upgrade tool. Andrew Bartlett Reviewed-by: Stefan Metzmacher <metze@samba.org>
* scripting: Move get_diff_sds from samba.upgradehelpers to samba.descriptorAndrew Bartlett2013-03-253-155/+156
| | | | | | | | This helps avoid a dependency loop when we use get_diff_sds in dbcheck. Andrew Bartlett Reviewed-by: Stefan Metzmacher <metze@samba.org>
* scripting: Modify samba.descriptor.get_wellknown_sds() use samdb calls onlyAndrew Bartlett2013-03-251-49/+58
| | | | | | | | We need this routine not to use the names context as this is tied to provision, and we end up in a circular dependency if we use that in dbcheck. Andrew Bartlett
* scripting: Move samba.provision.descriptor to samba.descriptorAndrew Bartlett2013-03-253-2/+2
| | | | | | | | | This will allow dbcheck to import it, without a cirucular dependency via samba.provision importing dbcheck. Andrew Bartlett Reviewed-by: Stefan Metzmacher <metze@samba.org>
* scripting: Make samba.provision.descriptor.get_wellknown_sds() return ldb.Dn ↵Andrew Bartlett2013-03-251-32/+33
| | | | | | | | | | | objects As we look to use this function in more places, it does not make sense to constantly create Dn objects from the strings. Andrew Bartlett Reviewed-by: Stefan Metzmacher <metze@samba.org>
* scripting: Fix documentation comment on upgradehelpers.py:get_clean_sdAndrew Bartlett2013-03-251-8/+3
| | | | Reviewed-by: Stefan Metzmacher <metze@samba.org>
* scripting: Move the list of well known SDs to samba.provision.descriptorAndrew Bartlett2013-03-251-0/+58
| | | | | | | | This will allow us to call this from dbcheck. Andrew Bartlett Reviewed-by: Stefan Metzmacher <metze@samba.org>
* samba-tool group list: add more info to samba-tool group listRicky Nance2013-03-171-6/+40
| | | | | | | Reviewed-by: Andrew Bartlett <abartlet@samba.org> Autobuild-User(master): Andrew Bartlett <abartlet@samba.org> Autobuild-Date(master): Sun Mar 17 12:56:47 CET 2013 on sn-devel-104
* Revert "Ensure the masks don't conflict with the ACL checks."Andrew Bartlett2013-03-111-1/+1
| | | | | | | | | | | | | | | | | | | | | | This reverts commit 78594909b8b22bd07978922b1c85dfd6f6456963 which was needed by 7622aa16adeb00bf161a6dd07664c37125391272. This change masked bug #9462 which was fixed by 2013bb9b4dbed747921df2591068e2765428f57d. The issue was that the defaults for the substituted parameters did not match the old parameter. Changing the values in our test suite hid the issue, but did not fix the issue. (Additional change in the revert is to correct the expected ACL value in posixacl.py due to changed implied inherited permissions). Andrew Bartlett Reviewed-by: Michael Adam <obnox@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org> Autobuild-User(master): Michael Adam <obnox@samba.org> Autobuild-Date(master): Mon Mar 11 19:46:24 CET 2013 on sn-devel-104
* samba_upgradeprovision: Remove inherited ACEs before comparing the SDsAndrew Bartlett2013-03-042-17/+65
| | | | | | | | This avoids changing an SD when it is not really required. Andrew Bartlett Reviewed-by: Stefan Metzmacher <metze@samba.org>
* scripting: Rework samba.upgradehelpers.get_diff_sddls to be get_diff_sdsAndrew Bartlett2013-03-042-9/+25
| | | | | | | | | This moves the SDDL conversion inside the get_diff_sds function and prepares for removing inherited ACEs from the SD before comparison. Andrew Bartlett Reviewed-by: Stefan Metzmacher <metze@samba.org>
* samba-tool ldapcmp: Add support for checking DNSDOMAIN and DNSFOREST by defaultAndrew Bartlett2013-03-041-4/+4
| | | | Reviewed-by: Stefan Metzmacher <metze@samba.org>
* samba-tool dbcheck: fix msDS-HasInstantiatedNCs attributes to match ↵Andrew Bartlett2013-03-041-1/+35
| | | | | | | | | | instanceType on our ntdsDSA This value is only a link to the local value of intanceType on our server, so only fix it for our server. Andrew Bartlett Reviewed-by: Stefan Metzmacher <metze@samba.org>
* scripting: Correct parsing of binary DNAndrew Bartlett2013-03-041-1/+1
| | | | | | | | | | The DN is of the form B:8:01020304:DC=samba,DC=example,DC=com. We need to account for the case where the 8 is actually (say) 16, and so not just one character. Andrew Bartlett Signed-off-by: Stefan Metzmacher <metze@samba.org>
* samba-tool ldapcmp: Add --skip-missing-dn to not error on DNs present in one ↵Andrew Bartlett2013-03-021-5/+10
| | | | | | | | | | | DB but not the other This is needed to compare some parts of the database, particularly in --two mode, which are just never going to have exactly the same DNs. Andrew Bartlett Reviewed-by: Stefan Metzmacher <metze@samba.org>
* samba-tool domain classicupgrade: Fix typo in error path for multiple ↵Andrew Bartlett2013-03-021-1/+1
| | | | | | account flags Reviewed-by: Stefan Metzmacher <metze@samba.org>
* samba-tool domain classicupgrade: Print a better error when the ldap backend ↵Andrew Bartlett2013-03-021-1/+4
| | | | | | PW was not found Reviewed-by: Stefan Metzmacher <metze@samba.org>
* samba-tool dbcheck: fix comment on err_wrong_sdAndrew Bartlett2013-03-021-2/+1
| | | | Reviewed-by: Stefan Metzmacher <metze@samba.org>
* Move python modules from source4/scripting/python/ to python/.Jelmer Vernooij2013-03-02113-0/+31383
Reviewed-by: Andrew Bartlett <abartlet@samba.org> Autobuild-User(master): Andrew Bartlett <abartlet@samba.org> Autobuild-Date(master): Sat Mar 2 03:57:34 CET 2013 on sn-devel-104
View Lorry Controller Status