The branch, master has been updated via 084c806... s4:libnet Make 'net vampire' more robust to command line arguments via 716ae7b... s4:howto Improve OpenLDAP backend instructions from dbbbc7d... s4/rodc: RODC FAS initial implementation
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log ----------------------------------------------------------------- commit 084c8065f871c1aa31f5d157f1843437db449603 Author: Andrew Bartlett <abart...@samba.org> Date: Thu Apr 29 08:51:01 2010 +1000 s4:libnet Make 'net vampire' more robust to command line arguments When we have just joined a domain, we know a bit about that domain. Use these to override previous guesses as to what domain and realm to use for the rest of the join. Andrew Bartlett commit 716ae7b4c829c811eb8a7fe03b702afd51d448b4 Author: Andrew Bartlett <abart...@samba.org> Date: Thu Apr 29 07:58:48 2010 +1000 s4:howto Improve OpenLDAP backend instructions ----------------------------------------------------------------------- Summary of changes: howto-ol-backend-s4.txt | 10 ++++++---- source4/libnet/libnet_vampire.c | 20 ++++++++++++++++++++ 2 files changed, 26 insertions(+), 4 deletions(-) Changeset truncated at 500 lines: diff --git a/howto-ol-backend-s4.txt b/howto-ol-backend-s4.txt index ef3aad6..04b8ab6 100644 --- a/howto-ol-backend-s4.txt +++ b/howto-ol-backend-s4.txt @@ -5,10 +5,13 @@ oli...@itc.li - August 2009 This Mini-Howto describes in a very simplified way -how to setup Samba 4 (S4) (pre)Alpha 9 with the +how to setup Samba 4 (S4) (pre)Alpha 13 with the OpenLDAP (OL) -Backend. -Use of OpenLDAP >= 2.4.17 is strongly recommended. +Use of OpenLDAP from CVS after 2010-04-22 is required +The current instructions are at: + +http://wiki.samba.org/index.php/Samba4/LDAP_Backend/OpenLDAP 1.) Download and compile OpenLDAP. @@ -32,7 +35,7 @@ cn=Administrator,cn=users,<Your Base-DN>): #> setup/provision \ --ldap-backend-type=openldap \ - --ol-slapd="/usr/local/libexec/slapd" + --slapd-path="/usr/local/libexec/slapd" --username=samba-admin --realm=ldap.local.site \ --domain=LDAP --server-role='domain controller'\ --adminpass=linux @@ -92,7 +95,6 @@ Attention: You _should_not_ edit the olc-Sections b) MultiMaster-Configuration (MMR): -At this time (S4 (pre)Alpha9) the only possible Replication setup. Use the provision Parameter: --ol-mmr-urls=<list of whitespace separated ldap-urls (and Ports <> 389!). diff --git a/source4/libnet/libnet_vampire.c b/source4/libnet/libnet_vampire.c index 8d2393f..a5c8a8f 100644 --- a/source4/libnet/libnet_vampire.c +++ b/source4/libnet/libnet_vampire.c @@ -36,6 +36,7 @@ #include "system/time.h" #include "lib/ldb_wrap.h" #include "auth/auth.h" +#include "auth/credentials/credentials.h" #include "param/param.h" #include "param/provision.h" #include "libcli/security/dom_sid.h" @@ -655,6 +656,11 @@ NTSTATUS libnet_Vampire(struct libnet_context *ctx, TALLOC_CTX *mem_ctx, return NT_STATUS_NO_MEMORY; } + /* Re-use the domain we are joining as the domain for the user + * to be authenticated with, unless they specified + * otherwise */ + cli_credentials_set_domain(ctx->cred, r->in.domain_name, CRED_GUESS_ENV); + join->in.domain_name = r->in.domain_name; join->in.account_name = account_name; join->in.netbios_name = netbios_name; @@ -673,6 +679,20 @@ NTSTATUS libnet_Vampire(struct libnet_context *ctx, TALLOC_CTX *mem_ctx, s->targetdir = r->in.targetdir; ZERO_STRUCT(b); + + /* Be more robust: + * We now know the domain and realm for sure - if they didn't + * put one on the command line, use this for the rest of the + * join */ + cli_credentials_set_realm(ctx->cred, join->out.realm, CRED_GUESS_ENV); + cli_credentials_set_domain(ctx->cred, join->out.domain_name, CRED_GUESS_ENV); + + /* Now set these values into the smb.conf - we probably had + * empty or useless defaults here from whatever smb.conf we + * started with */ + lp_set_cmdline(s->lp_ctx, "realm", join->out.realm); + lp_set_cmdline(s->lp_ctx, "workgroup", join->out.domain_name); + b.in.domain_dns_name = join->out.realm; b.in.domain_netbios_name = join->out.domain_name; b.in.domain_sid = join->out.domain_sid; -- Samba Shared Repository