The branch, master has been updated via d09ac96 Removed phpldapadmin inclusion for Samba 4. via 83d34bb dns_server: Try and use the dns-SERVER account if we were configured with it from 0296548 ccan: check for all the used config.h defines
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log ----------------------------------------------------------------- commit d09ac9636af6a31098156ca65ab62e11ce3a5d15 Author: Ricky Nance <ricky.na...@weaubleau.k12.mo.us> Date: Tue Oct 16 00:52:51 2012 -0500 Removed phpldapadmin inclusion for Samba 4. Signed-off-by: Andrew Bartlett <abart...@samba.org> Autobuild-User(master): Andrew Bartlett <abart...@samba.org> Autobuild-Date(master): Wed Oct 17 12:55:44 CEST 2012 on sn-devel-104 commit 83d34bb2bbcbc0ebbcb81825590363e996979e08 Author: Andrew Bartlett <abart...@samba.org> Date: Tue Oct 16 15:08:30 2012 +1100 dns_server: Try and use the dns-SERVER account if we were configured with it ----------------------------------------------------------------------- Summary of changes: source4/dns_server/dns_server.c | 61 +++++++++++++++----- .../scripting/python/samba/provision/__init__.py | 20 ------- source4/scripting/python/samba/tests/provision.py | 10 --- source4/setup/phpldapadmin-config.php | 20 ------- 4 files changed, 47 insertions(+), 64 deletions(-) delete mode 100644 source4/setup/phpldapadmin-config.php Changeset truncated at 500 lines: diff --git a/source4/dns_server/dns_server.c b/source4/dns_server/dns_server.c index 8e25396..6824fef 100644 --- a/source4/dns_server/dns_server.c +++ b/source4/dns_server/dns_server.c @@ -748,7 +748,11 @@ static void dns_task_init(struct task_server *task) int ret; struct ldb_result *res; static const char * const attrs[] = { "name", NULL}; + static const char * const attrs_none[] = { NULL}; unsigned int i; + struct ldb_message *dns_acc; + char *hostname_lower; + char *dns_spn; switch (lpcfg_server_role(task->lp_ctx)) { case ROLE_STANDALONE: @@ -787,29 +791,58 @@ static void dns_task_init(struct task_server *task) return; } - cli_credentials_set_conf(dns->server_credentials, task->lp_ctx); - status = cli_credentials_set_machine_account(dns->server_credentials, task->lp_ctx); - if (!NT_STATUS_IS_OK(status)) { - task_server_terminate(task, - talloc_asprintf(task, "Failed to obtain server credentials, perhaps a standalone server?: %s\n", - nt_errstr(status)), - true); + dns->samdb = samdb_connect(dns, dns->task->event_ctx, dns->task->lp_ctx, + system_session(dns->task->lp_ctx), 0); + if (!dns->samdb) { + task_server_terminate(task, "dns: samdb_connect failed", true); return; } + cli_credentials_set_conf(dns->server_credentials, task->lp_ctx); + + hostname_lower = strlower_talloc(dns, lpcfg_netbios_name(task->lp_ctx)); + dns_spn = talloc_asprintf(dns, "DNS/%s.%s", + hostname_lower, + lpcfg_dnsdomain(task->lp_ctx)); + TALLOC_FREE(hostname_lower); + + ret = dsdb_search_one(dns->samdb, dns, &dns_acc, + ldb_get_default_basedn(dns->samdb), LDB_SCOPE_SUBTREE, + attrs_none, 0, "(servicePrincipalName=%s)", + dns_spn); + if (ret == LDB_SUCCESS) { + TALLOC_FREE(dns_acc); + if (!dns_spn) { + task_server_terminate(task, "dns: talloc_asprintf failed", true); + return; + } + status = cli_credentials_set_stored_principal(dns->server_credentials, task->lp_ctx, dns_spn); + if (!NT_STATUS_IS_OK(status)) { + task_server_terminate(task, + talloc_asprintf(task, "Failed to obtain server credentials for DNS, " + "despite finding it in the samdb! %s\n", + nt_errstr(status)), + true); + return; + } + } else { + TALLOC_FREE(dns_spn); + status = cli_credentials_set_machine_account(dns->server_credentials, task->lp_ctx); + if (!NT_STATUS_IS_OK(status)) { + task_server_terminate(task, + talloc_asprintf(task, "Failed to obtain server credentials, perhaps a standalone server?: %s\n", + nt_errstr(status)), + true); + return; + } + } + dns->tkeys = tkey_store_init(dns, TKEY_BUFFER_SIZE); if (!dns->tkeys) { task_server_terminate(task, "Failed to allocate tkey storage\n", true); return; } - dns->samdb = samdb_connect(dns, dns->task->event_ctx, dns->task->lp_ctx, - system_session(dns->task->lp_ctx), 0); - if (!dns->samdb) { - task_server_terminate(task, "dns: samdb_connect failed", true); - return; - } - // TODO: this search does not work against windows ret = dsdb_search(dns->samdb, dns, &res, NULL, LDB_SCOPE_SUBTREE, attrs, DSDB_SEARCH_SEARCH_ALL_PARTITIONS, "(objectClass=dnsZone)"); diff --git a/source4/scripting/python/samba/provision/__init__.py b/source4/scripting/python/samba/provision/__init__.py index 9966192..d440b9f 100644 --- a/source4/scripting/python/samba/provision/__init__.py +++ b/source4/scripting/python/samba/provision/__init__.py @@ -122,7 +122,6 @@ class ProvisionPaths(object): self.winsdb = None self.private_dir = None self.state_dir = None - self.phpldapadminconfig = None class ProvisionNames(object): @@ -401,12 +400,6 @@ class ProvisionResult(object): logger.info("DNS Domain: %s", self.names.dnsdomain) logger.info("DOMAIN SID: %s", self.domainsid) - if self.paths.phpldapadminconfig is not None: - logger.info( - "A phpLDAPadmin configuration file suitable for administering " - "the Samba 4 LDAP server has been created in %s.", - self.paths.phpldapadminconfig) - if self.backend_result: self.backend_result.report_logger(logger) @@ -474,8 +467,6 @@ def provision_paths_from_lp(lp, dnsdomain): paths.krb5conf = os.path.join(paths.private_dir, "krb5.conf") paths.winsdb = os.path.join(paths.private_dir, "wins.ldb") paths.s4_ldapi_path = os.path.join(paths.private_dir, "ldapi") - paths.phpldapadminconfig = os.path.join(paths.private_dir, - "phpldapadmin-config.php") paths.hklm = "hklm.ldb" paths.hkcr = "hkcr.ldb" paths.hkcu = "hkcu.ldb" @@ -2052,8 +2043,6 @@ def provision(logger, session_info, credentials, smbconf=None, backend_result = provision_backend.post_setup() provision_backend.shutdown() - create_phpldapadmin_config(paths.phpldapadminconfig, - ldapi_url) except: secrets_ldb.transaction_cancel() raise @@ -2124,15 +2113,6 @@ def provision_become_dc(smbconf=None, targetdir=None, return res -def create_phpldapadmin_config(path, ldapi_uri): - """Create a PHP LDAP admin configuration file. - - :param path: Path to write the configuration to. - """ - setup_file(setup_path("phpldapadmin-config.php"), path, - {"S4_LDAPI_URI": ldapi_uri}) - - def create_krb5_conf(path, dnsdomain, hostname, realm): """Write out a file containing zone statements suitable for inclusion in a named.conf file (including GSS-TSIG configuration). diff --git a/source4/scripting/python/samba/tests/provision.py b/source4/scripting/python/samba/tests/provision.py index f7fb407..9921791 100644 --- a/source4/scripting/python/samba/tests/provision.py +++ b/source4/scripting/python/samba/tests/provision.py @@ -104,9 +104,6 @@ class Disabled(object): def test_setup_samdb_partitions(self): raise NotImplementedError(self.test_setup_samdb_partitions) - def test_create_phpldapadmin_config(self): - raise NotImplementedError(self.test_create_phpldapadmin_config) - def test_provision_dns(self): raise NotImplementedError(self.test_provision_dns) @@ -185,13 +182,6 @@ class ProvisionResultTests(TestCase): ('INFO', 'DNS Domain: dnsdomein'), ('INFO', 'DOMAIN SID: S1-1-1')]) - def test_report_logger_phpldapadmin(self): - result = self.base_result() - result.paths.phpldapadminconfig = "/some/ldapconfig" - entries = self.report_logger(result) - self.assertEquals(entries[-1], - ("INFO", "A phpLDAPadmin configuration file suitable for administering the Samba 4 LDAP server has been created in /some/ldapconfig.")) - def test_report_logger_adminpass(self): result = self.base_result() result.adminpass_generated = True diff --git a/source4/setup/phpldapadmin-config.php b/source4/setup/phpldapadmin-config.php deleted file mode 100644 index 8a2f215..0000000 --- a/source4/setup/phpldapadmin-config.php +++ /dev/null @@ -1,20 +0,0 @@ -<?php -/** - * The phpLDAPadmin config file, customised for use with Samba4 - * - * Use config.php.example to create config.php, if you don't have one. - * - * Append this file to config.php. - */ - -/* Create a new LDAP server for SAMBA4 */ -$servers->newServer('ldap_pla'); - -/* A convenient name that will appear in the tree viewer and throughout - phpLDAPadmin to identify this LDAP server to users. */ -$servers->setValue('server','name','Samba4 LDAP Server'); -$servers->setValue('server','host','${S4_LDAPI_URI}'); -$servers->setValue('login','auth_type','session'); -$servers->setValue('login','attr','dn'); - -?> -- Samba Shared Repository