From 5c3ef6dbaecb032a33351bea04f044ce9fd2fc8d Mon Sep 17 00:00:00 2001 From: Andrew Bartlett Date: Mon, 16 Nov 2009 18:51:17 +1100 Subject: [PATCH] s4:provision Split up reference creation, load schema earlier in the stack The schema needs to be loaded above the extended_dn_out modules as otherwise we don't get an extended DN in the search results. The reference split is to ensure we create references after the objects they reference exist. Andrew Bartlett --- source4/scripting/python/samba/provision.py | 14 ++++++++------ source4/setup/provision_basedn_modify.ldif | 14 +------------- source4/setup/provision_basedn_references.ldif | 22 ++++++++++++++++++++++ 3 files changed, 31 insertions(+), 19 deletions(-) create mode 100644 source4/setup/provision_basedn_references.ldif diff --git a/source4/scripting/python/samba/provision.py b/source4/scripting/python/samba/provision.py index e2f7cd79534..6d779c38ba8 100644 --- a/source4/scripting/python/samba/provision.py +++ b/source4/scripting/python/samba/provision.py @@ -554,6 +554,7 @@ def setup_samdb_partitions(samdb_path, setup_path, message, lp, session_info, # # Some Known ordering constraints: # - rootdse must be first, as it makes redirects from "" -> cn=rootdse + # - extended_dn_in must be before objectclass.c, as it resolves the DN # - objectclass must be before password_hash, because password_hash checks # that the objectclass is of type person (filled in by objectclass # module when expanding the objectclass list) @@ -577,6 +578,7 @@ def setup_samdb_partitions(samdb_path, setup_path, message, lp, session_info, "password_hash", "operational", "kludge_acl", + "schema_load", "instancetype"] tdb_modules_list = [ "subtree_rename", @@ -584,7 +586,6 @@ def setup_samdb_partitions(samdb_path, setup_path, message, lp, session_info, "linked_attributes", "extended_dn_out_ldb"] modules_list2 = ["show_deleted", - "schema_load", "new_partition", "partition"] @@ -996,11 +997,6 @@ def setup_samdb(path, setup_path, session_info, provision_backend, lp, "CONFIGDN": names.configdn, "DESCRIPTOR": descr, }) - message("Modifying configuration container") - setup_modify_ldif(samdb, setup_path("provision_configuration_basedn_modify.ldif"), { - "CONFIGDN": names.configdn, - "SCHEMADN": names.schemadn, - }) # The LDIF here was created when the Schema object was constructed message("Setting up sam.ldb schema") @@ -1053,6 +1049,12 @@ def setup_samdb(path, setup_path, session_info, provision_backend, lp, "POLICYGUID_DC": policyguid_dc }) + setup_modify_ldif(samdb, setup_path("provision_basedn_references.ldif"), { + "DOMAINDN": names.domaindn}) + + setup_modify_ldif(samdb, setup_path("provision_configuration_references.ldif"), { + "CONFIGDN": names.configdn, + "SCHEMADN": names.schemadn}) if fill == FILL_FULL: message("Setting up sam.ldb users and groups") setup_add_ldif(samdb, setup_path("provision_users.ldif"), { diff --git a/source4/setup/provision_basedn_modify.ldif b/source4/setup/provision_basedn_modify.ldif index 7fc5c6bf86f..ea41cd8bfbc 100644 --- a/source4/setup/provision_basedn_modify.ldif +++ b/source4/setup/provision_basedn_modify.ldif @@ -97,16 +97,4 @@ systemFlags: -1946157056 replace: uASCompat uASCompat: 1 - -replace: wellKnownObjects -wellKnownObjects: B:32:6227f0af1fc2410d8e3bb10615bb5b0f:CN=NTDS Quotas,${DOMAINDN} -wellKnownObjects: B:32:f4be92a4c777485e878e9421d53087db:CN=Microsoft,CN=Program Data,${DOMAINDN} -wellKnownObjects: B:32:09460c08ae1e4a4ea0f64aee7daa1e5a:CN=Program Data,${DOMAINDN} -wellKnownObjects: B:32:22b70c67d56e4efb91e9300fca3dc1aa:CN=ForeignSecurityPrincipals,${DOMAINDN} -wellKnownObjects: B:32:18e2ea80684f11d2b9aa00c04f79f805:CN=Deleted Objects,${DOMAINDN} -wellKnownObjects: B:32:2fbac1870ade11d297c400c04fd8d5cd:CN=Infrastructure,${DOMAINDN} -wellKnownObjects: B:32:ab8153b7768811d1aded00c04fd8d5cd:CN=LostAndFound,${DOMAINDN} -wellKnownObjects: B:32:ab1d30f3768811d1aded00c04fd8d5cd:CN=System,${DOMAINDN} -wellKnownObjects: B:32:a361b2ffffd211d1aa4b00c04fd7d83a:OU=Domain Controllers,${DOMAINDN} -wellKnownObjects: B:32:aa312825768811d1aded00c04fd8d5cd:CN=Computers,${DOMAINDN} -wellKnownObjects: B:32:a9d1ca15768811d1aded00c04fd8d5cd:CN=Users,${DOMAINDN} -- + diff --git a/source4/setup/provision_basedn_references.ldif b/source4/setup/provision_basedn_references.ldif new file mode 100644 index 00000000000..a71c11c5c4e --- /dev/null +++ b/source4/setup/provision_basedn_references.ldif @@ -0,0 +1,22 @@ +############################### +# Domain Naming Context +############################### +dn: ${DOMAINDN} +changetype: modify +- +replace: rIDManagerReference +rIDManagerReference: CN=RID Manager$,CN=System,${DOMAINDN} +- +replace: wellKnownObjects +wellKnownObjects: B:32:6227f0af1fc2410d8e3bb10615bb5b0f:CN=NTDS Quotas,${DOMAINDN} +wellKnownObjects: B:32:f4be92a4c777485e878e9421d53087db:CN=Microsoft,CN=Program Data,${DOMAINDN} +wellKnownObjects: B:32:09460c08ae1e4a4ea0f64aee7daa1e5a:CN=Program Data,${DOMAINDN} +wellKnownObjects: B:32:22b70c67d56e4efb91e9300fca3dc1aa:CN=ForeignSecurityPrincipals,${DOMAINDN} +wellKnownObjects: B:32:18e2ea80684f11d2b9aa00c04f79f805:CN=Deleted Objects,${DOMAINDN} +wellKnownObjects: B:32:2fbac1870ade11d297c400c04fd8d5cd:CN=Infrastructure,${DOMAINDN} +wellKnownObjects: B:32:ab8153b7768811d1aded00c04fd8d5cd:CN=LostAndFound,${DOMAINDN} +wellKnownObjects: B:32:ab1d30f3768811d1aded00c04fd8d5cd:CN=System,${DOMAINDN} +wellKnownObjects: B:32:a361b2ffffd211d1aa4b00c04fd7d83a:OU=Domain Controllers,${DOMAINDN} +wellKnownObjects: B:32:aa312825768811d1aded00c04fd8d5cd:CN=Computers,${DOMAINDN} +wellKnownObjects: B:32:a9d1ca15768811d1aded00c04fd8d5cd:CN=Users,${DOMAINDN} +- -- 2.11.4.GIT