def install_check(standalone, options, api):
global netbios_name
global reset_netbios_name
if not standalone:
check_for_installed_deps()
realm_not_matching_domain = (api.env.domain.upper() != api.env.realm)
if realm_not_matching_domain:
print("WARNING: Realm name does not match the domain name.\n"
"You will not be able to estabilish trusts with Active "
"Directory unless\nthe realm name of the IPA server matches its "
"domain name.\n\n")
if not options.unattended:
if not ipautil.user_input("Do you wish to continue?",
default=False,
allow_empty=False):
raise ScriptError("Aborting installation.")
# Check if /etc/samba/smb.conf already exists. In case it was not generated
# by IPA, print a warning that we will break existing configuration.
if adtrustinstance.ipa_smb_conf_exists():
if not options.unattended:
print("IPA generated smb.conf detected.")
if not ipautil.user_input("Overwrite smb.conf?",
default=False,
allow_empty=False):
raise ScriptError("Aborting installation.")
elif os.path.exists(paths.SMB_CONF):
print("WARNING: The smb.conf already exists. Running "
"ipa-adtrust-install will break your existing samba "
"configuration.\n\n")
if not options.unattended:
if not ipautil.user_input("Do you wish to continue?",
default=False,
allow_empty=False):
raise ScriptError("Aborting installation.")
elif os.path.exists(paths.SMB_CONF):
print("WARNING: The smb.conf already exists. Running "
"ipa-adtrust-install will break your existing samba "
"configuration.\n\n")
if not options.unattended:
if not ipautil.user_input("Do you wish to continue?",
default=False,
allow_empty=False):
raise ScriptError("Aborting installation.")
if not options.unattended and not options.enable_compat:
options.enable_compat = enable_compat_tree()
netbios_name, reset_netbios_name = set_and_check_netbios_name(
options.netbios_name, options.unattended, api)
if not options.add_sids:
retrieve_and_ask_about_sids(api, options)
def install_check(standalone, options, api):
global netbios_name
global reset_netbios_name
if not standalone:
check_for_installed_deps()
realm_not_matching_domain = (api.env.domain.upper() != api.env.realm)
if realm_not_matching_domain:
print("WARNING: Realm name does not match the domain name.\n"
"You will not be able to establish trusts with Active "
"Directory unless\nthe realm name of the IPA server matches its "
"domain name.\n\n")
if not options.unattended:
if not ipautil.user_input("Do you wish to continue?",
default=False,
allow_empty=False):
raise ScriptError("Aborting installation.")
# Check if /etc/samba/smb.conf already exists. In case it was not generated
# by IPA, print a warning that we will break existing configuration.
if adtrustinstance.ipa_smb_conf_exists():
if not options.unattended:
print("IPA generated smb.conf detected.")
if not ipautil.user_input("Overwrite smb.conf?",
default=False,
allow_empty=False):
raise ScriptError("Aborting installation.")
elif os.path.exists(paths.SMB_CONF):
print("WARNING: The smb.conf already exists. Running "
"ipa-adtrust-install will break your existing samba "
"configuration.\n\n")
if not options.unattended:
if not ipautil.user_input("Do you wish to continue?",
default=False,
allow_empty=False):
raise ScriptError("Aborting installation.")
elif os.path.exists(paths.SMB_CONF):
print("WARNING: The smb.conf already exists. Running "
"ipa-adtrust-install will break your existing samba "
"configuration.\n\n")
if not options.unattended:
if not ipautil.user_input("Do you wish to continue?",
default=False,
allow_empty=False):
raise ScriptError("Aborting installation.")
if not options.unattended and not options.enable_compat:
options.enable_compat = enable_compat_tree()
netbios_name, reset_netbios_name = set_and_check_netbios_name(
options.netbios_name, options.unattended, api)
if not options.add_sids:
retrieve_and_ask_about_sids(api, options)
def install_check(standalone, options, api):
global netbios_name
global reset_netbios_name
if standalone:
check_for_installed_deps()
realm_not_matching_domain = (api.env.domain.upper() != api.env.realm)
if realm_not_matching_domain:
print("WARNING: Realm name does not match the domain name.\n"
"You will not be able to estabilish trusts with Active "
"Directory unless\nthe realm name of the IPA server matches its "
"domain name.\n\n")
if not options.unattended:
if not ipautil.user_input("Do you wish to continue?",
default=False,
allow_empty=False):
raise ScriptError("Aborting installation.")
# Check if /etc/samba/smb.conf already exists. In case it was not generated
# by IPA, print a warning that we will break existing configuration.
if adtrustinstance.ipa_smb_conf_exists():
if not options.unattended:
print("IPA generated smb.conf detected.")
if not ipautil.user_input(
"Overwrite smb.conf?", default=False, allow_empty=False):
raise ScriptError("Aborting installation.")
elif os.path.exists(paths.SMB_CONF):
print("WARNING: The smb.conf already exists. Running "
"ipa-adtrust-install will break your existing samba "
"configuration.\n\n")
if not options.unattended:
if not ipautil.user_input("Do you wish to continue?",
default=False,
allow_empty=False):
raise ScriptError("Aborting installation.")
elif os.path.exists(paths.SMB_CONF):
print("WARNING: The smb.conf already exists. Running "
"ipa-adtrust-install will break your existing samba "
"configuration.\n\n")
if not options.unattended:
if not ipautil.user_input("Do you wish to continue?",
default=False,
allow_empty=False):
raise ScriptError("Aborting installation.")
if not options.unattended and not options.enable_compat:
options.enable_compat = enable_compat_tree()
netbios_name, reset_netbios_name = set_and_check_netbios_name(
options.netbios_name, options.unattended, api)
if not options.add_sids:
# The filter corresponds to ipa_sidgen_task.c LDAP search filter
filter = '(&(objectclass=ipaobject)(!(objectclass=mepmanagedentry))' \
'(|(objectclass=posixaccount)(objectclass=posixgroup)' \
'(objectclass=ipaidobject))(!(ipantsecurityidentifier=*)))'
base_dn = api.env.basedn
try:
root_logger.debug(
"Searching for objects with missing SID with "
"filter=%s, base_dn=%s", filter, base_dn)
entries, _truncated = api.Backend.ldap2.find_entries(
filter=filter, base_dn=base_dn, attrs_list=[''])
except errors.NotFound:
# All objects have SIDs assigned
pass
except (errors.DatabaseError, errors.NetworkError) as e:
print("Could not retrieve a list of objects that need a SID "
"identifier assigned:")
print(unicode(e))
else:
object_count = len(entries)
if object_count > 0:
print("")
print("WARNING: %d existing users or groups do not have "
"a SID identifier assigned." % len(entries))
print("Installer can run a task to have ipa-sidgen "
"Directory Server plugin generate")
print("the SID identifier for all these users. Please note, "
"the in case of a high")
print("number of users and groups, the operation might "
"lead to high replication")
print("traffic and performance degradation. Refer to "
"ipa-adtrust-install(1) man page")
print("for details.")
print("")
if options.unattended:
print("Unattended mode was selected, installer will "
"NOT run ipa-sidgen task!")
else:
if ipautil.user_input(
"Do you want to run the ipa-sidgen task?",
default=False,
allow_empty=False):
options.add_sids = True