def main(): smb_conf_path = "/usr/local/etc/smb4.conf" smb4_tdb = [] smb4_conf = [] smb4_shares = [] backup_secrets_database() smb4_setup() old_samba4_datasets = get_old_samba4_datasets() if migration_available(old_samba4_datasets): do_migration(old_samba4_datasets) role = get_server_role() generate_smbusers() generate_smb4_tdb(smb4_tdb) generate_smb4_conf(smb4_conf, role) generate_smb4_system_shares(smb4_shares) generate_smb4_shares(smb4_shares) if role == 'dc' and not Samba4().domain_provisioned(): provision_smb4() with open(smb_conf_path, "w") as f: for line in smb4_conf: f.write(line + '\n') for line in smb4_shares: f.write(line + '\n') smb4_set_SID() if role == 'member' and smb4_ldap_enabled(): set_ldap_password() backup_secrets_database() if role != 'dc': if not Samba4().users_imported(): smb4_import_users( smb_conf_path, smb4_tdb, "/var/db/samba4/private/passdb.tdb" ) smb4_grant_rights() Samba4().user_import_sentinel_file_create() smb4_map_groups() if role == 'member' and activedirectory_enabled() and idmap_backend_rfc2307(): set_idmap_rfc2307_secret() restore_secrets_database()
def delete(self, using=None, reload=True): from freenasUI.services.models import CIFS if self.bsdusr_builtin is True: raise ValueError(_( "User %s is built-in and can not be deleted!" ) % (self.bsdusr_username)) notifier().user_deleteuser(self.bsdusr_username.encode('utf-8')) if domaincontroller_enabled(): Samba4().user_delete(self.bsdusr_username.encode('utf-8')) try: gobj = self.bsdusr_group count = bsdGroupMembership.objects.filter( bsdgrpmember_group=gobj).count() count2 = bsdUsers.objects.filter(bsdusr_group=gobj).exclude( id=self.id).count() if not gobj.bsdgrp_builtin and count == 0 and count2 == 0: gobj.delete(reload=False, pwdelete=False) except: pass cifs = CIFS.objects.latest('id') if cifs: if cifs.cifs_srv_guest == self.bsdusr_username: cifs.cifs_srv_guest = 'nobody' cifs.save() super(bsdUsers, self).delete(using) if reload: notifier().reload("user")
def smb4_import_groups(): s = Samba4() groups = get_groups() for g in groups: s.group_add(g) if groups[g]: s.group_addmembers(g, groups[g])
def provision_smb4(): if not Samba4().domain_provision(): print >> sys.stderr, "Failed to provision domain" return False if not Samba4().disable_password_complexity(): print >> sys.stderr, "Failed to disable password complexity" return False if not Samba4().set_administrator_password(): print >> sys.stderr, "Failed to set administrator password" return False if not Samba4().sentinel_file_create(): return False return True
def delete(self, using=None, reload=True): if self.bsdgrp_builtin is True: raise ValueError( _("Group %s is built-in and can not be deleted!") % (self.bsdgrp_group)) notifier().user_deletegroup(self.bsdgrp_group.encode('utf-8')) if domaincontroller_enabled(): Samba4().group_delete(self.bsdgrp_group.encode('utf-8')) super(bsdGroups, self).delete(using) if reload: notifier().reload("user")
def run(context): global dispatcher dispatcher = context.client smb_conf_path = "/usr/local/etc/smb4.conf" smb4_tdb = [] smb4_conf = [] smb4_shares = [] smb4_setup() old_samba4_datasets = get_old_samba4_datasets() if migration_available(old_samba4_datasets): do_migration(old_samba4_datasets) role = get_server_role() generate_smb4_tdb(smb4_tdb) generate_smb4_conf(smb4_conf, role) generate_smb4_system_shares(smb4_shares) generate_smb4_shares(smb4_shares) if role == 'dc' and not Samba4().domain_provisioned(): provision_smb4() with open(smb_conf_path, "w") as f: for line in smb4_conf: f.write(line + '\n') for line in smb4_shares: f.write(line + '\n') f.close() context.emit_event('etcd.file_generated', { 'filename': smb_conf_path }) smb4_set_SID() if role == 'member' and smb4_ldap_enabled(): set_ldap_password() if role != 'dc': smb4_import_users(smb_conf_path, smb4_tdb, "/var/etc/private/passdb.tdb") smb4_map_groups() smb4_grant_rights() if role == 'member' and activedirectory_enabled() and idmap_backend_rfc2307(): set_idmap_rfc2307_secret()
def main(): smb_conf_path = "/usr/local/etc/smb4.conf" smb4_tdb = [] smb4_conf = [] smb4_shares = [] smb4_setup() old_samba4_datasets = get_old_samba4_datasets() if migration_available(old_samba4_datasets): do_migration(old_samba4_datasets) role = get_server_role() generate_smb4_tdb(smb4_tdb) generate_smb4_conf(smb4_conf, role) generate_smb4_shares(smb4_shares) if role == 'dc' and not Samba4().domain_provisioned(): provision_smb4() with open(smb_conf_path, "w") as f: for line in smb4_conf: f.write(line + '\n') for line in smb4_shares: f.write(line + '\n') f.close() if role == 'member' and ldap_enabled(): set_ldap_password() (fd, tmpfile) = tempfile.mkstemp(dir="/tmp") for line in smb4_tdb: os.write(fd, line + '\n') os.close(fd) if role == 'dc': import_users(smb_conf_path, tmpfile) smb4_import_groups() else: import_users(smb_conf_path, tmpfile, "tdbsam:/var/etc/private/passdb.tdb") smb4_map_groups() os.unlink(tmpfile)
def delete(self, using=None, reload=True): if self.bsdusr_builtin is True: raise ValueError( _("User %s is built-in and can not be deleted!") % (self.bsdusr_username)) notifier().user_deleteuser(self.bsdusr_username.encode('utf-8')) if domaincontroller_enabled(): Samba4().user_delete(self.bsdusr_username.encode('utf-8')) try: gobj = self.bsdusr_group count = bsdGroupMembership.objects.filter( bsdgrpmember_group=gobj).count() count2 = bsdUsers.objects.filter(bsdusr_group=gobj).exclude( id=self.id).count() if not gobj.bsdgrp_builtin and count == 0 and count2 == 0: gobj.delete(reload=False) except: pass super(bsdUsers, self).delete(using) if reload: notifier().reload("user")
def samba4(self, name, args=None): """Temporary wrapper to use Samba4 over middlewared""" if args is None: args = [] return getattr(Samba4(), name)(*args)