def post(self, request, command):
"""
execute a command on the service
"""
service_name = 'smb'
service = Service.objects.get(name=service_name)
if (command == 'config'):
aso = Service.objects.get(name='active-directory')
if (aso.config is not None):
e_msg = ('Active Directory service is configured, so '
'Workgroup is automatically retrieved and cannot '
'be set manually')
handle_exception(Exception(e_msg), request)
try:
config = request.data.get('config', {
'workgroup': 'MYGROUP',
})
workgroup = config['workgroup']
self._save_config(service, config)
update_global_config(workgroup)
restart_samba(hard=True)
except Exception, e:
e_msg = ('Samba could not be configured. Try again. '
'Exception: %s' % e.__str__())
handle_exception(Exception(e_msg), request)
def post(self, request, command):
"""
execute a command on the service
"""
service = Service.objects.get(name=self.service_name)
if (command == 'config'):
aso = Service.objects.get(name='active-directory')
if (aso.config is not None):
e_msg = ('Active Directory service is configured, so '
'Workgroup is automatically retrieved and cannot '
'be set manually')
handle_exception(Exception(e_msg), request)
try:
config = request.data.get('config', {})
global_config = {}
gc_lines = config['global_config'].split('\n')
for l in gc_lines:
gc_param = l.strip().split('=')
if (len(gc_param) == 2):
global_config[gc_param[0].strip().lower()] = gc_param[1].strip()
if ('workgroup' not in global_config):
global_config['workgroup'] = config['workgroup']
self._save_config(service, global_config)
adso = Service.objects.get(name='active-directory')
adconfig = {}
if (adso.config is not None):
adconfig = self._get_config(adso)
update_global_config(global_config, adconfig)
restart_samba(hard=True)
except Exception, e:
e_msg = ('Samba could not be configured. Try again. '
'Exception: %s' % e.__str__())
handle_exception(Exception(e_msg), request)
def post(self, request, command):
"""
execute a command on the service
"""
service = Service.objects.get(name=self.service_name)
if (command == 'config'):
try:
config = request.data.get('config', {})
global_config = {}
gc_lines = config['global_config'].split('\n')
for l in gc_lines:
gc_param = l.strip().split(' = ')
if (len(gc_param) == 2):
if '=' in gc_param[0]:
raise Exception(
'Syntax error, one param has wrong spaces around equal signs, '
'please check syntax of \'%s\'' %
''.join(gc_param))
global_config[
gc_param[0].strip().lower()] = gc_param[1].strip()
#Default set current workgroup to one got via samba config page
global_config['workgroup'] = config['workgroup']
#Check Active Directory config and status
#if AD configured and ON set workgroup to AD retrieved workgroup
#else AD not running and leave workgroup to one choosen by user
adso = Service.objects.get(name='active-directory')
adconfig = None
adso_status = 1
if (adso.config is not None):
adconfig = self._get_config(adso)
adso_out, adso_err, adso_status = service_status(
'active-directory', adconfig)
if adso_status == 0:
global_config['workgroup'] = adconfig['workgroup']
else:
adconfig = None
self._save_config(service, global_config)
update_global_config(global_config, adconfig)
restart_samba(hard=True)
except Exception, e:
e_msg = ('Samba could not be configured. Try again. '
'Exception: %s' % e.__str__())
handle_exception(Exception(e_msg), request)
def post(self, request, command):
"""
execute a command on the service
"""
service_name = 'smb'
service = Service.objects.get(name=service_name)
if (command == 'config'):
#nothing to really configure atm. just save the model
try:
config = request.data.get('config', {'workgroup': 'MYGROUP',})
workgroup = config['workgroup']
self._save_config(service, config)
update_global_config(workgroup)
restart_samba(hard=True)
except Exception, e:
e_msg = ('Samba could not be configured. Try again. '
'Exception: %s' % e.__str__())
handle_exception(Exception(e_msg), request)
def post(self, request, command):
"""
execute a command on the service
"""
service = Service.objects.get(name=self.service_name)
if (command == 'config'):
try:
config = request.data.get('config', {})
global_config = {}
gc_lines = config['global_config'].split('\n')
for l in gc_lines:
gc_param = l.strip().split(' = ')
if (len(gc_param) == 2):
if '=' in gc_param[0]:
raise Exception('Syntax error, one param has wrong spaces around equal signs, '
'please check syntax of \'%s\'' % ''.join(gc_param))
global_config[gc_param[0].strip().lower()] = gc_param[1].strip()
#Default set current workgroup to one got via samba config page
global_config['workgroup'] = config['workgroup']
#Check Active Directory config and status
#if AD configured and ON set workgroup to AD retrieved workgroup
#else AD not running and leave workgroup to one choosen by user
adso = Service.objects.get(name='active-directory')
adconfig = None
adso_status = 1
if (adso.config is not None):
adconfig = self._get_config(adso)
adso_out, adso_err, adso_status = service_status('active-directory', adconfig)
if adso_status == 0:
global_config['workgroup'] = adconfig['workgroup']
else:
adconfig = None
self._save_config(service, global_config)
update_global_config(global_config, adconfig)
restart_samba(hard=True)
except Exception, e:
e_msg = ('Samba could not be configured. Try again. '
'Exception: %s' % e.__str__())
handle_exception(Exception(e_msg), request)
def post(self, request, command):
"""
execute a command on the service
"""
service_name = 'smb'
service = Service.objects.get(name=service_name)
if (command == 'config'):
aso = Service.objects.get(name='active-directory')
if (aso.config is not None):
e_msg = ('Active Directory service is configured, so '
'Workgroup is automatically retrieved and cannot '
'be set manually')
handle_exception(Exception(e_msg), request)
try:
config = request.data.get('config', {'workgroup': 'MYGROUP',})
workgroup = config['workgroup']
self._save_config(service, config)
update_global_config(workgroup)
restart_samba(hard=True)
except Exception, e:
e_msg = ('Samba could not be configured. Try again. '
'Exception: %s' % e.__str__())
handle_exception(Exception(e_msg), request)
def post(self, request, command):
"""
execute a command on the service
"""
service = Service.objects.get(name=self.service_name)
if (command == 'config'):
try:
config = request.data.get('config', {})
global_config = {}
if 'global_config' in config:
gc_lines = config['global_config'].split('\n')
for l in gc_lines:
gc_param = l.strip().split(' = ')
if (len(gc_param) == 2):
if '=' in gc_param[0]:
raise Exception(
'Syntax error, one param has wrong '
'spaces around equal signs, '
'please check syntax of '
'\'%s\'' % ''.join(gc_param))
global_config[gc_param[0].strip().lower(
)] = gc_param[1].strip() # noqa
# #E501 Default set current workgroup to one got via samba
# config page
global_config['workgroup'] = config['workgroup']
else:
global_config = config
# Check Active Directory config and status if AD configured and
# ON set workgroup to AD retrieved workgroup else AD not
# running and leave workgroup to one choosen by user
adso = Service.objects.get(name='active-directory')
adconfig = None
adso_status = 1
if (adso.config is not None):
adconfig = self._get_config(adso)
adso_out, adso_err, adso_status = service_status(
'active-directory', adconfig)
if adso_status == 0:
global_config['workgroup'] = adconfig['workgroup']
else:
adconfig = None
self._save_config(service, global_config)
update_global_config(global_config, adconfig)
restart_samba(hard=True)
except Exception as e:
e_msg = ('Samba could not be configured. Try again. '
'Exception: %s' % e.__str__())
handle_exception(Exception(e_msg), request)
else:
try:
if (command == 'stop'):
systemctl('smb', 'disable')
systemctl('nmb', 'disable')
else:
systemd_name = '%s.service' % self.service_name
ss_dest = ('/etc/systemd/system/%s' % systemd_name)
ss_src = ('%s/%s' % (settings.CONFROOT, systemd_name))
sum1 = md5sum(ss_dest)
sum2 = md5sum(ss_src)
if (sum1 != sum2):
shutil.copy(ss_src, ss_dest)
systemctl('smb', 'enable')
systemctl('nmb', 'enable')
systemctl('nmb', command)
systemctl('smb', command)
except Exception as e:
e_msg = ('Failed to %s samba due to a system error: %s' %
(command, e.__str__()))
handle_exception(Exception(e_msg), request)
return Response()
def post(self, request, command):
"""
execute a command on the service
"""
service = Service.objects.get(name=self.service_name)
if (command == 'config'):
try:
config = request.data.get('config', {})
global_config = {}
if 'global_config' in config:
gc_lines = config['global_config'].split('\n')
for l in gc_lines:
gc_param = l.strip().split(' = ')
if (len(gc_param) == 2):
if '=' in gc_param[0]:
raise Exception(
'Syntax error, one param has wrong '
'spaces around equal signs, '
'please check syntax of '
'\'%s\'' % ''.join(gc_param))
global_config[gc_param[0].strip().lower()] = gc_param[1].strip() # noqa
# #E501 Default set current workgroup to one got via samba
# config page
global_config['workgroup'] = config['workgroup']
else:
global_config = config
# Check Active Directory config and status if AD configured and
# ON set workgroup to AD retrieved workgroup else AD not
# running and leave workgroup to one choosen by user
adso = Service.objects.get(name='active-directory')
adconfig = None
adso_status = 1
if (adso.config is not None):
adconfig = self._get_config(adso)
adso_out, adso_err, adso_status = service_status(
'active-directory', adconfig)
if adso_status == 0:
global_config['workgroup'] = adconfig['workgroup']
else:
adconfig = None
self._save_config(service, global_config)
update_global_config(global_config, adconfig)
restart_samba(hard=True)
except Exception as e:
e_msg = ('Samba could not be configured. Try again. '
'Exception: %s' % e.__str__())
handle_exception(Exception(e_msg), request)
else:
try:
if (command == 'stop'):
systemctl('smb', 'disable')
systemctl('nmb', 'disable')
else:
systemd_name = '%s.service' % self.service_name
ss_dest = ('/etc/systemd/system/%s' % systemd_name)
ss_src = ('%s/%s' % (settings.CONFROOT, systemd_name))
sum1 = md5sum(ss_dest)
sum2 = md5sum(ss_src)
if (sum1 != sum2):
shutil.copy(ss_src, ss_dest)
systemctl('smb', 'enable')
systemctl('nmb', 'enable')
systemctl('nmb', command)
systemctl('smb', command)
except Exception as e:
e_msg = ('Failed to %s samba due to a system error: %s'
% (command, e.__str__()))
handle_exception(Exception(e_msg), request)
return Response()
#nss
cmd += ['--enablewinbind', '--enablewins',]
#pam
cmd += ['--enablewinbindauth',]
#smb
cmd += ['--smbsecurity', 'ads', '--smbrealm', domain.upper(),]
#kerberos
cmd += ['--krb5realm=%s' % domain.upper(),]
#winbind
cmd += ['--enablewinbindoffline', '--enablewinbindkrb5',
'--winbindtemplateshell=/bin/sh',]
#general
cmd += ['--update', '--enablelocauthorize',]
run_command(cmd)
workgroup = self._domain_workgroup(domain, method=method)
update_global_config(workgroup, domain, config.get('idmap_range'), config.get('rfc2307'))
self._join_domain(config, method=method)
if (method == 'sssd' and config.get('enumerate') is True):
self._update_sssd(domain)
so = Service.objects.get(name='smb')
so.config = json.dumps({'workgroup': workgroup})
so.save()
if (method == 'winbind'):
systemctl('winbind', 'enable')
systemctl('winbind', 'start')
systemctl('smb', 'restart')
systemctl('nmb', 'restart')
elif (command == 'stop'):
config = self._config(service, request)
def post(self, request, command):
"""
execute a command on the service
"""
service = Service.objects.get(name=self.service_name)
if command == "config":
try:
config = request.data.get("config", {})
global_config = {}
if "global_config" in config:
gc_lines = config["global_config"].split("\n")
for l in gc_lines:
gc_param = l.strip().split(" = ")
if len(gc_param) == 2:
if "=" in gc_param[0]:
raise Exception(
"Syntax error, one param has wrong "
"spaces around equal signs, "
"please check syntax of "
"'%s'" % "".join(gc_param))
global_config[gc_param[0].strip().lower(
)] = gc_param[1].strip() # noqa
# #E501 Default set current workgroup to one got via samba
# config page
global_config["workgroup"] = config["workgroup"]
else:
global_config = config
# Check Active Directory config and status if AD configured and
# ON set workgroup to AD retrieved workgroup else AD not
# running and leave workgroup to one choosen by user
adso = Service.objects.get(name="active-directory")
adconfig = None
adso_status = 1
if adso.config is not None:
adconfig = self._get_config(adso)
adso_out, adso_err, adso_status = service_status(
"active-directory", adconfig)
if adso_status == 0:
global_config["workgroup"] = adconfig["workgroup"]
else:
adconfig = None
self._save_config(service, global_config)
update_global_config(global_config, adconfig)
_, _, smb_rc = service_status(self.service_name)
# Restart samba only if already ON
# rc == 0 if service is ON, rc != 0 otherwise
if smb_rc == 0:
restart_samba(hard=True)
except Exception as e:
e_msg = ("Samba could not be configured. Try again. "
"Exception: %s" % e.__str__())
handle_exception(Exception(e_msg), request)
else:
try:
if command == "stop":
systemctl("smb", "disable")
systemctl("nmb", "disable")
else:
systemd_name = "{}.service".format(self.service_name)
distro_id = settings.OS_DISTRO_ID
self._write_smb_service(systemd_name, distro_id)
systemctl("smb", "enable")
systemctl("nmb", "enable")
systemctl("nmb", command)
systemctl("smb", command)
except Exception as e:
e_msg = "Failed to {} samba due to a system error: {}".format(
command, e.__str__())
handle_exception(Exception(e_msg), request)
return Response()
]
#winbind
cmd += [
'--enablewinbindoffline',
'--enablewinbindkrb5',
'--winbindtemplateshell=/bin/sh',
]
#general
cmd += [
'--update',
'--enablelocauthorize',
]
run_command(cmd)
workgroup = self._domain_workgroup(domain, method=method)
update_global_config(workgroup, domain,
config.get('idmap_range'),
config.get('rfc2307'))
self._join_domain(config, method=method)
if (method == 'sssd' and config.get('enumerate') is True):
self._update_sssd(domain)
so = Service.objects.get(name='smb')
so.config = json.dumps({'workgroup': workgroup})
so.save()
if (method == 'winbind'):
systemctl('winbind', 'enable')
systemctl('winbind', 'start')
systemctl('smb', 'restart')
systemctl('nmb', 'restart')
elif (command == 'stop'):
def post(self, request, command):
with self._handle_exception(request):
method = 'winbind'
service = Service.objects.get(name='active-directory')
if (command == 'config'):
config = request.data.get('config')
self._validate_config(config, request)
# 1. Name resolution check
self._resolve_check(config.get('domain'), request)
# 2. realm discover check?
# @todo: phase our realm and just use net?
domain = config.get('domain')
try:
cmd = ['realm', 'discover', '--name-only', domain]
o, e, rc = run_command(cmd)
except Exception as e:
e_msg = ('Failed to discover the given(%s) AD domain. '
'Error: %s' % (domain, e.__str__()))
handle_exception(Exception(e_msg), request)
default_range = '10000 - 999999'
idmap_range = config.get('idmap_range', '10000 - 999999')
idmap_range = idmap_range.strip()
if (len(idmap_range) > 0):
rfields = idmap_range.split()
if (len(rfields) != 3):
raise Exception('Invalid idmap range. valid format is '
'two integers separated by a -. eg: '
'10000 - 999999')
try:
rlow = int(rfields[0].strip())
rhigh = int(rfields[2].strip())
except Exception as e:
raise Exception('Invalid idmap range. Numbers in the '
'range must be valid integers. '
'Error: %s.' % e.__str__())
if (rlow >= rhigh):
raise Exception('Invalid idmap range. Numbers in the '
'range must go from low to high. eg: '
'10000 - 999999')
else:
config['idmap_range'] = default_range
self._save_config(service, config)
elif (command == 'start'):
config = self._config(service, request)
smbo = Service.objects.get(name='smb')
smb_config = self._get_config(smbo)
domain = config.get('domain')
# 1. make sure ntpd is running, or else, don't start.
self._ntp_check(request)
# 2. Name resolution check?
self._resolve_check(config.get('domain'), request)
if (method == 'winbind'):
cmd = [
'/usr/sbin/authconfig',
]
# nss
cmd += [
'--enablewinbind',
'--enablewins',
]
# pam
cmd += [
'--enablewinbindauth',
]
# smb
cmd += [
'--smbsecurity',
'ads',
'--smbrealm',
domain.upper(),
]
# kerberos
cmd += [
'--krb5realm=%s' % domain.upper(),
]
# winbind
cmd += [
'--enablewinbindoffline',
'--enablewinbindkrb5',
'--winbindtemplateshell=/bin/sh',
]
# general
cmd += [
'--update',
'--enablelocauthorize',
]
run_command(cmd)
config['workgroup'] = self._domain_workgroup(domain,
method=method)
self._save_config(service, config)
update_global_config(smb_config, config)
self._join_domain(config, method=method)
if (method == 'sssd' and config.get('enumerate') is True):
self._update_sssd(domain)
if (method == 'winbind'):
systemctl('winbind', 'enable')
systemctl('winbind', 'start')
systemctl('smb', 'restart')
systemctl('nmb', 'restart')
elif (command == 'stop'):
config = self._config(service, request)
try:
self._leave_domain(config, method=method)
smbo = Service.objects.get(name='smb')
smb_config = self._get_config(smbo)
update_global_config(smb_config)
systemctl('smb', 'restart')
systemctl('nmb', 'restart')
except Exception as e:
e_msg = ('Failed to leave AD domain(%s). Error: %s' %
(config.get('domain'), e.__str__()))
handle_exception(Exception(e_msg), request)
return Response()
def post(self, request, command):
with self._handle_exception(request):
method = "sssd"
service = Service.objects.get(name="active-directory")
if command == "config":
config = request.data.get("config")
self._validate_config(config, request)
# 1. Name resolution check
self._resolve_check(config.get("domain"), request)
# 2. realm discover check?
domain = config.get("domain")
try:
cmd = [REALM, "discover", "--name-only", domain]
o, e, rc = run_command(cmd)
except Exception as e:
e_msg = ("Failed to discover the given({}) AD domain. "
"Error: {}".format(domain, e.__str__()))
handle_exception(Exception(e_msg), request)
# Would be required only if method == "winbind":
# validate_idmap_range(config)
self._save_config(service, config)
elif command == "start":
config = self._config(service, request)
domain = config.get("domain")
# 1. make sure ntpd is running, or else, don't start.
self._ntp_check(request)
# 2. Name resolution check?
self._resolve_check(config.get("domain"), request)
# 3. Get current Samba config
smbo = Service.objects.get(name="smb")
smb_config = self._get_config(smbo)
if method == "winbind":
cmd = [
"/usr/sbin/authconfig",
]
# nss
cmd += [
"--enablewinbind",
"--enablewins",
]
# pam
cmd += [
"--enablewinbindauth",
]
# smb
cmd += [
"--smbsecurity",
"ads",
"--smbrealm",
domain.upper(),
]
# kerberos
cmd += [
"--krb5realm=%s" % domain.upper(),
]
# winbind
cmd += [
"--enablewinbindoffline",
"--enablewinbindkrb5",
"--winbindtemplateshell=/bin/sh",
]
# general
cmd += [
"--update",
"--enablelocauthorize",
]
run_command(cmd)
config["workgroup"] = domain_workgroup(domain, method=method)
self._save_config(service, config)
update_global_config(smb_config, config)
join_domain(config, method=method)
# Customize SSSD config
if (method == "sssd"
and (config.get("enumerate")
or config.get("case_sensitive")) is True):
sssd_update_ad(domain, config)
# Update nsswitch.conf
update_nss(["passwd", "group"], "sss")
systemctl("smb", "restart")
systemctl("nmb", "restart")
# The winbind service is required only for id mapping while
# accessing samba shares hosted by Rockstor
systemctl("winbind", "enable")
systemctl("winbind", "start")
elif command == "stop":
config = self._config(service, request)
try:
leave_domain(config, method=method)
smbo = Service.objects.get(name="smb")
smb_config = self._get_config(smbo)
update_global_config(smb_config)
systemctl("smb", "restart")
systemctl("nmb", "restart")
systemctl("winbind", "stop")
systemctl("winbind", "disable")
update_nss(["passwd", "group"], "sss", remove=True)
except Exception as e:
e_msg = "Failed to leave AD domain({}). Error: {}".format(
config.get("domain"),
e.__str__(),
)
handle_exception(Exception(e_msg), request)
return Response()
def post(self, request, command):
with self._handle_exception(request):
method = "sssd"
service = Service.objects.get(name="active-directory")
if command == "config":
config = request.data.get("config")
self._validate_config(config, request)
# 1. Name resolution check
self._resolve_check(config.get("domain"), request)
# 2. realm discover check?
domain = config.get("domain")
try:
cmd = [REALM, "discover", "--name-only", domain]
o, e, rc = run_command(cmd)
except Exception as e:
e_msg = ("Failed to discover the given({}) AD domain. "
"Error: {}".format(domain, e.__str__()))
handle_exception(Exception(e_msg), request)
# Would be required only if method == "winbind":
# validate_idmap_range(config)
self._save_config(service, config)
elif command == "start":
config = self._config(service, request)
domain = config.get("domain")
# 1. make sure ntpd is running, or else, don't start.
self._ntp_check(request)
# 2. Name resolution check?
self._resolve_check(config.get("domain"), request)
if method == "winbind":
cmd = [
"/usr/sbin/authconfig",
]
# nss
cmd += [
"--enablewinbind",
"--enablewins",
]
# pam
cmd += [
"--enablewinbindauth",
]
# smb
cmd += [
"--smbsecurity",
"ads",
"--smbrealm",
domain.upper(),
]
# kerberos
cmd += [
"--krb5realm=%s" % domain.upper(),
]
# winbind
cmd += [
"--enablewinbindoffline",
"--enablewinbindkrb5",
"--winbindtemplateshell=/bin/sh",
]
# general
cmd += [
"--update",
"--enablelocauthorize",
]
run_command(cmd)
# 3. Get WORKGROUP from AD server
config["workgroup"] = domain_workgroup(domain, method=method)
# 4. Update Samba config
smbo = Service.objects.get(name="smb")
# smb_config = self._get_config(smbo)
try:
smb_config = self._get_config(smbo)
if smb_config["workgroup"] != config["workgroup"]:
# the current Samba workgroup is different than what
# we need so stop here and alert the user
err_msg = (
"The AD domain workgroup differs from the workgroup "
"currently defined in the Samba configuration:\n"
"AD domain workgroup: {}\n"
"Samba workgroup: {}\n"
"Ensure the Samba workgroup matches the AD domain "
"workgroup and try again.".format(
config["workgroup"], smb_config["workgroup"]))
raise Exception(err_msg)
except TypeError:
# Samba service is not configured, so let's do that now
smb_config = {}
smb_config["workgroup"] = config["workgroup"]
self._save_config(smbo, smb_config)
# finally:
# # Set Samba WORKGROUP as AD REALM and save entry to Model
update_global_config(smb_config, config)
# 5. Save final Active_Directory service config and join AD
self._save_config(service, config)
join_domain(config, method=method)
# Customize SSSD config
if (method == "sssd"
and (config.get("enumerate")
or config.get("case_sensitive")) is True):
sssd_update_ad(domain, config)
# Update nsswitch.conf
update_nss(["passwd", "group"], "sss")
systemctl("smb", "restart")
systemctl("nmb", "restart")
# The winbind service is required only for id mapping while
# accessing samba shares hosted by Rockstor
systemctl("winbind", "enable")
systemctl("winbind", "start")
elif command == "stop":
config = self._config(service, request)
try:
leave_domain(config, method=method)
smbo = Service.objects.get(name="smb")
smb_config = self._get_config(smbo)
update_global_config(smb_config)
systemctl("smb", "restart")
systemctl("nmb", "restart")
systemctl("winbind", "stop")
systemctl("winbind", "disable")
update_nss(["passwd", "group"], "sss", remove=True)
except Exception as e:
e_msg = "Failed to leave AD domain({}). Error: {}".format(
config.get("domain"),
e.__str__(),
)
handle_exception(Exception(e_msg), request)
return Response()
def post(self, request, command):
with self._handle_exception(request):
method = 'winbind'
service = Service.objects.get(name='active-directory')
if (command == 'config'):
config = request.data.get('config')
self._validate_config(config, request)
# 1. Name resolution check
self._resolve_check(config.get('domain'), request)
# 2. realm discover check?
# @todo: phase our realm and just use net?
domain = config.get('domain')
try:
cmd = ['realm', 'discover', '--name-only', domain]
o, e, rc = run_command(cmd)
except Exception as e:
e_msg = ('Failed to discover the given(%s) AD domain. '
'Error: %s' % (domain, e.__str__()))
handle_exception(Exception(e_msg), request)
default_range = '10000 - 999999'
idmap_range = config.get('idmap_range', '10000 - 999999')
idmap_range = idmap_range.strip()
if (len(idmap_range) > 0):
rfields = idmap_range.split()
if (len(rfields) != 3):
raise Exception('Invalid idmap range. valid format is '
'two integers separated by a -. eg: '
'10000 - 999999')
try:
rlow = int(rfields[0].strip())
rhigh = int(rfields[2].strip())
except Exception as e:
raise Exception('Invalid idmap range. Numbers in the '
'range must be valid integers. '
'Error: %s.' % e.__str__())
if (rlow >= rhigh):
raise Exception('Invalid idmap range. Numbers in the '
'range must go from low to high. eg: '
'10000 - 999999')
else:
config['idmap_range'] = default_range
self._save_config(service, config)
elif (command == 'start'):
config = self._config(service, request)
smbo = Service.objects.get(name='smb')
smb_config = self._get_config(smbo)
domain = config.get('domain')
# 1. make sure ntpd is running, or else, don't start.
self._ntp_check(request)
# 2. Name resolution check?
self._resolve_check(config.get('domain'), request)
if (method == 'winbind'):
cmd = ['/usr/sbin/authconfig', ]
# nss
cmd += ['--enablewinbind', '--enablewins', ]
# pam
cmd += ['--enablewinbindauth', ]
# smb
cmd += ['--smbsecurity', 'ads', '--smbrealm',
domain.upper(), ]
# kerberos
cmd += ['--krb5realm=%s' % domain.upper(), ]
# winbind
cmd += ['--enablewinbindoffline', '--enablewinbindkrb5',
'--winbindtemplateshell=/bin/sh', ]
# general
cmd += ['--update', '--enablelocauthorize', ]
run_command(cmd)
config['workgroup'] = self._domain_workgroup(domain,
method=method)
self._save_config(service, config)
update_global_config(smb_config, config)
self._join_domain(config, method=method)
if (method == 'sssd' and config.get('enumerate') is True):
self._update_sssd(domain)
if (method == 'winbind'):
systemctl('winbind', 'enable')
systemctl('winbind', 'start')
systemctl('smb', 'restart')
systemctl('nmb', 'restart')
elif (command == 'stop'):
config = self._config(service, request)
try:
self._leave_domain(config, method=method)
smbo = Service.objects.get(name='smb')
smb_config = self._get_config(smbo)
update_global_config(smb_config)
systemctl('smb', 'restart')
systemctl('nmb', 'restart')
except Exception as e:
e_msg = ('Failed to leave AD domain(%s). Error: %s' %
(config.get('domain'), e.__str__()))
handle_exception(Exception(e_msg), request)
return Response()
cmd += ['--enablewinbind', '--enablewins',]
#pam
cmd += ['--enablewinbindauth',]
#smb
cmd += ['--smbsecurity', 'ads', '--smbrealm', domain.upper(),]
#kerberos
cmd += ['--krb5realm=%s' % domain.upper(),]
#winbind
cmd += ['--enablewinbindoffline', '--enablewinbindkrb5',
'--winbindtemplateshell=/bin/sh',]
#general
cmd += ['--update', '--enablelocauthorize',]
run_command(cmd)
config['workgroup'] = self._domain_workgroup(domain, method=method)
self._save_config(service, config)
update_global_config(smb_config, config)
self._join_domain(config, method=method)
if (method == 'sssd' and config.get('enumerate') is True):
self._update_sssd(domain)
if (method == 'winbind'):
systemctl('winbind', 'enable')
systemctl('winbind', 'start')
systemctl('smb', 'restart')
systemctl('nmb', 'restart')
elif (command == 'stop'):
config = self._config(service, request)
try:
self._leave_domain(config, method=method)
smbo = Service.objects.get(name='smb')
#2. Name resolution check?
self._resolve_check(config.get('domain'), request)
try:
#4. realmd stuff
self._join_domain(config)
if (config.get('enumerate') is True):
self._update_sssd(domain)
except Exception, e:
e_msg = ('Failed to join AD domain(%s). Error: %s' %
(config.get('domain'), e.__str__()))
handle_exception(Exception(e_msg), request)
workgroup = self._domain_workgroup(domain)
so = Service.objects.get(name='smb')
so.config = json.dumps({'workgroup': workgroup})
so.save()
update_global_config(workgroup, domain)
elif (command == 'stop'):
config = self._config(service, request)
try:
self._leave_domain(config)
except Exception, e:
e_msg = ('Failed to leave AD domain(%s). Error: %s' %
(config.get('domain'), e.__str__()))
handle_exception(Exception(e_msg), request)
return Response()
#nss
cmd += ['--enablewinbind', '--enablewins',]
#pam
cmd += ['--enablewinbindauth',]
#smb
cmd += ['--smbsecurity', 'ads', '--smbrealm', domain.upper(),]
#kerberos
cmd += ['--krb5realm=%s' % domain.upper(),]
#winbind
cmd += ['--enablewinbindoffline', '--enablewinbindkrb5',
'--winbindtemplateshell=/bin/sh',]
#general
cmd += ['--update', '--enablelocauthorize',]
run_command(cmd)
config['workgroup'] = self._domain_workgroup(domain, method=method)
update_global_config(smb_config, config)
self._join_domain(config, method=method)
if (method == 'sssd' and config.get('enumerate') is True):
self._update_sssd(domain)
if (method == 'winbind'):
systemctl('winbind', 'enable')
systemctl('winbind', 'start')
systemctl('smb', 'restart')
systemctl('nmb', 'restart')
elif (command == 'stop'):
config = self._config(service, request)
try:
self._leave_domain(config, method=method)
smbo = Service.objects.get(name='smb')