def main():
smb_conf_path = "/usr/local/etc/smb4.conf"
smb4_tdb = []
smb4_conf = []
smb4_shares = []
backup_secrets_database()
smb4_setup()
old_samba4_datasets = get_old_samba4_datasets()
if migration_available(old_samba4_datasets):
do_migration(old_samba4_datasets)
role = get_server_role()
generate_smbusers()
generate_smb4_tdb(smb4_tdb)
generate_smb4_conf(smb4_conf, role)
generate_smb4_system_shares(smb4_shares)
generate_smb4_shares(smb4_shares)
if role == 'dc' and not Samba4().domain_provisioned():
provision_smb4()
with open(smb_conf_path, "w") as f:
for line in smb4_conf:
f.write(line + '\n')
for line in smb4_shares:
f.write(line + '\n')
smb4_set_SID()
if role == 'member' and smb4_ldap_enabled():
set_ldap_password()
backup_secrets_database()
if role != 'dc':
if not Samba4().users_imported():
smb4_import_users(
smb_conf_path,
smb4_tdb,
"/var/db/samba4/private/passdb.tdb"
)
smb4_grant_rights()
Samba4().user_import_sentinel_file_create()
smb4_map_groups()
if role == 'member' and activedirectory_enabled() and idmap_backend_rfc2307():
set_idmap_rfc2307_secret()
restore_secrets_database()
def delete(self, using=None, reload=True):
from freenasUI.services.models import CIFS
if self.bsdusr_builtin is True:
raise ValueError(_(
"User %s is built-in and can not be deleted!"
) % (self.bsdusr_username))
notifier().user_deleteuser(self.bsdusr_username.encode('utf-8'))
if domaincontroller_enabled():
Samba4().user_delete(self.bsdusr_username.encode('utf-8'))
try:
gobj = self.bsdusr_group
count = bsdGroupMembership.objects.filter(
bsdgrpmember_group=gobj).count()
count2 = bsdUsers.objects.filter(bsdusr_group=gobj).exclude(
id=self.id).count()
if not gobj.bsdgrp_builtin and count == 0 and count2 == 0:
gobj.delete(reload=False, pwdelete=False)
except:
pass
cifs = CIFS.objects.latest('id')
if cifs:
if cifs.cifs_srv_guest == self.bsdusr_username:
cifs.cifs_srv_guest = 'nobody'
cifs.save()
super(bsdUsers, self).delete(using)
if reload:
notifier().reload("user")
def smb4_import_groups():
s = Samba4()
groups = get_groups()
for g in groups:
s.group_add(g)
if groups[g]:
s.group_addmembers(g, groups[g])
def provision_smb4():
if not Samba4().domain_provision():
print >> sys.stderr, "Failed to provision domain"
return False
if not Samba4().disable_password_complexity():
print >> sys.stderr, "Failed to disable password complexity"
return False
if not Samba4().set_administrator_password():
print >> sys.stderr, "Failed to set administrator password"
return False
if not Samba4().sentinel_file_create():
return False
return True
def delete(self, using=None, reload=True):
if self.bsdgrp_builtin is True:
raise ValueError(
_("Group %s is built-in and can not be deleted!") %
(self.bsdgrp_group))
notifier().user_deletegroup(self.bsdgrp_group.encode('utf-8'))
if domaincontroller_enabled():
Samba4().group_delete(self.bsdgrp_group.encode('utf-8'))
super(bsdGroups, self).delete(using)
if reload:
notifier().reload("user")
def run(context):
global dispatcher
dispatcher = context.client
smb_conf_path = "/usr/local/etc/smb4.conf"
smb4_tdb = []
smb4_conf = []
smb4_shares = []
smb4_setup()
old_samba4_datasets = get_old_samba4_datasets()
if migration_available(old_samba4_datasets):
do_migration(old_samba4_datasets)
role = get_server_role()
generate_smb4_tdb(smb4_tdb)
generate_smb4_conf(smb4_conf, role)
generate_smb4_system_shares(smb4_shares)
generate_smb4_shares(smb4_shares)
if role == 'dc' and not Samba4().domain_provisioned():
provision_smb4()
with open(smb_conf_path, "w") as f:
for line in smb4_conf:
f.write(line + '\n')
for line in smb4_shares:
f.write(line + '\n')
f.close()
context.emit_event('etcd.file_generated', {
'filename': smb_conf_path
})
smb4_set_SID()
if role == 'member' and smb4_ldap_enabled():
set_ldap_password()
if role != 'dc':
smb4_import_users(smb_conf_path, smb4_tdb,
"/var/etc/private/passdb.tdb")
smb4_map_groups()
smb4_grant_rights()
if role == 'member' and activedirectory_enabled() and idmap_backend_rfc2307():
set_idmap_rfc2307_secret()
def main():
smb_conf_path = "/usr/local/etc/smb4.conf"
smb4_tdb = []
smb4_conf = []
smb4_shares = []
smb4_setup()
old_samba4_datasets = get_old_samba4_datasets()
if migration_available(old_samba4_datasets):
do_migration(old_samba4_datasets)
role = get_server_role()
generate_smb4_tdb(smb4_tdb)
generate_smb4_conf(smb4_conf, role)
generate_smb4_shares(smb4_shares)
if role == 'dc' and not Samba4().domain_provisioned():
provision_smb4()
with open(smb_conf_path, "w") as f:
for line in smb4_conf:
f.write(line + '\n')
for line in smb4_shares:
f.write(line + '\n')
f.close()
if role == 'member' and ldap_enabled():
set_ldap_password()
(fd, tmpfile) = tempfile.mkstemp(dir="/tmp")
for line in smb4_tdb:
os.write(fd, line + '\n')
os.close(fd)
if role == 'dc':
import_users(smb_conf_path, tmpfile)
smb4_import_groups()
else:
import_users(smb_conf_path, tmpfile,
"tdbsam:/var/etc/private/passdb.tdb")
smb4_map_groups()
os.unlink(tmpfile)
def delete(self, using=None, reload=True):
if self.bsdusr_builtin is True:
raise ValueError(
_("User %s is built-in and can not be deleted!") %
(self.bsdusr_username))
notifier().user_deleteuser(self.bsdusr_username.encode('utf-8'))
if domaincontroller_enabled():
Samba4().user_delete(self.bsdusr_username.encode('utf-8'))
try:
gobj = self.bsdusr_group
count = bsdGroupMembership.objects.filter(
bsdgrpmember_group=gobj).count()
count2 = bsdUsers.objects.filter(bsdusr_group=gobj).exclude(
id=self.id).count()
if not gobj.bsdgrp_builtin and count == 0 and count2 == 0:
gobj.delete(reload=False)
except:
pass
super(bsdUsers, self).delete(using)
if reload:
notifier().reload("user")
def samba4(self, name, args=None):
"""Temporary wrapper to use Samba4 over middlewared"""
if args is None:
args = []
return getattr(Samba4(), name)(*args)