Пример #1
0
def join_subdomain(server=None, creds=None, lp=None, site=None, netbios_name=None,
                   targetdir=None, parent_domain=None, dnsdomain=None, netbios_domain=None):
    """join as a DC"""
    ctx = dc_join(server, creds, lp, site, netbios_name, targetdir, parent_domain)
    ctx.subdomain = True
    ctx.parent_domain_name = ctx.domain_name
    ctx.domain_name = netbios_domain
    ctx.realm = dnsdomain
    ctx.parent_dnsdomain = ctx.dnsdomain
    ctx.parent_partition_dn = ctx.get_parent_partition_dn()
    ctx.dnsdomain = dnsdomain
    ctx.partition_dn = "CN=%s,CN=Partitions,%s" % (ctx.domain_name, ctx.config_dn)
    ctx.base_dn = samba.dn_from_dns_name(dnsdomain)
    ctx.domsid = str(security.random_sid())
    ctx.acct_dn = None
    ctx.dnshostname = "%s.%s" % (ctx.myname, ctx.dnsdomain)
    ctx.trustdom_pass = samba.generate_random_password(128, 128)

    ctx.userAccountControl = samba.dsdb.UF_SERVER_TRUST_ACCOUNT | samba.dsdb.UF_TRUSTED_FOR_DELEGATION

    ctx.SPNs.append('E3514235-4B06-11D1-AB04-00C04FC2DCD2/$NTDSGUID/%s' % ctx.dnsdomain)
    ctx.secure_channel_type = misc.SEC_CHAN_BDC

    ctx.replica_flags = (drsuapi.DRSUAPI_DRS_WRIT_REP |
                         drsuapi.DRSUAPI_DRS_INIT_SYNC |
                         drsuapi.DRSUAPI_DRS_PER_SYNC |
                         drsuapi.DRSUAPI_DRS_FULL_SYNC_IN_PROGRESS |
                         drsuapi.DRSUAPI_DRS_NEVER_SYNCED)
    ctx.domain_replica_flags = ctx.replica_flags

    ctx.do_join()
    print "Created domain %s (SID %s) as a DC" % (ctx.domain_name, ctx.domsid)
Пример #2
0
    def setUp(self):
        super(SamDBTestCase, self).setUp()
        invocationid = str(uuid.uuid4())
        domaindn = "DC=COM,DC=EXAMPLE"
        self.domaindn = domaindn
        configdn = "CN=Configuration," + domaindn
        schemadn = "CN=Schema," + configdn
        domainguid = str(uuid.uuid4())
        policyguid = str(uuid.uuid4())
        domainsid = security.random_sid()
        hostguid = str(uuid.uuid4())
        path = os.path.join(self.tempdir, "samdb.ldb")
        session_info = system_session()

        hostname = "foo"
        domain = "EXAMPLE"
        dnsdomain = "example.com"
        serverrole = "domain controller"

        smbconf = os.path.join(self.tempdir, "smb.conf")
        make_smbconf(smbconf, self.setup_path, hostname, domain, dnsdomain,
                     serverrole, self.tempdir)

        self.lp = param.LoadParm()
        self.lp.load(smbconf)

        names = guess_names(lp=self.lp,
                            hostname=hostname,
                            domain=domain,
                            dnsdomain=dnsdomain,
                            serverrole=serverrole,
                            domaindn=self.domaindn,
                            configdn=configdn,
                            schemadn=schemadn)

        paths = provision_paths_from_lp(self.lp, names.dnsdomain)

        provision_backend = ProvisionBackend("ldb",
                                             backend_type,
                                             paths=paths,
                                             setup_path=self.setup_path,
                                             lp=self.lp,
                                             credentials=None,
                                             names=names,
                                             message=message,
                                             hostname=hostname,
                                             root=root,
                                             schema=schema,
                                             domainsid=domainsid)

        self.samdb = setup_samdb(path, self.setup_path, session_info,
                                 provision_backend, self.lp, names,
                                 lambda x: None, domainsid, domainguid,
                                 policyguid, False, "secret", "secret",
                                 "secret", invocationid, "secret",
                                 "domain controller")
Пример #3
0
def join_subdomain(server=None,
                   creds=None,
                   lp=None,
                   site=None,
                   netbios_name=None,
                   targetdir=None,
                   parent_domain=None,
                   dnsdomain=None,
                   netbios_domain=None,
                   machinepass=None):
    """join as a DC"""
    ctx = dc_join(server, creds, lp, site, netbios_name, targetdir,
                  parent_domain, machinepass)
    ctx.subdomain = True
    ctx.parent_domain_name = ctx.domain_name
    ctx.domain_name = netbios_domain
    ctx.realm = dnsdomain
    ctx.parent_dnsdomain = ctx.dnsdomain
    ctx.parent_partition_dn = ctx.get_parent_partition_dn()
    ctx.dnsdomain = dnsdomain
    ctx.partition_dn = "CN=%s,CN=Partitions,%s" % (ctx.domain_name,
                                                   ctx.config_dn)
    ctx.naming_master = ctx.get_naming_master()
    if ctx.naming_master != ctx.server:
        print("Reconnecting to naming master %s" % ctx.naming_master)
        ctx.server = ctx.naming_master
        ctx.samdb = SamDB(url="ldap://%s" % ctx.server,
                          session_info=system_session(),
                          credentials=ctx.creds,
                          lp=ctx.lp)

    ctx.base_dn = samba.dn_from_dns_name(dnsdomain)
    ctx.domsid = str(security.random_sid())
    ctx.acct_dn = None
    ctx.dnshostname = "%s.%s" % (ctx.myname, ctx.dnsdomain)
    ctx.trustdom_pass = samba.generate_random_password(128, 128)

    ctx.userAccountControl = samba.dsdb.UF_SERVER_TRUST_ACCOUNT | samba.dsdb.UF_TRUSTED_FOR_DELEGATION

    ctx.SPNs.append('E3514235-4B06-11D1-AB04-00C04FC2DCD2/$NTDSGUID/%s' %
                    ctx.dnsdomain)
    ctx.secure_channel_type = misc.SEC_CHAN_BDC

    ctx.replica_flags = (drsuapi.DRSUAPI_DRS_WRIT_REP
                         | drsuapi.DRSUAPI_DRS_INIT_SYNC
                         | drsuapi.DRSUAPI_DRS_PER_SYNC
                         | drsuapi.DRSUAPI_DRS_FULL_SYNC_IN_PROGRESS
                         | drsuapi.DRSUAPI_DRS_NEVER_SYNCED)
    ctx.domain_replica_flags = ctx.replica_flags

    ctx.do_join()
    print "Created domain %s (SID %s) as a DC" % (ctx.domain_name, ctx.domsid)
Пример #4
0
    def setUp(self):
        super(SamDBTestCase, self).setUp()
        invocationid = str(uuid.uuid4())
        domaindn = "DC=COM,DC=EXAMPLE"
        self.domaindn = domaindn
        configdn = "CN=Configuration," + domaindn
        schemadn = "CN=Schema," + configdn
        domainguid = str(uuid.uuid4())
        policyguid = DEFAULT_POLICY_GUID
        domainsid = security.random_sid()
        path = os.path.join(self.tempdir, "samdb.ldb")
        session_info = system_session()
        
        hostname="foo"
        domain="EXAMPLE"
        dnsdomain="example.com" 
        serverrole="domain controller"
        policyguid_dc = DEFAULT_DC_POLICY_GUID

        smbconf = os.path.join(self.tempdir, "smb.conf")
        make_smbconf(smbconf, hostname, domain, dnsdomain,
                     serverrole, self.tempdir)

        self.lp = param.LoadParm()
        self.lp.load(smbconf)

        names = guess_names(lp=self.lp, hostname=hostname, 
                            domain=domain, dnsdomain=dnsdomain, 
                            serverrole=serverrole, 
                            domaindn=self.domaindn, configdn=configdn, 
                            schemadn=schemadn)

        paths = provision_paths_from_lp(self.lp, names.dnsdomain)

        logger = logging.getLogger("provision")

        provision_backend = ProvisionBackend("ldb", paths=paths,
                lp=self.lp, credentials=None,
                names=names, logger=logger)

        schema = Schema(domainsid, invocationid=invocationid,
                schemadn=names.schemadn, serverdn=names.serverdn,
                am_rodc=False)

        self.samdb = setup_samdb(path, session_info,
                provision_backend, self.lp, names, logger,
                domainsid, domainguid, policyguid, policyguid_dc, False,
                "secret", "secret", "secret", invocationid, "secret",
                None, "domain controller", schema=schema)
Пример #5
0
    def setUp(self):
        super(SamDBTestCase, self).setUp()
        invocationid = str(uuid.uuid4())
        domaindn = "DC=COM,DC=EXAMPLE"
        self.domaindn = domaindn
        configdn = "CN=Configuration," + domaindn
        schemadn = "CN=Schema," + configdn
        domainguid = str(uuid.uuid4())
        policyguid = str(uuid.uuid4())
        creds = Credentials()
        creds.set_anonymous()
        domainsid = security.random_sid()
        hostguid = str(uuid.uuid4())
        path = os.path.join(self.tempdir, "samdb.ldb")
        session_info = system_session()

        hostname = "foo"
        domain = "EXAMPLE"
        dnsdomain = "example.com"
        serverrole = "domain controller"

        smbconf = os.path.join(self.tempdir, "smb.conf")
        make_smbconf(smbconf, self.setup_path, hostname, domain, dnsdomain,
                     serverrole, self.tempdir)

        self.lp = param.LoadParm()
        self.lp.load(smbconf)

        names = guess_names(lp=self.lp,
                            hostname=hostname,
                            domain=domain,
                            dnsdomain=dnsdomain,
                            serverrole=serverrole,
                            domaindn=self.domaindn,
                            configdn=configdn,
                            schemadn=schemadn)
        setup_templatesdb(os.path.join(self.tempdir, "templates.ldb"),
                          self.setup_path,
                          session_info=session_info,
                          lp=self.lp)
        self.samdb = setup_samdb(path, self.setup_path, session_info, creds,
                                 self.lp, names, lambda x: None, domainsid,
                                 domainguid, policyguid, False, "secret",
                                 "secret", "secret", invocationid, "secret",
                                 "domain controller")
Пример #6
0
    def setUp(self):
        super(SamDBTestCase, self).setUp()
        invocationid = str(uuid.uuid4())
        domaindn = "DC=COM,DC=EXAMPLE"
        self.domaindn = domaindn
        configdn = "CN=Configuration," + domaindn
        schemadn = "CN=Schema," + configdn
        domainguid = str(uuid.uuid4())
        policyguid = str(uuid.uuid4())
        creds = Credentials()
        creds.set_anonymous()
        domainsid = security.random_sid()
        hostguid = str(uuid.uuid4())
        path = os.path.join(self.tempdir, "samdb.ldb")
        session_info = system_session()
        
        hostname="foo"
        domain="EXAMPLE"
        dnsdomain="example.com" 
        serverrole="domain controller"

        smbconf = os.path.join(self.tempdir, "smb.conf")
        make_smbconf(smbconf, self.setup_path, hostname, domain, dnsdomain, 
                     serverrole, self.tempdir)

        self.lp = param.LoadParm()
        self.lp.load(smbconf)

        names = guess_names(lp=self.lp, hostname=hostname, 
                            domain=domain, dnsdomain=dnsdomain, 
                            serverrole=serverrole, 
                            domaindn=self.domaindn, configdn=configdn, 
                            schemadn=schemadn)
        setup_templatesdb(os.path.join(self.tempdir, "templates.ldb"), 
                          self.setup_path, session_info=session_info, 
                          credentials=creds, lp=self.lp)
        self.samdb = setup_samdb(path, self.setup_path, session_info, creds, 
                                 self.lp, names, 
                                 lambda x: None, domainsid, 
                                 "# no aci", domainguid, 
                                 policyguid, False, "secret", 
                                 "secret", "secret", invocationid, 
                                 "secret", "domain controller")
Пример #7
0
def join_subdomain(server=None, creds=None, lp=None, site=None,
        netbios_name=None, targetdir=None, parent_domain=None, dnsdomain=None,
        netbios_domain=None, machinepass=None, use_ntvfs=False,
        dns_backend=None):
    """Join as a DC."""
    ctx = dc_join(server, creds, lp, site, netbios_name, targetdir, parent_domain,
                  machinepass, use_ntvfs, dns_backend)
    ctx.subdomain = True
    ctx.parent_domain_name = ctx.domain_name
    ctx.domain_name = netbios_domain
    ctx.realm = dnsdomain
    ctx.parent_dnsdomain = ctx.dnsdomain
    ctx.parent_partition_dn = ctx.get_parent_partition_dn()
    ctx.dnsdomain = dnsdomain
    ctx.partition_dn = "CN=%s,CN=Partitions,%s" % (ctx.domain_name, ctx.config_dn)
    ctx.naming_master = ctx.get_naming_master()
    if ctx.naming_master != ctx.server:
        print("Reconnecting to naming master %s" % ctx.naming_master)
        ctx.server = ctx.naming_master
        ctx.samdb = SamDB(url="ldap://%s" % ctx.server,
                          session_info=system_session(),
                          credentials=ctx.creds, lp=ctx.lp)

    ctx.base_dn = samba.dn_from_dns_name(dnsdomain)
    ctx.domsid = str(security.random_sid())
    ctx.acct_dn = None
    ctx.dnshostname = "%s.%s" % (ctx.myname, ctx.dnsdomain)
    ctx.trustdom_pass = samba.generate_random_password(128, 128)

    ctx.userAccountControl = samba.dsdb.UF_SERVER_TRUST_ACCOUNT | samba.dsdb.UF_TRUSTED_FOR_DELEGATION

    ctx.SPNs.append('E3514235-4B06-11D1-AB04-00C04FC2DCD2/$NTDSGUID/%s' % ctx.dnsdomain)
    ctx.secure_channel_type = misc.SEC_CHAN_BDC

    ctx.replica_flags = (drsuapi.DRSUAPI_DRS_WRIT_REP |
                         drsuapi.DRSUAPI_DRS_INIT_SYNC |
                         drsuapi.DRSUAPI_DRS_PER_SYNC |
                         drsuapi.DRSUAPI_DRS_FULL_SYNC_IN_PROGRESS |
                         drsuapi.DRSUAPI_DRS_NEVER_SYNCED)
    ctx.domain_replica_flags = ctx.replica_flags

    ctx.do_join()
    print "Created domain %s (SID %s) as a DC" % (ctx.domain_name, ctx.domsid)
Пример #8
0
def ldb_with_schema(schemadn="cn=schema,cn=configuration,dc=example,dc=com",
                    domainsid=None,
                    override_prefixmap=None):
    """Load schema for the SamDB from the AD schema files and samba4_schema.ldif

    :param schemadn: DN of the schema
    :param serverdn: DN of the server

    Returns the schema data loaded as an object, with .ldb being a
    new ldb with the schema loaded.  This allows certain tests to
    operate without a remote or local schema.
    """

    if domainsid is None:
        domainsid = security.random_sid()
    else:
        domainsid = security.dom_sid(domainsid)
    return Schema(domainsid, schemadn=schemadn,
        override_prefixmap=override_prefixmap)
Пример #9
0
def ldb_with_schema(schemadn="cn=schema,cn=configuration,dc=example,dc=com",
                    domainsid=None,
                    override_prefixmap=None):
    """Load schema for the SamDB from the AD schema files and samba4_schema.ldif

    :param schemadn: DN of the schema
    :param serverdn: DN of the server

    Returns the schema data loaded as an object, with .ldb being a
    new ldb with the schema loaded.  This allows certain tests to
    operate without a remote or local schema.
    """

    if domainsid is None:
        domainsid = security.random_sid()
    else:
        domainsid = security.dom_sid(domainsid)
    return Schema(domainsid, schemadn=schemadn,
        override_prefixmap=override_prefixmap)
Пример #10
0
def ldb_with_schema(setup_dir=None, schemadn="cn=schema,cn=configuration,dc=example,dc=com", 
                    serverdn="cn=server,cn=servers,cn=default-first-site-name,cn=sites,cn=cn=configuration,dc=example,dc=com",
                    domainsid=None):
    """Load schema for the SamDB from the AD schema files and samba4_schema.ldif
    
    :param setup_dir: Setup path
    :param schemadn: DN of the schema
    :param serverdn: DN of the server
    
    Returns the schema data loaded as an object, with .ldb being a
    new ldb with the schema loaded.  This allows certain tests to
    operate without a remote or local schema.
    """
    
    def setup_path(file):
        return os.path.join(setup_dir, file)

    if domainsid is None:
        domainsid = security.random_sid()
    else:
        domainsid = security.dom_sid(domainsid)
    return Schema(setup_path, domainsid, schemadn=schemadn, serverdn=serverdn)
Пример #11
0
def ldb_with_schema(
        setup_dir=None,
        schemadn="cn=schema,cn=configuration,dc=example,dc=com",
        serverdn="cn=server,cn=servers,cn=default-first-site-name,cn=sites,cn=cn=configuration,dc=example,dc=com",
        domainsid=None):
    """Load schema for the SamDB from the AD schema files and samba4_schema.ldif
    
    :param setup_dir: Setup path
    :param schemadn: DN of the schema
    :param serverdn: DN of the server
    
    Returns the schema data loaded as an object, with .ldb being a
    new ldb with the schema loaded.  This allows certain tests to
    operate without a remote or local schema.
    """
    def setup_path(file):
        return os.path.join(setup_dir, file)

    if domainsid is None:
        domainsid = security.random_sid()
    else:
        domainsid = security.dom_sid(domainsid)
    return Schema(setup_path, domainsid, schemadn=schemadn, serverdn=serverdn)
Пример #12
0
 def test_repr(self):
     sid = security.random_sid()
     self.assertTrue(repr(sid).startswith("dom_sid('S-1-5-21-"))
Пример #13
0
 def test_repr(self):
     sid = security.random_sid()
     self.assertTrue(repr(sid).startswith("dom_sid('S-1-5-21-"))
Пример #14
0
 def test_random(self):
     sid = security.random_sid()
     self.assertTrue(str(sid).startswith("S-1-5-21-"))
Пример #15
0
    def setUp(self):
        super(SamDBTestCase, self).setUp()
        invocationid = str(uuid.uuid4())
        domaindn = "DC=COM,DC=EXAMPLE"
        self.domaindn = domaindn
        configdn = "CN=Configuration," + domaindn
        schemadn = "CN=Schema," + configdn
        domainguid = str(uuid.uuid4())
        policyguid = DEFAULT_POLICY_GUID
        domainsid = security.random_sid()
        path = os.path.join(self.tempdir, "samdb.ldb")
        session_info = system_session()

        hostname = "foo"
        domain = "EXAMPLE"
        dnsdomain = "example.com"
        serverrole = "domain controller"
        policyguid_dc = DEFAULT_DC_POLICY_GUID

        smbconf = os.path.join(self.tempdir, "smb.conf")
        make_smbconf(smbconf, hostname, domain, dnsdomain, serverrole,
                     self.tempdir)

        self.lp = param.LoadParm()
        self.lp.load(smbconf)

        names = guess_names(lp=self.lp,
                            hostname=hostname,
                            domain=domain,
                            dnsdomain=dnsdomain,
                            serverrole=serverrole,
                            domaindn=self.domaindn,
                            configdn=configdn,
                            schemadn=schemadn)

        paths = provision_paths_from_lp(self.lp, names.dnsdomain)

        logger = logging.getLogger("provision")

        provision_backend = ProvisionBackend("ldb",
                                             paths=paths,
                                             lp=self.lp,
                                             credentials=None,
                                             names=names,
                                             logger=logger)

        schema = Schema(domainsid,
                        invocationid=invocationid,
                        schemadn=names.schemadn,
                        serverdn=names.serverdn,
                        am_rodc=False)

        self.samdb = setup_samdb(path,
                                 session_info,
                                 provision_backend,
                                 self.lp,
                                 names,
                                 logger,
                                 domainsid,
                                 domainguid,
                                 policyguid,
                                 policyguid_dc,
                                 False,
                                 "secret",
                                 "secret",
                                 "secret",
                                 invocationid,
                                 "secret",
                                 None,
                                 "domain controller",
                                 schema=schema)
Пример #16
0
 def test_random(self):
     sid = security.random_sid()
     self.assertTrue(str(sid).startswith("S-1-5-21-"))
Пример #17
0
    def setUp(self):
        super(SamDBTestCase, self).setUp()
        invocationid = str(uuid.uuid4())
        domaindn = "DC=COM,DC=EXAMPLE"
        self.domaindn = domaindn
        configdn = "CN=Configuration," + domaindn
        schemadn = "CN=Schema," + configdn
        domainguid = str(uuid.uuid4())
        policyguid = str(uuid.uuid4())
        domainsid = security.random_sid()
        hostguid = str(uuid.uuid4())
        path = os.path.join(self.tempdir, "samdb.ldb")
        session_info = system_session()

        hostname = "foo"
        domain = "EXAMPLE"
        dnsdomain = "example.com"
        serverrole = "domain controller"

        smbconf = os.path.join(self.tempdir, "smb.conf")
        make_smbconf(smbconf, self.setup_path, hostname, domain, dnsdomain, serverrole, self.tempdir)

        self.lp = param.LoadParm()
        self.lp.load(smbconf)

        names = guess_names(
            lp=self.lp,
            hostname=hostname,
            domain=domain,
            dnsdomain=dnsdomain,
            serverrole=serverrole,
            domaindn=self.domaindn,
            configdn=configdn,
            schemadn=schemadn,
        )

        paths = provision_paths_from_lp(self.lp, names.dnsdomain)

        provision_backend = ProvisionBackend(
            "ldb",
            backend_type,
            paths=paths,
            setup_path=self.setup_path,
            lp=self.lp,
            credentials=None,
            names=names,
            message=message,
            hostname=hostname,
            root=root,
            schema=schema,
            domainsid=domainsid,
        )

        self.samdb = setup_samdb(
            path,
            self.setup_path,
            session_info,
            provision_backend,
            self.lp,
            names,
            lambda x: None,
            domainsid,
            domainguid,
            policyguid,
            False,
            "secret",
            "secret",
            "secret",
            invocationid,
            "secret",
            "domain controller",
        )