creds.set_kerberos_state(DONT_USE_KERBEROS)
logger = self.get_logger()
- netlogon = lp.get("path", "netlogon")
sysvol = lp.get("path", "sysvol")
try:
samdb = SamDB(session_info=system_session(),
logger.warning("Please note that POSIX permissions have NOT been changed, only the stored NT ACL")
try:
- provision.setsysvolacl(samdb, netlogon, sysvol,
+ provision.setsysvolacl(samdb, sysvol,
LA_uid, BA_gid, domain_sid,
lp.get("realm").lower(), samdb.domain_dn(),
lp, use_ntvfs=use_ntvfs)
passdb=passdb)
-def setsysvolacl(samdb, netlogon, sysvol, uid, gid, domainsid, dnsdomain,
+def setsysvolacl(samdb, sysvol, uid, gid, domainsid, dnsdomain,
domaindn, lp, use_ntvfs):
"""Set the ACL for the sysvol share and the subfolders
:param samdb: An LDB object on the SAM db
- :param netlogon: Physical path for the netlogon folder
:param sysvol: Physical path for the sysvol folder
:param uid: The UID of the "Administrator" user
:param gid: The GID of the "Domain administrators" group
# Continue setting up sysvol for GPO. This appears to require being
# outside a transaction.
if not skip_sysvolacl:
- setsysvolacl(samdb, paths.netlogon, paths.sysvol, paths.root_uid,
+ setsysvolacl(samdb, paths.sysvol, paths.root_uid,
paths.root_gid, names.domainsid, names.dnsdomain,
names.domaindn, lp, use_ntvfs)
else:
logger.info("Administrator password has been set to password of user '%s'", admin_user)
if result.server_role == "active directory domain controller":
- setsysvolacl(result.samdb, result.paths.netlogon, result.paths.sysvol,
+ setsysvolacl(result.samdb, result.paths.sysvol,
result.paths.root_uid, result.paths.root_gid,
security.dom_sid(result.domainsid), result.names.dnsdomain,
result.names.domaindn, result.lp, use_ntvfs)
projects / thirdparty / samba.git / commitdiff
