samba-tool domain provision: Use "ad dc functional level" to control max functional...

author Joseph Sutton <josephsutton@catalyst.net.nz>

Wed, 10 May 2023 03:24:23 +0000 (15:24 +1200)

committer Andrew Bartlett <abartlet@samba.org>

Tue, 16 May 2023 23:29:32 +0000 (23:29 +0000)
author Joseph Sutton <josephsutton@catalyst.net.nz>
Wed, 10 May 2023 03:24:23 +0000 (15:24 +1200)
committer Andrew Bartlett <abartlet@samba.org>
Tue, 16 May 2023 23:29:32 +0000 (23:29 +0000)
diff --git a/python/samba/netcmd/domain/provision.py b/python/samba/netcmd/domain/provision.py

index 2e7fca9c0c9c5045690e53ba87a699041ec2ab14..9287ddb1051e2644d27690d87589bd86e91968bc 100644 (file)
--- a/python/samba/netcmd/domain/provision.py
+++ b/python/samba/netcmd/domain/provision.py
@@ -105,8 +105,8 @@ class cmd_domain_provision(Command):
                 help="The server role (domain controller | dc | member server | member | standalone). Default is dc.",
                 default="domain controller"),
          Option("--function-level", type="choice", metavar="FOR-FUN-LEVEL",
-               choices=["2000", "2003", "2008", "2008_R2"],
-               help="The domain and forest function level (2000 | 2003 | 2008 | 2008_R2 - always native). Default is (Windows) 2008_R2 Native.",
+               choices=["2000", "2003", "2008", "2008_R2", "2016"],
+               help="The domain and forest function level (2000 | 2003 | 2008 | 2008_R2 - always native | 2016). Default is (Windows) 2008_R2 Native.",
                 default="2008_R2"),
          Option("--base-schema", type="choice", metavar="BASE-SCHEMA",
                 choices=["2008_R2", "2008_R2_old", "2012", "2012_R2", "2016", "2019"],
diff --git a/python/samba/provision/__init__.py b/python/samba/provision/__init__.py

index 8cb7e5554a0eaa288881c834f7a117b2c6f5dd00..f0898caa3db67d0c8a70ad0153d5c09a665a4664 100644 (file)
--- a/python/samba/provision/__init__.py
+++ b/python/samba/provision/__init__.py
@@ -126,6 +126,7 @@ from samba.samdb import SamDB
  from samba.dbchecker import dbcheck
  from samba.provision.kerberos import create_kdc_conf
  from samba.samdb import get_default_backend_store
+from samba import functional_level
  
  DEFAULT_POLICY_GUID = "31B2F340-016D-11D2-945F-00C04FB984F9"
  DEFAULT_DC_POLICY_GUID = "6AC1786C-016F-11D2-945F-00C04FB984F9"
@@ -1353,15 +1354,16 @@ def fill_samdb(samdb, lp, names, logger, policyguid,
              1000, 1000000000, 1000)
          raise ProvisioningError(error)
  
+    domainControllerFunctionality = functional_level.dc_level_from_lp(lp)
+
      # ATTENTION: Do NOT change these default values without discussion with the
      # team and/or release manager. They have a big impact on the whole program!
-    domainControllerFunctionality = DS_DOMAIN_FUNCTION_2008_R2
-
      if dom_for_fun_level is None:
          dom_for_fun_level = DS_DOMAIN_FUNCTION_2008_R2
  
      if dom_for_fun_level > domainControllerFunctionality:
-        raise ProvisioningError("You want to run SAMBA 4 on a domain and forest function level which itself is higher than its actual DC function level (2008_R2). This won't work!")
+        level = functional_level.level_to_string(domainControllerFunctionality)
+        raise ProvisioningError(f"You want to run SAMBA 4 on a domain and forest function level which itself is higher than its actual DC function level ({level}). This won't work!")
  
      domainFunctionality = dom_for_fun_level
      forestFunctionality = dom_for_fun_level
author	Joseph Sutton <josephsutton@catalyst.net.nz>
	Wed, 10 May 2023 03:24:23 +0000 (15:24 +1200)
committer	Andrew Bartlett <abartlet@samba.org>
	Tue, 16 May 2023 23:29:32 +0000 (23:29 +0000)
python/samba/netcmd/domain/provision.py		patch \| blob \| blame \| history
python/samba/provision/__init__.py		patch \| blob \| blame \| history