From: Andrew Bartlett <abartlet@samba.org>
Date: Wed, 2 May 2012 06:05:25 +0000 (+1000)
Subject: s4-s3upgrade: Force ldapsam:trusted = yes
X-Git-Tag: samba-4.0.0alpha21~388
X-Git-Url: http://git.ipfire.org/gitweb.cgi?a=commitdiff_plain;h=a0a83802fbcb5e4d415315e4ea3a35db827785a3;p=thirdparty%2Fsamba.git

s4-s3upgrade: Force ldapsam:trusted = yes

While this setting is not the default in Samba3, any domain that is
in a suitable condition to upgrade to Samba4 should already be in the
layout that ldapsam:trusted uses.  It can be turned off by setting
ldapsam:trusted=false in the smb.conf.

Many upgrades to Samba4 happen on a different host to the old Samba3 domain
and this avoids the need to configure nss_ldap only for the duration of
the upgrade.

Andrew Bartlett
---

diff --git a/source4/scripting/python/samba/upgrade.py b/source4/scripting/python/samba/upgrade.py
index ce9683e1274..7d6930681fc 100644
--- a/source4/scripting/python/samba/upgrade.py
+++ b/source4/scripting/python/samba/upgrade.py
@@ -469,6 +469,9 @@ def upgrade_from_samba3(samba3, logger, targetdir, session_info=None, useeadb=Fa
     realm = samba3.lp.get("realm")
     netbiosname = samba3.lp.get("netbios name")
 
+    if samba3.lp.get("ldapsam:trusted") is None:
+        samba3.lp.set("ldapsam:trusted", "yes")
+
     # secrets db
     try:
         secrets_db = samba3.get_secrets_db()