summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorMatthias Dieter Wallnöfer <mdw@samba.org>2010-10-31 14:00:14 +0100
committerMatthias Dieter Wallnöfer <mdw@samba.org>2010-10-31 18:44:07 +0000
commit572774a7a0a1c646bc84d1310f5e8002a464216c (patch)
treedb3d341a45edbec9470ecb2dad0f318766e4d2dc
parent01e7cc607cfdfb3b0b17048a30b470ac990ba736 (diff)
downloadsamba-572774a7a0a1c646bc84d1310f5e8002a464216c.tar.gz
samba-572774a7a0a1c646bc84d1310f5e8002a464216c.tar.bz2
samba-572774a7a0a1c646bc84d1310f5e8002a464216c.zip
s4:provision - remove the "servicePrincipalName" creation on the DC object
This is now done by the "samba_spnupdate" script.
-rw-r--r--source4/scripting/python/samba/provision.py8
-rw-r--r--source4/setup/provision_self_join.ldif16
-rw-r--r--source4/setup/provision_self_join_modify.ldif3
3 files changed, 2 insertions, 25 deletions
diff --git a/source4/scripting/python/samba/provision.py b/source4/scripting/python/samba/provision.py
index 319b63debb..441c2b540b 100644
--- a/source4/scripting/python/samba/provision.py
+++ b/source4/scripting/python/samba/provision.py
@@ -954,14 +954,10 @@ def setup_self_join(samdb, names,
"SERVERDN": names.serverdn,
"INVOCATIONID": invocationid,
"NETBIOSNAME": names.netbiosname,
- "DEFAULTSITE": names.sitename,
"DNSNAME": "%s.%s" % (names.hostname, names.dnsdomain),
"MACHINEPASS_B64": b64encode(machinepass),
- "REALM": names.realm,
- "DOMAIN": names.domain,
"DOMAINSID": str(domainsid),
"DCRID": str(next_rid),
- "DNSDOMAIN": names.dnsdomain,
"SAMBA_VERSION_STRING": version,
"NTDSGUID": ntdsguid_line,
"DOMAIN_CONTROLLER_FUNCTIONALITY": str(domainControllerFunctionality)})
@@ -970,7 +966,6 @@ def setup_self_join(samdb, names,
"POLICYGUID": policyguid,
"POLICYGUID_DC": policyguid_dc,
"DNSDOMAIN": names.dnsdomain,
- "DOMAINSID": str(domainsid),
"DOMAINDN": names.domaindn})
# add the NTDSGUID based SPNs
@@ -981,15 +976,12 @@ def setup_self_join(samdb, names,
# Setup fSMORoleOwner entries to point at the newly created DC entry
setup_modify_ldif(samdb, setup_path("provision_self_join_modify.ldif"), {
- "DOMAIN": names.domain,
- "DNSDOMAIN": names.dnsdomain,
"DOMAINDN": names.domaindn,
"CONFIGDN": names.configdn,
"SCHEMADN": names.schemadn,
"DEFAULTSITE": names.sitename,
"SERVERDN": names.serverdn,
"NETBIOSNAME": names.netbiosname,
- "NTDSGUID": names.ntdsguid,
"RIDALLOCATIONSTART": str(next_rid + 100),
"RIDALLOCATIONEND": str(next_rid + 100 + 499),
})
diff --git a/source4/setup/provision_self_join.ldif b/source4/setup/provision_self_join.ldif
index 5f1a2f3e99..c1f553c851 100644
--- a/source4/setup/provision_self_join.ldif
+++ b/source4/setup/provision_self_join.ldif
@@ -15,20 +15,8 @@ localPolicyFlags: 0
operatingSystem: Samba
operatingSystemVersion: ${SAMBA_VERSION_STRING}
sAMAccountName: ${NETBIOSNAME}$
-# "servicePrincipalName"s for FRS and DFSR don't exit since we still miss DFRS support
-# "servicePrincipalName"s for DNS ("ldap/../ForestDnsZones",
-# "ldap/../DomainDnsZones", "DNS/..") don't exist since we don't support AD DNS
-servicePrincipalName: GC/${DNSNAME}/${REALM}
-servicePrincipalName: HOST/${DNSNAME}/${DOMAIN}
-servicePrincipalName: HOST/${NETBIOSNAME}
-servicePrincipalName: HOST/${DNSNAME}
-servicePrincipalName: HOST/${DNSNAME}/${REALM}
-# "servicePrincipalName"s with GUIDs are located in
-# "provision_self_join_modify.ldif"
-servicePrincipalName: ldap/${DNSNAME}/${DOMAIN}
-servicePrincipalName: ldap/${NETBIOSNAME}
-servicePrincipalName: ldap/${DNSNAME}
-servicePrincipalName: ldap/${DNSNAME}/${REALM}
+# The "servicePrincipalName" updates are now handled by the "samba_spnupdate"
+# script
userAccountControl: 532480
userPassword:: ${MACHINEPASS_B64}
objectSID: ${DOMAINSID}-${DCRID}
diff --git a/source4/setup/provision_self_join_modify.ldif b/source4/setup/provision_self_join_modify.ldif
index b667e5c40d..2fe5a43db6 100644
--- a/source4/setup/provision_self_join_modify.ldif
+++ b/source4/setup/provision_self_join_modify.ldif
@@ -38,8 +38,5 @@ rIDNextRID: ${RIDALLOCATIONSTART}
dn: CN=${NETBIOSNAME},OU=Domain Controllers,${DOMAINDN}
changetype: modify
-add: servicePrincipalName
-servicePrincipalName: E3514235-4B06-11D1-AB04-00C04FC2DCD2/${NTDSGUID}/${DNSDOMAIN}
-servicePrincipalName: ldap/${NTDSGUID}._msdcs.${DNSDOMAIN}
add: rIDSetReferences
rIDSetReferences: CN=RID Set,CN=${NETBIOSNAME},OU=Domain Controllers,${DOMAINDN}