diff options
author | Andrew Bartlett <abartlet@samba.org> | 2007-08-29 01:37:26 +0000 |
---|---|---|
committer | Gerald (Jerry) Carter <jerry@samba.org> | 2007-10-10 15:03:05 -0500 |
commit | f681306335eaf6b33d6fcaa70ac29a8cf1f5889f (patch) | |
tree | 37d1ad1d51f0eaed12d7f0c38ca3e71b6c5128d5 | |
parent | 748dcc33768e99dbf68838a49a0ac2f05272dd6a (diff) | |
download | samba-f681306335eaf6b33d6fcaa70ac29a8cf1f5889f.tar.gz samba-f681306335eaf6b33d6fcaa70ac29a8cf1f5889f.tar.bz2 samba-f681306335eaf6b33d6fcaa70ac29a8cf1f5889f.zip |
r24760: Ensure we base64 encode any password being put into LDIF, to avoid
provision failures when some of the random password values are illigal
LDIF.
Andrew Bartlett
(This used to be commit 876003f6c6466bfd37ec9b05c9a1f1cc83dd9898)
-rw-r--r-- | source4/scripting/libjs/provision.js | 7 | ||||
-rw-r--r-- | source4/setup/provision_self_join.ldif | 2 | ||||
-rw-r--r-- | source4/setup/provision_users.ldif | 6 | ||||
-rw-r--r-- | source4/setup/secrets.ldif | 4 |
4 files changed, 13 insertions, 6 deletions
diff --git a/source4/scripting/libjs/provision.js b/source4/scripting/libjs/provision.js index 57531a28b9..ca0fedf97b 100644 --- a/source4/scripting/libjs/provision.js +++ b/source4/scripting/libjs/provision.js @@ -449,6 +449,8 @@ function setup_name_mappings(info, ldb) function provision_fix_subobj(subobj, paths) { + var ldb = ldb_init(); + subobj.REALM = strupper(subobj.REALM); subobj.HOSTNAME = strlower(subobj.HOSTNAME); subobj.DOMAIN = strupper(subobj.DOMAIN); @@ -465,6 +467,11 @@ function provision_fix_subobj(subobj, paths) subobj.CONFIGDN = "CN=Configuration," + subobj.ROOTDN; subobj.SCHEMADN = "CN=Schema," + subobj.CONFIGDN; + subobj.MACHINEPASS_B64 = ldb.encode(subobj.MACHINEPASS); + subobj.KRBTGTPASS_B64 = ldb.encode(subobj.KRBTGTPASS); + subobj.ADMINPASS_B64 = ldb.encode(subobj.ADMINPASS); + subobj.DNSPASS_B64 = ldb.encode(subobj.DNSPASS); + var rdns = split(",", subobj.DOMAINDN); subobj.RDN_DC = substr(rdns[0], strlen("DC=")); diff --git a/source4/setup/provision_self_join.ldif b/source4/setup/provision_self_join.ldif index 25f9fab6d3..ff44a35f6d 100644 --- a/source4/setup/provision_self_join.ldif +++ b/source4/setup/provision_self_join.ldif @@ -13,7 +13,7 @@ operatingSystem: Samba operatingSystemVersion: 4.0 dNSHostName: ${DNSNAME} isCriticalSystemObject: TRUE -sambaPassword: ${MACHINEPASS} +sambaPassword:: ${MACHINEPASS_B64} servicePrincipalName: HOST/${DNSNAME} servicePrincipalName: HOST/${NETBIOSNAME} servicePrincipalName: HOST/${DNSNAME}/${REALM} diff --git a/source4/setup/provision_users.ldif b/source4/setup/provision_users.ldif index 60a26c1ebf..f6fbb0bd52 100644 --- a/source4/setup/provision_users.ldif +++ b/source4/setup/provision_users.ldif @@ -13,7 +13,7 @@ adminCount: 1 accountExpires: -1 sAMAccountName: Administrator isCriticalSystemObject: TRUE -sambaPassword: ${ADMINPASS} +sambaPassword:: ${ADMINPASS_B64} dn: CN=Guest,CN=Users,${DOMAINDN} objectClass: user @@ -203,7 +203,7 @@ sAMAccountName: krbtgt sAMAccountType: 805306368 servicePrincipalName: kadmin/changepw isCriticalSystemObject: TRUE -sambaPassword: ${KRBTGTPASS} +sambaPassword:: ${KRBTGTPASS_B64} dn: CN=dns,CN=Users,${DOMAINDN} objectClass: top @@ -219,7 +219,7 @@ sAMAccountName: dns sAMAccountType: 805306368 servicePrincipalName: DNS/${DNSDOMAIN} isCriticalSystemObject: TRUE -sambaPassword: ${DNSPASS} +sambaPassword:: ${DNSPASS_B64} dn: CN=Domain Computers,CN=Users,${DOMAINDN} objectClass: top diff --git a/source4/setup/secrets.ldif b/source4/setup/secrets.ldif index 8c61c06a54..80015b4b41 100644 --- a/source4/setup/secrets.ldif +++ b/source4/setup/secrets.ldif @@ -14,7 +14,7 @@ objectClass: primaryDomain objectClass: kerberosSecret flatname: ${DOMAIN} realm: ${REALM} -secret: ${MACHINEPASS} +secret:: ${MACHINEPASS_B64} secureChannelType: 6 sAMAccountName: ${NETBIOSNAME}$ whenCreated: ${LDAPTIME} @@ -50,5 +50,5 @@ whenCreated: ${LDAPTIME} whenChanged: ${LDAPTIME} servicePrincipalName: DNS/${DNSDOMAIN} privateKeytab: ${DNS_KEYTAB} -secret: ${DNSPASS} +secret:: ${DNSPASS_B64} |