summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorAndrew Bartlett <abartlet@samba.org>2007-08-29 01:37:26 +0000
committerGerald (Jerry) Carter <jerry@samba.org>2007-10-10 15:03:05 -0500
commitf681306335eaf6b33d6fcaa70ac29a8cf1f5889f (patch)
tree37d1ad1d51f0eaed12d7f0c38ca3e71b6c5128d5
parent748dcc33768e99dbf68838a49a0ac2f05272dd6a (diff)
downloadsamba-f681306335eaf6b33d6fcaa70ac29a8cf1f5889f.tar.gz
samba-f681306335eaf6b33d6fcaa70ac29a8cf1f5889f.tar.bz2
samba-f681306335eaf6b33d6fcaa70ac29a8cf1f5889f.zip
r24760: Ensure we base64 encode any password being put into LDIF, to avoid
provision failures when some of the random password values are illigal LDIF. Andrew Bartlett (This used to be commit 876003f6c6466bfd37ec9b05c9a1f1cc83dd9898)
-rw-r--r--source4/scripting/libjs/provision.js7
-rw-r--r--source4/setup/provision_self_join.ldif2
-rw-r--r--source4/setup/provision_users.ldif6
-rw-r--r--source4/setup/secrets.ldif4
4 files changed, 13 insertions, 6 deletions
diff --git a/source4/scripting/libjs/provision.js b/source4/scripting/libjs/provision.js
index 57531a28b9..ca0fedf97b 100644
--- a/source4/scripting/libjs/provision.js
+++ b/source4/scripting/libjs/provision.js
@@ -449,6 +449,8 @@ function setup_name_mappings(info, ldb)
function provision_fix_subobj(subobj, paths)
{
+ var ldb = ldb_init();
+
subobj.REALM = strupper(subobj.REALM);
subobj.HOSTNAME = strlower(subobj.HOSTNAME);
subobj.DOMAIN = strupper(subobj.DOMAIN);
@@ -465,6 +467,11 @@ function provision_fix_subobj(subobj, paths)
subobj.CONFIGDN = "CN=Configuration," + subobj.ROOTDN;
subobj.SCHEMADN = "CN=Schema," + subobj.CONFIGDN;
+ subobj.MACHINEPASS_B64 = ldb.encode(subobj.MACHINEPASS);
+ subobj.KRBTGTPASS_B64 = ldb.encode(subobj.KRBTGTPASS);
+ subobj.ADMINPASS_B64 = ldb.encode(subobj.ADMINPASS);
+ subobj.DNSPASS_B64 = ldb.encode(subobj.DNSPASS);
+
var rdns = split(",", subobj.DOMAINDN);
subobj.RDN_DC = substr(rdns[0], strlen("DC="));
diff --git a/source4/setup/provision_self_join.ldif b/source4/setup/provision_self_join.ldif
index 25f9fab6d3..ff44a35f6d 100644
--- a/source4/setup/provision_self_join.ldif
+++ b/source4/setup/provision_self_join.ldif
@@ -13,7 +13,7 @@ operatingSystem: Samba
operatingSystemVersion: 4.0
dNSHostName: ${DNSNAME}
isCriticalSystemObject: TRUE
-sambaPassword: ${MACHINEPASS}
+sambaPassword:: ${MACHINEPASS_B64}
servicePrincipalName: HOST/${DNSNAME}
servicePrincipalName: HOST/${NETBIOSNAME}
servicePrincipalName: HOST/${DNSNAME}/${REALM}
diff --git a/source4/setup/provision_users.ldif b/source4/setup/provision_users.ldif
index 60a26c1ebf..f6fbb0bd52 100644
--- a/source4/setup/provision_users.ldif
+++ b/source4/setup/provision_users.ldif
@@ -13,7 +13,7 @@ adminCount: 1
accountExpires: -1
sAMAccountName: Administrator
isCriticalSystemObject: TRUE
-sambaPassword: ${ADMINPASS}
+sambaPassword:: ${ADMINPASS_B64}
dn: CN=Guest,CN=Users,${DOMAINDN}
objectClass: user
@@ -203,7 +203,7 @@ sAMAccountName: krbtgt
sAMAccountType: 805306368
servicePrincipalName: kadmin/changepw
isCriticalSystemObject: TRUE
-sambaPassword: ${KRBTGTPASS}
+sambaPassword:: ${KRBTGTPASS_B64}
dn: CN=dns,CN=Users,${DOMAINDN}
objectClass: top
@@ -219,7 +219,7 @@ sAMAccountName: dns
sAMAccountType: 805306368
servicePrincipalName: DNS/${DNSDOMAIN}
isCriticalSystemObject: TRUE
-sambaPassword: ${DNSPASS}
+sambaPassword:: ${DNSPASS_B64}
dn: CN=Domain Computers,CN=Users,${DOMAINDN}
objectClass: top
diff --git a/source4/setup/secrets.ldif b/source4/setup/secrets.ldif
index 8c61c06a54..80015b4b41 100644
--- a/source4/setup/secrets.ldif
+++ b/source4/setup/secrets.ldif
@@ -14,7 +14,7 @@ objectClass: primaryDomain
objectClass: kerberosSecret
flatname: ${DOMAIN}
realm: ${REALM}
-secret: ${MACHINEPASS}
+secret:: ${MACHINEPASS_B64}
secureChannelType: 6
sAMAccountName: ${NETBIOSNAME}$
whenCreated: ${LDAPTIME}
@@ -50,5 +50,5 @@ whenCreated: ${LDAPTIME}
whenChanged: ${LDAPTIME}
servicePrincipalName: DNS/${DNSDOMAIN}
privateKeytab: ${DNS_KEYTAB}
-secret: ${DNSPASS}
+secret:: ${DNSPASS_B64}