diff options
| author | Andrew Bartlett <abartlet@samba.org> | 2011-05-23 15:27:50 +1000 |
|---|---|---|
| committer | Andrew Bartlett <abartlet@samba.org> | 2011-05-25 12:12:53 +1000 |
| commit | 53b0c44d8c0f21682220a212baa4b8a2e0f3ceae (patch) | |
| tree | 482479e5b96c22518105748c79734b4f891bef0d | |
| parent | 387cbb1c37fba6a0a18b87ced31c91d0948a0699 (diff) | |
| download | samba-53b0c44d8c0f21682220a212baa4b8a2e0f3ceae.tar.gz samba-53b0c44d8c0f21682220a212baa4b8a2e0f3ceae.tar.bz2 samba-53b0c44d8c0f21682220a212baa4b8a2e0f3ceae.zip | |
s4-provision Use correct tkey-gssapi-credential
We changed to ${DNSNAME} (the fully qualified domain name) a while
back, and while it's usually functionally idential to the previous
setting, this breaks down if there is more than one DNS server.
Andrew Bartlett
| -rw-r--r-- | source4/scripting/python/samba/provision/__init__.py | 4 | ||||
| -rw-r--r-- | source4/setup/named.txt | 2 |
2 files changed, 4 insertions, 2 deletions
diff --git a/source4/scripting/python/samba/provision/__init__.py b/source4/scripting/python/samba/provision/__init__.py index 8433f23121..f987fb8ef3 100644 --- a/source4/scripting/python/samba/provision/__init__.py +++ b/source4/scripting/python/samba/provision/__init__.py @@ -1749,6 +1749,7 @@ def provision(logger, session_info, credentials, smbconf=None, create_named_txt(paths.namedtxt, realm=names.realm, dnsdomain=names.dnsdomain, + dnsname = "%s.%s" % (names.hostname, names.dnsdomain), private_dir=paths.private_dir, keytab_name=paths.dns_keytab) logger.info("See %s for an example configuration include file for BIND", paths.namedconf) @@ -1985,7 +1986,7 @@ def create_named_conf(paths, realm, dnsdomain, setup_file(setup_path("named.conf.update"), paths.namedconf_update) -def create_named_txt(path, realm, dnsdomain, private_dir, +def create_named_txt(path, realm, dnsdomain, dnsname, private_dir, keytab_name): """Write out a file containing zone statements suitable for inclusion in a named.conf file (including GSS-TSIG configuration). @@ -1998,6 +1999,7 @@ def create_named_txt(path, realm, dnsdomain, private_dir, """ setup_file(setup_path("named.txt"), path, { "DNSDOMAIN": dnsdomain, + "DNSNAME" : dnsname, "REALM": realm, "DNS_KEYTAB": keytab_name, "DNS_KEYTAB_ABS": os.path.join(private_dir, keytab_name), diff --git a/source4/setup/named.txt b/source4/setup/named.txt index c1e6b3a9ee..97de69d8eb 100644 --- a/source4/setup/named.txt +++ b/source4/setup/named.txt @@ -5,7 +5,7 @@ # - Insert the following lines into the options {} section of your named.conf # file: -tkey-gssapi-credential "DNS/${DNSDOMAIN}"; +tkey-gssapi-credential "DNS/${DNSNAME}"; tkey-domain "${REALM}"; # - Modify BIND init scripts to pass the location of the generated keytab file. |