summaryrefslogtreecommitdiff
path: root/source4/scripting/bin/upgradeprovision
diff options
context:
space:
mode:
authorMatthieu Patou <mat@matws.net>2010-10-26 16:37:50 +0400
committerMatthieu Patou <mat@samba.org>2010-11-12 19:40:21 +0000
commita9c430bdd2e07e8111d1073238059de6c6f478d5 (patch)
treecd56c4e05a9f8109edf9b4f799b66aeaa682d205 /source4/scripting/bin/upgradeprovision
parent8227d1f68ef7a4750d23d0c34402dbc0c1d14a3e (diff)
downloadsamba-a9c430bdd2e07e8111d1073238059de6c6f478d5.tar.gz
samba-a9c430bdd2e07e8111d1073238059de6c6f478d5.tar.bz2
samba-a9c430bdd2e07e8111d1073238059de6c6f478d5.zip
upgradeprovision: fix pb with dns-hostname, regenerate a correct keytab
Diffstat (limited to 'source4/scripting/bin/upgradeprovision')
-rwxr-xr-xsource4/scripting/bin/upgradeprovision28
1 files changed, 27 insertions, 1 deletions
diff --git a/source4/scripting/bin/upgradeprovision b/source4/scripting/bin/upgradeprovision
index e1ef57193d..d2cc7abae7 100755
--- a/source4/scripting/bin/upgradeprovision
+++ b/source4/scripting/bin/upgradeprovision
@@ -60,7 +60,7 @@ from samba.upgradehelpers import (dn_sort, get_paths, newprovision,
delta_update_basesamdb, update_policyids,
update_machine_account_password,
search_constructed_attrs_stored,
- int64range2str,
+ int64range2str, update_dns_account_password,
increment_calculated_keyversion_number)
replace=2**FLAG_MOD_REPLACE
@@ -1723,8 +1723,34 @@ if __name__ == '__main__':
# as the delta_upgrade
schemareloadclosure()
sync_calculated_attributes(ldbs.sam, names)
+ res = ldbs.sam.search(expression="(samaccountname=dns)",
+ scope=SCOPE_SUBTREE, attrs=["dn"],
+ controls=["search_options:1:2"])
+ if len(res) > 0:
+ message(SIMPLE, "You still have the old dns object for managing"
+ "dynamic DNS, but you didn't supply --full so "
+ "correct update can't be done")
+ ldbs.groupedRollback()
+ new_ldbs.groupedRollback()
+ shutil.rmtree(provisiondir)
+ sys.exit(1)
# 14)
update_secrets(new_ldbs.secrets, ldbs.secrets, message)
+ # 14bis)
+ res = ldbs.sam.search(expression="(samaccountname=dns)",
+ scope=SCOPE_SUBTREE, attrs=["dn"],
+ controls=["search_options:1:2"])
+
+ if (len(res) == 1):
+ ldbs.sam.delete(res[0]["dn"])
+ res2 = ldbs.secrets.search(expression="(samaccountname=dns)",
+ scope=SCOPE_SUBTREE, attrs=["dn"])
+ update_dns_account_password(ldbs.sam, ldbs.secrets, names)
+ message(SIMPLE, "IMPORTANT !!! "
+ "If you were using Dynmaic DNS before you need"
+ " to update your configuration, so that the "
+ "tkey-gssapi-credential has the following value:"
+ "DNS/%s.%s" % (names.netbiosname.lower(), names.realm.lower()))
# 15)
message(SIMPLE, "Update machine account")
update_machine_account_password(ldbs.sam, ldbs.secrets, names)