diff options
author | Stefan Metzmacher <metze@samba.org> | 2012-09-12 08:53:18 +0200 |
---|---|---|
committer | Stefan Metzmacher <metze@samba.org> | 2012-09-12 16:51:29 +0200 |
commit | c4aef88b32de105527c895c5d5e1b9ed68a06601 (patch) | |
tree | a013d8747e8af2a3acc52c2e6402d63bc84f8521 /source4/scripting/bin | |
parent | 1e00c0dcec702c1759879d0243507ed92b2cd758 (diff) | |
download | samba-c4aef88b32de105527c895c5d5e1b9ed68a06601.tar.gz samba-c4aef88b32de105527c895c5d5e1b9ed68a06601.tar.bz2 samba-c4aef88b32de105527c895c5d5e1b9ed68a06601.zip |
s4:samba_upgradedns: delete dns-HOSTNAME account if using the internal dns server
metze
Diffstat (limited to 'source4/scripting/bin')
-rwxr-xr-x | source4/scripting/bin/samba_upgradedns | 28 |
1 files changed, 28 insertions, 0 deletions
diff --git a/source4/scripting/bin/samba_upgradedns b/source4/scripting/bin/samba_upgradedns index efda448d48..8304134161 100755 --- a/source4/scripting/bin/samba_upgradedns +++ b/source4/scripting/bin/samba_upgradedns @@ -472,5 +472,33 @@ if __name__ == '__main__': logger.info("See %s for an example configuration include file for BIND", paths.namedconf) logger.info("and %s for further documentation required for secure DNS " "updates", paths.namedtxt) + elif opts.dns_backend == "SAMBA_INTERNAL": + # Check if dns-HOSTNAME account exists and delete it if required + try: + dn_str = 'samAccountName=dns-%s,CN=Principals' % hostname + msg = ldbs.secrets.search(expression='(dn=%s)' % dn_str, attrs=['secret']) + dn = msg[0].dn + except Exception: + dn = None + + if dn is not None: + try: + ldbs.secrets.delete(dn) + except Exception: + logger.info("Failed to delete %s from secrets.ldb" % dn) + + try: + msg = ldbs.sam.search(base=domaindn, scope=ldb.SCOPE_DEFAULT, + expression='(sAMAccountName=dns-%s)' % (hostname), + attrs=['clearTextPassword']) + dn = msg[0].dn + except Exception: + dn = None + + if dn is not None: + try: + ldbs.sam.delete(dn) + except Exception: + logger.info("Failed to delete %s from sam.ldb" % dn) logger.info("Finished upgrading DNS") |