diff options
| author | Andrew Bartlett <abartlet@samba.org> | 2012-06-24 20:52:06 +1000 |
|---|---|---|
| committer | Andrew Bartlett <abartlet@samba.org> | 2012-06-25 00:26:41 +1000 |
| commit | 02cbc3fbb601cbbfc86a7048f6d5660d80f14df1 (patch) | |
| tree | a4ef43ccc3328735c23ac2a01a5930ceb65522f2 /source4/scripting/bin | |
| parent | 01f52239dc8e13af6e5134667c55d8e0fb7b2f26 (diff) | |
| download | samba-02cbc3fbb601cbbfc86a7048f6d5660d80f14df1.tar.gz samba-02cbc3fbb601cbbfc86a7048f6d5660d80f14df1.tar.bz2 samba-02cbc3fbb601cbbfc86a7048f6d5660d80f14df1.zip | |
s4-samba_upgradedns: Do not set DNS account for internal server
The internal DNS server does not need the samba-only NAME-dns
account.
Andrew Bartlett
Diffstat (limited to 'source4/scripting/bin')
| -rwxr-xr-x | source4/scripting/bin/samba_upgradedns | 64 |
1 files changed, 32 insertions, 32 deletions
diff --git a/source4/scripting/bin/samba_upgradedns b/source4/scripting/bin/samba_upgradedns index 831b81d06d..c1220bcc26 100755 --- a/source4/scripting/bin/samba_upgradedns +++ b/source4/scripting/bin/samba_upgradedns @@ -421,41 +421,41 @@ if __name__ == '__main__': except Exception: raise - # Check if dns-HOSTNAME account exists and create it if required - try: - dn = 'samAccountName=dns-%s,CN=Principals' % hostname - msg = ldbs.secrets.search(expression='(dn=%s)' % dn, attrs=['secret']) - dnssecret = msg[0]['secret'][0] - except Exception: - logger.info("Adding dns-%s account" % hostname) - + # Special stuff for DLZ backend + if opts.dns_backend == "BIND9_DLZ": + # Check if dns-HOSTNAME account exists and create it if required try: - msg = ldbs.sam.search(base=domaindn, scope=ldb.SCOPE_DEFAULT, - expression='(sAMAccountName=dns-%s)' % (hostname), - attrs=['clearTextPassword']) - dn = msg[0].dn - ldbs.sam.delete(dn) + dn = 'samAccountName=dns-%s,CN=Principals' % hostname + msg = ldbs.secrets.search(expression='(dn=%s)' % dn, attrs=['secret']) + dnssecret = msg[0]['secret'][0] except Exception: - pass - - dnspass = samba.generate_random_password(128, 255) - setup_add_ldif(ldbs.sam, setup_path("provision_dns_add_samba.ldif"), { - "DNSDOMAIN": dnsdomain, - "DOMAINDN": domaindn, - "DNSPASS_B64": b64encode(dnspass.encode('utf-16-le')), - "HOSTNAME" : hostname, - "DNSNAME" : dnsname } - ) - - secretsdb_setup_dns(ldbs.secrets, names, - paths.private_dir, realm=names.realm, - dnsdomain=names.dnsdomain, - dns_keytab_path=paths.dns_keytab, dnspass=dnspass) - else: - logger.info("dns-%s account already exists" % hostname) + logger.info("Adding dns-%s account" % hostname) + + try: + msg = ldbs.sam.search(base=domaindn, scope=ldb.SCOPE_DEFAULT, + expression='(sAMAccountName=dns-%s)' % (hostname), + attrs=['clearTextPassword']) + dn = msg[0].dn + ldbs.sam.delete(dn) + except Exception: + pass + + dnspass = samba.generate_random_password(128, 255) + setup_add_ldif(ldbs.sam, setup_path("provision_dns_add_samba.ldif"), { + "DNSDOMAIN": dnsdomain, + "DOMAINDN": domaindn, + "DNSPASS_B64": b64encode(dnspass.encode('utf-16-le')), + "HOSTNAME" : hostname, + "DNSNAME" : dnsname } + ) + + secretsdb_setup_dns(ldbs.secrets, names, + paths.private_dir, realm=names.realm, + dnsdomain=names.dnsdomain, + dns_keytab_path=paths.dns_keytab, dnspass=dnspass) + else: + logger.info("dns-%s account already exists" % hostname) - # Special stuff for DLZ backend - if opts.dns_backend == "BIND9_DLZ": # This forces a re-creation of dns directory and all the files within # It's an overkill, but it's easier to re-create a samdb copy, rather # than trying to fix a broken copy. |