upgradeprovision: fix pb with dns-hostname, regenerate a correct keytab

author: Matthieu Patou <mat@matws.net> 2010-10-26 16:37:50 +0400
committer: Matthieu Patou <mat@samba.org> 2010-11-12 19:40:21 +0000
commit: a9c430bdd2e07e8111d1073238059de6c6f478d5 (patch)
tree: cd56c4e05a9f8109edf9b4f799b66aeaa682d205 /source4/scripting/bin
parent: 8227d1f68ef7a4750d23d0c34402dbc0c1d14a3e (diff)
download: samba-a9c430bdd2e07e8111d1073238059de6c6f478d5.tar.gz
samba-a9c430bdd2e07e8111d1073238059de6c6f478d5.tar.bz2
samba-a9c430bdd2e07e8111d1073238059de6c6f478d5.zip
1 files changed, 27 insertions, 1 deletions
diff --git a/source4/scripting/bin/upgradeprovision b/source4/scripting/bin/upgradeprovision
index e1ef57193d..d2cc7abae7 100755
--- a/source4/scripting/bin/upgradeprovision
+++ b/source4/scripting/bin/upgradeprovision
@@ -60,7 +60,7 @@ from samba.upgradehelpers import (dn_sort, get_paths, newprovision,
                                  delta_update_basesamdb, update_policyids,
                                  update_machine_account_password,
                                  search_constructed_attrs_stored,
-                                 int64range2str,
+                                 int64range2str, update_dns_account_password,
                                  increment_calculated_keyversion_number)
 
 replace=2**FLAG_MOD_REPLACE
@@ -1723,8 +1723,34 @@ if __name__ == '__main__':
             # as the delta_upgrade
             schemareloadclosure()
             sync_calculated_attributes(ldbs.sam, names)
+            res = ldbs.sam.search(expression="(samaccountname=dns)",
+                                scope=SCOPE_SUBTREE, attrs=["dn"],
+                                controls=["search_options:1:2"])
+            if len(res) > 0:
+                message(SIMPLE, "You still have the old dns object for managing"
+                                "dynamic DNS, but you didn't supply --full so "
+                                "correct update can't be done")
+                ldbs.groupedRollback()
+                new_ldbs.groupedRollback()
+                shutil.rmtree(provisiondir)
+                sys.exit(1)
         # 14)
         update_secrets(new_ldbs.secrets, ldbs.secrets, message)
+        # 14bis)
+        res = ldbs.sam.search(expression="(samaccountname=dns)",
+                                  scope=SCOPE_SUBTREE, attrs=["dn"],
+                                  controls=["search_options:1:2"])
+
+        if (len(res) == 1):
+            ldbs.sam.delete(res[0]["dn"])
+            res2 = ldbs.secrets.search(expression="(samaccountname=dns)",
+                                  scope=SCOPE_SUBTREE, attrs=["dn"])
+            update_dns_account_password(ldbs.sam, ldbs.secrets, names)
+            message(SIMPLE, "IMPORTANT !!! "
+                            "If you were using Dynmaic DNS before you need"
+                            " to update your configuration, so that the "
+                            "tkey-gssapi-credential has the following value:"
+                            "DNS/%s.%s" % (names.netbiosname.lower(), names.realm.lower()))
         # 15)
         message(SIMPLE, "Update machine account")
         update_machine_account_password(ldbs.sam, ldbs.secrets, names)
author	Matthieu Patou <mat@matws.net>	2010-10-26 16:37:50 +0400
committer	Matthieu Patou <mat@samba.org>	2010-11-12 19:40:21 +0000
commit	a9c430bdd2e07e8111d1073238059de6c6f478d5 (patch)
tree	cd56c4e05a9f8109edf9b4f799b66aeaa682d205 /source4/scripting/bin
parent	8227d1f68ef7a4750d23d0c34402dbc0c1d14a3e (diff)
download	samba-a9c430bdd2e07e8111d1073238059de6c6f478d5.tar.gz samba-a9c430bdd2e07e8111d1073238059de6c6f478d5.tar.bz2 samba-a9c430bdd2e07e8111d1073238059de6c6f478d5.zip