diff options
| author | Matthieu Patou <mat@matws.net> | 2010-10-26 16:37:50 +0400 |
|---|---|---|
| committer | Matthieu Patou <mat@samba.org> | 2010-11-12 19:40:21 +0000 |
| commit | a9c430bdd2e07e8111d1073238059de6c6f478d5 (patch) | |
| tree | cd56c4e05a9f8109edf9b4f799b66aeaa682d205 /source4/scripting/python/samba/upgradehelpers.py | |
| parent | 8227d1f68ef7a4750d23d0c34402dbc0c1d14a3e (diff) | |
| download | samba-a9c430bdd2e07e8111d1073238059de6c6f478d5.tar.gz samba-a9c430bdd2e07e8111d1073238059de6c6f478d5.tar.bz2 samba-a9c430bdd2e07e8111d1073238059de6c6f478d5.zip | |
upgradeprovision: fix pb with dns-hostname, regenerate a correct keytab
Diffstat (limited to 'source4/scripting/python/samba/upgradehelpers.py')
| -rwxr-xr-x | source4/scripting/python/samba/upgradehelpers.py | 48 |
1 files changed, 48 insertions, 0 deletions
diff --git a/source4/scripting/python/samba/upgradehelpers.py b/source4/scripting/python/samba/upgradehelpers.py index b1258d2a53..b2bb66c5ea 100755 --- a/source4/scripting/python/samba/upgradehelpers.py +++ b/source4/scripting/python/samba/upgradehelpers.py @@ -632,6 +632,13 @@ def update_secrets(newsecrets_ldb, secrets_ldb, messagefunc): delta.dn = current[0].dn secrets_ldb.modify(delta) + res2 = secrets_ldb.search(expression="(samaccountname=dns)", + scope=SCOPE_SUBTREE, attrs=["dn"]) + + if (len(res2) == 1): + messagefunc(SIMPLE, "Remove old dns account") + secrets_ldb.delete(res2[0]["dn"]) + def getOEMInfo(samdb, rootdn): """Return OEM Information on the top level Samba4 use to store version info in this field @@ -855,6 +862,47 @@ clearTextPassword:: """ + base64.b64encode(machinepass.encode('utf-16-le')) + "" raise ProvisioningError("Unable to find a Secure Channel" "of type SEC_CHAN_BDC") +def update_dns_account_password(samdb, secrets_ldb, names): + """Update (change) the password of the dns both in the SAM db and in + secret one + + :param samdb: An LDB object related to the sam.ldb file of a given provision + :param secrets_ldb: An LDB object related to the secrets.ldb file of a given + provision + :param names: List of key provision parameters""" + + expression = "samAccountName=dns-%s" % names.netbiosname + secrets_msg = secrets_ldb.search(expression=expression) + if len(secrets_msg) == 1: + res = samdb.search(expression=expression, attrs=[]) + assert(len(res) == 1) + + msg = ldb.Message(res[0].dn) + machinepass = samba.generate_random_password(128, 255) + mputf16 = machinepass.encode('utf-16-le') + msg["clearTextPassword"] = ldb.MessageElement(mputf16, + ldb.FLAG_MOD_REPLACE, + "clearTextPassword") + + samdb.modify(msg) + + res = samdb.search(expression=expression, + attrs=["msDs-keyVersionNumber"]) + assert(len(res) == 1) + kvno = str(res[0]["msDs-keyVersionNumber"]) + + msg = ldb.Message(secrets_msg[0].dn) + msg["secret"] = ldb.MessageElement(machinepass, + ldb.FLAG_MOD_REPLACE, + "secret") + msg["msDS-KeyVersionNumber"] = ldb.MessageElement(kvno, + ldb.FLAG_MOD_REPLACE, + "msDS-KeyVersionNumber") + + secrets_ldb.modify(msg) + else: + raise ProvisioningError("Unable to find an object" + " with %s" % expression ) def search_constructed_attrs_stored(samdb, rootdn, attrs): """Search a given sam DB for calculated attributes that are |