summaryrefslogtreecommitdiff
path: root/source4/scripting
diff options
context:
space:
mode:
authorAndrew Bartlett <abartlet@samba.org>2012-06-24 20:52:06 +1000
committerAndrew Bartlett <abartlet@samba.org>2012-06-25 00:26:41 +1000
commit02cbc3fbb601cbbfc86a7048f6d5660d80f14df1 (patch)
treea4ef43ccc3328735c23ac2a01a5930ceb65522f2 /source4/scripting
parent01f52239dc8e13af6e5134667c55d8e0fb7b2f26 (diff)
downloadsamba-02cbc3fbb601cbbfc86a7048f6d5660d80f14df1.tar.gz
samba-02cbc3fbb601cbbfc86a7048f6d5660d80f14df1.tar.bz2
samba-02cbc3fbb601cbbfc86a7048f6d5660d80f14df1.zip
s4-samba_upgradedns: Do not set DNS account for internal server
The internal DNS server does not need the samba-only NAME-dns account. Andrew Bartlett
Diffstat (limited to 'source4/scripting')
-rwxr-xr-xsource4/scripting/bin/samba_upgradedns64
1 files changed, 32 insertions, 32 deletions
diff --git a/source4/scripting/bin/samba_upgradedns b/source4/scripting/bin/samba_upgradedns
index 831b81d06d..c1220bcc26 100755
--- a/source4/scripting/bin/samba_upgradedns
+++ b/source4/scripting/bin/samba_upgradedns
@@ -421,41 +421,41 @@ if __name__ == '__main__':
except Exception:
raise
- # Check if dns-HOSTNAME account exists and create it if required
- try:
- dn = 'samAccountName=dns-%s,CN=Principals' % hostname
- msg = ldbs.secrets.search(expression='(dn=%s)' % dn, attrs=['secret'])
- dnssecret = msg[0]['secret'][0]
- except Exception:
- logger.info("Adding dns-%s account" % hostname)
-
+ # Special stuff for DLZ backend
+ if opts.dns_backend == "BIND9_DLZ":
+ # Check if dns-HOSTNAME account exists and create it if required
try:
- msg = ldbs.sam.search(base=domaindn, scope=ldb.SCOPE_DEFAULT,
- expression='(sAMAccountName=dns-%s)' % (hostname),
- attrs=['clearTextPassword'])
- dn = msg[0].dn
- ldbs.sam.delete(dn)
+ dn = 'samAccountName=dns-%s,CN=Principals' % hostname
+ msg = ldbs.secrets.search(expression='(dn=%s)' % dn, attrs=['secret'])
+ dnssecret = msg[0]['secret'][0]
except Exception:
- pass
-
- dnspass = samba.generate_random_password(128, 255)
- setup_add_ldif(ldbs.sam, setup_path("provision_dns_add_samba.ldif"), {
- "DNSDOMAIN": dnsdomain,
- "DOMAINDN": domaindn,
- "DNSPASS_B64": b64encode(dnspass.encode('utf-16-le')),
- "HOSTNAME" : hostname,
- "DNSNAME" : dnsname }
- )
-
- secretsdb_setup_dns(ldbs.secrets, names,
- paths.private_dir, realm=names.realm,
- dnsdomain=names.dnsdomain,
- dns_keytab_path=paths.dns_keytab, dnspass=dnspass)
- else:
- logger.info("dns-%s account already exists" % hostname)
+ logger.info("Adding dns-%s account" % hostname)
+
+ try:
+ msg = ldbs.sam.search(base=domaindn, scope=ldb.SCOPE_DEFAULT,
+ expression='(sAMAccountName=dns-%s)' % (hostname),
+ attrs=['clearTextPassword'])
+ dn = msg[0].dn
+ ldbs.sam.delete(dn)
+ except Exception:
+ pass
+
+ dnspass = samba.generate_random_password(128, 255)
+ setup_add_ldif(ldbs.sam, setup_path("provision_dns_add_samba.ldif"), {
+ "DNSDOMAIN": dnsdomain,
+ "DOMAINDN": domaindn,
+ "DNSPASS_B64": b64encode(dnspass.encode('utf-16-le')),
+ "HOSTNAME" : hostname,
+ "DNSNAME" : dnsname }
+ )
+
+ secretsdb_setup_dns(ldbs.secrets, names,
+ paths.private_dir, realm=names.realm,
+ dnsdomain=names.dnsdomain,
+ dns_keytab_path=paths.dns_keytab, dnspass=dnspass)
+ else:
+ logger.info("dns-%s account already exists" % hostname)
- # Special stuff for DLZ backend
- if opts.dns_backend == "BIND9_DLZ":
# This forces a re-creation of dns directory and all the files within
# It's an overkill, but it's easier to re-create a samdb copy, rather
# than trying to fix a broken copy.