diff options
| -rw-r--r-- | source4/scripting/libjs/provision.js | 11 | ||||
| -rw-r--r-- | source4/setup/secrets.ldif | 4 |
2 files changed, 10 insertions, 5 deletions
diff --git a/source4/scripting/libjs/provision.js b/source4/scripting/libjs/provision.js index d77b2b6c04..e9261888c6 100644 --- a/source4/scripting/libjs/provision.js +++ b/source4/scripting/libjs/provision.js @@ -382,6 +382,7 @@ function provision_default_paths(subobj) paths.hkpt = "hkpt.ldb"; paths.samdb = lp.get("sam database"); paths.secrets = "secrets.ldb"; + paths.keytab = "secrets.keytab"; paths.dns = lp.get("private dir") + "/" + subobj.DNSDOMAIN + ".zone"; paths.winsdb = "wins.ldb"; paths.ldap_basedn_ldif = lp.get("private dir") + "/" + subobj.DNSDOMAIN + ".ldif"; @@ -431,7 +432,7 @@ function setup_name_mappings(info, ldb) return true; } -function provision_fix_subobj(subobj, message) +function provision_fix_subobj(subobj, message, paths) { subobj.REALM = strupper(subobj.REALM); subobj.HOSTNAME = strlower(subobj.HOSTNAME); @@ -442,6 +443,10 @@ function provision_fix_subobj(subobj, message) var rdns = split(",", subobj.DOMAINDN); subobj.RDN_DC = substr(rdns[0], strlen("DC=")); + subobj.SAM_LDB = paths.samdb; + subobj.SECRETS_LDB = paths.secrets; + subobj.SECRETS_KEYTAB = paths.keytab; + return true; } @@ -451,7 +456,7 @@ function provision_become_dc(subobj, message, paths, session_info) var sys = sys_init(); var info = new Object(); - var ok = provision_fix_subobj(subobj, message); + var ok = provision_fix_subobj(subobj, message, paths); assert(ok); info.subobj = subobj; @@ -491,7 +496,7 @@ function provision(subobj, message, blank, paths, session_info, credentials, lda var sys = sys_init(); var info = new Object(); - var ok = provision_fix_subobj(subobj, message); + var ok = provision_fix_subobj(subobj, message, paths); assert(ok); if (subobj.DOMAINGUID != undefined) { diff --git a/source4/setup/secrets.ldif b/source4/setup/secrets.ldif index 6254ef3b0c..1617cfb9bf 100644 --- a/source4/setup/secrets.ldif +++ b/source4/setup/secrets.ldif @@ -36,7 +36,7 @@ whenCreated: ${LDAPTIME} whenChanged: ${LDAPTIME} msDS-KeyVersionNumber: 1 objectSid: ${DOMAINSID} -privateKeytab: secrets.keytab +privateKeytab: ${SECRETS_KEYTAB} # A hook from our credentials system into HDB, as we must be on a KDC, # we can look directly into the database. @@ -51,5 +51,5 @@ whenCreated: ${LDAPTIME} whenChanged: ${LDAPTIME} objectSid: ${DOMAINSID} servicePrincipalName: kadmin/changepw -krb5Keytab: HDB:ldb:sam.ldb: +krb5Keytab: HDB:ldb:${SAM_LDB}: #The trailing : here is a HACK, but it matches the Heimdal format. |