diff options
| -rw-r--r-- | source4/provision.ldif | 12 | ||||
| -rw-r--r-- | source4/provision.zone | 31 | ||||
| -rwxr-xr-x | source4/script/provision.pl | 69 |
3 files changed, 101 insertions, 11 deletions
diff --git a/source4/provision.ldif b/source4/provision.ldif index 1adb8600b3..2497b2cb7a 100644 --- a/source4/provision.ldif +++ b/source4/provision.ldif @@ -38,7 +38,7 @@ name: ${DOMAIN} realm: ${REALM} dnsDomain: ${DNSDOMAIN} dc: ${DOMAIN} -objectGUID: ${NEWGUID} +objectGUID: ${DOMAINGUID} creationTime: ${NTTIME} forceLogoff: 0x8000000000000000 lockoutDuration: -18000000000 @@ -438,20 +438,20 @@ groupType: 0x80000005 objectCategory: CN=Group,CN=Schema,CN=Configuration,${BASEDN} isCriticalSystemObject: TRUE -dn: CN=${HOSTNAME},OU=Domain Controllers,${BASEDN} +dn: CN=${NETBIOSNAME},OU=Domain Controllers,${BASEDN} objectClass: top objectClass: person objectClass: organizationalPerson objectClass: user objectClass: computer -cn: ${HOSTNAME} +cn: ${NETBIOSNAME} instanceType: 4 whenCreated: ${LDAPTIME} whenChanged: ${LDAPTIME} uSNCreated: 1 uSNChanged: 1 -name: ${HOSTNAME} -objectGUID: ${NEWGUID} +name: ${NETBIOSNAME} +objectGUID: ${HOSTGUID} userAccountControl: 532480 badPwdCount: 0 codePage: 0 @@ -465,7 +465,7 @@ primaryGroupID: 516 objectSid: ${DOMAINSID}-1000 accountExpires: 9223372036854775807 logonCount: 30 -sAMAccountName: ${HOSTNAME}$ +sAMAccountName: ${NETBIOSNAME}$ sAMAccountType: 805306369 operatingSystem: Samba operatingSystemVersion: 4.0 diff --git a/source4/provision.zone b/source4/provision.zone new file mode 100644 index 0000000000..6549af9ce3 --- /dev/null +++ b/source4/provision.zone @@ -0,0 +1,31 @@ +; generate by provision.pl +; for domain: +; ${DNSDOMAIN} +$TTL 1W +@ IN SOA @ Administrator ( + 42 ; serial (d. adams) + 2D ; refresh + 4H ; retry + 6W ; expiry + 1W ) ; minimum + + IN NS ${HOSTIP} + +${HOSTNAME} IN A ${HOSTIP} +${HOSTGUID}._msdcs IN CNAME ${HOSTNAME} + +_gc._tcp IN SRV 0 100 3268 ${HOSTNAME} +_ldap._tcp IN SRV 0 100 389 ${HOSTNAME} +_kerberos._tcp IN SRV 0 100 88 ${HOSTNAME} +_kerberos._udp IN SRV 0 100 88 ${HOSTNAME} + +_ldap._tcp.dc._msdcs IN SRV 0 100 389 ${HOSTNAME} +_ldap._tcp.gc._msdcs IN SRV 0 100 389 ${HOSTNAME} +_ldap._tcp.pdc._msdcs IN SRV 0 100 389 ${HOSTNAME} + +_ldap._tcp.${DOMAINGUID}.domains._msdcs IN SRV 0 100 389 ${HOSTNAME} +_ldap._tcp.${DEFAULTSITE}._sites.dc._msdcs IN SRV 0 100 389 ${HOSTNAME} +_ldap._tcp.${DEFAULTSITE}._sites.cc._msdcs IN SRV 0 100 389 ${HOSTNAME} + +_kerberos._tcp.dc._msdcs IN SRV 0 100 389 ${HOSTNAME} +_kerberos._tcp.${DEFAULTSITE}._sites.dc._msdcs IN SRV 0 100 88 ${HOSTNAME} diff --git a/source4/script/provision.pl b/source4/script/provision.pl index 8863653e34..e98181b05f 100755 --- a/source4/script/provision.pl +++ b/source4/script/provision.pl @@ -1,10 +1,12 @@ #!/usr/bin/perl -w use strict; +use Socket; use Getopt::Long; my $opt_hostname = `hostname`; chomp $opt_hostname; +my $opt_hostip; my $opt_realm; my $opt_domain; my $opt_adminpass; @@ -13,8 +15,10 @@ my $opt_nogroup; my $opt_wheel; my $opt_users; my $dnsdomain; +my $netbiosname; my $dnsname; my $basedn; +my $defaultsite = "Default-First-Site-Name"; # return the current NTTIME as an integer sub nttime() @@ -38,6 +42,7 @@ sub randguid() } my $domainguid = randguid(); +my $hostguid = randguid(); sub randsid() { @@ -96,10 +101,18 @@ sub substitute($) return $opt_hostname; } + if ($var eq "NETBIOSNAME") { + return $netbiosname; + } + if ($var eq "DNSNAME") { return $dnsname; } + if ($var eq "HOSTIP") { + return $opt_hostip; + } + if ($var eq "LDAPTIME") { return ldaptime(); } @@ -108,6 +121,18 @@ sub substitute($) return randguid(); } + if ($var eq "DOMAINGUID") { + return $domainguid; + } + + if ($var eq "HOSTGUID") { + return $hostguid; + } + + if ($var eq "DEFAULTSITE") { + return $defaultsite; + } + if ($var eq "ADMINPASS") { return $opt_adminpass; } @@ -202,6 +227,7 @@ provision.pl [options] --realm REALM set realm --domain DOMAIN set domain --hostname HOSTNAME set hostname + --hostip IPADDRESS set ipaddress --adminpass PASSWORD choose admin password (otherwise random) --nobody USERNAME choose 'nobody' user --nogroup GROUPNAME choose 'nogroup' group @@ -221,6 +247,7 @@ GetOptions( 'realm=s' => \$opt_realm, 'domain=s' => \$opt_domain, 'hostname=s' => \$opt_hostname, + 'hostip=s' => \$opt_hostip, 'adminpass=s' => \$opt_adminpass, 'nobody=s' => \$opt_nobody, 'nogroup=s' => \$opt_nogroup, @@ -237,9 +264,19 @@ if ($opt_help || $opt_realm=uc($opt_realm); $opt_domain=uc($opt_domain); -$opt_hostname=uc($opt_hostname); +$opt_hostname=lc($opt_hostname); +$netbiosname=uc($opt_hostname); + +if (!$opt_hostip) { + my $hip = gethostbyname($opt_hostname); + if (defined $hip) { + $opt_hostip = inet_ntoa($hip); + } else { + $opt_hostip = "<0.0.0.0>"; + } +} -print "Provisioning host '$opt_hostname' for domain '$opt_domain' in realm '$opt_realm'\n"; +print "Provisioning host '$opt_hostname'[$opt_hostip] for domain '$opt_domain' in realm '$opt_realm'\n"; if (!$opt_nobody) { if (defined getpwnam("nobody")) { @@ -317,9 +354,31 @@ $ENV{"PATH"} .= ":bin"; system("ldbadd -H newsam.ldb newsam.ldif"); +print "done\n"; + +print "generating dns zone file ...\n"; + +$data = FileLoad("provision.zone") || die "Unable to load provision.zone\n"; + +$res = ""; + +print "applying substitutions ...\n"; + +while ($data =~ /(.*?)\$\{(\w*)\}(.*)/s) { + my $sub = substitute($2); + $res .= "$1$sub"; + $data = $3; +} +$res .= $data; + +print "saving dns zone to newdns.zone ...\n"; + +FileSave("$dnsdomain.zone", $res); + print "done -Please move newsam.ldb to sam.ldb in the lib/private/ directory of your -Samba4 installation +Installation: +- Please move newsam.ldb to sam.ldb in the lib/private/ directory of your + Samba4 installation +- Please use $dnsdomain.zone to in BIND dns server "; - |