summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--source4/scripting/python/samba/netcmd/domain.py55
-rw-r--r--source4/scripting/python/samba/provision/__init__.py5
2 files changed, 50 insertions, 10 deletions
diff --git a/source4/scripting/python/samba/netcmd/domain.py b/source4/scripting/python/samba/netcmd/domain.py
index 119c19757f..0ace70fc9a 100644
--- a/source4/scripting/python/samba/netcmd/domain.py
+++ b/source4/scripting/python/samba/netcmd/domain.py
@@ -233,6 +233,7 @@ class cmd_domain_provision(Command):
krbtgtpass = None,
machinepass = None,
dns_backend = None,
+ dns_forwarder = None,
dnspass = None,
ldapadminpass = None,
root = None,
@@ -252,11 +253,11 @@ class cmd_domain_provision(Command):
use_ntvfs = None,
use_rfc2307 = None):
- logger = self.get_logger("provision")
+ self.logger = self.get_logger("provision")
if quiet:
- logger.setLevel(logging.WARNING)
+ self.logger.setLevel(logging.WARNING)
else:
- logger.setLevel(logging.INFO)
+ self.logger.setLevel(logging.INFO)
lp = sambaopts.get_loadparm()
smbconf = lp.configfile
@@ -265,6 +266,8 @@ class cmd_domain_provision(Command):
creds.set_kerberos_state(DONT_USE_KERBEROS)
+ suggested_forwarder = dns_forwarder is None and self._get_nameserver_ip() or dns_forwarder
+
if len(self.raw_argv) == 1:
interactive = True
@@ -301,6 +304,12 @@ class cmd_domain_provision(Command):
if dns_backend in (None, ''):
raise CommandError("No DNS backend set!")
+ if dns_backend == "SAMBA_INTERNAL":
+ dns_forwarder = ask("DNS forwarder IP address (write 'none' to disable forwarding)", suggested_forwarder)
+ if dns_forwarder.lower() in (None, 'none'):
+ suggested_forwarder = None
+ dns_forwarder = None
+
while True:
adminpassplain = getpass("Administrator password: ")
if not adminpassplain:
@@ -321,7 +330,7 @@ class cmd_domain_provision(Command):
raise CommandError("No domain set!")
if not adminpass:
- logger.info("Administrator password will be set randomly!")
+ self.logger.info("Administrator password will be set randomly!")
if function_level == "2000":
dom_for_fun_level = DS_DOMAIN_FUNCTION_2000
@@ -332,6 +341,9 @@ class cmd_domain_provision(Command):
elif function_level == "2008_R2":
dom_for_fun_level = DS_DOMAIN_FUNCTION_2008_R2
+ if dns_backend == "SAMBA_INTERNAL" and dns_forwarder is None:
+ dns_forwarder = suggested_forwarder
+
samdb_fill = FILL_FULL
if blank:
samdb_fill = FILL_NT4SYNC
@@ -357,16 +369,16 @@ class cmd_domain_provision(Command):
"O:S-1-5-32G:S-1-5-32", "S-1-5-32", "native")
eadb = False
except Exception:
- logger.info("You are not root or your system do not support xattr, using tdb backend for attributes. ")
+ self.logger.info("You are not root or your system do not support xattr, using tdb backend for attributes. ")
finally:
file.close()
if eadb:
- logger.info("not using extended attributes to store ACLs and other metadata. If you intend to use this provision in production, rerun the script as root on a system supporting xattrs.")
+ self.logger.info("not using extended attributes to store ACLs and other metadata. If you intend to use this provision in production, rerun the script as root on a system supporting xattrs.")
session = system_session()
try:
- result = provision(logger,
+ result = provision(self.logger,
session, creds, smbconf=smbconf, targetdir=targetdir,
samdb_fill=samdb_fill, realm=realm, domain=domain,
domainguid=domain_guid, domainsid=domain_sid,
@@ -375,7 +387,7 @@ class cmd_domain_provision(Command):
ntdsguid=ntds_guid,
invocationid=invocationid, adminpass=adminpass,
krbtgtpass=krbtgtpass, machinepass=machinepass,
- dns_backend=dns_backend,
+ dns_backend=dns_backend, dns_forwarder=dns_forwarder,
dnspass=dnspass, root=root, nobody=nobody,
wheel=wheel, users=users,
serverrole=server_role, dom_for_fun_level=dom_for_fun_level,
@@ -386,7 +398,32 @@ class cmd_domain_provision(Command):
except ProvisioningError, e:
raise CommandError("Provision failed", e)
- result.report_logger(logger)
+ result.report_logger(self.logger)
+
+ def _get_nameserver_ip(self):
+ """Grab the nameserver IP address from /etc/resolv.conf"""
+ from os import path
+ RESOLV_CONF="/etc/resolv.conf"
+
+ if not path.isfile(RESOLV_CONF):
+ self.logger.warning("Failed to locate %s" % RESOLV_CONF)
+ return None
+
+ handle = None
+ try:
+ handle = open(RESOLV_CONF, 'r')
+ for line in handle:
+ if not line.startswith('nameserver'):
+ continue
+ # we want the last non-space continuous string of the line
+ return line.strip().split()[-1]
+ finally:
+ if handle is not None:
+ handle.close()
+
+ self.logger.warning("No nameserver found in %s" % RESOLV_CONF)
+ return None
+
class cmd_domain_dcpromo(Command):
"""Promotes an existing domain member or NT4 PDC to an AD DC"""
diff --git a/source4/scripting/python/samba/provision/__init__.py b/source4/scripting/python/samba/provision/__init__.py
index 5cbb71685b..706a02396a 100644
--- a/source4/scripting/python/samba/provision/__init__.py
+++ b/source4/scripting/python/samba/provision/__init__.py
@@ -1764,7 +1764,7 @@ def provision(logger, session_info, credentials, smbconf=None,
domain=None, hostname=None, hostip=None, hostip6=None, domainsid=None,
next_rid=1000, dc_rid=None, adminpass=None, ldapadminpass=None, krbtgtpass=None,
domainguid=None, policyguid=None, policyguid_dc=None,
- dns_backend=None, dnspass=None,
+ dns_backend=None, dns_forwarder=None, dnspass=None,
invocationid=None, machinepass=None, ntdsguid=None,
root=None, nobody=None, users=None, wheel=None, backup=None, aci=None,
serverrole=None, dom_for_fun_level=None,
@@ -1822,6 +1822,9 @@ def provision(logger, session_info, credentials, smbconf=None,
if dns_backend != "SAMBA_INTERNAL":
server_services.append("-dns")
+ else:
+ if dns_forwarder is not None:
+ global_param["dns forwarder"] = [dns_forwarder]
if use_ntvfs:
server_services.append("+smb")