diff options
-rw-r--r-- | source4/setup/provision.ldif | 4 | ||||
-rwxr-xr-x | source4/setup/provision.pl | 37 | ||||
-rw-r--r-- | source4/setup/provision.zone | 2 | ||||
-rw-r--r-- | source4/setup/secrets.ldif | 2 |
4 files changed, 35 insertions, 10 deletions
diff --git a/source4/setup/provision.ldif b/source4/setup/provision.ldif index 88c157b052..5a5e792ec5 100644 --- a/source4/setup/provision.ldif +++ b/source4/setup/provision.ldif @@ -615,7 +615,7 @@ operatingSystemVersion: 4.0 dNSHostName: ${DNSNAME} objectCategory: CN=Computer,CN=Schema,CN=Configuration,${BASEDN} isCriticalSystemObject: TRUE -unicodePwd: ${JOINPASS} +unicodePwd: ${MACHINEPASS} servicePrincipalName: HOST/${DNSNAME} servicePrincipalName: HOST/${NETBIOSNAME} msDS-KeyVersionNumber: 1 @@ -653,7 +653,7 @@ sAMAccountType: 805306368 servicePrincipalName: kadmin/changepw objectCategory: CN=Person,CN=Schema,CN=Configuration,${BASEDN} isCriticalSystemObject: TRUE -unicodePwd: ${RANDPASS} +unicodePwd: ${KRBTGTPASS} dn: CN=Domain Computers,CN=Users,${BASEDN} objectClass: top diff --git a/source4/setup/provision.pl b/source4/setup/provision.pl index 7c739f4515..99830bfc3f 100755 --- a/source4/setup/provision.pl +++ b/source4/setup/provision.pl @@ -10,6 +10,8 @@ my $opt_hostip; my $opt_realm; my $opt_domain; my $opt_adminpass; +my $opt_krbtgtpass; +my $opt_machinepass; my $opt_root; my $opt_nobody; my $opt_nogroup; @@ -69,8 +71,6 @@ sub randpass() return $pass; } -my $joinpass = randpass(); - sub ldaptime() { my ($sec,$min,$hour,$mday,$mon,$year,$wday,$yday) = gmtime(time); @@ -78,6 +78,13 @@ sub ldaptime() $year+1900, $mon+1, $mday, $hour, $min, $sec; } +sub timestring() +{ + my ($sec,$min,$hour,$mday,$mon,$year,$wday,$yday) = gmtime(time); + return sprintf "%04u%02u%02u%02u%02u%02u", + $year+1900, $mon+1, $mday, $hour, $min, $sec; +} + ####################### # substitute a single variable sub substitute($) @@ -124,6 +131,10 @@ sub substitute($) return ldaptime(); } + if ($var eq "TIMESTRING") { + return timestring(); + } + if ($var eq "NEWGUID") { return randguid(); } @@ -152,12 +163,12 @@ sub substitute($) return $opt_adminpass; } - if ($var eq "RANDPASS") { - return randpass(); + if ($var eq "KRBTGTPASS") { + return $opt_krbtgtpass; } - if ($var eq "JOINPASS") { - return $joinpass; + if ($var eq "MACHINEPASS") { + return $opt_machinepass; } if ($var eq "NTTIME") { @@ -283,6 +294,8 @@ provision.pl [options] --invocationid GUID set invocationid (otherwise random) --outputdir OUTPUTDIR set output directory --adminpass PASSWORD choose admin password (otherwise random) + --krbtgtpass PASSWORD choose krbtgt password (otherwise random) + --machinepass PASSWORD choose machine password (otherwise random) --root USERNAME choose 'root' unix username --nobody USERNAME choose 'nobody' user --nogroup GROUPNAME choose 'nogroup' group @@ -309,6 +322,8 @@ GetOptions( 'host-guid=s' => \$opt_hostguid, 'invocationid=s' => \$opt_invocationid, 'adminpass=s' => \$opt_adminpass, + 'krbtgtpass=s' => \$opt_krbtgtpass, + 'machinepass=s' => \$opt_machinepass, 'root=s' => \$opt_root, 'nobody=s' => \$opt_nobody, 'nogroup=s' => \$opt_nogroup, @@ -401,6 +416,16 @@ if (!$opt_adminpass) { print "chose random Administrator password '$opt_adminpass'\n"; } +if (!$opt_krbtgtpass) { + $opt_krbtgtpass = randpass(); + print "chose random krbtgt password '$opt_krbtgtpass'\n"; +} + +if (!$opt_machinepass) { + $opt_machinepass = randpass(); + print "chose random machine password '$opt_machinepass'\n"; +} + # allow provisioning to be run from the source directory $ENV{"PATH"} = "bin:../bin:" . $ENV{"PATH"}; diff --git a/source4/setup/provision.zone b/source4/setup/provision.zone index c79660869c..cde4caf092 100644 --- a/source4/setup/provision.zone +++ b/source4/setup/provision.zone @@ -2,7 +2,7 @@ $ORIGIN ${DNSDOMAIN}. $TTL 1W @ IN SOA @ hostmaster ( - 42 ; serial (d. adams) + ${TIMESTRING} ; serial 2D ; refresh 4H ; retry 6W ; expiry diff --git a/source4/setup/secrets.ldif b/source4/setup/secrets.ldif index 15005163dc..865a151494 100644 --- a/source4/setup/secrets.ldif +++ b/source4/setup/secrets.ldif @@ -23,7 +23,7 @@ objectClass: top objectClass: primaryDomain flatname: ${DOMAIN} realm: ${REALM} -secret: ${JOINPASS} +secret: ${MACHINEPASS} secureChannelType: 6 sAMAccountName: ${NETBIOSNAME}$ whenCreated: ${LDAPTIME} |