summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--source4/setup/provision.ldif4
-rwxr-xr-xsource4/setup/provision.pl37
-rw-r--r--source4/setup/provision.zone2
-rw-r--r--source4/setup/secrets.ldif2
4 files changed, 35 insertions, 10 deletions
diff --git a/source4/setup/provision.ldif b/source4/setup/provision.ldif
index 88c157b052..5a5e792ec5 100644
--- a/source4/setup/provision.ldif
+++ b/source4/setup/provision.ldif
@@ -615,7 +615,7 @@ operatingSystemVersion: 4.0
dNSHostName: ${DNSNAME}
objectCategory: CN=Computer,CN=Schema,CN=Configuration,${BASEDN}
isCriticalSystemObject: TRUE
-unicodePwd: ${JOINPASS}
+unicodePwd: ${MACHINEPASS}
servicePrincipalName: HOST/${DNSNAME}
servicePrincipalName: HOST/${NETBIOSNAME}
msDS-KeyVersionNumber: 1
@@ -653,7 +653,7 @@ sAMAccountType: 805306368
servicePrincipalName: kadmin/changepw
objectCategory: CN=Person,CN=Schema,CN=Configuration,${BASEDN}
isCriticalSystemObject: TRUE
-unicodePwd: ${RANDPASS}
+unicodePwd: ${KRBTGTPASS}
dn: CN=Domain Computers,CN=Users,${BASEDN}
objectClass: top
diff --git a/source4/setup/provision.pl b/source4/setup/provision.pl
index 7c739f4515..99830bfc3f 100755
--- a/source4/setup/provision.pl
+++ b/source4/setup/provision.pl
@@ -10,6 +10,8 @@ my $opt_hostip;
my $opt_realm;
my $opt_domain;
my $opt_adminpass;
+my $opt_krbtgtpass;
+my $opt_machinepass;
my $opt_root;
my $opt_nobody;
my $opt_nogroup;
@@ -69,8 +71,6 @@ sub randpass()
return $pass;
}
-my $joinpass = randpass();
-
sub ldaptime()
{
my ($sec,$min,$hour,$mday,$mon,$year,$wday,$yday) = gmtime(time);
@@ -78,6 +78,13 @@ sub ldaptime()
$year+1900, $mon+1, $mday, $hour, $min, $sec;
}
+sub timestring()
+{
+ my ($sec,$min,$hour,$mday,$mon,$year,$wday,$yday) = gmtime(time);
+ return sprintf "%04u%02u%02u%02u%02u%02u",
+ $year+1900, $mon+1, $mday, $hour, $min, $sec;
+}
+
#######################
# substitute a single variable
sub substitute($)
@@ -124,6 +131,10 @@ sub substitute($)
return ldaptime();
}
+ if ($var eq "TIMESTRING") {
+ return timestring();
+ }
+
if ($var eq "NEWGUID") {
return randguid();
}
@@ -152,12 +163,12 @@ sub substitute($)
return $opt_adminpass;
}
- if ($var eq "RANDPASS") {
- return randpass();
+ if ($var eq "KRBTGTPASS") {
+ return $opt_krbtgtpass;
}
- if ($var eq "JOINPASS") {
- return $joinpass;
+ if ($var eq "MACHINEPASS") {
+ return $opt_machinepass;
}
if ($var eq "NTTIME") {
@@ -283,6 +294,8 @@ provision.pl [options]
--invocationid GUID set invocationid (otherwise random)
--outputdir OUTPUTDIR set output directory
--adminpass PASSWORD choose admin password (otherwise random)
+ --krbtgtpass PASSWORD choose krbtgt password (otherwise random)
+ --machinepass PASSWORD choose machine password (otherwise random)
--root USERNAME choose 'root' unix username
--nobody USERNAME choose 'nobody' user
--nogroup GROUPNAME choose 'nogroup' group
@@ -309,6 +322,8 @@ GetOptions(
'host-guid=s' => \$opt_hostguid,
'invocationid=s' => \$opt_invocationid,
'adminpass=s' => \$opt_adminpass,
+ 'krbtgtpass=s' => \$opt_krbtgtpass,
+ 'machinepass=s' => \$opt_machinepass,
'root=s' => \$opt_root,
'nobody=s' => \$opt_nobody,
'nogroup=s' => \$opt_nogroup,
@@ -401,6 +416,16 @@ if (!$opt_adminpass) {
print "chose random Administrator password '$opt_adminpass'\n";
}
+if (!$opt_krbtgtpass) {
+ $opt_krbtgtpass = randpass();
+ print "chose random krbtgt password '$opt_krbtgtpass'\n";
+}
+
+if (!$opt_machinepass) {
+ $opt_machinepass = randpass();
+ print "chose random machine password '$opt_machinepass'\n";
+}
+
# allow provisioning to be run from the source directory
$ENV{"PATH"} = "bin:../bin:" . $ENV{"PATH"};
diff --git a/source4/setup/provision.zone b/source4/setup/provision.zone
index c79660869c..cde4caf092 100644
--- a/source4/setup/provision.zone
+++ b/source4/setup/provision.zone
@@ -2,7 +2,7 @@
$ORIGIN ${DNSDOMAIN}.
$TTL 1W
@ IN SOA @ hostmaster (
- 42 ; serial (d. adams)
+ ${TIMESTRING} ; serial
2D ; refresh
4H ; retry
6W ; expiry
diff --git a/source4/setup/secrets.ldif b/source4/setup/secrets.ldif
index 15005163dc..865a151494 100644
--- a/source4/setup/secrets.ldif
+++ b/source4/setup/secrets.ldif
@@ -23,7 +23,7 @@ objectClass: top
objectClass: primaryDomain
flatname: ${DOMAIN}
realm: ${REALM}
-secret: ${JOINPASS}
+secret: ${MACHINEPASS}
secureChannelType: 6
sAMAccountName: ${NETBIOSNAME}$
whenCreated: ${LDAPTIME}