diff options
Diffstat (limited to 'source4')
-rwxr-xr-x | source4/scripting/bin/samba_upgradedns | 11 | ||||
-rw-r--r-- | source4/setup/secrets_dns.ldif | 2 |
2 files changed, 11 insertions, 2 deletions
diff --git a/source4/scripting/bin/samba_upgradedns b/source4/scripting/bin/samba_upgradedns index b7af98c30d..9c1a6b4d5a 100755 --- a/source4/scripting/bin/samba_upgradedns +++ b/source4/scripting/bin/samba_upgradedns @@ -436,10 +436,19 @@ if __name__ == '__main__': "DNSNAME" : dnsname } ) + res = ldbs.sam.search(base=domaindn, scope=ldb.SCOPE_DEFAULT, + expression='(sAMAccountName=dns-%s)' % (hostname), + attrs=["msDS-KeyVersionNumber"]) + if "msDS-KeyVersionNumber" in res[0]: + dns_key_version_number = int(res[0]["msDS-KeyVersionNumber"][0]) + else: + dns_key_version_number = None + secretsdb_setup_dns(ldbs.secrets, names, paths.private_dir, realm=names.realm, dnsdomain=names.dnsdomain, - dns_keytab_path=paths.dns_keytab, dnspass=dnspass) + dns_keytab_path=paths.dns_keytab, dnspass=dnspass, + key_version_number=dns_key_version_number) else: logger.info("dns-%s account already exists" % hostname) diff --git a/source4/setup/secrets_dns.ldif b/source4/setup/secrets_dns.ldif index 67fd66b057..192c06d286 100644 --- a/source4/setup/secrets_dns.ldif +++ b/source4/setup/secrets_dns.ldif @@ -5,7 +5,7 @@ objectClass: secret objectClass: kerberosSecret realm: ${REALM} servicePrincipalName: DNS/${DNSNAME} -msDS-KeyVersionNumber: 1 +msDS-KeyVersionNumber: ${KEY_VERSION_NUMBER} privateKeytab: ${DNS_KEYTAB} secret:: ${DNSPASS_B64} samAccountName: dns-${HOSTNAME} |