| Age | Commit message (Collapse) | Author | Files | Lines |
|---|
|
This overloads the 'name' part of the keytab name to supply a context
pointer, and so avoids 3 global variables!
To do this, we had to stop putting the entry for kpasswd into the
secrets.ldb. (I don't consider this a big loss, and any entry left
there by an upgrade will be harmless).
Andrew Bartlett
|
|
|
|
This change ensures the KVNO of the principal in secrets.ldb (which is also
exported to the dns.keytab) matches the KVNO associated with the "dns" user.
Without explicitly setting msDS-KeyVersionNumber, the KVNO exported into the
dns.keytab was 0.
KVNO needs to be > 0, as the client libs (at least MIT libs on Fedora)
consider KVNO == 0 as a sign to ignore that particular key.
(This used to be commit 572efc8e65457a982a8cbb04d3b10e3aae22d574)
|
|
The less things we manually place into the templates, the easier the
conversion to python will be.
Andrew Bartlett
(This used to be commit f65e5c164476b80468aa19452b108db17c642f8b)
|
|
--server-role
This must be set to either 'domain controller', 'domain member' or 'standalone'.
The default for the provision now changes to 'standalone'.
This is not because Samba4 is particularlly useful in that mode, but
because we still want a positive sign from the administrator that we
should advertise as a DC.
We now do more to ensure the 'standalone' and 'member server'
provision output is reasonable, and try not to set odd things into the
database that only belong for the DC.
Andrew Bartlett
(This used to be commit 4cc4ed7719aff712e735628410bd3813c7d6aa40)
|
