From 40b09f689bea23eaa6dbaa3e29b0a91adcd06a53 Mon Sep 17 00:00:00 2001
From: Andrew Bartlett <abartlet@samba.org>
Date: Tue, 6 Oct 2009 10:59:36 +1100
Subject: s4:drs-development Scripts to assist testing of DRS replication with
 AD

These scripts, originally by tridge, allow developers to easily
reproduce the same domain join senerio time after time.

They need documentation, and the template named.conf and zone files
for hosting an AD domain are not provided.  However, I hope to have
the provision script provide these shortly.

They assume a local 'bind' set up to read PREFIX/private/named.conf
(as per the provision instructions).

Ensure you edit the 'vars' file to match your local setup.

Andrew Bartlett
---
 source4/scripting/devel/drs/fsmo.ldif.template     | 75 ++++++++++++++++++++++
 source4/scripting/devel/drs/named.conf.ad.template |  6 ++
 source4/scripting/devel/drs/revampire_ad.sh        | 23 +++++++
 source4/scripting/devel/drs/unvampire_ad.sh        | 12 ++++
 source4/scripting/devel/drs/vampire_ad.sh          | 16 +++++
 source4/scripting/devel/drs/vars                   | 11 ++++
 6 files changed, 143 insertions(+)
 create mode 100644 source4/scripting/devel/drs/fsmo.ldif.template
 create mode 100644 source4/scripting/devel/drs/named.conf.ad.template
 create mode 100755 source4/scripting/devel/drs/revampire_ad.sh
 create mode 100755 source4/scripting/devel/drs/unvampire_ad.sh
 create mode 100755 source4/scripting/devel/drs/vampire_ad.sh
 create mode 100644 source4/scripting/devel/drs/vars

(limited to 'source4/scripting/devel')

diff --git a/source4/scripting/devel/drs/fsmo.ldif.template b/source4/scripting/devel/drs/fsmo.ldif.template
new file mode 100644
index 0000000000..d5b373a04e
--- /dev/null
+++ b/source4/scripting/devel/drs/fsmo.ldif.template
@@ -0,0 +1,75 @@
+dn: CN=RID Manager$,CN=System,BASEDN
+changetype: modify
+replace: fSMORoleOwner
+fSMORoleOwner: CN=NTDS Settings,CN=MACHINE,CN=Servers,CN=Default-First-Site-Name,C
+ N=Sites,CN=Configuration,BASEDN
+-
+
+dn: BASEDN
+changetype: modify
+replace: fSMORoleOwner
+fSMORoleOwner: CN=NTDS Settings,CN=MACHINE,CN=Servers,CN=Default-First-Site-Name,C
+ N=Sites,CN=Configuration,BASEDN
+-
+
+dn: CN=Infrastructure,BASEDN
+changetype: modify
+replace: fSMORoleOwner
+fSMORoleOwner: CN=NTDS Settings,CN=MACHINE,CN=Servers,CN=Default-First-Site-Name,C
+ N=Sites,CN=Configuration,BASEDN
+-
+
+dn: CN=Partitions,CN=Configuration,BASEDN
+changetype: modify
+replace: fSMORoleOwner
+fSMORoleOwner: CN=NTDS Settings,CN=MACHINE,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,BASEDN
+-
+
+dn: CN=Schema,CN=Configuration,BASEDN
+changetype: modify
+replace: fSMORoleOwner
+fSMORoleOwner: CN=NTDS Settings,CN=MACHINE,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,BASEDN
+-
+
+dn: CN=NTDS Settings,CN=MACHINE,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,BASEDN
+changetype: modify
+replace: options
+options: 1
+-
+
+dn: CN=MACHINE,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,BASEDN
+changetype: modify
+replace: dNSHostName
+dNSHostName: MACHINE.DNSDOMAIN
+-
+
+dn: CN=NTDS Site Settings,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,BASEDN
+changetype: modify
+replace: interSiteTopologyGenerator
+interSiteTopologyGenerator: CN=NTDS Settings,CN=MACHINE,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,BASEDN
+-
+
+dn: CN=MACHINE,OU=Domain Controllers,BASEDN
+changetype: modify
+replace: servicePrincipalName
+servicePrincipalName: GC/MACHINE.DNSDOMAIN/DNSDOMAIN
+servicePrincipalName: HOST/MACHINE/NETBIOSDOMAIN
+servicePrincipalName: ldap/MACHINE/NETBIOSDOMAIN
+servicePrincipalName: ldap/MACHINE.DNSDOMAIN/ForestDnsZones.DNSDOMAIN
+servicePrincipalName: ldap/MACHINE.DNSDOMAIN/DomainDnsZones.DNSDOMAIN
+servicePrincipalName: DNS/MACHINE.DNSDOMAIN
+servicePrincipalName: RestrictedKrbHost/MACHINE.DNSDOMAIN
+servicePrincipalName: RestrictedKrbHost/MACHINE
+servicePrincipalName: HOST/MACHINE.DNSDOMAIN/NETBIOSDOMAIN
+servicePrincipalName: HOST/MACHINE
+servicePrincipalName: HOST/MACHINE.DNSDOMAIN
+servicePrincipalName: HOST/MACHINE.DNSDOMAIN/DNSDOMAIN
+servicePrincipalName: ldap/MACHINE.DNSDOMAIN/NETBIOSDOMAIN
+servicePrincipalName: ldap/MACHINE
+servicePrincipalName: ldap/MACHINE.DNSDOMAIN
+servicePrincipalName: ldap/MACHINE.DNSDOMAIN/DNSDOMAIN
+servicePrincipalName: E3514235-4B06-11D1-AB04-00C04FC2DCD2/NTDSGUID/DNSDOMAIN
+servicePrincipalName: ldap/NTDSGUID._msdcs.DNSDOMAIN
+servicePrincipalName: Dfsr-12F9A27C-BF97-4787-9364-D31B6C55EB04/MACHINE.DNSDOMAIN
+servicePrincipalName: NtFrs-88f5d2bd-b646-11d2-a6d3-00c04fc9b232/MACHINE.DNSDOMAIN
+-
diff --git a/source4/scripting/devel/drs/named.conf.ad.template b/source4/scripting/devel/drs/named.conf.ad.template
new file mode 100644
index 0000000000..071c98ccf8
--- /dev/null
+++ b/source4/scripting/devel/drs/named.conf.ad.template
@@ -0,0 +1,6 @@
+zone "DNSDOMAIN" IN {
+     type forward;
+     forwarders {
+                SERVERIP;
+     };
+};
diff --git a/source4/scripting/devel/drs/revampire_ad.sh b/source4/scripting/devel/drs/revampire_ad.sh
new file mode 100755
index 0000000000..522601c87e
--- /dev/null
+++ b/source4/scripting/devel/drs/revampire_ad.sh
@@ -0,0 +1,23 @@
+#!/bin/bash
+
+set -x
+
+. `dirname $0`/vars
+
+`dirname $0`/vampire_ad.sh || exit 1
+
+ntds_guid=$(sudo bin/ldbsearch -H $PREFIX/private/sam.ldb -b "CN=NTDS Settings,CN=$machine,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,$dn" objectGUID|grep ^objectGUID| awk '{print $2}')
+
+cp $PREFIX/private/$DNSDOMAIN.zone{.template,}
+sed -i "s/NTDSGUID/$ntds_guid/g" $PREFIX/private/$DNSDOMAIN.zone
+cp $PREFIX/private/named.conf{.local,}
+sudo rndc reconfig
+fsmotmp=`mktemp fsmo.ldif.XXXXXXXXX`
+cp `dirname $0`/fsmo.ldif.template $fsmotmp
+sed -i "s/NTDSGUID/$ntds_guid/g" $fsmotmp
+sed -i "s/MACHINE/$machine/g" $fsmotmp
+sed -i "s/DNSDOMAIN/$DNSDOMAIN/g" $fsmotmp
+sed -i "s/BASEDN/$dn/g" $fsmotmp
+sed -i "s/NETBIOSDOMAIN/$workgroup/g" $fsmotmp
+sudo bin/ldbmodify -H $PREFIX/private/sam.ldb $fsmotmp
+rm $fsmotmp
diff --git a/source4/scripting/devel/drs/unvampire_ad.sh b/source4/scripting/devel/drs/unvampire_ad.sh
new file mode 100755
index 0000000000..f44edafee7
--- /dev/null
+++ b/source4/scripting/devel/drs/unvampire_ad.sh
@@ -0,0 +1,12 @@
+#!/bin/bash
+
+set -x
+
+. `dirname $0`/vars
+
+
+$PREFIX/bin/ldbdel -H ldap://$server.$DNSDOMAIN -U$workgroup/administrator%$pass "CN=$machine,CN=Computers,$dn"
+$PREFIX/bin/ldbdel -H ldap://$server.$DNSDOMAIN -U$workgroup/administrator%$pass "CN=$machine,OU=Domain Controllers,$dn"
+$PREFIX/bin/ldbdel -H ldap://$server.$DNSDOMAIN -U$workgroup/administrator%$pass "CN=NTDS Settings,CN=$machine,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,$dn"
+$PREFIX/bin/ldbdel -H ldap://$server.$DNSDOMAIN -U$workgroup/administrator%$pass "CN=$machine,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,$dn"
+rm -f $PREFIX/private/*.ldb
diff --git a/source4/scripting/devel/drs/vampire_ad.sh b/source4/scripting/devel/drs/vampire_ad.sh
new file mode 100755
index 0000000000..3843388a47
--- /dev/null
+++ b/source4/scripting/devel/drs/vampire_ad.sh
@@ -0,0 +1,16 @@
+#!/bin/bash
+
+set -x
+
+. `dirname $0`/vars
+
+namedtmp=`mktemp named.conf.ad.XXXXXXXXX`
+cp `dirname $0`/named.conf.ad.template $namedtmp
+sed -i "s/DNSDOMAIN/$DNSDOMAIN/g" $namedtmp
+sed -i "s/SERVERIP/$server_ip/g" $namedtmp
+chmod a+r $namedtmp
+mv $namedtmp $PREFIX/private/named.conf
+sudo rndc reconfig
+`dirname $0`/unvampire_ad.sh
+sudo $PREFIX/bin/net vampire $DNSDOMAIN -Uadministrator%$pass -s $PREFIX/etc/smb.conf -d2 || exit 1
+PRIVATEDIR=$PREFIX/private sudo -E scripting/bin/setup_dns.sh $machine $DNSDOMAIN $machine_ip || exit 1
diff --git a/source4/scripting/devel/drs/vars b/source4/scripting/devel/drs/vars
new file mode 100644
index 0000000000..e1fe53c61a
--- /dev/null
+++ b/source4/scripting/devel/drs/vars
@@ -0,0 +1,11 @@
+DNSDOMAIN=ad.samba.example.com
+PREFIX="/data/samba/samba4/prefix.ad"
+export PYTHONPATH=$PYTHONPATH:$PREFIX/lib/python2.6/site-packages
+pass="penguin"
+machine="ruth"
+machine_ip="192.168.122.1"
+workgroup=adruth
+dn="DC=ad,DC=samba,DC=example,DC=com"
+server=win2008-1
+server_ip=192.168.122.53
+
-- 
cgit 


From b41290c10dc3e6c783b7a51477be903d202ed074 Mon Sep 17 00:00:00 2001
From: Andrew Tridgell <tridge@samba.org>
Date: Thu, 15 Oct 2009 08:49:21 +1100
Subject: s4-devel: for devel scripts its better to use bin/ than $PREFIX/bin

This avoids having to do make install after each change when using the
drs devel scripts
---
 source4/scripting/devel/drs/unvampire_ad.sh | 8 ++++----
 source4/scripting/devel/drs/vampire_ad.sh   | 5 +++--
 2 files changed, 7 insertions(+), 6 deletions(-)

(limited to 'source4/scripting/devel')

diff --git a/source4/scripting/devel/drs/unvampire_ad.sh b/source4/scripting/devel/drs/unvampire_ad.sh
index f44edafee7..e4b9dccf1a 100755
--- a/source4/scripting/devel/drs/unvampire_ad.sh
+++ b/source4/scripting/devel/drs/unvampire_ad.sh
@@ -5,8 +5,8 @@ set -x
 . `dirname $0`/vars
 
 
-$PREFIX/bin/ldbdel -H ldap://$server.$DNSDOMAIN -U$workgroup/administrator%$pass "CN=$machine,CN=Computers,$dn"
-$PREFIX/bin/ldbdel -H ldap://$server.$DNSDOMAIN -U$workgroup/administrator%$pass "CN=$machine,OU=Domain Controllers,$dn"
-$PREFIX/bin/ldbdel -H ldap://$server.$DNSDOMAIN -U$workgroup/administrator%$pass "CN=NTDS Settings,CN=$machine,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,$dn"
-$PREFIX/bin/ldbdel -H ldap://$server.$DNSDOMAIN -U$workgroup/administrator%$pass "CN=$machine,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,$dn"
+bin/ldbdel -H ldap://$server.$DNSDOMAIN -U$workgroup/administrator%$pass "CN=$machine,CN=Computers,$dn"
+bin/ldbdel -H ldap://$server.$DNSDOMAIN -U$workgroup/administrator%$pass "CN=$machine,OU=Domain Controllers,$dn"
+bin/ldbdel -H ldap://$server.$DNSDOMAIN -U$workgroup/administrator%$pass "CN=NTDS Settings,CN=$machine,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,$dn"
+bin/ldbdel -H ldap://$server.$DNSDOMAIN -U$workgroup/administrator%$pass "CN=$machine,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,$dn"
 rm -f $PREFIX/private/*.ldb
diff --git a/source4/scripting/devel/drs/vampire_ad.sh b/source4/scripting/devel/drs/vampire_ad.sh
index 3843388a47..baba02d5ac 100755
--- a/source4/scripting/devel/drs/vampire_ad.sh
+++ b/source4/scripting/devel/drs/vampire_ad.sh
@@ -9,8 +9,9 @@ cp `dirname $0`/named.conf.ad.template $namedtmp
 sed -i "s/DNSDOMAIN/$DNSDOMAIN/g" $namedtmp
 sed -i "s/SERVERIP/$server_ip/g" $namedtmp
 chmod a+r $namedtmp
-mv $namedtmp $PREFIX/private/named.conf
+mv -f $namedtmp $PREFIX/private/named.conf
 sudo rndc reconfig
 `dirname $0`/unvampire_ad.sh
-sudo $PREFIX/bin/net vampire $DNSDOMAIN -Uadministrator%$pass -s $PREFIX/etc/smb.conf -d2 || exit 1
+sudo bin/net vampire $DNSDOMAIN -Uadministrator%$pass -s $PREFIX/etc/smb.conf -d2 || exit 1
 PRIVATEDIR=$PREFIX/private sudo -E scripting/bin/setup_dns.sh $machine $DNSDOMAIN $machine_ip || exit 1
+sudo rndc flush
-- 
cgit