[SCM] Samba Shared Repository - branch master updated - tevent-0-9-8-181-gd26c42f
Andrew Tridgell
tridge at samba.org
Thu Sep 10 22:08:30 MDT 2009
The branch, master has been updated
via d26c42f5bfd212c18d53f439030fd830ecab2cf3 (commit)
via fdb8758e698e6df602b14ad7abe1152a2551e706 (commit)
via 294e7cd5665975e72142409cdf18ada3b46d266c (commit)
from bb6fda8a9a4ca85d2b56ff0b0f1d43943495ed31 (commit)
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master
- Log -----------------------------------------------------------------
commit d26c42f5bfd212c18d53f439030fd830ecab2cf3
Author: Andrew Tridgell <tridge at samba.org>
Date: Fri Sep 11 13:39:31 2009 +1000
s4/provision: add the nTDSDSA GUID based DNS entries and SPNs
The DNS entries and SPNs are needed for samba<->samba DRS
replication. This patch adds them for a standalone DC configure. A
separate patch will add them for the vampire configure
commit fdb8758e698e6df602b14ad7abe1152a2551e706
Author: Andrew Tridgell <tridge at samba.org>
Date: Thu Sep 10 23:03:07 2009 +1000
s4/drs: parentGUID needs to be specififcally asked for
Right now parentGUID is a normal attribute in s4, but it should be
generated, which means we need to ask for it in a search if we want to
use it.
commit 294e7cd5665975e72142409cdf18ada3b46d266c
Author: Andrew Tridgell <tridge at samba.org>
Date: Thu Sep 10 23:01:49 2009 +1000
s4/libcli: when we get a DNS lookup failure show the name
When tracking down complex connection problems its useful knowing what
name lookups failed.
-----------------------------------------------------------------------
Summary of changes:
source4/libcli/resolve/dns_ex.c | 2 +
source4/rpc_server/drsuapi/getncchanges.c | 3 +-
source4/scripting/python/samba/provision.py | 28 +++++++++++++++++--------
source4/setup/provision.zone | 5 +--
source4/setup/provision_self_join_modify.ldif | 6 +++++
5 files changed, 31 insertions(+), 13 deletions(-)
Changeset truncated at 500 lines:
diff --git a/source4/libcli/resolve/dns_ex.c b/source4/libcli/resolve/dns_ex.c
index 617b179..1b50372 100644
--- a/source4/libcli/resolve/dns_ex.c
+++ b/source4/libcli/resolve/dns_ex.c
@@ -371,6 +371,8 @@ static void pipe_handler(struct tevent_context *ev, struct tevent_fd *fde,
}
if (ret <= 0) {
+ DEBUG(3,("dns child failed to find name '%s' of type %s\n",
+ state->name.name, (state->flags & RESOLVE_NAME_FLAG_DNS_SRV)?"SRV":"A"));
composite_error(c, NT_STATUS_OBJECT_NAME_NOT_FOUND);
return;
}
diff --git a/source4/rpc_server/drsuapi/getncchanges.c b/source4/rpc_server/drsuapi/getncchanges.c
index 2d06970..3b908ff 100644
--- a/source4/rpc_server/drsuapi/getncchanges.c
+++ b/source4/rpc_server/drsuapi/getncchanges.c
@@ -169,6 +169,7 @@ WERROR dcesrv_drsuapi_DsGetNCChanges(struct dcesrv_call_state *dce_call, TALLOC_
struct drsuapi_DsReplicaObjectListItemEx *currentObject;
NTSTATUS status;
DATA_BLOB session_key;
+ const char *attrs[] = { "*", "parentGUID", NULL };
/*
* connect to the samdb. TODO: We need to check that the caller
@@ -209,7 +210,7 @@ WERROR dcesrv_drsuapi_DsGetNCChanges(struct dcesrv_call_state *dce_call, TALLOC_
/* Construct response. */
ncRoot_dn = ldb_dn_new(mem_ctx, sam_ctx, ncRoot->dn);
ret = drsuapi_search_with_extended_dn(sam_ctx, mem_ctx, &site_res,
- ncRoot_dn, LDB_SCOPE_SUBTREE, NULL,
+ ncRoot_dn, LDB_SCOPE_SUBTREE, attrs,
"(&(uSNChanged>=%llu)(objectClass=*))",
(unsigned long long)r->in.req->req8.highwatermark.highest_usn);
if (ret != LDB_SUCCESS) {
diff --git a/source4/scripting/python/samba/provision.py b/source4/scripting/python/samba/provision.py
index cb485c3..2495299 100644
--- a/source4/scripting/python/samba/provision.py
+++ b/source4/scripting/python/samba/provision.py
@@ -791,14 +791,23 @@ def setup_self_join(samdb, names,
"DNSDOMAIN": names.dnsdomain,
"DOMAINSID": str(domainsid),
"DOMAINDN": names.domaindn})
+
+ # add the NTDSGUID based SPNs
+ ntds_dn = "CN=NTDS Settings,CN=%s,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,%s" % (names.hostname, names.domaindn)
+ names.ntdsguid = samdb.searchone(basedn=ntds_dn, attribute="objectGUID",
+ expression="", scope=SCOPE_BASE)
+ assert isinstance(names.ntdsguid, str)
# Setup fSMORoleOwner entries to point at the newly created DC entry
setup_modify_ldif(samdb, setup_path("provision_self_join_modify.ldif"), {
+ "DOMAIN": names.domain,
"DOMAINDN": names.domaindn,
"CONFIGDN": names.configdn,
"SCHEMADN": names.schemadn,
"DEFAULTSITE": names.sitename,
- "SERVERDN": names.serverdn
+ "SERVERDN": names.serverdn,
+ "NETBIOSNAME": names.netbiosname,
+ "NTDSGUID": names.ntdsguid
})
@@ -980,6 +989,11 @@ def setup_samdb(path, setup_path, session_info, credentials, lp,
domainsid=domainsid, policyguid=policyguid,
setup_path=setup_path,
domainControllerFunctionality=domainControllerFunctionality)
+ # add the NTDSGUID based SPNs
+ ntds_dn = "CN=NTDS Settings,CN=%s,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,%s" % (names.hostname, names.domaindn)
+ names.ntdsguid = samdb.searchone(basedn=ntds_dn, attribute="objectGUID",
+ expression="", scope=SCOPE_BASE)
+ assert isinstance(names.ntdsguid, str)
except:
samdb.transaction_cancel()
@@ -1194,16 +1208,12 @@ def provision(setup_dir, message, session_info,
domainguid = samdb.searchone(basedn=domaindn, attribute="objectGUID")
assert isinstance(domainguid, str)
- hostguid = samdb.searchone(basedn=domaindn, attribute="objectGUID",
- expression="(&(objectClass=computer)(cn=%s))" % names.hostname,
- scope=SCOPE_SUBTREE)
- assert isinstance(hostguid, str)
create_zone_file(paths.dns, setup_path, dnsdomain=names.dnsdomain,
domaindn=names.domaindn, hostip=hostip,
hostip6=hostip6, hostname=names.hostname,
dnspass=dnspass, realm=names.realm,
- domainguid=domainguid, hostguid=hostguid)
+ domainguid=domainguid, ntdsguid=names.ntdsguid)
create_named_conf(paths.namedconf, setup_path, realm=names.realm,
dnsdomain=names.dnsdomain, private_dir=paths.private_dir)
@@ -1804,7 +1814,7 @@ def create_phpldapadmin_config(path, setup_path, ldapi_uri):
def create_zone_file(path, setup_path, dnsdomain, domaindn,
hostip, hostip6, hostname, dnspass, realm, domainguid,
- hostguid):
+ ntdsguid):
"""Write out a DNS zone file, from the info in the current database.
:param path: Path of the new zone file.
@@ -1817,7 +1827,7 @@ def create_zone_file(path, setup_path, dnsdomain, domaindn,
:param dnspass: Password for DNS
:param realm: Realm name
:param domainguid: GUID of the domain.
- :param hostguid: GUID of the host.
+ :param ntdsguid: GUID of the hosts nTDSDSA record.
"""
assert isinstance(domainguid, str)
@@ -1845,7 +1855,7 @@ def create_zone_file(path, setup_path, dnsdomain, domaindn,
"DOMAINGUID": domainguid,
"DATESTRING": time.strftime("%Y%m%d%H"),
"DEFAULTSITE": DEFAULTSITE,
- "HOSTGUID": hostguid,
+ "NTDSGUID": ntdsguid,
"HOSTIP6_BASE_LINE": hostip6_base_line,
"HOSTIP6_HOST_LINE": hostip6_host_line,
})
diff --git a/source4/setup/provision.zone b/source4/setup/provision.zone
index e7d600d..9e312dc 100644
--- a/source4/setup/provision.zone
+++ b/source4/setup/provision.zone
@@ -15,10 +15,10 @@ ${HOSTIP_BASE_LINE}
${HOSTIP6_HOST_LINE}
${HOSTIP_HOST_LINE}
gc._msdcs IN CNAME ${HOSTNAME}
-${HOSTGUID}._msdcs IN CNAME ${HOSTNAME}
+${NTDSGUID}._msdcs IN CNAME ${HOSTNAME}
;
; global catalog servers
-_gc._tcp IN SRV 0 100 3268 ${HOSTNAME}
+_gc._tcp IN SRV 2 100 3268 ${HOSTNAME}
_gc._tcp.${DEFAULTSITE}._sites IN SRV 0 100 3268 ${HOSTNAME}
_ldap._tcp.gc._msdcs IN SRV 0 100 389 ${HOSTNAME}
_ldap._tcp.${DEFAULTSITE}._sites.gc._msdcs IN SRV 0 100 389 ${HOSTNAME}
@@ -27,7 +27,6 @@ _ldap._tcp.${DEFAULTSITE}._sites.gc._msdcs IN SRV 0 100 389 ${HOSTNAME}
_ldap._tcp IN SRV 0 100 389 ${HOSTNAME}
_ldap._tcp.dc._msdcs IN SRV 0 100 389 ${HOSTNAME}
_ldap._tcp.pdc._msdcs IN SRV 0 100 389 ${HOSTNAME}
-_ldap._tcp.${DOMAINGUID} IN SRV 0 100 389 ${HOSTNAME}
_ldap._tcp.${DOMAINGUID}.domains._msdcs IN SRV 0 100 389 ${HOSTNAME}
_ldap._tcp.${DEFAULTSITE}._sites IN SRV 0 100 389 ${HOSTNAME}
_ldap._tcp.${DEFAULTSITE}._sites.dc._msdcs IN SRV 0 100 389 ${HOSTNAME}
diff --git a/source4/setup/provision_self_join_modify.ldif b/source4/setup/provision_self_join_modify.ldif
index 4ba291f..200fc6c 100644
--- a/source4/setup/provision_self_join_modify.ldif
+++ b/source4/setup/provision_self_join_modify.ldif
@@ -27,3 +27,9 @@ dn: CN=NTDS Site Settings,CN=${DEFAULTSITE},CN=Sites,${CONFIGDN}
changetype: modify
replace: interSiteTopologyGenerator
interSiteTopologyGenerator: CN=NTDS Settings,${SERVERDN}
+
+dn: CN=${NETBIOSNAME},OU=Domain Controllers,${DOMAINDN}
+changetype: modify
+add: servicePrincipalName
+servicePrincipalName: E3514235-4B06-11D1-AB04-00C04FC2DCD2/${NTDSGUID}/${DOMAIN}
+servicePrincipalName: ldap/${NTDSGUID}._msdcs.${DOMAIN}
--
Samba Shared Repository
More information about the samba-cvs
mailing list