[SCM] Samba Shared Repository - branch master updated
Kai Blin
kai at samba.org
Mon Oct 17 01:52:02 MDT 2011
The branch, master has been updated
via 8c07686 s4 provision: DNS backend should be set by caller
via d58f266 s4 provision/dns: Clean up os level handling
via 6382721 s4 provision/dns: Clean up backend handling
via b42b812 s4 provision: Default to win2k3 domain function level
via 41d4862 s4 provision: Reword opinionated dns backend help text, add NONE backend
via 292554c s4 provision: Rename bind9 flatfile backend to BIND9_FLATFILE
from 009b97d provision: fix the doc
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master
- Log -----------------------------------------------------------------
commit 8c076862ad0b1b14bb6addef323c5678368051af
Author: Kai Blin <kai at samba.org>
Date: Sat Oct 15 13:54:45 2011 +0200
s4 provision: DNS backend should be set by caller
Autobuild-User: Kai Blin <kai at samba.org>
Autobuild-Date: Mon Oct 17 09:51:12 CEST 2011 on sn-devel-104
commit d58f266d19750484b72ad0e18de3e83c88e81169
Author: Kai Blin <kai at samba.org>
Date: Sat Oct 15 13:52:57 2011 +0200
s4 provision/dns: Clean up os level handling
commit 6382721ce0559bd60a9abd08b0a9353db9f7d731
Author: Kai Blin <kai at samba.org>
Date: Sat Oct 15 13:48:28 2011 +0200
s4 provision/dns: Clean up backend handling
commit b42b81249c5f6006e743b186a3d58a3763aeabe8
Author: Kai Blin <kai at samba.org>
Date: Sat Oct 15 12:36:50 2011 +0200
s4 provision: Default to win2k3 domain function level
commit 41d48626e24324c726793856c3c907c0dd89f3a1
Author: Kai Blin <kai at samba.org>
Date: Sat Oct 15 12:27:55 2011 +0200
s4 provision: Reword opinionated dns backend help text, add NONE backend
commit 292554c396d0a848bb73423e08a5f30eba1d4907
Author: Kai Blin <kai at samba.org>
Date: Sat Oct 15 12:17:14 2011 +0200
s4 provision: Rename bind9 flatfile backend to BIND9_FLATFILE
-----------------------------------------------------------------------
Summary of changes:
source4/scripting/python/samba/join.py | 6 ++-
.../scripting/python/samba/provision/__init__.py | 8 +---
.../scripting/python/samba/provision/sambadns.py | 41 ++++++++++++--------
source4/scripting/python/samba/upgrade.py | 8 +++-
source4/scripting/python/samba/upgradehelpers.py | 3 +-
source4/setup/provision | 16 ++++++--
6 files changed, 52 insertions(+), 30 deletions(-)
Changeset truncated at 500 lines:
diff --git a/source4/scripting/python/samba/join.py b/source4/scripting/python/samba/join.py
index 731f0b5..6a8ac97 100644
--- a/source4/scripting/python/samba/join.py
+++ b/source4/scripting/python/samba/join.py
@@ -584,7 +584,8 @@ class dc_join(object):
serverdn=ctx.server_dn, domain=ctx.domain_name,
hostname=ctx.myname, domainsid=ctx.domsid,
machinepass=ctx.acct_pass, serverrole="domain controller",
- sitename=ctx.site, lp=ctx.lp, ntdsguid=ctx.ntds_guid)
+ sitename=ctx.site, lp=ctx.lp, ntdsguid=ctx.ntds_guid,
+ dns_backend="NONE")
print "Provision OK for domain DN %s" % presult.domaindn
ctx.local_samdb = presult.samdb
ctx.lp = presult.lp
@@ -622,7 +623,8 @@ class dc_join(object):
domainguid=domguid,
targetdir=ctx.targetdir, samdb_fill=FILL_SUBDOMAIN,
machinepass=ctx.acct_pass, serverrole="domain controller",
- lp=ctx.lp, hostip=ctx.names.hostip, hostip6=ctx.names.hostip6)
+ lp=ctx.lp, hostip=ctx.names.hostip, hostip6=ctx.names.hostip6,
+ dns_backend="BIND9_FLATFILE")
print("Provision OK for domain %s" % ctx.names.dnsdomain)
diff --git a/source4/scripting/python/samba/provision/__init__.py b/source4/scripting/python/samba/provision/__init__.py
index a3633ab..5e7e374 100644
--- a/source4/scripting/python/samba/provision/__init__.py
+++ b/source4/scripting/python/samba/provision/__init__.py
@@ -1625,10 +1625,6 @@ def provision_fill(samdb, secrets_ldb, logger, names, paths,
dnsdomain=names.dnsdomain,
dns_keytab_path=paths.dns_keytab, dnspass=dnspass)
- # Default DNS backend is BIND9 using txt files for zone information
- if not dns_backend:
- dns_backend = "BIND9"
-
setup_ad_dns(samdb, names, logger, hostip=hostip, hostip6=hostip6,
dns_backend=dns_backend, os_level=dom_for_fun_level)
@@ -1640,7 +1636,7 @@ def provision_fill(samdb, secrets_ldb, logger, names, paths,
# Only make a zone file on the first DC, it should be
# replicated with DNS replication
- if dns_backend == "BIND9":
+ if dns_backend == "BIND9_FLATFILE":
create_zone_file(lp, logger, paths, targetdir,
dnsdomain=names.dnsdomain, hostip=hostip, hostip6=hostip6,
hostname=names.hostname, realm=names.realm,
@@ -2127,7 +2123,7 @@ def create_named_conf(paths, realm, dnsdomain, dns_backend):
:param keytab_name: File name of DNS keytab file
"""
- if dns_backend == "BIND9":
+ if dns_backend == "BIND9_FLATFILE":
setup_file(setup_path("named.conf"), paths.namedconf, {
"DNSDOMAIN": dnsdomain,
"REALM": realm,
diff --git a/source4/scripting/python/samba/provision/sambadns.py b/source4/scripting/python/samba/provision/sambadns.py
index 37da596..080a6f2 100644
--- a/source4/scripting/python/samba/provision/sambadns.py
+++ b/source4/scripting/python/samba/provision/sambadns.py
@@ -445,32 +445,43 @@ def add_dc_msdcs_records(samdb, forestdn, prefix, site, dnsforest, hostname,
add_cname_record(samdb, forest_container_dn, "DC=%s" % ntdsguid, fqdn_hostname)
-def setup_ad_dns(samdb, names, logger, hostip=None, hostip6=None, dns_backend=None,
- os_level=None):
+def is_valid_dns_backend(dns_backend):
+ return dns_backend in ("BIND9_FLATFILE", "BIND9_DLZ", "SAMBA_INTERNAL", "NONE")
+
+
+def is_valid_os_level(os_level):
+ return DS_DOMAIN_FUNCTION_2000 <= os_level <= DS_DOMAIN_FUNCTION_2008_R2
+
+
+def setup_ad_dns(samdb, names, logger, dns_backend, os_level, hostip=None,
+ hostip6=None,):
"""Provision DNS information (assuming GC role)
:param samdb: LDB object connected to sam.ldb file
:param names: Names shortcut
:param logger: Logger object
- :param hostip: IPv4 address
- :param hostip6: IPv6 address
:param dns_backend: Type of DNS backend
:param os_level: Functional level (treated as os level)
+ :param hostip: IPv4 address
+ :param hostip6: IPv6 address
"""
- if dns_backend is None:
- dns_backend = "BIND9"
- logger.info("Assuming bind9 DNS server backend")
+ if not is_valid_dns_backend(dns_backend):
+ raise Exception("Invalid dns backend: %r" % dns_backend)
+
+ if not is_valid_os_level(os_level):
+ raise Exception("Invalid os level: %r" % os_level)
- # If dns_backend is BIND9
+ if dns_backend is "NONE":
+ logger.info("No DNS backend set, not configuring DNS")
+ return
+
+ # If dns_backend is BIND9_FLATFILE
# Populate only CN=MicrosoftDNS,CN=System,<DOMAINDN>
#
- # If dns_backend is SAMBA or BIND9_DLZ
+ # If dns_backend is SAMBA_INTERNAL or BIND9_DLZ
# Populate DNS partitions
- if os_level is None:
- os_level = DS_DOMAIN_FUNCTION_2003
-
# If os_level < 2003 (DS_DOMAIN_FUNCTION_2000)
# All dns records are in CN=MicrosoftDNS,CN=System,<DOMAINDN>
#
@@ -514,10 +525,8 @@ def setup_ad_dns(samdb, names, logger, hostip=None, hostip6=None, dns_backend=No
add_dc_domain_records(samdb, domaindn, "CN=System", site, dnsdomain,
hostname, hostip, hostip6)
- elif (dns_backend == "SAMBA" or dns_backend == "BIND9_DLZ") and (
- os_level == DS_DOMAIN_FUNCTION_2003 or
- os_level == DS_DOMAIN_FUNCTION_2008 or
- os_level == DS_DOMAIN_FUNCTION_2008_R2):
+ elif dns_backend in ("SAMBA_INTERNAL", "BIND9_DLZ") and \
+ os_level >= DS_DOMAIN_FUNCTION_2003:
# Set up additional partitions (DomainDnsZones, ForstDnsZones)
logger.info("Creating DomainDnsZones and ForestDnsZones partitions")
diff --git a/source4/scripting/python/samba/upgrade.py b/source4/scripting/python/samba/upgrade.py
index b41ab77..07cb720 100644
--- a/source4/scripting/python/samba/upgrade.py
+++ b/source4/scripting/python/samba/upgrade.py
@@ -621,14 +621,20 @@ Please fix this account before attempting to upgrade again
logger.error(" %s" % str(sid))
raise ProvisioningError("Please remove duplicate sid entries before upgrade.")
+ if serverrole == "domain controller":
+ dns_backend = "BIND9_FLATFILE"
+ else:
+ dns_backend = "NONE"
+
# Do full provision
result = provision(logger, session_info, None,
targetdir=targetdir, realm=realm, domain=domainname,
domainsid=str(domainsid), next_rid=next_rid,
dc_rid=machinerid,
+ dom_for_fun_level=dsdb.DS_DOMAIN_FUNCTION_2003,
hostname=netbiosname, machinepass=machinepass,
serverrole=serverrole, samdb_fill=FILL_FULL,
- useeadb=useeadb)
+ useeadb=useeadb, dns_backend=dns_backend)
# Import WINS database
logger.info("Importing WINS database")
diff --git a/source4/scripting/python/samba/upgradehelpers.py b/source4/scripting/python/samba/upgradehelpers.py
index 9034140..043f629 100755
--- a/source4/scripting/python/samba/upgradehelpers.py
+++ b/source4/scripting/python/samba/upgradehelpers.py
@@ -256,6 +256,7 @@ def newprovision(names, creds, session, smbconf, provdir, logger):
shutil.rmtree(provdir)
os.mkdir(provdir)
logger.info("Provision stored in %s", provdir)
+ dns_backend="BIND9_FLATFILE"
provision(logger, session, creds, smbconf=smbconf,
targetdir=provdir, samdb_fill=FILL_FULL, realm=names.realm,
domain=names.domain, domainguid=names.domainguid,
@@ -268,7 +269,7 @@ def newprovision(names, creds, session, smbconf, provdir, logger):
serverrole="domain controller", ldap_backend_extra_port=None,
backend_type=None, ldapadminpass=None, ol_mmr_urls=None,
slapd_path=None, setup_ds_path=None, nosync=None,
- dom_for_fun_level=names.domainlevel,
+ dom_for_fun_level=names.domainlevel, dns_backend=dns_backend,
ldap_dryrun_mode=None, useeadb=True)
diff --git a/source4/setup/provision b/source4/setup/provision
index 9ddbccf..bae86ee 100755
--- a/source4/setup/provision
+++ b/source4/setup/provision
@@ -82,8 +82,11 @@ parser.add_option("--krbtgtpass", type="string", metavar="PASSWORD",
parser.add_option("--machinepass", type="string", metavar="PASSWORD",
help="choose machine password (otherwise random)")
parser.add_option("--dns-backend", type="choice", metavar="NAMESERVER-BACKEND",
- choices=["SAMBA", "BIND9", "BIND9_DLZ"],
- help="The DNS server backend. SAMBA is the builtin name server (experimental), BIND9 uses bind9 text database to store zone information (default), BIND9_DLZ uses samba4 AD to store zone information (recommended)")
+ choices=["SAMBA_INTERNAL", "BIND9_FLATFILE", "BIND9_DLZ", "NONE"],
+ help="The DNS server backend. SAMBA_INTERNAL is the builtin name server, " \
+ "BIND9_FLATFILE uses bind9 text database to store zone information (default), " \
+ "BIND9_DLZ uses samba4 AD to store zone information, " \
+ "NONE skips the DNS setup entirely (not recommended)")
parser.add_option("--dnspass", type="string", metavar="PASSWORD",
help="choose dns password (otherwise random)")
parser.add_option("--ldapadminpass", type="string", metavar="PASSWORD",
@@ -203,7 +206,7 @@ if server_role is None:
server_role = "domain controller"
if opts.function_level is None:
- dom_for_fun_level = None
+ dom_for_fun_level = DS_DOMAIN_FUNCTION_2003
elif opts.function_level == "2000":
dom_for_fun_level = DS_DOMAIN_FUNCTION_2000
elif opts.function_level == "2003":
@@ -213,6 +216,11 @@ elif opts.function_level == "2008":
elif opts.function_level == "2008_R2":
dom_for_fun_level = DS_DOMAIN_FUNCTION_2008_R2
+if opts.dns_backend is None:
+ dns_backend = "BIND9_FLATFILE"
+else:
+ dns_backend = opts.dns_backend
+
creds = credopts.get_credentials(lp)
creds.set_kerberos_state(DONT_USE_KERBEROS)
@@ -261,7 +269,7 @@ try:
ntdsguid=opts.ntds_guid,
invocationid=opts.invocationid, adminpass=opts.adminpass,
krbtgtpass=opts.krbtgtpass, machinepass=opts.machinepass,
- dns_backend=opts.dns_backend,
+ dns_backend=dns_backend,
dnspass=opts.dnspass, root=opts.root, nobody=opts.nobody,
wheel=opts.wheel, users=opts.users,
serverrole=server_role, dom_for_fun_level=dom_for_fun_level,
--
Samba Shared Repository
More information about the samba-cvs
mailing list