[PATCH] Use samba-tool to add DNS entries with samba_dnsupdate

Andrew Bartlett abartlet at samba.org
Sun Mar 1 18:00:49 MST 2015 

G'Day,

I've been asked by a client to help them rename a DC (in a reproducible,
scripted way to assist in creating a test clone of their production
network), and it turned out to be much more work than I ever imagined. 

I ended up rewriting samba_dnsupdate to use samba-tool when kinit fails.
This is important, because if you change (say with the renamedc script)
the host name, and the IP (because if you are moving to the test bench),
then Kerberos is the *last* thing that will work.

This uses NTLMSSP to one of the interface IP addresses.

Please review/comment/push!

Metze,

Why did you not add NS records to the dns_update_list?  Are we unable to
add those with dynamic DNS updates for some reason?  (If so, I'll make a
special case to force these to samba-tool). 

Andreas,

Can you explain why you couldn't use nsupdate in make test?  Either way,
I think this might unblock your work on resolv_wrapper.

Thanks,

Andrew Bartlett
-- 
Andrew Bartlett
http://samba.org/~abartlet/
Authentication Developer, Samba Team  http://samba.org
Samba Developer, Catalyst IT          http://catalyst.net.nz/services/samba



-------------- next part --------------
A non-text attachment was scrubbed...
Name: 0001-samba-tool-Add-P-to-options.CredentialsOptions.patch
Type: text/x-patch
Size: 3561 bytes
Desc: not available
URL: <http://lists.samba.org/pipermail/samba-technical/attachments/20150302/ae8c5b7f/attachment.bin>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: 0002-s4-lib-cmdline-Fix-help-for-P-machine-pass-this-no-l.patch
Type: text/x-patch
Size: 1445 bytes
Desc: not available
URL: <http://lists.samba.org/pipermail/samba-technical/attachments/20150302/ae8c5b7f/attachment-0001.bin>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: 0003-pygensec-Add-bindings-for-gensec_set_target_service-.patch
Type: text/x-patch
Size: 2428 bytes
Desc: not available
URL: <http://lists.samba.org/pipermail/samba-technical/attachments/20150302/ae8c5b7f/attachment-0002.bin>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: 0004-samba_dnsupdate-Add-a-mode-that-calls-samba-tool-dns.patch
Type: text/x-patch
Size: 9731 bytes
Desc: not available
URL: <http://lists.samba.org/pipermail/samba-technical/attachments/20150302/ae8c5b7f/attachment-0003.bin>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: 0005-dns_update_list-Add-in-NS-records.patch
Type: text/x-patch
Size: 1227 bytes
Desc: not available
URL: <http://lists.samba.org/pipermail/samba-technical/attachments/20150302/ae8c5b7f/attachment-0004.bin>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: 0006-selftest-Improve-renamedcs-test.patch
Type: text/x-patch
Size: 2063 bytes
Desc: not available
URL: <http://lists.samba.org/pipermail/samba-technical/attachments/20150302/ae8c5b7f/attachment-0005.bin>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: 0007-provision-Give-a-more-helpful-message-when-find_prov.patch
Type: text/x-patch
Size: 1431 bytes
Desc: not available
URL: <http://lists.samba.org/pipermail/samba-technical/attachments/20150302/ae8c5b7f/attachment-0006.bin>

More information about the samba-technical mailing list