[PATCH][WIP] Create DC DNS entires at domain join

[Andrew Bartlett]

G'Day,

Just as with the domain member join, the DC join really should create
the essential DNS entries at join time.

This should make it easier for folks to get DNS working and fully
replicated, by ensuring the entry isn't written to the local DC (that
nobody else knows how to contact). 

The attached patch does exactly that, in this case using the dnsrpc
protocol.

I chose the dnsserver RPC protocol because:
 - I don't want to race with the replication of the machine account to
the KDC (which might not be the server I'm joining).  Instead we will
change the owner over LDAP
 - Direct LDAP or DsAddEntry injection wouldn't update the sequence
number
 - shelling to nsupdate isn't reliable
 - We still don't have great bindings for secure DNS updates in python

I need to finish the owner change part, and write the dns_update_cache,
but we do successfully create the DNS records and re-sync the database.
 This should make Samba DCs a little more reliable from the moment they
start.

Comment welcome.

Thanks,

Andrew Bartlett 
-------------- next part --------------
A non-text attachment was scrubbed...
Name: 0001-TODO-Add-DNS-records-at-domain-join-time.patch
Type: text/x-patch
Size: 7023 bytes
Desc: not available
URL: <http://lists.samba.org/pipermail/samba-technical/attachments/20170224/a03e8427/0001-TODO-Add-DNS-records-at-domain-join-time.bin>