[PATCH] samba-tools: add computer subcommand

Andrew Bartlett abartlet at samba.org
Thu Feb 8 20:33:49 UTC 2018 

On Thu, 2018-02-08 at 10:00 +0100, Bjoern Baumbach via samba-technical
wrote:
> Hi!
> 
> On 02/08/2018 12:18 AM, Andrew Bartlett wrote:
> > Any chance you could help out and cut it down for him?  I would be
> > great to have a hand getting this in.
> 
> I've nearly completed the computer subcommand. I'm just working on the
> tests.

If you could include this patch from Joe's set:
[PATCH 11/12] samba-tools/computer: create and remove DNS records for
 computer

It would be most appreciated.  That part is what started us down this
journey.  We don't often talk about why we want to change something in
Samba, but in this case the request was to allow a machine to be joined
to an RODC by pre-creating an account with a known password and with
the DNS records pre-configured. 

The idea is that the administrator could then run something like this
script on the windows machine:

https://jorgequestforknowledge.wordpress.com/2009/01/01/domain-join-through-an-rodc-instead-of-an-rwdc/

> > Originally this task started as the create/delete task, and in
> > hindsight that much should have been proposed for comment first. 
> 
> This is the current set:
> 
> # bin/samba-tool computer
> Usage: samba-tool computer <subcommand>
> 
> Computer management.
> 
> Options:
>   -h, --help  show this help message and exit
> 
> Available subcommands:
>   create  - Create a new computer.
>   delete  - Delete a computer.
>   list    - List all computers.
>   move    - Move an computer to an organizational unit/container.
>   show    - Display an computer AD object.
> For more help on a specific subcommand, please type: samba-tool computer
> <subcommand> (-h|--help)
> 
> > The challenge was that simple re-direction didn't work (confusing help,
> > trailing $) and suddenly this became a big cut/paste job. 
> 
> Yes, I thought some time about the trailing-$ issue. I decided to make
> this (magically) optional:
> 
> The list command lists the whole sAMAccountName, e.g. pc1$.
> 
> If you use create pc1, it will create pc1$. If you create pc$, it will
> also create pc$. If you try to create pc$$, it will throw an error,
> becuase pc$$ is also not allowed by the windows RSAT tools.

Nice.  Thanks for thinking about this.

> The move command works like the move command in the user, computer and
> OU sub command, which I've provided on January 25th. In the computer sub
> command also with or without the trailing $.

Thanks!

Andrew Bartlett

-- 
Andrew Bartlett
https://samba.org/~abartlet/
Authentication Developer, Samba Team         https://samba.org
Samba Development and Support, Catalyst IT   
https://catalyst.net.nz/services/samba

More information about the samba-technical mailing list