[Samba] samba4.1 RODC with BIND as DNS backend
Andrew Bartlett
abartlet at samba.org
Mon Nov 18 23:02:19 MST 2013
On Mon, 2013-11-18 at 23:59 -0500, Michael Brown wrote:
> On 13-11-18 05:23 PM, Michael Brown wrote:
> > On 13-11-18 04:38 PM, Michael Brown wrote:
> >> I'm guessing that this may have to do with the fact that this is an
> >> RODC?
> > Looks like I'm probably right.
> >
> > I just dcpromo'ed a Windows RODC into the environment and it didn't
> > add entries into gc._msdcs.
> Further to that, how do people feel about:
>
> --- samba_dnsupdate.DIST 2013-11-18 23:12:09.000000000 -0500
> +++ samba_dnsupdate 2013-11-18 23:53:11.000000000 -0500
> @@ -168,7 +168,11 @@
> """parse a DNS line from."""
> if line.startswith("SRV _ldap._tcp.pdc._msdcs.") and not
> samdb.am_pdc():
> if opts.verbose:
> - print "Skipping PDC entry (%s) as we are not a PDC" % line
> + print "Skipping PDC entry (%s) as we are not a PDC" % '
> '.join(line.split())
> + return None
> + if line.split()[1] == "gc._msdcs.${DNSFOREST}" and samdb.am_rodc():
> + if opts.verbose:
> + print "Skipping GC entry (%s) as we are a RODC" % '
> '.join(line.split())
> return None
> subline = samba.substitute_var(line, sub_vars)
> return dnsobj(subline)
> @@ -451,9 +455,20 @@
> sub_vars = {}
> else:
> samdb = SamDB(url=lp.samdb_url(), session_info=system_session(),
> lp=lp)
> + if opts.verbose:
> + print "This server is %s" % \
> + { (False,False): "not a PDC emulator or RODC",
> + (True, False): "a PDC emulator",
> + (False,True) : "an RODC",
> + (True, True) : "a PDC emulator and RODC (impossible?)"}\
> + [samdb.am_pdc(),samdb.am_rodc()]
>
> # get the substitution dictionary
> sub_vars = get_subst_vars(samdb)
> + if opts.verbose:
> + print "Substitution variables:"
> + for k,v in sub_vars.items():
> + print " %s: %s" % (k,v)
>
> # build up a list of update commands to pass to nsupdate
> update_list = []
I like it very much. I assume you tested it and it fixes the issue?
If so, can you post it as a 'git format-patch -1' formatted patch so I
can review it and get it into master?
Thanks,
Andrew Bartlett
--
Andrew Bartlett http://samba.org/~abartlet/
Authentication Developer, Samba Team http://samba.org
More information about the samba
mailing list