[Samba] Looking for Python docs/examples to modify DNS via keytab

[Rowland Penny]

On Sat, 29 Jun 2024 22:10:12 -0700
christian baltini <christian.baltini at gmail.com> wrote:

> Hello Rowland, I see that and an trying to recreate the script logic
> line-by line in the terminal as a proof of understanding, but I am
> having some trouble.
> 
> Here is what I am trying:
> 
> “kinit administrator” - I then provide username and password,

You should just get prompted for the Administrator password, are you
doing this as root or with sudo ?

> and get
> /tmp/krb5cc_0 

That suggests it is being created by 'root', but what is in the ticket
? Have you run 'klist -c /tmp/krb5cc_0' ?

> – I understand this is equivalent what the script is
> generating with the exported keytab file, is this correct?

Very similar, just a different user.

> 
> I then try this just as a test command:
> 
> "samba-tool dns zonelist localhost --use-krb5-ccache=/tmp/krbcc_0”.
> (I get the same result with my server’s FQDN instead of “localhost”)

If you cut & pasted that command, there is a typo, it is '/tmp/krb5cc_0'

> 
> I have also tried setting the environment variable in the script like
> so “EXPORT KRB5CCNAME=/tmp/krb5cc_0"

But then, you seem to have got it right there.

> 
> Do you have any advice on what might not be working?

Your command works for myself.

> 
> I have confirmed everything working without the —use-krb5-ccache and
> supplying username and password does work
> 
> As for your question, I have not gotten that far yet : )

I would really think about this, there is no point in porting the
script unless you have something to trigger it. As far as I can see,
there are two options, use kea, but that is, in my opinion, like using
the worlds largest hydraulic press to crack a nut, or use dnsmasq just
as a dhcp server.

Rowland