The Samba-Bugzilla – Attachment 8098 Details for
Bug 9317
Cannot easily change to internal DNS server
Home
|
New
|
Browse
|
Search
|
[?]
|
Reports
|
Requests
|
Help
|
New Account
|
Log In
[x]
|
Forgot Password
Login:
[x]
[patch]
Patch from master for this issue
0001-dns_server-Try-and-use-the-dns-SERVER-account-if-we-.patch (text/plain), 3.53 KB, created by
Andrew Bartlett
on 2012-10-23 04:53:48 UTC
(
hide
)
Description:
Patch from master for this issue
Filename:
MIME Type:
Creator:
Andrew Bartlett
Created:
2012-10-23 04:53:48 UTC
Size:
3.53 KB
patch
obsolete
>From 83d34bb2bbcbc0ebbcb81825590363e996979e08 Mon Sep 17 00:00:00 2001 >From: Andrew Bartlett <abartlet@samba.org> >Date: Tue, 16 Oct 2012 15:08:30 +1100 >Subject: [PATCH] dns_server: Try and use the dns-SERVER account if we were > configured with it > >--- > source4/dns_server/dns_server.c | 61 +++++++++++++++++++++++++++++++---------- > 1 file changed, 47 insertions(+), 14 deletions(-) > >diff --git a/source4/dns_server/dns_server.c b/source4/dns_server/dns_server.c >index 8e25396..6824fef 100644 >--- a/source4/dns_server/dns_server.c >+++ b/source4/dns_server/dns_server.c >@@ -748,7 +748,11 @@ static void dns_task_init(struct task_server *task) > int ret; > struct ldb_result *res; > static const char * const attrs[] = { "name", NULL}; >+ static const char * const attrs_none[] = { NULL}; > unsigned int i; >+ struct ldb_message *dns_acc; >+ char *hostname_lower; >+ char *dns_spn; > > switch (lpcfg_server_role(task->lp_ctx)) { > case ROLE_STANDALONE: >@@ -787,29 +791,58 @@ static void dns_task_init(struct task_server *task) > return; > } > >- cli_credentials_set_conf(dns->server_credentials, task->lp_ctx); >- status = cli_credentials_set_machine_account(dns->server_credentials, task->lp_ctx); >- if (!NT_STATUS_IS_OK(status)) { >- task_server_terminate(task, >- talloc_asprintf(task, "Failed to obtain server credentials, perhaps a standalone server?: %s\n", >- nt_errstr(status)), >- true); >+ dns->samdb = samdb_connect(dns, dns->task->event_ctx, dns->task->lp_ctx, >+ system_session(dns->task->lp_ctx), 0); >+ if (!dns->samdb) { >+ task_server_terminate(task, "dns: samdb_connect failed", true); > return; > } > >+ cli_credentials_set_conf(dns->server_credentials, task->lp_ctx); >+ >+ hostname_lower = strlower_talloc(dns, lpcfg_netbios_name(task->lp_ctx)); >+ dns_spn = talloc_asprintf(dns, "DNS/%s.%s", >+ hostname_lower, >+ lpcfg_dnsdomain(task->lp_ctx)); >+ TALLOC_FREE(hostname_lower); >+ >+ ret = dsdb_search_one(dns->samdb, dns, &dns_acc, >+ ldb_get_default_basedn(dns->samdb), LDB_SCOPE_SUBTREE, >+ attrs_none, 0, "(servicePrincipalName=%s)", >+ dns_spn); >+ if (ret == LDB_SUCCESS) { >+ TALLOC_FREE(dns_acc); >+ if (!dns_spn) { >+ task_server_terminate(task, "dns: talloc_asprintf failed", true); >+ return; >+ } >+ status = cli_credentials_set_stored_principal(dns->server_credentials, task->lp_ctx, dns_spn); >+ if (!NT_STATUS_IS_OK(status)) { >+ task_server_terminate(task, >+ talloc_asprintf(task, "Failed to obtain server credentials for DNS, " >+ "despite finding it in the samdb! %s\n", >+ nt_errstr(status)), >+ true); >+ return; >+ } >+ } else { >+ TALLOC_FREE(dns_spn); >+ status = cli_credentials_set_machine_account(dns->server_credentials, task->lp_ctx); >+ if (!NT_STATUS_IS_OK(status)) { >+ task_server_terminate(task, >+ talloc_asprintf(task, "Failed to obtain server credentials, perhaps a standalone server?: %s\n", >+ nt_errstr(status)), >+ true); >+ return; >+ } >+ } >+ > dns->tkeys = tkey_store_init(dns, TKEY_BUFFER_SIZE); > if (!dns->tkeys) { > task_server_terminate(task, "Failed to allocate tkey storage\n", true); > return; > } > >- dns->samdb = samdb_connect(dns, dns->task->event_ctx, dns->task->lp_ctx, >- system_session(dns->task->lp_ctx), 0); >- if (!dns->samdb) { >- task_server_terminate(task, "dns: samdb_connect failed", true); >- return; >- } >- > // TODO: this search does not work against windows > ret = dsdb_search(dns->samdb, dns, &res, NULL, LDB_SCOPE_SUBTREE, > attrs, DSDB_SEARCH_SEARCH_ALL_PARTITIONS, "(objectClass=dnsZone)"); >-- >1.7.11.7 >
You cannot view the attachment while viewing its details because your browser does not support IFRAMEs.
View the attachment on a separate page
.
View Attachment As Raw
Flags:
abartlet
:
review?
(
kai
)
abartlet
:
review?
(
metze
)
obnox
:
review+
Actions:
View
Attachments on
bug 9317
: 8098