From e4797c1622181203cf167c5b171a47137ffbb2b1 Mon Sep 17 00:00:00 2001
From: Amitay Isaacs <amitay@gmail.com>
Date: Mon, 27 May 2013 12:37:20 +1000
Subject: [PATCH 1/2] samba-tool/dns: Set secure zone update flag after
 creating new zone

Windows DC ignores the secure update flag while creating new zone.  Windows
performs another operation to set the secure update flag.

Signed-off-by: Amitay Isaacs <amitay@gmail.com>
(cherry picked from commit 05578dcdbfa1734ae7bafb70859a76f4cd2a023d)
---
 python/samba/netcmd/dns.py | 12 +++++++++---
 1 file changed, 9 insertions(+), 3 deletions(-)

diff --git a/python/samba/netcmd/dns.py b/python/samba/netcmd/dns.py
index c00d17a..7754af6 100644
--- a/python/samba/netcmd/dns.py
+++ b/python/samba/netcmd/dns.py
@@ -852,14 +852,12 @@ class cmd_zonecreate(Command):
             zone_create_info = dnsserver.DNS_RPC_ZONE_CREATE_INFO_W2K()
             zone_create_info.pszZoneName = zone
             zone_create_info.dwZoneType = dnsp.DNS_ZONE_TYPE_PRIMARY
-            zone_create_info.fAllowUpdate = dnsp.DNS_ZONE_UPDATE_SECURE
             zone_create_info.fAging = 0
         elif client_version == dnsserver.DNS_CLIENT_VERSION_DOTNET:
             typeid = dnsserver.DNSSRV_TYPEID_ZONE_CREATE_DOTNET
             zone_create_info = dnsserver.DNS_RPC_ZONE_CREATE_INFO_DOTNET()
             zone_create_info.pszZoneName = zone
             zone_create_info.dwZoneType = dnsp.DNS_ZONE_TYPE_PRIMARY
-            zone_create_info.fAllowUpdate = dnsp.DNS_ZONE_UPDATE_SECURE
             zone_create_info.fAging = 0
             zone_create_info.dwDpFlags = dnsserver.DNS_DP_DOMAIN_DEFAULT
         else:
@@ -867,13 +865,21 @@ class cmd_zonecreate(Command):
             zone_create_info = dnsserver.DNS_RPC_ZONE_CREATE_INFO_LONGHORN()
             zone_create_info.pszZoneName = zone
             zone_create_info.dwZoneType = dnsp.DNS_ZONE_TYPE_PRIMARY
-            zone_create_info.fAllowUpdate = dnsp.DNS_ZONE_UPDATE_SECURE
             zone_create_info.fAging = 0
             zone_create_info.dwDpFlags = dnsserver.DNS_DP_DOMAIN_DEFAULT
 
         res = dns_conn.DnssrvOperation2(client_version, 0, server, None,
                                         0, 'ZoneCreate', typeid,
                                         zone_create_info)
+
+        typeid = dnsserver.DNSSRV_TYPEID_NAME_AND_PARAM
+        name_and_param = dnsserver.DNS_RPC_NAME_AND_PARAM()
+        name_and_param.pszNodeName = 'AllowUpdate'
+        name_and_param.dwParam = dnsp.DNS_ZONE_UPDATE_SECURE
+
+        res = dns_conn.DnssrvOperation2(client_version, 0, server, zone,
+                                        0, 'ResetDwordProperty', typeid,
+                                        name_and_param)
         self.outf.write('Zone %s created successfully\n' % zone)
 
 
-- 
1.8.3.4