The Samba-Bugzilla – Attachment 9210 Details for
Bug 9091
When replicating DNS for bind9_dlz we need to create the server-DNS account remotely
Home
|
New
|
Browse
|
Search
|
[?]
|
Reports
|
Requests
|
Help
|
New Account
|
Log In
[x]
|
Forgot Password
Login:
[x]
[patch]
Create dns account disabled
38_fix_domain_join (text/plain), 2.35 KB, created by
Samuel Cabrero
on 2013-09-12 20:28:29 UTC
(
hide
)
Description:
Create dns account disabled
Filename:
MIME Type:
Creator:
Samuel Cabrero
Created:
2013-09-12 20:28:29 UTC
Size:
2.35 KB
patch
obsolete
>Index: samba4-4.1.0rc3/python/samba/join.py >=================================================================== >--- samba4-4.1.0rc3.orig/python/samba/join.py 2013-09-06 11:39:57.000000000 +0200 >+++ samba4-4.1.0rc3/python/samba/join.py 2013-09-12 19:39:57.811534315 +0200 >@@ -606,15 +606,18 @@ > "DNSNAME" : ctx.dnshostname})) > for changetype, msg in recs: > assert changetype == ldb.CHANGETYPE_NONE >+ dns_acct_dn = msg["dn"] > print "Adding DNS account %s with dns/ SPN" % msg["dn"] > > # Remove dns password (we will set it as a modify, as we can't do clearTextPassword over LDAP) > del msg["clearTextPassword"] > # Remove isCriticalSystemObject for similar reasons, it cannot be set over LDAP > del msg["isCriticalSystemObject"] >+ # Disable account until password is set >+ msg["userAccountControl"] = str(samba.dsdb.UF_NORMAL_ACCOUNT | >+ samba.dsdb.UF_ACCOUNTDISABLE) > try: > ctx.samdb.add(msg) >- dns_acct_dn = msg["dn"] > except ldb.LdbError, (num, _): > if num != ldb.ERR_ENTRY_ALREADY_EXISTS: > raise >@@ -624,7 +627,7 @@ > # connections which are hard to set up and otherwise refuse with > # ERR_UNWILLING_TO_PERFORM. In this case we fall back to libnet > # over SAMR. >- print "Setting account password for %s" % ctx.samname >+ print "Setting account password for dns-%s" % ctx.myname > try: > ctx.samdb.setpassword("(&(objectClass=user)(samAccountName=dns-%s))" > % ldb.binary_encode(ctx.myname), >@@ -633,8 +636,8 @@ > username=ctx.samname) > except ldb.LdbError, (num, _): > if num != ldb.ERR_UNWILLING_TO_PERFORM: >- pass >- ctx.net.set_password(account_name="dns-" % ctx.myname, >+ raise >+ ctx.net.set_password(account_name="dns-%s" % ctx.myname, > domain_name=ctx.domain_name, > newpassword=ctx.dnspass) >
You cannot view the attachment while viewing its details because your browser does not support IFRAMEs.
View the attachment on a separate page
.
View Attachment As Raw
Flags:
abartlet
:
review-
Actions:
View
Attachments on
bug 9091
:
8371
|
9185
|
9188
|
9189
|
9210
|
9361
|
9362