Attachment 9361 Details for Bug 9091 – patches cherry-picked from master for 4.1

[patch] patches cherry-picked from master for 4.1

0001-s4-dns-dlz_bind9-Create-dns-HOSTNAME-account-disable.patch (text/plain), 2.86 KB, created by Andrew Bartlett on 2013-11-04 08:54:39 UTC

(hide)

Description:

Filename:

MIME Type:

Creator: Andrew Bartlett

Created: 2013-11-04 08:54:39 UTC

Size: 2.86 KB

patch

obsolete

>From b636eb2635a9e32769b06a6deb6a27418561f68d Mon Sep 17 00:00:00 2001
>From: Samuel Cabrero <scabrero@zentyal.com>
>Date: Thu, 24 Oct 2013 17:37:06 +0200
>Subject: [PATCH] s4-dns: dlz_bind9: Create dns-HOSTNAME account disabled
>
>Reviewed-by: Andrew Bartlett <abartlet@samba.org>
>
>Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
>Autobuild-Date(master): Fri Oct 25 00:39:21 CEST 2013 on sn-devel-104
>
>(cherry picked from commit d3aee80928dc7ccde9441309bf946c2503f7714a)
>---
> python/samba/join.py | 11 +++++++----
> 1 file changed, 7 insertions(+), 4 deletions(-)
>
>diff --git a/python/samba/join.py b/python/samba/join.py
>index fcdd4ec..7d2f913 100644
>--- a/python/samba/join.py
>+++ b/python/samba/join.py
>@@ -606,15 +606,18 @@ class dc_join(object):
>                                                                  "DNSNAME" : ctx.dnshostname}))
>             for changetype, msg in recs:
>                 assert changetype == ldb.CHANGETYPE_NONE
>+                dns_acct_dn = msg["dn"]
>                 print "Adding DNS account %s with dns/ SPN" % msg["dn"]
> 
>                 # Remove dns password (we will set it as a modify, as we can't do clearTextPassword over LDAP)
>                 del msg["clearTextPassword"]
>                 # Remove isCriticalSystemObject for similar reasons, it cannot be set over LDAP
>                 del msg["isCriticalSystemObject"]
>+                # Disable account until password is set
>+                msg["userAccountControl"] = str(samba.dsdb.UF_NORMAL_ACCOUNT |
>+                                                samba.dsdb.UF_ACCOUNTDISABLE)
>                 try:
>                     ctx.samdb.add(msg)
>-                    dns_acct_dn = msg["dn"]
>                 except ldb.LdbError, (num, _):
>                     if num != ldb.ERR_ENTRY_ALREADY_EXISTS:
>                         raise
>@@ -624,7 +627,7 @@ class dc_join(object):
>             # connections which are hard to set up and otherwise refuse with
>             # ERR_UNWILLING_TO_PERFORM. In this case we fall back to libnet
>             # over SAMR.
>-            print "Setting account password for %s" % ctx.samname
>+            print "Setting account password for dns-%s" % ctx.myname
>             try:
>                 ctx.samdb.setpassword("(&(objectClass=user)(samAccountName=dns-%s))"
>                                       % ldb.binary_encode(ctx.myname),
>@@ -633,8 +636,8 @@ class dc_join(object):
>                                       username=ctx.samname)
>             except ldb.LdbError, (num, _):
>                 if num != ldb.ERR_UNWILLING_TO_PERFORM:
>-                    pass
>-                ctx.net.set_password(account_name="dns-" % ctx.myname,
>+                    raise
>+                ctx.net.set_password(account_name="dns-%s" % ctx.myname,
>                                      domain_name=ctx.domain_name,
>                                      newpassword=ctx.dnspass)
> 
>-- 
>1.8.3.1
>

Flags:

metze: review+

Actions: View

Attachments on bug 9091: 8371 | 9185 | 9188 | 9189 | 9210 | 9361 | 9362