Bug 9984 - 'net ads join' overwrites all servicePrincipleNames in AD
Summary: 'net ads join' overwrites all servicePrincipleNames in AD
Status: RESOLVED FIXED
Alias: None
Product: Samba 3.6
Classification: Unclassified
Component: Client Tools (show other bugs)
Version: 3.6.16
Hardware: All All
: P5 normal
Target Milestone: ---
Assignee: Karolin Seeger
QA Contact: Samba QA Contact
URL:
Keywords:
Depends on:
Blocks: 9985
  Show dependency treegraph
 
Reported: 2013-07-01 11:47 UTC by Andreas Schneider
Modified: 2014-10-13 19:03 UTC (History)
0 users

See Also:


Attachments
v4-1-test patch (9.91 KB, patch)
2014-09-26 09:26 UTC, Andreas Schneider
asn: review? (gd)
jra: review+
Details
v4-0-test patch (9.91 KB, patch)
2014-09-26 09:29 UTC, Andreas Schneider
asn: review? (gd)
jra: review+
Details

Note You need to log in before you can comment on or make changes to this bug.
Description Andreas Schneider 2013-07-01 11:47:00 UTC
Description of problem:

If you pre-create a machine account on AD and then add additional SPNs to that account with:

    setspn -A nfs/client01 client01
    setspn -A nfs/client01.domain.site

and then join a linux machine to AD with:

    net ads join

all previously set SPNs will be overwritten.

Code:
libnet_join_set_machine_spn() doesn't check if SPNs already exist and overwrites them.
Comment 1 Andreas Schneider 2014-09-26 09:26:25 UTC
Created attachment 10311 [details]
v4-1-test patch
Comment 2 Andreas Schneider 2014-09-26 09:29:47 UTC
Created attachment 10314 [details]
v4-0-test patch
Comment 3 Jeremy Allison 2014-10-01 19:20:29 UTC
Comment on attachment 10311 [details]
v4-1-test patch

LGTM.
Comment 4 Jeremy Allison 2014-10-01 21:11:28 UTC
Comment on attachment 10314 [details]
v4-0-test patch

LGTM.
Comment 5 Jeremy Allison 2014-10-01 21:12:03 UTC
Re-assigning to Karolin for inclusion in 4.0.next, 4.1.next.
Comment 6 Karolin Seeger 2014-10-09 18:21:23 UTC
Pushed to autobuild-v4-[0|1]-test.
Comment 7 Karolin Seeger 2014-10-13 19:03:17 UTC
Pushed to both branches.
Closing out bug report.

Thanks!