2025-02-02 09:47:23 +03:00 · 2019-08-30 00:22:15 +03:00 · 2019-08-30 00:22:15 +03:00 · 05f7e9a72a
commit 05f7e9a72a
parent d0f566c4ad
2 changed files with 16 additions and 22 deletions
--- a/source3/libnet/libnet_join.c
+++ b/source3/libnet/libnet_join.c
@ -533,29 +533,23 @@ static ADS_STATUS libnet_join_set_machine_spn(TALLOC_CTX *mem_ctx,
 		}
 	}

-	if (!name_to_fqdn(my_fqdn, r->in.machine_name)
-	    || (strchr(my_fqdn, '.') == NULL)) {
-		fstr_sprintf(my_fqdn, "%s.%s", r->in.machine_name,
-			     r->out.dns_domain_name);
-	}
+	fstr_sprintf(my_fqdn, "%s.%s", r->in.machine_name, lp_dnsdomain());

 	if (!strlower_m(my_fqdn)) {
 		return ADS_ERROR_LDAP(LDAP_NO_MEMORY);
 	}

-	if (!strequal(my_fqdn, r->in.machine_name)) {
-		spn = talloc_asprintf(mem_ctx, "HOST/%s", my_fqdn);
-		if (!spn) {
-			return ADS_ERROR_LDAP(LDAP_NO_MEMORY);
-		}
+	spn = talloc_asprintf(mem_ctx, "HOST/%s", my_fqdn);
+	if (spn == NULL) {
+		return ADS_ERROR_LDAP(LDAP_NO_MEMORY);
+	}

-		ok = ads_element_in_array(spn_array, num_spns, spn);
+	ok = ads_element_in_array(spn_array, num_spns, spn);
+	if (!ok) {
+		ok = add_string_to_array(spn_array, spn,
+					 &spn_array, &num_spns);
 		if (!ok) {
-			ok = add_string_to_array(spn_array, spn,
-						 &spn_array, &num_spns);
-			if (!ok) {
-				return ADS_ERROR_LDAP(LDAP_NO_MEMORY);
-			}
+			return ADS_ERROR_LDAP(LDAP_NO_MEMORY);
 		}
 	}

@ -591,12 +585,9 @@ static ADS_STATUS libnet_join_set_machine_spn(TALLOC_CTX *mem_ctx,
 			/*
 			 * Add HOST/netbiosname.domainname
 			 */
-			if (r->out.dns_domain_name == NULL) {
-				continue;
-			}
 			fstr_sprintf(my_fqdn, "%s.%s",
 				     *netbios_aliases,
-				     r->out.dns_domain_name);
+				     lp_dnsdomain());

 			spn = talloc_asprintf(mem_ctx, "HOST/%s", my_fqdn);
 			if (spn == NULL) {
--- a/testprogs/blackbox/test_net_ads.sh
+++ b/testprogs/blackbox/test_net_ads.sh
@ -81,7 +81,7 @@ testit "testjoin (dedicated keytab)" $VALGRIND $net_tool ads testjoin -kP || fai
 netbios=$(grep "netbios name" $BASEDIR/$WORKDIR/client.conf | cut -f2 -d= | awk '{$1=$1};1')
 uc_netbios=$(echo $netbios | tr '[:lower:]' '[:upper:]')
 lc_realm=$(echo $REALM | tr '[:upper:]' '[:lower:]')
-fqdns="$netbios.$lc_realm"
+fqdn="$netbios.$lc_realm"

 krb_princ="primary/instance@$REALM"
 testit "test (dedicated keytab) add a fully qualified krb5 principal" $VALGRIND $net_tool ads keytab add $krb_princ -U$DC_USERNAME%$DC_PASSWORD --option="kerberosmethod=dedicatedkeytab" --option="dedicatedkeytabfile=$dedicated_keytab_file" || failed=`expr $failed + 1`
@ -99,7 +99,7 @@ testit "test (dedicated keytab) at least one krb5 principal created from $machin
 service="nfs"
 testit "test (dedicated keytab) add a $service service to keytab" $VALGRIND $net_tool ads keytab add $service -U$DC_USERNAME%$DC_PASSWORD --option="kerberosmethod=dedicatedkeytab" --option="dedicatedkeytabfile=$dedicated_keytab_file" || failed=`expr $failed + 1`

-search_str="$service/$fqdns@$REALM"
+search_str="$service/$fqdn@$REALM"
 found=`$net_tool ads keytab list -U$DC_USERNAME%$DC_PASSWORD --option="kerberosmethod=dedicatedkeytab" --option="dedicatedkeytabfile=$dedicated_keytab_file" | grep $search_str | wc -l`
 testit "test (dedicated keytab) at least one (long form) krb5 principal created from service added is present in keytab" test $found -gt 1 || failed=`expr $failed + 1`

@ -206,6 +206,9 @@ testit "join" $VALGRIND $net_tool ads join -U$DC_USERNAME%$DC_PASSWORD || failed

 testit "testjoin" $VALGRIND $net_tool ads testjoin || failed=`expr $failed + 1`

+testit_grep "check dNSHostName" $fqdn $VALGRIND $net_tool ads search -P samaccountname=$netbios\$ dNSHostName || failed=`expr $failed + 1`
+testit_grep "check SPN" ${uc_netbios}.${lc_realm} $VALGRIND $net_tool ads search -P samaccountname=$netbios\$ servicePrincipalName || failed=`expr $failed + 1`
+
 ##Goodbye...
 testit "leave" $VALGRIND $net_tool ads leave -U$DC_USERNAME%$DC_PASSWORD || failed=`expr $failed + 1`