sin/samba-mirror
1
0
Fork 0
mirror of https://github.com/samba-team/samba.git synced 2025-02-02 09:47:23 +03:00
Code

samba-tool domain join: remove the subdomain option

Browse Source 
Remove the sub domain option from join, as it currently does not work.

Signed-off-by: Gary Lockyer <gary@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
This commit is contained in:
Gary Lockyer 2019-06-28 15:13:13 +12:00 committed by Gary Lockyer
parent 54fbac97ef
commit 5583208aed
2 changed files with 5 additions and 121 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

23
python/samba/netcmd/domain.py
View File

@ -647,7 +647,7 @@ class cmd_domain_dcpromo(Command):
class cmd_domain_join(Command): class cmd_domain_join(Command):
"""Join domain as either member or backup domain controller.""" """Join domain as either member or backup domain controller."""
synopsis = "%prog <dnsdomain> [DC|RODC|MEMBER|SUBDOMAIN] [options]" synopsis = "%prog <dnsdomain> [DC|RODC|MEMBER] [options]"
takes_optiongroups = { takes_optiongroups = {
"sambaopts": options.SambaOptions, "sambaopts": options.SambaOptions,
@ -715,24 +715,11 @@ class cmd_domain_join(Command):
plaintext_secrets=plaintext_secrets, plaintext_secrets=plaintext_secrets,
backend_store=backend_store, backend_store=backend_store,
backend_store_size=backend_store_size) backend_store_size=backend_store_size)
elif role == "SUBDOMAIN": # elif role == "SUBDOMAIN":
if not adminpass: # subdomain command removed by Gary Lockyer <gary@catalyst.net.nz>
logger.info("Administrator password will be set randomly!") # on the 28th June 2019.
netbios_domain = lp.get("workgroup")
if parent_domain is None:
parent_domain = ".".join(domain.split(".")[1:])
join_subdomain(logger=logger, server=server, creds=creds, lp=lp, dnsdomain=domain,
parent_domain=parent_domain, site=site,
netbios_name=netbios_name, netbios_domain=netbios_domain,
targetdir=targetdir, machinepass=machinepass,
use_ntvfs=use_ntvfs, dns_backend=dns_backend,
adminpass=adminpass,
plaintext_secrets=plaintext_secrets,
backend_store=backend_store,
backend_store_size=backend_store_size)
else: else:
raise CommandError("Invalid role '%s' (possible values: MEMBER, DC, RODC, SUBDOMAIN)" % role) raise CommandError("Invalid role '%s' (possible values: MEMBER, DC, RODC)" % role)
class cmd_domain_demote(Command): class cmd_domain_demote(Command):

103
selftest/target/Samba4.pm
View File

@ -1557,65 +1557,6 @@ sub provision_vampire_dc($$$)
return $ret; return $ret;
} }
sub provision_subdom_dc($$$)
{
my ($self, $prefix, $dcvars) = @_;
print "PROVISIONING SUBDOMAIN DC...\n";
# We do this so that we don't run the provision. That's the job of 'net vampire'.
my $samsid = undef; # TODO pass the domain sid all the way down
my $ctx = $self->provision_raw_prepare($prefix, "domain controller",
"localsubdc",
"SAMBASUBDOM",
"sub.samba.example.com",
$samsid,
"2008",
$dcvars->{PASSWORD},
undef);
push (@{$ctx->{provision_options}}, "--use-ntvfs");
$ctx->{smb_conf_extra_options} = "
max xmit = 32K
server max protocol = SMB2
[sysvol]
path = $ctx->{statedir}/sysvol
read only = yes
[netlogon]
path = $ctx->{statedir}/sysvol/$ctx->{dnsname}/scripts
read only = no
";
my $ret = $self->provision_raw_step1($ctx);
unless ($ret) {
return undef;
}
Samba::mk_krb5_conf($ctx);
Samba::mk_mitkdc_conf($ctx, abs_path(Samba::bindir_path($self, "shared")));
my $samba_tool = Samba::bindir_path($self, "samba-tool");
my $cmd = $self->get_cmd_env_vars($ret);
$cmd .= "$samba_tool domain join $ret->{CONFIGURATION} $ctx->{dnsname} subdomain ";
$cmd .= "--parent-domain=$dcvars->{REALM} -U$dcvars->{DC_USERNAME}\@$dcvars->{REALM}\%$dcvars->{DC_PASSWORD}";
$cmd .= " --machinepass=machine$ret->{PASSWORD} --use-ntvfs";
$cmd .= " --adminpass=$ret->{PASSWORD}";
unless (system($cmd) == 0) {
warn("Join failed\n$cmd");
return undef;
}
$ret->{SUBDOM_DC_SERVER} = $ret->{SERVER};
$self->set_pdc_env_vars($ret, $dcvars);
return $ret;
}
sub provision_ad_dc_ntvfs($$$) sub provision_ad_dc_ntvfs($$$)
{ {
my ($self, $prefix, $extra_provision_options) = @_; my ($self, $prefix, $extra_provision_options) = @_;
@ -2226,7 +2167,6 @@ sub check_env($$)
vampire_2000_dc => ["fl2000dc"], vampire_2000_dc => ["fl2000dc"],
vampire_dc => ["ad_dc_ntvfs"], vampire_dc => ["ad_dc_ntvfs"],
promoted_dc => ["ad_dc_ntvfs"], promoted_dc => ["ad_dc_ntvfs"],
subdom_dc => ["ad_dc_ntvfs"],
rodc => ["ad_dc_ntvfs"], rodc => ["ad_dc_ntvfs"],
rpc_proxy => ["ad_dc_ntvfs"], rpc_proxy => ["ad_dc_ntvfs"],
@ -2538,49 +2478,6 @@ sub setup_promoted_dc
return $env; return $env;
} }
sub setup_subdom_dc
{
my ($self, $path, $dc_vars) = @_;
my $env = $self->provision_subdom_dc($path, $dc_vars);
if (defined $env) {
if (not defined($self->check_or_start($env, "single"))) {
return undef;
}
# force replicated DC to update repsTo/repsFrom
# for primary domain partitions
my $samba_tool = Samba::bindir_path($self, "samba-tool");
my $cmd = "NSS_WRAPPER_HOSTS='$env->{NSS_WRAPPER_HOSTS}' ";
# as 'subdomain' dc may add data in its local replica
# we need to synchronize data between DCs
my $base_dn = "DC=".join(",DC=", split(/\./, $env->{REALM}));
my $config_dn = "CN=Configuration,DC=".join(",DC=", split(/\./, $dc_vars->{REALM}));
$cmd = "SOCKET_WRAPPER_DEFAULT_IFACE=\"$env->{SOCKET_WRAPPER_DEFAULT_IFACE}\"";
$cmd .= " KRB5_CONFIG=\"$env->{KRB5_CONFIG}\"";
$cmd .= "KRB5CCNAME=\"$env->{KRB5_CCACHE}\" ";
$cmd .= "RESOLV_CONF=\"$env->{RESOLV_CONF}\" ";
$cmd .= " $samba_tool drs replicate $env->{DC_SERVER} $env->{SUBDOM_DC_SERVER}";
$cmd .= " $dc_vars->{CONFIGURATION}";
$cmd .= " -U$dc_vars->{DC_USERNAME}\%$dc_vars->{DC_PASSWORD} --realm=$dc_vars->{DC_REALM}";
# replicate Configuration NC
my $cmd_repl = "$cmd \"$config_dn\"";
unless(system($cmd_repl) == 0) {
warn("Failed to replicate\n$cmd_repl");
return undef;
}
# replicate Default NC
$cmd_repl = "$cmd \"$base_dn\"";
unless(system($cmd_repl) == 0) {
warn("Failed to replicate\n$cmd_repl");
return undef;
}
}
return $env;
}
sub setup_rodc sub setup_rodc
{ {
my ($self, $path, $dc_vars) = @_; my ($self, $path, $dc_vars) = @_;