s4:provision Only create references to our server DN after the self join

This will ensure that the GUID can be filled in correctly, and assist
us to validate DN targets in the future.

Andrew Bartlett

source4/scripting/python/samba/provision.py

@@ -787,12 +787,22 @@ def setup_self_join(samdb, names,
               "DNSDOMAIN": names.dnsdomain,
               "SAMBA_VERSION_STRING": version,
               "DOMAIN_CONTROLLER_FUNCTIONALITY": str(domainControllerFunctionality)})
+
     setup_add_ldif(samdb, setup_path("provision_group_policy.ldif"), { 
               "POLICYGUID": policyguid,
               "DNSDOMAIN": names.dnsdomain,
               "DOMAINSID": str(domainsid),
               "DOMAINDN": names.domaindn})
 
+    # Setup fSMORoleOwner entries to point at the newly created DC entry
+    setup_modify_ldif(samdb, setup_path("provision_self_join_modify.ldif"), {
+              "DOMAINDN": names.domaindn,
+              "CONFIGDN": names.configdn,
+              "SCHEMADN": names.schemadn, 
+              "DEFAULTSITE": names.sitename,
+              "SERVERDN": names.serverdn
+              })
+
 
 def setup_samdb(path, setup_path, session_info, credentials, lp, 
                 names, message, 

source4/setup/provision.ldif

@@ -49,7 +49,6 @@ dn: CN=Infrastructure,${DOMAINDN}
 objectClass: top
 objectClass: infrastructureUpdate
 systemFlags: -1946157056
-fSMORoleOwner: CN=NTDS Settings,${SERVERDN}
 isCriticalSystemObject: TRUE
 
 dn: CN=LostAndFound,${DOMAINDN}
@@ -192,7 +191,6 @@ dn: CN=RID Manager$,CN=System,${DOMAINDN}
 objectClass: top
 objectClass: rIDManager
 systemFlags: -1946157056
-fSMORoleOwner: CN=NTDS Settings,${SERVERDN}
 rIDAvailablePool: 4611686014132423217
 isCriticalSystemObject: TRUE
 

source4/setup/provision_basedn_modify.ldif

@@ -61,9 +61,6 @@ uASCompat: 1
 replace: modifiedCount
 modifiedCount: 1
 -
-replace: fSMORoleOwner
-fSMORoleOwner: CN=NTDS Settings,${SERVERDN}
--
 replace: systemFlags
 systemFlags: -1946157056
 -

source4/setup/provision_configuration.ldif

@@ -656,7 +656,6 @@ objectClass: top
 objectClass: crossRefContainer
 systemFlags: -2147483648
 msDS-Behavior-Version: ${FOREST_FUNCTIONALALITY}
-fSMORoleOwner: CN=NTDS Settings,${SERVERDN}
 showInAdvancedViewOnly: TRUE
 
 dn: CN=Enterprise Configuration,CN=Partitions,${CONFIGDN}
@@ -749,7 +748,6 @@ dn: CN=NTDS Site Settings,CN=${DEFAULTSITE},CN=Sites,${CONFIGDN}
 objectClass: top
 objectClass: applicationSiteSettings
 objectClass: nTDSSiteSettings
-interSiteTopologyGenerator: CN=NTDS Settings,${SERVERDN}
 
 dn: CN=Servers,CN=${DEFAULTSITE},CN=Sites,${CONFIGDN}
 objectClass: top

source4/setup/provision_schema_basedn_modify.ldif

@@ -3,8 +3,6 @@
 ###############################
 dn: ${SCHEMADN}
 changetype: modify
-replace: fSMORoleOwner
-fSMORoleOwner: CN=NTDS Settings,${SERVERDN}
 -
 replace: objectVersion
 objectVersion: 30

source4/setup/provision_self_join_modify.ldif

@@ -0,0 +1,29 @@
+dn: ${DOMAINDN}
+changetype: modify
+replace: fSMORoleOwner
+fSMORoleOwner: CN=NTDS Settings,${SERVERDN}
+
+dn: ${SCHEMADN}
+changetype: modify
+replace: fSMORoleOwner
+fSMORoleOwner: CN=NTDS Settings,${SERVERDN}
+
+dn: CN=Infrastructure,${DOMAINDN}
+changetype: modify
+replace: fSMORoleOwner
+fSMORoleOwner: CN=NTDS Settings,${SERVERDN}
+
+dn: CN=RID Manager$,CN=System,${DOMAINDN}
+changetype: modify
+replace: fSMORoleOwner
+fSMORoleOwner: CN=NTDS Settings,${SERVERDN}
+
+dn: CN=Partitions,${CONFIGDN}
+changetype: modify
+replace: fSMORoleOwner
+fSMORoleOwner: CN=NTDS Settings,${SERVERDN}
+
+dn: CN=NTDS Site Settings,CN=${DEFAULTSITE},CN=Sites,${CONFIGDN}
+changetype: modify
+replace: interSiteTopologyGenerator
+interSiteTopologyGenerator: CN=NTDS Settings,${SERVERDN}