1
0
mirror of https://github.com/samba-team/samba.git synced 2024-12-22 13:34:15 +03:00

s4:provision - switch to "clearTextPassword" for setting passwords

This is the default password set/change attribute for s4 specific purposes
(otherwise in respect to Windows it's "unicodePwd"). We move away from
"userPassword" since on Windows it's not activated by default - and s4 will
follow soon.
This commit is contained in:
Matthias Dieter Wallnöfer 2010-11-09 13:22:00 +01:00
parent d1d585e208
commit bd5039546e
4 changed files with 8 additions and 8 deletions

View File

@ -818,7 +818,7 @@ def secretsdb_setup_dns(secretsdb, setup_path, names, private_dir,
"REALM": realm, "REALM": realm,
"DNSDOMAIN": dnsdomain, "DNSDOMAIN": dnsdomain,
"DNS_KEYTAB": dns_keytab_path, "DNS_KEYTAB": dns_keytab_path,
"DNSPASS_B64": b64encode(dnspass), "DNSPASS_B64": b64encode(dnspass.encode('utf-16-le')),
"HOSTNAME": names.hostname, "HOSTNAME": names.hostname,
"DNSNAME" : '%s.%s' % (names.netbiosname.lower(), names.dnsdomain.lower()) "DNSNAME" : '%s.%s' % (names.netbiosname.lower(), names.dnsdomain.lower())
}) })
@ -967,7 +967,7 @@ def setup_self_join(samdb, names,
"INVOCATIONID": invocationid, "INVOCATIONID": invocationid,
"NETBIOSNAME": names.netbiosname, "NETBIOSNAME": names.netbiosname,
"DNSNAME": "%s.%s" % (names.hostname, names.dnsdomain), "DNSNAME": "%s.%s" % (names.hostname, names.dnsdomain),
"MACHINEPASS_B64": b64encode(machinepass), "MACHINEPASS_B64": b64encode(machinepass.encode('utf-16-le')),
"DOMAINSID": str(domainsid), "DOMAINSID": str(domainsid),
"DCRID": str(next_rid), "DCRID": str(next_rid),
"SAMBA_VERSION_STRING": version, "SAMBA_VERSION_STRING": version,
@ -1250,8 +1250,8 @@ def setup_samdb(path, setup_path, session_info, provision_backend, lp, names,
"DOMAINDN": names.domaindn, "DOMAINDN": names.domaindn,
"DOMAINSID": str(domainsid), "DOMAINSID": str(domainsid),
"CONFIGDN": names.configdn, "CONFIGDN": names.configdn,
"ADMINPASS_B64": b64encode(adminpass), "ADMINPASS_B64": b64encode(adminpass.encode('utf-16-le')),
"KRBTGTPASS_B64": b64encode(krbtgtpass), "KRBTGTPASS_B64": b64encode(krbtgtpass.encode('utf-16-le'))
}) })
logger.info("Setting up self join") logger.info("Setting up self join")

View File

@ -102,6 +102,6 @@ accountExpires: 9223372036854775807
sAMAccountName: dns-${HOSTNAME} sAMAccountName: dns-${HOSTNAME}
servicePrincipalName: DNS/${DNSNAME} servicePrincipalName: DNS/${DNSNAME}
servicePrincipalName: DNS/${DNSDOMAIN} servicePrincipalName: DNS/${DNSDOMAIN}
userPassword:: ${DNSPASS_B64} clearTextPassword:: ${DNSPASS_B64}
isCriticalSystemObject: TRUE isCriticalSystemObject: TRUE

View File

@ -18,7 +18,7 @@ sAMAccountName: ${NETBIOSNAME}$
# The "servicePrincipalName" updates are now handled by the "samba_spnupdate" # The "servicePrincipalName" updates are now handled by the "samba_spnupdate"
# script # script
userAccountControl: 532480 userAccountControl: 532480
userPassword:: ${MACHINEPASS_B64} clearTextPassword:: ${MACHINEPASS_B64}
objectSID: ${DOMAINSID}-${DCRID} objectSID: ${DOMAINSID}-${DCRID}
# Here are missing the objects for the NTFRS subscription since we don't # Here are missing the objects for the NTFRS subscription since we don't

View File

@ -45,7 +45,7 @@ objectSid: ${DOMAINSID}-500
adminCount: 1 adminCount: 1
accountExpires: 9223372036854775807 accountExpires: 9223372036854775807
sAMAccountName: Administrator sAMAccountName: Administrator
userPassword:: ${ADMINPASS_B64} clearTextPassword:: ${ADMINPASS_B64}
isCriticalSystemObject: TRUE isCriticalSystemObject: TRUE
dn: CN=Guest,CN=Users,${DOMAINDN} dn: CN=Guest,CN=Users,${DOMAINDN}
@ -70,7 +70,7 @@ adminCount: 1
accountExpires: 9223372036854775807 accountExpires: 9223372036854775807
sAMAccountName: krbtgt sAMAccountName: krbtgt
servicePrincipalName: kadmin/changepw servicePrincipalName: kadmin/changepw
userPassword:: ${KRBTGTPASS_B64} clearTextPassword:: ${KRBTGTPASS_B64}
isCriticalSystemObject: TRUE isCriticalSystemObject: TRUE
# Add other groups # Add other groups