sin/samba-mirror
1
0
Fork 0
mirror of https://github.com/samba-team/samba.git synced 2025-12-04 08:23:50 +03:00
Code Activity

r20805: don't use hardcoded values for secrects.keytab and sam.ldb

Browse Source 
metze
This commit is contained in:
Stefan Metzmacher
2007-01-15 13:54:21 +00:00
committed by Gerald (Jerry) Carter
parent a5b67f5c7e
commit c78e345fea
2 changed files with 10 additions and 5 deletions
Download Patch File Download Diff File Expand all files Collapse all files

11
source/scripting/libjs/provision.js
View File

@@ -382,6 +382,7 @@ function provision_default_paths(subobj)
paths.hkpt = "hkpt.ldb";
paths.samdb = lp.get("sam database");
paths.secrets = "secrets.ldb";
paths.keytab = "secrets.keytab";
paths.dns = lp.get("private dir") + "/" + subobj.DNSDOMAIN + ".zone";
paths.winsdb = "wins.ldb";
paths.ldap_basedn_ldif = lp.get("private dir") + "/" + subobj.DNSDOMAIN + ".ldif";
@@ -431,7 +432,7 @@ function setup_name_mappings(info, ldb)
return true;
}
function provision_fix_subobj(subobj, message)
function provision_fix_subobj(subobj, message, paths)
{
subobj.REALM = strupper(subobj.REALM);
subobj.HOSTNAME = strlower(subobj.HOSTNAME);
@@ -442,6 +443,10 @@ function provision_fix_subobj(subobj, message)
var rdns = split(",", subobj.DOMAINDN);
subobj.RDN_DC = substr(rdns[0], strlen("DC="));
subobj.SAM_LDB = paths.samdb;
subobj.SECRETS_LDB = paths.secrets;
subobj.SECRETS_KEYTAB = paths.keytab;
return true;
}
@@ -451,7 +456,7 @@ function provision_become_dc(subobj, message, paths, session_info)
var sys = sys_init();
var info = new Object();
var ok = provision_fix_subobj(subobj, message);
var ok = provision_fix_subobj(subobj, message, paths);
assert(ok);
info.subobj = subobj;
@@ -491,7 +496,7 @@ function provision(subobj, message, blank, paths, session_info, credentials, lda
var sys = sys_init();
var info = new Object();
var ok = provision_fix_subobj(subobj, message);
var ok = provision_fix_subobj(subobj, message, paths);
assert(ok);
if (subobj.DOMAINGUID != undefined) {

4
source/setup/secrets.ldif
View File

@@ -36,7 +36,7 @@ whenCreated: ${LDAPTIME}
whenChanged: ${LDAPTIME}
msDS-KeyVersionNumber: 1
objectSid: ${DOMAINSID}
privateKeytab: secrets.keytab
privateKeytab: ${SECRETS_KEYTAB}
# A hook from our credentials system into HDB, as we must be on a KDC,
# we can look directly into the database.
@@ -51,5 +51,5 @@ whenCreated: ${LDAPTIME}
whenChanged: ${LDAPTIME}
objectSid: ${DOMAINSID}
servicePrincipalName: kadmin/changepw
krb5Keytab: HDB:ldb:sam.ldb:
krb5Keytab: HDB:ldb:${SAM_LDB}:
#The trailing : here is a HACK, but it matches the Heimdal format.