join.py: Restore support for joining as a subdomain

This set of patches fixes up the errors that were introduced into the partial support
during the past couple of years.

Andrew Bartlett

Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>

diff --git a/python/samba/join.py b/python/samba/join.py
index 4f2d27343c5f393febcd5831081bb94b4a8d527f..b298f88fb899b1dc80bb76635640ffb3b44f1222 100644 (file)
--- a/python/samba/join.py
+++ b/python/samba/join.py
@@ -154,6 +154,7 @@ class dc_join(object):
         ctx.drsuapi = None
         ctx.managedby = None
         ctx.subdomain = False
+        ctx.adminpass = None
 
     def del_noerror(ctx, dn, recursive=False):
         if recursive:
@@ -1071,7 +1072,8 @@ class dc_join(object):
                 ctx.nc_list += [ctx.domaindns_zone]
 
         if ctx.dns_backend != "NONE":
-            ctx.full_nc_list += ['DC=DomainDnsZones,%s' % ctx.base_dn]
+            if not ctx.subdomain:
+                ctx.full_nc_list += ['DC=DomainDnsZones,%s' % ctx.base_dn]
             ctx.full_nc_list += ['DC=ForestDnsZones,%s' % ctx.root_dn]
             ctx.nc_list += ['DC=ForestDnsZones,%s' % ctx.root_dn]
 
@@ -1183,12 +1185,16 @@ def join_DC(server=None, creds=None, lp=None, site=None, netbios_name=None,
 
 def join_subdomain(server=None, creds=None, lp=None, site=None,
         netbios_name=None, targetdir=None, parent_domain=None, dnsdomain=None,
-        netbios_domain=None, machinepass=None, use_ntvfs=False,
+        netbios_domain=None, machinepass=None, adminpass=None, use_ntvfs=False,
         dns_backend=None):
     """Join as a DC."""
     ctx = dc_join(server, creds, lp, site, netbios_name, targetdir, parent_domain,
                   machinepass, use_ntvfs, dns_backend)
     ctx.subdomain = True
+    if adminpass is None:
+        ctx.adminpass = samba.generate_random_password(12, 32)
+    else:
+        ctx.adminpass = adminpass
     ctx.parent_domain_name = ctx.domain_name
     ctx.domain_name = netbios_domain
     ctx.realm = dnsdomain

diff --git a/python/samba/netcmd/domain.py b/python/samba/netcmd/domain.py
index 4ba305c2713fb3a9f3288a535a3d620d0c8a1891..2fce6007c8e2722ccce616c6978b48c1c7d1ba9c 100644 (file)
--- a/python/samba/netcmd/domain.py
+++ b/python/samba/netcmd/domain.py
@@ -511,6 +511,8 @@ class cmd_domain_join(Command):
                action="store_true"),
         Option("--machinepass", type=str, metavar="PASSWORD",
                help="choose machine password (otherwise random)"),
+        Option("--adminpass", type="string", metavar="PASSWORD",
+               help="choose adminstrator password when joining as a subdomain (otherwise random)"),
         Option("--use-ntvfs", help="Use NTVFS for the fileserver (default = no)",
                action="store_true"),
         Option("--dns-backend", type="choice", metavar="NAMESERVER-BACKEND",
@@ -526,7 +528,7 @@ class cmd_domain_join(Command):
     def run(self, domain, role=None, sambaopts=None, credopts=None,
             versionopts=None, server=None, site=None, targetdir=None,
             domain_critical_only=False, parent_domain=None, machinepass=None,
-            use_ntvfs=False, dns_backend=None):
+            use_ntvfs=False, dns_backend=None, adminpass=None):
         lp = sambaopts.get_loadparm()
         creds = credopts.get_credentials(lp)
         net = Net(creds, lp, server=credopts.ipaddress)
@@ -561,10 +563,11 @@ class cmd_domain_join(Command):
             if parent_domain is None:
                 parent_domain = ".".join(domain.split(".")[1:])
             join_subdomain(server=server, creds=creds, lp=lp, dnsdomain=domain,
-                    parent_domain=parent_domain, site=site,
-                    netbios_name=netbios_name, netbios_domain=netbios_domain,
-                    targetdir=targetdir, machinepass=machinepass,
-                    use_ntvfs=use_ntvfs, dns_backend=dns_backend)
+                           parent_domain=parent_domain, site=site,
+                           netbios_name=netbios_name, netbios_domain=netbios_domain,
+                           targetdir=targetdir, machinepass=machinepass,
+                           use_ntvfs=use_ntvfs, dns_backend=dns_backend,
+                           adminpass=adminpass)
         else:
             raise CommandError("Invalid role '%s' (possible values: MEMBER, DC, RODC, SUBDOMAIN)" % role)