git.samba.org - samba.git/commit

author	Andrew Bartlett <abartlet@samba.org>
	Fri, 17 Feb 2017 05:23:23 +0000 (18:23 +1300)
committer	Andrew Bartlett <abartlet@samba.org>
	Sun, 11 Jun 2017 00:04:51 +0000 (02:04 +0200)
commit	75eb2e3a09ed7ab5beac4593d93e6ea0e506f857
tree	16699c806903d6e542cd6796318854f19c3ed76f	tree
parent	dfe739a252e994c6091aea0c6220134ed6fa2f72	commit \| diff

join.py Add DNS records at domain join time

This avoids issues getting replication going after the DC first starts
as the rest of the domain does not have to wait for samba_dnsupdate to
run successfully

We do not just run samba_dnsupdate as we want to strictly
operate against the DC we just joined:
- We do not want to query another DNS server
- We do not want to obtain a Kerberos ticket for the new DC
   (as the KDC we select may not be the DC we just joined,
   and so may not be in sync with the password we just set)
- We do not wish to set the _ldap records until we have started
- We do not wish to use NTLM (the --use-samba-tool mode forces
   NTLM)

The downside to using DCE/RPC rather than DNS is that these will
be regarded as static entries, and (against windows) have a the ACL
assigned for static entries.  However this is still better than no
DNS at all.

Because some tests want a DNS record matching their own name
this fixes some tests and removes entires from knownfail

Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>
Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Sun Jun 11 02:04:52 CEST 2017 on sn-devel-144

python/samba/join.py		diff \| blob \| history
selftest/knownfail.d/dns		diff \| blob \| history
selftest/knownfail.d/dns-at-join	[deleted file]	blob \| history