git.samba.org / bbaumbach / samba-autobuild / .git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: bf217c7) | patch
provision: Allow DNS GSS-TSIG updates to work.
authorAndrew Kroeger <andrew@sprocks.gotdns.com>
Sun, 18 May 2008 04:20:35 +0000 (23:20 -0500)
committerAndrew Kroeger <andrew@sprocks.gotdns.com>
Sun, 18 May 2008 06:54:56 +0000 (01:54 -0500)
commit572efc8e65457a982a8cbb04d3b10e3aae22d574
tree996cb4510299c1ae947e28920520f0cc511bc8c1tree
parentbf217c748a8a0929ffc54be940041100ca5127f2commit | diff
provision: Allow DNS GSS-TSIG updates to work.

This change ensures the KVNO of the principal in secrets.ldb (which is also
exported to the dns.keytab) matches the KVNO associated with the "dns" user.
Without explicitly setting msDS-KeyVersionNumber, the KVNO exported into the
dns.keytab was 0.

KVNO needs to be > 0, as the client libs (at least MIT libs on Fedora)
consider KVNO == 0 as a sign to ignore that particular key.
source/setup/secrets_dc.ldif diff | blob | history
Unnamed repository; edit this file 'description' to name the repository.