samba-tool domain join subdomain: Rework sambadns.py to allow setup of DomainDNSZone...

author Andrew Bartlett <abartlet@samba.org>

Sun, 8 Sep 2013 23:54:23 +0000 (11:54 +1200)

committer Stefan Metzmacher <metze@samba.org>

Fri, 11 Oct 2013 08:27:49 +0000 (10:27 +0200)
author Andrew Bartlett <abartlet@samba.org>
Sun, 8 Sep 2013 23:54:23 +0000 (11:54 +1200)
committer Stefan Metzmacher <metze@samba.org>
Fri, 11 Oct 2013 08:27:49 +0000 (10:27 +0200)
diff --git a/python/samba/join.py b/python/samba/join.py

index 1785ab3e8861e81d7d2d8f7cfc2c8851908624d6..9cac8f5ed253b9e0519620918155c386c21d29ee 100644 (file)
--- a/python/samba/join.py
+++ b/python/samba/join.py
@@ -24,6 +24,7 @@ from samba import gensec, Ldb, drs_utils
  import ldb, samba, sys, uuid
  from samba.ndr import ndr_pack
  from samba.dcerpc import security, drsuapi, misc, nbt, lsa, drsblobs
+from samba.dsdb import DS_DOMAIN_FUNCTION_2003
  from samba.credentials import Credentials, DONT_USE_KERBEROS
  from samba.provision import secretsdb_self_join, provision, provision_fill, FILL_DRS, FILL_SUBDOMAIN
  from samba.provision.common import setup_path
@@ -765,6 +766,7 @@ class dc_join(object):
          presult = provision_fill(ctx.local_samdb, secrets_ldb,
                                   ctx.logger, ctx.names, ctx.paths, domainsid=security.dom_sid(ctx.domsid),
                                   domainguid=domguid,
+                                 dom_for_fun_level=DS_DOMAIN_FUNCTION_2003,
                                   targetdir=ctx.targetdir, samdb_fill=FILL_SUBDOMAIN,
                                   machinepass=ctx.acct_pass, serverrole="active directory domain controller",
                                   lp=ctx.lp, hostip=ctx.names.hostip, hostip6=ctx.names.hostip6,
diff --git a/python/samba/netcmd/domain.py b/python/samba/netcmd/domain.py

index 217b5369b7b24027bb15c8a3c51fba7568cd7656..9824da1610196cfff4db5005b9ce1316e641961a 100644 (file)
--- a/python/samba/netcmd/domain.py
+++ b/python/samba/netcmd/domain.py
@@ -67,11 +67,14 @@ from samba.dsdb import (
  from samba.credentials import DONT_USE_KERBEROS
  from samba.provision import (
      provision,
+    ProvisioningError
+    )
+
+from samba.provision.common import (
      FILL_FULL,
      FILL_NT4SYNC,
-    FILL_DRS,
-    ProvisioningError,
-    )
+    FILL_DRS
+)
  
  def get_testparm_var(testparm, smbconf, varname):
      cmd = "%s -s -l --parameter-name='%s' %s 2>/dev/null" % (testparm, varname, smbconf)
diff --git a/python/samba/provision/__init__.py b/python/samba/provision/__init__.py

index 698df94f34c6c91571a796cfdbeda5851497ee86..d8f353f54ae67dc5bb2c30d7f5256318d9e0f80b 100644 (file)
--- a/python/samba/provision/__init__.py
+++ b/python/samba/provision/__init__.py
@@ -101,7 +101,11 @@ from samba.provision.common import (
      setup_path,
      setup_add_ldif,
      setup_modify_ldif,
-    )
+    FILL_FULL,
+    FILL_SUBDOMAIN,
+    FILL_NT4SYNC,
+    FILL_DRS
+)
  from samba.provision.sambadns import (
      get_dnsadmins_sid,
      setup_ad_dns,
@@ -1462,10 +1466,6 @@ def fill_samdb(samdb, lp, names, logger, domainsid, domainguid, policyguid,
          return samdb
  
  
-FILL_FULL = "FULL"
-FILL_SUBDOMAIN = "SUBDOMAIN"
-FILL_NT4SYNC = "NT4SYNC"
-FILL_DRS = "DRS"
  SYSVOL_ACL = "O:LAG:BAD:P(A;OICI;0x001f01ff;;;BA)(A;OICI;0x001200a9;;;SO)(A;OICI;0x001f01ff;;;SY)(A;OICI;0x001200a9;;;AU)"
  POLICIES_ACL = "O:LAG:BAD:P(A;OICI;0x001f01ff;;;BA)(A;OICI;0x001200a9;;;SO)(A;OICI;0x001f01ff;;;SY)(A;OICI;0x001200a9;;;AU)(A;OICI;0x001301bf;;;PA)"
  SYSVOL_SERVICE="sysvol"
@@ -1795,7 +1795,7 @@ def provision_fill(samdb, secrets_ldb, logger, names, paths,
          setup_ad_dns(samdb, secrets_ldb, domainsid, names, paths, lp, logger,
                       hostip=hostip, hostip6=hostip6, dns_backend=dns_backend,
                       dnspass=dnspass, os_level=dom_for_fun_level,
-                     targetdir=targetdir, site=DEFAULTSITE)
+                     targetdir=targetdir, site=DEFAULTSITE, fill_level=samdb_fill)
  
          domainguid = samdb.searchone(basedn=samdb.get_default_basedn(),
                                       attribute="objectGUID")
diff --git a/python/samba/provision/common.py b/python/samba/provision/common.py

index f96704bccee7ca0e9b6f87b70ae399c697f9e8a1..03e22789515cb338eaebf2c117d8ee56e7793695 100644 (file)
--- a/python/samba/provision/common.py
+++ b/python/samba/provision/common.py
@@ -31,6 +31,11 @@ import os
  from samba import read_and_sub_file
  from samba.param import setup_dir
  
+FILL_FULL = "FULL"
+FILL_SUBDOMAIN = "SUBDOMAIN"
+FILL_NT4SYNC = "NT4SYNC"
+FILL_DRS = "DRS"
+
  
  def setup_path(file):
      """Return an absolute path to the provision tempate file specified by file"""
diff --git a/python/samba/provision/sambadns.py b/python/samba/provision/sambadns.py

index 46cfc89f4c46bbc2f3af383c7e2672753dbd41fb..5fd3805786f5232c8abef45e87b39106d5a7a152 100644 (file)
--- a/python/samba/provision/sambadns.py
+++ b/python/samba/provision/sambadns.py
@@ -48,7 +48,11 @@ from samba.provision.common import (
      setup_path,
      setup_add_ldif,
      setup_modify_ldif,
-    setup_ldb
+    setup_ldb,
+    FILL_FULL,
+    FILL_SUBDOMAIN,
+    FILL_NT4SYNC,
+    FILL_DRS,
      )
  
  
@@ -230,15 +234,20 @@ class AgingEnabledTimeProperty(dnsp.DnsProperty):
  
  
  def setup_dns_partitions(samdb, domainsid, domaindn, forestdn, configdn,
-        serverdn):
+                         serverdn, fill_level):
      domainzone_dn = "DC=DomainDnsZones,%s" % domaindn
      forestzone_dn = "DC=ForestDnsZones,%s" % forestdn
      descriptor = get_dns_partition_descriptor(domainsid)
+
      setup_add_ldif(samdb, setup_path("provision_dnszones_partitions.ldif"), {
-        "DOMAINZONE_DN": domainzone_dn,
-        "FORESTZONE_DN": forestzone_dn,
+        "ZONE_DN": domainzone_dn,
          "SECDESC"      : b64encode(descriptor)
          })
+    if fill_level != FILL_SUBDOMAIN:
+        setup_add_ldif(samdb, setup_path("provision_dnszones_partitions.ldif"), {
+            "ZONE_DN": forestzone_dn,
+            "SECDESC"      : b64encode(descriptor)
+        })
  
      domainzone_guid = get_domainguid(samdb, domainzone_dn)
      forestzone_guid = get_domainguid(samdb, forestzone_dn)
@@ -252,25 +261,36 @@ def setup_dns_partitions(samdb, domainsid, domaindn, forestdn, configdn,
      protected1_desc = get_domain_delete_protected1_descriptor(domainsid)
      protected2_desc = get_domain_delete_protected2_descriptor(domainsid)
      setup_add_ldif(samdb, setup_path("provision_dnszones_add.ldif"), {
-        "DOMAINZONE_DN": domainzone_dn,
-        "FORESTZONE_DN": forestzone_dn,
-        "DOMAINZONE_GUID": domainzone_guid,
-        "FORESTZONE_GUID": forestzone_guid,
-        "DOMAINZONE_DNS": domainzone_dns,
-        "FORESTZONE_DNS": forestzone_dns,
+        "ZONE_DN": domainzone_dn,
+        "ZONE_GUID": domainzone_guid,
+        "ZONE_DNS": domainzone_dns,
          "CONFIGDN": configdn,
          "SERVERDN": serverdn,
          "LOSTANDFOUND_DESCRIPTOR": b64encode(protected2_desc),
          "INFRASTRUCTURE_DESCRIPTOR": b64encode(protected1_desc),
          })
-
      setup_modify_ldif(samdb, setup_path("provision_dnszones_modify.ldif"), {
          "CONFIGDN": configdn,
          "SERVERDN": serverdn,
-        "DOMAINZONE_DN": domainzone_dn,
-        "FORESTZONE_DN": forestzone_dn,
+        "ZONE_DN": domainzone_dn,
      })
  
+    if fill_level != FILL_SUBDOMAIN:
+        setup_add_ldif(samdb, setup_path("provision_dnszones_add.ldif"), {
+            "ZONE_DN": forestzone_dn,
+            "ZONE_GUID": forestzone_guid,
+            "ZONE_DNS": forestzone_dns,
+            "CONFIGDN": configdn,
+            "SERVERDN": serverdn,
+            "LOSTANDFOUND_DESCRIPTOR": b64encode(protected2_desc),
+            "INFRASTRUCTURE_DESCRIPTOR": b64encode(protected1_desc),
+        })
+        setup_modify_ldif(samdb, setup_path("provision_dnszones_modify.ldif"), {
+            "CONFIGDN": configdn,
+            "SERVERDN": serverdn,
+            "ZONE_DN": forestzone_dn,
+        })
+
  
  def add_dns_accounts(samdb, domaindn):
      setup_add_ldif(samdb, setup_path("provision_dns_accounts_add.ldif"), {
@@ -928,21 +948,23 @@ def fill_dns_data_legacy(samdb, domainsid, forestdn, dnsdomain, site, hostname,
  
  
  def create_dns_partitions(samdb, domainsid, names, domaindn, forestdn,
-                          dnsadmins_sid):
+                          dnsadmins_sid, fill_level):
      # Set up additional partitions (DomainDnsZones, ForstDnsZones)
      setup_dns_partitions(samdb, domainsid, domaindn, forestdn,
-                        names.configdn, names.serverdn)
+                        names.configdn, names.serverdn, fill_level)
  
      # Set up MicrosoftDNS containers
      add_dns_container(samdb, domaindn, "DC=DomainDnsZones", domainsid,
                        dnsadmins_sid)
-    add_dns_container(samdb, forestdn, "DC=ForestDnsZones", domainsid,
-                      dnsadmins_sid, forest=True)
+    if fill_level != FILL_SUBDOMAIN:
+        add_dns_container(samdb, forestdn, "DC=ForestDnsZones", domainsid,
+                          dnsadmins_sid, forest=True)
  
  
  def fill_dns_data_partitions(samdb, domainsid, site, domaindn, forestdn,
-                            dnsdomain, dnsforest, hostname, hostip, hostip6,
-                            domainguid, ntdsguid, dnsadmins_sid, autofill=True):
+                             dnsdomain, dnsforest, hostname, hostip, hostip6,
+                             domainguid, ntdsguid, dnsadmins_sid, autofill=True,
+                             fill_level=FILL_FULL):
      """Fill data in various AD partitions
  
      :param samdb: LDB object connected to sam.ldb file
@@ -974,20 +996,21 @@ def fill_dns_data_partitions(samdb, domainsid, site, domaindn, forestdn,
          add_dc_domain_records(samdb, domaindn, "DC=DomainDnsZones", site,
                                dnsdomain, hostname, hostip, hostip6)
  
-    ##### Set up DC=ForestDnsZones,<DOMAINDN>
-    # Add _msdcs record
-    add_msdcs_record(samdb, forestdn, "DC=ForestDnsZones", dnsforest)
+    if fill_level != FILL_SUBDOMAIN:
+        ##### Set up DC=ForestDnsZones,<FORESTDN>
+        # Add _msdcs record
+        add_msdcs_record(samdb, forestdn, "DC=ForestDnsZones", dnsforest)
  
-    # Add DNS records for a DC in forest
-    if autofill:
-        add_dc_msdcs_records(samdb, forestdn, "DC=ForestDnsZones", site,
-                             dnsforest, hostname, hostip, hostip6,
-                             domainguid, ntdsguid)
+        # Add DNS records for a DC in forest
+        if autofill:
+            add_dc_msdcs_records(samdb, forestdn, "DC=ForestDnsZones", site,
+                                 dnsforest, hostname, hostip, hostip6,
+                                 domainguid, ntdsguid)
  
  
  def setup_ad_dns(samdb, secretsdb, domainsid, names, paths, lp, logger,
          dns_backend, os_level, site, dnspass=None, hostip=None, hostip6=None,
-        targetdir=None):
+        targetdir=None, fill_level=FILL_FULL):
      """Provision DNS information (assuming GC role)
  
      :param samdb: LDB object connected to sam.ldb file
@@ -1062,18 +1085,19 @@ def setup_ad_dns(samdb, secretsdb, domainsid, names, paths, lp, logger,
          # Create DNS partitions
          logger.info("Creating DomainDnsZones and ForestDnsZones partitions")
          create_dns_partitions(samdb, domainsid, names, domaindn, forestdn,
-                              dnsadmins_sid)
+                              dnsadmins_sid, fill_level)
  
          # Populating dns partitions
          logger.info("Populating DomainDnsZones and ForestDnsZones partitions")
          fill_dns_data_partitions(samdb, domainsid, site, domaindn, forestdn,
-                                dnsdomain, dnsforest, hostname, hostip, hostip6,
-                                domainguid, names.ntdsguid, dnsadmins_sid)
+                                 dnsdomain, dnsforest, hostname, hostip, hostip6,
+                                 domainguid, names.ntdsguid, dnsadmins_sid,
+                                 fill_level=fill_level)
  
      if dns_backend.startswith("BIND9_"):
          setup_bind9_dns(samdb, secretsdb, domainsid, names, paths, lp, logger,
-            dns_backend, os_level, site=site, dnspass=dnspass, hostip=hostip,
-            hostip6=hostip6, targetdir=targetdir)
+                        dns_backend, os_level, site=site, dnspass=dnspass, hostip=hostip,
+                        hostip6=hostip6, targetdir=targetdir)
  
  
  def setup_bind9_dns(samdb, secretsdb, domainsid, names, paths, lp, logger,
diff --git a/python/samba/upgrade.py b/python/samba/upgrade.py

index 6b55ed76a7164522b83ac4fda2106e32cc5d3aea..ff5990c667656435cbdf47d4b571b290a5499ab7 100644 (file)
--- a/python/samba/upgrade.py
+++ b/python/samba/upgrade.py
@@ -26,7 +26,8 @@ import pwd
  
  from samba import Ldb, registry
  from samba.param import LoadParm
-from samba.provision import provision, FILL_FULL, ProvisioningError, setsysvolacl
+from samba.provision import provision, ProvisioningError, setsysvolacl
+from samba.provision.common import FILL_FULL
  from samba.samba3 import passdb
  from samba.samba3 import param as s3param
  from samba.dcerpc import lsa, samr, security
diff --git a/python/samba/upgradehelpers.py b/python/samba/upgradehelpers.py

index b6750eb43003772486e79af41c253a898f74d1a7..d2b0a1872f3166987936333a564d24682805bb07 100644 (file)
--- a/python/samba/upgradehelpers.py
+++ b/python/samba/upgradehelpers.py
@@ -31,8 +31,9 @@ from ldb import SCOPE_SUBTREE, SCOPE_ONELEVEL, SCOPE_BASE
  import ldb
  from samba.provision import (provision_paths_from_lp,
                              getpolicypath, set_gpos_acl, create_gpo_struct,
-                            FILL_FULL, provision, ProvisioningError,
+                            provision, ProvisioningError,
                              setsysvolacl, secretsdb_self_join)
+from samba.provision.common import FILL_FULL
  from samba.dcerpc import xattr, drsblobs, security
  from samba.dcerpc.misc import SEC_CHAN_BDC
  from samba.ndr import ndr_unpack
diff --git a/source4/scripting/bin/samba_upgradedns b/source4/scripting/bin/samba_upgradedns

index 6b208c927f500440ef7c56004605c4e51de0c94b..d2c96cc1c274b2d8ade20e5750c68a0ae9620c07 100755 (executable)
--- a/source4/scripting/bin/samba_upgradedns
+++ b/source4/scripting/bin/samba_upgradedns
@@ -46,7 +46,8 @@ from samba.provision import (
      interface_ips_v6 )
  from samba.provision.common import (
      setup_path,
-    setup_add_ldif )
+    setup_add_ldif,
+    FILL_FULL)
  from samba.provision.sambadns import (
      ARecord,
      AAAARecord,
@@ -339,7 +340,7 @@ if __name__ == '__main__':
          logger.debug("IPv6 addresses: %s" % hostip6)
  
          create_dns_partitions(ldbs.sam, domainsid, names, domaindn, forestdn,
-                          dnsadmins_sid)
+                              dnsadmins_sid, FILL_FULL)
  
          logger.info("Populating DNS partitions")
          fill_dns_data_partitions(ldbs.sam, domainsid, site, domaindn, forestdn,
diff --git a/source4/setup/provision_dnszones_add.ldif b/source4/setup/provision_dnszones_add.ldif

index bf872f0b64da02851083d8104f8aa92ac7b6fa3f..860aa4b72b302a218c6d2026acbe3cdddf8716f6 100644 (file)
--- a/source4/setup/provision_dnszones_add.ldif
+++ b/source4/setup/provision_dnszones_add.ldif
@@ -1,7 +1,7 @@
  #################################
  # Required objectclasses
  #################################
-dn: CN=Deleted Objects,${DOMAINZONE_DN}
+dn: CN=Deleted Objects,${ZONE_DN}
  objectClass: top
  objectClass: container
  description: Deleted objects
@@ -9,71 +9,34 @@ isDeleted: TRUE
  isCriticalSystemObject: TRUE
  systemFlags: -1946157056
  
-dn: CN=LostAndFound,${DOMAINZONE_DN}
+dn: CN=LostAndFound,${ZONE_DN}
  objectClass: top
  objectClass: lostAndFound
  isCriticalSystemObject: TRUE
  systemFlags: -1946157056
  nTSecurityDescriptor:: ${LOSTANDFOUND_DESCRIPTOR}
  
-dn: CN=Infrastructure,${DOMAINZONE_DN}
+dn: CN=Infrastructure,${ZONE_DN}
  objectClass: top
  objectClass: infrastructureUpdate
  isCriticalSystemObject: TRUE
  systemFlags: -1946157056
  nTSecurityDescriptor:: ${INFRASTRUCTURE_DESCRIPTOR}
  
-dn: CN=NTDS Quotas,${DOMAINZONE_DN}
+dn: CN=NTDS Quotas,${ZONE_DN}
  objectClass: top
  objectClass: msDS-QuotaContainer
  isCriticalSystemObject: TRUE
  systemFlags: -1946157056
  
  
-dn: CN=Deleted Objects,${FORESTZONE_DN}
-objectClass: top
-objectClass: container
-description: Deleted objects
-isDeleted: TRUE
-isCriticalSystemObject: TRUE
-systemFlags: -1946157056
-
-dn: CN=LostAndFound,${FORESTZONE_DN}
-objectClass: top
-objectClass: lostAndFound
-isCriticalSystemObject: TRUE
-systemFlags: -1946157056
-nTSecurityDescriptor:: ${LOSTANDFOUND_DESCRIPTOR}
-
-dn: CN=Infrastructure,${FORESTZONE_DN}
-objectClass: top
-objectClass: infrastructureUpdate
-isCriticalSystemObject: TRUE
-systemFlags: -1946157056
-nTSecurityDescriptor:: ${INFRASTRUCTURE_DESCRIPTOR}
-
-dn: CN=NTDS Quotas,${FORESTZONE_DN}
-objectClass: top
-objectClass: msDS-QuotaContainer
-isCriticalSystemObject: TRUE
-systemFlags: -1946157056
-
  #################################
  # Configure partitions
  #################################
-dn: CN=${DOMAINZONE_GUID},CN=Partitions,${CONFIGDN}
+dn: CN=${ZONE_GUID},CN=Partitions,${CONFIGDN}
  objectClass: top
  objectClass: crossRef
-nCName: ${DOMAINZONE_DN}
-dnsRoot: ${DOMAINZONE_DNS}
+nCName: ${ZONE_DN}
+dnsRoot: ${ZONE_DNS}
  systemFlags: 5
  msDS-NC-Replica-Locations: CN=NTDS Settings,${SERVERDN}
-
-dn: CN=${FORESTZONE_GUID},CN=Partitions,${CONFIGDN}
-objectClass: top
-objectClass: crossRef
-nCName: ${FORESTZONE_DN}
-dnsRoot: ${FORESTZONE_DNS}
-systemFlags: 5
-msDS-NC-Replica-Locations: CN=NTDS Settings,${SERVERDN}
-
diff --git a/source4/setup/provision_dnszones_modify.ldif b/source4/setup/provision_dnszones_modify.ldif

index 0dc942ff1e9ae7154ac703c0f1924693de84fc3a..108d8b8b1b2c7be85d940a9fd356a58ff3f1e058 100644 (file)
--- a/source4/setup/provision_dnszones_modify.ldif
+++ b/source4/setup/provision_dnszones_modify.ldif
@@ -1,36 +1,21 @@
-dn: ${DOMAINZONE_DN}
+dn: ${ZONE_DN}
  changetype: modify
  add: wellKnownObjects
-wellKnownObjects: B:32:6227f0af1fc2410d8e3bb10615bb5b0f:CN=NTDS Quotas,${DOMAINZONE_DN}
-wellKnownObjects: B:32:18e2ea80684f11d2b9aa00c04f79f805:CN=Deleted Objects,${DOMAINZONE_DN}
-wellKnownObjects: B:32:2fbac1870ade11d297c400c04fd8d5cd:CN=Infrastructure,${DOMAINZONE_DN}
-wellKnownObjects: B:32:ab8153b7768811d1aded00c04fd8d5cd:CN=LostAndFound,${DOMAINZONE_DN}
+wellKnownObjects: B:32:6227f0af1fc2410d8e3bb10615bb5b0f:CN=NTDS Quotas,${ZONE_DN}
+wellKnownObjects: B:32:18e2ea80684f11d2b9aa00c04f79f805:CN=Deleted Objects,${ZONE_DN}
+wellKnownObjects: B:32:2fbac1870ade11d297c400c04fd8d5cd:CN=Infrastructure,${ZONE_DN}
+wellKnownObjects: B:32:ab8153b7768811d1aded00c04fd8d5cd:CN=LostAndFound,${ZONE_DN}
  
-dn: CN=Infrastructure,${DOMAINZONE_DN}
+dn: CN=Infrastructure,${ZONE_DN}
  changetype: modify
  add: fSMORoleOwner
  fSMORoleOwner: CN=NTDS Settings,${SERVERDN}
  
-dn: CN=Infrastructure,${FORESTZONE_DN}
-changetype: modify
-add: fSMORoleOwner
-fSMORoleOwner: CN=NTDS Settings,${SERVERDN}
-
-dn: ${FORESTZONE_DN}
-changetype: modify
-add: wellKnownObjects
-wellKnownObjects: B:32:6227f0af1fc2410d8e3bb10615bb5b0f:CN=NTDS Quotas,${FORESTZONE_DN}
-wellKnownObjects: B:32:18e2ea80684f11d2b9aa00c04f79f805:CN=Deleted Objects,${FORESTZONE_DN}
-wellKnownObjects: B:32:2fbac1870ade11d297c400c04fd8d5cd:CN=Infrastructure,${FORESTZONE_DN}
-wellKnownObjects: B:32:ab8153b7768811d1aded00c04fd8d5cd:CN=LostAndFound,${FORESTZONE_DN}
-
  dn: CN=NTDS Settings,${SERVERDN}
  changetype: modify
  add: msDS-HasInstantiatedNCs
-msDS-HasInstantiatedNCs: B:8:0000000D:${DOMAINZONE_DN}
-msDS-HasInstantiatedNCs: B:8:0000000D:${FORESTZONE_DN}
+msDS-HasInstantiatedNCs: B:8:0000000D:${ZONE_DN}
  -
  add: msDS-hasMasterNCs
-msDS-hasMasterNCs: ${DOMAINZONE_DN}
-msDS-hasMasterNCs: ${FORESTZONE_DN}
+msDS-hasMasterNCs: ${ZONE_DN}
  -
diff --git a/source4/setup/provision_dnszones_partitions.ldif b/source4/setup/provision_dnszones_partitions.ldif

index 4ab7aedd90132375df572b2d81b04578ec388358..c022bd02aafda2de65112d0482de35ace5b35989 100644 (file)
--- a/source4/setup/provision_dnszones_partitions.ldif
+++ b/source4/setup/provision_dnszones_partitions.ldif
@@ -1,7 +1,7 @@
  ################################
  ## DNSZones Naming Context
  ################################
-dn: ${DOMAINZONE_DN}
+dn: ${ZONE_DN}
  objectClass: top
  objectClass: domainDNS
  description: Microsoft DNS Directory
@@ -9,10 +9,3 @@ msDS-NcType: 0
  instanceType: 13
  ntSecurityDescriptor:: ${SECDESC}
  
-dn: ${FORESTZONE_DN}
-objectClass: top
-objectClass: domainDNS
-description: Microsoft DNS Directory
-msDS-NcType: 0
-instanceType: 13
-ntSecurityDescriptor:: ${SECDESC}
author	Andrew Bartlett <abartlet@samba.org>
	Sun, 8 Sep 2013 23:54:23 +0000 (11:54 +1200)
committer	Stefan Metzmacher <metze@samba.org>
	Fri, 11 Oct 2013 08:27:49 +0000 (10:27 +0200)
python/samba/join.py		patch \| blob \| history
python/samba/netcmd/domain.py		patch \| blob \| history
python/samba/provision/__init__.py		patch \| blob \| history
python/samba/provision/common.py		patch \| blob \| history
python/samba/provision/sambadns.py		patch \| blob \| history
python/samba/upgrade.py		patch \| blob \| history
python/samba/upgradehelpers.py		patch \| blob \| history
source4/scripting/bin/samba_upgradedns		patch \| blob \| history
source4/setup/provision_dnszones_add.ldif		patch \| blob \| history
source4/setup/provision_dnszones_modify.ldif		patch \| blob \| history
source4/setup/provision_dnszones_partitions.ldif		patch \| blob \| history