s4:drs-development Scripts to assist testing of DRS replication with AD

These scripts, originally by tridge, allow developers to easily
reproduce the same domain join senerio time after time.

They need documentation, and the template named.conf and zone files
for hosting an AD domain are not provided.  However, I hope to have
the provision script provide these shortly.

They assume a local 'bind' set up to read PREFIX/private/named.conf
(as per the provision instructions).

Ensure you edit the 'vars' file to match your local setup.

Andrew Bartlett

diff --git a/source4/scripting/devel/drs/fsmo.ldif.template b/source4/scripting/devel/drs/fsmo.ldif.template
new file mode 100644 (file)
index 0000000..d5b373a
--- /dev/null
+++ b/source4/scripting/devel/drs/fsmo.ldif.template
@@ -0,0 +1,75 @@
+dn: CN=RID Manager$,CN=System,BASEDN
+changetype: modify
+replace: fSMORoleOwner
+fSMORoleOwner: CN=NTDS Settings,CN=MACHINE,CN=Servers,CN=Default-First-Site-Name,C
+ N=Sites,CN=Configuration,BASEDN
+-
+
+dn: BASEDN
+changetype: modify
+replace: fSMORoleOwner
+fSMORoleOwner: CN=NTDS Settings,CN=MACHINE,CN=Servers,CN=Default-First-Site-Name,C
+ N=Sites,CN=Configuration,BASEDN
+-
+
+dn: CN=Infrastructure,BASEDN
+changetype: modify
+replace: fSMORoleOwner
+fSMORoleOwner: CN=NTDS Settings,CN=MACHINE,CN=Servers,CN=Default-First-Site-Name,C
+ N=Sites,CN=Configuration,BASEDN
+-
+
+dn: CN=Partitions,CN=Configuration,BASEDN
+changetype: modify
+replace: fSMORoleOwner
+fSMORoleOwner: CN=NTDS Settings,CN=MACHINE,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,BASEDN
+-
+
+dn: CN=Schema,CN=Configuration,BASEDN
+changetype: modify
+replace: fSMORoleOwner
+fSMORoleOwner: CN=NTDS Settings,CN=MACHINE,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,BASEDN
+-
+
+dn: CN=NTDS Settings,CN=MACHINE,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,BASEDN
+changetype: modify
+replace: options
+options: 1
+-
+
+dn: CN=MACHINE,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,BASEDN
+changetype: modify
+replace: dNSHostName
+dNSHostName: MACHINE.DNSDOMAIN
+-
+
+dn: CN=NTDS Site Settings,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,BASEDN
+changetype: modify
+replace: interSiteTopologyGenerator
+interSiteTopologyGenerator: CN=NTDS Settings,CN=MACHINE,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,BASEDN
+-
+
+dn: CN=MACHINE,OU=Domain Controllers,BASEDN
+changetype: modify
+replace: servicePrincipalName
+servicePrincipalName: GC/MACHINE.DNSDOMAIN/DNSDOMAIN
+servicePrincipalName: HOST/MACHINE/NETBIOSDOMAIN
+servicePrincipalName: ldap/MACHINE/NETBIOSDOMAIN
+servicePrincipalName: ldap/MACHINE.DNSDOMAIN/ForestDnsZones.DNSDOMAIN
+servicePrincipalName: ldap/MACHINE.DNSDOMAIN/DomainDnsZones.DNSDOMAIN
+servicePrincipalName: DNS/MACHINE.DNSDOMAIN
+servicePrincipalName: RestrictedKrbHost/MACHINE.DNSDOMAIN
+servicePrincipalName: RestrictedKrbHost/MACHINE
+servicePrincipalName: HOST/MACHINE.DNSDOMAIN/NETBIOSDOMAIN
+servicePrincipalName: HOST/MACHINE
+servicePrincipalName: HOST/MACHINE.DNSDOMAIN
+servicePrincipalName: HOST/MACHINE.DNSDOMAIN/DNSDOMAIN
+servicePrincipalName: ldap/MACHINE.DNSDOMAIN/NETBIOSDOMAIN
+servicePrincipalName: ldap/MACHINE
+servicePrincipalName: ldap/MACHINE.DNSDOMAIN
+servicePrincipalName: ldap/MACHINE.DNSDOMAIN/DNSDOMAIN
+servicePrincipalName: E3514235-4B06-11D1-AB04-00C04FC2DCD2/NTDSGUID/DNSDOMAIN
+servicePrincipalName: ldap/NTDSGUID._msdcs.DNSDOMAIN
+servicePrincipalName: Dfsr-12F9A27C-BF97-4787-9364-D31B6C55EB04/MACHINE.DNSDOMAIN
+servicePrincipalName: NtFrs-88f5d2bd-b646-11d2-a6d3-00c04fc9b232/MACHINE.DNSDOMAIN
+-

diff --git a/source4/scripting/devel/drs/named.conf.ad.template b/source4/scripting/devel/drs/named.conf.ad.template
new file mode 100644 (file)
index 0000000..071c98c
--- /dev/null
+++ b/source4/scripting/devel/drs/named.conf.ad.template
@@ -0,0 +1,6 @@
+zone "DNSDOMAIN" IN {
+     type forward;
+     forwarders {
+                SERVERIP;
+     };
+};

diff --git a/source4/scripting/devel/drs/revampire_ad.sh b/source4/scripting/devel/drs/revampire_ad.sh
new file mode 100755 (executable)
index 0000000..522601c
--- /dev/null
+++ b/source4/scripting/devel/drs/revampire_ad.sh
@@ -0,0 +1,23 @@
+#!/bin/bash
+
+set -x
+
+. `dirname $0`/vars
+
+`dirname $0`/vampire_ad.sh || exit 1
+
+ntds_guid=$(sudo bin/ldbsearch -H $PREFIX/private/sam.ldb -b "CN=NTDS Settings,CN=$machine,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,$dn" objectGUID|grep ^objectGUID| awk '{print $2}')
+
+cp $PREFIX/private/$DNSDOMAIN.zone{.template,}
+sed -i "s/NTDSGUID/$ntds_guid/g" $PREFIX/private/$DNSDOMAIN.zone
+cp $PREFIX/private/named.conf{.local,}
+sudo rndc reconfig
+fsmotmp=`mktemp fsmo.ldif.XXXXXXXXX`
+cp `dirname $0`/fsmo.ldif.template $fsmotmp
+sed -i "s/NTDSGUID/$ntds_guid/g" $fsmotmp
+sed -i "s/MACHINE/$machine/g" $fsmotmp
+sed -i "s/DNSDOMAIN/$DNSDOMAIN/g" $fsmotmp
+sed -i "s/BASEDN/$dn/g" $fsmotmp
+sed -i "s/NETBIOSDOMAIN/$workgroup/g" $fsmotmp
+sudo bin/ldbmodify -H $PREFIX/private/sam.ldb $fsmotmp
+rm $fsmotmp

diff --git a/source4/scripting/devel/drs/unvampire_ad.sh b/source4/scripting/devel/drs/unvampire_ad.sh
new file mode 100755 (executable)
index 0000000..f44edaf
--- /dev/null
+++ b/source4/scripting/devel/drs/unvampire_ad.sh
@@ -0,0 +1,12 @@
+#!/bin/bash
+
+set -x
+
+. `dirname $0`/vars
+
+
+$PREFIX/bin/ldbdel -H ldap://$server.$DNSDOMAIN -U$workgroup/administrator%$pass "CN=$machine,CN=Computers,$dn"
+$PREFIX/bin/ldbdel -H ldap://$server.$DNSDOMAIN -U$workgroup/administrator%$pass "CN=$machine,OU=Domain Controllers,$dn"
+$PREFIX/bin/ldbdel -H ldap://$server.$DNSDOMAIN -U$workgroup/administrator%$pass "CN=NTDS Settings,CN=$machine,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,$dn"
+$PREFIX/bin/ldbdel -H ldap://$server.$DNSDOMAIN -U$workgroup/administrator%$pass "CN=$machine,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,$dn"
+rm -f $PREFIX/private/*.ldb

diff --git a/source4/scripting/devel/drs/vampire_ad.sh b/source4/scripting/devel/drs/vampire_ad.sh
new file mode 100755 (executable)
index 0000000..3843388
--- /dev/null
+++ b/source4/scripting/devel/drs/vampire_ad.sh
@@ -0,0 +1,16 @@
+#!/bin/bash
+
+set -x
+
+. `dirname $0`/vars
+
+namedtmp=`mktemp named.conf.ad.XXXXXXXXX`
+cp `dirname $0`/named.conf.ad.template $namedtmp
+sed -i "s/DNSDOMAIN/$DNSDOMAIN/g" $namedtmp
+sed -i "s/SERVERIP/$server_ip/g" $namedtmp
+chmod a+r $namedtmp
+mv $namedtmp $PREFIX/private/named.conf
+sudo rndc reconfig
+`dirname $0`/unvampire_ad.sh
+sudo $PREFIX/bin/net vampire $DNSDOMAIN -Uadministrator%$pass -s $PREFIX/etc/smb.conf -d2 || exit 1
+PRIVATEDIR=$PREFIX/private sudo -E scripting/bin/setup_dns.sh $machine $DNSDOMAIN $machine_ip || exit 1

diff --git a/source4/scripting/devel/drs/vars b/source4/scripting/devel/drs/vars
new file mode 100644 (file)
index 0000000..e1fe53c
--- /dev/null
+++ b/source4/scripting/devel/drs/vars
@@ -0,0 +1,11 @@
+DNSDOMAIN=ad.samba.example.com
+PREFIX="/data/samba/samba4/prefix.ad"
+export PYTHONPATH=$PYTHONPATH:$PREFIX/lib/python2.6/site-packages
+pass="penguin"
+machine="ruth"
+machine_ip="192.168.122.1"
+workgroup=adruth
+dn="DC=ad,DC=samba,DC=example,DC=com"
+server=win2008-1
+server_ip=192.168.122.53
+