dNSHostName: ${DNSNAME}
objectCategory: CN=Computer,CN=Schema,CN=Configuration,${BASEDN}
isCriticalSystemObject: TRUE
-unicodePwd: ${JOINPASS}
+unicodePwd: ${MACHINEPASS}
servicePrincipalName: HOST/${DNSNAME}
servicePrincipalName: HOST/${NETBIOSNAME}
msDS-KeyVersionNumber: 1
servicePrincipalName: kadmin/changepw
objectCategory: CN=Person,CN=Schema,CN=Configuration,${BASEDN}
isCriticalSystemObject: TRUE
-unicodePwd: ${RANDPASS}
+unicodePwd: ${KRBTGTPASS}
dn: CN=Domain Computers,CN=Users,${BASEDN}
objectClass: top
my $opt_realm;
my $opt_domain;
my $opt_adminpass;
+my $opt_krbtgtpass;
+my $opt_machinepass;
my $opt_root;
my $opt_nobody;
my $opt_nogroup;
return $pass;
}
-my $joinpass = randpass();
-
sub ldaptime()
{
my ($sec,$min,$hour,$mday,$mon,$year,$wday,$yday) = gmtime(time);
$year+1900, $mon+1, $mday, $hour, $min, $sec;
}
+sub timestring()
+{
+ my ($sec,$min,$hour,$mday,$mon,$year,$wday,$yday) = gmtime(time);
+ return sprintf "%04u%02u%02u%02u%02u%02u",
+ $year+1900, $mon+1, $mday, $hour, $min, $sec;
+}
+
#######################
# substitute a single variable
sub substitute($)
return ldaptime();
}
+ if ($var eq "TIMESTRING") {
+ return timestring();
+ }
+
if ($var eq "NEWGUID") {
return randguid();
}
return $opt_adminpass;
}
- if ($var eq "RANDPASS") {
- return randpass();
+ if ($var eq "KRBTGTPASS") {
+ return $opt_krbtgtpass;
}
- if ($var eq "JOINPASS") {
- return $joinpass;
+ if ($var eq "MACHINEPASS") {
+ return $opt_machinepass;
}
if ($var eq "NTTIME") {
--invocationid GUID set invocationid (otherwise random)
--outputdir OUTPUTDIR set output directory
--adminpass PASSWORD choose admin password (otherwise random)
+ --krbtgtpass PASSWORD choose krbtgt password (otherwise random)
+ --machinepass PASSWORD choose machine password (otherwise random)
--root USERNAME choose 'root' unix username
--nobody USERNAME choose 'nobody' user
--nogroup GROUPNAME choose 'nogroup' group
'host-guid=s' => \$opt_hostguid,
'invocationid=s' => \$opt_invocationid,
'adminpass=s' => \$opt_adminpass,
+ 'krbtgtpass=s' => \$opt_krbtgtpass,
+ 'machinepass=s' => \$opt_machinepass,
'root=s' => \$opt_root,
'nobody=s' => \$opt_nobody,
'nogroup=s' => \$opt_nogroup,
print "chose random Administrator password '$opt_adminpass'\n";
}
+if (!$opt_krbtgtpass) {
+ $opt_krbtgtpass = randpass();
+ print "chose random krbtgt password '$opt_krbtgtpass'\n";
+}
+
+if (!$opt_machinepass) {
+ $opt_machinepass = randpass();
+ print "chose random machine password '$opt_machinepass'\n";
+}
+
# allow provisioning to be run from the source directory
$ENV{"PATH"} = "bin:../bin:" . $ENV{"PATH"};