r3109: Give krbtgt and our machine account a random password in provision.

Andrew Bartlett
(This used to be commit 560a8c9f424495f85284a456e829326d2a931e6e)

diff --git a/source4/provision.ldif b/source4/provision.ldif
index 2497b2cb7a039dc34112f38b3f37572bc4e50ddf..ba204285fbb788890b0b84cda70baf305513307f 100644 (file)
--- a/source4/provision.ldif
+++ b/source4/provision.ldif
@@ -472,6 +472,8 @@ operatingSystemVersion: 4.0
 dNSHostName: ${DNSNAME}
 objectCategory: CN=Computer,CN=Schema,CN=Configuration,${BASEDN}
 isCriticalSystemObject: TRUE
+unicodePwd: ${RANDPASS}
+servicePrincipalName: HOST/${DNSNAME}
 
 dn: CN=krbtgt,CN=Users,${BASEDN}
 objectClass: top
@@ -506,6 +508,7 @@ sAMAccountType: 805306368
 servicePrincipalName: kadmin/changepw
 objectCategory: CN=Person,CN=Schema,CN=Configuration,${BASEDN}
 isCriticalSystemObject: TRUE
+unicodePwd: ${RANDPASS}
 
 dn: CN=Domain Computers,CN=Users,${BASEDN}
 objectClass: top

diff --git a/source4/script/provision.pl b/source4/script/provision.pl
index 4b51e9611b14f276daacc7d92c3ecc1948a7ade2..c00511f3735598e1bb7060d1ee745e390a05d6fa 100755 (executable)
--- a/source4/script/provision.pl
+++ b/source4/script/provision.pl
@@ -137,6 +137,10 @@ sub substitute($)
                return $opt_adminpass;
        }
 
+       if ($var eq "RANDPASS") {
+           return randpass();
+       }
+
        if ($var eq "NTTIME") {
                return "" . nttime();
        }