search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
s4-provision: Make DNS entries consistent with dns_update script
[Samba/bjacke.git] / source4 / scripting / python / samba / provision / sambadns.py
blob93fce601749221cfdde5f6c83df1585511030cfe
1 # Unix SMB/CIFS implementation.
2 # backend code for provisioning DNS for a Samba4 server
3 #
4 # Copyright (C) Kai Blin <kai@samba.org> 2011
5 # Copyright (C) Amitay Isaacs <amitay@gmail.com> 2011
6 #
7 # This program is free software; you can redistribute it and/or modify
8 # it under the terms of the GNU General Public License as published by
9 # the Free Software Foundation; either version 3 of the License, or
10 # (at your option) any later version.
11 #
12 # This program is distributed in the hope that it will be useful,
13 # but WITHOUT ANY WARRANTY; without even the implied warranty of
14 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
15 # GNU General Public License for more details.
16 #
17 # You should have received a copy of the GNU General Public License
18 # along with this program. If not, see <http://www.gnu.org/licenses/>.
19 #
20
21 """DNS-related provisioning"""
22
23 import os
24 import uuid
25 import ldb
26 import samba
27 from samba.ndr import ndr_pack, ndr_unpack
28 from samba import read_and_sub_file
29 from samba.dcerpc import dnsp, misc
30 from samba.dsdb import (
31 DS_DOMAIN_FUNCTION_2000,
32 DS_DOMAIN_FUNCTION_2003,
33 DS_DOMAIN_FUNCTION_2008,
34 DS_DOMAIN_FUNCTION_2008_R2
35 )
36
37
38 def add_ldif(ldb, ldif_file, subst_vars, controls=["relax:0"]):
39 ldif_file_path = os.path.join(samba.param.setup_dir(), ldif_file)
40 data = read_and_sub_file(ldif_file_path, subst_vars)
41 ldb.add_ldif(data, controls)
42
43 def modify_ldif(ldb, ldif_file, subst_vars, controls=["relax:0"]):
44 ldif_file_path = os.path.join(samba.param.setup_dir(), ldif_file)
45 data = read_and_sub_file(ldif_file_path, subst_vars)
46 ldb.modify_ldif(data, controls)
47
48 def get_domainguid(samdb, domaindn):
49 res = samdb.search(base=domaindn, scope=ldb.SCOPE_BASE, attrs=["objectGUID"])
50 domainguid = str(ndr_unpack(misc.GUID, res[0]["objectGUID"][0]))
51 return domainguid
52
53 def get_ntdsguid(samdb, domaindn):
54 configdn = "CN=Configuration,%s" % domaindn
55
56 res1 = samdb.search(base="OU=Domain Controllers,%s" % domaindn, scope=ldb.SCOPE_ONELEVEL,
57 attrs=["dNSHostName"])
58
59 res2 = samdb.search(expression="serverReference=%s" % res1[0].dn, base=configdn)
60
61 res3 = samdb.search(base="CN=NTDS Settings,%s" % res2[0].dn, scope=ldb.SCOPE_BASE,
62 attrs=["objectGUID"])
63 ntdsguid = str(ndr_unpack(misc.GUID, res3[0]["objectGUID"][0]))
64 return ntdsguid
65
66
67 class ARecord(dnsp.DnssrvRpcRecord):
68 def __init__(self, ip_addr, serial=1, ttl=900):
69 super(ARecord, self).__init__()
70 self.wType = dnsp.DNS_TYPE_A
71 self.dwSerial = serial
72 self.dwTtlSeconds = ttl
73 self.data = ip_addr
74
75 class AAAARecord(dnsp.DnssrvRpcRecord):
76 def __init__(self, ip6_addr, serial=1, ttl=900):
77 super(AAAARecord, self).__init__()
78 self.wType = dnsp.DNS_TYPE_AAAA
79 self.dwSerial = serial
80 self.dwTtlSeconds = ttl
81 self.data = ip6_addr
82
83 class CNameRecord(dnsp.DnssrvRpcRecord):
84 def __init__(self, cname, serial=1, ttl=900):
85 super(CNameRecord, self).__init__()
86 self.wType = dnsp.DNS_TYPE_CNAME
87 self.dwSerial = serial
88 self.dwTtlSeconds = ttl
89 self.data = cname
90
91 class NSRecord(dnsp.DnssrvRpcRecord):
92 def __init__(self, dns_server, serial=1, ttl=900):
93 super(NSRecord, self).__init__()
94 self.wType = dnsp.DNS_TYPE_NS
95 self.dwSerial = serial
96 self.dwTtlSeconds = ttl
97 self.data = dns_server
98
99 class RootNSRecord(dnsp.DnssrvRpcRecord):
100 def __init__(self, dns_server, serial=1, ttl=3600):
101 super(RootNSRecord, self).__init__()
102 self.wType = dnsp.DNS_TYPE_NS
103 self.dwSerial = serial
104 self.dwTtlSeconds = ttl
105 self.data = dns_server
106 self.rank = dnsp.DNS_RANK_ROOT_HINT
107
108 class SOARecord(dnsp.DnssrvRpcRecord):
109 def __init__(self, mname, rname, serial=1, refresh=900, retry=600,
110 expire=86400, minimum=3600, ttl=3600):
111 super(SOARecord, self).__init__()
112 self.wType = dnsp.DNS_TYPE_SOA
113 self.dwSerial = serial
114 self.dwTtlSeconds = ttl
115 soa = dnsp.soa()
116 soa.serial = serial
117 soa.refresh = refresh
118 soa.retry = retry
119 soa.expire = expire
120 soa.mname = mname
121 soa.rname = rname
122 self.data = soa
123
124 class SRVRecord(dnsp.DnssrvRpcRecord):
125 def __init__(self, target, port, priority=0, weight=100, serial=1, ttl=900):
126 super(SRVRecord, self).__init__()
127 self.wType = dnsp.DNS_TYPE_SRV
128 self.dwSerial = serial
129 self.dwTtlSeconds = ttl
130 srv = dnsp.srv()
131 srv.nameTarget = target
132 srv.wPort = port
133 srv.wPriority = priority
134 srv.wWeight = weight
135 self.data = srv
136
137
138 def setup_dns_partitions(samdb, domaindn, forestdn, configdn, serverdn):
139
140 # FIXME: Default security descriptor for Domain-DNS objectCategory is different in
141 # our documentation from windows
142
143 domainzone_dn = "DC=DomainDnsZones,%s" % domaindn
144 forestzone_dn = "DC=ForestDnsZones,%s" % forestdn
145
146 add_ldif(samdb, "provision_dnszones_partitions.ldif", {
147 "DOMAINZONE_DN": domainzone_dn,
148 "FORESTZONE_DN": forestzone_dn,
149 })
150
151 domainzone_guid = get_domainguid(samdb, domainzone_dn)
152 forestzone_guid = get_domainguid(samdb, forestzone_dn)
153
154 domainzone_guid = str(uuid.uuid4())
155 forestzone_guid = str(uuid.uuid4())
156
157 domainzone_dns = ldb.Dn(samdb, domainzone_dn).canonical_ex_str().strip()
158 forestzone_dns = ldb.Dn(samdb, forestzone_dn).canonical_ex_str().strip()
159
160 add_ldif(samdb, "provision_dnszones_add.ldif", {
161 "DOMAINZONE_DN": domainzone_dn,
162 "FORESTZONE_DN": forestzone_dn,
163 "DOMAINZONE_GUID": domainzone_guid,
164 "FORESTZONE_GUID": forestzone_guid,
165 "DOMAINZONE_DNS": domainzone_dns,
166 "FORESTZONE_DNS": forestzone_dns,
167 "CONFIGDN": configdn,
168 })
169
170 modify_ldif(samdb, "provision_dnszones_modify.ldif", {
171 "CONFIGDN": configdn,
172 "SERVERDN": serverdn,
173 "DOMAINZONE_DN": domainzone_dn,
174 "FORESTZONE_DN": forestzone_dn,
175 })
176
177
178 def add_dns_accounts(samdb, domaindn):
179 add_ldif(samdb, "provision_dns_accounts_add.ldif", {
180 "DOMAINDN": domaindn,
181 })
182
183 def add_dns_container(samdb, domaindn, prefix):
184 # CN=MicrosoftDNS,<PREFIX>,<DOMAINDN>
185 msg = ldb.Message(ldb.Dn(samdb, "CN=MicrosoftDNS,%s,%s" % (prefix, domaindn)))
186 msg["objectClass"] = ["top", "container"]
187 msg["displayName"] = ldb.MessageElement("DNS Servers", ldb.FLAG_MOD_ADD, "displayName")
188 samdb.add(msg)
189
190
191 def add_rootservers(samdb, domaindn, prefix):
192 rootservers = {}
193 rootservers["a.root-servers.net"] = "198.41.0.4"
194 rootservers["b.root-servers.net"] = "192.228.79.201"
195 rootservers["c.root-servers.net"] = "192.33.4.12"
196 rootservers["d.root-servers.net"] = "128.8.10.90"
197 rootservers["e.root-servers.net"] = "192.203.230.10"
198 rootservers["f.root-servers.net"] = "192.5.5.241"
199 rootservers["g.root-servers.net"] = "192.112.36.4"
200 rootservers["h.root-servers.net"] = "128.63.2.53"
201 rootservers["i.root-servers.net"] = "192.36.148.17"
202 rootservers["j.root-servers.net"] = "192.58.128.30"
203 rootservers["k.root-servers.net"] = "193.0.14.129"
204 rootservers["l.root-servers.net"] = "199.7.83.42"
205 rootservers["m.root-servers.net"] = "202.12.27.33"
206
207 rootservers_v6 = {}
208 rootservers_v6["a.root-servers.net"] = "2001:503:ba3e::2:30"
209 rootservers_v6["f.root-servers.net"] = "2001:500:2f::f"
210 rootservers_v6["h.root-servers.net"] = "2001:500:1::803f:235"
211 rootservers_v6["j.root-servers.net"] = "2001:503:c27::2:30"
212 rootservers_v6["k.root-servers.net"] = "2001:7fd::1"
213 rootservers_v6["m.root-servers.net"] = "2001:dc3::35"
214
215 container_dn = "DC=RootDNSServers,CN=MicrosoftDNS,%s,%s" % (prefix, domaindn)
216
217 # Add DC=RootDNSServers,CN=MicrosoftDNS,<PREFIX>,<DOMAINDN>
218 msg = ldb.Message(ldb.Dn(samdb, container_dn))
219 msg["objectClass"] = ["top", "dnsZone"]
220 samdb.add(msg)
221
222 # Add DC=@,DC=RootDNSServers,CN=MicrosoftDNS,<PREFIX>,<DOMAINDN>
223 record = []
224 for rserver in rootservers:
225 record.append(ndr_pack(RootNSRecord(rserver, serial=0, ttl=0)))
226
227 msg = ldb.Message(ldb.Dn(samdb, "DC=@,%s" % container_dn))
228 msg["objectClass"] = ["top", "dnsNode"]
229 msg["dnsRecord"] = ldb.MessageElement(record, ldb.FLAG_MOD_ADD, "dnsRecord")
230 samdb.add(msg)
231
232 # Add DC=<rootserver>,DC=RootDNSServers,CN=MicrosoftDNS,<PREFIX>,<DOMAINDN>
233 for rserver in rootservers:
234 record = [ndr_pack(ARecord(rootservers[rserver], serial=0, ttl=0))]
235 # Add AAAA record as well (How does W2K* add IPv6 records?)
236 #if rserver in rootservers_v6:
237 # record.append(ndr_pack(AAAARecord(rootservers_v6[rserver], serial=0, ttl=0)))
238 msg = ldb.Message(ldb.Dn(samdb, "DC=%s,%s" % (rserver, container_dn)))
239 msg["objectClass"] = ["top", "dnsNode"]
240 msg["dnsRecord"] = ldb.MessageElement(record, ldb.FLAG_MOD_ADD, "dnsRecord")
241 samdb.add(msg)
242
243 def add_at_record(samdb, container_dn, prefix, hostname, dnsdomain, hostip, hostip6):
244
245 fqdn_hostname = "%s.%s" % (hostname, dnsdomain)
246
247 at_records = []
248
249 # SOA record
250 at_soa_record = SOARecord(fqdn_hostname, "hostmaster.%s" % dnsdomain)
251 at_records.append(ndr_pack(at_soa_record))
252
253 # NS record
254 at_ns_record = NSRecord(fqdn_hostname)
255 at_records.append(ndr_pack(at_ns_record))
256
257 if hostip is not None:
258 # A record
259 at_a_record = ARecord(hostip)
260 at_records.append(ndr_pack(at_a_record))
261
262 if hostip6 is not None:
263 # AAAA record
264 at_aaaa_record = AAAARecord(hostip6)
265 at_records.append(ndr_pack(at_aaaa_record))
266
267 msg = ldb.Message(ldb.Dn(samdb, "DC=@,%s" % container_dn))
268 msg["objectClass"] = ["top", "dnsNode"]
269 msg["dnsRecord"] = ldb.MessageElement(at_records, ldb.FLAG_MOD_ADD, "dnsRecord")
270 samdb.add(msg)
271
272 def add_srv_record(samdb, container_dn, prefix, host, port):
273 srv_record = SRVRecord(host, port)
274 msg = ldb.Message(ldb.Dn(samdb, "%s,%s" % (prefix, container_dn)))
275 msg["objectClass"] = ["top", "dnsNode"]
276 msg["dnsRecord"] = ldb.MessageElement(ndr_pack(srv_record), ldb.FLAG_MOD_ADD, "dnsRecord")
277 samdb.add(msg)
278
279 def add_ns_record(samdb, container_dn, prefix, host):
280 ns_record = NSRecord(host)
281 msg = ldb.Message(ldb.Dn(samdb, "%s,%s" % (prefix, container_dn)))
282 msg["objectClass"] = ["top", "dnsNode"]
283 msg["dnsRecord"] = ldb.MessageElement(ndr_pack(ns_record), ldb.FLAG_MOD_ADD, "dnsRecord")
284 samdb.add(msg)
285
286 def add_cname_record(samdb, container_dn, prefix, host):
287 cname_record = CNameRecord(host)
288 msg = ldb.Message(ldb.Dn(samdb, "%s,%s" % (prefix, container_dn)))
289 msg["objectClass"] = ["top", "dnsNode"]
290 msg["dnsRecord"] = ldb.MessageElement(ndr_pack(cname_record), ldb.FLAG_MOD_ADD, "dnsRecord")
291 samdb.add(msg)
292
293 def add_host_record(samdb, container_dn, prefix, hostip, hostip6):
294 host_records = []
295 if hostip:
296 a_record = ARecord(hostip)
297 host_records.append(ndr_pack(a_record))
298 if hostip6:
299 aaaa_record = AAAARecord(hostip6)
300 host_records.append(ndr_pack(aaaa_record))
301 if host_records:
302 msg = ldb.Message(ldb.Dn(samdb, "%s,%s" % (prefix, container_dn)))
303 msg["objectClass"] = ["top", "dnsNode"]
304 msg["dnsRecord"] = ldb.MessageElement(host_records, ldb.FLAG_MOD_ADD, "dnsRecord")
305 samdb.add(msg)
306
307 def add_domain_record(samdb, domaindn, prefix, dnsdomain):
308 # DC=<DNSDOMAIN>,CN=MicrosoftDNS,<PREFIX>,<DOMAINDN>
309 msg = ldb.Message(ldb.Dn(samdb, "DC=%s,CN=MicrosoftDNS,%s,%s" % (dnsdomain, prefix, domaindn)))
310 msg["objectClass"] = ["top", "dnsZone"]
311 samdb.add(msg)
312
313 def add_msdcs_record(samdb, forestdn, prefix, dnsforest):
314 # DC=_msdcs.<DNSFOREST>,CN=MicrosoftDNS,<PREFIX>,<FORESTDN>
315 msg = ldb.Message(ldb.Dn(samdb, "DC=_msdcs.%s,CN=MicrosoftDNS,%s,%s" %
316 (dnsforest, prefix, forestdn)))
317 msg["objectClass"] = ["top", "dnsZone"]
318 samdb.add(msg)
319
320
321 def add_dc_domain_records(samdb, domaindn, prefix, site, dnsdomain, hostname, hostip, hostip6):
322
323 fqdn_hostname = "%s.%s" % (hostname, dnsdomain)
324
325 # Set up domain container - DC=<DNSDOMAIN>,CN=MicrosoftDNS,<PREFIX>,<DOMAINDN>
326 domain_container_dn = ldb.Dn(samdb, "DC=%s,CN=MicrosoftDNS,%s,%s" %
327 (dnsdomain, prefix, domaindn))
328
329 # DC=@ record
330 add_at_record(samdb, domain_container_dn, "DC=@", hostname, dnsdomain, hostip, hostip6)
331
332 # DC=<HOSTNAME> record
333 add_host_record(samdb, domain_container_dn, "DC=%s" % hostname, hostip, hostip6)
334
335 # DC=_kerberos._tcp record
336 add_srv_record(samdb, domain_container_dn, "DC=_kerberos._tcp", fqdn_hostname, 88)
337
338 # DC=_kerberos._tcp.<SITENAME>._sites record
339 add_srv_record(samdb, domain_container_dn, "DC=_kerberos._tcp.%s._sites" % site,
340 fqdn_hostname, 88)
341
342 # DC=_kerberos._udp record
343 add_srv_record(samdb, domain_container_dn, "DC=_kerberos._udp", fqdn_hostname, 88)
344
345 # DC=_kpasswd._tcp record
346 add_srv_record(samdb, domain_container_dn, "DC=_kpasswd._tcp", fqdn_hostname, 464)
347
348 # DC=_kpasswd._udp record
349 add_srv_record(samdb, domain_container_dn, "DC=_kpasswd._udp", fqdn_hostname, 464)
350
351 # DC=_ldap._tcp record
352 add_srv_record(samdb, domain_container_dn, "DC=_ldap._tcp", fqdn_hostname, 389)
353
354 # DC=_ldap._tcp.<SITENAME>._sites record
355 add_srv_record(samdb, domain_container_dn, "DC=_ldap._tcp.%s._sites" % site,
356 fqdn_hostname, 389)
357
358 # FIXME: The number of SRV records depend on the various roles this DC has.
359 # _gc and _msdcs records are added if the we are the forest dc and not subdomain dc
360 #
361 # Assumption: current DC is GC and add all the entries
362
363 # DC=_gc._tcp record
364 add_srv_record(samdb, domain_container_dn, "DC=_gc._tcp", fqdn_hostname, 3268)
365
366 # DC=_gc._tcp.<SITENAME>,_sites record
367 add_srv_record(samdb, domain_container_dn, "DC=_gc._tcp.%s._sites" % site, fqdn_hostname, 3268)
368
369 # DC=_msdcs record
370 add_ns_record(samdb, domain_container_dn, "DC=_msdcs", fqdn_hostname)
371
372 # FIXME: Following entries are added only if DomainDnsZones and ForestDnsZones partitions
373 # are created
374 #
375 # Assumption: Additional entries won't hurt on os_level = 2000
376
377 # DC=_ldap._tcp.<SITENAME>._sites.DomainDnsZones
378 add_srv_record(samdb, domain_container_dn, "DC=_ldap._tcp.%s._sites.DomainDnsZones" % site,
379 fqdn_hostname, 389)
380
381 # DC=_ldap._tcp.<SITENAME>._sites.ForestDnsZones
382 add_srv_record(samdb, domain_container_dn, "DC=_ldap._tcp.%s._sites.ForestDnsZones" % site,
383 fqdn_hostname, 389)
384
385 # DC=_ldap._tcp.DomainDnsZones
386 add_srv_record(samdb, domain_container_dn, "DC=_ldap._tcp.DomainDnsZones",
387 fqdn_hostname, 389)
388
389 # DC=_ldap._tcp.ForestDnsZones
390 add_srv_record(samdb, domain_container_dn, "DC=_ldap._tcp.ForestDnsZones",
391 fqdn_hostname, 389)
392
393 # DC=DomainDnsZones
394 add_host_record(samdb, domain_container_dn, "DC=DomainDnsZones", hostip, hostip6)
395
396 # DC=ForestDnsZones
397 add_host_record(samdb, domain_container_dn, "DC=ForestDnsZones", hostip, hostip6)
398
399
400 def add_dc_msdcs_records(samdb, forestdn, prefix, site, dnsforest, hostname,
401 hostip, hostip6, domainguid, ntdsguid):
402
403 fqdn_hostname = "%s.%s" % (hostname, dnsforest)
404
405 # Set up forest container - DC=<DNSDOMAIN>,CN=MicrosoftDNS,<PREFIX>,<DOMAINDN>
406 forest_container_dn = ldb.Dn(samdb, "DC=_msdcs.%s,CN=MicrosoftDNS,%s,%s" %
407 (dnsforest, prefix, forestdn))
408
409 # DC=@ record
410 add_at_record(samdb, forest_container_dn, "DC=@", hostname, dnsforest, None, None)
411
412 # DC=_kerberos._tcp.dc record
413 add_srv_record(samdb, forest_container_dn, "DC=_kerberos._tcp.dc", fqdn_hostname, 88)
414
415 # DC=_kerberos._tcp.<SITENAME>._sites.dc record
416 add_srv_record(samdb, forest_container_dn, "DC=_kerberos._tcp.%s._sites.dc" % site,
417 fqdn_hostname, 88)
418
419 # DC=_ldap._tcp.dc record
420 add_srv_record(samdb, forest_container_dn, "DC=_ldap._tcp.dc", fqdn_hostname, 389)
421
422 # DC=_ldap._tcp.<SITENAME>._sites.dc record
423 add_srv_record(samdb, forest_container_dn, "DC=_ldap._tcp.%s._sites.dc" % site,
424 fqdn_hostname, 389)
425
426 # DC=_ldap._tcp.<SITENAME>._sites.gc record
427 add_srv_record(samdb, forest_container_dn, "DC=_ldap._tcp.%s._sites.gc" % site,
428 fqdn_hostname, 3268)
429
430 # DC=_ldap._tcp.gc record
431 add_srv_record(samdb, forest_container_dn, "DC=_ldap._tcp.gc", fqdn_hostname, 3268)
432
433 # DC=_ldap._tcp.pdc record
434 add_srv_record(samdb, forest_container_dn, "DC=_ldap._tcp.pdc", fqdn_hostname, 389)
435
436 # DC=gc record
437 add_host_record(samdb, forest_container_dn, "DC=gc", hostip, hostip6)
438
439 # DC=_ldap._tcp.<DOMAINGUID>.domains record
440 add_srv_record(samdb, forest_container_dn, "DC=_ldap._tcp.%s.domains" % domainguid,
441 fqdn_hostname, 389)
442
443 # DC=<NTDSGUID>
444 add_cname_record(samdb, forest_container_dn, "DC=%s" % ntdsguid, fqdn_hostname)
445
446
447 def setup_ad_dns(samdb, names, logger, hostip=None, hostip6=None, dns_backend=None,
448 os_level=None):
449 """Provision DNS information (assuming GC role)
450
451 :param samdb: LDB object connected to sam.ldb file
452 :param names: Names shortcut
453 :param logger: Logger object
454 :param hostip: IPv4 address
455 :param hostip6: IPv6 address
456 :param dns_backend: Type of DNS backend
457 :param os_level: Functional level (treated as os level)
458 """
459
460 if dns_backend is None:
461 dns_backend = "BIND9"
462 logger.info("Assuming bind9 DNS server backend")
463
464 # If dns_backend is BIND9
465 # Populate only CN=MicrosoftDNS,CN=System,<DOMAINDN>
466 #
467 # If dns_backend is SAMBA or BIND9_DLZ
468 # Populate DNS partitions
469
470 if os_level is None:
471 os_level = DS_DOMAIN_FUNCTION_2003
472
473 # If os_level < 2003 (DS_DOMAIN_FUNCTION_2000)
474 # All dns records are in CN=MicrosoftDNS,CN=System,<DOMAINDN>
475 #
476 # If os_level >= 2003 (DS_DOMAIN_FUNCTION_2003, DS_DOMAIN_FUNCTION_2008,
477 # DS_DOMAIN_FUNCTION_2008_R2)
478 # Root server records are in CN=MicrosoftDNS,CN=System,<DOMAINDN>
479 # Domain records are in CN=MicrosoftDNS,CN=System,<DOMAINDN>
480 # Domain records are in CN=MicrosoftDNS,DC=DomainDnsZones,<DOMAINDN>
481 # Forest records are in CN=MicrosoftDNS,DC=ForestDnsZones,<DOMAINDN>
482
483 domaindn = names.domaindn
484 forestdn = samdb.get_root_basedn().get_linearized()
485
486 dnsdomain = names.dnsdomain.lower()
487 dnsforest = dnsdomain
488
489 hostname = names.netbiosname.lower()
490 site = names.sitename
491
492 domainguid = get_domainguid(samdb, domaindn)
493 ntdsguid = get_ntdsguid(samdb, domaindn)
494
495 # Add dns accounts (DnsAdmins, DnsUpdateProxy) in domain
496 logger.info("Adding DNS accounts")
497 add_dns_accounts(samdb, domaindn)
498
499 logger.info("Populating CN=System,%s" % domaindn)
500
501 # Set up MicrosoftDNS container
502 add_dns_container(samdb, domaindn, "CN=System")
503
504 # Add root servers
505 add_rootservers(samdb, domaindn, "CN=System")
506
507 if os_level == DS_DOMAIN_FUNCTION_2000:
508
509 # Add domain record
510 add_domain_record(samdb, domaindn, "CN=System", dnsdomain)
511
512 # Add DNS records for a DC in domain
513 add_dc_domain_records(samdb, domaindn, "CN=System", site, dnsdomain,
514 hostname, hostip, hostip6)
515
516 elif (dns_backend == "SAMBA" or dns_backend == "BIND9_DLZ") and (
517 os_level == DS_DOMAIN_FUNCTION_2003 or
518 os_level == DS_DOMAIN_FUNCTION_2008 or
519 os_level == DS_DOMAIN_FUNCTION_2008_R2):
520
521 # Set up additional partitions (DomainDnsZones, ForstDnsZones)
522 logger.info("Creating DomainDnsZones and ForestDnsZones partitions")
523 setup_dns_partitions(samdb, domaindn, forestdn, names.configdn, names.serverdn)
524
525 ##### Set up DC=DomainDnsZones,<DOMAINDN>
526 logger.info("Populating DomainDnsZones partition")
527
528 # Set up MicrosoftDNS container
529 add_dns_container(samdb, domaindn, "DC=DomainDnsZones")
530
531 # Add rootserver records
532 add_rootservers(samdb, domaindn, "DC=DomainDnsZones")
533
534 # Add domain record
535 add_domain_record(samdb, domaindn, "DC=DomainDnsZones", dnsdomain)
536
537 # Add DNS records for a DC in domain
538 add_dc_domain_records(samdb, domaindn, "DC=DomainDnsZones", site, dnsdomain,
539 hostname, hostip, hostip6)
540
541 ##### Set up DC=ForestDnsZones,<DOMAINDN>
542 logger.info("Populating ForestDnsZones partition")
543
544 # Set up MicrosoftDNS container
545 add_dns_container(samdb, forestdn, "DC=ForestDnsZones")
546
547 # Add _msdcs record
548 add_msdcs_record(samdb, forestdn, "DC=ForestDnsZones", dnsforest)
549
550 # Add DNS records for a DC in forest
551 add_dc_msdcs_records(samdb, forestdn, "DC=ForestDnsZones", site, dnsforest,
552 hostname, hostip, hostip6, domainguid, ntdsguid)
stuff from bjacke