Univention Bugzilla – Attachment 8298 Details for
Bug 30131
Post-Installation of Samba4 in UCS@School headquarters: samba4/provision/primary=yes undocumented
Home
|
New
|
Browse
|
Search
|
[?]
|
Reports
|
Requests
|
Help
|
New Account
|
Log In
[x]
|
Forgot Password
Login:
[x]
[patch]
improve_s4_connector_detection.diff
improve_s4_connector_detection.diff (text/plain), 5.47 KB, created by
Arvid Requate
on 2016-12-08 20:29:21 CET
(
hide
)
Description:
improve_s4_connector_detection.diff
Filename:
MIME Type:
Creator:
Arvid Requate
Created:
2016-12-08 20:29:21 CET
Size:
5.47 KB
patch
obsolete
>Index: univention-samba4/lib/base.sh >=================================================================== >--- univention-samba4/lib/base.sh (Revision 74106) >+++ univention-samba4/lib/base.sh (Arbeitskopie) >@@ -121,3 +121,24 @@ > done <<<"$sRVRecord_attrs" > done > } >+ >+get_available_s4connector_dc () { >+ local s4connector_dc >+ local s4connector_dc_candidates >+ s4connector_dc=() >+ s4connector_dc_candidates=$(univention-ldapsearch "(&(univentionService=S4 Connector)(objectClass=univentionDomainController))" cn | ldapsearch-wrapper | sed -n 's/^cn: \(.*\)/\1/p') >+ if univention-ldapsearch -xLLL univentionservice=UCS@school dn | grep -q ^dn; then >+ for dc in "${s4connector_dc_candidates[@]}"; do >+ if samba-tool drs showrepl "$dc" >/dev/null 2>&1; then >+ s4connector_dc+=( "$dc" ) >+ fi >+ if [ "${#s4connector_dc[@]}" -gt 1 ]; then >+ echo "ERROR: More than one S4 Connector hosts available: $s4connector_dc_candidates" 1>&2 >+ return 1 ## this is fatal >+ fi >+ done >+ else >+ s4connector_dc="$s4connector_dc_candidates" >+ fi >+ echo "$s4connector_dc" >+} >Index: univention-samba4/96univention-samba4.inst >=================================================================== >--- univention-samba4/96univention-samba4.inst (Revision 74106) >+++ univention-samba4/96univention-samba4.inst (Arbeitskopie) >@@ -526,27 +526,6 @@ > set_default_fACL /var/lib/samba/sysvol > } > >-get_available_s4connector_dc () { >- local s4connector_dc >- local s4connector_dc_candidates >- s4connector_dc=() >- s4connector_dc_candidates=$(univention-ldapsearch "(&(univentionService=S4 Connector)(objectClass=univentionDomainController))" cn | ldapsearch-wrapper | sed -n 's/^cn: \(.*\)/\1/p') >- if univention-ldapsearch -xLLL univentionservice=UCS@school dn | grep -q ^dn; then >- for dc in "${s4connector_dc_candidates[@]}"; do >- if samba-tool drs showrepl "$dc" >/dev/null 2>&1; then >- s4connector_dc+=( "$dc" ) >- fi >- if [ "${#s4connector_dc[@]}" -gt 1 ]; then >- echo "ERROR: More than one S4 Connector hosts available: $s4connector_dc_candidates" 1>&2 >- return 1 ## this is fatal >- fi >- done >- else >- s4connector_dc="$s4connector_dc_candidates" >- fi >- echo "$s4connector_dc" >-} >- > wait_until_dc_was_replicated_to_connector_dc () { > s4connector_dc=$(get_available_s4connector_dc) || return $? > if [ -z "$s4connector_dc" ]; then >@@ -553,6 +532,9 @@ > echo "WARNING: Failed to search for S4 connector DC" > return 0 > fi >+ if [ "$s4connector_dc" = "$hostname" ]; then >+ return 0 >+ fi > > echo -n "Waiting for DRS replication: " > for((i=0;i<300;i++)); do >@@ -877,9 +859,7 @@ > "(&(univentionService=${NAME})(objectClass=univentionDomainController))" cn \ > | ldapsearch-wrapper | sed -n 's/^cn: \(.*\)/\1/p') ## currently there is no u-d-m module computers/dc > >- s4connector_is_used=$(ldapsearch -x -ZZ -LLL -D "$ldap_hostdn" -y /etc/machine.secret \ >- "(&(univentionService=S4 Connector)(objectClass=univentionDomainController)(cn=$hostname))" cn \ >- | ldapsearch-wrapper | sed -n 's/^cn: \(.*\)/\1/p') >+ s4connector_dc=$(get_available_s4connector_dc) > > /etc/init.d/samba stop > >@@ -888,7 +868,10 @@ > kerberos/kpasswdserver=127.0.0.1 > > is_ucr_true samba4/provision/primary >- if [ $? -eq 0 ] || [ -z "$samba4servicedcs" ] || [ -n "$s4connector_is_used" ]; then ## we are the first domaincontroller to provide this service >+ if [ $? -eq 0 ] \ >+ || [ -z "$samba4servicedcs" ] \ >+ || [ -z "$s4connector_dc" ] \ >+ || [ "$s4connector_dc" = "$hostname" ]; then > > if [ $JS_LAST_EXECUTED_VERSION -lt 1 ]; then > run_samba_provision "$@" >Index: univention-s4-connector/97univention-s4-connector.inst >=================================================================== >--- univention-s4-connector/97univention-s4-connector.inst (Revision 75009) >+++ univention-s4-connector/97univention-s4-connector.inst (Arbeitskopie) >@@ -145,11 +144,15 @@ > --udm_module /usr/share/pyshared/univention/admin/handlers/settings/msprintconnectionpolicy.py || die > > if ! is_ucr_true 'connector/s4/allow/secondary'; then >- s4connectorservicehost_dns="$(univention-directory-manager computers/computer list "$@" --filter "(&(univentionService=${NAME})(!(cn=$hostname)))" | sed -ne 's|^DN: ||p')" >+ s4connector_dc=$(get_available_s4connector_dc) >+ > fi > >-if [ -z "$s4connectorservicehost_dns" ]; then ## we are first system to provide this service >+if [ -z "$s4connector_dc" ] \ >+ || [ "$s4connector_dc" = "$hostname" ]; then > >+ ## we are first or only system to provide this service >+ > LDB_URI="tdb:///var/lib/samba/private/sam.ldb" > > domaindn="DC=${kerberos_realm//./,DC=}" # that's what /usr/share/pyshared/samba/provision.py uses >@@ -190,13 +193,12 @@ > if [ $JS_LAST_EXECUTED_VERSION -le 0 ] && is_ucr_true connector/s4/mapping/gpo; then > /etc/init.d/univention-s4-connector stop > >- s4connectorservicehost_dns="$(univention-directory-manager computers/computer list "$@" --filter "(&(univentionService=${NAME})(!(cn=$hostname)))" | sed -ne 's|^DN: ||p')" >- > # By default the connector will overwrite all Samba 4 objects by the UCS objects. > # On a normal Samba 4 DC is is necessary that the MS GPO links will not be overwritten. > # But on a "Slave PDC" the settings from the Master must be used >- if [ -z "$s4connectorservicehost_dns" ]; then >- # First Sama 4 server >+ if [ -z "$s4connector_dc" ] \ >+ || [ "$s4connector_dc" = "$hostname" ]; then >+ # First or only Sama 4 server > /usr/share/univention-s4-connector/msgpo.py --write2ucs "$@" > elif ! is_ucr_true 'connector/s4/allow/secondary'; then > # Normal Samba 4 DC
<b>You cannot view the attachment while viewing its details because your browser does not support IFRAMEs. <a href="attachment.cgi?id=8298">View the attachment on a separate page</a>.</b>
View Attachment As Diff
View Attachment As Raw
Actions:
View
|
Diff
Attachments on
bug 30131
: 8298