|
526 |
set_default_fACL /var/lib/samba/sysvol |
526 |
set_default_fACL /var/lib/samba/sysvol |
527 |
} |
527 |
} |
528 |
|
528 |
|
529 |
get_available_s4connector_dc () { |
|
|
530 |
local s4connector_dc |
531 |
local s4connector_dc_candidates |
532 |
s4connector_dc=() |
533 |
s4connector_dc_candidates=$(univention-ldapsearch "(&(univentionService=S4 Connector)(objectClass=univentionDomainController))" cn | ldapsearch-wrapper | sed -n 's/^cn: \(.*\)/\1/p') |
534 |
if univention-ldapsearch -xLLL univentionservice=UCS@school dn | grep -q ^dn; then |
535 |
for dc in "${s4connector_dc_candidates[@]}"; do |
536 |
if samba-tool drs showrepl "$dc" >/dev/null 2>&1; then |
537 |
s4connector_dc+=( "$dc" ) |
538 |
fi |
539 |
if [ "${#s4connector_dc[@]}" -gt 1 ]; then |
540 |
echo "ERROR: More than one S4 Connector hosts available: $s4connector_dc_candidates" 1>&2 |
541 |
return 1 ## this is fatal |
542 |
fi |
543 |
done |
544 |
else |
545 |
s4connector_dc="$s4connector_dc_candidates" |
546 |
fi |
547 |
echo "$s4connector_dc" |
548 |
} |
549 |
|
550 |
wait_until_dc_was_replicated_to_connector_dc () { |
529 |
wait_until_dc_was_replicated_to_connector_dc () { |
551 |
s4connector_dc=$(get_available_s4connector_dc) || return $? |
530 |
s4connector_dc=$(get_available_s4connector_dc) || return $? |
552 |
if [ -z "$s4connector_dc" ]; then |
531 |
if [ -z "$s4connector_dc" ]; then |
|
553 |
echo "WARNING: Failed to search for S4 connector DC" |
532 |
echo "WARNING: Failed to search for S4 connector DC" |
554 |
return 0 |
533 |
return 0 |
555 |
fi |
534 |
fi |
|
|
535 |
if [ "$s4connector_dc" = "$hostname" ]; then |
536 |
return 0 |
537 |
fi |
556 |
|
538 |
|
557 |
echo -n "Waiting for DRS replication: " |
539 |
echo -n "Waiting for DRS replication: " |
558 |
for((i=0;i<300;i++)); do |
540 |
for((i=0;i<300;i++)); do |
|
877 |
"(&(univentionService=${NAME})(objectClass=univentionDomainController))" cn \ |
859 |
"(&(univentionService=${NAME})(objectClass=univentionDomainController))" cn \ |
878 |
| ldapsearch-wrapper | sed -n 's/^cn: \(.*\)/\1/p') ## currently there is no u-d-m module computers/dc |
860 |
| ldapsearch-wrapper | sed -n 's/^cn: \(.*\)/\1/p') ## currently there is no u-d-m module computers/dc |
879 |
|
861 |
|
880 |
s4connector_is_used=$(ldapsearch -x -ZZ -LLL -D "$ldap_hostdn" -y /etc/machine.secret \ |
862 |
s4connector_dc=$(get_available_s4connector_dc) |
881 |
"(&(univentionService=S4 Connector)(objectClass=univentionDomainController)(cn=$hostname))" cn \ |
|
|
882 |
| ldapsearch-wrapper | sed -n 's/^cn: \(.*\)/\1/p') |
883 |
|
863 |
|
884 |
/etc/init.d/samba stop |
864 |
/etc/init.d/samba stop |
885 |
|
865 |
|
|
888 |
kerberos/kpasswdserver=127.0.0.1 |
868 |
kerberos/kpasswdserver=127.0.0.1 |
889 |
|
869 |
|
890 |
is_ucr_true samba4/provision/primary |
870 |
is_ucr_true samba4/provision/primary |
891 |
if [ $? -eq 0 ] || [ -z "$samba4servicedcs" ] || [ -n "$s4connector_is_used" ]; then ## we are the first domaincontroller to provide this service |
871 |
if [ $? -eq 0 ] \ |
|
|
872 |
|| [ -z "$samba4servicedcs" ] \ |
873 |
|| [ -z "$s4connector_dc" ] \ |
874 |
|| [ "$s4connector_dc" = "$hostname" ]; then |
892 |
|
875 |
|
893 |
if [ $JS_LAST_EXECUTED_VERSION -lt 1 ]; then |
876 |
if [ $JS_LAST_EXECUTED_VERSION -lt 1 ]; then |
894 |
run_samba_provision "$@" |
877 |
run_samba_provision "$@" |