Univention Bugzilla – Bug 44902
New check `kerberos_ddns_update.py`
Last modified: 2018-06-20 11:51:01 CEST
Created attachment 8988 [details] nt-diagnostic-nsupdate-421.patch Adds a new check `kerberos_ddns_update.py` which acquires a kerberos ticket for `$hostname$` and `dns-$hostname` and performs a `nsupdate` with a prerequisite check for `$domainname`.
Committed in r81644 - r81646 (advisory r81649).
Created attachment 9111 [details] qa_bug_44902.patch Ok, looks good, I'd like to include the direction and the estring, see attached patch.
Wrong bug, that should have gone to Bug 44881..
Created attachment 9144 [details] nsupdate_check.patch
The nsupdate check doesn't actually send the command, see patch attached to previous comment
(In reply to Arvid Requate from comment #5) > The nsupdate check doesn't actually send the command, see patch attached to > previous comment Fixed: 4.2-1: r82619, YAML: r82626 4.2-2: r82628, YAML: r82635
Ok. I've also reverted unreleased errata4.2-1 changes (r81147:82625) since Erratum 98 from the ucs-4.2-1 SVN branch and merged the unpublished errata4.2-1 advisory into the errata4.2-2 advisory. So everything's up to date in the ucs-4.2-2 branch.
The tests fail in Jenkins in a Samba 3 environment: http://jenkins.knut.univention.de:8080/job/UCS-4.2/job/UCS-4.2-2/job/AutotestJoin/7/SambaVersion=s3,Systemrolle=master/testReport/00_checks/81_diagnostic_checks/test/ Maybe the whole test should be skipped in S3 environments?
The plugin is now skipped in ucs-test. Please revert it once the issue is fixed: 0987b829 by Stefan Gohmann at 2017-09-08T19:47:41+02:00 00_checks/81_diagnostic_checks.py: skip 46_kerberos_ddns_update since it doesn't work in S3 environments (Bug #44902)
(In reply to Stefan Gohmann from comment #9) > The plugin is now skipped in ucs-test. Please revert it once the issue is > fixed: > > 0987b829 > by Stefan Gohmann at 2017-09-08T19:47:41+02:00 > 00_checks/81_diagnostic_checks.py: skip 46_kerberos_ddns_update since it > doesn't work in S3 environments (Bug #44902) Fixed in 1484bf36, YAML dc706e39, Test enabled 6ea5ac94.
Created attachment 9202 [details] bug44902_proposal.diff One final thing: * Servers that migrated from "Samba 3" to "Samba 4" usually have both services registered. Yeah, not good, but that's how it is. * Memberservers have "Samba 3" and should be able to do ddns updates in a "Samba 4" domain. See attached patch for a proposal.
(In reply to Arvid Requate from comment #11) > * Servers that migrated from "Samba 3" to "Samba 4" usually have both > services registered. Yeah, not good, but that's how it is. > > * Memberservers have "Samba 3" and should be able to do ddns updates in a > "Samba 4" domain. Reworked and applied (with some modifications) in 6464f49b.
Ok, works. I've split of Bug #45418 to add support for special setups.
<http://errata.software-univention.de/ucs/4.2/166.html>