deDdZddlZddlZddlZddlZddlZddlmZddlZddl Z ddl m Z ddl m Z ddlmZmZddl mZddlmZmZmZdd lmZmZmZmZmZmZdd lmZmZm Z m!Z!m"Z"m#Z#m$Z$dd l%m&Z&m'Z'm(Z(m)Z)m*Z*m+Z+m,Z,m-Z-dd l.m/Z/dd l0m1Z1dZ2dZ3GddejhZ5GddejhZ6GddejhZ7GddejhZ8GddejhZ9GddejhZ:GddejhZ;GddejxZ=Gd d!ejxZ>Gd"d#ejxZ?Gd$d%ejxZ@Gd&d'ejxZAGd(d)ejxZBGd*d+ejxZCd,ZDd-ZEdKd.ZFd/ZGd0ZHd1ZId2ZJd3ZKd4ZLd5ZMd6ZNd7ZOd8ZPd9ZQd:ZRd;ZSd<ZTd=ZUd>ZVd?ZWd@ZXdAZYdBZZdCZ[dDZ\dEZ]dFZ^dGe*dGfdHZ_dddde*dfdIZ` dLdJZay)MzDNS-related provisioningN) b64encode)tdb_copy)mdb_copy)ndr_pack ndr_unpack) setup_file)dnspmiscsecurity)DS_DOMAIN_FUNCTION_2000DS_DOMAIN_FUNCTION_2003DS_DOMAIN_FUNCTION_2008_R2DS_DOMAIN_FUNCTION_2012_R2DS_DOMAIN_FUNCTION_2016DS_GUID_USERS_CONTAINER)get_deletedobjects_descriptorget_domain_descriptor'get_domain_delete_protected1_descriptor'get_domain_delete_protected2_descriptorget_dns_partition_descriptor'get_dns_forest_microsoft_dns_descriptor'get_dns_domain_microsoft_dns_descriptor) setup_pathsetup_add_ldifsetup_modify_ldif setup_ldb FILL_FULLFILL_SUBDOMAIN FILL_NT4SYNCFILL_DRS)get_default_backend_store) get_stringc|j|tjdg}tt t j |ddd}|S)N objectGUIDbasescopeattrsr)searchldb SCOPE_BASEstrrr GUID)samdbdomaindnres domainguids :/usr/lib/python3/dist-packages/samba/provision/sambadns.pyget_domainguidr3CsE ,,HCNN<., QCZ 3q6,+?+BCDJ cd|jtj||tz}|j |tj dg}t tj|ddd}|S)NzCN=DnsAdmins,%s objectSidr%r) get_wellknown_dnr*Dnrr)r+rr dom_sid)r.r/base_dnr0 dnsadmins_sids r2get_dnsadmins_sidr<Isn%"8"8,4:67N#PPG ,,G3>>+, OCx//Q 1DQ1GHM r4c:eZdZddejffd ZxZS)ARecordctt| tj|_||_||_||_||_ yN) superr>__init__r DNS_TYPE_AwTyperankdwSerial dwTtlSecondsdata)selfip_addrserialttlrG __class__s r2rDzARecord.__init__\s8 gt%'__    r4__name__ __module__ __qualname__r DNS_RANK_ZONErD __classcell__rOs@r2r>r>Zs'(c8J8Jr4r>c:eZdZddejffd ZxZS) AAAARecordr?r@ctt| tj|_||_||_||_||_ yrB) rCrXrDr DNS_TYPE_AAAArFrGrHrIrJ)rKip6_addrrMrNrGrOs r2rDzAAAARecord.__init__gs: j$(*''    r4rPrVs@r2rXrXes()s9K9Kr4rXc:eZdZddejffd ZxZS) CNAMERecordr?r@ct|tj|_||_||_||_||_yrB) rCrDr DNS_TYPE_CNAMErFrGrHrIrJ)rKcnamerMrNrGrOs r2rDzCNAMERecord.__init__rs8 ((    r4rPrVs@r2r]r]ps%&Cd6H6Hr4r]c:eZdZddejffd ZxZS)NSRecordr?r@ctt| tj|_||_||_||_||_ yrB) rCrbrDr DNS_TYPE_NSrFrGrHrIrJ)rK dns_serverrMrNrGrOs r2rDzNSRecord.__init__}s: h&(%%    r4rPrVs@r2rbrb{s*+4;M;Mr4rbcBeZdZddddddejffd ZxZS) SOARecordr?r@iXiQic tt| tj|_| |_||_||_tj} || _ || _ || _ || _ || _|| _|| _| |_yrB)rCrgrDr DNS_TYPE_SOArFrGrHrIsoarMrefreshretryexpiremnamernameminimumrJ) rKrnrorMrkrlrmrprNrGrjrOs r2rDzSOARecord.__init__sv i')&&   hhj        r4rPrVs@r2rgrgs#,-s#tDeZdZddddejffd ZxZS) SRVRecordrdr?r@ctt| tj|_||_||_||_tj}||_ ||_ ||_ ||_ ||_yrB)rCrrrDr DNS_TYPE_SRVrFrGrHrIsrv nameTargetwPort wPrioritywWeightrJ) rKtargetportpriorityweightrMrNrGrvrOs r2rDzSRVRecord.__init__sa i')&&   hhj     r4rPrVs@r2rrrrs./A3((  r4rrc:eZdZddejffd ZxZS) TXTRecordr?r@ctt| tj|_||_||_||_tj}t||_ ||_ ||_ yrB)rCrrDr DNS_TYPE_TXTrFrGrHrI string_listlencountr,rJ)rKslistrMrNrG stringlistrOs r2rDzTXTRecord.__init__s[ i')&&   %%' u:   r4rPrVs@r2rrs%&Cd6H6H  r4rc6eZdZejffd ZxZS) TypePropertyc~tt| d|_d|_t j |_||_yNr?) rCrrD wDataLengthversionr DSPROPERTY_ZONE_TYPEidrJ)rK zone_typerOs r2rDzTypeProperty.__init__s3 lD*, ++ r4)rQrRrSr DNS_ZONE_TYPE_PRIMARYrDrUrVs@r2rrs!%!;!;r4rc6eZdZejffd ZxZS)AllowUpdatePropertyc~tt| d|_d|_t j |_||_yr) rCrrDrrr DSPROPERTY_ZONE_ALLOW_UPDATErrJ)rK allow_updaterOs r2rDzAllowUpdateProperty.__init__s4 !413 33  r4)rQrRrSr DNS_ZONE_UPDATE_SECURErDrUrVs@r2rrs$($?$?!!r4rc eZdZdfd ZxZS)SecureTimePropertyc~tt| d|_d|_t j |_||_yr) rCrrDrrr DSPROPERTY_ZONE_SECURE_TIMErrJ)rK secure_timerOs r2rDzSecureTimeProperty.__init__s4  $02 22 r4rrQrRrSrDrUrVs@r2rrs   r4rc eZdZdfd ZxZS)NorefreshIntervalPropertyc~tt| d|_d|_t j |_||_yr) rCrrDrrr "DSPROPERTY_ZONE_NOREFRESH_INTERVALrrJ)rKnorefresh_intervalrOs r2rDz"NorefreshIntervalProperty.__init__s4 '79 99& r4rrrVs@r2rrs ''r4rc eZdZdfd ZxZS)RefreshIntervalPropertyc~tt| d|_d|_t j |_||_yr) rCrrDrrr DSPROPERTY_ZONE_REFRESH_INTERVALrrJ)rKrefresh_intervalrOs r2rDz RefreshIntervalProperty.__init__s4 %t57 77$ r4rrrVs@r2rr %%r4rc eZdZdfd ZxZS)AgingStatePropertyc~tt| d|_d|_t j |_||_yr) rCrrDrrr DSPROPERTY_ZONE_AGING_STATErrJ)rK aging_enabledrOs r2rDzAgingStateProperty.__init__s4  $02 22! r4rrrVs@r2rrs ""r4rc eZdZdfd ZxZS)AgingEnabledTimePropertyc~tt| d|_d|_t j |_||_yr) rCrrDrrr "DSPROPERTY_ZONE_AGING_ENABLED_TIMErrJ)rKnext_cycle_hoursrOs r2rDz!AgingEnabledTimeProperty.__init__s4 &68 99$ r4rrrVs@r2rrrr4rcd|z}d|z}t|} t|} t|td|t | j dd|t k7r1t|td|t | j ddttj} tj||jj} t|} t|}t|td|| | ||t | j dt |j dt | j ddt!|td|||d |t k7rttj}tj||jj}t|td|||||t | j dt |j dt | j ddt!|td|||d yy) NzDC=DomainDnsZones,%szDC=ForestDnsZones,%sz"provision_dnszones_partitions.ldifutf8)ZONE_DNSECDESCzprovision_dnszones_add.ldif)r ZONE_GUIDZONE_DNSCONFIGDNSERVERDNDELETEDOBJECTS_DESCRIPTORLOSTANDFOUND_DESCRIPTORINFRASTRUCTURE_DESCRIPTORzprovision_dnszones_modify.ldif)rrr)rrrrrdecoderr,uuiduuid4r*r8canonical_ex_strstriprrr)r. domainsidr/forestdnconfigdnserverdn fill_level domainzone_dn forestzone_dn descriptordeletedobjects_descdomainzone_guiddomainzone_dnsprotected1_descprotected2_descforestzone_guidforestzone_dnss r2setup_dns_partitionsrs"*X5M*X5M-i8J7 B5*%IJ Z(//7M^#uj)MN$ ,33F;Q  $**,'OVVE=1BBDJJLN=iHO=iHO5*%BC $"%./B%C%J%J6%R#,_#=#D#DV#L%.%?%F%Fv%N F eZ(HI L ^#djjl+}5FFHNNPuj)FG$(&  )23F)G)N)Nv)V'0'A'H'H'P)2?)C)J)J6)R J  %,L!M  $P  $r4c4t|tdd|iy)Nzprovision_dns_accounts_add.ldifDOMAINDN)rr)r.r/s r2add_dns_accountsr:s5*%FGHJr4c :dt|i}|durt||}n t||}tjtj |d|d|}ddg|d<tj |tjd |d <|j|y) N DnsAdminsT)name_mapzCN=MicrosoftDNS,,top container objectClassnTSecurityDescriptor) r,rrr*Messager8MessageElement FLAG_MOD_ADDadd) r.r/prefix domain_sidr;forestrsd_valmsgs r2add_dns_containerr@sS/0H ~8BJL9BJL ++cffUvx$PQ RC-C  63#3#31 3 IIcNr4c i}d|d<d|d<d|d<d|d<d |d <d |d <d |d<d|d<d|d<d|d<d|d<d|d<d|d<i}d|d<d|d<d|d<d|d<d|d <d |d <d!|d<d"|d<d#|d<d$|d<d%|d<d&|d<d'|d<d(|d)|}tjtj||}g}|jt t t j*|jt tt j+|jt t|jt t|jt t|jt t|jt td,d-g|d.<tjd/tj d0|d0<tj|tj d1|d1<|j#|g}|D]7} |jt t%| d2d2t j&39tjtj|d4|z}d,d5g|d.<tj|tj d6|d6<|j#||D]} t t)|| d2d2t j&3g}tjtj|d7| d)|}d,d5g|d.<tj|tj d6|d6<|j#|y)8Nz 198.41.0.4za.root-servers.netz192.228.79.201zb.root-servers.netz 192.33.4.12zc.root-servers.netz 199.7.91.13zd.root-servers.netz192.203.230.10ze.root-servers.netz 192.5.5.241zf.root-servers.netz 192.112.36.4zg.root-servers.netz 198.97.190.53zh.root-servers.netz 192.36.148.17zi.root-servers.netz 192.58.128.30zj.root-servers.netz 193.0.14.129zk.root-servers.netz 199.7.83.42zl.root-servers.netz 202.12.27.33zm.root-servers.netz2001:503:ba3e::2:30z2001:500:84::bz 2001:500:2::cz2001:500:2d::dz2001:500:a8::ez2001:500:2f::fz2001:500:12::d0dz2001:500:1::53z 2001:7fe::53z2001:503:c27::2:30z 2001:7fd::1z2001:500:9f::42z 2001:dc3::35z"DC=RootDNSServers,CN=MicrosoftDNS,r)r)rrdnsZonerZonecn dNSPropertyr)rMrNrGDC=@,%sdnsNode dnsRecordDC=)r*rr8appendrrr DNS_ZONE_TYPE_CACHErDNS_ZONE_UPDATE_OFFrrrrrrrrrbDNS_RANK_ROOT_HINTr>) r.r/r rootserversrootservers_v6 container_dnrpropsrecordrservers r2add_rootserversrQsmK(4K$%(8K$%(5K$%(5K$%(8K$%(5K$%(6K$%(7K$%(7K$%(7K$%(6K$%(5K$%(6K$%N+@N'(+;N'(+:N'(+;N'(+;N'(+;N'(+=N'(+;N'(+9N'(+?N'(+8N'(+C+C ))B2BKPC  IIcN7;w#7qtOfOfghikk#&&g|(LMN#Y/M--fc6F6F TK #r4c&|d|}g}t|d|z} |jt| t|} |jt| |%t |} |jt| |%t |} |jt| t jt j|d|z} ddg| d<t j|t jd| d<|j| y)N.z hostmaster.%srrrrr) rgrrrbr>rXr*rr8rrr)r.rrhostname dnsdomainhostiphostip6 fqdn_hostname at_records at_soa_record at_ns_record at_a_recordat_aaaa_recordrs r2 add_at_recordr s'3MJm_y-HIMh}-.M*Lh|,- fo (;/0#G,(>23 ++cffUI $<= >C+C ))*c6F6F TC  IIcNr4c t||}tjtj||d|}ddg|d<tjt |tj d|d<|j|yNrrrrr)rrr*rr8rrrr)r.rrhostr| srv_recordrs r2add_srv_recordrsk4&J ++cffUv|$DE FC+C ))(:*>@P@PR]^C  IIcNr4ct|}tjtj||d|}ddg|d<tjt |tj d|d<|j|yr )rbr*rr8rrrrr.rrr  ns_recordrs r2 add_ns_recordrshI ++cffUv|$DE FC+C ))(9*=s?O?OQ\]C  IIcNr4c(t|tj}tjtj ||d|}ddg|d<tj t|tjd|d<|j|y)N)rGrrrrr) rbr DNS_RANK_NS_GLUEr*rr8rrrrrs r2add_ns_glue_recordrsqD$9$9:I ++cffUv|$DE FC+C ))(9*=s?O?OQ\]C  IIcNr4ct|}tjtj||d|}ddg|d<tjt |tj d|d<|j|yr )r]r*rr8rrrr)r.rrr  cname_recordrs r2add_cname_recordrsit$L ++cffUv|$DE FC+C ))(<*@#BRBRT_`C  IIcNr4cg}|r%t|}|jt||r%t|}|jt||rot j t j ||d|}ddg|d<t j|tjd|d<|j|yyr ) r>rrrXr*rr8rrr) r.rrrr host_recordsa_record aaaa_recordrs r2add_host_recordrsL 6?HX./ ) H[12kk#&&6<(HIJ#Y/M--lC rSrTrUrVi)rArCrDrK dns_keytabrLisfilerBrEr`strerrorlinkr\r^r]r_info)rarbprivate_dns_keytab_pathbind_dns_keytab_pathes r2create_dns_dir_keytab_linkrns !ggll5+<+N>NO77<<(9(95;K;KL ww~~-. 77>>. / A ./  V GG+-A B >> % C**E2**B?  F-u5-r5>>B &!/ A 2AJJ@AA A V LL13GU V V V C#2::5KK C % 1 15>>C C F#2::5KK C 4ennF6 FsV(E'>F!A G-7H ' F0!FF G'$GGAHH 8IIc bt| tsJ|d|z} |dz|z} d|z}nd} d} d}|d|z}|dz|z}d|z}nd}d}d}ttd |j|||||| t j d | | | | ||d |jM tj|jd |jtj|jd yy#t$rAdtjvr,|jd|j|jfzYyYywxYw)aWrite out a DNS zone file, from the info in the current database. :param paths: paths object :param dnsdomain: DNS Domain name :param domaindn: DN of the Domain :param hostip: Local IPv4 IP :param hostip6: Local IPv6 IP :param hostname: Local hostname :param realm: Realm name :param domainguid: GUID of the domain. :param ntdsguid: GUID of the hosts nTDSDSA record. Nz IN AAAA z IN AAAA z#gc._msdcs IN AAAA z IN A z IN A z gc._msdcs IN A zprovision.zonez%Y%m%d%H) r?r;r:HOSTIP_BASE_LINEHOSTIP_HOST_LINE DOMAINGUID DATESTRING DEFAULTSITENTDSGUIDHOSTIP6_BASE_LINEHOSTIP6_HOST_LINEGC_MSDCS_IP_LINEGC_MSDCS_IP6_LINErTirUrV) isinstancer,rrrXtimestrftimer\rAr]r^rEr_r`)lprarb targetdirrrrrrMr1r6r2hostip6_base_linehostip6_host_linegc_msdcs_ip6_linehostip_base_linehostip_host_linegc_msdcs_ip_lines r2create_zone_filersf j# && &5?$'<Failed to setup database for BIND, AD based DNS cannot be usedzDC=DOMAINDNSZONES,%szDC=FORESTDNSZONES,%sz metadata.tdbmdbz-lockzsam.ldbrTrS)z.ldbz.tdbzldb-lockirUz9Failed to set permissions to sam.ldb* files, fix manuallyz\Unable to find group id for BIND, set permissions to sam.ldb* files manually)'rKrArCrDrWrXr)r*r+r,splitupperr!r/r[openclosesambaLdbrrrrrrr`rootdngetrirErrr\walkr]r^endswithr_warning)$r.rarbrJrr1rK samldb_dirrcdns_samldb_dirpartfiler0tmpncfname backend_storer/domainpart_filedom_urldom_ldb index_resdomainguid_linedescr domainzonedn forestzonedndomainzone_fileforestzone_file metadata_filepfilerWdirsfilesddpathffpaths$ r2create_samdb_copyrBs##Kk;7Jggooeii(GWW\\';7NH ,,L ^^)>:  2156 ~~##%Hggll7HX,>?O   _c"((* -o>))G$LLl#..LI  IaL!- :/ :;BB6Jw +B C)Y F! " w!"ABD J *ENN,@,@,BBL)ELL,>,>,@@L|,Oll<0O"M  Z7 ^]; =  [/: Wo6 8 E ! GGBGGLLo.GHGGLL/G*CD F  GGBGGLLo>GGLL/: <% [/G2KL Wo.GHJ  \ "k95gy1 3 7BRLE%k59gu57k59gu57  7 ~~! Q(*(8 /$u+AGGLL!4EHHUB7HHUE*+/Azz">? " Wa 8ENN;. / / 2:: - NN> ? .i L N J  L N * L N  Qrzz1 OQ2 QsAF2Y9C*Y91BZAZYY69Z ,[[cttd|jdttd|jdy)z Write out a dns_update_list filedns_update_listNspn_update_list)rrrr)r~rarbs r2create_dns_update_listrs4z+,e.C.CTJz+,e.C.CTJr4cddlm}|dk(rttd|j|||j ddj |jdddz|j|jd ttd |jy|d k(rtjd gd tjtjdjd}t|}d}d}d} d} d} d} d} d}|jj!ddk7rd}n|jj!ddk7rd}n|jj!ddk7rd} n|jj!ddk7rd} n\|jj!ddk7rd} n6|jj!ddk7rd} n|jj!ddk7rd} n|jj!ddk7rd}n|jj!ddk7r|d|jj!ddk7r|d|jj!ddk7r|d|jj!ddk7r|d|j#d |jzttd!|j|jt$j&j)||| | | | | |d" yy)#acWrite out a file containing zone statements suitable for inclusion in a named.conf file (including GSS-TSIG configuration). :param paths: all paths :param realm: Realm name :param dnsdomain: DNS Domain name :param dns_backend: DNS backend type :param keytab_name: File name of DNS keytab file :param logger: Logger object r)ProvisioningErrorBIND9_FLATFILEz named.confz*.rr?N)r;r: ZONE_FILEREALM_WC NAMED_CONFNAMED_CONF_UPDATEznamed.conf.update BIND9_DLZznamed -VT)shellstdoutstderrcwd#zBIND 9.8rTrpzBIND 9.9z BIND 9.10z BIND 9.11z BIND 9.12z BIND 9.14z BIND 9.16z BIND 9.18zBIND 9.7z&DLZ option incompatible with BIND 9.7.z BIND_9.13z/Only stable/esv releases of BIND are supported.z BIND_9.15z BIND_9.17z0BIND version unknown, please modify %s manually.znamed.conf.dlz) r MODULESDIRBIND9_8BIND9_9BIND9_10BIND9_11BIND9_12BIND9_14BIND9_16BIND9_18)samba.provisionrrr namedconfrXrDrnamedconf_update subprocessPopenPIPESTDOUT communicater"rfindrrparam modules_dir)rbrMr dns_backendrar bind_infobind9_8bind9_9bind9_10bind9_11bind9_12bind9_14bind9_16bind9_18s r2create_named_confrs"2&&:l+U__!*"!& $sxx C0@0D'E E"'//).)?)? ?  :12E4J4JK  #$$j\,6OO,6,=,=),./:kmA? y)  ??  ! !* - 3G __  # #J /2 5G __  # #K 0B 6H __  # #K 0B 6H __  # #K 0B 6H __  # #K 0B 6H __  # #K 0B 6H __  # #K 0B 6H __  # #J /2 5#$LM M __  # #K 0B 6#$UV V __  # #K 0B 6#$UV V __  # #K 0B 6#$UV V NNMPUP_P__ `:./"'//"'++"9"9";&& ( ( ( ( ( ( C Q $r4c zttd|||||tjj |||dy)abWrite out a file containing zone statements suitable for inclusion in a named.conf file (including GSS-TSIG configuration). :param path: Path of the new named.conf file. :param realm: Realm name :param dnsdomain: DNS Domain name :param binddns_dir: Path to bind dns directory :param keytab_name: File name of DNS keytab file z named.txt)r;r@r:r<DNS_KEYTAB_ABS PRIVATE_DIRN)rrrArCrD)rCrMrdnsnamerL keytab_names r2create_named_txtr's;z+&"% ggll; D& /r4c |dvS)N)rrSAMBA_INTERNALNONE)rs r2is_valid_dns_backendr<s S SSr4c2t|cxkxr tkScSrB)r r)os_levels r2is_valid_os_levelr@s "h I2I II IIr4c<t||d||t||dyNz CN=System)rr)r.rrr;s r2create_dns_legacyrDseX{I}ME8[1r4c Ht||d|||t||d|||||yr)r%r4) r.rrrr2rrrr;s r2fill_dns_data_legacyrKs4eX{Iy#%%;i"FG5r4c t|||||j|j|t||d|||tk7rt||d||dyy)Nr0r1T)r)rrrrr)r.rrJr/rr;rs r2create_dns_partitionsrVs] 8XEeX':I#%^#%+> ' 6$r4Tc |r t||dt||d||| | rt||d||||| |tk7r&t ||d|| rt ||d||||| | | yyy)aFill data in various AD partitions :param samdb: LDB object connected to sam.ldb file :param domainsid: Domain SID (as dom_sid object) :param site: Site name to create hostnames in :param domaindn: DN of the domain :param forestdn: DN of the forest :param dnsdomain: DNS name of the domain :param dnsforest: DNS name of the forest :param hostname: Host name of this DC :param hostip: IPv4 addresses :param hostip6: IPv6 addresses :param domainguid: Domain GUID :param ntdsguid: NTDS GUID :param dnsadmins_sid: SID for DnsAdmins group :param autofill: Create DNS records (using fixed template) r0r1N)rr%r4rr)r8)r.rr2r/rrr(rrrr1r6r;autofillradd_roots r2fill_dns_data_partitionsrds0x)<=eX':I0eX/BD'67 D^# *=yI  2Et!*Hfg!+X 7  $r4clt|std|zt|std|z|dk(r|jdy|jdt ||j |j }|j j}|jj}|}|j}|jj}t||}t||}|j |jd|zt||j |||t"k(r2|jd|zt%||j ||||| | | nw|d vrs|t&k\rj|jd t)||j ||||| |jd t+||j ||||||| | ||j,|| |j/|j3d rt5||||||||||| | | | yy#|j1xYw)aWProvision DNS information (assuming GC role) :param samdb: LDB object connected to sam.ldb file :param secretsdb: LDB object connected to secrets.ldb file :param names: Names shortcut :param paths: Paths shortcut :param lp: Loadparm object :param logger: Logger object :param dns_backend: Type of DNS backend :param os_level: Functional level (treated as os level) :param dnspass: Password for bind's DNS account :param hostip: IPv4 address :param hostip6: IPv6 address :param targetdir: Target directory for creating DNS-related files for BIND9 Invalid dns backend: %rInvalid os level: %rrz'No DNS backend set, not configuring DNSNzAdding DNS accountsz%Creating CN=MicrosoftDNS,CN=System,%sz'Populating CN=MicrosoftDNS,CN=System,%s)rrz5Creating DomainDnsZones and ForestDnsZones partitionsz7Populating DomainDnsZones and ForestDnsZones partitions)rBIND9_)r2rOrrrr)r Exceptionrrjrr/get_root_basednget_linearizedrrHsitenamerGr<r3transaction_startrrr rr rrr6transaction_committransaction_cancel startswithsetup_bind9_dns)r.rIrJrbr~rarrrOrrrrrr/rrr(r2rr;r1s r2 setup_ad_dnsr s$& ,1K?@@ X &.9::f => KK%&UENN+"~~H$$&557H%%'II >>D  &&(H%eX6Mx0J # ;hFG%(MJ . . KKAHL M 9d!)67M K; ;33 KKO P !%%8"/ = KKQ R $UEOOT8X%. 8VW%/0: <   "h'y%F#XD'RX '9&3 5(    " s CH H3ct|r|jdstd|zt|std|z|j}t ||}t |||j|j|j|j|j| |  t||t|||dk(r?t|||| ||j| | |j|j||j  |dk(r#|t"k\rt%|||||j&|t)||j|j||t+|j,|j|j|jd |j|j|j |j/d |j0|j/d |j,y )aProvision DNS information (assuming BIND9 backend in DC role) :param samdb: LDB object connected to sam.ldb file :param secretsdb: LDB object connected to secrets.ldb file :param names: Names shortcut :param paths: Paths shortcut :param lp: Loadparm object :param logger: Logger object :param dns_backend: Type of DNS backend :param os_level: Functional level (treated as os level) :param site: Site to create hostnames in :param dnspass: Password for bind's DNS account :param hostip: IPv4 address :param hostip6: IPv6 address :param targetdir: Target directory for creating DNS-related files for BIND9 rrr)rMrrNrOrPr)r2rrrrrMr1r6r)rMrrrar)rMrrrLrz9See %s for an example configuration include file for BINDz@and %s for further documentation required for secure DNS updatesN)rrrrr/r3rQrKrLrMrrfrdrnrrr6r rrrrnamedtxtrjr)r.rIrJrbr~rarrr2rOrrrrPrr/r1s r2r r s* ! -  " "8 ,1K?@@ X &.9::~~Hx0J 5))))#kk"'//(-(8(8'+= ?65!vu-&&VUID#(??6!(5>>${{z"'..  2 k!h2I&I%* >e5;; %[#%U^^ ;;%//(-H!&!2!2!&!1!1 3  KKK! KK >>+r4)F)NNNNNNN)b__doc__rArrYr|r*base64rrrsamba.tdb_utilrsamba.mdb_utilr samba.ndrrrr samba.dcerpcr r r samba.dsdbr r rrrrsamba.descriptorrrrrrrrsamba.provision.commonrrrrrrrr samba.samdbr! samba.commonr"r3r<DnssrvRpcRecordr>rXr]rbrgrrr DnsPropertyrrrrrrrrrrrr rrrrrr%r)r4r8rQrdrnrrrrrrrrrrrr r rr4r2rs>*  ##*--   2# "d""%%$&&t##$$($$" $$ 4##!$**! )) ' 0 0'%d..%"))"%t//%8 v "DN< DZz2$j>.4'FT;0|E?PKRj*TJ25 6 LP(1D-7b15T4ITb5LLPEI"&B+r4