diff options
-rw-r--r-- | source3/libnet/libnet_join.c | 31 | ||||
-rwxr-xr-x | testprogs/blackbox/test_net_ads.sh | 7 |
2 files changed, 16 insertions, 22 deletions
diff --git a/source3/libnet/libnet_join.c b/source3/libnet/libnet_join.c index 7943bef2cf6..818b3039cb9 100644 --- a/source3/libnet/libnet_join.c +++ b/source3/libnet/libnet_join.c @@ -533,29 +533,23 @@ static ADS_STATUS libnet_join_set_machine_spn(TALLOC_CTX *mem_ctx, } } - if (!name_to_fqdn(my_fqdn, r->in.machine_name) - || (strchr(my_fqdn, '.') == NULL)) { - fstr_sprintf(my_fqdn, "%s.%s", r->in.machine_name, - r->out.dns_domain_name); - } + fstr_sprintf(my_fqdn, "%s.%s", r->in.machine_name, lp_dnsdomain()); if (!strlower_m(my_fqdn)) { return ADS_ERROR_LDAP(LDAP_NO_MEMORY); } - if (!strequal(my_fqdn, r->in.machine_name)) { - spn = talloc_asprintf(mem_ctx, "HOST/%s", my_fqdn); - if (!spn) { - return ADS_ERROR_LDAP(LDAP_NO_MEMORY); - } + spn = talloc_asprintf(mem_ctx, "HOST/%s", my_fqdn); + if (spn == NULL) { + return ADS_ERROR_LDAP(LDAP_NO_MEMORY); + } - ok = ads_element_in_array(spn_array, num_spns, spn); + ok = ads_element_in_array(spn_array, num_spns, spn); + if (!ok) { + ok = add_string_to_array(spn_array, spn, + &spn_array, &num_spns); if (!ok) { - ok = add_string_to_array(spn_array, spn, - &spn_array, &num_spns); - if (!ok) { - return ADS_ERROR_LDAP(LDAP_NO_MEMORY); - } + return ADS_ERROR_LDAP(LDAP_NO_MEMORY); } } @@ -591,12 +585,9 @@ static ADS_STATUS libnet_join_set_machine_spn(TALLOC_CTX *mem_ctx, /* * Add HOST/netbiosname.domainname */ - if (r->out.dns_domain_name == NULL) { - continue; - } fstr_sprintf(my_fqdn, "%s.%s", *netbios_aliases, - r->out.dns_domain_name); + lp_dnsdomain()); spn = talloc_asprintf(mem_ctx, "HOST/%s", my_fqdn); if (spn == NULL) { diff --git a/testprogs/blackbox/test_net_ads.sh b/testprogs/blackbox/test_net_ads.sh index cc8345c4624..ef6f99ddea4 100755 --- a/testprogs/blackbox/test_net_ads.sh +++ b/testprogs/blackbox/test_net_ads.sh @@ -81,7 +81,7 @@ testit "testjoin (dedicated keytab)" $VALGRIND $net_tool ads testjoin -kP || fai netbios=$(grep "netbios name" $BASEDIR/$WORKDIR/client.conf | cut -f2 -d= | awk '{$1=$1};1') uc_netbios=$(echo $netbios | tr '[:lower:]' '[:upper:]') lc_realm=$(echo $REALM | tr '[:upper:]' '[:lower:]') -fqdns="$netbios.$lc_realm" +fqdn="$netbios.$lc_realm" krb_princ="primary/instance@$REALM" testit "test (dedicated keytab) add a fully qualified krb5 principal" $VALGRIND $net_tool ads keytab add $krb_princ -U$DC_USERNAME%$DC_PASSWORD --option="kerberosmethod=dedicatedkeytab" --option="dedicatedkeytabfile=$dedicated_keytab_file" || failed=`expr $failed + 1` @@ -99,7 +99,7 @@ testit "test (dedicated keytab) at least one krb5 principal created from $machin service="nfs" testit "test (dedicated keytab) add a $service service to keytab" $VALGRIND $net_tool ads keytab add $service -U$DC_USERNAME%$DC_PASSWORD --option="kerberosmethod=dedicatedkeytab" --option="dedicatedkeytabfile=$dedicated_keytab_file" || failed=`expr $failed + 1` -search_str="$service/$fqdns@$REALM" +search_str="$service/$fqdn@$REALM" found=`$net_tool ads keytab list -U$DC_USERNAME%$DC_PASSWORD --option="kerberosmethod=dedicatedkeytab" --option="dedicatedkeytabfile=$dedicated_keytab_file" | grep $search_str | wc -l` testit "test (dedicated keytab) at least one (long form) krb5 principal created from service added is present in keytab" test $found -gt 1 || failed=`expr $failed + 1` @@ -206,6 +206,9 @@ testit "join" $VALGRIND $net_tool ads join -U$DC_USERNAME%$DC_PASSWORD || failed testit "testjoin" $VALGRIND $net_tool ads testjoin || failed=`expr $failed + 1` +testit_grep "check dNSHostName" $fqdn $VALGRIND $net_tool ads search -P samaccountname=$netbios\$ dNSHostName || failed=`expr $failed + 1` +testit_grep "check SPN" ${uc_netbios}.${lc_realm} $VALGRIND $net_tool ads search -P samaccountname=$netbios\$ servicePrincipalName || failed=`expr $failed + 1` + ##Goodbye... testit "leave" $VALGRIND $net_tool ads leave -U$DC_USERNAME%$DC_PASSWORD || failed=`expr $failed + 1` |