From e41b9b04e23f0e8831ff922d247b737bf8116151 Mon Sep 17 00:00:00 2001
From: Joe Guo <joeg@catalyst.net.nz>
Date: Tue, 13 Mar 2018 16:47:58 +1300
Subject: samba-tool: improve computer management commands
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

This pathch is based on Björn Baumbach's work:
1. Add `--ip-address` option for create subcommand, to allow user set DNS
A or AAAA records while creating the computer.
2. Delete above DNS records while deleting the computer.
3. Add `--service-principal-name` option for create command, to allow user
set `servicePrincipalName` while creating the computer.
4. Tests.

Signed-off-by: Joe Guo <joeg@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
---
 python/samba/samdb.py | 14 +++++++++++---
 1 file changed, 11 insertions(+), 3 deletions(-)

(limited to 'python/samba/samdb.py')

diff --git a/python/samba/samdb.py b/python/samba/samdb.py
index 63266328189..b66afb7431c 100644
--- a/python/samba/samdb.py
+++ b/python/samba/samdb.py
@@ -491,13 +491,16 @@ member: %s
             self.transaction_commit()
 
     def newcomputer(self, computername, computerou=None, description=None,
-        prepare_oldjoin=False):
+                    prepare_oldjoin=False, ip_address_list=None,
+                    service_principal_name_list=None):
         """Adds a new user with additional parameters
 
         :param computername: Name of the new computer
         :param computerou: Object container for new computer
         :param description: Description of the new computer
         :param prepare_oldjoin: Preset computer password for oldjoin mechanism
+        :param ip_address_list: ip address list for DNS A or AAAA record
+        :param service_principal_name_list: string list of servicePincipalName
         """
 
         cn = re.sub(r"\$$", "", computername)
@@ -511,8 +514,6 @@ member: %s
 
         computer_dn = "CN=%s,%s" % (cn, computercontainer_dn)
 
-        dnsdomain = ldb.Dn(self,
-                           self.domain_dn()).canonical_str().replace("/", "")
         ldbmessage = {"dn": computer_dn,
                       "sAMAccountName": samaccountname,
                       "objectClass": "computer",
@@ -521,12 +522,19 @@ member: %s
         if description is not None:
             ldbmessage["description"] = description
 
+        if service_principal_name_list:
+            ldbmessage["servicePrincipalName"] = service_principal_name_list
+
         accountcontrol = str(dsdb.UF_WORKSTATION_TRUST_ACCOUNT |
                              dsdb.UF_ACCOUNTDISABLE)
         if prepare_oldjoin:
             accountcontrol = str(dsdb.UF_WORKSTATION_TRUST_ACCOUNT)
         ldbmessage["userAccountControl"] = accountcontrol
 
+        if ip_address_list:
+            ldbmessage['dNSHostName'] = '{}.{}'.format(
+                cn, self.domain_dns_name())
+
         self.transaction_start()
         try:
             self.add(ldbmessage)
-- 
cgit v1.2.1