def setUp(self):
super(DnsserverTests, self).setUp()
self.server = env_get_var_value("SERVER_IP")
self.zone = env_get_var_value("REALM").lower()
self.conn = dnsserver.dnsserver("ncacn_ip_tcp:%s" % (self.server),
self.get_loadparm(),
self.get_credentials())
def setUp(self):
super(DnsserverTests, self).setUp()
self.server = env_get_var_value("SERVER_IP")
self.zone = env_get_var_value("REALM").lower()
self.conn = dnsserver.dnsserver("ncacn_ip_tcp:%s" % (self.server),
self.get_loadparm(),
self.get_credentials())
def dns_connect(server, lp, creds):
if server.lower() == 'localhost':
server = '127.0.0.1'
binding_str = "ncacn_ip_tcp:{0!s}[sign]".format(server)
try:
dns_conn = dnsserver.dnsserver(binding_str, lp, creds)
except RuntimeError, e:
raise CommandError('Connecting to DNS RPC server {0!s} failed with {1!s}'.format(server, e))
def dns_connect(server, lp, creds):
if server.lower() == 'localhost':
server = '127.0.0.1'
binding_str = "ncacn_ip_tcp:%s[sign]" % server
try:
dns_conn = dnsserver.dnsserver(binding_str, lp, creds)
except RuntimeError, e:
raise CommandError('Connecting to DNS RPC server %s failed with %s' % (server, e))
def setUp(self):
super(TestZones, self).setUp()
self.lp = self.get_loadparm()
self.creds = self.get_credentials(self.lp)
self.server = os.getenv("SERVER_IP")
self.zone = "test.lan"
self.rpc_conn = dnsserver.dnsserver("ncacn_ip_tcp:%s" % (self.server),
self.lp, self.creds)
def setUp(self):
super(TestZones, self).setUp()
self.lp = self.get_loadparm()
self.creds = self.get_credentials(self.lp)
self.server = os.getenv("SERVER_IP")
self.zone = "test.lan"
self.rpc_conn = dnsserver.dnsserver("ncacn_ip_tcp:%s" % (self.server),
self.lp, self.creds)
def get_dns_zones():
request_filter = dnsserver.DNS_ZONE_REQUEST_PRIMARY
server = '127.0.0.1'
binding_str = 'ncacn_ip_tcp:%s[sign]' % server
cred_data = open('/vapour/dnsquery').read().split(':')
creds = Credentials()
creds.guess(lp)
creds.set_username(cred_data[0])
creds.set_password(cred_data[1].rstrip())
dns_conn = dnsserver.dnsserver(binding_str, lp, creds)
client_version = dnsserver.DNS_CLIENT_VERSION_LONGHORN
typeid, res = dns_conn.DnssrvComplexOperation2(
client_version, 0, server, None, 'EnumZones',
dnsserver.DNSSRV_TYPEID_DWORD, request_filter)
return dict(res)
def setUp(self):
super(TestZones, self).setUp()
self.zone = "test.lan"
self.rpc_conn = dnsserver.dnsserver("ncacn_ip_tcp:%s[sign]" % (self.server_ip),
self.lp, self.creds)
def dns_connect(server, lp, creds):
if server.lower() == 'localhost':
server = '127.0.0.1'
binding_str = "ncacn_ip_tcp:%s[sign]" % server
dns_conn = dnsserver.dnsserver(binding_str, lp, creds)
return dns_conn
def setUp(self):
super(TestRPCRoundtrip, self).setUp()
self.rpc_conn = dnsserver.dnsserver(
"ncacn_ip_tcp:%s[sign]" % (self.server_ip), self.lp, self.creds)
def run(self,
computername,
credopts=None,
sambaopts=None,
versionopts=None,
H=None,
computerou=None,
description=None,
prepare_oldjoin=False,
ip_address_list=None,
service_principal_name_list=None):
if ip_address_list is None:
ip_address_list = []
if service_principal_name_list is None:
service_principal_name_list = []
# check each IP address if provided
for ip_address in ip_address_list:
if not _is_valid_ip(ip_address):
raise CommandError('Invalid IP address {}'.format(ip_address))
lp = sambaopts.get_loadparm()
creds = credopts.get_credentials(lp)
try:
samdb = SamDB(url=H,
session_info=system_session(),
credentials=creds,
lp=lp)
samdb.newcomputer(
computername,
computerou=computerou,
description=description,
prepare_oldjoin=prepare_oldjoin,
ip_address_list=ip_address_list,
service_principal_name_list=service_principal_name_list,
)
if ip_address_list:
# if ip_address_list provided, then we need to create DNS
# records for this computer.
hostname = re.sub(r"\$$", "", computername)
if hostname.count('$'):
raise CommandError('Illegal computername "%s"' %
computername)
filters = '(&(sAMAccountName={}$)(objectclass=computer))'.format(
ldb.binary_encode(hostname))
recs = samdb.search(base=samdb.domain_dn(),
scope=ldb.SCOPE_SUBTREE,
expression=filters,
attrs=['primaryGroupID', 'objectSid'])
group = recs[0]['primaryGroupID'][0]
owner = ndr_unpack(security.dom_sid, recs[0]["objectSid"][0])
dns_conn = dnsserver.dnsserver(
"ncacn_ip_tcp:{}[sign]".format(samdb.host_dns_name()), lp,
creds)
change_owner_sd = security.descriptor()
change_owner_sd.owner_sid = owner
change_owner_sd.group_sid = security.dom_sid(
"{}-{}".format(samdb.get_domain_sid(), group), )
add_dns_records(samdb, hostname, dns_conn, change_owner_sd,
samdb.host_dns_name(), ip_address_list,
self.get_logger())
except Exception as e:
raise CommandError(
"Failed to create computer '%s': " % computername, e)
self.outf.write("Computer '%s' created successfully\n" % computername)
def setUp(self):
super(TestZones, self).setUp()
self.zone = "test.lan"
self.rpc_conn = dnsserver.dnsserver(
"ncacn_ip_tcp:%s[sign]" % (self.server_ip), self.lp, self.creds)
def dns_connect(self):
binding_str = "ncacn_ip_tcp:%s[sign]" % self.server_ip
return dnsserver.dnsserver(binding_str, self.lp, self.creds)
def setUp(self):
super(TestRPCRoundtrip, self).setUp()
self.rpc_conn = dnsserver.dnsserver("ncacn_ip_tcp:%s[sign]" % (self.server_ip),
self.lp, self.creds)
def dns_connect(server, lp, creds):
binding_str = "ncacn_ip_tcp:%s[sign]" % server
dns_conn = dnsserver.dnsserver(binding_str, lp, creds)
return dns_conn
print("Usage: dnsserver.py [options] DNSSERVER DNSZONE NEWNAME")
sys.exit(1)
server = args[0]
dnszone = args[1]
newname = args[2]
lp = sambaopts.get_loadparm()
creds = credopts.get_credentials(lp)
if not creds.authentication_requested():
parser.error("You must supply credentials")
binding_str = "ncacn_ip_tcp:%s[print,sign]" % server
dns_conn = dnsserver.dnsserver(binding_str, lp, creds)
print("querying a NS record")
res = dns_conn.DnssrvEnumRecords2(0x00070000,
0,
server,
dnszone,
newname,
None,
dnsp.DNS_TYPE_NS,
0x0f,
None,
None)
print("adding a NS glue record")
name = dnsserver.DNS_RPC_NAME()
def list_dns():
from samba.dcerpc import dnsp, dnsserver
server = '127.0.0.1'
binding_str = 'ncacn_ip_tcp:%s[sign]' % server
cred_data = open('/vapour/dnsquery').read().split(':')
creds = Credentials()
creds.guess(lp)
creds.set_username(cred_data[0])
creds.set_password(cred_data[1].rstrip())
dns_conn = dnsserver.dnsserver(binding_str, lp, creds)
zone = get_cur_domain()
name = '@'
record_type = dnsp.DNS_TYPE_ALL
select_flags = dnsserver.DNS_RPC_VIEW_AUTHORITY_DATA
buflen, res = dns_conn.DnssrvEnumRecords2(
dnsserver.DNS_CLIENT_VERSION_LONGHORN, 0, server, zone, name, None,
record_type, select_flags, None, None)
record_groups = res.rec
result = []
for rec_group in record_groups:
group_name = rec_group.dnsNodeName.str
for rec in rec_group.records:
if rec.wType == dnsp.DNS_TYPE_A:
result.append({
'group_name': group_name,
'type': 'A',
'value': rec.data
})
elif rec.wType == dnsp.DNS_TYPE_AAAA:
result.append({
'group_name': group_name,
'type': 'AAAA',
'value': rec.data
})
elif rec.wType == dnsp.DNS_TYPE_PTR:
result.append({
'group_name': group_name,
'type': 'PTR',
'value': rec.data.str
})
elif rec.wType == dnsp.DNS_TYPE_NS:
result.append({
'group_name': group_name,
'type': 'NS',
'value': rec.data.str
})
elif rec.wType == dnsp.DNS_TYPE_CNAME:
result.append({
'group_name': group_name,
'type': 'CNAME',
'value': rec.data.str
})
elif rec.wType == dnsp.DNS_TYPE_SOA:
result.append({
'group_name':
group_name,
'type':
'SOA',
'value':
'serial=%d, refresh=%d, retry=%d, expire=%d, minttl=%d, ns=%s, email=%s'
% (rec.data.dwSerialNo, rec.data.dwRefresh,
rec.data.dwRetry, rec.data.dwExpire,
rec.data.dwMinimumTtl, rec.data.NamePrimaryServer.str,
rec.data.ZoneAdministratorEmail.str)
})
elif rec.wType == dnsp.DNS_TYPE_MX:
result.append({
'group_name':
group_name,
'type':
'MX',
'value':
'%s (%d)' %
(rec.data.nameExchange.str, rec.data.wPreference)
})
elif rec.wType == dnsp.DNS_TYPE_SRV:
result.append({
'group_name':
group_name,
'type':
'SRV',
'value':
'%s (%d, %d, %d)' % (rec.data.nameTarget, rec.data.wPort,
rec.data.wPriority, rec.data.wWeight)
})
elif rec.wType == dnsp.DNS_TYPE_TXT:
slist = ['"%s"' % name.str for name in rec.data]
result.append({
'group_name': group_name,
'type': 'TXT',
'value': ','.join(slist)
})
return result
def run(self, computername, credopts=None, sambaopts=None, versionopts=None,
H=None, computerou=None, description=None, prepare_oldjoin=False,
ip_address_list=None, service_principal_name_list=None):
if ip_address_list is None:
ip_address_list = []
if service_principal_name_list is None:
service_principal_name_list = []
# check each IP address if provided
for ip_address in ip_address_list:
if not _is_valid_ip(ip_address):
raise CommandError('Invalid IP address {}'.format(ip_address))
lp = sambaopts.get_loadparm()
creds = credopts.get_credentials(lp)
try:
samdb = SamDB(url=H, session_info=system_session(),
credentials=creds, lp=lp)
samdb.newcomputer(computername, computerou=computerou,
description=description,
prepare_oldjoin=prepare_oldjoin,
ip_address_list=ip_address_list,
service_principal_name_list=service_principal_name_list,
)
if ip_address_list:
# if ip_address_list provided, then we need to create DNS
# records for this computer.
hostname = re.sub(r"\$$", "", computername)
if hostname.count('$'):
raise CommandError('Illegal computername "%s"' % computername)
filters = '(&(sAMAccountName={}$)(objectclass=computer))'.format(
ldb.binary_encode(hostname))
recs = samdb.search(
base=samdb.domain_dn(),
scope=ldb.SCOPE_SUBTREE,
expression=filters,
attrs=['primaryGroupID', 'objectSid'])
group = recs[0]['primaryGroupID'][0]
owner = ndr_unpack(security.dom_sid, recs[0]["objectSid"][0])
dns_conn = dnsserver.dnsserver(
"ncacn_ip_tcp:{}[sign]".format(samdb.host_dns_name()),
lp, creds)
change_owner_sd = security.descriptor()
change_owner_sd.owner_sid = owner
change_owner_sd.group_sid = security.dom_sid(
"{}-{}".format(samdb.get_domain_sid(), group),
)
add_dns_records(
samdb, hostname, dns_conn,
change_owner_sd, samdb.host_dns_name(),
ip_address_list, self.get_logger())
except Exception as e:
raise CommandError("Failed to create computer '%s': " %
computername, e)
self.outf.write("Computer '%s' created successfully\n" % computername)
def dns_connect(self):
binding_str = "ncacn_ip_tcp:%s[sign]" % self.server_ip
return dnsserver.dnsserver(binding_str, self.lp, self.creds)
print("Usage: dnsserver.py [options] DNSSERVER DNSZONE NEWNAME")
sys.exit(1)
server = args[0]
dnszone = args[1]
newname = args[2]
lp = sambaopts.get_loadparm()
creds = credopts.get_credentials(lp)
if not creds.authentication_requested():
parser.error("You must supply credentials")
binding_str = "ncacn_ip_tcp:%s[print,sign]" % server
dns_conn = dnsserver.dnsserver(binding_str, lp, creds)
print("querying a NS record")
res = dns_conn.DnssrvEnumRecords2(0x00070000, 0, server, dnszone, newname,
None, dnsp.DNS_TYPE_NS, 0x0f, None, None)
print("adding a NS glue record")
name = dnsserver.DNS_RPC_NAME()
name.str = newname
addrec = dnsserver.DNS_RPC_RECORD()
addrec.wType = dnsp.DNS_TYPE_NS
addrec.dwFlags = 0
addrec.dwSerial = 0
addrec.dwTtlSeconds = 3600
addrec.dwTimeStamp = 0
def dns_connect(server, lp, creds):
binding_str = "ncacn_ip_tcp:%s[sign]" % server
dns_conn = dnsserver.dnsserver(binding_str, lp, creds)
return dns_conn
def dns_connect(server, lp, creds):
if server.lower() == 'localhost':
server = '127.0.0.1'
binding_str = "ncacn_ip_tcp:%s[sign]" % server
dns_conn = dnsserver.dnsserver(binding_str, lp, creds)
return dns_conn