source: trunk/server/source4/scripting/devel/rebuild_zone.sh

#!/bin/sh
# rebuild a zone file, adding all DCs

[ $# -eq 2 ] || {
    echo "rebuild_zone.sh <sam.ldb> <zonefile>"
    exit 1
}

LDB="$1"
ZFILE="$2"

dnshostname=$(bin/ldbsearch -H $LDB -s base -b '' dnsHostname | grep ^dns | cut -d' ' -f2)
host=$(echo $dnshostname | cut -d. -f1)
realm=$(echo $dnshostname | cut -d. -f2-)
GUIDs=$(bin/ldbsearch -H $LDB objectclass=ntdsdsa objectguid --cross-ncs|grep ^objectGUID| cut -d' ' -f2)
DOMAINGUID=$(bin/ldbsearch -H $LDB -s base objectguid |grep ^objectGUID| cut -d' ' -f2)

dcname() {
    GUID=$1
    echo $(bin/ldbsearch -H $LDB objectguid=$GUID dn --cross-ncs|grep CN=NTDS.Settings| cut -d, -f2| cut -d= -f2)
}

getip() {
    NAME=$1
    ret=$(nmblookup $NAME| egrep '^[0-9]' | head -1 | cut -d' ' -f1)
    test -n "$ret" || {
        echo "Unable to find IP for $NAME. Using XX.XX.XX.XX. Please edit" 1>&2
        echo "XX.XX.XX.XX"
    }
    echo $ret
}

echo "Generating header for host $host in realm $realm"
cat <<EOF > $ZFILE
; -*- zone -*-
; generated by rebuild_zone.sh
\$ORIGIN $realm.
\$TTL 1W
@               IN SOA  @   hostmaster (
                                $(date +%Y%m%d%H)   ; serial
                                2D              ; refresh
                                4H              ; retry
                                6W              ; expiry
                                1W )            ; minimum
                        IN NS   $host

EOF

for GUID in $GUIDs; do
    dc=$(dcname $GUID)
    echo "Generating IP for DC $dc"
    ip=$(getip $dc)
    test -n "$ip" || exit 1
    echo "      IN A $ip" >> $ZFILE
done

echo "; IP Addresses" >> $ZFILE
for GUID in $GUIDs; do
    dc=$(dcname $GUID)
    ip=$(getip $dc)
    test -n "$ip" || exit 1
    echo "$dc   IN A $ip" >> $ZFILE
done

for GUID in $GUIDs; do
    dc=$(dcname $GUID)
    ip=$(getip $dc)
    test -n "$ip" || exit 1
    echo "Generating zone body for DC $dc with IP $ip"
cat <<EOF >> $ZFILE
;
; Entries for $dc
gc._msdcs               IN A    $ip
$GUID._msdcs    IN CNAME        $dc
_gc._tcp                IN SRV 0 100 3268       $dc
_gc._tcp.Default-First-Site-Name._sites IN SRV 0 100 3268       $dc
_ldap._tcp.gc._msdcs    IN SRV 0 100 389        $dc
_ldap._tcp.Default-First-Site-Name._sites.gc._msdcs     IN SRV 0 100 389 $dc
_ldap._tcp              IN SRV 0 100 389        $dc
_ldap._tcp.dc._msdcs    IN SRV 0 100 389        $dc
_ldap._tcp.pdc._msdcs   IN SRV 0 100 389        $dc
_ldap._tcp.$DOMAINGUID.domains._msdcs           IN SRV 0 100 389 $dc
_ldap._tcp.Default-First-Site-Name._sites               IN SRV 0 100 389 $dc
_ldap._tcp.Default-First-Site-Name._sites.dc._msdcs     IN SRV 0 100 389 $dc
_kerberos._tcp          IN SRV 0 100 88         $dc
_kerberos._tcp.dc._msdcs        IN SRV 0 100 88 $dc
_kerberos._tcp.Default-First-Site-Name._sites   IN SRV 0 100 88 $dc
_kerberos._tcp.Default-First-Site-Name._sites.dc._msdcs IN SRV 0 100 88 $dc
_kerberos._udp          IN SRV 0 100 88         $dc
_kerberos-master._tcp           IN SRV 0 100 88         $dc
_kerberos-master._udp           IN SRV 0 100 88         $dc
_kpasswd._tcp           IN SRV 0 100 464        $dc
_kpasswd._udp           IN SRV 0 100 464        $dc
EOF
done

cat <<EOF >> $ZFILE

; kerberos hack
_kerberos               IN TXT  $(echo $realm | tr [a-z] [A-Z])
EOF

echo "Rebuilt zone file $ZFILE OK"

echo "Reloading bind config"
PATH="/usr/sbin:$PATH" rndc reload
exit 0