Have Windows domain allow the less secure 'securejoin' if indicated in site (can be rendered secure in *very* specific circumstances).
git-svn-id: https://svn.code.sf.net/p/xcat/code/xcat-core/trunk@14931 8638fb3e-16cb-4fca-ae20-7b5d299a9bcd
This commit is contained in:
parent
beda697525
commit
14ffb71f0e
@ -61,7 +61,7 @@ statelite => {
|
||||
#seriously evaluate wider support of multi-domain environments, will leave them
|
||||
#commented rather than tempt people to try with an expectation that it could work.
|
||||
domain => {
|
||||
cols => [qw(node ou comments disable)],
|
||||
cols => [qw(node ou authdomain comments disable)],
|
||||
keys => ['node'],
|
||||
table_desc => 'Mapping of nodes to domain attributes',
|
||||
descriptions => {
|
||||
@ -69,6 +69,7 @@ domain => {
|
||||
# domain => 'The name of the domain it is a member of, such as "example.com". Defaults to domain value from the site table',
|
||||
# the above column is unimplemented by anything, so leave it out for this pass
|
||||
ou => 'For an LDAP described machine account (i.e. Active Directory), the orginaztional unit to place the system. If not set, defaults to cn=Computers,dc=your,dc=domain',
|
||||
authdomain => 'If a node should participate in an AD domain or Kerberos realm distinct from domain indicated in site, this field can be used to specify that',
|
||||
comments => 'Any user-written notes.',
|
||||
disable => "Set to 'yes' or '1' to comment out this row.",
|
||||
},
|
||||
|
@ -307,7 +307,10 @@ sub windows_join_data {
|
||||
#we are still here, meaning configuration has a domain and activedirectory set, probably want to join..
|
||||
#TODO: provide a per-node 'disable' so that non-AD could be mixed into a nominally AD environment
|
||||
my $adinfo = machinepassword(wantref=>1); #TODO: needs rearranging in non prejoin case
|
||||
my $prejoin =1; #todo: variant without prejoin for TLS-free
|
||||
my $prejoin =1;
|
||||
if (defined $::XCATSITEVALS{prejoinactivedirectory} and not $::XCATSITEVALS{prejoinactivedirectory} ) {
|
||||
$prejoin = 0;
|
||||
}
|
||||
my $componentxml = '<component name="Microsoft-Windows-UnattendedJoin" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">'."\n<Identification>\n<JoinDomain>".$adinfo->{domain}."</JoinDomain>\n";
|
||||
if ($adinfo->{ou}) {
|
||||
$componentxml .= "<MachineObjectOU>".$adinfo->{ou}."</MachineObjectOU>\n";
|
||||
|
Loading…
Reference in New Issue
Block a user