#!/usr/bin/perl system("clear"); print "############################################################################################################################# \n"; print "******************* Validation of DNS zone records creation for DSfW Domain Controller and Memeber Server ******************* \n"; print "############################################################################################################################# \n"; $x = `LDAPCONF=/etc/opt/novell/xad/openldap/ldap.conf /usr/bin/ldapsearch -Y EXTERNAL -b '' -s base configurationNamingContext -LLL 2>&1`; $x =~ /configurationNamingContext: (.*?)$/m; $configurationPartition = $1; # Find list of partitions @x = `LDAPCONF=/etc/opt/novell/xad/openldap/ldap.conf /usr/bin/ldapsearch -Y EXTERNAL -b "$configurationPartition" '(&(objectclass=crossref)(systemFlags=3))' ncname -LLL 2>&1 | grep -i 'ncname:'`; for ($i = 0; $i <= $#x; $i++) { if ($x[$i] =~ /ncname: (.*?)$/) { $partitions[$i] = $1; } else { die "Error reading ncname\n"; } } for ($i = 0; $i <= $#partitions; $i++) { $domainFQDN = &get_domain_fqdn($partitions[$i]); @dc = &get_dc_list($partitions[$i]); # Check standard records for each partition &dns_lookup_srv("_ldap._tcp.$domainFQDN", @dc); &dns_lookup_srv("_ldap._tcp.pdc._msdcs.$domainFQDN", @dc); &dns_lookup_srv("_ldap._tcp.dc._msdcs.$domainFQDN", @dc); &dns_lookup_srv("_gc._tcp.$domainFQDN", @dc); &dns_lookup_srv("_ldap._tcp.gc._msdcs.$domainFQDN", @dc); &dns_lookup_srv("_kpasswd._tcp.$domainFQDN", @dc); &dns_lookup_srv("_kpasswd._udp.$domainFQDN", @dc); &dns_lookup_srv("_kerberos._tcp.$domainFQDN", @dc); &dns_lookup_srv("_kerberos._udp.$domainFQDN", @dc); &dns_lookup_srv("_kerberos._tcp.dc._msdcs.$domainFQDN", @dc); &dns_lookup_srv("_ldap._tcp.default-first-site-name._sites.$domainFQDN", @dc); &dns_lookup_srv("_gc._tcp.default-first-site-name._sites.$domainFQDN", @dc); &dns_lookup_srv("_ldap._tcp.default-first-site-name._sites.dc._msdcs.$domainFQDN", @dc); &dns_lookup_srv("_ldap._tcp.default-first-site-name._sites.gc._msdcs.$domainFQDN", @dc); &dns_lookup_srv("_kerberos._tcp.default-first-site-name._sites.dc._msdcs.$domainFQDN", @dc); &dns_lookup_srv("_kerberos._tcp.default-first-site-name._sites.$domainFQDN", @dc); # Check forward lookup and reverse lookup for each dc for ($j = 0; $j <= $#dc; $j++) { $x = `host $dc[$j]`; if ($? == 0) { print "DNS A record OK for $dc[$j]\n"; $x =~ /has address (.*?)$/; $ip = $1; $x = `host $ip`; $x =~ /domain name pointer (.*?)$/; if ($? == 0) { print "DNS PTR record OK for $ip ($1)\n"; } else { print "DNS PTR record NOT OK for $ip ($1)\n"; } } else { print "DNS A record NOT OK for $dc[$j]\n"; } } # Lookup member servers @memberServers = &get_member_server_list($partitions[$i]); for ($j = 0; $j <= $#memberServers; $j++) { $x = `host $memberServers[$j]`; if ($? == 0) { print "DNS A record OK for $memberServers[$j]\n"; $x =~ /has address (.*?)$/; $ip = $1; $x = `host $ip`; $x =~ /domain name pointer (.*?)$/; if ($? == 0) { print "DNS PTR record OK for $ip ($1)\n"; } else { print "DNS PTR record NOT OK for $ip ($1)\n"; } } else { print "DNS A record NOT OK for $memberServers[$j]\n"; } } } sub get_dc_list { my ($domain, @x, $i, @dc); $domain = $_[0]; @x = `LDAPCONF=/etc/opt/novell/xad/openldap/ldap.conf /usr/bin/ldapsearch -Y EXTERNAL -b "ou=Domain Controllers,$domain" -s one dNSHostName -LLL 2>&1 | grep 'dNSHostName:'`; for ($i = 0; $i <= $#x; $i++) { if ($x[$i] =~ /dNSHostName: (.*?)$/) { @dc[$i] = $1; } else { die "Error reading dNSHostName\n"; } } return @dc; } sub get_member_server_list { my ($domain, @x, $i, @servers); $domain = $_[0]; @x = `LDAPCONF=/etc/opt/novell/xad/openldap/ldap.conf /usr/bin/ldapsearch -Y EXTERNAL -b "cn=computers,$domain" -s one dNSHostName -LLL 2>&1 | grep 'dNSHostName:'`; for ($i = 0; $i <= $#x; $i++) { if ($x[$i] =~ /dNSHostName: (.*?)$/) { @servers[$i] = $1; } else { die "Error reading dNSHostName\n"; } } return @servers; } sub get_domain_fqdn { my ($domain, $fqdn, $x); $domain = $_[0]; $x = `LDAPCONF=/etc/opt/novell/xad/openldap/ldap.conf /usr/bin/ldapsearch -Y EXTERNAL -b "$configurationPartition" '(&(objectClass=crossref)(ncname=$domain))' dnsRoot -LLL 2>&1 | grep 'dnsRoot:'`; if ($x =~ /dnsRoot: (.*?)$/) { $fqdn = $1; } else { die "Error reading dnsRoot\n"; } } sub check_members { my ($x, $y, $i, $ret); $ret = 0; $x = $_[0]; $y = $_[1]; for ($i = 0; $i <= $#{$y}; $i++) { if (grep(/${$y}[$i]/, @{$x}) != 1) { print "DNS record not found for ${$y}[$i]\n"; $ret = 1; } } return $ret; } sub dns_lookup_srv { my ($name, @x, @dc, $ret); $name = $_[0]; @dc = @_[1..$#_]; @x = `/usr/bin/nslookup -querytype=srv $name | grep -i '$name'`; $ret = &check_members(\@x, \@dc); if ($ret == 0) { print "DNS SRV records OK for $name\n"; } else { print "DNS SRV records NOT OK for $name\n"; } }