From 0a93c4cd30a5c60cc7567c564d56295aaec22a19 Mon Sep 17 00:00:00 2001 From: Adnan RIHAN Date: Wed, 1 Nov 2023 20:44:06 +0100 Subject: [PATCH] Added Samba AD DC API --- dnsapi2.md | 34 ++++++++++++++++++++++++++++++++++ 1 file changed, 34 insertions(+) diff --git a/dnsapi2.md b/dnsapi2.md index 0cf6f6c4..6486aecc 100644 --- a/dnsapi2.md +++ b/dnsapi2.md @@ -82,6 +82,7 @@ - [158. Use DNSExit API](#dns_dnsexit) - [159. Use Lima-City (Trafficplex)](#dns_limacity) - [160. Use TencentCloud (DNSPod) API](#dns_tencent) +- [161. Use Samba AD DC API](#dns_samba) - [Use custom API](#dns_myapi) - [Use lexicon DNS API](#dns_lexicon) @@ -2042,6 +2043,39 @@ The login variables will be saved in `~/.acme.sh/account.conf` and will be reuse Report any bugs or issues [here](https://github.com/acmesh-official/acme.sh/issues/4781) + + + + +## 161. Use Samba AD DC + +This API requires you to have `samba-tool` available, you don't need the full samba installation on a remote machine (if the machine you use to generate the certificate isn't the same as the Samba AD DC). On Debian, you can get it with the `samba-common-bin` package. + +Then you need to provide the host, username and password of an administrator to change the DNS settings: + +```sh +export SAMBA_HOST=dc1.example.com +export SAMBA_USER=Administrator +export SAMBA_PASS=MyAdminP@ssword +``` + +Then you can issue your certificates with: + +```sh +./acme.sh --issue --dns dns_samba -d example.com -d *.example.com +``` + +Or even in 1 line: + +```sh +SAMBA_HOST=dc1.example.com SAMBA_USER=Administrator SAMBA_PASS=MyAdminP@ssword ./acme.sh --issue --dns dns_samba -d example.com -d *.example.com +``` + +The `SAMBA_HOST`, `SAMBA_USER` and `SAMBA_PASS` settings will be saved in `~/.acme.sh/account.conf` and will be reused when needed. + +Report any bugs or issues [here](https://github.com/acmesh-official/acme.sh/issues/4852) + + ## Use custom API