#!/bin/sh
#
# Univention Setup
#  domainname change script
#
# Copyright 2004-2014 Univention GmbH
#
# http://www.univention.de/
#
# All rights reserved.
#
# The source code of this program is made available
# under the terms of the GNU Affero General Public License version 3
# (GNU AGPL V3) as published by the Free Software Foundation.
#
# Binary versions of this program provided by Univention to you as
# well as other copyrighted, protected or trademarked materials like
# Logos, graphics, fonts, specific documentations and configurations,
# cryptographic keys etc. are subject to a license agreement between
# you and Univention and not subject to the GNU AGPL V3.
#
# In the case you use this program under the terms of the GNU AGPL V3,
# the program is provided in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU Affero General Public License for more details.
#
# You should have received a copy of the GNU Affero General Public
# License with the Debian GNU/Linux or Univention distribution in file
# /usr/share/common-licenses/AGPL-3; if not, see
# <http://www.gnu.org/licenses/>.

. /usr/lib/univention-system-setup/scripts/setup_utils.sh
DN1 () { sed -ne 's/^DN: //p;T;q'; }
dn1 () { ldapsearch-wrapper | sed -ne 's/^dn: //p;T;q'; }

info_header "$0" "$(gettext "Setting domainname")"

is_variable_set "domainname"

if [ $? = 0 ]; then
	exit 0
fi

# domainname can only be changed via system-setup scripts on a basesystem
eval "$(univention-config-registry shell)"
if [ "$server_role" != "basesystem" ]; then
	exit 1
fi

if [ "$check_ldap_access" = "1" ]; then
	exit 0
fi


ldap_available=1
if [ "$(cat /var/run/univention-system-setup.ldap)" = "no-ldap" ]; then
	ldap_available=0
fi


new_domainname=`get_profile_var "domainname"`
if [ -z "$new_domainname" ]; then
	exit 0
fi
old_domainname=$(univention-config-registry get domainname)

if [ -d "/var/lib/univention-system-setup/domainname.pre" ]; then
	run-parts /var/lib/univention-system-setup/domainname.pre --arg=$old_domainname --arg=$new_domainname
fi

mkdir -p /var/univention-system-setup/
echo $old_domainname > /var/univention-system-setup/old_domainname

binddn=`ldap_binddn`
bindpwd=`ldap_bindpwd`

service_stop nscd heimdal-kdc univention-directory-notifier

if [ "$ldap_available" = 1 ]; then
	kerberos_realm="`echo $kerberos_realm | tr '[[:lower:]]' '[[:upper:]]'`"
	echo `date` : "Configure Kerberos principal name of host in LDAP: " host/$hostname.$new_domainname@$kerberos_realm  >> /var/log/univention/setup.log
	echo "dn: $ldap_hostdn" >/var/cache/univention-system-setup/krb5principal.rename.ldif
	echo "changetype: modify" >>/var/cache/univention-system-setup/krb5principal.rename.ldif
	echo "replace: krb5PrincipalName" >>/var/cache/univention-system-setup/krb5principal.rename.ldif
	echo "krb5PrincipalName: host/$hostname.$new_domainname@$kerberos_realm" >>/var/cache/univention-system-setup/krb5principal.rename.ldif
	ldapmodify -x -D "$binddn" -w "$bindpwd" -f /var/cache/univention-system-setup/krb5principal.rename.ldif
	rm /var/cache/univention-system-setup/krb5principal.rename.ldif

	kerberos_ldap_dn=$(ldapsearch -x -D "$binddn" -w "$bindpwd" krb5PrincipalName="ldap/$hostname.$old_domainname@$kerberos_realm" -b cn=kerberos,$ldap_base cn -LLL | ldapsearch-wrapper | dn1)
	if [ -n "$kerberos_ldap_dn" ]; then
		echo `date` : "Configure Kerberos principal name of LDAP Service in LDAP: " host/$hostname.$new_domainname@$kerberos_realm  >> /var/log/univention/setup.log
		echo "dn: $kerberos_ldap_dn" >/var/cache/univention-system-setup/kerberos_ldap_service.ldif
		echo "changetype: modify" >>/var/cache/univention-system-setup/kerberos_ldap_service.ldif
		echo "replace: uid" >>/var/cache/univention-system-setup/kerberos_ldap_service.ldif
		echo "uid: ldap/$hostname.$new_domainname" >>/var/cache/univention-system-setup/kerberos_ldap_service.ldif
		ldapmodify -x -D "$binddn" -w "$bindpwd" -f /var/cache/univention-system-setup/kerberos_ldap_service.ldif
		rm /var/cache/univention-system-setup/kerberos_ldap_service.ldif

		echo `date` : "Configure Kerberos LDAP DN in LDAP: " ldap/$hostname.$new_domainname@$kerberos_realm  >> /var/log/univention/setup.log
		ldapmodrdn -x -D "$binddn" -w "$bindpwd" -r $kerberos_ldap_dn krb5PrincipalName=ldap/$hostname.$new_domainname@$kerberos_realm
	fi

	echo `date` : "Configure hostname for groupware account in LDAP: " $hostname.$new_domainname  >> /var/log/univention/setup.log
	ldapmodrdn -x -D "$binddn" -w "$bindpwd" -r "cn=$hostname.$old_domainname Groupware Account,cn=templates,cn=univention,$ldap_base" "cn=$hostname.$new_domainname Groupware Account"

	if [ -x "/usr/share/univention-nagios-server/tools/univention-nagios-ldap-tool" ] ; then
		/usr/share/univention-nagios-server/tools/univention-nagios-ldap-tool -m -o "$hostname.$old_domainname" -n "$hostname.$new_domainname" -D "$binddn" -w "$bindpwd"
	fi
fi

set_baseconfig_variable ()
{
	if [ -n "$2" ]; then
		if [ "$2" = "$old_domainname" ]; then
			univention-config-registry set $1="$new_domainname"
		elif [ "$2" = "$hostname.$old_domainname" ]; then
			univention-config-registry set $1="$hostname.$new_domainname"
		fi
	fi
}

set_baseconfig_variable_mail ()
{
	if [ -n "$2" ]; then
		univention-config-registry set $1="$(echo $2 | sed -e "s|@$hostname.$old_domainname$|@$hostname.$new_domainname|;s|@$old_domainname$|@$new_domainname|")"
	fi
}
set_baseconfig_variable_part_mail ()
{
	if [ -n "$2" ]; then
		if [ "$2" = "$old_domainname" ]; then
			univention-config-registry set $1="$new_domainname"
		elif [ "$2" = "$hostname.$old_domainname" ]; then
			univention-config-registry set $1="$hostname.$new_domainname"
		fi
	fi
	if [ -n "$2" ]; then
		value=""
		for i in $2; do
			if [ -n "$value" ]; then
				value="$value $(echo $i | sed -e "s|@$hostname.$old_domainname$|@$hostname.$new_domainname|;s|@$old_domainname$|@$new_domainname|")"
			else
				value="$(echo $i | sed -e "s|@$hostname.$old_domainname$|@$hostname.$new_domainname|;s|@$old_domainname$|@$new_domainname|")"
			fi
		done

		univention-config-registry set $1="$value"
	fi
}


set_baseconfig_variable_part ()
{
	if [ -n "$2" ]; then
		change=0
		value=""
		for i in $2; do
			if [ "$i" = "$old_domainname" ]; then
				if [ -n "$value" ]; then
					value="$value $new_domainname "
				else
					value="$new_domainname "
				fi
				change=1
			elif [ "$i" = "$hostname.$old_domainname" ]; then
				if [ -n "$value" ]; then
					value="$value $hostname.$new_domainname "
				else
					value="$hostname.$new_domainname "
				fi
				change=1
			else
				if [ -n "$value" ]; then
					value="$value $i "
				else
					value="$i "
				fi
			fi
		done

		if [ "$change" = "1" ]; then
			univention-config-registry set $1="$value"
		fi
	fi
}



if [ -x "/usr/sbin/univention-dnsedit" ]; then
	UNIVENTION_DNSEDIT="/usr/sbin/univention-dnsedit"
else
	UNIVENTION_DNSEDIT="/usr/share/univention-directory-manager-tools/univention-dnsedit"
fi

echo `date` : "Create new host certificate"  >> /var/log/univention/setup.log

if [ "$server_role" = "domaincontroller_master" ]; then  # create the new certificate
	if [ ! -d "/etc/univention/ssl/$hostname.$new_domainname" ]; then
		univention-certificate new -name "$hostname.$new_domainname"
	fi
	rm -rf /etc/univention/ssl/univention-directory-manager.$old_domainname
	univention-certificate new -name "univention-directory-manager.$new_domainname"
	rm -f /etc/univention/ssl/univention-directory-manager
	ln -sf /etc/univention/ssl/univention-directory-manager.$new_domainname /etc/univention/ssl/univention-directory-manager
elif [ "$server_role" != "basesystem" ]; then # download certificate from master
	if [ -x "/usr/sbin/univention-scp" ]; then
		echo `date` : "Download host certificate"  >> /var/log/univention/setup.log
		HOSTPWD="/etc/machine.secret"
		HOSTACCOUNT="$hostname\$"
		i=0
		univention-scp $HOSTPWD "-r $HOSTACCOUNT@$ldap_master:/etc/univention/ssl/$hostname.$new_domainname /etc/univention/ssl/"
		while [ ! -d "/etc/univention/ssl/$hostname" ] &&  [ ! -d "/etc/univention/ssl/$hostname.$new_domainname" ]; do
			i=$((i+1))
			echo `date` : "Download host certificate (try: $i)"  >> /var/log/univention/setup.log
			sleep 10
			univention-scp $HOSTPWD "-r $HOSTACCOUNT@$ldap_master:/etc/univention/ssl/$hostname.$new_domainname /etc/univention/ssl/"
			if [ "$i" -gt 30 ]; then
				echo `date` : "Failed to download the host certificate"  >> /var/log/univention/setup.log
				break
			fi
		done
	else
		echo `date` : "Couldn't download host certificate, univention-scp was not found"  >> /var/log/univention/setup.log
	fi
fi

if [ "$server_role" != "basesystem" ]; then
	rm -f /etc/univention/ssl/$hostname
	ln -sf /etc/univention/ssl/$hostname.$new_domainname /etc/univention/ssl/$hostname

	if [ -d "/etc/univention/ssl/$hostname.$new_domainname" ]; then
		echo `date` : "Include new host certificate for Cyrus"  >> /var/log/univention/setup.log
		for file in cert.pem private.key; do
			cp /etc/univention/ssl/$hostname.$new_domainname/$file /var/lib/cyrus/$file
			chown cyrus: /var/lib/cyrus/$file
			chmod 600 /var/lib/cyrus/$file
		done

		echo `date` : "Include new host certificate for CUPS"  >> /var/log/univention/setup.log
		if [ -d /etc/cups/ssl ]; then
			rm -f /etc/cups/ssl/server.crt
			ln -s /etc/univention/ssl/$hostname.$new_domainname/cert.pem /etc/cups/ssl/server.crt
			rm -f /etc/cups/ssl/server.key
			ln -s /etc/univention/ssl/$hostname.$new_domainname/private.key /etc/cups/ssl/server.key
		fi
	fi


	eval "$(univention-config-registry shell)"

	echo `date` : "Setting new hostname into effect for Kerberos : $hostname.$new_domainname@$kerberos_realm"  >> /var/log/univention/setup.log
	rm -f /etc/krb5.keytab
	kadmin -l ext "host/$hostname.$new_domainname@$(echo $kerberos_realm | tr '[[:lower:]]' '[[:upper:]]')"
	kadmin -l ext "ldap/$hostname.$new_domainname@$(echo $kerberos_realm | tr '[[:lower:]]' '[[:upper:]]')"
fi

if [ "$ldap_available" = 1 ]; then

	if [ "$server_role" = "domaincontroller_master" ]; then
		echo `date` : "Configure NIS domainname  and associated domainname in LDAP: " $new_domainname  >> /var/log/univention/setup.log

		echo "dn: $ldap_base" >/var/cache/univention-system-setup/base.ldif
		echo "changetype: modify" >>/var/cache/univention-system-setup/base.ldif
		echo "replace: nisDomain" >>/var/cache/univention-system-setup/base.ldif
		echo "nisDomain: $new_domainname" >>/var/cache/univention-system-setup/base.ldif
		echo "-" >>/var/cache/univention-system-setup/base.ldif
		echo "replace: associatedDomain" >>/var/cache/univention-system-setup/base.ldif
		echo "associatedDomain: $new_domainname" >>/var/cache/univention-system-setup/base.ldif
		echo "-" >>/var/cache/univention-system-setup/base.ldif
		ldapmodify -x -D "$binddn" -w "$bindpwd" -f /var/cache/univention-system-setup/base.ldif
		rm /var/cache/univention-system-setup/base.ldif
	fi
fi

echo `date` : "Configure domainname in baseconfig: " $new_domainname  >> /var/log/univention/setup.log
univention-config-registry set domainname="$new_domainname"
echo `date` : "Configure  Kerberos key distribution center in baseconfig : " $kerberos_kdc  >> /var/log/univention/setup.log
set_baseconfig_variable "kerberos/kdc" "$kerberos_kdc"
echo `date` : "Configure  Kerberos admin server in baseconfig : " $kerberos_adminserver  >> /var/log/univention/setup.log
set_baseconfig_variable "kerberos/adminserver" "$kerberos_adminserver"
echo `date` : "Configure  CUPS print server in baseconfig : " $cups_server  >> /var/log/univention/setup.log
set_baseconfig_variable "cups/server" "$cups_server"
echo `date` : "Configure LDAP master in baseconfig : " $ldap_master  >> /var/log/univention/setup.log
set_baseconfig_variable "ldap/master" "$ldap_master"
echo `date` : "Configure LDAP name  in baseconfig : " $ldap_name  >> /var/log/univention/setup.log
set_baseconfig_variable "ldap/name" "$ldap_name"
echo `date` : "Configure LDAP server name  in baseconfig : " $ldap_server_name  >> /var/log/univention/setup.log
set_baseconfig_variable "ldap/server/name" "$ldap_server_name"
echo `date` : "Configure server for Samba home directories  in baseconfig : " $samba_homedirserver  >> /var/log/univention/setup.log
set_baseconfig_variable "samba/homedirserver" "$samba_homedirserver"
echo `date` : "Configure server for Samba profiles  in baseconfig : " $samba_profileserver  >> /var/log/univention/setup.log
set_baseconfig_variable "samba/profileserver" "$samba_profileserver"
echo `date` : "Configure online repository server  in baseconfig : " $repository_online_server  >> /var/log/univention/setup.log
set_baseconfig_variable "repository/online/server" "$repository_online_server"
echo `date` : "Configure mirror repository server  in baseconfig : " $repository_mirror_server  >> /var/log/univention/setup.log
set_baseconfig_variable "repository/mirror/server" "$repository_mirror_server"

#set_baseconfig_variable_part "mail/hosteddomains" "$mail_hosteddomains"
if [ -n "$mail_hosteddomains" ]; then
	echo `date` : "Configure hosted mail domains in baseconfig : $mail_hosteddomains $new_domainname"  >> /var/log/univention/setup.log
	univention-config-registry set mail/hosteddomains="$mail_hosteddomains $new_domainname"
fi

echo `date` : "Configure permitted mail hosts for Postfix in baseconfig : " $postfix_permithosts  >> /var/log/univention/setup.log
set_baseconfig_variable_part "postfix/permithosts" "$postfix_permithosts"

echo `date` : "Configure cups admin e-mail address in baseconfig : " $cups_admin  >> /var/log/univention/setup.log
set_baseconfig_variable_mail "cups/admin" "$cups_admin"

echo `date` : "Configure cups quota admin e-mail address in baseconfig : " $cups_quota_admin_mail  >> /var/log/univention/setup.log
set_baseconfig_variable_mail "cups/quota/admin/mail" "$cups_quota_admin_mail"

echo `date` : "Configure e-mail alias for root in baseconfig : " $mail_alias_root  >> /var/log/univention/setup.log
set_baseconfig_variable_mail "mail/alias/root" "$mail_alias_root"

echo `date` : "Configure the mail cyrus caluser in baseconfig : " $mail_cyrus_caluser  >> /var/log/univention/setup.log
set_baseconfig_variable_mail "mail/cyrus/caluser" "$mail_cyrus_caluser"

echo `date` : "Configure the mail cyrus admins in baseconfig : " $mail_cyrus_imap_admins  >> /var/log/univention/setup.log
set_baseconfig_variable_part_mail "mail/cyrus/imap/admins" "$mail_cyrus_imap_admins"

echo `date` : "Configure the virus admin email address in baseconfig : " $mail_antivir_virus_admin  >> /var/log/univention/setup.log
set_baseconfig_variable_mail "mail/antivir/virus_admin" "$mail_antivir_virus_admin"

echo `date` : "Configure the ssl email address in baseconfig : " $ssl_email  >> /var/log/univention/setup.log
set_baseconfig_variable_mail "ssl/email" "$ssl_email"


echo `date` : "Configure apt source for new domain name $hostname.$new_domainname: "   >> /var/log/univention/setup.log
sed -ri "s_http://$hostname\\.$old_domainname($|/)_http://$hostname.$new_domainname\\1_" /etc/apt/sources.list

echo `date` : "Commit changes to file managed by baseconfig"  >> /var/log/univention/setup.log
univention-config-registry commit /etc/pam.d/httpd \
							 /etc/pam_ldap.conf \
							 /etc/libnss-ldap.conf \
							 /etc/samba/smb.conf \
							 /etc/dhcp3/dhcpd.conf \
							 /etc/ldap/ldap.conf \

service_stop slapd
service_start slapd nscd heimdal-kdc

if [ -x "/etc/init.d/slapd" ]; then
	/etc/init.d/slapd restart
fi

if [ "$ldap_available" = 1 ]; then

	univention-directory-manager dhcp/service list --binddn "$binddn" --bindpwd "$bindpwd" --filter "cn=$old_domainname" | DN1 | while read super; do
		res=$(univention-directory-manager dhcp/server list --binddn "$binddn" --bindpwd "$bindpwd" --superordinate "$super" --filter "(!(cn=$hostname))" | DN1)
		if [ -z "$res" ]; then
			univention-directory-manager dhcp/service create --binddn "$binddn" --bindpwd "$bindpwd"  --position "cn=dhcp,$ldap_base" --set service="$new_domainname"
			univention-directory-manager dhcp/server remove --binddn "$binddn" --bindpwd "$bindpwd"  --superordinate "$super" --dn "cn=$hostname,$super"
			univention-directory-manager dhcp/server create --binddn "$binddn" --bindpwd "$bindpwd"  --superordinate "cn=$new_domainname,cn=dhcp,$ldap_base" --set server="$hostname"
			univention-directory-manager dhcp/subnet list --binddn "$binddn" --bindpwd "$bindpwd" --superordinate="$super" | DN1 | while read subnet_dn; do
				echo `date` : "Configure DHCP subnet: " cn=$new_domainname,cn=dhcp,$ldap_base >> /var/log/univention/setup.log
				univention-directory-manager dhcp/subnet move --binddn "$binddn" --bindpwd "$bindpwd"  --dn "$subnet_dn" --position="cn=$new_domainname,cn=dhcp,$ldap_base"
			done

			univention-directory-manager dhcp/host list --binddn "$binddn" --bindpwd "$bindpwd" --superordinate="$super" | DN1 | while read dhcp_host_dn; do
				univention-directory-manager dhcp/host move --binddn "$binddn" --bindpwd "$bindpwd" --dn "$dhcp_host_dn" --position cn=$new_domainname,cn=dhcp,$ldap_base
			done

			ldapsearch -x -D "$binddn" -w "$bindpwd" "(&(objectClass=univentionNetworkClass)(univentionDhcpEntry=$super))" | dn1 | while read dn; do
				echo `date` : "Configure DHCP entry zone: " cn=$new_domainname,cn=dhcp,$ldap_base >> /var/log/univention/setup.log
				univention-directory-manager networks/network modify --dn "$dn" --set dhcpEntryZone="cn=$new_domainname,cn=dhcp,$ldap_base"
			done
			echo `date` : "Remove old service entry for dn: " $super >> /var/log/univention/setup.log
			univention-directory-manager dhcp/service remove --binddn "$binddn" --bindpwd "$bindpwd" --dn "$super"
		fi
	done

	univention-directory-manager dns/forward_zone list --filter "zoneName=$old_domainname" | DN1 | while read old_super; do
		res=""
		names=$(univention-directory-manager dns/host_record list --superordinate "$old_super"  | grep -i name  | grep -v ^DN | sed -e 's|^ *||;s|^name: ||')
		for name in $names; do
			if [ "$name" = "_kerberos" ] || [ "$name" = "$hostname" ]; then
				continue
			fi
			res=$name
		done

		if [ -z "$res" ]; then
			echo `date` : "Add DNS zone: " $new_domainname >> /var/log/univention/setup.log
			$UNIVENTION_DNSEDIT --binddn "$binddn" --bindpwd "$bindpwd" --ignore-exists "$new_domainname" add zone "root@$new_domainname." 1 28800 7200 604800 10800 "$hostname.$new_domainname."

			univention-directory-manager dns/host_record list --binddn "$binddn" --bindpwd "$bindpwd" --superordinate="zoneName=$old_domainname,cn=dns,$ldap_base" | DN1 | while read hostrecord_dn; do
				echo "$(date) : Configure DNS host record '$hostrecord_dn' to 'zoneName=$new_domainname,cn=dns,$ldap_base'" >> /var/log/univention/setup.log
				ldapsearch -x -D  "$binddn" -w "$bindpwd" -b "$hostrecord_dn"  -LLL | ldapsearch-wrapper | sed -e "s|zoneName: $old_domainname\$|zoneName: $new_domainname|;s|zoneName=$old_domainname,|zoneName=$new_domainname,|" | ldapadd -x -D  "$binddn" -w "$bindpwd"
				ldapdelete -x -D  "$binddn" -w "$bindpwd" "$hostrecord_dn"
			done
			univention-directory-manager dns/alias list --binddn "$binddn" --bindpwd "$bindpwd" --superordinate="zoneName=$old_domainname,cn=dns,$ldap_base" | DN1 | while read alias_dn; do
				echo "$(date) : Configure DNS alias '$alias_dn' to 'zoneName=$new_domainname,cn=dns,$ldap_base'" >> /var/log/univention/setup.log
				ldapsearch -x -D  "$binddn" -w "$bindpwd" -b "$alias_dn"  -LLL | ldapsearch-wrapper | sed -e "s|zoneName: $old_domainname\$|zoneName: $new_domainname|;s|zoneName=$old_domainname,|zoneName=$new_domainname,|" | ldapadd -x -D  "$binddn" -w "$bindpwd"
				ldapdelete -x -D  "$binddn" -w "$bindpwd" "$alias_dn"
			done

			univention-directory-manager dns/srv_record list --binddn "$binddn" --bindpwd "$bindpwd" --superordinate="zoneName=$old_domainname,cn=dns,$ldap_base" | DN1 | while read srvrecord_dn; do
				echo "$(date) : Configure DNS service record '$srvrecord_dn' to 'zoneName=$new_domainname,cn=dns,$ldap_base'" >> /var/log/univention/setup.log
				ldapsearch -x -D  "$binddn" -w "$bindpwd" -b "$srvrecord_dn"  -LLL | ldapsearch-wrapper | sed -e "s|zoneName: $old_domainname\$|zoneName: $new_domainname|;s|zoneName=$old_domainname,|zoneName=$new_domainname,|" | ldapadd -x -D  "$binddn" -w "$bindpwd"
				ldapdelete -x -D  "$binddn" -w "$bindpwd" "$srvrecord_dn"
			done

			ldapsearch -x -D "$binddn" -w "$bindpwd" "(&(objectClass=univentionNetworkClass)(univentionDnsForwardZone=$old_super))" | dn1 | while read dn; do
				echo `date` : "Configure DNS forward zone :" zoneName=$new_domainname,cn=dns,$ldap_base  >> /var/log/univention/setup.log
				univention-directory-manager networks/network modify --dn "$dn" --set dnsEntryZoneForward="zoneName=$new_domainname,cn=dns,$ldap_base"
			done
			echo `date` : "Remove DNS forward zone :" $old_super  >> /var/log/univention/setup.log
			univention-directory-manager dns/forward_zone remove --dn "$old_super"

		else
			# create the new dns zone
			echo `date` : "Create new DNS zone:" $new_domainname  >> /var/log/univention/setup.log
			$UNIVENTION_DNSEDIT --binddn "$binddn" --bindpwd "$bindpwd" --ignore-exists "$new_domainname" add zone "root@$new_domainname." 1 28800 7200 604800 10800 "$hostname.$new_domainname."

			# Create a new A record for the name of the host, which has been changed
			univention-config-registry search --key --non-empty --brief '^interfaces/[^/]+/address' | while IFS=': ' read key ipaddr
			do
				univention-directory-manager dns/forward_zone list --binddn "$binddn" --bindpwd "$bindpwd" | DN1 | while read super; do
					univention-directory-manager dns/host_record list --binddn "$binddn" --bindpwd "$bindpwd" --superordinate "$super" \
					--filter "(&(relativeDomainName=$hostname)(zoneName=$old_domainname)(aRecord=$ipadd))" | sed -ne 's|^DN: ||p;T;q' | while read dn; do
						echo `date` : "Remove old DNS record in the old forward zone $old_domainname"  >> /var/log/univention/setup.log
						univention-directory-manager dns/host_record remove --binddn "$binddn" --bindpwd "$bindpwd" --superordinate "$super" --dn "$dn"
						echo `date` : "Create new DNS A record for $new_domainname:" $hostname  >> /var/log/univention/setup.log
						$UNIVENTION_DNSEDIT --binddn "$binddn" --bindpwd "$bindpwd" --ignore-exists "$new_domainname" add a "$hostname" "$ipadd"
					done
				done
			done

			# Copy DNS Service Records from the old to the new DNS Domain
			echo `date` : "Copy SRV Records to the new domain:" $new_domainname  >> /var/log/univention/setup.log
			ldapsearch -x -D "$binddn" -w "$bindpwd" sRVRecord="* $hostname.$old_domainname." -LLL -b "zoneName=$old_domainname,cn=dns,$ldap_base" | sed -e "s|zoneName=$old_domainname,|zoneName=$new_domainname,|g;s|$hostname\.$old_domainname\.\$|$hostname.$new_domainname.|g;s|: $old_domainname\$|: $new_domainname|g" | ldapadd -x -D "$binddn" -w "$bindpwd"

			# Copy Alias Records from the old to the new DNS Domain
			echo `date` : "Copy Alias Records to the new domain:" $new_domainname  >> /var/log/univention/setup.log
			ldapsearch -x -D "$binddn" -w "$bindpwd" "(|(cNAMERecord=$hostname)(cNAMERecord=$hostname.$old_domainname.))" -LLL -b "zoneName=$old_domainname,cn=dns,$ldap_base" | sed -e "s|zoneName=$old_domainname,|zoneName=$new_domainname,|g;s|$old_domainname\.\$|$new_domainname.|g;s|: $old_domainname\$|: $new_domainname|g" | ldapadd -x -D "$binddn" -w "$bindpwd"

			# Modify Alias Records in the old DNS Domain to point to the new DNS Domain
			echo `date` : "Modify Alias Records in the old domain to point to the new domain:" $new_domainname  >> /var/log/univention/setup.log
			univention-directory-manager dns/alias list --binddn "$binddn" --bindpwd "$bindpwd" --filter "(cNAMERecord=$hostname)" --superordinate="zoneName=$old_domainname,cn=dns,$ldap_base" | DN1 | while read alias_dn; do
				univention-directory-manager dns/alias modify --binddn "$binddn" --bindpwd "$bindpwd" --dn "$alias_dn" --set cname="$hostname.$new_domainname."
			done

			# Copy TXT Records from the old to the new DNS Domain
			echo `date` : "Copy TXT Records to the new domain:" $new_domainname  >> /var/log/univention/setup.log
			ldapsearch -x -D "$binddn" -w "$bindpwd" "(tXTRecord=*)" -LLL -b "zoneName=$old_domainname,cn=dns,$ldap_base" | sed -e "s|zoneName=$old_domainname,|zoneName=$new_domainname,|g;s|$old_domainname\.\$|$new_domainname.|g;s|: $old_domainname\$|: $new_domainname|g" | ldapadd -x -D "$binddn" -w "$bindpwd"
		fi

	done

	univention-directory-manager dns/forward_zone list --binddn "$binddn" --bindpwd "$bindpwd" | DN1 | while read super; do

		# SRV records
		univention-directory-manager dns/srv_record list --binddn "$binddn" --bindpwd "$bindpwd" --superordinate "$super" --filter sRVRecord="* $hostname.$old_domainname*" | DN1 | while read dn; do

			univention-directory-manager dns/srv_record list --binddn "$binddn" --bindpwd "$bindpwd" --superordinate "$super"  --filter "$(echo $dn | sed -e 's|,.*||g')" |grep "location:.* $hostname.$old_domainname\\." | sed -e 's|.* location: ||' | while read old_location; do
			new_location=`echo $old_location | sed -e "s| $hostname\.$old_domainname\.\$| $hostname.$new_domainname.|"`

			if [ "$old_location" != "$new_location" ]; then
				echo `date` : "Configure DNS service record :" $new_location  >> /var/log/univention/setup.log
				univention-directory-manager dns/srv_record modify --binddn "$binddn" --bindpwd "$bindpwd" --superordinate "$super" --dn "$dn" --remove location="$old_location" --append location="$new_location"
			fi
			done
		done

		univention-directory-manager dns/alias list --binddn "$binddn" --bindpwd "$bindpwd" --superordinate "$super" --filter "cNAMERecord=$hostname.$old_domainname" | DN1 | while read dn; do
			echo `date` : "Configure DNS alias (cname):" $hostname.$new_domainname  >> /var/log/univention/setup.log
			univention-directory-manager dns/alias modify --binddn "$binddn" --bindpwd "$bindpwd" --superordinate "$super" --dn "$dn" --set cname="$hostname.$new_domainname"
		done
		univention-directory-manager dns/alias list --binddn "$binddn" --bindpwd "$bindpwd" --superordinate "$super" --filter "cNAMERecord=$hostname.$new_domainname." | DN1 | while read dn; do
			echo `date` : "Configure DNS alias (cname):" $hostname.$new_domainname  >> /var/log/univention/setup.log
			univention-directory-manager dns/alias modify --binddn "$binddn" --bindpwd "$bindpwd" --superordinate "$super" --dn "$dn" --set cname="$hostname.$new_domainname."
		done

		#Forward Zone
		univention-directory-manager dns/forward_zone list --binddn "$binddn" --bindpwd "$bindpwd" --filter nSRecord="$hostname.$old_domainname." | DN1 | while read tmp; do
			echo `date` : "Configure DNS forward zone:" $hostname.$new_domainname  >> /var/log/univention/setup.log
			univention-directory-manager dns/forward_zone modify --binddn "$binddn" --bindpwd "$bindpwd" --dn "$tmp" --append nameserver="$hostname.$new_domainname." --remove nameserver="$hostname.$old_domainname."
		done
	done

	univention-directory-manager dns/reverse_zone list --binddn "$binddn" --bindpwd "$bindpwd" | DN1 | while read super; do
		echo `date` : "Configure DNS reverse zone (PTR): $hostname.$new_domainname."  >> /var/log/univention/setup.log
		univention-directory-manager dns/ptr_record list --binddn "$binddn" --bindpwd "$bindpwd" --superordinate "$super" --filter "pTRRecord=$hostname.$old_domainname." | DN1 | while read dn; do
			univention-directory-manager dns/ptr_record modify --binddn "$binddn" --bindpwd "$bindpwd" --superordinate "$super" --dn "$dn" --set ptr_record="$hostname.$new_domainname."
		done
	done

	# Reverse Zone
	univention-directory-manager dns/reverse_zone list --binddn "$binddn" --bindpwd "$bindpwd" --filter nSRecord="$hostname.$old_domainname." | DNhile read dn; do
		echo `date` : "Configure DNS reverse zone (PTR):" $hostname.$new_domainname  >> /var/log/univention/setup.log
		univention-directory-manager dns/reverse_zone modify --binddn "$binddn" --bindpwd "$bindpwd" --dn "$dn" --remove nameserver="$hostname.$old_domainname." --append nameserver="$hostname.$new_domainname."
	done

	# If the 4th parameter is set, the value is rewritten to hostname.new_domainname, if the 5th is set, only to the new domainname
	admin_replace_name ()
	{
		admin_module="$1"
		ldap_attribute="$2"
		admin_attribute="$3"
		univention-directory-manager $admin_module list --binddn "$binddn" --bindpwd "$bindpwd" --filter "(|($ldap_attribute=$old_domainname)($ldap_attribute=$hostname.$old_domainname))" | DNhile read dn; do
			if [ -n "$4" ]; then
				if [ -n "$5" ]; then
					echo `date` : "Configure admin attribute $admin_attribute :" $new_domainname  >> /var/log/univention/setup.log
					univention-directory-manager $admin_module modify --binddn "$binddn" --bindpwd "$bindpwd" --dn "$dn" --set $admin_attribute="$new_domainname"
				else
					echo `date` : "Configure admin attribute $admin_attribute :" $hostname.$new_domainname  >> /var/log/univention/setup.log
					univention-directory-manager $admin_module modify --binddn "$binddn" --bindpwd "$bindpwd" --dn "$dn" --set $admin_attribute="$hostname.$new_domainname"
				fi
			else
				echo `date` : "Configure admin attribute $admin_attribute :" $hostname.$new_domainname  >> /var/log/univention/setup.log
				univention-directory-manager $admin_module modify --binddn "$binddn" --bindpwd "$bindpwd" --dn "$dn" --append $admin_attribute="$hostname.$new_domainname" --remove $admin_attribute="$old_domainname" --remove $admin_attribute="$hostname.$old_domainname"
			fi
		done
	}

	admin_replace_name "policies/thinclient" "univentionFileServer" "fileServer"
	admin_replace_name "policies/thinclient" "univentionAuthServer" "authServer"
	admin_replace_name "policies/thinclient" "univentionDesktopServer" "linuxTerminalServer"
	admin_replace_name "policies/ldapserver" "univentionLDAPServer" "ldapServer"
	admin_replace_name "policies/dhcp_boot" "univentionDhcpBootServer" "boot_server"
	admin_replace_name "policies/dhcp_dns" "univentionDhcpDomainNameServers" "domain_name_servers"
	if [ "$server_role" = "domaincontroller_master" ]; then
		admin_replace_name "policies/dhcp_dns" "univentionDhcpDomainName" "domain_name" "1" "1"
	fi
	admin_replace_name "policies/dhcp_netbios" "univentionDhcpNetbiosNameServers" "netbios_name_servers"
	admin_replace_name "policies/dhcp_routing" "univentionDhcpRouters" "routers"
	admin_replace_name "policies/printserver" "univentionPrintServer" "printServer"
	admin_replace_name "policies/repositoryserver" "univentionRepositoryServer" "repositoryServer"
	admin_replace_name "shares/share" "univentionShareHost" "host" "1"
	admin_replace_name "shares/printer" "univentionPrinterSpoolHost" "spoolHost"
	admin_replace_name "users/user" "kolabHomeServer" "kolabHomeServer" "1"
	admin_replace_name "settings/usertemplate" "kolabHomeServer" "kolabHomeServer" "1"
	admin_replace_name "settings/default" "univentionDefaultKolabHomeServer" "defaultKolabHomeServer" "1"
	admin_replace_name "computers/$server_role" "associatedDomain" "domain" "1" "1"

	share_container_dn=`univention-directory-manager container/cn list --binddn "$binddn" --bindpwd "$bindpwd" --filter cn=$hostname.$old_domainname | DN1`
	if [ -n "$share_container_dn" ]; then
		echo `date` : "Create share container for LDAP base " $ldap_base ":" $hostname.$_newdomainname  >> /var/log/univention/setup.log
		univention-directory-manager container/cn create --binddn "$binddn" --bindpwd "$bindpwd" --set sharePath=1 --position cn=shares,$ldap_base --set name=$hostname.$new_domainname

		univention-directory-manager shares/share list --binddn "$binddn" --bindpwd "$bindpwd" | DN1 | grep ",cn=$hostname.$old_domainname,cn=shares,$ldap_base" | while read dn; do
			echo `date` : "Move share container :" cn=$hostname.$new_domainname,cn=shares,$ldap_base  >> /var/log/univention/setup.log
			univention-directory-manager shares/share move --binddn "$binddn" --bindpwd "$bindpwd" --dn "$dn" --position "cn=$hostname.$new_domainname,cn=shares,$ldap_base"
		done

		echo `date` : "Remove container :" $share_container_dn  >> /var/log/univention/setup.log
		univention-directory-manager container/cn remove --binddn "$binddn" --bindpwd "$bindpwd" --dn "$share_container_dn"
	fi

	mail_domain=`univention-directory-manager mail/domain list --binddn "$binddn" --bindpwd "$bindpwd" --filter cn="$old_domainname" | DN1`
	if [ -n "$mail_domain" ]; then
		echo `date` : "Configure mail domain:" $new_domainname  >> /var/log/univention/setup.log
		univention-directory-manager mail/domain create --binddn "$binddn" --bindpwd "$bindpwd" --position "cn=domain,cn=mail,$ldap_base" --set name="$new_domainname"
	fi


fi

if [ -e "/etc/nagios/nrpe.univention.d/UNIVENTION_LDAP.cfg" ]; then
	sed -i "s|\.$domainname |.$new_domainname |" /etc/nagios/nrpe.univention.d/UNIVENTION_LDAP.cfg
fi

is_variable_set "UMC_MODE"
if [ $? = 0 ]; then
	if [ -x "/usr/sbin/apachectl" ]; then
		/usr/sbin/apachectl stop
		count=0
		while pidof apache; do
			sleep 1
			count=$((count+1))
			if [ $count -gt 20 ]; then
				continue
			fi
		done
		/usr/sbin/apachectl start
	fi
fi
service_start univention-directory-notifier

if [ -x "/usr/sbin/postmap" ] && [ -e "/etc/postfix/transport" ]; then
	/usr/sbin/postmap /etc/postfix/transport
fi

if [ -x "/usr/bin/newaliases" ]; then
	/usr/bin/newaliases
fi

if [ -x "/etc/init.d/postfix" ]; then
	/etc/init.d/postfix reload
fi

# stop the dns server and remove the cache
service_stop univention-bind univention-bind-proxy
sleep 1
rm -f /var/cache/bind/*
service_start univention-bind univention-bind-proxy

#invalidate the hosts cache
nscd -i hosts

service_stop univention-directory-listener; sleep 1; service_start univention-directory-listener



if [ -d "/var/lib/univention-system-setup/domainname.post" ]; then
	run-parts /var/lib/univention-system-setup/domainname.post --arg=$old_domainname --arg=$new_domainname
fi

exit 0
