From 5e1825ebe3ae26d29c46358c9aa2623396e22060 Mon Sep 17 00:00:00 2001 From: Andrew Bartlett Date: Mon, 14 Sep 2015 12:12:31 +1200 Subject: [PATCH 1/3] python: Extend the samba_kcc --exportldif to include the DC account This will allow us to write (non-)KCC tests that need more of the database. In particular, it will allow testing of DC removal. Signed-off-by: Andrew Bartlett --- python/samba/kcc/ldif_import_export.py | 24 +++++++++++++++++++++++- 1 file changed, 23 insertions(+), 1 deletion(-) diff --git a/python/samba/kcc/ldif_import_export.py b/python/samba/kcc/ldif_import_export.py index ab7c7a0..ca2dc47 100644 --- a/python/samba/kcc/ldif_import_export.py +++ b/python/samba/kcc/ldif_import_export.py @@ -342,7 +342,8 @@ def samdb_to_ldif_file(samdb, dburl, lp, creds, ldif_file): "whenChanged", "systemFlags", "dNSHostName", - "mailAddress"] + "mailAddress", + "serverReference"] sstr = "CN=Sites,%s" % samdb.get_config_basedn() res = samdb.search(sstr, scope=ldb.SCOPE_SUBTREE, @@ -352,6 +353,27 @@ def samdb_to_ldif_file(samdb, dburl, lp, creds, ldif_file): # Write server output write_search_result(samdb, f, res) + # Query server account objects + # This is not needed for the KCC, but allows other tests and + # examinations of a real, complex network + attrs = ["objectClass", + "objectGUID", + "cn", + "whenChanged", + "systemFlags", + "dNSHostName", + "samAccountName", + "servicePrincipalName", + "rIDSetReferences"] + for server in res: + if "serverReference" in server: + basedn = server["serverReference"][0] + res2 = samdb.search(base=basedn, scope=ldb.SCOPE_SUBTREE, + attrs=attrs) + + # Write server account output + write_search_result(samdb, f, res2) + # Query Naming Context replicas attrs = ["objectClass", "objectGUID", From 2924723863aa8a5c403ef41a22933f27bb78585a Mon Sep 17 00:00:00 2001 From: Andrew Bartlett Date: Mon, 14 Sep 2015 13:48:04 +1200 Subject: [PATCH 2/3] python/kcc: Write correct module list into the file during ldif_to_samdb Signed-off-by: Andrew Bartlett --- python/samba/kcc/ldif_import_export.py | 10 ++++++---- 1 file changed, 6 insertions(+), 4 deletions(-) diff --git a/python/samba/kcc/ldif_import_export.py b/python/samba/kcc/ldif_import_export.py index ca2dc47..a1ec12c 100644 --- a/python/samba/kcc/ldif_import_export.py +++ b/python/samba/kcc/ldif_import_export.py @@ -70,9 +70,13 @@ def ldif_to_samdb(dburl, lp, ldif_file, forced_local_dsa=None): changetype: modify replace: dsServiceName dsServiceName: CN=NTDS Settings,%s -- """ % forced_local_dsa) + tmpdb.add_ldif("""dn: @MODULES +@LIST: rootdse,extended_dn_in,extended_dn_out_ldb +- +""") + except Exception, estr: tmpdb.transaction_cancel() raise LdifError("Failed to import %s: %s" % (ldif_file, estr)) @@ -82,9 +86,7 @@ def ldif_to_samdb(dburl, lp, ldif_file, forced_local_dsa=None): # We have an abbreviated list of options here because we have built # an abbreviated database. We use the rootdse and extended-dn # modules only during this re-open - samdb = SamDB(url=dburl, session_info=system_session(), lp=lp, - options=["modules:rootdse,extended_dn_in," - "extended_dn_out_ldb"]) + samdb = SamDB(url=dburl, session_info=system_session(), lp=lp) return samdb From 48d61a3f044c16ecbd8a260225693f181062690b Mon Sep 17 00:00:00 2001 From: Andrew Bartlett Date: Mon, 14 Sep 2015 13:47:31 +1200 Subject: [PATCH 3/3] selftest: Add tests for samdb_to_ldif_file Signed-off-by: Andrew Bartlett --- python/samba/tests/kcc/ldif_import_export.py | 25 ++++++++++++++++++++++--- 1 file changed, 22 insertions(+), 3 deletions(-) diff --git a/python/samba/tests/kcc/ldif_import_export.py b/python/samba/tests/kcc/ldif_import_export.py index 67bcd39..f3352e2 100644 --- a/python/samba/tests/kcc/ldif_import_export.py +++ b/python/samba/tests/kcc/ldif_import_export.py @@ -127,9 +127,28 @@ def test_ldif_to_samdb_forced_local_dsa(self): self.remove_files(dburl) - def samdb_to_ldif_file(self): - #samdb_to_ldif_file(samdb, dburl, lp, creds, ldif_file): - pass + def test_samdb_to_ldif_file(self): + dburl = os.path.join(self.tempdir, "ldap") + dburl2 = os.path.join(self.tempdir, "ldap_roundtrip") + ldif_file = os.path.join(self.tempdir, "ldif") + samdb = ldif_import_export.ldif_to_samdb(dburl, self.lp, + MULTISITE_LDIF) + self.assertIsInstance(samdb, SamDB) + ldif_import_export.samdb_to_ldif_file(samdb, dburl, + lp=self.lp, creds=None, + ldif_file=ldif_file) + self.assertGreater(os.path.getsize(ldif_file), 1000, + "LDIF should be larger than 1000 bytes") + samdb = ldif_import_export.ldif_to_samdb(dburl2, self.lp, + ldif_file) + self.assertIsInstance(samdb, SamDB) + dsa = ("CN=WIN01,CN=Servers,CN=Default-First-Site-Name,CN=Sites," + "CN=Configuration,DC=ad,DC=samba,DC=example,DC=com") + res = samdb.search(ldb.Dn(samdb, "CN=NTDS Settings," + dsa), + scope=ldb.SCOPE_BASE, attrs=["objectGUID"]) + self.remove_files(dburl) + self.remove_files(dburl2) + self.remove_files(ldif_file) class KCCMultisiteLdifTests(samba.tests.TestCaseInTempDir):