[SCM] Samba Shared Repository - branch master updated
Andrew Tridgell
tridge at samba.org
Fri Nov 5 07:25:02 MDT 2010
The branch, master has been updated
via 11ae104 s4-join: fixed secure_channel_type
via 351312d s4-join: don't print all the NDR packets by default
via 158ae8a s4-cldap: print all the DNS servers found
via eaabb59 s4-ldb: much more memory efficient msg filtering
via 5fcb426 s4-drs: reduce the memory usage of the getncchanges server
via 14f455b s4-kerberos Mention the remote address we fail to contact the KDC on
via 0a2642c s4-ldb: show the reason for module initialization failure
via 34ce183 s4: net -> samba-tool
via 506ffcf s4-join: added DC join to the python join code
via 278778c s4-pydrs: added rodc option to python drs replication
via cbded38 s4-pydsdb: added DsReplicaAttribute()
via 135756c pidl: use a union assignment instead of memmove
from 6d53d9f s4:password_hash LDB module - fix indentation
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master
- Log -----------------------------------------------------------------
commit 11ae1046a00d858551692d9bd05935d16734a2ef
Author: Andrew Tridgell <tridge at samba.org>
Date: Fri Nov 5 19:09:45 2010 +1100
s4-join: fixed secure_channel_type
Pair-Programmed-With: Andrew Bartlett <abartlet at samba.org>
Autobuild-User: Andrew Tridgell <tridge at samba.org>
Autobuild-Date: Fri Nov 5 13:24:32 UTC 2010 on sn-devel-104
commit 351312d8b870698a44dc1a9766ce7aeec7028602
Author: Andrew Tridgell <tridge at samba.org>
Date: Fri Nov 5 18:57:17 2010 +1100
s4-join: don't print all the NDR packets by default
commit 158ae8a1485a7d0d27b8a0cbdd98993f9a98ff67
Author: Andrew Tridgell <tridge at samba.org>
Date: Fri Nov 5 18:56:46 2010 +1100
s4-cldap: print all the DNS servers found
Pair-Programmed-With: Andrew Bartlett <abartlet at samba.org>
commit eaabb5950fe89c15b575ffb37b35137d8a848c01
Author: Andrew Tridgell <tridge at samba.org>
Date: Fri Nov 5 18:50:29 2010 +1100
s4-ldb: much more memory efficient msg filtering
this ensures we don't leave unnecessary attributes in returned ldb
objects
Pair-Programmed-With: Andrew Bartlett <abartlet at samba.org>
commit 5fcb426d9a0bc4e2076a278babe3f0f2a550d54e
Author: Andrew Tridgell <tridge at samba.org>
Date: Fri Nov 5 18:28:04 2010 +1100
s4-drs: reduce the memory usage of the getncchanges server
we now keep just a list of GUIDs around between getncchanges calls,
instead of an entire db search. This makes the overhead of having a
pending getncchanges call much smaller.
Pair-Programmed-With: Andrew Bartlett <abartlet at samba.org>
commit 14f455ba9955871fa8882edb8de788d2760c0cb0
Author: Andrew Bartlett <abartlet at samba.org>
Date: Fri Nov 5 17:08:52 2010 +1100
s4-kerberos Mention the remote address we fail to contact the KDC on
commit 0a2642c7dc8589c2fc8524e370a2cfeb3064eb28
Author: Andrew Tridgell <tridge at samba.org>
Date: Fri Nov 5 14:10:30 2010 +1100
s4-ldb: show the reason for module initialization failure
commit 34ce183d6cefe7bb332693d65f48dd1c96d7b7f7
Author: Andrew Tridgell <tridge at samba.org>
Date: Fri Nov 5 14:10:11 2010 +1100
s4: net -> samba-tool
commit 506ffcf86f19180a7beeaf3d290f6696a99d1788
Author: Andrew Tridgell <tridge at samba.org>
Date: Fri Nov 5 14:09:49 2010 +1100
s4-join: added DC join to the python join code
this will replace the old vampire code
commit 278778c927b71847e87ce9b43e2a70665906befe
Author: Andrew Tridgell <tridge at samba.org>
Date: Fri Nov 5 14:08:49 2010 +1100
s4-pydrs: added rodc option to python drs replication
commit cbded38ed5f319af4e9836039bfa16c6123e2ba7
Author: Andrew Tridgell <tridge at samba.org>
Date: Fri Nov 5 14:06:10 2010 +1100
s4-pydsdb: added DsReplicaAttribute()
this allows us to form a DsReplicaAttribute structure from python
commit 135756c8ac34c4cf82992dce8c7218781e67f39b
Author: Andrew Tridgell <tridge at samba.org>
Date: Fri Nov 5 11:52:20 2010 +1100
pidl: use a union assignment instead of memmove
this means we don't lose type checking
Pair-Programmed-With: Jelmer Vernooij <jelmer at samba.org>
-----------------------------------------------------------------------
Summary of changes:
pidl/lib/Parse/Pidl/Samba4/Python.pm | 6 +-
source4/auth/kerberos/krb5_init_context.c | 11 +-
source4/dsdb/pydsdb.c | 74 +++++
source4/dsdb/wscript_build | 2 +-
source4/lib/ldb/common/ldb_modules.c | 3 +-
source4/lib/ldb/ldb_tdb/ldb_search.c | 23 ++-
source4/libcli/finddcs_cldap.c | 5 +
source4/rpc_server/drsuapi/getncchanges.c | 90 ++++--
source4/scripting/devel/drs/vampire_ad.sh | 2 +-
source4/scripting/python/samba/drs_utils.py | 9 +-
source4/scripting/python/samba/join.py | 422 ++++++++++++++++---------
source4/scripting/python/samba/netcmd/join.py | 16 +-
source4/scripting/python/samba/netcmd/rodc.py | 2 +-
source4/scripting/python/samba/samdb.py | 3 +
14 files changed, 480 insertions(+), 188 deletions(-)
Changeset truncated at 500 lines:
diff --git a/pidl/lib/Parse/Pidl/Samba4/Python.pm b/pidl/lib/Parse/Pidl/Samba4/Python.pm
index f79981e..00ada47 100644
--- a/pidl/lib/Parse/Pidl/Samba4/Python.pm
+++ b/pidl/lib/Parse/Pidl/Samba4/Python.pm
@@ -824,7 +824,8 @@ sub assign($$$)
if ($dest =~ /^\&/ and $src eq "NULL") {
$self->pidl("memset($dest, 0, sizeof(" . get_value_of($dest) . "));");
} elsif ($dest =~ /^\&/) {
- $self->pidl("memmove($dest, $src, sizeof(" . get_value_of($dest) . "));");
+ my $destvar = get_value_of($dest);
+ $self->pidl("$destvar = *$src;");
} else {
$self->pidl("$dest = $src;");
}
@@ -1047,7 +1048,8 @@ sub ConvertObjectFromPythonLevel($$$$$$$$)
my $switch_ptr = "$e->{NAME}_switch_$l->{LEVEL_INDEX}";
$self->pidl("{");
$self->indent;
- $self->pidl("void *$switch_ptr;");
+ my $union_type = mapTypeName(GetNextLevel($e, $l)->{DATA_TYPE});
+ $self->pidl("$union_type *$switch_ptr;");
$self->pidl("$switch_ptr = py_export_" . GetNextLevel($e, $l)->{DATA_TYPE} . "($mem_ctx, $switch, $py_var);");
$self->pidl("if ($switch_ptr == NULL) { $fail }");
$self->assign($var_name, "$switch_ptr");
diff --git a/source4/auth/kerberos/krb5_init_context.c b/source4/auth/kerberos/krb5_init_context.c
index 2f1416d..6727de0 100644
--- a/source4/auth/kerberos/krb5_init_context.c
+++ b/source4/auth/kerberos/krb5_init_context.c
@@ -29,6 +29,7 @@
#include "system/network.h"
#include "param/param.h"
#include "libcli/resolve/resolve.h"
+#include "../lib/tsocket/tsocket.h"
/*
context structure for operations on cldap packets
@@ -367,7 +368,15 @@ krb5_error_code smb_krb5_send_and_recv_func(krb5_context context,
}
if (!NT_STATUS_IS_OK(smb_krb5->status)) {
- DEBUG(2,("Error reading smb_krb5 reply packet: %s\n", nt_errstr(smb_krb5->status)));
+ struct tsocket_address *addr = socket_address_to_tsocket_address(smb_krb5, remote_addr);
+ const char *addr_string = NULL;
+ if (addr) {
+ addr_string = tsocket_address_inet_addr_string(addr, smb_krb5);
+ } else {
+ addr_string = NULL;
+ }
+ DEBUG(2,("Error reading smb_krb5 reply packet: %s from %s\n", nt_errstr(smb_krb5->status),
+ addr_string));
talloc_free(smb_krb5);
continue;
}
diff --git a/source4/dsdb/pydsdb.c b/source4/dsdb/pydsdb.c
index 7f2e715..db2185f 100644
--- a/source4/dsdb/pydsdb.c
+++ b/source4/dsdb/pydsdb.c
@@ -26,6 +26,8 @@
#include "librpc/ndr/libndr.h"
#include "system/kerberos.h"
#include "auth/kerberos/kerberos.h"
+#include "librpc/rpc/pyrpc_util.h"
+
/* FIXME: These should be in a header file somewhere, once we finish moving
* away from SWIG .. */
#define PyErr_LDB_OR_RAISE(py_ldb, ldb) \
@@ -302,6 +304,77 @@ static PyObject *py_dsdb_get_attid_from_lDAPDisplayName(PyObject *self, PyObject
return PyLong_FromUnsignedLong(attid);
}
+/*
+ convert a python string to a DRSUAPI drsuapi_DsReplicaAttribute attribute
+ */
+static PyObject *py_dsdb_DsReplicaAttribute(PyObject *self, PyObject *args)
+{
+ PyObject *py_ldb, *el_list, *ret;
+ struct ldb_context *ldb;
+ char *ldap_display_name;
+ const struct dsdb_attribute *a;
+ struct dsdb_schema *schema;
+ struct dsdb_syntax_ctx syntax_ctx;
+ struct ldb_message_element *el;
+ struct drsuapi_DsReplicaAttribute *attr;
+ TALLOC_CTX *tmp_ctx;
+ WERROR werr;
+ int i;
+
+ if (!PyArg_ParseTuple(args, "OsO", &py_ldb, &ldap_display_name, &el_list)) {
+ return NULL;
+ }
+
+ PyErr_LDB_OR_RAISE(py_ldb, ldb);
+
+ if (!PyList_Check(el_list)) {
+ PyErr_Format(PyExc_TypeError, "ldif_elements must be a list");
+ return NULL;
+ }
+
+ schema = dsdb_get_schema(ldb, NULL);
+ if (!schema) {
+ PyErr_SetString(PyExc_RuntimeError, "Failed to find a schema from ldb");
+ return NULL;
+ }
+
+ a = dsdb_attribute_by_lDAPDisplayName(schema, ldap_display_name);
+ if (a == NULL) {
+ PyErr_Format(PyExc_RuntimeError, "Failed to find attribute '%s'", ldap_display_name);
+ return NULL;
+ }
+
+ dsdb_syntax_ctx_init(&syntax_ctx, ldb, schema);
+ syntax_ctx.is_schema_nc = false;
+
+ tmp_ctx = talloc_new(ldb);
+
+ el = talloc_zero(tmp_ctx, struct ldb_message_element);
+ el->name = ldap_display_name;
+ el->num_values = PyList_Size(el_list);
+ el->values = talloc_array(el, struct ldb_val, el->num_values);
+ for (i = 0; i < el->num_values; i++) {
+ PyObject *item = PyList_GetItem(el_list, i);
+ if (!PyString_Check(item)) {
+ PyErr_Format(PyExc_TypeError, "ldif_elements should be strings");
+ return NULL;
+ }
+ el->values[i].data = (uint8_t *)PyString_AsString(item);
+ el->values[i].length = PyString_Size(item);
+ }
+
+ attr = talloc_zero(tmp_ctx, struct drsuapi_DsReplicaAttribute);
+
+ werr = a->syntax->ldb_to_drsuapi(&syntax_ctx, a, el, attr, attr);
+ PyErr_WERROR_IS_ERR_RAISE(werr);
+
+ ret = py_return_ndr_struct("samba.dcerpc.drsuapi", "DsReplicaAttribute", attr, attr);
+
+ talloc_unlink(ldb, tmp_ctx);
+
+ return ret;
+}
+
static PyObject *py_dsdb_set_ntds_invocation_id(PyObject *self, PyObject *args)
{
PyObject *py_ldb, *py_guid;
@@ -607,6 +680,7 @@ static PyMethodDef py_dsdb_methods[] = {
{ "_dsdb_write_prefixes_from_schema_to_ldb", (PyCFunction)py_dsdb_write_prefixes_from_schema_to_ldb, METH_VARARGS,
NULL },
{ "_dsdb_get_partitions_dn", (PyCFunction)py_dsdb_get_partitions_dn, METH_VARARGS, NULL },
+ { "_dsdb_DsReplicaAttribute", (PyCFunction)py_dsdb_DsReplicaAttribute, METH_VARARGS, NULL },
{ NULL }
};
diff --git a/source4/dsdb/wscript_build b/source4/dsdb/wscript_build
index c232a80..cc6e233 100644
--- a/source4/dsdb/wscript_build
+++ b/source4/dsdb/wscript_build
@@ -57,6 +57,6 @@ bld.SAMBA_PYTHON('python_dsdb',
# the dependency on dcerpc here is because gensec
# depends on dcerpc but the waf circular dependency finder
# removes it so we end up with unresolved symbols.
- deps='SAMDB pyldb-util dcerpc com_err',
+ deps='SAMDB pyldb-util dcerpc com_err pyrpc_util',
realname='samba/dsdb.so'
)
diff --git a/source4/lib/ldb/common/ldb_modules.c b/source4/lib/ldb/common/ldb_modules.c
index 96e3fed..7de7cca 100644
--- a/source4/lib/ldb/common/ldb_modules.c
+++ b/source4/lib/ldb/common/ldb_modules.c
@@ -343,7 +343,8 @@ int ldb_module_init_chain(struct ldb_context *ldb, struct ldb_module *module)
if (module) {
int ret = module->ops->init_context(module);
if (ret != LDB_SUCCESS) {
- ldb_debug(ldb, LDB_DEBUG_FATAL, "module %s initialization failed", module->ops->name);
+ ldb_debug(ldb, LDB_DEBUG_FATAL, "module %s initialization failed : %s",
+ module->ops->name, ldb_strerror(ret));
return ret;
}
}
diff --git a/source4/lib/ldb/ldb_tdb/ldb_search.c b/source4/lib/ldb/ldb_tdb/ldb_search.c
index ca47fa3..5df1e4d 100644
--- a/source4/lib/ldb/ldb_tdb/ldb_search.c
+++ b/source4/lib/ldb/ldb_tdb/ldb_search.c
@@ -329,6 +329,8 @@ int ltdb_filter_attrs(struct ldb_message *msg, const char * const *attrs)
{
unsigned int i;
int keep_all = 0;
+ struct ldb_message_element *el2;
+ uint32_t num_elements;
if (attrs) {
/* check for special attrs */
@@ -355,6 +357,12 @@ int ltdb_filter_attrs(struct ldb_message *msg, const char * const *attrs)
return 0;
}
+ el2 = talloc_array(msg, struct ldb_message_element, msg->num_elements);
+ if (el2 == NULL) {
+ return -1;
+ }
+ num_elements = 0;
+
for (i = 0; i < msg->num_elements; i++) {
unsigned int j;
int found = 0;
@@ -366,12 +374,21 @@ int ltdb_filter_attrs(struct ldb_message *msg, const char * const *attrs)
}
}
- if (!found) {
- ldb_msg_remove_attr(msg, msg->elements[i].name);
- i--;
+ if (found) {
+ el2[num_elements] = msg->elements[i];
+ talloc_steal(el2, el2[num_elements].name);
+ talloc_steal(el2, el2[num_elements].values);
+ num_elements++;
}
}
+ talloc_free(msg->elements);
+ msg->elements = talloc_realloc(msg, el2, struct ldb_message_element, msg->num_elements);
+ if (msg->elements == NULL) {
+ return -1;
+ }
+ msg->num_elements = num_elements;
+
return 0;
}
diff --git a/source4/libcli/finddcs_cldap.c b/source4/libcli/finddcs_cldap.c
index 4c21f00..bbb221c 100644
--- a/source4/libcli/finddcs_cldap.c
+++ b/source4/libcli/finddcs_cldap.c
@@ -325,6 +325,7 @@ static void finddcs_cldap_srv_resolved(struct composite_context *ctx)
struct finddcs_cldap_state *state =
talloc_get_type(ctx->async.private_data, struct finddcs_cldap_state);
NTSTATUS status;
+ unsigned i;
status = resolve_name_multiple_recv(ctx, state, &state->srv_addresses);
if (tevent_req_nterror(state->req, status)) {
@@ -332,6 +333,10 @@ static void finddcs_cldap_srv_resolved(struct composite_context *ctx)
return;
}
+ for (i=0; state->srv_addresses[i]; i++) {
+ DEBUG(4,("finddcs: DNS server %u at '%s'\n", i, state->srv_addresses[i]));
+ }
+
state->srv_address_index = 0;
status = cldap_socket_init(state, state->ev, NULL, NULL, &state->cldap);
diff --git a/source4/rpc_server/drsuapi/getncchanges.c b/source4/rpc_server/drsuapi/getncchanges.c
index b3295c2..d38250f 100644
--- a/source4/rpc_server/drsuapi/getncchanges.c
+++ b/source4/rpc_server/drsuapi/getncchanges.c
@@ -1042,7 +1042,8 @@ static WERROR getncchanges_change_master(struct drsuapi_bind_state *b_state,
/* state of a partially completed getncchanges call */
struct drsuapi_getncchanges_state {
- struct ldb_result *site_res;
+ struct GUID *guids;
+ uint32_t num_records;
uint32_t num_sent;
struct ldb_dn *ncRoot_dn;
bool is_schema_nc;
@@ -1178,15 +1179,8 @@ WERROR dcesrv_drsuapi_DsGetNCChanges(struct dcesrv_call_state *dce_call, TALLOC_
struct drsuapi_DsReplicaObjectListItemEx **currentObject;
NTSTATUS status;
DATA_BLOB session_key;
- const char *attrs[] = { "*", "distinguishedName",
- "nTSecurityDescriptor",
- "parentGUID",
- "replPropertyMetaData",
- "unicodePwd",
- "dBCSPwd",
- "ntPwdHistory",
- "lmPwdHistory",
- "supplementalCredentials",
+ const char *attrs[] = { "uSNChanged",
+ "objectGUID" ,
NULL };
WERROR werr;
struct dcesrv_handle *h;
@@ -1398,10 +1392,11 @@ WERROR dcesrv_drsuapi_DsGetNCChanges(struct dcesrv_call_state *dce_call, TALLOC_
TODO: MS-DRSR section 4.1.10.1.1
Work out if this is the start of a new cycle */
- if (getnc_state->site_res == NULL) {
+ if (getnc_state->guids == NULL) {
char* search_filter;
enum ldb_scope scope = LDB_SCOPE_SUBTREE;
const char *extra_filter;
+ struct ldb_result *search_res;
if (req10->extended_op == DRSUAPI_EXOP_REPL_OBJ ||
req10->extended_op == DRSUAPI_EXOP_REPL_SECRET) {
@@ -1437,7 +1432,7 @@ WERROR dcesrv_drsuapi_DsGetNCChanges(struct dcesrv_call_state *dce_call, TALLOC_
DEBUG(2,(__location__ ": getncchanges on %s using filter %s\n",
ldb_dn_get_linearized(getnc_state->ncRoot_dn), search_filter));
- ret = drsuapi_search_with_extended_dn(sam_ctx, getnc_state, &getnc_state->site_res,
+ ret = drsuapi_search_with_extended_dn(sam_ctx, getnc_state, &search_res,
search_dn, scope, attrs,
search_filter);
if (ret != LDB_SUCCESS) {
@@ -1445,15 +1440,31 @@ WERROR dcesrv_drsuapi_DsGetNCChanges(struct dcesrv_call_state *dce_call, TALLOC_
}
if (req10->replica_flags & DRSUAPI_DRS_GET_ANC) {
- TYPESAFE_QSORT(getnc_state->site_res->msgs,
- getnc_state->site_res->count,
+ TYPESAFE_QSORT(search_res->msgs,
+ search_res->count,
site_res_cmp_parent_order);
} else {
- TYPESAFE_QSORT(getnc_state->site_res->msgs,
- getnc_state->site_res->count,
+ TYPESAFE_QSORT(search_res->msgs,
+ search_res->count,
site_res_cmp_usn_order);
}
+ /* extract out the GUIDs list */
+ getnc_state->num_records = search_res->count;
+ getnc_state->guids = talloc_array(getnc_state, struct GUID, getnc_state->num_records);
+ W_ERROR_HAVE_NO_MEMORY(getnc_state->guids);
+
+ for (i=0; i<getnc_state->num_records; i++) {
+ getnc_state->guids[i] = samdb_result_guid(search_res->msgs[i], "objectGUID");
+ if (GUID_all_zero(&getnc_state->guids[i])) {
+ DEBUG(2,("getncchanges: bad objectGUID from %s\n", ldb_dn_get_linearized(search_res->msgs[i]->dn)));
+ return WERR_DS_DRA_INTERNAL_ERROR;
+ }
+ }
+
+
+ talloc_free(search_res);
+
getnc_state->uptodateness_vector = talloc_steal(getnc_state, req10->uptodateness_vector);
if (getnc_state->uptodateness_vector) {
/* make sure its sorted */
@@ -1508,15 +1519,49 @@ WERROR dcesrv_drsuapi_DsGetNCChanges(struct dcesrv_call_state *dce_call, TALLOC_
max_links = lpcfg_parm_int(dce_call->conn->dce_ctx->lp_ctx, NULL, "drs", "max link sync", 1500);
for (i=getnc_state->num_sent;
- i<getnc_state->site_res->count &&
+ i<getnc_state->num_records &&
!null_scope &&
(r->out.ctr->ctr6.object_count < max_objects);
i++) {
int uSN;
struct drsuapi_DsReplicaObjectListItemEx *obj;
- struct ldb_message *msg = getnc_state->site_res->msgs[i];
+ struct ldb_message *msg;
+ const char *msg_attrs[] = { "*", "distinguishedName",
+ "nTSecurityDescriptor",
+ "parentGUID",
+ "replPropertyMetaData",
+ "unicodePwd",
+ "dBCSPwd",
+ "ntPwdHistory",
+ "lmPwdHistory",
+ "supplementalCredentials",
+ NULL };
+ struct ldb_result *msg_res;
+ struct ldb_dn *msg_dn;
obj = talloc_zero(mem_ctx, struct drsuapi_DsReplicaObjectListItemEx);
+ W_ERROR_HAVE_NO_MEMORY(obj);
+
+ msg_dn = ldb_dn_new_fmt(obj, sam_ctx, "<GUID=%s>", GUID_string(obj, &getnc_state->guids[i]));
+ W_ERROR_HAVE_NO_MEMORY(msg_dn);
+
+
+ /* by re-searching here we avoid having a lot of full
+ * records in memory between calls to getncchanges
+ */
+ ret = drsuapi_search_with_extended_dn(sam_ctx, obj, &msg_res,
+ msg_dn,
+ LDB_SCOPE_BASE, msg_attrs, NULL);
+ if (ret != LDB_SUCCESS) {
+ if (ret != LDB_ERR_NO_SUCH_OBJECT) {
+ DEBUG(1,("getncchanges: failed to fetch DN %s - %s\n",
+ ldb_dn_get_extended_linearized(obj, msg_dn, 1), ldb_errstring(sam_ctx)));
+ }
+ talloc_free(obj);
+ continue;
+ }
+
+ msg = msg_res->msgs[0];
werr = get_nc_changes_build_object(obj, msg,
sam_ctx, getnc_state->ncRoot_dn,
@@ -1567,11 +1612,14 @@ WERROR dcesrv_drsuapi_DsGetNCChanges(struct dcesrv_call_state *dce_call, TALLOC_
getnc_state->last_dn = ldb_dn_copy(getnc_state, msg->dn);
DEBUG(8,(__location__ ": replicating object %s\n", ldb_dn_get_linearized(msg->dn)));
+
+ talloc_free(msg_res);
+ talloc_free(msg_dn);
}
getnc_state->num_sent += r->out.ctr->ctr6.object_count;
- r->out.ctr->ctr6.nc_object_count = getnc_state->site_res->count;
+ r->out.ctr->ctr6.nc_object_count = getnc_state->num_records;
/* the client can us to call UpdateRefs on its behalf to
re-establish monitoring of the NC */
@@ -1618,7 +1666,7 @@ WERROR dcesrv_drsuapi_DsGetNCChanges(struct dcesrv_call_state *dce_call, TALLOC_
link_total = getnc_state->la_count;
- if (i < getnc_state->site_res->count) {
+ if (i < getnc_state->num_records) {
r->out.ctr->ctr6.more_data = true;
} else {
/* sort the whole array the first time */
@@ -1670,7 +1718,7 @@ WERROR dcesrv_drsuapi_DsGetNCChanges(struct dcesrv_call_state *dce_call, TALLOC_
(unsigned long long)(req10->highwatermark.highest_usn+1),
req10->replica_flags, drs_ObjectIdentifier_to_string(mem_ctx, ncRoot),
r->out.ctr->ctr6.object_count,
- i, r->out.ctr->ctr6.more_data?getnc_state->site_res->count:i,
+ i, r->out.ctr->ctr6.more_data?getnc_state->num_records:i,
r->out.ctr->ctr6.linked_attributes_count,
link_given, link_total,
dom_sid_string(mem_ctx, user_sid)));
diff --git a/source4/scripting/devel/drs/vampire_ad.sh b/source4/scripting/devel/drs/vampire_ad.sh
index 3b943a1..ec14b24 100755
--- a/source4/scripting/devel/drs/vampire_ad.sh
+++ b/source4/scripting/devel/drs/vampire_ad.sh
@@ -23,6 +23,6 @@ nsupdate -g nsupdate.txt
REALM="$(echo $DNSDOMAIN | tr '[a-z]' '[A-Z]')"
-sudo $GDB bin/net vampire $DNSDOMAIN -Uadministrator%$pass -s $PREFIX/etc/smb.conf --option=realm=$REALM --option="ads:dc function level=4" --option="ads:min function level=0" -d2 "$@" || exit 1
+sudo $GDB bin/samba-tool vampire $DNSDOMAIN -Uadministrator%$pass -s $PREFIX/etc/smb.conf --option=realm=$REALM --option="ads:dc function level=4" --option="ads:min function level=0" -d2 "$@" || exit 1
# PRIVATEDIR=$PREFIX/private sudo -E scripting/bin/setup_dns.sh $machine $DNSDOMAIN $machine_ip || exit 1
#sudo rndc flush
diff --git a/source4/scripting/python/samba/drs_utils.py b/source4/scripting/python/samba/drs_utils.py
index 4686259..a600c23 100644
--- a/source4/scripting/python/samba/drs_utils.py
+++ b/source4/scripting/python/samba/drs_utils.py
@@ -111,7 +111,7 @@ class drs_Replicate:
def replicate(self, dn, source_dsa_invocation_id, destination_dsa_guid,
- schema=False, exop=drsuapi.DRSUAPI_EXOP_NONE):
+ schema=False, exop=drsuapi.DRSUAPI_EXOP_NONE, rodc=False):
'''replicate a single DN'''
# setup for a GetNCChanges call
@@ -132,8 +132,9 @@ class drs_Replicate:
req8.replica_flags = (drsuapi.DRSUAPI_DRS_INIT_SYNC |
drsuapi.DRSUAPI_DRS_PER_SYNC |
drsuapi.DRSUAPI_DRS_GET_ANC |
- drsuapi.DRSUAPI_DRS_NEVER_SYNCED |
- drsuapi.DRSUAPI_DRS_SPECIAL_SECRET_PROCESSING)
+ drsuapi.DRSUAPI_DRS_NEVER_SYNCED)
+ if rodc:
+ req8.replica_flags |= drsuapi.DRSUAPI_DRS_SPECIAL_SECRET_PROCESSING
req8.max_object_count = 402
req8.max_ndr_size = 402116
req8.extended_op = exop
@@ -143,7 +144,7 @@ class drs_Replicate:
req8.mapping_ctr.num_mappings = 0
req8.mapping_ctr.mappings = None
- if not schema:
+ if not schema and rodc:
req8.partial_attribute_set = self.drs_get_rodc_partial_attribute_set()
while True:
diff --git a/source4/scripting/python/samba/join.py b/source4/scripting/python/samba/join.py
index 4fe0774..d57eb58 100644
--- a/source4/scripting/python/samba/join.py
+++ b/source4/scripting/python/samba/join.py
@@ -21,33 +21,100 @@
import samba.getopt as options
from samba.auth import system_session
from samba.samdb import SamDB
-from samba import gensec, Ldb
-import ldb, samba, sys
+from samba import gensec, Ldb, drs_utils
+import ldb, samba, sys, os, uuid
from samba.ndr import ndr_pack, ndr_unpack, ndr_print
-from samba.dcerpc import security
-from samba.dcerpc import drsuapi, misc, netlogon, nbt
+from samba.dcerpc import security, drsuapi, misc, netlogon, nbt
from samba.credentials import Credentials, DONT_USE_KERBEROS
from samba.provision import secretsdb_self_join, provision, FILL_DRS, find_setup_dir
+from samba.schema import Schema
from samba.net import Net
import logging
-from samba.drs_utils import drs_Replicate
from samba.dsdb import DS_DOMAIN_FUNCTION_2008_R2
import talloc
# this makes debugging easier
--
Samba Shared Repository
More information about the samba-cvs
mailing list