[SCM] Samba Shared Repository - branch master updated
Andrew Tridgell
tridge at samba.org
Tue Nov 16 18:17:01 MST 2010
The branch, master has been updated
via 27df2e5 s4-test: added testing of w2k3 DC join to test-howto.py
via 5524822 s4-join: fixed join to w2k3
via a82bc07 s4-join: show a reasonable error on DsAddEntry() failing
via 3f9c97d s4-join: enable NDR printing at debug levels >= 5
via 73fae2b s4-loadparm: set debuglevel and logfile in tables
via f401930 s4-loadparm: fixed a memory leak in handle_realm()
from deed2a9 s4-kdc Rework supported encryption type logic to match Microsoft
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master
- Log -----------------------------------------------------------------
commit 27df2e544a64385a66e65217c6ce2474dd598829
Author: Andrew Tridgell <tridge at samba.org>
Date: Wed Nov 17 11:29:50 2010 +1100
s4-test: added testing of w2k3 DC join to test-howto.py
Autobuild-User: Andrew Tridgell <tridge at samba.org>
Autobuild-Date: Wed Nov 17 01:16:19 UTC 2010 on sn-devel-104
commit 5524822a7280ca3356f4116d8fd4466b96d14e7f
Author: Andrew Tridgell <tridge at samba.org>
Date: Wed Nov 17 11:10:45 2010 +1100
s4-join: fixed join to w2k3
w2k3 does need msDS-Behavior-Version
commit a82bc073e2e7dd5eef13c64ad219fa1179df8aa7
Author: Andrew Tridgell <tridge at samba.org>
Date: Wed Nov 17 11:09:59 2010 +1100
s4-join: show a reasonable error on DsAddEntry() failing
DsAddEntry() gives errors in a reply container
commit 3f9c97dbc55826867d1978e09d69d365cff94643
Author: Andrew Tridgell <tridge at samba.org>
Date: Wed Nov 17 11:08:59 2010 +1100
s4-join: enable NDR printing at debug levels >= 5
this is handy for debugging joins
commit 73fae2b007cdb0a6bfe5740a0d119bbde52dd1ce
Author: Andrew Tridgell <tridge at samba.org>
Date: Wed Nov 17 11:07:12 2010 +1100
s4-loadparm: set debuglevel and logfile in tables
this allows the debug level and logfile to be queried from python
using lp.get(). Otheriwse they are set only in the globals, and not in
the tables.
commit f401930546dc719a9abd5a4b28315388a247dfc6
Author: Andrew Tridgell <tridge at samba.org>
Date: Wed Nov 17 11:06:33 2010 +1100
s4-loadparm: fixed a memory leak in handle_realm()
we need to free the lowercase and uppercase varients
-----------------------------------------------------------------------
Summary of changes:
source4/param/loadparm.c | 8 ++
source4/scripting/devel/howto/test-howto.py | 114 ++++++++++++++++++++++-----
source4/scripting/devel/howto/tridge.conf | 10 +++
source4/scripting/python/samba/join.py | 20 ++++-
4 files changed, 129 insertions(+), 23 deletions(-)
Changeset truncated at 500 lines:
diff --git a/source4/param/loadparm.c b/source4/param/loadparm.c
index 09d4f39..f60e4eb 100644
--- a/source4/param/loadparm.c
+++ b/source4/param/loadparm.c
@@ -1458,6 +1458,9 @@ static bool handle_realm(struct loadparm_context *lp_ctx,
{
string_set(lp_ctx, ptr, pszParmValue);
+ talloc_free(lp_ctx->globals->szRealm_upper);
+ talloc_free(lp_ctx->globals->szRealm_lower);
+
lp_ctx->globals->szRealm_upper = strupper_talloc(lp_ctx, pszParmValue);
lp_ctx->globals->szRealm_lower = strlower_talloc(lp_ctx, pszParmValue);
@@ -1524,6 +1527,10 @@ static bool handle_debuglevel(struct loadparm_context *lp_ctx,
{
DEBUGLEVEL = atoi(pszParmValue);
+ /* also set in the loadparm table, so querying debug level
+ works */
+ *(int *)ptr = DEBUGLEVEL;
+
return true;
}
@@ -1534,6 +1541,7 @@ static bool handle_logfile(struct loadparm_context *lp_ctx,
free(discard_const_p(char, logfile));
}
logfile = strdup(pszParmValue);
+ string_set(lp_ctx, ptr, pszParmValue);
return true;
}
diff --git a/source4/scripting/devel/howto/test-howto.py b/source4/scripting/devel/howto/test-howto.py
index 48e30ab..91903b3 100755
--- a/source4/scripting/devel/howto/test-howto.py
+++ b/source4/scripting/devel/howto/test-howto.py
@@ -107,6 +107,7 @@ def pexpect_spawn(cmd, timeout=60):
'''wrapper around pexpect spawn'''
cmd = substitute(cmd)
+ print("$ " + cmd)
ret = pexpect.spawn(cmd, logfile=sys.stdout, timeout=timeout)
def sendline_sub(line):
@@ -296,11 +297,13 @@ def test_win7():
child.expect("C:")
child.sendline("net use t: \\\\${HOSTNAME}.${LCREALM}\\test")
child.expect("The command completed successfully")
+ vm_poweroff("${WINDOWS7_VM}")
+
def join_w2k8():
print("Joining a w2k8 box to the domain as a DC")
- vm_poweroff("${WINDOWS_DC1}", checkfail=False)
- vm_restore("${WINDOWS_DC1}", "${WINDOWS_DC1_SNAPSHOT}")
+ vm_poweroff("${WINDOWS_DC1_VM}", checkfail=False)
+ vm_restore("${WINDOWS_DC1_VM}", "${WINDOWS_DC1_SNAPSHOT}")
ping_wait("${WINDOWS_DC1}")
port_wait("${WINDOWS_DC1}", 23)
child = pexpect_spawn("telnet ${WINDOWS_DC1} -l administrator")
@@ -380,7 +383,7 @@ def test_w2k8():
retry_cmd("bin/smbclient -L ${HOSTNAME} -Utest3%${PASSWORD3} -k yes", ['Sharename', 'IPC'])
print("Checking propogation of user deletion")
- run_cmd('bin/samba-tool user delete test2')
+ run_cmd('bin/samba-tool user delete test2 -Uadministrator@${LCREALM}%${PASSWORD1}')
child.sendline("net user test3 /del")
child.expect("The command completed successfully")
@@ -388,12 +391,13 @@ def test_w2k8():
retry_cmd("bin/smbclient -L ${HOSTNAME} -Utest3%${PASSWORD3} -k no", ['LOGON_FAILURE'])
retry_cmd("bin/smbclient -L ${WINDOWS_DC1} -Utest2%${PASSWORD2} -k yes", ['NT_STATUS_UNSUCCESSFUL'])
retry_cmd("bin/smbclient -L ${HOSTNAME} -Utest3%${PASSWORD3} -k yes", ['NT_STATUS_UNSUCCESSFUL'])
+ vm_poweroff("${WINDOWS_DC1_VM}")
def join_w2k8_rodc():
print("Joining a w2k8 box to the domain as a RODC")
- vm_poweroff("${WINDOWS_DC2}", checkfail=False)
- vm_restore("${WINDOWS_DC2}", "${WINDOWS_DC2_SNAPSHOT}")
+ vm_poweroff("${WINDOWS_DC2_VM}", checkfail=False)
+ vm_restore("${WINDOWS_DC2_VM}", "${WINDOWS_DC2_SNAPSHOT}")
ping_wait("${WINDOWS_DC2}")
port_wait("${WINDOWS_DC2}", 23)
child = pexpect_spawn("telnet ${WINDOWS_DC2} -l administrator")
@@ -467,42 +471,45 @@ def test_w2k8_rodc():
run_cmd('bin/samba-tool newuser test2 ${PASSWORD2}')
retry_cmd("bin/smbclient -L ${WINDOWS_DC2} -Utest2%${PASSWORD2} -k no", ['Sharename', 'Remote IPC'])
retry_cmd("bin/smbclient -L ${WINDOWS_DC2} -Utest2%${PASSWORD2} -k yes", ['Sharename', 'Remote IPC'])
- run_cmd('bin/samba-tool user delete test2')
+ run_cmd('bin/samba-tool user delete test2 -Uadministrator@${LCREALM}%${PASSWORD1}')
retry_cmd("bin/smbclient -L ${WINDOWS_DC2} -Utest2%${PASSWORD2}", ['LOGON_FAILURE'])
+ vm_poweroff("${WINDOWS_DC2_VM}")
+
def vampire_w2k8():
print("Joining w2k8 as a second DC")
chdir('${PREFIX}')
- vm_poweroff("${WINDOWS_DC3}", checkfail=False)
- vm_restore("${WINDOWS_DC3}", "${WINDOWS_DC3_SNAPSHOT}")
+ run_cmd('killall -9 -q samba smbd nmbd winbindd', checkfail=False)
+ vm_poweroff("${WINDOWS_DC3_VM}", checkfail=False)
+ vm_restore("${WINDOWS_DC3_VM}", "${WINDOWS_DC3_SNAPSHOT}")
run_cmd('${RNDC} flush')
run_cmd("rm -rf etc private")
- retry_cmd("bin/samba-tool drs showrepl ${WINDOWS_DC3} -Uadministrator%${WINDOWS_DC3_PASS}", )
- run_cmd('bin/samba-tool join ${LCREALM_WINDOWS} DC -Uadministrator%${WINDOWS_DC3_PASS}')
- run_cmd('bin/samba-tool drs kcc ${WINDOWS_DC3} -Uadministrator@${LCREALM_WINDOWS}%${WINDOWS_DC3_PASS}')
+ retry_cmd("bin/samba-tool drs showrepl ${WINDOWS_DC3} -Uadministrator%${WINDOWS_DC3_PASS}", ['INBOUND NEIGHBORS'] )
+ run_cmd('bin/samba-tool join ${WINDOWS_DC3_REALM} DC -Uadministrator%${WINDOWS_DC3_PASS}')
+ run_cmd('bin/samba-tool drs kcc ${WINDOWS_DC3} -Uadministrator@${WINDOWS_DC3_REALM}%${WINDOWS_DC3_PASS}')
def test_vampire():
print("Checking the DC join is OK")
chdir('${PREFIX}')
- retry_cmd('bin/smbclient -L blu.${LCREALM_WINDOWS} -Uadministrator@${LCREALM_WINDOWS}%${WINDOWS_DC3_PASS}', ["C$", "IPC$", "Sharename"])
- cmd_contains("host -t A blu.${LCREALM_WINDOWS}.", ['has address'])
+ retry_cmd('bin/smbclient -L ${HOSTNAME}.${WINDOWS_DC3_REALM} -Uadministrator@${WINDOWS_DC3_REALM}%${WINDOWS_DC3_PASS}', ["C$", "IPC$", "Sharename"])
+ cmd_contains("host -t A ${HOSTNAME}.${WINDOWS_DC3_REALM}.", ['has address'])
port_wait("${WINDOWS_DC3}", 23)
- child = pexpect_spawn("telnet ${WINDOWS_DC3} -l 'v2\\administrator'")
+ child = pexpect_spawn("telnet ${WINDOWS_DC3} -l '${WINDOWS_DC3_DOMAIN}\\administrator'")
child.expect("Welcome to Microsoft Telnet Service")
child.expect("password:")
child.sendline("${WINDOWS_DC3_PASS}")
child.expect("C:")
- child.sendline("net use t: \\\\${HOSTNAME}.${LCREALM_WINDOWS}\\test")
+ child.sendline("net use t: \\\\${HOSTNAME}.${WINDOWS_DC3_REALM}\\test")
child.expect("The command completed successfully")
print("Checking if showrepl is happy")
child.sendline("repadmin /showrepl")
- child.expect("DC=v2,DC=tridgell,DC=net")
+ child.expect("${WINDOWS_DC3_BASEDN}")
child.expect("was successful")
- child.expect("CN=Configuration,DC=v2,DC=tridgell,DC=net")
+ child.expect("CN=Configuration,${WINDOWS_DC3_BASEDN}")
child.expect("was successful")
- child.expect("CN=Schema,CN=Configuration,DC=v2,DC=tridgell,DC=net")
+ child.expect("CN=Schema,CN=Configuration,${WINDOWS_DC3_BASEDN}")
child.expect("was successful")
print("Checking if new users propogate to windows")
@@ -517,7 +524,66 @@ def test_vampire():
retry_cmd("bin/smbclient -L ${HOSTNAME} -Utest2%${PASSWORD2} -k yes", ['Sharename', 'IPC'])
print("Checking propogation of user deletion")
- run_cmd('bin/samba-tool user delete test2')
+ run_cmd('bin/samba-tool user delete test2 -Uadministrator@${WINDOWS_DC3_REALM}%${WINDOWS_DC3_PASS}')
+ child.sendline("net user test3 /del")
+ child.expect("The command completed successfully")
+
+ retry_cmd("bin/smbclient -L ${WINDOWS_DC1} -Utest2%${PASSWORD2} -k no", ['LOGON_FAILURE'])
+ retry_cmd("bin/smbclient -L ${HOSTNAME} -Utest2%${PASSWORD2} -k no", ['LOGON_FAILURE'])
+ retry_cmd("bin/smbclient -L ${WINDOWS_DC1} -Utest2%${PASSWORD2} -k yes", ['NT_STATUS_UNSUCCESSFUL'])
+ retry_cmd("bin/smbclient -L ${HOSTNAME} -Utest2%${PASSWORD2} -k yes", ['NT_STATUS_UNSUCCESSFUL'])
+ vm_poweroff("${WINDOWS_DC3_VM}")
+
+
+def vampire_w2k3():
+ print("Joining w2k3 as a second DC")
+ chdir('${PREFIX}')
+ run_cmd('killall -9 -q samba smbd nmbd winbindd', checkfail=False)
+ vm_poweroff("${WINDOWS_DC4_VM}", checkfail=False)
+ vm_restore("${WINDOWS_DC4_VM}", "${WINDOWS_DC4_SNAPSHOT}")
+ run_cmd('${RNDC} flush')
+ run_cmd("rm -rf etc private")
+ retry_cmd("bin/samba-tool drs showrepl ${WINDOWS_DC4} -Uadministrator%${WINDOWS_DC4_PASS}", ['INBOUND NEIGHBORS'] )
+ run_cmd('bin/samba-tool join ${WINDOWS_DC4_REALM} DC -Uadministrator%${WINDOWS_DC4_PASS} -d1')
+ run_cmd('bin/samba-tool drs kcc ${WINDOWS_DC4} -Uadministrator@${WINDOWS_DC4_REALM}%${WINDOWS_DC4_PASS}')
+
+
+def test_vampire_w2k3():
+ print("Checking the DC join is OK")
+ chdir('${PREFIX}')
+ retry_cmd('bin/smbclient -L ${HOSTNAME}.${WINDOWS_DC4_REALM} -Uadministrator@${WINDOWS_DC4_REALM}%${WINDOWS_DC4_PASS}', ["C$", "IPC$", "Sharename"])
+ cmd_contains("host -t A ${HOSTNAME}.${WINDOWS_DC4_REALM}.", ['has address'])
+ port_wait("${WINDOWS_DC4}", 23)
+ child = pexpect_spawn("telnet ${WINDOWS_DC4} -l '${WINDOWS_DC4_DOMAIN}\\administrator'")
+ child.expect("Welcome to Microsoft Telnet Service")
+ child.expect("password:")
+ child.sendline("${WINDOWS_DC4_PASS}")
+ child.expect("C:")
+ child.sendline("net use t: \\\\${HOSTNAME}.${WINDOWS_DC4_REALM}\\test")
+ child.expect("The command completed successfully")
+
+ print("Checking if showrepl is happy")
+ child.sendline("repadmin /showrepl")
+ child.expect("${WINDOWS_DC4_BASEDN}")
+ child.expect("was successful")
+ child.expect("CN=Configuration,${WINDOWS_DC4_BASEDN}")
+ child.expect("was successful")
+ child.expect("CN=Schema,CN=Configuration,${WINDOWS_DC4_BASEDN}")
+ child.expect("was successful")
+
+ print("Checking if new users propogate to windows")
+ run_cmd('bin/samba-tool newuser test2 ${PASSWORD2}')
+ retry_cmd("bin/smbclient -L ${WINDOWS_DC4} -Utest2%${PASSWORD2} -k no", ['Sharename', 'Remote IPC'])
+ retry_cmd("bin/smbclient -L ${WINDOWS_DC4} -Utest2%${PASSWORD2} -k yes", ['Sharename', 'Remote IPC'])
+
+ print("Checking if new users on windows propogate to samba")
+ child.sendline("net user test3 ${PASSWORD3} /add")
+ child.expect("The command completed successfully")
+ retry_cmd("bin/smbclient -L ${HOSTNAME} -Utest2%${PASSWORD2} -k no", ['Sharename', 'IPC'])
+ retry_cmd("bin/smbclient -L ${HOSTNAME} -Utest2%${PASSWORD2} -k yes", ['Sharename', 'IPC'])
+
+ print("Checking propogation of user deletion")
+ run_cmd('bin/samba-tool user delete test2 -Uadministrator@${WINDOWS_DC4_REALM}%${WINDOWS_DC4_PASS}')
child.sendline("net user test3 /del")
child.expect("The command completed successfully")
@@ -525,6 +591,7 @@ def test_vampire():
retry_cmd("bin/smbclient -L ${HOSTNAME} -Utest2%${PASSWORD2} -k no", ['LOGON_FAILURE'])
retry_cmd("bin/smbclient -L ${WINDOWS_DC1} -Utest2%${PASSWORD2} -k yes", ['NT_STATUS_UNSUCCESSFUL'])
retry_cmd("bin/smbclient -L ${HOSTNAME} -Utest2%${PASSWORD2} -k yes", ['NT_STATUS_UNSUCCESSFUL'])
+ vm_poweroff("${WINDOWS_DC4_VM}")
@@ -548,10 +615,13 @@ restart_bind()
test_dns()
test_kerberos()
test_dyndns()
+
join_win7()
test_win7()
+
join_w2k8_rodc()
test_w2k8_rodc()
+
join_w2k8()
test_w2k8()
@@ -561,4 +631,10 @@ start_s4('${PREFIX}', interfaces='${INTERFACES}')
test_dyndns()
test_vampire()
+vampire_w2k3()
+create_shares()
+start_s4('${PREFIX}', interfaces='${INTERFACES}')
+test_dyndns()
+test_vampire_w2k3()
+
print("All OK")
diff --git a/source4/scripting/devel/howto/tridge.conf b/source4/scripting/devel/howto/tridge.conf
index 5b184b6..11fc592 100644
--- a/source4/scripting/devel/howto/tridge.conf
+++ b/source4/scripting/devel/howto/tridge.conf
@@ -46,7 +46,17 @@ WINDOWS_DC2_SNAPSHOT : howto-test2
# Samba will join this VM as a DC
WINDOWS_DC3 : w2k8
WINDOWS_DC3_VM : w2k8r2
+WINDOWS_DC3_BASEDN : DC=v2,DC=tridgell,DC=net
WINDOWS_DC3_REALM : v2.tridgell.net
WINDOWS_DC3_DOMAIN : v2
WINDOWS_DC3_PASS : p at ssw0rd5
WINDOWS_DC3_SNAPSHOT : howto-test
+
+# Samba will join this w2k3 box as a DC
+WINDOWS_DC4 : w2k3
+WINDOWS_DC4_VM : w2003
+WINDOWS_DC4_BASEDN : DC=vsofs3,DC=com
+WINDOWS_DC4_REALM : vsofs3.com
+WINDOWS_DC4_DOMAIN : vsofs3
+WINDOWS_DC4_PASS : penguin
+WINDOWS_DC4_SNAPSHOT : howto-test
diff --git a/source4/scripting/python/samba/join.py b/source4/scripting/python/samba/join.py
index 45c7954..1ead926 100644
--- a/source4/scripting/python/samba/join.py
+++ b/source4/scripting/python/samba/join.py
@@ -233,7 +233,10 @@ class dc_join:
def drsuapi_connect(ctx):
'''make a DRSUAPI connection to the server'''
- binding_string = "ncacn_ip_tcp:%s[seal]" % ctx.server
+ binding_options = "seal"
+ if ctx.lp.get("log level") >= 5:
+ binding_options += ",print"
+ binding_string = "ncacn_ip_tcp:%s[%s]" % (ctx.server, binding_options)
ctx.drsuapi = drsuapi.drsuapi(binding_string, ctx.lp, ctx.creds)
(ctx.drsuapi_handle, ctx.bind_supported_extensions) = drs_utils.drs_DsBind(ctx.drsuapi)
@@ -291,7 +294,12 @@ class dc_join:
req2.first_object = first_object
(level, ctr) = ctx.drsuapi.DsAddEntry(ctx.drsuapi_handle, 2, req2)
-
+ if ctr.err_ver != 1:
+ raise RuntimeError("expected err_ver 1, got %u" % ctr.err_ver)
+ if ctr.err_data.status != (0, 'WERR_OK'):
+ print("DsAddEntry failed with status %s info %s" % (ctr.err_data.status,
+ ctr.err_data.info.extended_err))
+ raise RuntimeError("DsAddEntry failed")
def join_add_objects(ctx):
'''add the various objects needed for the join'''
@@ -335,7 +343,7 @@ class dc_join:
"systemFlags" : str(samba.dsdb.SYSTEM_FLAG_DISALLOW_MOVE_ON_DELETE),
"dMDLocation" : ctx.schema_dn}
- if ctx.behavior_version >= samba.dsdb.DS_DOMAIN_FUNCTION_2008:
+ if ctx.behavior_version >= samba.dsdb.DS_DOMAIN_FUNCTION_2003:
rec["msDS-Behavior-Version"] = str(ctx.behavior_version)
if ctx.behavior_version >= samba.dsdb.DS_DOMAIN_FUNCTION_2003:
@@ -439,7 +447,11 @@ class dc_join:
else:
repl_creds = ctx.creds
- repl = drs_utils.drs_Replicate("ncacn_ip_tcp:%s[seal]" % ctx.server, ctx.lp, repl_creds, ctx.local_samdb)
+ binding_options = "seal"
+ if ctx.lp.get("debug level") >= 5:
+ binding_options += ",print"
+ repl = drs_utils.drs_Replicate("ncacn_ip_tcp:%s[%s]" % (ctx.server, binding_options),
+ ctx.lp, repl_creds, ctx.local_samdb)
repl.replicate(ctx.schema_dn, source_dsa_invocation_id, destination_dsa_guid,
schema=True, rodc=ctx.RODC,
--
Samba Shared Repository
More information about the samba-cvs
mailing list