[SCM] Samba Shared Repository - branch master updated
Andrew Bartlett
abartlet at samba.org
Fri Jul 6 08:55:02 MDT 2012
The branch, master has been updated
via 4654dca s4-selftest: do a dbcheck on our two vampire DCs
via f9d9092 s4-dbcheck: Check for an object without a parent
via 7782e33 s4-dsdb: Remove unused variables in py_dsdb_get_partitions_dn
via 023508e pydsdb: Add bindings for dsdb_wellknown_dn()
via 979215a pyldb: Add bindings for ldb_dn_remove_base_components
via e4077a8 s4-pydsdb: Add bindings for dsdb_find_nc_root()
via 507e6fd s4-pydsdb: Improve PyErr_LDB_{DN,}_OR_RAISE to use py_check_dcerpc_type
via 8d99b39 pyldb: Fix dn concat operation to be the other way around
via 7285ed5 auth: Common function for retrieving PAC_LOGIN_INFO from PAC
from a49eb60 s4-lsarpc: DCERPC_FAULT_ACCESS_DENIED for tcp
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master
- Log -----------------------------------------------------------------
commit 4654dcaae77264b50600bfcd592f0d1658af5c32
Author: Andrew Bartlett <abartlet at samba.org>
Date: Fri Jul 6 20:55:43 2012 +1000
s4-selftest: do a dbcheck on our two vampire DCs
However, due to using --domain-critical-only we have to knownfail the
vampire DC here, as we do not fill in the backlinks on non-critical
objects correctly.
Andrew Bartlett
Autobuild-User(master): Andrew Bartlett <abartlet at samba.org>
Autobuild-Date(master): Fri Jul 6 16:54:10 CEST 2012 on sn-devel-104
commit f9d90922f577dfedfca967e2b7112e0714ea414d
Author: Andrew Bartlett <abartlet at samba.org>
Date: Fri Jul 6 19:59:09 2012 +1000
s4-dbcheck: Check for an object without a parent
Such objects are then moved to the appropriate LostAndFound container,
just as they would be if replicated.
Andrew Bartlett
commit 7782e334b9ce6c0517136ae25be4e4f0629e0059
Author: Andrew Bartlett <abartlet at samba.org>
Date: Fri Jul 6 19:58:51 2012 +1000
s4-dsdb: Remove unused variables in py_dsdb_get_partitions_dn
commit 023508ed17155309013ec684fa49d2d76d030dd0
Author: Andrew Bartlett <abartlet at samba.org>
Date: Fri Jul 6 19:57:58 2012 +1000
pydsdb: Add bindings for dsdb_wellknown_dn()
commit 979215ad59e3a1dcb2dddeb1749d8f2eb1a920c3
Author: Andrew Bartlett <abartlet at samba.org>
Date: Fri Jul 6 19:57:10 2012 +1000
pyldb: Add bindings for ldb_dn_remove_base_components
commit e4077a8ca57c044bdd177dba1cbb81c3b802fe4c
Author: Andrew Bartlett <abartlet at samba.org>
Date: Fri Jul 6 18:12:58 2012 +1000
s4-pydsdb: Add bindings for dsdb_find_nc_root()
commit 507e6fdce520999c5b29b3c98de945c4ff96c9a9
Author: Andrew Bartlett <abartlet at samba.org>
Date: Fri Jul 6 20:48:34 2012 +1000
s4-pydsdb: Improve PyErr_LDB_{DN,}_OR_RAISE to use py_check_dcerpc_type
This checks the type rather than just dereferencing the pointer.
Andrew Bartlett
commit 8d99b398d923d924088d4682a97bae38ccda0b0d
Author: Andrew Bartlett <abartlet at samba.org>
Date: Fri Jul 6 20:41:10 2012 +1000
pyldb: Fix dn concat operation to be the other way around
This now concatonates Dn(ldb, "cn=config") + Dn(ldb, "dc=samba,dc=org") as "cn=config,dc=samba,dc=org"
Andrew Bartlett
commit 7285ed586f129d45843f98c359003d9ac88cf5cb
Author: Christof Schmitt <christof.schmitt at us.ibm.com>
Date: Thu Jul 5 13:17:00 2012 -0700
auth: Common function for retrieving PAC_LOGIN_INFO from PAC
Several functions use the same logic as kerberos_pac_logon_info. Move
kerberos_pac_logon_info to common code and reuse it to remove the code
duplication.
Signed-off-by: Andrew Bartlett <abartlet at samba.org>
-----------------------------------------------------------------------
Summary of changes:
auth/kerberos/kerberos_pac.c | 37 ++++++++++++++
auth/kerberos/pac_utils.h | 10 ++++
lib/ldb/pyldb.c | 17 ++++++-
lib/ldb/tests/python/api.py | 7 ++-
selftest/knownfail | 1 +
source3/auth/auth_generic.c | 28 +----------
source3/libads/authdata.c | 29 +----------
source3/utils/ntlm_auth.c | 28 +----------
source4/auth/kerberos/kerberos.h | 8 ---
source4/auth/kerberos/kerberos_pac.c | 37 --------------
source4/dsdb/pydsdb.c | 72 +++++++++++++++++++++++++--
source4/scripting/python/samba/dbchecker.py | 44 ++++++++++++++++
source4/scripting/python/samba/samdb.py | 6 ++
source4/selftest/tests.py | 2 +-
14 files changed, 195 insertions(+), 131 deletions(-)
Changeset truncated at 500 lines:
diff --git a/auth/kerberos/kerberos_pac.c b/auth/kerberos/kerberos_pac.c
index eacf39d..80f31d8 100644
--- a/auth/kerberos/kerberos_pac.c
+++ b/auth/kerberos/kerberos_pac.c
@@ -402,4 +402,41 @@ NTSTATUS kerberos_decode_pac(TALLOC_CTX *mem_ctx,
return NT_STATUS_OK;
}
+NTSTATUS kerberos_pac_logon_info(TALLOC_CTX *mem_ctx,
+ DATA_BLOB blob,
+ krb5_context context,
+ const krb5_keyblock *krbtgt_keyblock,
+ const krb5_keyblock *service_keyblock,
+ krb5_const_principal client_principal,
+ time_t tgs_authtime,
+ struct PAC_LOGON_INFO **logon_info)
+{
+ NTSTATUS nt_status;
+ struct PAC_DATA *pac_data;
+ int i;
+ nt_status = kerberos_decode_pac(mem_ctx,
+ blob,
+ context,
+ krbtgt_keyblock,
+ service_keyblock,
+ client_principal,
+ tgs_authtime,
+ &pac_data);
+ if (!NT_STATUS_IS_OK(nt_status)) {
+ return nt_status;
+ }
+
+ *logon_info = NULL;
+ for (i=0; i < pac_data->num_buffers; i++) {
+ if (pac_data->buffers[i].type != PAC_TYPE_LOGON_INFO) {
+ continue;
+ }
+ *logon_info = pac_data->buffers[i].info->logon_info.info;
+ }
+ if (!*logon_info) {
+ return NT_STATUS_INVALID_PARAMETER;
+ }
+ return NT_STATUS_OK;
+}
+
#endif
diff --git a/auth/kerberos/pac_utils.h b/auth/kerberos/pac_utils.h
index d654bec..b9b6664 100644
--- a/auth/kerberos/pac_utils.h
+++ b/auth/kerberos/pac_utils.h
@@ -26,6 +26,7 @@
struct PAC_SIGNATURE_DATA;
struct PAC_DATA;
+struct PAC_LOGON_INFO;
krb5_error_code check_pac_checksum(DATA_BLOB pac_data,
struct PAC_SIGNATURE_DATA *sig,
@@ -41,6 +42,15 @@ NTSTATUS kerberos_decode_pac(TALLOC_CTX *mem_ctx,
time_t tgs_authtime,
struct PAC_DATA **pac_data_out);
+NTSTATUS kerberos_pac_logon_info(TALLOC_CTX *mem_ctx,
+ DATA_BLOB blob,
+ krb5_context context,
+ const krb5_keyblock *krbtgt_keyblock,
+ const krb5_keyblock *service_keyblock,
+ krb5_const_principal client_principal,
+ time_t tgs_authtime,
+ struct PAC_LOGON_INFO **logon_info);
+
NTSTATUS gssapi_obtain_pac_blob(TALLOC_CTX *mem_ctx,
gss_ctx_id_t gssapi_context,
gss_name_t gss_client_name,
diff --git a/lib/ldb/pyldb.c b/lib/ldb/pyldb.c
index 4554886..8c9d6b9 100644
--- a/lib/ldb/pyldb.c
+++ b/lib/ldb/pyldb.c
@@ -529,6 +529,18 @@ static PyObject *py_ldb_dn_add_base(PyLdbDnObject *self, PyObject *args)
return ldb_dn_add_base(dn, other)?Py_True:Py_False;
}
+static PyObject *py_ldb_dn_remove_base_components(PyLdbDnObject *self, PyObject *args)
+{
+ struct ldb_dn *dn;
+ int i;
+ if (!PyArg_ParseTuple(args, "i", &i))
+ return NULL;
+
+ dn = pyldb_Dn_AsDn((PyObject *)self);
+
+ return ldb_dn_remove_base_components(dn, i)?Py_True:Py_False;
+}
+
static PyObject *py_ldb_dn_is_child_of(PyLdbDnObject *self, PyObject *args)
{
PyObject *py_base;
@@ -579,6 +591,9 @@ static PyMethodDef py_ldb_dn_methods[] = {
{ "add_base", (PyCFunction)py_ldb_dn_add_base, METH_VARARGS,
"S.add_base(dn) -> None\n"
"Add a base DN to this DN." },
+ { "remove_base_components", (PyCFunction)py_ldb_dn_remove_base_components, METH_VARARGS,
+ "S.remove_base_components(int) -> bool\n"
+ "Remove a number of DN components from the base of this DN." },
{ "check_special", (PyCFunction)py_ldb_dn_check_special, METH_VARARGS,
"S.check_special(name) -> bool\n\n"
"Check if name is a special DN name"},
@@ -629,7 +644,7 @@ static PyObject *py_ldb_dn_concat(PyLdbDnObject *self, PyObject *py_other)
}
py_ret->mem_ctx = talloc_new(NULL);
py_ret->dn = ldb_dn_copy(py_ret->mem_ctx, dn);
- ldb_dn_add_child(py_ret->dn, other);
+ ldb_dn_add_base(py_ret->dn, other);
return (PyObject *)py_ret;
}
diff --git a/lib/ldb/tests/python/api.py b/lib/ldb/tests/python/api.py
index 7cd8f03..7df40e4 100755
--- a/lib/ldb/tests/python/api.py
+++ b/lib/ldb/tests/python/api.py
@@ -414,7 +414,12 @@ class DnTests(TestCase):
def test_add(self):
x = ldb.Dn(self.ldb, "dc=foo24")
y = ldb.Dn(self.ldb, "bar=bla")
- self.assertEquals("dc=foo24,bar=bla", str(y + x))
+ self.assertEquals("dc=foo24,bar=bla", str(x + y))
+
+ def test_remove_base_components(self):
+ x = ldb.Dn(self.ldb, "dc=foo24,dc=samba,dc=org")
+ x.remove_base_components(len(x)-1)
+ self.assertEquals("dc=foo24", str(x))
def test_parse_ldif(self):
msgs = self.ldb.parse_ldif("dn: foo=bar\n")
diff --git a/selftest/knownfail b/selftest/knownfail
index f68db5a..e5bff1b 100644
--- a/selftest/knownfail
+++ b/selftest/knownfail
@@ -152,6 +152,7 @@
^samba4.ldap.acl.*.AclSearchTests.test_search6\(.*\)$ # ACL search behaviour not enabled by default
^samba4.rpc.lsa.forest.trust #Not fully provided by Samba4
^samba4.blackbox.kinit\(.*\).kinit with user password for expired password\(.*\) # We need to work out why this fails only during the pw change
+^samba4.blackbox.dbcheck\(vampire_dc\).dbcheck\(vampire_dc:local\) # Due to replicating with --domain-critical-only we fail dbcheck on this database
^samba3.smb2.create.gentest
^samba3.smb2.create.blob
^samba3.smb2.create.open
diff --git a/source3/auth/auth_generic.c b/source3/auth/auth_generic.c
index 82b376f..80f5fa7 100644
--- a/source3/auth/auth_generic.c
+++ b/source3/auth/auth_generic.c
@@ -42,9 +42,7 @@ static NTSTATUS auth3_generate_session_info_pac(struct auth4_context *auth_ctx,
struct auth_session_info **session_info)
{
TALLOC_CTX *tmp_ctx;
- struct PAC_DATA *pac_data = NULL;
struct PAC_LOGON_INFO *logon_info = NULL;
- unsigned int i;
bool is_mapped;
bool is_guest;
char *ntuser;
@@ -62,36 +60,14 @@ static NTSTATUS auth3_generate_session_info_pac(struct auth4_context *auth_ctx,
if (pac_blob) {
#ifdef HAVE_KRB5
- status = kerberos_decode_pac(tmp_ctx,
- *pac_blob,
- NULL, NULL, NULL, NULL, 0, &pac_data);
+ status = kerberos_pac_logon_info(tmp_ctx, *pac_blob, NULL, NULL,
+ NULL, NULL, 0, &logon_info);
#else
status = NT_STATUS_ACCESS_DENIED;
#endif
if (!NT_STATUS_IS_OK(status)) {
goto done;
}
-
- /* get logon name and logon info */
- for (i = 0; i < pac_data->num_buffers; i++) {
- struct PAC_BUFFER *data_buf = &pac_data->buffers[i];
-
- switch (data_buf->type) {
- case PAC_TYPE_LOGON_INFO:
- if (!data_buf->info) {
- break;
- }
- logon_info = data_buf->info->logon_info.info;
- break;
- default:
- break;
- }
- }
- if (!logon_info) {
- DEBUG(1, ("Invalid PAC data, missing logon info!\n"));
- status = NT_STATUS_NOT_FOUND;
- goto done;
- }
}
rc = get_remote_hostname(remote_address,
diff --git a/source3/libads/authdata.c b/source3/libads/authdata.c
index 60897bf..2c667a6 100644
--- a/source3/libads/authdata.c
+++ b/source3/libads/authdata.c
@@ -51,9 +51,7 @@ static NTSTATUS kerberos_fetch_pac(struct auth4_context *auth_ctx,
struct auth_session_info **session_info)
{
TALLOC_CTX *tmp_ctx;
- struct PAC_DATA *pac_data = NULL;
struct PAC_LOGON_INFO *logon_info = NULL;
- unsigned int i;
NTSTATUS status = NT_STATUS_INTERNAL_ERROR;
tmp_ctx = talloc_new(mem_ctx);
@@ -62,34 +60,13 @@ static NTSTATUS kerberos_fetch_pac(struct auth4_context *auth_ctx,
}
if (pac_blob) {
- status = kerberos_decode_pac(tmp_ctx,
- *pac_blob,
- NULL, NULL, NULL, NULL, 0, &pac_data);
+ status = kerberos_pac_logon_info(tmp_ctx, *pac_blob, NULL, NULL,
+ NULL, NULL, 0, &logon_info);
if (!NT_STATUS_IS_OK(status)) {
goto done;
}
-
- /* get logon name and logon info */
- for (i = 0; i < pac_data->num_buffers; i++) {
- struct PAC_BUFFER *data_buf = &pac_data->buffers[i];
-
- switch (data_buf->type) {
- case PAC_TYPE_LOGON_INFO:
- if (!data_buf->info) {
- break;
- }
- logon_info = data_buf->info->logon_info.info;
- break;
- default:
- break;
- }
- }
- if (!logon_info) {
- DEBUG(1, ("Invalid PAC data, missing logon info!\n"));
- status = NT_STATUS_NOT_FOUND;
- goto done;
- }
}
+
talloc_set_name_const(logon_info, "struct PAC_LOGON_INFO");
auth_ctx->private_data = talloc_steal(auth_ctx, logon_info);
diff --git a/source3/utils/ntlm_auth.c b/source3/utils/ntlm_auth.c
index a832b5b..afb51e9 100644
--- a/source3/utils/ntlm_auth.c
+++ b/source3/utils/ntlm_auth.c
@@ -716,9 +716,7 @@ static NTSTATUS ntlm_auth_generate_session_info_pac(struct auth4_context *auth_c
struct auth_session_info **session_info)
{
TALLOC_CTX *tmp_ctx;
- struct PAC_DATA *pac_data = NULL;
struct PAC_LOGON_INFO *logon_info = NULL;
- unsigned int i;
char *unixuser;
NTSTATUS status;
char *domain = NULL;
@@ -733,36 +731,14 @@ static NTSTATUS ntlm_auth_generate_session_info_pac(struct auth4_context *auth_c
if (pac_blob) {
#ifdef HAVE_KRB5
- status = kerberos_decode_pac(tmp_ctx,
- *pac_blob,
- NULL, NULL, NULL, NULL, 0, &pac_data);
+ status = kerberos_pac_logon_info(tmp_ctx, *pac_blob, NULL, NULL,
+ NULL, NULL, 0, &logon_info);
#else
status = NT_STATUS_ACCESS_DENIED;
#endif
if (!NT_STATUS_IS_OK(status)) {
goto done;
}
-
- /* get logon name and logon info */
- for (i = 0; i < pac_data->num_buffers; i++) {
- struct PAC_BUFFER *data_buf = &pac_data->buffers[i];
-
- switch (data_buf->type) {
- case PAC_TYPE_LOGON_INFO:
- if (!data_buf->info) {
- break;
- }
- logon_info = data_buf->info->logon_info.info;
- break;
- default:
- break;
- }
- }
- if (!logon_info) {
- DEBUG(1, ("Invalid PAC data, missing logon info!\n"));
- status = NT_STATUS_NOT_FOUND;
- goto done;
- }
}
DEBUG(3, ("Kerberos ticket principal name is [%s]\n", princ_name));
diff --git a/source4/auth/kerberos/kerberos.h b/source4/auth/kerberos/kerberos.h
index 707426d..51b8055 100644
--- a/source4/auth/kerberos/kerberos.h
+++ b/source4/auth/kerberos/kerberos.h
@@ -83,14 +83,6 @@ const krb5_data *krb5_princ_component(krb5_context context, krb5_principal princ
#endif
/* Samba wrapper function for krb5 functionality. */
-NTSTATUS kerberos_pac_logon_info(TALLOC_CTX *mem_ctx,
- DATA_BLOB blob,
- krb5_context context,
- const krb5_keyblock *krbtgt_keyblock,
- const krb5_keyblock *service_keyblock,
- krb5_const_principal client_principal,
- time_t tgs_authtime,
- struct PAC_LOGON_INFO **logon_info);
krb5_error_code kerberos_encode_pac(TALLOC_CTX *mem_ctx,
struct PAC_DATA *pac_data,
krb5_context context,
diff --git a/source4/auth/kerberos/kerberos_pac.c b/source4/auth/kerberos/kerberos_pac.c
index 85b6263..76c1d99 100644
--- a/source4/auth/kerberos/kerberos_pac.c
+++ b/source4/auth/kerberos/kerberos_pac.c
@@ -33,43 +33,6 @@
#include "auth/kerberos/kerberos_util.h"
#include "auth/kerberos/pac_utils.h"
-_PUBLIC_ NTSTATUS kerberos_pac_logon_info(TALLOC_CTX *mem_ctx,
- DATA_BLOB blob,
- krb5_context context,
- const krb5_keyblock *krbtgt_keyblock,
- const krb5_keyblock *service_keyblock,
- krb5_const_principal client_principal,
- time_t tgs_authtime,
- struct PAC_LOGON_INFO **logon_info)
-{
- NTSTATUS nt_status;
- struct PAC_DATA *pac_data;
- int i;
- nt_status = kerberos_decode_pac(mem_ctx,
- blob,
- context,
- krbtgt_keyblock,
- service_keyblock,
- client_principal,
- tgs_authtime,
- &pac_data);
- if (!NT_STATUS_IS_OK(nt_status)) {
- return nt_status;
- }
-
- *logon_info = NULL;
- for (i=0; i < pac_data->num_buffers; i++) {
- if (pac_data->buffers[i].type != PAC_TYPE_LOGON_INFO) {
- continue;
- }
- *logon_info = pac_data->buffers[i].info->logon_info.info;
- }
- if (!*logon_info) {
- return NT_STATUS_INVALID_PARAMETER;
- }
- return NT_STATUS_OK;
-}
-
krb5_error_code kerberos_encode_pac(TALLOC_CTX *mem_ctx,
struct PAC_DATA *pac_data,
krb5_context context,
diff --git a/source4/dsdb/pydsdb.c b/source4/dsdb/pydsdb.c
index d3486a4..f63d71e 100644
--- a/source4/dsdb/pydsdb.c
+++ b/source4/dsdb/pydsdb.c
@@ -40,12 +40,19 @@ typedef intargfunc ssizeargfunc;
/* FIXME: These should be in a header file somewhere */
#define PyErr_LDB_OR_RAISE(py_ldb, ldb) \
-/* if (!PyLdb_Check(py_ldb)) { \
+ if (!py_check_dcerpc_type(py_ldb, "ldb", "Ldb")) { \
PyErr_SetString(py_ldb_get_exception(), "Ldb connection object required"); \
return NULL; \
- } */\
+ } \
ldb = pyldb_Ldb_AsLdbContext(py_ldb);
+#define PyErr_LDB_DN_OR_RAISE(py_ldb_dn, dn) \
+ if (!py_check_dcerpc_type(py_ldb_dn, "ldb", "Dn")) { \
+ PyErr_SetString(py_ldb_get_exception(), "ldb Dn object required"); \
+ return NULL; \
+ } \
+ dn = pyldb_Dn_AsDn(py_ldb_dn);
+
static PyObject *py_ldb_get_exception(void)
{
PyObject *mod = PyImport_ImportModule("ldb");
@@ -915,9 +922,6 @@ static PyObject *py_dsdb_get_partitions_dn(PyObject *self, PyObject *args)
struct ldb_context *ldb;
struct ldb_dn *dn;
PyObject *py_ldb, *ret;
- PyObject *mod;
-
- mod = PyImport_ImportModule("ldb");
if (!PyArg_ParseTuple(args, "O", &py_ldb))
return NULL;
@@ -935,6 +939,50 @@ static PyObject *py_dsdb_get_partitions_dn(PyObject *self, PyObject *args)
}
+static PyObject *py_dsdb_get_nc_root(PyObject *self, PyObject *args)
+{
+ struct ldb_context *ldb;
+ struct ldb_dn *dn, *nc_root;
+ PyObject *py_ldb, *py_ldb_dn, *py_nc_root;
+ int ret;
+
+ if (!PyArg_ParseTuple(args, "OO", &py_ldb, &py_ldb_dn))
+ return NULL;
+
+ PyErr_LDB_OR_RAISE(py_ldb, ldb);
+ PyErr_LDB_DN_OR_RAISE(py_ldb_dn, dn);
+
+ ret = dsdb_find_nc_root(ldb, ldb, dn, &nc_root);
+ PyErr_LDB_ERROR_IS_ERR_RAISE(py_ldb_get_exception(), ret, ldb);
+
+ py_nc_root = pyldb_Dn_FromDn(nc_root);
+ talloc_unlink(ldb, nc_root);
+ return py_nc_root;
+}
+
+static PyObject *py_dsdb_get_wellknown_dn(PyObject *self, PyObject *args)
+{
+ struct ldb_context *ldb;
+ struct ldb_dn *nc_dn, *wk_dn;
+ char *wkguid;
+ PyObject *py_ldb, *py_nc_dn, *py_wk_dn;
+ int ret;
+
+ if (!PyArg_ParseTuple(args, "OOs", &py_ldb, &py_nc_dn, &wkguid))
+ return NULL;
+
+ PyErr_LDB_OR_RAISE(py_ldb, ldb);
+ PyErr_LDB_DN_OR_RAISE(py_nc_dn, nc_dn);
+
+ ret = dsdb_wellknown_dn(ldb, ldb, nc_dn, wkguid, &wk_dn);
+ PyErr_LDB_ERROR_IS_ERR_RAISE(py_ldb_get_exception(), ret, ldb);
+
+ py_wk_dn = pyldb_Dn_FromDn(wk_dn);
+ talloc_unlink(ldb, wk_dn);
+ return py_wk_dn;
+}
+
+
/*
call into samdb_rodc()
*/
@@ -1039,6 +1087,8 @@ static PyMethodDef py_dsdb_methods[] = {
{ "_dsdb_write_prefixes_from_schema_to_ldb", (PyCFunction)py_dsdb_write_prefixes_from_schema_to_ldb, METH_VARARGS,
NULL },
{ "_dsdb_get_partitions_dn", (PyCFunction)py_dsdb_get_partitions_dn, METH_VARARGS, NULL },
+ { "_dsdb_get_nc_root", (PyCFunction)py_dsdb_get_nc_root, METH_VARARGS, NULL },
+ { "_dsdb_get_wellknown_dn", (PyCFunction)py_dsdb_get_wellknown_dn, METH_VARARGS, NULL },
{ "_dsdb_DsReplicaAttribute", (PyCFunction)py_dsdb_DsReplicaAttribute, METH_VARARGS, NULL },
{ "_dsdb_normalise_attributes", (PyCFunction)py_dsdb_normalise_attributes, METH_VARARGS, NULL },
{ NULL }
@@ -1219,4 +1269,16 @@ void initdsdb(void)
ADD_DSDB_STRING(DSDB_SYNTAX_STRING_DN);
ADD_DSDB_STRING(DSDB_SYNTAX_OR_NAME);
ADD_DSDB_STRING(DSDB_CONTROL_DBCHECK);
+
+ ADD_DSDB_STRING(DS_GUID_COMPUTERS_CONTAINER);
+ ADD_DSDB_STRING(DS_GUID_DELETED_OBJECTS_CONTAINER);
+ ADD_DSDB_STRING(DS_GUID_DOMAIN_CONTROLLERS_CONTAINER);
+ ADD_DSDB_STRING(DS_GUID_FOREIGNSECURITYPRINCIPALS_CONTAINER);
+ ADD_DSDB_STRING(DS_GUID_INFRASTRUCTURE_CONTAINER);
+ ADD_DSDB_STRING(DS_GUID_LOSTANDFOUND_CONTAINER);
+ ADD_DSDB_STRING(DS_GUID_MICROSOFT_PROGRAM_DATA_CONTAINER);
+ ADD_DSDB_STRING(DS_GUID_NTDS_QUOTAS_CONTAINER);
+ ADD_DSDB_STRING(DS_GUID_PROGRAM_DATA_CONTAINER);
+ ADD_DSDB_STRING(DS_GUID_SYSTEMS_CONTAINER);
+ ADD_DSDB_STRING(DS_GUID_USERS_CONTAINER);
}
diff --git a/source4/scripting/python/samba/dbchecker.py b/source4/scripting/python/samba/dbchecker.py
index 72d0604..284c529 100644
--- a/source4/scripting/python/samba/dbchecker.py
+++ b/source4/scripting/python/samba/dbchecker.py
@@ -50,6 +50,7 @@ class dbcheck(object):
self.fix_all_orphaned_backlinks = False
self.fix_rmd_flags = False
self.seize_fsmo_role = False
+ self.move_to_lost_and_found = False
self.in_transaction = in_transaction
self.infrastructure_dn = ldb.Dn(samdb, "CN=Infrastructure," + samdb.domain_dn())
self.naming_dn = ldb.Dn(samdb, "CN=Partitions,%s" % samdb.get_config_basedn())
@@ -125,6 +126,23 @@ class dbcheck(object):
return False
return True
--
Samba Shared Repository
More information about the samba-cvs
mailing list