[SCM] Samba Shared Repository - branch master updated
Garming Sam
garming at samba.org
Mon Apr 18 05:41:03 UTC 2016
The branch, master has been updated
via 0619a83 tests/rodc: Check that preload will skip broken users
via 6d08b41 rodc: Allow RODC preload to continue with invalid users
from 5042802 ctdb-tools: Remove simple uses of strcpy(3)
https://git.samba.org/?p=samba.git;a=shortlog;h=master
- Log -----------------------------------------------------------------
commit 0619a83ccfd1db256dcda836b45c81b25b16b56a
Author: Garming Sam <garming at catalyst.net.nz>
Date: Fri Apr 15 10:45:05 2016 +1200
tests/rodc: Check that preload will skip broken users
Signed-off-by: Garming Sam <garming at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Autobuild-User(master): Garming Sam <garming at samba.org>
Autobuild-Date(master): Mon Apr 18 07:40:07 CEST 2016 on sn-devel-144
commit 6d08b4167601c1759838d46d92a534754fd44a2c
Author: Garming Sam <garming at catalyst.net.nz>
Date: Fri Apr 15 09:59:11 2016 +1200
rodc: Allow RODC preload to continue with invalid users
Either the user may be missing from the database, or the user is not
included in the RODC password replication group.
Signed-off-by: Garming Sam <garming at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
-----------------------------------------------------------------------
Summary of changes:
python/samba/netcmd/rodc.py | 38 ++++++++++++++++++++++++++++++++---
python/samba/tests/samba_tool/rodc.py | 36 ++++++++++++++++++++++++++++++++-
2 files changed, 70 insertions(+), 4 deletions(-)
Changeset truncated at 500 lines:
diff --git a/python/samba/netcmd/rodc.py b/python/samba/netcmd/rodc.py
index ba29c74..e7fbcdc 100644
--- a/python/samba/netcmd/rodc.py
+++ b/python/samba/netcmd/rodc.py
@@ -25,6 +25,19 @@ from samba.dcerpc import misc, drsuapi
from samba.drs_utils import drs_Replicate
import sys
+class RODCException(Exception):
+ def __init__(self, value):
+ self.value = value
+
+ def __str__(self):
+ return "%s: %s" % (self.__class__.__name__, self.value)
+
+class NamingError(RODCException):
+ pass
+
+class ReplicationError(RODCException):
+ pass
+
class cmd_rodc_preload(Command):
"""Preload accounts for an RODC. Multiple accounts may be requested."""
@@ -39,6 +52,7 @@ class cmd_rodc_preload(Command):
takes_options = [
Option("--server", help="DC to use", type=str),
Option("--file", help="Read account list from a file, or - for stdin (one per line)", type=str),
+ Option("--ignore-errors", help="When preloading multiple accounts, skip any failing accounts", action="store_true"),
]
takes_args = ["account*"]
@@ -59,7 +73,7 @@ class cmd_rodc_preload(Command):
res = samdb.search(expression="(&(samAccountName=%s)(objectclass=user))" % ldb.binary_encode(account),
scope=ldb.SCOPE_SUBTREE, attrs=[])
if len(res) != 1:
- raise Exception("Failed to find account '%s'" % account)
+ raise NamingError("Failed to find account '%s'" % account)
return str(res[0]["dn"])
@@ -69,6 +83,7 @@ class cmd_rodc_preload(Command):
versionpts = kwargs.get("versionopts")
server = kwargs.get("server")
accounts_file = kwargs.get("file")
+ ignore_errors = kwargs.get("ignore_errors")
if server is None:
raise Exception("You must supply a server")
@@ -98,13 +113,22 @@ class cmd_rodc_preload(Command):
repl = drs_Replicate("ncacn_ip_tcp:%s[seal,print]" % server, lp, creds,
local_samdb, destination_dsa_guid)
+
+ errors = []
for account in accounts:
# work out the source and destination GUIDs
dc_ntds_dn = samdb.get_dsServiceName()
res = samdb.search(base=dc_ntds_dn, scope=ldb.SCOPE_BASE, attrs=["invocationId"])
source_dsa_invocation_id = misc.GUID(local_samdb.schema_format_value("objectGUID", res[0]["invocationId"][0]))
- dn = self.get_dn(samdb, account)
+ try:
+ dn = self.get_dn(samdb, account)
+ except RODCException, e:
+ if not ignore_errors:
+ raise CommandError(str(e))
+ errors.append(e)
+ continue
+
self.outf.write("Replicating DN %s\n" % dn)
local_samdb.transaction_start()
@@ -113,9 +137,17 @@ class cmd_rodc_preload(Command):
exop=drsuapi.DRSUAPI_EXOP_REPL_SECRET, rodc=True)
except Exception, e:
local_samdb.transaction_cancel()
- raise CommandError("Error replicating DN %s" % dn, e)
+ if not ignore_errors:
+ raise CommandError("Error replicating DN %s" % dn)
+ errors.append(ReplicationError("Error replicating DN %s" % dn))
+ continue
+
local_samdb.transaction_commit()
+ if len(errors) > 0:
+ print "\nPreload encountered problematic users:"
+ for error in errors:
+ print " %s" % error
class cmd_rodc(SuperCommand):
diff --git a/python/samba/tests/samba_tool/rodc.py b/python/samba/tests/samba_tool/rodc.py
index 9ae5dd1..798bc17 100644
--- a/python/samba/tests/samba_tool/rodc.py
+++ b/python/samba/tests/samba_tool/rodc.py
@@ -43,10 +43,12 @@ class RodcCmdTestCase(SambaToolCmdTest):
self.ldb.newuser("sambatool2", "2wsxCDE#")
self.ldb.newuser("sambatool3", "3edcVFR$")
self.ldb.newuser("sambatool4", "4rfvBGT%")
+ self.ldb.newuser("sambatool5", "5tjbNHY*")
+ self.ldb.newuser("sambatool6", "6yknMJU*")
self.ldb.add_remove_group_members("Allowed RODC Password Replication Group",
["sambatool1", "sambatool2", "sambatool3",
- "sambatool4"],
+ "sambatool4", "sambatool5"],
add_members_operation=True)
def tearDown(self):
@@ -55,6 +57,8 @@ class RodcCmdTestCase(SambaToolCmdTest):
self.ldb.deleteuser("sambatool2")
self.ldb.deleteuser("sambatool3")
self.ldb.deleteuser("sambatool4")
+ self.ldb.deleteuser("sambatool5")
+ self.ldb.deleteuser("sambatool6")
(result, out, err) = self.runsubcmd("drs", "replicate", "--local", "unused",
os.environ["DC_SERVER"], self.base_dn)
@@ -92,3 +96,33 @@ class RodcCmdTestCase(SambaToolCmdTest):
self.assertCmdSuccess(result, "ensuring rodc prefetch ran successfully")
self.assertEqual(out, "Replicating DN CN=sambatool1,CN=Users,%s\nReplicating DN CN=sambatool2,CN=Users,%s\n" % (self.base_dn, self.base_dn))
os.unlink(tempf)
+
+ def test_multi_with_missing_name_success(self):
+ (result, out, err) = self.runsubcmd("rodc", "preload",
+ "nonexistentuser1", "sambatool5",
+ "nonexistentuser2",
+ "--server", os.environ["DC_SERVER"],
+ "--ignore-errors")
+ self.assertCmdSuccess(result, "ensuring rodc prefetch ran successfully")
+ self.assertEqual(out, "Replicating DN CN=sambatool5,CN=Users,%s\n" % self.base_dn)
+
+ def test_multi_with_missing_name_failure(self):
+ (result, out, err) = self.runsubcmd("rodc", "preload",
+ "nonexistentuser1", "sambatool5",
+ "nonexistentuser2",
+ "--server", os.environ["DC_SERVER"])
+ self.assertCmdFail(result, "ensuring rodc prefetch quit on missing user")
+
+ def test_multi_without_group_success(self):
+ (result, out, err) = self.runsubcmd("rodc", "preload",
+ "sambatool6", "sambatool5",
+ "--server", os.environ["DC_SERVER"],
+ "--ignore-errors")
+ self.assertCmdSuccess(result, "ensuring rodc prefetch ran successfully")
+ self.assertEqual(out, "Replicating DN CN=sambatool6,CN=Users,%s\nReplicating DN CN=sambatool5,CN=Users,%s\n" % (self.base_dn, self.base_dn))
+
+ def test_multi_without_group_failure(self):
+ (result, out, err) = self.runsubcmd("rodc", "preload",
+ "sambatool6", "sambatool5",
+ "--server", os.environ["DC_SERVER"])
+ self.assertCmdFail(result, "ensuring rodc prefetch quit on non-replicated user")
--
Samba Shared Repository
More information about the samba-cvs
mailing list