[Patch] Allow specifiying the guid for NTDS Settings
Stefan (metze) Metzmacher
metze at samba.org
Fri Sep 18 14:58:19 MDT 2009
Matthieu Patou schrieb:
> On 09/19/2009 12:40 AM, Matthieu Patou wrote:
>> On 09/19/2009 12:21 AM, Andrew Bartlett wrote:
>>> On Sat, 2009-09-19 at 00:11 +0400, Matthieu Patou wrote:
>>>> Hello,
>>>>
>>>> This patch allow to specify on the command line the GUID of the object
>>>> NTDS Settings for the selfjoined DC.
>>> I really don't like the idea of changing the objectGUID. If you need to
>>> set it to a particular value, then do so during the 'add' process.
>>>
>> Note: I usually do not try to innovate and try to do as it is done
>> already (ie. for domainguid is the same script).
>>
>> Although it's not a problem for me to do in one or in another way
>>> That may require that we set a control to allow it (if another module
>>> would prevent it).
> In deed:
>
> Traceback (most recent call last):
> File "./setup/provision", line 201, in <module>
> ldap_dryrun_mode=opts.ldap_dryrun_mode)
> File "bin/python/samba/provision.py", line 1187, in provision
> serverrole=serverrole,ntdsguid=ntdsguid,ldap_backend=provision_backend)
> File "bin/python/samba/provision.py", line 1005, in setup_samdb
>
> domainControllerFunctionality=domainControllerFunctionality,ntdsguid=ntdsguid)
>
> File "bin/python/samba/provision.py", line 790, in setup_self_join
> "DOMAIN_CONTROLLER_FUNCTIONALITY": str(domainControllerFunctionality)})
> File "bin/python/samba/provision.py", line 262, in setup_add_ldif
> ldb.add_ldif(data)
> File "bin/python/samba/__init__.py", line 244, in add_ldif
> self.add(msg)
> _ldb.LdbError: (53, "replmd_add: it's not allowed to add an object with
> objectGUID\n")
We also need to make sure we add code to replmd_modify to reject
objectGUID changes...
metze
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 252 bytes
Desc: OpenPGP digital signature
URL: <http://lists.samba.org/pipermail/samba-technical/attachments/20090918/36b1129d/attachment.pgp>
More information about the samba-technical
mailing list