domain.py patch
Andrew Bartlett
abartlet at samba.org
Wed Apr 18 22:40:38 MDT 2012
On Mon, 2012-04-16 at 09:12 +0200, Daniele Dario wrote:
> Hi samba list,
> trying to demote my secondary DC, I've found a little typo in the demote
> function inside domain.py:
> if the DC is the owner of some FSMO rules, the function should tell the
> number of rules which DC owns.
>
> I've added the number as in following diff:
>
> 251c251
> < raise CommandError("Current DC is still the owner of %d
> role(s), use the role command to transfer roles to another DC" %
> len(res))
> ---
> > raise CommandError("Current DC is still the owner of %d
> role(s), use the role command to transfer roles to another DC")
>
> Would'n it be better to show also which roles we have to transfer before
> demote? I'm thinking something like
>
> res = samdb.search(expression="(fSMORoleOwner=%s)" %
> str(ntds_dn),
> controls=["search_options:1:2"])
>
> if len(res) != 0:
> for foundOwnedRole in res
> print foundOwnedRole['fSMORoleOwner'][0]
> raise CommandError("Current DC is still the owner of %d
> role(s), use the role command to transfer roles to another DC" %
> len(res))
>
> but I don't know which is the right syntax to use to show the role like
> CN=NTDS
> Settings,CN=MYDC,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=mydomain,DC=local
>
> Best regards,
> Daniele.
This snippet will get your own own NDTS Setting DN:
+ res = samdb.search("",
+ scope=ldb.SCOPE_BASE,
attrs=["dsServiceName"])
+ assert len(res) == 1
+ serviceName = res[0]["dsServiceName"][0]
If you could return your patch in diff -u format (or better still, as a
git commit, and git format-patch -1) I'll be very glad to get some
improvements here into the tree.
Thanks!
Andrew Bartlett
--
Andrew Bartlett http://samba.org/~abartlet/
Authentication Developer, Samba Team http://samba.org
More information about the samba-technical
mailing list