[PATCH] make samba-tool aware of all 7 fsmo roles

Rowland Penny repenny241155 at gmail.com
Thu Jun 4 11:20:59 MDT 2015


On 04/06/15 17:59, Jelmer Vernooij wrote:
> On Thu, Jun 04, 2015 at 05:49:14PM +0100, Rowland Penny wrote:
>> On 04/06/15 17:17, Rowland Penny wrote:
>>> On 04/06/15 16:16, Jelmer Vernooij wrote:
>>>> On Thu, Jun 04, 2015 at 02:00:47PM +0100, Rowland Penny wrote:
>>>>> On 04/06/15 13:23, Jelmer Vernooij wrote:
>>>>>> On Thu, Jun 04, 2015 at 11:36:29AM +0100, Rowland Penny wrote:
>>>>>>> On 03/06/15 00:53, Jelmer Vernooij wrote:
>> OK, so I had a look at this:
>>
>>>>> +        if master_owner != serviceName:
>>>>> +            if force is None:
>>>>> +                self.message("Attempting transfer...")
>>>>> +                try:
>>>>> +                    transfer_dns_role(self.outf, sambaopts, credopts,
>> role,
>>>>> +                                      samdb)
>>>>> +                    #self.outf.write("Transfer of '%s' role was
>> successful\n" %
>>>>> +                    #                role)
>>>>> +                    return
>>>>> +                except:
>> I now think we were discussing the wrong thing :-D
>>
>> I have re-written it to this:
>>
>>          if master_owner != serviceName:
>>              if force is None:
>>                  self.message("Attempting transfer...")
>>                      try:
>>                          #Any Error msg will be printed by 'transfer_role'
>>                          transfer_role(self.outf, sambaopts, credopts, role,
>>                                            samdb)
>>                          return
> Why does this have a try and a return at all? That doesn't seem necessary. You
> can just raise CommandError from transfer_role(); no need for extra code on
> the caller side.

The flow is:
     try and transfer the role, if this works go no further
     if this fails carry on and try to seize the role

I think what you are trying to say is that I could do something like:

             if force is None:
                 self.message("Attempting transfer...")
                 #Any Error msg will be printed by 'transfer_dns_role'
                 if transfer_dns_role(self.outf, sambaopts, credopts, 
role,  samdb):
                     # do nothing
                 else:
                       #transfer failed, use the big axe...
                       self.message("Transfer unsuccessful, seizing...")
             else:
                 self.message("Seizing %s FSMO role..." % role)

>> So when it goes to 'transfer_role' it ends up running this:
>>
>>      if master_owner != new_owner:
>>          try:
>>              samdb.modify(m)
>>          except LdbError, (num, msg):
>>              raise CommandError("Transfer of '%s' role failed: %s" %
>>                                 (role, msg))
> +1. This bit looks good.
>
> Cheers,
>
> Jelmer

I have also found this in samba.__init__.py:

def dn_from_dns_name(dnsdomain):
     """return a DN from a DNS name domain/forest root"""
     return "DC=" + ",DC=".join(dnsdomain.split("."))

Now I think to use this would mean replacing my line:

         forest_dn = "DC=" + samdb.forest_dns_name().replace(".", ",DC=")

with:

         forest_dn = (samdb.dn_from_dns_name(samba.forest_dns_name()))

Got be honest, I think my line is more readable.

Rowland



More information about the samba-technical mailing list