[PATCH] make samba-tool aware of all 7 fsmo roles
Stefan (metze) Metzmacher
metze at samba.org
Wed May 20 01:11:51 MDT 2015
Hi Rowland,
> It will via 'samba-tool fsmo show' display the 7 roles, the well known 5
> and the 2 dns ones
> It will transfer any or all of the roles (it actually seizes the 2 dns
> roles, this seems to be the only way to do it)
> it will seize all of the roles.
Thank you very much for working on this!
This should be able to fix https://bugzilla.samba.org/show_bug.cgi?id=10734
> From b1d6a6de51666b40a794512ed7e6e495a2aca319 Mon Sep 17 00:00:00 2001
> From: Rowland Penny <repenny241155 at gmail.com>
> Date: Tue, 19 May 2015 17:02:02 +0100
> Subject: [PATCH 2/2] make samba-tool aware of all 7 fsmo roles Signed-off-by:
> Rowland Penny <repenny241155 at gmail.com>
Can you change the commit message to this:
samba-tool: make 'samba-tool fsmo *' aware of all 7 fsmo roles
BUG: https://bugzilla.samba.org/show_bug.cgi?id=10734
Signed-off-by: Rowland Penny <repenny241155 at gmail.com>
> ---
> python/samba/netcmd/fsmo.py | 58 +++++++++++++++++++++++++++++++++++++++----
> 1 file changed, 53 insertions(+), 5 deletions(-)
>
> diff --git a/python/samba/netcmd/fsmo.py b/python/samba/netcmd/fsmo.py
> index 1bc4a96..326d9ce 100644
> --- a/python/samba/netcmd/fsmo.py
> +++ b/python/samba/netcmd/fsmo.py
> @@ -50,6 +50,7 @@ def transfer_role(outf, role, samdb):
> m["becomeDomainMaster"]= ldb.MessageElement(
> "1", ldb.FLAG_MOD_REPLACE,
> "becomeDomainMaster")
> + samdb.modify(m)
> elif role == "infrastructure":
> m["becomeInfrastructureMaster"]= ldb.MessageElement(
> "1", ldb.FLAG_MOD_REPLACE,
Why this hunk? samdb.modify(m) is called further down.
This seems to revert the patch from
https://bugzilla.samba.org/show_bug.cgi?id=10924
> @@ -58,6 +59,26 @@ def transfer_role(outf, role, samdb):
> m["becomeSchemaMaster"]= ldb.MessageElement(
> "1", ldb.FLAG_MOD_REPLACE,
> "becomeSchemaMaster")
> + elif role == "domaindns":
> + # this would work in the same way as the infrastructure role if the schema allowed it
> + # but it doesn't, so will have to sieze
Can you explain this a bit?
What is this different (in detail)?
> + domain_dn = samdb.domain_dn()
> + domaindns_dn = "CN=Infrastructure,DC=DomainDnsZones," + domain_dn
As the dns zones are optional, we should check they exist and give
a proper error/warning message if we don't find them.
That applies also to the other hunks below.
> + m.dn = ldb.Dn(samdb, domaindns_dn)
> + dro = samdb.get_dsServiceName()
> + m["fSMORoleOwner"]= ldb.MessageElement(
> + "%s" % dro, ldb.FLAG_MOD_REPLACE,
> + "fSMORoleOwner")
> + elif role == "forestdns":
> + # this would work in the same way as the infrastructure role if the schema allowed it
> + # but it doesn't, so will have to sieze
> + domain_dn = samdb.domain_dn()
> + forestdns_dn = "CN=Infrastructure,DC=ForestDnsZones," + domain_dn
> + m.dn = ldb.Dn(samdb, forestdns_dn)
> + fro = samdb.get_dsServiceName()
> + m["fSMORoleOwner"]= ldb.MessageElement(
> + "%s" % fro, ldb.FLAG_MOD_REPLACE,
> + "fSMORoleOwner")
> else:
> raise CommandError("Invalid FSMO role.")
> try:
> @@ -66,7 +87,6 @@ def transfer_role(outf, role, samdb):
> raise CommandError("Failed to initiate transfer of '%s' role: %s" % (role, msg))
> outf.write("FSMO transfer of '%s' role successful\n" % role)
>
> -
> class cmd_fsmo_seize(Command):
> """Seize the role."""
I think we should leave the empty line above...
> @@ -82,13 +102,15 @@ class cmd_fsmo_seize(Command):
> Option("-H", "--URL", help="LDB URL for database or target server", type=str,
> metavar="URL", dest="H"),
> Option("--force", help="Force seizing of the role without attempting to transfer first.", action="store_true"),
> - Option("--role", type="choice", choices=["rid", "pdc", "infrastructure","schema","naming","all"],
> + Option("--role", type="choice", choices=["rid", "pdc", "infrastructure","schema","naming","domaindns","forestdns","all"],
> help="""The FSMO role to seize or transfer.\n
> rid=RidAllocationMasterRole\n
> schema=SchemaMasterRole\n
> pdc=PdcEmulationMasterRole\n
> naming=DomainNamingMasterRole\n
> infrastructure=InfrastructureMasterRole\n
> +domaindns=DomainDnsZonesMasterRole\n
> +forestdns=ForestDnsZonesMasterRole\n
> all=all of the above"""),
> ]
>
> @@ -104,6 +126,8 @@ all=all of the above"""),
> self.naming_dn = "CN=Partitions,%s" % samdb.get_config_basedn()
> self.schema_dn = str(samdb.get_schema_basedn())
> self.rid_dn = "CN=RID Manager$,CN=System," + domain_dn
> + self.domaindns_dn = "CN=Infrastructure,DC=DomainDnsZones," + domain_dn
> + self.forestdns_dn = "CN=Infrastructure,DC=ForestDnsZones," + domain_dn
>
> m = ldb.Message()
> if role == "rid":
> @@ -116,6 +140,10 @@ all=all of the above"""),
> m.dn = ldb.Dn(samdb, self.infrastructure_dn)
> elif role == "schema":
> m.dn = ldb.Dn(samdb, self.schema_dn)
> + elif role == "domaindns":
> + m.dn = ldb.Dn(samdb, self.domaindns_dn)
> + elif role == "forestdns":
> + m.dn = ldb.Dn(samdb, self.forestdns_dn)
> else:
> raise CommandError("Invalid FSMO role.")
> #first try to transfer to avoid problem if the owner is still active
> @@ -155,6 +183,8 @@ all=all of the above"""),
> self.seize_role("naming", samdb, force)
> self.seize_role("infrastructure", samdb, force)
> self.seize_role("schema", samdb, force)
> + self.seize_role("domaindns", samdb, force)
> + self.seize_role("forestdns", samdb, force)
> else:
> self.seize_role(role, samdb, force)
>
> @@ -189,6 +219,8 @@ class cmd_fsmo_show(Command):
> self.naming_dn = "CN=Partitions,%s" % samdb.get_config_basedn()
> self.schema_dn = samdb.get_schema_basedn()
> self.rid_dn = "CN=RID Manager$,CN=System," + domain_dn
> + self.domaindns_dn = "CN=Infrastructure,DC=DomainDnsZones," + domain_dn
> + self.forestdns_dn = "CN=Infrastructure,DC=ForestDnsZones," + domain_dn
>
> res = samdb.search(self.infrastructure_dn,
> scope=ldb.SCOPE_BASE, attrs=["fSMORoleOwner"])
> @@ -215,12 +247,23 @@ class cmd_fsmo_show(Command):
> assert len(res) == 1
> self.ridMaster = res[0]["fSMORoleOwner"][0]
>
> + res = samdb.search(self.domaindns_dn,
> + scope=ldb.SCOPE_BASE, attrs=["fSMORoleOwner"])
> + assert len(res) == 1
> + self.domaindnszonesMaster = res[0]["fSMORoleOwner"][0]
> +
> + res = samdb.search(self.forestdns_dn,
> + scope=ldb.SCOPE_BASE, attrs=["fSMORoleOwner"])
> + assert len(res) == 1
> + self.forestdnszonesMaster = res[0]["fSMORoleOwner"][0]
> +
> + self.message("SchemaMasterRole owner: " + self.schemaMaster)
> self.message("InfrastructureMasterRole owner: " + self.infrastructureMaster)
> self.message("RidAllocationMasterRole owner: " + self.ridMaster)
> self.message("PdcEmulationMasterRole owner: " + self.pdcEmulator)
> self.message("DomainNamingMasterRole owner: " + self.namingMaster)
> - self.message("SchemaMasterRole owner: " + self.schemaMaster)
> -
> + self.message("DomainDnsZonesMasterRole owner: " + self.domaindnszonesMaster)
> + self.message("ForestDnsZonesMasterRole owner: " + self.forestdnszonesMaster)
>
> class cmd_fsmo_transfer(Command):
> """Transfer the role."""
> @@ -236,13 +279,15 @@ class cmd_fsmo_transfer(Command):
> takes_options = [
> Option("-H", "--URL", help="LDB URL for database or target server", type=str,
> metavar="URL", dest="H"),
> - Option("--role", type="choice", choices=["rid", "pdc", "infrastructure","schema","naming","all"],
> + Option("--role", type="choice", choices=["rid","pdc","infrastructure","schema","naming","domaindns","forestdns","all"],
> help="""The FSMO role to seize or transfer.\n
> rid=RidAllocationMasterRole\n
> schema=SchemaMasterRole\n
> pdc=PdcEmulationMasterRole\n
> naming=DomainNamingMasterRole\n
> infrastructure=InfrastructureMasterRole\n
> +domaindns=DomainDnsZonesMasterRole\n
> +forestdns=ForestDnsZonesMasterRole\n
> all=all of the above"""),
> ]
>
> @@ -263,6 +308,8 @@ all=all of the above"""),
> transfer_role(self.outf, "naming", samdb)
> transfer_role(self.outf, "infrastructure", samdb)
> transfer_role(self.outf, "schema", samdb)
> + transfer_role(self.outf, "domaindns", samdb)
> + transfer_role(self.outf, "forestdns", samdb)
> else:
> transfer_role(self.outf, role, samdb)
>
> @@ -274,3 +321,4 @@ class cmd_fsmo(SuperCommand):
> subcommands["seize"] = cmd_fsmo_seize()
> subcommands["show"] = cmd_fsmo_show()
> subcommands["transfer"] = cmd_fsmo_transfer()
> +
This extra line is also not needed...
Thanks!
metze
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 198 bytes
Desc: OpenPGP digital signature
URL: <http://lists.samba.org/pipermail/samba-technical/attachments/20150520/aa991c59/attachment.pgp>
More information about the samba-technical
mailing list