[PATCH] fix for bug 11600

Rowland Penny repenny241155 at gmail.com
Fri Nov 13 13:32:31 UTC 2015 

A user changed the name of the default domain policy, when he tried to 
add another a DC, the join failed. This patch will fix this, it changes 
the search from the displayname (which can change) to the name (which 
cannot change). The patch also changes the  default domain controllers 
policy search, for the same reason.

Rowland
-------------- next part --------------
From 5ef0b657637401418b530246631e162fbc684162 Mon Sep 17 00:00:00 2001
From: Rowland Penny <repenny241155 at gmail.com>
Date: Fri, 13 Nov 2015 13:21:54 +0000
Subject: [PATCH] Provision __init__.py: fix for bug 11600

Signed-off-by: Rowland Penny <repenny241155 at gmail.com>
---
 python/samba/provision/__init__.py |   13 +++++++------
 1 file changed, 7 insertions(+), 6 deletions(-)

diff --git a/python/samba/provision/__init__.py b/python/samba/provision/__init__.py
index 953bd0f..84cbff5 100644
--- a/python/samba/provision/__init__.py
+++ b/python/samba/provision/__init__.py
@@ -276,16 +276,17 @@ def find_provision_key_parameters(samdb, secretsdb, idmapdb, paths, smbconf,
         names.domainlevel = int(res6[0]["msDS-Behavior-Version"][0])
 
     # policy guid
-    res7 = samdb.search(expression="(displayName=Default Domain Policy)",
+    res7 = samdb.search(expression="(name={31B2F340-016D-11D2-945F-"
+                        "00C04FB984F9})",
                         base="CN=Policies,CN=System," + basedn,
                         scope=ldb.SCOPE_ONELEVEL, attrs=["cn","displayName"])
     names.policyid = str(res7[0]["cn"]).replace("{","").replace("}","")
     # dc policy guid
-    res8 = samdb.search(expression="(displayName=Default Domain Controllers"
-                                   " Policy)",
-                            base="CN=Policies,CN=System," + basedn,
-                            scope=ldb.SCOPE_ONELEVEL,
-                            attrs=["cn","displayName"])
+    res8 = samdb.search(expression="(name={6AC1786C-016F-11D2-945F-"
+                        "00C04FB984F9})",
+                        base="CN=Policies,CN=System," + basedn,
+                        scope=ldb.SCOPE_ONELEVEL,
+                        attrs=["cn","displayName"])
     if len(res8) == 1:
         names.policyid_dc = str(res8[0]["cn"]).replace("{","").replace("}","")
     else:
-- 
1.7.10.4

More information about the samba-technical mailing list