[testlist] [PR PATCH master 09/22] python: Use the security.dom_sid type for ctx.domsid in join.py and provision
github at samba.org
github at samba.org
Mon Sep 7 00:10:36 UTC 2015
From: Andrew Bartlett <abartlet at samba.org>
Change-Id: I1266f77184d68aae6a39a73bac8a432fdd707b2e
Signed-off-by: Andrew Bartlett <abartlet at samba.org>
---
python/samba/join.py | 10 +++++-----
python/samba/netcmd/domain.py | 4 ++++
python/samba/provision/__init__.py | 2 --
python/samba/upgrade.py | 2 +-
4 files changed, 10 insertions(+), 8 deletions(-)
diff --git a/python/samba/join.py b/python/samba/join.py
index 1da973a..2cd492a 100644
--- a/python/samba/join.py
+++ b/python/samba/join.py
@@ -94,7 +94,7 @@ class dc_join(object):
ctx.root_dn = str(ctx.samdb.get_root_basedn())
ctx.schema_dn = str(ctx.samdb.get_schema_basedn())
ctx.config_dn = str(ctx.samdb.get_config_basedn())
- ctx.domsid = ctx.samdb.get_domain_sid()
+ ctx.domsid = security.dom_sid(ctx.samdb.get_domain_sid())
ctx.domain_name = ctx.get_domain_name()
ctx.forest_domain_name = ctx.get_forest_domain_name()
ctx.invocation_id = misc.GUID(str(uuid.uuid4()))
@@ -371,7 +371,7 @@ class dc_join(object):
def create_tmp_samdb(ctx):
'''create a temporary samdb object for schema queries'''
- ctx.tmp_schema = Schema(security.dom_sid(ctx.domsid),
+ ctx.tmp_schema = Schema(ctx.domsid,
schemadn=ctx.schema_dn)
ctx.tmp_samdb = SamDB(session_info=system_session(), url=None, auto_connect=False,
credentials=ctx.creds, lp=ctx.lp, global_schema=False,
@@ -923,7 +923,7 @@ class dc_join(object):
realm=ctx.realm,
dnsdomain=ctx.dnsdomain,
netbiosname=ctx.myname,
- domainsid=security.dom_sid(ctx.domsid),
+ domainsid=ctx.domsid,
machinepass=ctx.acct_pass,
secure_channel_type=ctx.secure_channel_type,
key_version_number=ctx.key_version_number)
@@ -966,7 +966,7 @@ class dc_join(object):
info = lsa.TrustDomainInfoInfoEx()
info.domain_name.string = ctx.dnsdomain
info.netbios_name.string = ctx.domain_name
- info.sid = security.dom_sid(ctx.domsid)
+ info.sid = ctx.domsid
info.trust_direction = lsa.LSA_TRUST_DIRECTION_INBOUND | lsa.LSA_TRUST_DIRECTION_OUTBOUND
info.trust_type = lsa.LSA_TRUST_TYPE_UPLEVEL
info.trust_attributes = lsa.LSA_TRUST_ATTRIBUTE_WITHIN_FOREST
@@ -1209,7 +1209,7 @@ def join_subdomain(logger=None, server=None, creds=None, lp=None, site=None,
ctx.base_dn = samba.dn_from_dns_name(dnsdomain)
ctx.forestsid = ctx.domsid
- ctx.domsid = str(security.random_sid())
+ ctx.domsid = security.random_sid()
ctx.acct_dn = None
ctx.dnshostname = "%s.%s" % (ctx.myname, ctx.dnsdomain)
ctx.trustdom_pass = samba.generate_random_password(128, 128)
diff --git a/python/samba/netcmd/domain.py b/python/samba/netcmd/domain.py
index 2e7a9c7..bae82e6 100644
--- a/python/samba/netcmd/domain.py
+++ b/python/samba/netcmd/domain.py
@@ -35,6 +35,7 @@ from samba.join import join_RODC, join_DC, join_subdomain
from samba.auth import system_session
from samba.samdb import SamDB
from samba.dcerpc import drsuapi
+from samba.dcerpc import security
from samba.dcerpc.samr import DOMAIN_PASSWORD_COMPLEX, DOMAIN_PASSWORD_STORE_CLEARTEXT
from samba.netcmd import (
Command,
@@ -406,6 +407,9 @@ class cmd_domain_provision(Command):
if ldap_backend_forced_uri is not None:
logger.warn("You have specified to use an fixed URI %s for connecting to your LDAP server backend. This is NOT RECOMMENDED, as our default communiation over ldapi:// is more secure and much less")
+ if domain_sid is not None:
+ domain_sid = security.dom_sid(domain_sid)
+
session = system_session()
try:
result = provision(self.logger,
diff --git a/python/samba/provision/__init__.py b/python/samba/provision/__init__.py
index 287b633..a88d7da 100644
--- a/python/samba/provision/__init__.py
+++ b/python/samba/provision/__init__.py
@@ -1956,8 +1956,6 @@ def provision(logger, session_info, smbconf=None,
if domainsid is None:
domainsid = security.random_sid()
- else:
- domainsid = security.dom_sid(domainsid)
root_uid = findnss_uid([root or "root"])
nobody_uid = findnss_uid([nobody or "nobody"])
diff --git a/python/samba/upgrade.py b/python/samba/upgrade.py
index 11a66a6..94b7732 100644
--- a/python/samba/upgrade.py
+++ b/python/samba/upgrade.py
@@ -725,7 +725,7 @@ Please fix this account before attempting to upgrade again
# Do full provision
result = provision(logger, session_info,
targetdir=targetdir, realm=realm, domain=domainname,
- domainsid=str(domainsid), next_rid=next_rid,
+ domainsid=domainsid, next_rid=next_rid,
dc_rid=machinerid, adminpass = adminpass,
dom_for_fun_level=dsdb.DS_DOMAIN_FUNCTION_2003,
hostname=netbiosname.lower(), machinepass=machinepass,
--
1.9.1
More information about the testlist
mailing list