[PATCH 10/10] s4: fix update_machine_account_password
Matthieu Patou
mat at matws.net
Fri Nov 27 06:58:03 MST 2009
* make this function update the provision and not the reference
* do transmit the objectSID for secret_rejoin otherwise the SID is removed
* fix wrong typing (str/int/messageElement)
---
source4/scripting/bin/upgradeprovision | 13 +++++++------
1 files changed, 7 insertions(+), 6 deletions(-)
diff --git a/source4/scripting/bin/upgradeprovision b/source4/scripting/bin/upgradeprovision
index a463b8b..81b496b 100755
--- a/source4/scripting/bin/upgradeprovision
+++ b/source4/scripting/bin/upgradeprovision
@@ -684,9 +684,9 @@ def update_samdb(newpaths,paths,creds,session,names):
hashSD = check_diff_name(newpaths,paths,creds,session,str(names.rootdn),names,0)
message(SIMPLE,"Done with scanning")
-def update_machine_account_password(newpaths,paths,creds,session,names):
+def update_machine_account_password(paths,creds,session,names):
- secrets_ldb = Ldb(newpaths.secrets, session_info=session, credentials=creds,lp=lp)
+ secrets_ldb = Ldb(paths.secrets, session_info=session, credentials=creds,lp=lp)
secrets_ldb.transaction_start()
secrets_msg = secrets_ldb.search(expression=("samAccountName=%s$" % names.netbiosname), attrs=["secureChannelType"])
sam_ldb = Ldb(paths.samdb, session_info=session, credentials=creds,lp=lp)
@@ -697,21 +697,22 @@ def update_machine_account_password(newpaths,paths,creds,session,names):
msg = ldb.Message(res[0].dn)
machinepass = glue.generate_random_str(12)
- msg["userPassword"] = ldb.MessageElement("userPassword", ldb.FLAG_MOD_REPLACE, "userPassword")
+ msg["userPassword"] = ldb.MessageElement(machinepass, ldb.FLAG_MOD_REPLACE, "userPassword")
sam_ldb.modify(msg)
res = sam_ldb.search(expression=("samAccountName=%s$" % names.netbiosname),
attrs=["msDs-keyVersionNumber"])
assert(len(res) == 1)
- kvno = res[0]["msDs-keyVersionNumber"]
+ kvno = int(str(res[0]["msDs-keyVersionNumber"]))
secretsdb_self_join(secrets_ldb, domain=names.domain,
realm=names.realm,
+ domainsid=names.domainsid,
dnsdomain=names.dnsdomain,
netbiosname=names.netbiosname,
machinepass=machinepass,
key_version_number=kvno,
- secure_channel_type=secrets_msg[0]["secureChannelType"])
+ secure_channel_type=int(secrets_msg[0]["secureChannelType"][0]))
sam_ldb.transaction_prepare_commit()
secrets_ldb.transaction_prepare_commit()
sam_ldb.transaction_commit()
@@ -739,7 +740,7 @@ populate_backlink(newpaths,creds,session,names.schemadn)
update_basesamdb(newpaths,paths,names)
update_secrets(newpaths,paths,creds,session)
update_privilege(newpaths,paths)
-update_machine_account_password(newpaths,paths,creds,session,names)
+update_machine_account_password(paths,creds,session,names)
if opts.full:
update_samdb(newpaths,paths,creds,session,names)
--
1.6.3.3
--------------000902080109040405080503--
More information about the samba-technical
mailing list