[PATCH] fix for bug 11600

Rowland Penny repenny241155 at gmail.com
Fri Nov 13 14:21:38 UTC 2015 

On 13/11/15 13:43, Stefan Metzmacher wrote:
> Hi Rowland,
>
>> A user changed the name of the default domain policy, when he tried to
>> add another a DC, the join failed. This patch will fix this, it changes
>> the search from the displayname (which can change) to the name (which
>> cannot change). The patch also changes the  default domain controllers
>> policy search, for the same reason.
> Can you please use
>
> expression="(name=%s)" % DEFAULT_POLICY_GUID,
>
> DEFAULT_POLICY_GUID and DEFAULT_DC_POLICY_GUID are already defined
> in python/samba/provision/__init__.py
>
> Thanks!
> metze
>

Well yes & no :-)

DEFAULT_POLICY_GUID is defined as just the number, 'name is 
'{DEFAULT_POLICY_GUID}', so I used that.

see new attached patch

Rowland
-------------- next part --------------
From fe420f6771d50144c19f992fea12aea95c83adec Mon Sep 17 00:00:00 2001
From: Rowland Penny <repenny241155 at gmail.com>
Date: Fri, 13 Nov 2015 14:15:34 +0000
Subject: [PATCH] Provision __init__.py fix bug 11600

Signed-off-by: Rowland Penny <repenny241155 at gmail.com>
---
 python/samba/provision/__init__.py |   11 +++++------
 1 file changed, 5 insertions(+), 6 deletions(-)

diff --git a/python/samba/provision/__init__.py b/python/samba/provision/__init__.py
index 953bd0f..b36a7d2 100644
--- a/python/samba/provision/__init__.py
+++ b/python/samba/provision/__init__.py
@@ -276,16 +276,15 @@ def find_provision_key_parameters(samdb, secretsdb, idmapdb, paths, smbconf,
         names.domainlevel = int(res6[0]["msDS-Behavior-Version"][0])
 
     # policy guid
-    res7 = samdb.search(expression="(displayName=Default Domain Policy)",
+    res7 = samdb.search(expression="(name={%s})" % DEFAULT_POLICY_GUID,
                         base="CN=Policies,CN=System," + basedn,
                         scope=ldb.SCOPE_ONELEVEL, attrs=["cn","displayName"])
     names.policyid = str(res7[0]["cn"]).replace("{","").replace("}","")
     # dc policy guid
-    res8 = samdb.search(expression="(displayName=Default Domain Controllers"
-                                   " Policy)",
-                            base="CN=Policies,CN=System," + basedn,
-                            scope=ldb.SCOPE_ONELEVEL,
-                            attrs=["cn","displayName"])
+    res8 = samdb.search(expression="(name={%s})" % DEFAULT_DC_POLICY_GUID,
+                        base="CN=Policies,CN=System," + basedn,
+                        scope=ldb.SCOPE_ONELEVEL,
+                        attrs=["cn","displayName"])
     if len(res8) == 1:
         names.policyid_dc = str(res8[0]["cn"]).replace("{","").replace("}","")
     else:
-- 
1.7.10.4

More information about the samba-technical mailing list