[PATCH] fix for bug 11600

Rowland Penny repenny241155 at gmail.com
Mon Nov 16 19:17:13 UTC 2015 

On 16/11/15 14:40, Michael Adam wrote:
> On 2015-11-13 at 14:21 +0000, Rowland Penny wrote:
>> On 13/11/15 13:43, Stefan Metzmacher wrote:
>>> Hi Rowland,
>>>
>>>> A user changed the name of the default domain policy, when he tried to
>>>> add another a DC, the join failed. This patch will fix this, it changes
>>>> the search from the displayname (which can change) to the name (which
>>>> cannot change). The patch also changes the  default domain controllers
>>>> policy search, for the same reason.
>>> Can you please use
>>>
>>> expression="(name=%s)" % DEFAULT_POLICY_GUID,
>>>
>>> DEFAULT_POLICY_GUID and DEFAULT_DC_POLICY_GUID are already defined
>>> in python/samba/provision/__init__.py
>>>
>>> Thanks!
>>> metze
>>>
>> Well yes & no :-)
>>
>> DEFAULT_POLICY_GUID is defined as just the number, 'name is
>> '{DEFAULT_POLICY_GUID}', so I used that.
> The patch looks good to me.
> Just some commit message cosmetics:
>
> * could you please describe briefly how your bug fixes the bug?
>    (on the other hand side, you don't need to list __init__.py in
>     the commit msg / subject).
> * Could you include a line:
>    "BUG: https://bugzilla.samba.org/show_bug.cgi?id=11600"
>    in the commit msg, before the signoff line?
>    This is our pattern for tracking bug fixes, and if we already
>    know for the master patch, then we like to add it already
>    there.
>
> Thanks! - Michael
>
>
>

Hi, hope this patch meets what is required.

Rowland
-------------- next part --------------
>From a5363b29988d4435bdf3a863f07265038fc99ba9 Mon Sep 17 00:00:00 2001
From: Rowland Penny <repenny241155 at gmail.com>
Date: Mon, 16 Nov 2015 16:22:31 +0000
Subject: [PATCH 5/5] Subject: [PATCH] Provision fix bug 11600

If you join a second DC after changing the name of
the 'Default Domain Policy' or 'Default Domain Controllers
Policy' the join will fail as the search is hardcoded to
these names, this fix changes the search to the objects name.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=11600

Signed-off-by: Rowland Penny <repenny241155 at gmail.com>
---
 python/samba/provision/__init__.py |   11 +++++------
 1 file changed, 5 insertions(+), 6 deletions(-)

diff --git a/python/samba/provision/__init__.py b/python/samba/provision/__init__.py
index 953bd0f..b36a7d2 100644
--- a/python/samba/provision/__init__.py
+++ b/python/samba/provision/__init__.py
@@ -276,16 +276,15 @@ def find_provision_key_parameters(samdb, secretsdb, idmapdb, paths, smbconf,
         names.domainlevel = int(res6[0]["msDS-Behavior-Version"][0])
 
     # policy guid
-    res7 = samdb.search(expression="(displayName=Default Domain Policy)",
+    res7 = samdb.search(expression="(name={%s})" % DEFAULT_POLICY_GUID,
                         base="CN=Policies,CN=System," + basedn,
                         scope=ldb.SCOPE_ONELEVEL, attrs=["cn","displayName"])
     names.policyid = str(res7[0]["cn"]).replace("{","").replace("}","")
     # dc policy guid
-    res8 = samdb.search(expression="(displayName=Default Domain Controllers"
-                                   " Policy)",
-                            base="CN=Policies,CN=System," + basedn,
-                            scope=ldb.SCOPE_ONELEVEL,
-                            attrs=["cn","displayName"])
+    res8 = samdb.search(expression="(name={%s})" % DEFAULT_DC_POLICY_GUID,
+                        base="CN=Policies,CN=System," + basedn,
+                        scope=ldb.SCOPE_ONELEVEL,
+                        attrs=["cn","displayName"])
     if len(res8) == 1:
         names.policyid_dc = str(res8[0]["cn"]).replace("{","").replace("}","")
     else:
-- 
1.7.10.4

More information about the samba-technical mailing list