[PATCH] fix for bug 11600

Andreas Schneider asn at samba.org
Fri Nov 20 13:51:47 UTC 2015 

On Friday 20 November 2015 08:28:54 Michael Adam wrote:
> Thanks Rowland!
> 
> Reviewed-by: me
> 
> Someone else? Metze?

RB+
 
> Michael
> 
> On 2015-11-16 at 19:17 +0000, Rowland Penny wrote:
> > On 16/11/15 14:40, Michael Adam wrote:
> > >On 2015-11-13 at 14:21 +0000, Rowland Penny wrote:
> > >>On 13/11/15 13:43, Stefan Metzmacher wrote:
> > >>>Hi Rowland,
> > >>>
> > >>>>A user changed the name of the default domain policy, when he tried to
> > >>>>add another a DC, the join failed. This patch will fix this, it
> > >>>>changes
> > >>>>the search from the displayname (which can change) to the name (which
> > >>>>cannot change). The patch also changes the  default domain controllers
> > >>>>policy search, for the same reason.
> > >>>
> > >>>Can you please use
> > >>>
> > >>>expression="(name=%s)" % DEFAULT_POLICY_GUID,
> > >>>
> > >>>DEFAULT_POLICY_GUID and DEFAULT_DC_POLICY_GUID are already defined
> > >>>in python/samba/provision/__init__.py
> > >>>
> > >>>Thanks!
> > >>>metze
> > >>
> > >>Well yes & no :-)
> > >>
> > >>DEFAULT_POLICY_GUID is defined as just the number, 'name is
> > >>'{DEFAULT_POLICY_GUID}', so I used that.
> > >
> > >The patch looks good to me.
> > >Just some commit message cosmetics:
> > >
> > >* could you please describe briefly how your bug fixes the bug?
> > >
> > >   (on the other hand side, you don't need to list __init__.py in
> > >   
> > >    the commit msg / subject).
> > >
> > >* Could you include a line:
> > >   "BUG: https://bugzilla.samba.org/show_bug.cgi?id=11600"
> > >   in the commit msg, before the signoff line?
> > >   This is our pattern for tracking bug fixes, and if we already
> > >   know for the master patch, then we like to add it already
> > >   there.
> > >
> > >Thanks! - Michael
> > 
> > Hi, hope this patch meets what is required.
> > 
> > Rowland
> > 
> > From a5363b29988d4435bdf3a863f07265038fc99ba9 Mon Sep 17 00:00:00 2001
> > From: Rowland Penny <repenny241155 at gmail.com>
> > Date: Mon, 16 Nov 2015 16:22:31 +0000
> > Subject: [PATCH 5/5] Subject: [PATCH] Provision fix bug 11600
> > 
> > If you join a second DC after changing the name of
> > the 'Default Domain Policy' or 'Default Domain Controllers
> > Policy' the join will fail as the search is hardcoded to
> > these names, this fix changes the search to the objects name.
> > 
> > BUG: https://bugzilla.samba.org/show_bug.cgi?id=11600
> > 
> > Signed-off-by: Rowland Penny <repenny241155 at gmail.com>
> > ---
> > 
> >  python/samba/provision/__init__.py |   11 +++++------
> >  1 file changed, 5 insertions(+), 6 deletions(-)
> > 
> > diff --git a/python/samba/provision/__init__.py
> > b/python/samba/provision/__init__.py index 953bd0f..b36a7d2 100644
> > --- a/python/samba/provision/__init__.py
> > +++ b/python/samba/provision/__init__.py
> > @@ -276,16 +276,15 @@ def find_provision_key_parameters(samdb, secretsdb,
> > idmapdb, paths, smbconf,> 
> >          names.domainlevel = int(res6[0]["msDS-Behavior-Version"][0])
> >      
> >      # policy guid
> > 
> > -    res7 = samdb.search(expression="(displayName=Default Domain Policy)",
> > +    res7 = samdb.search(expression="(name={%s})" % DEFAULT_POLICY_GUID,
> > 
> >                          base="CN=Policies,CN=System," + basedn,
> >                          scope=ldb.SCOPE_ONELEVEL,
> >                          attrs=["cn","displayName"])
> >      
> >      names.policyid = str(res7[0]["cn"]).replace("{","").replace("}","")
> >      # dc policy guid
> > 
> > -    res8 = samdb.search(expression="(displayName=Default Domain
> > Controllers" -                                   " Policy)",
> > -                            base="CN=Policies,CN=System," + basedn,
> > -                            scope=ldb.SCOPE_ONELEVEL,
> > -                            attrs=["cn","displayName"])
> > +    res8 = samdb.search(expression="(name={%s})" %
> > DEFAULT_DC_POLICY_GUID,
> > +                        base="CN=Policies,CN=System," + basedn,
> > +                        scope=ldb.SCOPE_ONELEVEL,
> > +                        attrs=["cn","displayName"])
> > 
> >      if len(res8) == 1:
> >          names.policyid_dc =
> >          str(res8[0]["cn"]).replace("{","").replace("}","")
> >      
> >      else:

-- 
Andreas Schneider                   GPG-ID: CC014E3D
Samba Team                             asn at samba.org
www.samba.org
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 819 bytes
Desc: This is a digitally signed message part.
URL: <http://lists.samba.org/pipermail/samba-technical/attachments/20151120/3cc79e6e/signature.sig>

More information about the samba-technical mailing list