The branch, master has been updated
via 847b909 s4-samba-tool: removed old C implementation of samba-tool
drs
via 3d8d382 s4-samba-tool: switched over to python version of
samba-tool drs
via d06bf95 s4-samba-tool: added python implementation of samba-tool
drs commands
via f6c2d39 s4-pyglue: expose the remaining NTTIME functions from glue
via 8310375 s4-drs: allow DrsReplicaGetInfo as a DC
via a589b9a s4-pydsdb: use cpp macro to simplify flags definitions
via ed598ac libds: added mS-DS-ReplicatesNCReason flags
via af93f22 s4-samba-tool: fixed "-k no" for disabling kerberos auth
from 6a781b5 Add timestamp when running with --maximum-runtime
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master
- Log -----------------------------------------------------------------
commit 847b909b6ee70d140ebbd3800b3f1e2d51e15e97
Author: Andrew Tridgell <tri...@samba.org>
Date: Sat Nov 27 23:53:00 2010 +1100
s4-samba-tool: removed old C implementation of samba-tool drs
Autobuild-User: Andrew Tridgell <tri...@samba.org>
Autobuild-Date: Sat Nov 27 15:16:02 CET 2010 on sn-devel-104
commit 3d8d382fe57125c1752cab85f9edcb094887b9dc
Author: Andrew Tridgell <tri...@samba.org>
Date: Sat Nov 27 23:50:25 2010 +1100
s4-samba-tool: switched over to python version of samba-tool drs
commit d06bf954ba780f915ecff2f450f0c9f4c6b79dc0
Author: Andrew Tridgell <tri...@samba.org>
Date: Sat Nov 27 23:48:20 2010 +1100
s4-samba-tool: added python implementation of samba-tool drs commands
much simpler than the C code, and this brings us one step closer to a
python samba-tool
commit f6c2d39d0b7d0f631b26e96abca2982ee404c7fb
Author: Andrew Tridgell <tri...@samba.org>
Date: Sat Nov 27 23:47:30 2010 +1100
s4-pyglue: expose the remaining NTTIME functions from glue
commit 8310375a048aeb754539421ac96291d13a4cd3d7
Author: Andrew Tridgell <tri...@samba.org>
Date: Sat Nov 27 23:47:03 2010 +1100
s4-drs: allow DrsReplicaGetInfo as a DC
commit a589b9a03323ab5a87b85cb0bf54fcc485bb16d1
Author: Andrew Tridgell <tri...@samba.org>
Date: Sat Nov 27 23:46:33 2010 +1100
s4-pydsdb: use cpp macro to simplify flags definitions
also added some more from flags.h
commit ed598ac99b8d26645653929c6313b699269bc57f
Author: Andrew Tridgell <tri...@samba.org>
Date: Sat Nov 27 23:45:53 2010 +1100
libds: added mS-DS-ReplicatesNCReason flags
these define why a KCC connection was made
commit af93f227ad5341b2ceaaa26d0d07ffa1dd9f9aa8
Author: Andrew Tridgell <tri...@samba.org>
Date: Sat Nov 27 22:03:07 2010 +1100
s4-samba-tool: fixed "-k no" for disabling kerberos auth
The option "-k no" was not correctly disabling kerberos in python
programs
Pair-Programmed-With: Andrew Bartlett <abart...@samba.org>
-----------------------------------------------------------------------
Summary of changes:
libds/common/flags.h | 12 +-
source4/dsdb/pydsdb.c | 247 ++++-----
source4/rpc_server/drsuapi/dcesrv_drsuapi.c | 2 +-
source4/samba_tool/drs/drs.c | 361 ------------
source4/samba_tool/drs/drs.h | 87 ---
source4/samba_tool/drs/drs_bind.c | 136 -----
source4/samba_tool/drs/drs_kcc.c | 170 ------
source4/samba_tool/drs/drs_replicate.c | 252 ---------
source4/samba_tool/drs/drs_showrepl.c | 611 ---------------------
source4/samba_tool/samba_tool.c | 2 -
source4/samba_tool/wscript_build | 11 +-
source4/scripting/python/samba/__init__.py | 3 +
source4/scripting/python/samba/getopt.py | 6 +-
source4/scripting/python/samba/netcmd/__init__.py | 2 +
source4/scripting/python/samba/netcmd/drs.py | 402 ++++++++++++++
15 files changed, 534 insertions(+), 1770 deletions(-)
delete mode 100644 source4/samba_tool/drs/drs.c
delete mode 100644 source4/samba_tool/drs/drs.h
delete mode 100644 source4/samba_tool/drs/drs_bind.c
delete mode 100644 source4/samba_tool/drs/drs_kcc.c
delete mode 100644 source4/samba_tool/drs/drs_replicate.c
delete mode 100644 source4/samba_tool/drs/drs_showrepl.c
create mode 100644 source4/scripting/python/samba/netcmd/drs.py
Changeset truncated at 500 lines:
diff --git a/libds/common/flags.h b/libds/common/flags.h
index a10fa48..a3ed771 100644
--- a/libds/common/flags.h
+++ b/libds/common/flags.h
@@ -229,4 +229,14 @@
#define DS_HR_KVNOEMUW2K 0x00000011
#define DS_HR_LDAP_BYPASS_UPPER_LIMIT_BOUNDS 0x00000012
-
+/* mS-DS-ReplicatesNCReason */
+#define NTDSCONN_KCC_GC_TOPOLOGY 0x00000001
+#define NTDSCONN_KCC_RING_TOPOLOGY 0x00000002
+#define NTDSCONN_KCC_MINIMIZE_HOPS_TOPOLOGY 0x00000004
+#define NTDSCONN_KCC_STALE_SERVERS_TOPOLOGY 0x00000008
+#define NTDSCONN_KCC_OSCILLATING_CONNECTION_TOPOLOGY 0x00000010
+#define NTDSCONN_KCC_INTERSITE_GC_TOPOLOGY 0x00000020
+#define NTDSCONN_KCC_INTERSITE_TOPOLOGY 0x00000040
+#define NTDSCONN_KCC_SERVER_FAILOVER_TOPOLOGY 0x00000080
+#define NTDSCONN_KCC_SITE_FAILOVER_TOPOLOGY 0x00000100
+#define NTDSCONN_KCC_REDUNDANT_SERVER_TOPOLOGY 0x00000200
diff --git a/source4/dsdb/pydsdb.c b/source4/dsdb/pydsdb.c
index 16a4cd4..e5e6767 100644
--- a/source4/dsdb/pydsdb.c
+++ b/source4/dsdb/pydsdb.c
@@ -706,150 +706,123 @@ void initdsdb(void)
if (m == NULL)
return;
+#define ADD_DSDB_FLAG(val) PyModule_AddObject(m, #val, PyInt_FromLong(val))
+
/* "userAccountControl" flags */
- PyModule_AddObject(m, "UF_NORMAL_ACCOUNT",
- PyInt_FromLong(UF_NORMAL_ACCOUNT));
- PyModule_AddObject(m, "UF_TEMP_DUPLICATE_ACCOUNT",
-
PyInt_FromLong(UF_TEMP_DUPLICATE_ACCOUNT));
- PyModule_AddObject(m, "UF_SERVER_TRUST_ACCOUNT",
-
PyInt_FromLong(UF_SERVER_TRUST_ACCOUNT));
- PyModule_AddObject(m, "UF_WORKSTATION_TRUST_ACCOUNT",
-
PyInt_FromLong(UF_WORKSTATION_TRUST_ACCOUNT));
- PyModule_AddObject(m, "UF_INTERDOMAIN_TRUST_ACCOUNT",
-
PyInt_FromLong(UF_INTERDOMAIN_TRUST_ACCOUNT));
- PyModule_AddObject(m, "UF_PASSWD_NOTREQD",
- PyInt_FromLong(UF_PASSWD_NOTREQD));
- PyModule_AddObject(m, "UF_ACCOUNTDISABLE",
- PyInt_FromLong(UF_ACCOUNTDISABLE));
-
- PyModule_AddObject(m, "UF_SCRIPT", PyInt_FromLong(UF_SCRIPT));
- PyModule_AddObject(m, "UF_ACCOUNTDISABLE",
PyInt_FromLong(UF_ACCOUNTDISABLE));
- PyModule_AddObject(m, "UF_00000004", PyInt_FromLong(UF_00000004));
- PyModule_AddObject(m, "UF_HOMEDIR_REQUIRED",
PyInt_FromLong(UF_HOMEDIR_REQUIRED));
- PyModule_AddObject(m, "UF_LOCKOUT", PyInt_FromLong(UF_LOCKOUT));
- PyModule_AddObject(m, "UF_PASSWD_NOTREQD",
PyInt_FromLong(UF_PASSWD_NOTREQD));
- PyModule_AddObject(m, "UF_PASSWD_CANT_CHANGE",
PyInt_FromLong(UF_PASSWD_CANT_CHANGE));
- PyModule_AddObject(m, "UF_ENCRYPTED_TEXT_PASSWORD_ALLOWED",
PyInt_FromLong(UF_ENCRYPTED_TEXT_PASSWORD_ALLOWED));
- PyModule_AddObject(m, "UF_TEMP_DUPLICATE_ACCOUNT",
PyInt_FromLong(UF_TEMP_DUPLICATE_ACCOUNT));
- PyModule_AddObject(m, "UF_NORMAL_ACCOUNT",
PyInt_FromLong(UF_NORMAL_ACCOUNT));
- PyModule_AddObject(m, "UF_00000400", PyInt_FromLong(UF_00000400));
- PyModule_AddObject(m, "UF_INTERDOMAIN_TRUST_ACCOUNT",
PyInt_FromLong(UF_INTERDOMAIN_TRUST_ACCOUNT));
- PyModule_AddObject(m, "UF_WORKSTATION_TRUST_ACCOUNT",
PyInt_FromLong(UF_WORKSTATION_TRUST_ACCOUNT));
- PyModule_AddObject(m, "UF_SERVER_TRUST_ACCOUNT",
PyInt_FromLong(UF_SERVER_TRUST_ACCOUNT));
- PyModule_AddObject(m, "UF_00004000", PyInt_FromLong(UF_00004000));
- PyModule_AddObject(m, "UF_00008000", PyInt_FromLong(UF_00008000));
- PyModule_AddObject(m, "UF_DONT_EXPIRE_PASSWD",
PyInt_FromLong(UF_DONT_EXPIRE_PASSWD));
- PyModule_AddObject(m, "UF_MNS_LOGON_ACCOUNT",
PyInt_FromLong(UF_MNS_LOGON_ACCOUNT));
- PyModule_AddObject(m, "UF_SMARTCARD_REQUIRED",
PyInt_FromLong(UF_SMARTCARD_REQUIRED));
- PyModule_AddObject(m, "UF_TRUSTED_FOR_DELEGATION",
PyInt_FromLong(UF_TRUSTED_FOR_DELEGATION));
- PyModule_AddObject(m, "UF_NOT_DELEGATED",
PyInt_FromLong(UF_NOT_DELEGATED));
- PyModule_AddObject(m, "UF_USE_DES_KEY_ONLY",
PyInt_FromLong(UF_USE_DES_KEY_ONLY));
- PyModule_AddObject(m, "UF_DONT_REQUIRE_PREAUTH",
PyInt_FromLong(UF_DONT_REQUIRE_PREAUTH));
- PyModule_AddObject(m, "UF_PASSWORD_EXPIRED",
PyInt_FromLong(UF_PASSWORD_EXPIRED));
- PyModule_AddObject(m, "UF_TRUSTED_TO_AUTHENTICATE_FOR_DELEGATION",
PyInt_FromLong(UF_TRUSTED_TO_AUTHENTICATE_FOR_DELEGATION));
- PyModule_AddObject(m, "UF_NO_AUTH_DATA_REQUIRED",
PyInt_FromLong(UF_NO_AUTH_DATA_REQUIRED));
- PyModule_AddObject(m, "UF_PARTIAL_SECRETS_ACCOUNT",
PyInt_FromLong(UF_PARTIAL_SECRETS_ACCOUNT));
-
- /* "groupType" flags */
- PyModule_AddObject(m, "GTYPE_SECURITY_BUILTIN_LOCAL_GROUP",
-
PyInt_FromLong(GTYPE_SECURITY_BUILTIN_LOCAL_GROUP));
- PyModule_AddObject(m, "GTYPE_SECURITY_GLOBAL_GROUP",
-
PyInt_FromLong(GTYPE_SECURITY_GLOBAL_GROUP));
- PyModule_AddObject(m, "GTYPE_SECURITY_DOMAIN_LOCAL_GROUP",
-
PyInt_FromLong(GTYPE_SECURITY_DOMAIN_LOCAL_GROUP));
- PyModule_AddObject(m, "GTYPE_SECURITY_UNIVERSAL_GROUP",
-
PyInt_FromLong(GTYPE_SECURITY_UNIVERSAL_GROUP));
- PyModule_AddObject(m, "GTYPE_DISTRIBUTION_GLOBAL_GROUP",
-
PyInt_FromLong(GTYPE_DISTRIBUTION_GLOBAL_GROUP));
- PyModule_AddObject(m, "GTYPE_DISTRIBUTION_DOMAIN_LOCAL_GROUP",
-
PyInt_FromLong(GTYPE_DISTRIBUTION_DOMAIN_LOCAL_GROUP));
- PyModule_AddObject(m, "GTYPE_DISTRIBUTION_UNIVERSAL_GROUP",
-
PyInt_FromLong(GTYPE_DISTRIBUTION_UNIVERSAL_GROUP));
+ ADD_DSDB_FLAG(UF_NORMAL_ACCOUNT);
+ ADD_DSDB_FLAG(UF_TEMP_DUPLICATE_ACCOUNT);
+ ADD_DSDB_FLAG(UF_SERVER_TRUST_ACCOUNT);
+ ADD_DSDB_FLAG(UF_WORKSTATION_TRUST_ACCOUNT);
+ ADD_DSDB_FLAG(UF_INTERDOMAIN_TRUST_ACCOUNT);
+ ADD_DSDB_FLAG(UF_PASSWD_NOTREQD);
+ ADD_DSDB_FLAG(UF_ACCOUNTDISABLE);
+
+ ADD_DSDB_FLAG(UF_SCRIPT);
+ ADD_DSDB_FLAG(UF_ACCOUNTDISABLE);
+ ADD_DSDB_FLAG(UF_00000004);
+ ADD_DSDB_FLAG(UF_HOMEDIR_REQUIRED);
+ ADD_DSDB_FLAG(UF_LOCKOUT);
+ ADD_DSDB_FLAG(UF_PASSWD_NOTREQD);
+ ADD_DSDB_FLAG(UF_PASSWD_CANT_CHANGE);
+ ADD_DSDB_FLAG(UF_ENCRYPTED_TEXT_PASSWORD_ALLOWED);
+ ADD_DSDB_FLAG(UF_TEMP_DUPLICATE_ACCOUNT);
+ ADD_DSDB_FLAG(UF_NORMAL_ACCOUNT);
+ ADD_DSDB_FLAG(UF_00000400);
+ ADD_DSDB_FLAG(UF_INTERDOMAIN_TRUST_ACCOUNT);
+ ADD_DSDB_FLAG(UF_WORKSTATION_TRUST_ACCOUNT);
+ ADD_DSDB_FLAG(UF_SERVER_TRUST_ACCOUNT);
+ ADD_DSDB_FLAG(UF_00004000);
+ ADD_DSDB_FLAG(UF_00008000);
+ ADD_DSDB_FLAG(UF_DONT_EXPIRE_PASSWD);
+ ADD_DSDB_FLAG(UF_MNS_LOGON_ACCOUNT);
+ ADD_DSDB_FLAG(UF_SMARTCARD_REQUIRED);
+ ADD_DSDB_FLAG(UF_TRUSTED_FOR_DELEGATION);
+ ADD_DSDB_FLAG(UF_NOT_DELEGATED);
+ ADD_DSDB_FLAG(UF_USE_DES_KEY_ONLY);
+ ADD_DSDB_FLAG(UF_DONT_REQUIRE_PREAUTH);
+ ADD_DSDB_FLAG(UF_PASSWORD_EXPIRED);
+ ADD_DSDB_FLAG(UF_TRUSTED_TO_AUTHENTICATE_FOR_DELEGATION);
+ ADD_DSDB_FLAG(UF_NO_AUTH_DATA_REQUIRED);
+ ADD_DSDB_FLAG(UF_PARTIAL_SECRETS_ACCOUNT);
+
+ /* groupType flags */
+ ADD_DSDB_FLAG(GTYPE_SECURITY_BUILTIN_LOCAL_GROUP);
+ ADD_DSDB_FLAG(GTYPE_SECURITY_GLOBAL_GROUP);
+ ADD_DSDB_FLAG(GTYPE_SECURITY_DOMAIN_LOCAL_GROUP);
+ ADD_DSDB_FLAG(GTYPE_SECURITY_UNIVERSAL_GROUP);
+ ADD_DSDB_FLAG(GTYPE_DISTRIBUTION_GLOBAL_GROUP);
+ ADD_DSDB_FLAG(GTYPE_DISTRIBUTION_DOMAIN_LOCAL_GROUP);
+ ADD_DSDB_FLAG(GTYPE_DISTRIBUTION_UNIVERSAL_GROUP);
/* "sAMAccountType" flags */
- PyModule_AddObject(m, "ATYPE_NORMAL_ACCOUNT",
-
PyInt_FromLong(ATYPE_NORMAL_ACCOUNT));
- PyModule_AddObject(m, "ATYPE_WORKSTATION_TRUST",
-
PyInt_FromLong(ATYPE_WORKSTATION_TRUST));
- PyModule_AddObject(m, "ATYPE_INTERDOMAIN_TRUST",
-
PyInt_FromLong(ATYPE_INTERDOMAIN_TRUST));
- PyModule_AddObject(m, "ATYPE_SECURITY_GLOBAL_GROUP",
-
PyInt_FromLong(ATYPE_SECURITY_GLOBAL_GROUP));
- PyModule_AddObject(m, "ATYPE_SECURITY_LOCAL_GROUP",
-
PyInt_FromLong(ATYPE_SECURITY_LOCAL_GROUP));
- PyModule_AddObject(m, "ATYPE_SECURITY_UNIVERSAL_GROUP",
-
PyInt_FromLong(ATYPE_SECURITY_UNIVERSAL_GROUP));
- PyModule_AddObject(m, "ATYPE_DISTRIBUTION_GLOBAL_GROUP",
-
PyInt_FromLong(ATYPE_DISTRIBUTION_GLOBAL_GROUP));
- PyModule_AddObject(m, "ATYPE_DISTRIBUTION_LOCAL_GROUP",
-
PyInt_FromLong(ATYPE_DISTRIBUTION_LOCAL_GROUP));
- PyModule_AddObject(m, "ATYPE_DISTRIBUTION_UNIVERSAL_GROUP",
-
PyInt_FromLong(ATYPE_DISTRIBUTION_UNIVERSAL_GROUP));
+ ADD_DSDB_FLAG(ATYPE_NORMAL_ACCOUNT);
+ ADD_DSDB_FLAG(ATYPE_WORKSTATION_TRUST);
+ ADD_DSDB_FLAG(ATYPE_INTERDOMAIN_TRUST);
+ ADD_DSDB_FLAG(ATYPE_SECURITY_GLOBAL_GROUP);
+ ADD_DSDB_FLAG(ATYPE_SECURITY_LOCAL_GROUP);
+ ADD_DSDB_FLAG(ATYPE_SECURITY_UNIVERSAL_GROUP);
+ ADD_DSDB_FLAG(ATYPE_DISTRIBUTION_GLOBAL_GROUP);
+ ADD_DSDB_FLAG(ATYPE_DISTRIBUTION_LOCAL_GROUP);
+ ADD_DSDB_FLAG(ATYPE_DISTRIBUTION_UNIVERSAL_GROUP);
/* "domainFunctionality", "forestFunctionality" flags in the rootDSE */
- PyModule_AddObject(m, "DS_DOMAIN_FUNCTION_2000",
-
PyInt_FromLong(DS_DOMAIN_FUNCTION_2000));
- PyModule_AddObject(m, "DS_DOMAIN_FUNCTION_2003_MIXED",
-
PyInt_FromLong(DS_DOMAIN_FUNCTION_2003_MIXED));
- PyModule_AddObject(m, "DS_DOMAIN_FUNCTION_2003",
-
PyInt_FromLong(DS_DOMAIN_FUNCTION_2003));
- PyModule_AddObject(m, "DS_DOMAIN_FUNCTION_2008",
-
PyInt_FromLong(DS_DOMAIN_FUNCTION_2008));
- PyModule_AddObject(m, "DS_DOMAIN_FUNCTION_2008_R2",
-
PyInt_FromLong(DS_DOMAIN_FUNCTION_2008_R2));
+ ADD_DSDB_FLAG(DS_DOMAIN_FUNCTION_2000);
+ ADD_DSDB_FLAG(DS_DOMAIN_FUNCTION_2003_MIXED);
+ ADD_DSDB_FLAG(DS_DOMAIN_FUNCTION_2003);
+ ADD_DSDB_FLAG(DS_DOMAIN_FUNCTION_2008);
+ ADD_DSDB_FLAG(DS_DOMAIN_FUNCTION_2008_R2);
/* "systemFlags" */
- PyModule_AddObject(m, "SYSTEM_FLAG_CR_NTDS_NC",
- PyInt_FromLong(SYSTEM_FLAG_CR_NTDS_NC));
- PyModule_AddObject(m, "SYSTEM_FLAG_CR_NTDS_DOMAIN",
-
PyInt_FromLong(SYSTEM_FLAG_CR_NTDS_DOMAIN));
- PyModule_AddObject(m, "SYSTEM_FLAG_CR_NTDS_NOT_GC_REPLICATED",
-
PyInt_FromLong(SYSTEM_FLAG_CR_NTDS_NOT_GC_REPLICATED));
- PyModule_AddObject(m, "SYSTEM_FLAG_SCHEMA_BASE_OBJECT",
-
PyInt_FromLong(SYSTEM_FLAG_SCHEMA_BASE_OBJECT));
- PyModule_AddObject(m, "SYSTEM_FLAG_ATTR_IS_RDN",
-
PyInt_FromLong(SYSTEM_FLAG_ATTR_IS_RDN));
- PyModule_AddObject(m, "SYSTEM_FLAG_DISALLOW_MOVE_ON_DELETE",
-
PyInt_FromLong(SYSTEM_FLAG_DISALLOW_MOVE_ON_DELETE));
- PyModule_AddObject(m, "SYSTEM_FLAG_DOMAIN_DISALLOW_MOVE",
-
PyInt_FromLong(SYSTEM_FLAG_DOMAIN_DISALLOW_MOVE));
- PyModule_AddObject(m, "SYSTEM_FLAG_DOMAIN_DISALLOW_RENAME",
-
PyInt_FromLong(SYSTEM_FLAG_DOMAIN_DISALLOW_RENAME));
- PyModule_AddObject(m, "SYSTEM_FLAG_CONFIG_ALLOW_LIMITED_MOVE",
-
PyInt_FromLong(SYSTEM_FLAG_CONFIG_ALLOW_LIMITED_MOVE));
- PyModule_AddObject(m, "SYSTEM_FLAG_CONFIG_ALLOW_MOVE",
-
PyInt_FromLong(SYSTEM_FLAG_CONFIG_ALLOW_MOVE));
- PyModule_AddObject(m, "SYSTEM_FLAG_CONFIG_ALLOW_RENAME",
-
PyInt_FromLong(SYSTEM_FLAG_CONFIG_ALLOW_RENAME));
- PyModule_AddObject(m, "SYSTEM_FLAG_DISALLOW_DELETE",
-
PyInt_FromLong(SYSTEM_FLAG_DISALLOW_DELETE));
+ ADD_DSDB_FLAG(SYSTEM_FLAG_CR_NTDS_NC);
+ ADD_DSDB_FLAG(SYSTEM_FLAG_CR_NTDS_DOMAIN);
+ ADD_DSDB_FLAG(SYSTEM_FLAG_CR_NTDS_NOT_GC_REPLICATED);
+ ADD_DSDB_FLAG(SYSTEM_FLAG_SCHEMA_BASE_OBJECT);
+ ADD_DSDB_FLAG(SYSTEM_FLAG_ATTR_IS_RDN);
+ ADD_DSDB_FLAG(SYSTEM_FLAG_DISALLOW_MOVE_ON_DELETE);
+ ADD_DSDB_FLAG(SYSTEM_FLAG_DOMAIN_DISALLOW_MOVE);
+ ADD_DSDB_FLAG(SYSTEM_FLAG_DOMAIN_DISALLOW_RENAME);
+ ADD_DSDB_FLAG(SYSTEM_FLAG_CONFIG_ALLOW_LIMITED_MOVE);
+ ADD_DSDB_FLAG(SYSTEM_FLAG_CONFIG_ALLOW_MOVE);
+ ADD_DSDB_FLAG(SYSTEM_FLAG_CONFIG_ALLOW_RENAME);
+ ADD_DSDB_FLAG(SYSTEM_FLAG_DISALLOW_DELETE);
/* Kerberos encryption type constants */
- PyModule_AddObject(m, "ENC_ALL_TYPES",
- PyInt_FromLong(ENC_ALL_TYPES));
- PyModule_AddObject(m, "ENC_CRC32",
- PyInt_FromLong(ENC_CRC32));
- PyModule_AddObject(m, "ENC_RSA_MD5",
- PyInt_FromLong(ENC_RSA_MD5));
- PyModule_AddObject(m, "ENC_RC4_HMAC_MD5",
- PyInt_FromLong(ENC_RC4_HMAC_MD5));
- PyModule_AddObject(m, "ENC_HMAC_SHA1_96_AES128",
- PyInt_FromLong(ENC_HMAC_SHA1_96_AES128));
- PyModule_AddObject(m, "ENC_HMAC_SHA1_96_AES256",
- PyInt_FromLong(ENC_HMAC_SHA1_96_AES256));
-
- PyModule_AddObject(m, "SEARCH_FLAG_ATTINDEX",
PyInt_FromLong(SEARCH_FLAG_ATTINDEX));
- PyModule_AddObject(m, "SEARCH_FLAG_PDNTATTINDEX",
PyInt_FromLong(SEARCH_FLAG_PDNTATTINDEX));
- PyModule_AddObject(m, "SEARCH_FLAG_ANR",
PyInt_FromLong(SEARCH_FLAG_ANR));
- PyModule_AddObject(m, "SEARCH_FLAG_PRESERVEONDELETE",
PyInt_FromLong(SEARCH_FLAG_PRESERVEONDELETE));
- PyModule_AddObject(m, "SEARCH_FLAG_COPY",
PyInt_FromLong(SEARCH_FLAG_COPY));
- PyModule_AddObject(m, "SEARCH_FLAG_TUPLEINDEX",
PyInt_FromLong(SEARCH_FLAG_TUPLEINDEX));
- PyModule_AddObject(m, "SEARCH_FLAG_SUBTREEATTRINDEX",
PyInt_FromLong(SEARCH_FLAG_SUBTREEATTRINDEX));
- PyModule_AddObject(m, "SEARCH_FLAG_CONFIDENTIAL",
PyInt_FromLong(SEARCH_FLAG_CONFIDENTIAL));
- PyModule_AddObject(m, "SEARCH_FLAG_NEVERVALUEAUDIT",
PyInt_FromLong(SEARCH_FLAG_NEVERVALUEAUDIT));
- PyModule_AddObject(m, "SEARCH_FLAG_RODC_ATTRIBUTE",
PyInt_FromLong(SEARCH_FLAG_RODC_ATTRIBUTE));
-
- PyModule_AddObject(m, "DS_FLAG_ATTR_NOT_REPLICATED",
PyInt_FromLong(DS_FLAG_ATTR_NOT_REPLICATED));
- PyModule_AddObject(m, "DS_FLAG_ATTR_REQ_PARTIAL_SET_MEMBER",
PyInt_FromLong(DS_FLAG_ATTR_REQ_PARTIAL_SET_MEMBER));
- PyModule_AddObject(m, "DS_FLAG_ATTR_IS_CONSTRUCTED",
PyInt_FromLong(DS_FLAG_ATTR_IS_CONSTRUCTED));
+ ADD_DSDB_FLAG(ENC_ALL_TYPES);
+ ADD_DSDB_FLAG(ENC_CRC32);
+ ADD_DSDB_FLAG(ENC_RSA_MD5);
+ ADD_DSDB_FLAG(ENC_RC4_HMAC_MD5);
+ ADD_DSDB_FLAG(ENC_HMAC_SHA1_96_AES128);
+ ADD_DSDB_FLAG(ENC_HMAC_SHA1_96_AES256);
+
+ ADD_DSDB_FLAG(SEARCH_FLAG_ATTINDEX);
+ ADD_DSDB_FLAG(SEARCH_FLAG_PDNTATTINDEX);
+ ADD_DSDB_FLAG(SEARCH_FLAG_ANR);
+ ADD_DSDB_FLAG(SEARCH_FLAG_PRESERVEONDELETE);
+ ADD_DSDB_FLAG(SEARCH_FLAG_COPY);
+ ADD_DSDB_FLAG(SEARCH_FLAG_TUPLEINDEX);
+ ADD_DSDB_FLAG(SEARCH_FLAG_SUBTREEATTRINDEX);
+ ADD_DSDB_FLAG(SEARCH_FLAG_CONFIDENTIAL);
+ ADD_DSDB_FLAG(SEARCH_FLAG_NEVERVALUEAUDIT);
+ ADD_DSDB_FLAG(SEARCH_FLAG_RODC_ATTRIBUTE);
+
+ ADD_DSDB_FLAG(DS_FLAG_ATTR_NOT_REPLICATED);
+ ADD_DSDB_FLAG(DS_FLAG_ATTR_REQ_PARTIAL_SET_MEMBER);
+ ADD_DSDB_FLAG(DS_FLAG_ATTR_IS_CONSTRUCTED);
+
+ ADD_DSDB_FLAG(DS_NTDSDSA_OPT_IS_GC);
+ ADD_DSDB_FLAG(DS_NTDSDSA_OPT_DISABLE_INBOUND_REPL);
+ ADD_DSDB_FLAG(DS_NTDSDSA_OPT_DISABLE_OUTBOUND_REPL);
+ ADD_DSDB_FLAG(DS_NTDSDSA_OPT_DISABLE_NTDSCONN_XLATE);
+ ADD_DSDB_FLAG(DS_NTDSDSA_OPT_DISABLE_SPN_REGISTRATION);
+
+ ADD_DSDB_FLAG(NTDSCONN_KCC_GC_TOPOLOGY);
+ ADD_DSDB_FLAG(NTDSCONN_KCC_RING_TOPOLOGY);
+ ADD_DSDB_FLAG(NTDSCONN_KCC_MINIMIZE_HOPS_TOPOLOGY);
+ ADD_DSDB_FLAG(NTDSCONN_KCC_STALE_SERVERS_TOPOLOGY);
+ ADD_DSDB_FLAG(NTDSCONN_KCC_OSCILLATING_CONNECTION_TOPOLOGY);
+ ADD_DSDB_FLAG(NTDSCONN_KCC_INTERSITE_GC_TOPOLOGY);
+ ADD_DSDB_FLAG(NTDSCONN_KCC_INTERSITE_TOPOLOGY);
+ ADD_DSDB_FLAG(NTDSCONN_KCC_SERVER_FAILOVER_TOPOLOGY);
+ ADD_DSDB_FLAG(NTDSCONN_KCC_SITE_FAILOVER_TOPOLOGY);
+ ADD_DSDB_FLAG(NTDSCONN_KCC_REDUNDANT_SERVER_TOPOLOGY);
}
diff --git a/source4/rpc_server/drsuapi/dcesrv_drsuapi.c
b/source4/rpc_server/drsuapi/dcesrv_drsuapi.c
index f4dad09..6829416 100644
--- a/source4/rpc_server/drsuapi/dcesrv_drsuapi.c
+++ b/source4/rpc_server/drsuapi/dcesrv_drsuapi.c
@@ -826,7 +826,7 @@ static WERROR dcesrv_drsuapi_DsReplicaGetInfo(struct
dcesrv_call_state *dce_call
if (!lpcfg_parm_bool(dce_call->conn->dce_ctx->lp_ctx, NULL,
"drs", "disable_sec_check", false)) {
level =
security_session_user_level(dce_call->conn->auth_state.session_info, NULL);
- if (level < SECURITY_ADMINISTRATOR) {
+ if (level < SECURITY_DOMAIN_CONTROLLER) {
DEBUG(1,(__location__ ": Administrator access required
for DsReplicaGetInfo\n"));
security_token_debug(0, 2,
dce_call->conn->auth_state.session_info->security_token);
return WERR_DS_DRA_ACCESS_DENIED;
diff --git a/source4/samba_tool/drs/drs.c b/source4/samba_tool/drs/drs.c
deleted file mode 100644
index 78f8c14..0000000
--- a/source4/samba_tool/drs/drs.c
+++ /dev/null
@@ -1,361 +0,0 @@
-/*
- Samba Unix/Linux SMB client library
-
- Implements functions offered by repadmin.exe tool under Windows
-
- Copyright (C) Kamen Mazdrashki <kamen.mazdras...@postpath.com> 2010
-
- This program is free software; you can redistribute it and/or modify
- it under the terms of the GNU General Public License as published by
- the Free Software Foundation; either version 3 of the License, or
- (at your option) any later version.
-
- This program is distributed in the hope that it will be useful,
- but WITHOUT ANY WARRANTY; without even the implied warranty of
- MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
- GNU General Public License for more details.
-
- You should have received a copy of the GNU General Public License
- along with this program. If not, see <http://www.gnu.org/licenses/>.
-*/
-
-#include "includes.h"
-#include "samba_tool/samba_tool.h"
-#include "librpc/gen_ndr/ndr_drsuapi_c.h"
-#include "samba_tool/drs/drs.h"
-#include "lib/ldb/include/ldb.h"
-#include "ldb_wrap.h"
-#include "system/filesys.h"
-
-
-/**
- * 'samba-tool drs' supported sub-commands
- */
-static const struct net_functable net_drs_functable[] = {
- { "bind", "Display replication features for a domain controller\n",
net_drs_bind_cmd, net_drs_bind_usage },
- { "kcc", "Forces the KCC to recalculate replication topology for a
specified domain controller\n",
- net_drs_kcc_cmd, net_drs_kcc_usage },
- { "replicate", "Triggers replication event for the specified naming
context between the source and destination domain controllers.\n",
- net_drs_replicate_cmd, net_drs_replicate_usage },
- { "showrepl", "Displays the replication partners for each directory
partition on the specified domain controller.\n",
- net_drs_showrepl_cmd, net_drs_showrepl_usage },
- { NULL, NULL }
-};
-
-/**
- * 'samba-tool drs' entry point
- */
-int net_drs(struct net_context *ctx, int argc, const char **argv)
-{
- return net_run_function(ctx, argc, argv, net_drs_functable,
net_drs_usage);
-}
-
-/**
- * 'samba-tool drs' usage message
- */
-int net_drs_usage(struct net_context *ctx, int argc, const char **argv)
-{
- d_printf("samba-tool drs <command> [options]\n");
- d_printf("\n");
- d_printf("Currently implemented commands:\n");
- d_printf(" bind - Display DC replication features\n");
- d_printf(" kcc - Forces the KCC to recalculate replication
topology for a specified domain controller\n");
- d_printf(" replicate - Triggers replication event for the specified
naming context between the source and destination domain controllers.\n");
- d_printf(" showrepl - Displays the replication partners for each
directory partition on the specified domain controller.\n");
- return 0;
-}
-
-/**
- * Create drsuapi connection to remote DC
- * and fill-in DC capabilities
- */
-static bool net_drs_DsBind(struct net_drs_context *drs_ctx, struct
net_drs_connection *conn)
-{
- NTSTATUS status;
- struct GUID bind_guid;
- struct drsuapi_DsBind req;
- struct drsuapi_DsBindInfoCtr in_bind_ctr;
- union drsuapi_DsBindInfo *bind_info;
-
- SMB_ASSERT(conn->binding != NULL);
-
- status = dcerpc_pipe_connect_b(conn,
- &conn->drs_pipe,
- conn->binding,
- &ndr_table_drsuapi,
- drs_ctx->net_ctx->credentials,
- drs_ctx->net_ctx->event_ctx,
- drs_ctx->net_ctx->lp_ctx);
- if (!NT_STATUS_IS_OK(status)) {
- d_printf("Failed to connect to server: %s\n",
nt_errstr(status));
- return false;
- }
- conn->drs_handle = conn->drs_pipe->binding_handle;
-
- ZERO_STRUCT(in_bind_ctr);
- in_bind_ctr.length = 48;
- in_bind_ctr.info.info48.pid = (uint32_t)getpid();
- GUID_from_string(DRSUAPI_DS_BIND_GUID, &bind_guid);
- req.in.bind_guid = &bind_guid;
- req.in.bind_info = &in_bind_ctr;
- req.out.bind_handle = &conn->bind_handle;
-
- status = dcerpc_drsuapi_DsBind_r(conn->drs_handle, conn, &req);
- if (!NT_STATUS_IS_OK(status)) {
- const char *errstr = nt_errstr(status);
- d_printf("dcerpc_drsuapi_DsBind failed - %s\n", errstr);
- return false;
- } else if (!W_ERROR_IS_OK(req.out.result)) {
- d_printf("DsBind failed - %s\n", win_errstr(req.out.result));
- return false;
- }
-
- /* fill-in remote DC capabilities */
- ZERO_STRUCT(conn->info48);
- bind_info = &req.out.bind_info->info;
- conn->bind_info_len = req.out.bind_info->length;
- switch (conn->bind_info_len) {
- case 48:
- conn->info48.supported_extensions_ext =
bind_info->info48.supported_extensions_ext;
- conn->info48.config_dn_guid = bind_info->info48.config_dn_guid;
- case 28:
- conn->info48.repl_epoch = bind_info->info28.repl_epoch;
- case 24:
- conn->info48.supported_extensions =
bind_info->info24.supported_extensions;
- conn->info48.site_guid = bind_info->info24.site_guid;
- conn->info48.pid = bind_info->info24.pid;
- break;
- default:
- d_printf("Error: server returned BindInfo length %d",
req.out.bind_info->length);
- return false;
- }
-
- return true;
-}
-
-/**
- * Close DRSUAPI connection to remote DC
- */
-static bool net_drs_DsUnbind(struct net_drs_connection *conn)
-{
- struct drsuapi_DsUnbind r;
- struct policy_handle bind_handle;
-
- SMB_ASSERT(conn->drs_pipe);
-
- ZERO_STRUCT(r);
- r.out.bind_handle = &bind_handle;
-
- r.in.bind_handle = &conn->bind_handle;
- dcerpc_drsuapi_DsUnbind_r(conn->drs_handle, conn, &r);
-
- /* free dcerpc pipe in case we get called more than once */
- talloc_free(conn->drs_pipe);
- conn->drs_pipe = NULL;
- conn->drs_handle = NULL;
-
- return true;
-}
-
-/**
- * Destroy drsuapi connection
- */
-static int net_drs_connection_destructor(struct net_drs_connection *conn)
-{
- if (conn->drs_pipe) {
- net_drs_DsUnbind(conn);
- }
- return 0;
-}
-
-/**
- * Create DRSUAPI connection to target DC
- * @return ptr to net_drs_connection or NULL on failure
- */
-struct net_drs_connection * net_drs_connect_dc(struct net_drs_context
*drs_ctx, const char *dc_name)
-{
- struct net_drs_connection *conn = NULL;
-
- conn = talloc_zero(drs_ctx, struct net_drs_connection);
- NET_DRS_NOMEM_GOTO(conn, failed);
-
- /* init binding */
- conn->binding = talloc_zero(conn, struct dcerpc_binding);
- conn->binding->transport = NCACN_IP_TCP;
- conn->binding->flags = drs_ctx->drs_conn->binding->flags;
- conn->binding->host = talloc_strdup(conn, dc_name);
- conn->binding->target_hostname = conn->binding->host;
-
- if (!net_drs_DsBind(drs_ctx, conn)) {
- goto failed;
- }
-
- talloc_set_destructor(conn, net_drs_connection_destructor);
-
- return conn;
-
--
Samba Shared Repository
