The branch, master has been updated
via 3ecce7f s4-tools: Added a --sort-aces option to ldapcmp
from 528bced s3:build: don't use librpc/gen_ndr/cli_echo.[ch] anymore
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master
- Log -----------------------------------------------------------------
commit 3ecce7f2ee243eb1411e4aa8cb0648d118c1c364
Author: Nadezhda Ivanova <[email protected]>
Date: Mon Jan 17 14:22:22 2011 +0200
s4-tools: Added a --sort-aces option to ldapcmp
This option sorts the ACE lists during SD comparison in collision view to
make it easier to
determine of a difference is only in ACE order, and if not, where do
differences start.
Autobuild-User: Nadezhda Ivanova <[email protected]>
Autobuild-Date: Mon Jan 17 14:09:09 CET 2011 on sn-devel-104
-----------------------------------------------------------------------
Summary of changes:
source4/scripting/python/samba/netcmd/ldapcmp.py | 18 ++++++++++++------
1 files changed, 12 insertions(+), 6 deletions(-)
Changeset truncated at 500 lines:
diff --git a/source4/scripting/python/samba/netcmd/ldapcmp.py
b/source4/scripting/python/samba/netcmd/ldapcmp.py
index dff0c1e..d62b554 100755
--- a/source4/scripting/python/samba/netcmd/ldapcmp.py
+++ b/source4/scripting/python/samba/netcmd/ldapcmp.py
@@ -46,7 +46,7 @@ summary = {}
class LDAPBase(object):
def __init__(self, host, creds, lp,
- two=False, quiet=False, descriptor=False, verbose=False,
+ two=False, quiet=False, descriptor=False, sort_aces=False,
verbose=False,
view="section", base="", scope="SUB"):
ldb_options = []
samdb_url = host
@@ -67,6 +67,7 @@ class LDAPBase(object):
self.two_domains = two
self.quiet = quiet
self.descriptor = descriptor
+ self.sort_aces = sort_aces
self.view = view
self.verbose = verbose
self.host = host
@@ -208,6 +209,8 @@ class Descriptor(object):
self.dn = dn
self.sddl = self.con.get_descriptor_sddl(self.dn)
self.dacl_list = self.extract_dacl()
+ if self.con.sort_aces:
+ self.dacl_list.sort()
def extract_dacl(self):
""" Extracts the DACL as a list of ACE string (with the brakets).
@@ -781,6 +784,8 @@ class cmd_ldapcmp(Command):
help="Print all DN pairs that have been compared"),
Option("--sd", dest="descriptor", action="store_true", default=False,
help="Compare nTSecurityDescriptor attibutes only"),
+ Option("--sort-aces", dest="sort_aces", action="store_true",
default=False,
+ help="Sort ACEs before comparison of nTSecurityDescriptor
attribute"),
Option("--view", dest="view", default="section",
help="Display mode for nTSecurityDescriptor results. Possible
values: section or collision."),
Option("--base", dest="base", default="",
@@ -793,9 +798,8 @@ class cmd_ldapcmp(Command):
def run(self, URL1, URL2,
context1=None, context2=None, context3=None,
- two=False, quiet=False, verbose=False, descriptor=False,
view="section",
- base="", base2="", scope="SUB",
- credopts=None, sambaopts=None, versionopts=None):
+ two=False, quiet=False, verbose=False, descriptor=False,
sort_aces=False, view="section",
+ base="", base2="", scope="SUB", credopts=None, sambaopts=None,
versionopts=None):
lp = sambaopts.get_loadparm()
creds = credopts.get_credentials(lp, fallback_machine=True)
creds2 = credopts.get_credentials2(lp, guess=False)
@@ -835,11 +839,13 @@ class cmd_ldapcmp(Command):
raise CommandError("Invalid --scope value. Choose from: SUB, ONE,
BASE")
con1 = LDAPBase(URL1, creds, lp,
- two=two, quiet=quiet, descriptor=descriptor,
verbose=verbose, view=view, base=base, scope=scope)
+ two=two, quiet=quiet, descriptor=descriptor,
sort_aces=sort_aces,
+ verbose=verbose,view=view, base=base, scope=scope)
assert len(con1.base_dn) > 0
con2 = LDAPBase(URL2, creds2, lp,
- two=two, quiet=quiet, descriptor=descriptor,
verbose=verbose, view=view, base=base2, scope=scope)
+ two=two, quiet=quiet, descriptor=descriptor,
sort_aces=sort_aces,
+ verbose=verbose, view=view, base=base2, scope=scope)
assert len(con2.base_dn) > 0
status = 0
--
Samba Shared Repository
