The branch, master has been updated via d821456 KCC: more pythonic expression in select_istg via 77b47e1 KCC: Write out more DOT files and debug via 03f45bf KCC: Comment noting verbose nature of construct_intrasite_graph() via c7d39d0 KCC: Add comments regarding time handling via 9d2a315 KCC: add --forced-local-dsa option for changing local dsa via e32b52c KCC: add comments, idiomatic changes to intrasite_graph code via cee3f52 KCC: improve log legibility with colour; make more dot graphs via 7375abe KCC: helper function to find config NC replica for a DSA via 42dcaaf samba_kcc: try to implement rep deletion in translate_ntdsconn() via 035a246 KCC: use more pythonic construct for get_current_replica via aee0a96 kcc: Reduce code verbosity in dumpstr_* functions via 9dff16b kcc: add labels to dot files via 1fc7e5b KCC: highlight our deviation from the spec in color_vertices via 9e78375 samba_kcc: add an option to set assumed current time via a59c8ed KCC: Create Graphviz dot files showing network topology via ddb5149 KCC: correct the comparison for lost link timeout via 0884482 kcc: Add a TODO for is_bridgehead_failed via 906ed3d kcc: add some more debug messages via bb4c350 kcc: correctly calculate the number of components via 9864192 kcc: Export extended_dn to be used by import via e742720 kcc: Make debugging slightly clearer via 6ccbd18 kcc: Use remote vertex instead of local vertex in getting bridgehead via fc93fa4 kcc: Use correct parent in kruskal algorithm via 547cdaa kcc: Remove unused is_sitelink call via d583913 kcc: Remove DN translation for Site GUID via 99d4efc kcc: Factor out MAX_DWORD via 6a62db3 kcc: convert identification of sites from DN to GUID via 6bb48d5 kcc: remove unnecessary find site link code via 96ef2d5 kcc: Convert transport identification from DN to GUID via 9c5729d kcc: Start using proper GUIDs for comparison via 6decd8e kcc: Implement update_rodc_connection to maintain the FRS via 5e63b8f samba_kcc: Add basic skeleton for KCC intersite algorithm via 4ac7c79 kcc_utils: Create the new classes for the intersite algorithm via 189f040 selftest: Force the KCC to run and another replication at rodc startup via cf57e61 samba_kcc: Ensure we bail out if s_dsa is None via a7173e1 samba_kcc: Fix use-before assignment via 100ec32 samba_kcc: Do not attempt to modify connections on a RODC, replicated attributes are read only via fc932ea samba_kcc: Fix compile failures and correctly implement MS-ADTS 6.2.2.3.1 ISTG selection via 17da38b kcc: typo fix in AttributeError Exception via a7c9313 kcc: Fix typos in original samba_kcc via d486e4c samba_kcc: Fix existing syntax errors preventing samba_kcc from running via 204fe65 samba_kcc: Do not catch all exceptions, we need the backtrace via c1c25b4 dsdb: Relax the check for the RID set DN via caf74b7 s4-rpc_server/drsuapi: Fix timeouts on forwarded DsExecuteKCC IRPC call via 8694331 kcc: Wait until the samba_kcc script runs to declare success to the caller from ce4830e Fix segfault in the very rare case when we are not able to find the rootnamingcontext
https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log ----------------------------------------------------------------- commit d821456b848a2cc3fb15e249218650b6e922e823 Author: Douglas Bagnall <douglas.bagn...@catalyst.net.nz> Date: Fri Mar 6 17:59:14 2015 +1300 KCC: more pythonic expression in select_istg Signed-off-by: Douglas Bagnall <douglas.bagn...@catalyst.net.nz> Reviewed-by: Garming Sam <garm...@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abart...@samba.org> Autobuild-User(master): Andrew Bartlett <abart...@samba.org> Autobuild-Date(master): Thu May 28 10:14:12 CEST 2015 on sn-devel-104 commit 77b47e1ce4068dc18470cd3fa8104c20622b4e82 Author: Douglas Bagnall <douglas.bagn...@catalyst.net.nz> Date: Thu Apr 23 11:46:09 2015 +1200 KCC: Write out more DOT files and debug Signed-off-by: Douglas Bagnall <douglas.bagn...@catalyst.net.nz> Reviewed-by: Garming Sam <garm...@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abart...@samba.org> commit 03f45bf75f1ef33997c66f394e5063f8ddf15df5 Author: Douglas Bagnall <douglas.bagn...@catalyst.net.nz> Date: Thu Apr 23 11:45:33 2015 +1200 KCC: Comment noting verbose nature of construct_intrasite_graph() Signed-off-by: Andrew Bartlett <abart...@samba.org> Signed-off-by: Douglas Bagnall <douglas.bagn...@catalyst.net.nz> Reviewed-by: Garming Sam <garm...@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abart...@samba.org> commit c7d39d0a522c76bf67a277650ff84b4abfda1ee1 Author: Douglas Bagnall <douglas.bagn...@catalyst.net.nz> Date: Thu Apr 23 12:16:36 2015 +1200 KCC: Add comments regarding time handling Signed-off-by: Douglas Bagnall <douglas.bagn...@catalyst.net.nz> Reviewed-by: Garming Sam <garm...@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abart...@samba.org> commit 9d2a31546cf6d3acfb9ad2661cdd182a5e3a8b72 Author: Andrew Bartlett <abart...@samba.org> Date: Thu Apr 23 11:44:12 2015 +1200 KCC: add --forced-local-dsa option for changing local dsa For testing it is useful to pretend a DSA is local against the preferences of the database. Signed-off-by: Andrew Bartlett <abart...@samba.org> Signed-off-by: Douglas Bagnall <douglas.bagn...@catalyst.net.nz> Reviewed-by: Garming Sam <garm...@catalyst.net.nz> commit e32b52c740707729a3d268f5091a759879a5b703 Author: Douglas Bagnall <douglas.bagn...@catalyst.net.nz> Date: Fri Mar 6 15:32:27 2015 +1300 KCC: add comments, idiomatic changes to intrasite_graph code Using `x in foo_dict.keys()` is the same as `x in foo_dict`, except it is O(n) instead of O(1) and is not the way things are done in Python. Signed-off-by: Douglas Bagnall <douglas.bagn...@catalyst.net.nz> Reviewed-by: Garming Sam <garm...@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abart...@samba.org> commit cee3f52d7829d279c137fa493be336e5794f559c Author: Douglas Bagnall <douglas.bagn...@catalyst.net.nz> Date: Fri Mar 6 15:28:29 2015 +1300 KCC: improve log legibility with colour; make more dot graphs To see the colours in less, use -R. bin/samba_kcc --debug -H whatever/sam.ldb | less -R Signed-off-by: Douglas Bagnall <douglas.bagn...@catalyst.net.nz> Reviewed-by: Garming Sam <garm...@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abart...@samba.org> commit 7375abec64650f4c09b0c60baed95d29df955783 Author: Douglas Bagnall <douglas.bagn...@catalyst.net.nz> Date: Fri Mar 6 15:17:24 2015 +1300 KCC: helper function to find config NC replica for a DSA This logic is going to be used elsewhere (for dot debugging). Also add a dedicated KCC Exception class. Signed-off-by: Douglas Bagnall <douglas.bagn...@catalyst.net.nz> Reviewed-by: Garming Sam <garm...@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abart...@samba.org> commit 42dcaaf3b191a0fa450a656bb3071fcf2589c81a Author: Douglas Bagnall <douglas.bagn...@catalyst.net.nz> Date: Thu Mar 5 17:30:34 2015 +1300 samba_kcc: try to implement rep deletion in translate_ntdsconn() The trouble is it does nothing in our test case as there are no reps that need deleting. Also adding some tidy-ups and pointers to the reference. Signed-off-by: Douglas Bagnall <douglas.bagn...@catalyst.net.nz> Reviewed-by: Garming Sam <garm...@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abart...@samba.org> commit 035a2466798ce8993754085bbf0bc9613ce10c4d Author: Douglas Bagnall <douglas.bagn...@catalyst.net.nz> Date: Thu Mar 5 17:26:53 2015 +1300 KCC: use more pythonic construct for get_current_replica Signed-off-by: Douglas Bagnall <douglas.bagn...@catalyst.net.nz> Reviewed-by: Garming Sam <garm...@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abart...@samba.org> commit aee0a9620d398e591e2af69b26c4b23e887916ab Author: Douglas Bagnall <douglas.bagn...@catalyst.net.nz> Date: Thu Mar 5 14:53:55 2015 +1300 kcc: Reduce code verbosity in dumpstr_* functions Signed-off-by: Douglas Bagnall <douglas.bagn...@catalyst.net.nz> Reviewed-by: Garming Sam <garm...@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abart...@samba.org> commit 9dff16bd9ced3296801bd52aa653a059dad80f26 Author: Douglas Bagnall <douglas.bagn...@catalyst.net.nz> Date: Thu Mar 5 11:50:24 2015 +1300 kcc: add labels to dot files Signed-off-by: Douglas Bagnall <douglas.bagn...@catalyst.net.nz> Reviewed-by: Garming Sam <garm...@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abart...@samba.org> commit 1fc7e5ba6097302dc91ba22821d420899177b700 Author: Douglas Bagnall <douglas.bagn...@catalyst.net.nz> Date: Thu Mar 5 11:46:39 2015 +1300 KCC: highlight our deviation from the spec in color_vertices The documentation didn't make much sense. Worked out by Garming. Signed-off-by: Douglas Bagnall <douglas.bagn...@catalyst.net.nz> Reviewed-by: Garming Sam <garm...@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abart...@samba.org> commit 9e78375d2c822de021c8083eabfa2aee7455d515 Author: Douglas Bagnall <douglas.bagn...@catalyst.net.nz> Date: Thu Mar 5 11:40:55 2015 +1300 samba_kcc: add an option to set assumed current time The KCC algorithm contains a timeouts in a couple of places, and we need to be able to set the time for testing these. This also means samba_kcc uses the same time in all places. Signed-off-by: Douglas Bagnall <douglas.bagn...@catalyst.net.nz> Reviewed-by: Garming Sam <garm...@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abart...@samba.org> commit a59c8ed7bc15dec4862066bec82658d4916325ab Author: Douglas Bagnall <douglas.bagn...@catalyst.net.nz> Date: Fri Feb 27 18:21:19 2015 +1300 KCC: Create Graphviz dot files showing network topology This tries to record some information about what the graph is (e.g which partition), though it is not very readable. Pair-programmed-with: Garming Sam <garm...@catalyst.net.nz> Signed-off-by: Douglas Bagnall <douglas.bagn...@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abart...@samba.org> commit ddb51493734b3aa3d3c7a48e78045ea16f7902a4 Author: Douglas Bagnall <douglas.bagn...@catalyst.net.nz> Date: Wed Mar 4 13:05:37 2015 +1300 KCC: correct the comparison for lost link timeout Signed-off-by: Douglas Bagnall <douglas.bagn...@catalyst.net.nz> Reviewed-by: Garming Sam <garm...@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abart...@samba.org> commit 0884482b00ad3d30872962e96d00c72644463d30 Author: Garming Sam <garm...@catalyst.net.nz> Date: Fri Mar 13 16:22:18 2015 +1300 kcc: Add a TODO for is_bridgehead_failed Signed-off-by: Garming Sam <garm...@catalyst.net.nz> Signed-off-by: Douglas Bagnall <douglas.bagn...@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abart...@samba.org> commit 906ed3d557026de410d944f2bcd172a352ffb0b6 Author: Garming Sam <garm...@catalyst.net.nz> Date: Fri Mar 13 16:21:44 2015 +1300 kcc: add some more debug messages Signed-off-by: Garming Sam <garm...@catalyst.net.nz> Signed-off-by: Douglas Bagnall <douglas.bagn...@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abart...@samba.org> commit bb4c35011bb8852d2c4ee8770009698fda713205 Author: Garming Sam <garm...@catalyst.net.nz> Date: Fri Mar 13 16:21:02 2015 +1300 kcc: correctly calculate the number of components Signed-off-by: Garming Sam <garm...@catalyst.net.nz> Signed-off-by: Douglas Bagnall <douglas.bagn...@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abart...@samba.org> commit 9864192a26cff3eb26d3a1c1eba9840b47c7b952 Author: Garming Sam <garm...@catalyst.net.nz> Date: Fri Mar 13 16:20:37 2015 +1300 kcc: Export extended_dn to be used by import Signed-off-by: Garming Sam <garm...@catalyst.net.nz> Signed-off-by: Douglas Bagnall <douglas.bagn...@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abart...@samba.org> commit e742720ad829b71f860ed54fdbd982e13bf06754 Author: Garming Sam <garm...@catalyst.net.nz> Date: Fri Mar 13 16:17:42 2015 +1300 kcc: Make debugging slightly clearer Signed-off-by: Garming Sam <garm...@catalyst.net.nz> Signed-off-by: Douglas Bagnall <douglas.bagn...@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abart...@samba.org> commit 6ccbd187151bc98be8a50ba452a37cfbd7194fde Author: Garming Sam <garm...@catalyst.net.nz> Date: Fri Mar 13 16:14:20 2015 +1300 kcc: Use remote vertex instead of local vertex in getting bridgehead Signed-off-by: Garming Sam <garm...@catalyst.net.nz> Signed-off-by: Douglas Bagnall <douglas.bagn...@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abart...@samba.org> commit fc93fa45da663ee49c6ccb4f89d047f5b651d5e5 Author: Garming Sam <garm...@catalyst.net.nz> Date: Fri Feb 27 18:20:38 2015 +1300 kcc: Use correct parent in kruskal algorithm Signed-off-by: Garming Sam <garm...@catalyst.net.nz> Signed-off-by: Douglas Bagnall <douglas.bagn...@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abart...@samba.org> commit 547cdaa120ae3ac1fdcd9958815d45756e37ba53 Author: Garming Sam <garm...@catalyst.net.nz> Date: Tue Feb 24 14:14:33 2015 +1300 kcc: Remove unused is_sitelink call Signed-off-by: Garming Sam <garm...@catalyst.net.nz> Signed-off-by: Douglas Bagnall <douglas.bagn...@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abart...@samba.org> commit d5839133377d481a4ec362e58b185b65c8a9353d Author: Garming Sam <garm...@catalyst.net.nz> Date: Tue Feb 24 14:13:52 2015 +1300 kcc: Remove DN translation for Site GUID Signed-off-by: Garming Sam <garm...@catalyst.net.nz> Signed-off-by: Douglas Bagnall <douglas.bagn...@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abart...@samba.org> commit 99d4efc917699a9ad42d3b028581b46b1852eb4e Author: Garming Sam <garm...@catalyst.net.nz> Date: Tue Feb 24 11:44:11 2015 +1300 kcc: Factor out MAX_DWORD Signed-off-by: Garming Sam <garm...@catalyst.net.nz> Signed-off-by: Douglas Bagnall <douglas.bagn...@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abart...@samba.org> commit 6a62db398344b54d4a02bba81ec8abc0fce950b4 Author: Garming Sam <garm...@catalyst.net.nz> Date: Tue Feb 24 11:04:58 2015 +1300 kcc: convert identification of sites from DN to GUID Signed-off-by: Garming Sam <garm...@catalyst.net.nz> Signed-off-by: Douglas Bagnall <douglas.bagn...@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abart...@samba.org> commit 6bb48d5c0eafa439c6b47d5a780d8800f618ff8f Author: Garming Sam <garm...@catalyst.net.nz> Date: Tue Feb 24 10:48:34 2015 +1300 kcc: remove unnecessary find site link code This code was originally used to form n-to-n replication. Signed-off-by: Garming Sam <garm...@catalyst.net.nz> Signed-off-by: Douglas Bagnall <douglas.bagn...@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abart...@samba.org> commit 96ef2d556bac347f838cfa286d329d420e3dd2b4 Author: Garming Sam <garm...@catalyst.net.nz> Date: Mon Feb 23 15:06:41 2015 +1300 kcc: Convert transport identification from DN to GUID Signed-off-by: Garming Sam <garm...@catalyst.net.nz> Signed-off-by: Douglas Bagnall <douglas.bagn...@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abart...@samba.org> commit 9c5729d182c8201fac46e60ed1f92934d018d8db Author: Garming Sam <garm...@catalyst.net.nz> Date: Mon Feb 23 14:28:34 2015 +1300 kcc: Start using proper GUIDs for comparison Signed-off-by: Garming Sam <garm...@catalyst.net.nz> Signed-off-by: Douglas Bagnall <douglas.bagn...@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abart...@samba.org> commit 6decd8e94e7f05b3156c3f12744d8c1e55755c47 Author: Garming Sam <garm...@catalyst.net.nz> Date: Mon Feb 23 12:10:29 2015 +1300 kcc: Implement update_rodc_connection to maintain the FRS Signed-off-by: Garming Sam <garm...@catalyst.net.nz> Signed-off-by: Douglas Bagnall <douglas.bagn...@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abart...@samba.org> commit 5e63b8f705696c6b1172274d3e88ae7a2c3df398 Author: Garming Sam <garm...@catalyst.net.nz> Date: Fri Mar 13 14:36:05 2015 +1300 samba_kcc: Add basic skeleton for KCC intersite algorithm This enables the use of the intersite calculated list of edges Signed-off-by: Garming Sam <garm...@catalyst.net.nz> Signed-off-by: Douglas Bagnall <douglas.bagn...@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abart...@samba.org> commit 4ac7c7998bedb6e9d03ba20e6895082a5d0aa675 Author: Garming Sam <garm...@catalyst.net.nz> Date: Wed Feb 18 18:21:19 2015 +1300 kcc_utils: Create the new classes for the intersite algorithm Also sorts vertex color by preference in sorting algorithms. Signed-off-by: Garming Sam <garm...@catalyst.net.nz> Signed-off-by: Douglas Bagnall <douglas.bagn...@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abart...@samba.org> commit 189f0404c692f34b8c0c15bb3bef64dbc93128ee Author: Andrew Bartlett <abart...@samba.org> Date: Fri Feb 20 17:56:39 2015 +1300 selftest: Force the KCC to run and another replication at rodc startup This shows that replication using the RODC username/password actually works Signed-off-by: Andrew Bartlett <abart...@samba.org> Reviewed-by: Garming Sam <garm...@catalyst.net.nz> commit cf57e61d7b5b16169ae4a61ba9c53e6f952f6d4d Author: Andrew Bartlett <abart...@samba.org> Date: Fri Feb 20 11:53:11 2015 +1300 samba_kcc: Ensure we bail out if s_dsa is None Previously we could continue and fail due to attempting to de-reference this Signed-off-by: Andrew Bartlett <abart...@samba.org> Signed-off-by: Douglas Bagnall <douglas.bagn...@catalyst.net.nz> Reviewed-by: Garming Sam <garm...@catalyst.net.nz> commit a7173e164792980d7f98cc104d217cb1b4713255 Author: Andrew Bartlett <abart...@samba.org> Date: Thu Feb 19 14:57:08 2015 +1300 samba_kcc: Fix use-before assignment Signed-off-by: Andrew Bartlett <abart...@samba.org> Signed-off-by: Douglas Bagnall <douglas.bagn...@catalyst.net.nz> Reviewed-by: Garming Sam <garm...@catalyst.net.nz> commit 100ec32abad4e67793f1b5e55a890a41c0c9730b Author: Andrew Bartlett <abart...@samba.org> Date: Thu Feb 19 10:20:48 2015 +1300 samba_kcc: Do not attempt to modify connections on a RODC, replicated attributes are read only Signed-off-by: Andrew Bartlett <abart...@samba.org> Signed-off-by: Douglas Bagnall <douglas.bagn...@catalyst.net.nz> Reviewed-by: Garming Sam <garm...@catalyst.net.nz> commit fc932eace8ace5a4cc21b75c7c91f3f1d554948a Author: Andrew Bartlett <abart...@samba.org> Date: Wed Feb 18 12:13:38 2015 +1300 samba_kcc: Fix compile failures and correctly implement MS-ADTS 6.2.2.3.1 ISTG selection The previous code did not operate as c_rep.source_dsa_invocation_id was not valid, and in any case this was not the correct check. We need to look for the old interSiteTopologyGenerator in our list of replication partners, and confirm it is current. Andrew Bartlett Signed-off-by: Andrew Bartlett <abart...@samba.org> Reviewed-by: Garming Sam <garm...@catalyst.net.nz> commit 17da38b99f0e118937b08e2ad7b39bd76331b547 Author: Garming Sam <garm...@catalyst.net.nz> Date: Fri Apr 10 16:17:50 2015 +1200 kcc: typo fix in AttributeError Exception Signed-off-by: Garming Sam <garm...@catalyst.net.nz> Signed-off-by: Douglas Bagnall <douglas.bagn...@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abart...@samba.org> commit a7c93139a15b9d39fb1091972611b7e710eb1317 Author: Garming Sam <garm...@catalyst.net.nz> Date: Fri Feb 27 18:19:06 2015 +1300 kcc: Fix typos in original samba_kcc Signed-off-by: Garming Sam <garm...@catalyst.net.nz> Signed-off-by: Douglas Bagnall <douglas.bagn...@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abart...@samba.org> commit d486e4ce6f8aa2ae455345f25ac26f71de2ba21b Author: Garming Sam <garm...@catalyst.net.nz> Date: Fri Jan 23 09:43:55 2015 +1300 samba_kcc: Fix existing syntax errors preventing samba_kcc from running Signed-off-by: Garming Sam <garm...@catalyst.net.nz> Signed-off-by: Douglas Bagnall <douglas.bagn...@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abart...@samba.org> commit 204fe65be2e8937e471be39b51b92d5ee9b8566e Author: Andrew Bartlett <abart...@samba.org> Date: Wed Feb 18 12:16:29 2015 +1300 samba_kcc: Do not catch all exceptions, we need the backtrace Debugging samba_kcc with all exceptions turned off just is not practical. Signed-off-by: Andrew Bartlett <abart...@samba.org> Reviewed-by: Garming Sam <garm...@catalyst.net.nz> commit c1c25b493947e4fff8ed69a801a6c1f07cfd8571 Author: Andrew Bartlett <abart...@samba.org> Date: Thu Feb 19 10:19:37 2015 +1300 dsdb: Relax the check for the RID set DN This was preventing the correct generation of error messages and referrals on an RODC. An RODC does not have a RID set. Signed-off-by: Andrew Bartlett <abart...@samba.org> Reviewed-by: Garming Sam <garm...@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abart...@samba.org> commit caf74b7df54d2f9d38083ab519159fcc746d07ee Author: Douglas Bagnall <douglas.bagn...@catalyst.net.nz> Date: Thu May 28 16:40:31 2015 +1200 s4-rpc_server/drsuapi: Fix timeouts on forwarded DsExecuteKCC IRPC call This matches other forwarded calls Signed-off-by: Andrew Bartlett <abart...@samba.org> Reviewed-by: Garming Sam <garm...@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abart...@samba.org> commit 86943313f22627b8e35f04e7d29bd22acfd587af Author: Andrew Bartlett <abart...@samba.org> Date: Wed Feb 18 16:42:09 2015 +1300 kcc: Wait until the samba_kcc script runs to declare success to the caller This allows us to tell if this script even executes, without looking in the logs. Signed-off-by: Andrew Bartlett <abart...@samba.org> Reviewed-by: Garming Sam <garm...@catalyst.net.nz> ----------------------------------------------------------------------- Summary of changes: python/samba/kcc_utils.py | 387 ++++++++---- selftest/target/Samba4.pm | 61 +- source4/dsdb/kcc/kcc_periodic.c | 5 +- source4/dsdb/kcc/kcc_service.c | 105 +++- source4/dsdb/samdb/ldb_modules/objectclass.c | 8 +- source4/rpc_server/drsuapi/dcesrv_drsuapi.c | 14 +- source4/scripting/bin/samba_kcc | 848 ++++++++++++++++++++++++--- 7 files changed, 1228 insertions(+), 200 deletions(-) Changeset truncated at 500 lines: diff --git a/python/samba/kcc_utils.py b/python/samba/kcc_utils.py index 9c6b762..d392033 100644 --- a/python/samba/kcc_utils.py +++ b/python/samba/kcc_utils.py @@ -29,6 +29,26 @@ from samba.dcerpc import ( from samba.common import dsdb_Dn from samba.ndr import (ndr_unpack, ndr_pack) +#colours for prettier logs +C_NORMAL = "\033[00m" +DARK_RED = "\033[00;31m" +RED = "\033[01;31m" +DARK_GREEN = "\033[00;32m" +GREEN = "\033[01;32m" +YELLOW = "\033[01;33m" +DARK_YELLOW = "\033[00;33m" +DARK_BLUE = "\033[00;34m" +BLUE = "\033[01;34m" +PURPLE = "\033[00;35m" +MAGENTA = "\033[01;35m" +DARK_CYAN = "\033[00;36m" +CYAN = "\033[01;36m" +GREY = "\033[00;37m" +WHITE = "\033[01;37m" +REV_RED = "\033[01;41m" + +class KCCError(Exception): + pass class NCType(object): (unknown, schema, domain, config, application) = range(0, 5) @@ -53,7 +73,7 @@ class NamingContext(object): def __str__(self): '''Debug dump string output of class''' - text = "%s:" % self.__class__.__name__ + text = "%s%s%s:" % (CYAN, self.__class__.__name__, C_NORMAL) text = text + "\n\tnc_dnstr=%s" % self.nc_dnstr text = text + "\n\tnc_guid=%s" % str(self.nc_guid) @@ -73,7 +93,7 @@ class NamingContext(object): scope=ldb.SCOPE_BASE, attrs=attrs) except ldb.LdbError, (enum, estr): - raise Exception("Unable to find naming context (%s)" % + raise Exception("Unable to find naming context (%s) - (%s)" % (self.nc_dnstr, estr)) msg = res[0] if "objectGUID" in msg: @@ -375,27 +395,42 @@ class NCReplica(NamingContext): except ldb.LdbError, estr: raise Exception("Could not set repsFrom for (%s) - (%s)" % - (self.dsa_dnstr, estr)) + (self.nc_dnstr, estr)) + + def load_replUpToDateVector(self, samdb): + """Given an NC replica which has been discovered thru the nTDSDSA + database object, load the replUpToDateVector attribute for the local replica. + held by my dsa. The replUpToDateVector attribute is not replicated so this + attribute is relative only to the local DSA that the samdb exists on + """ + try: + res = samdb.search(base=self.nc_dnstr, scope=ldb.SCOPE_BASE, + attrs=[ "replUpToDateVector" ]) + + except ldb.LdbError, (enum, estr): + raise Exception("Unable to find NC for (%s) - (%s)" % + (self.nc_dnstr, estr)) + + msg = res[0] + + # Possibly no replUpToDateVector if this is a singleton DC + if "replUpToDateVector" in msg: + value = msg["replUpToDateVector"][0] + replUpToDateVectorBlob = ndr_unpack(drsblobs.replUpToDateVectorBlob, value) + if replUpToDateVectorBlob.version != 2: + # Samba only generates version 2, and this runs locally + raise AttributeError("Unexpected replUpToDateVector version %d" + % replUpToDateVectorBlob.version) + + self.rep_replUpToDateVector_cursors = replUpToDateVectorBlob.ctr.cursors + else: + self.rep_replUpToDateVector_cursors = [] def dumpstr_to_be_deleted(self): - text="" - for repsFrom in self.rep_repsFrom: - if repsFrom.to_be_deleted: - if text: - text = text + "\n%s" % repsFrom - else: - text = "%s" % repsFrom - return text + return '\n'.join(str(x) for x in self.rep_repsFrom if x.to_be_deleted) def dumpstr_to_be_modified(self): - text="" - for repsFrom in self.rep_repsFrom: - if repsFrom.is_modified(): - if text: - text = text + "\n%s" % repsFrom - else: - text = "%s" % repsFrom - return text + return '\n'.join(str(x) for x in self.rep_repsFrom if x.is_modified()) def load_fsmo_roles(self, samdb): """Given an NC replica which has been discovered thru the nTDSDSA @@ -478,10 +513,7 @@ class DirectoryServiceAgent(object): return text def get_current_replica(self, nc_dnstr): - if nc_dnstr in self.current_rep_table.keys(): - return self.current_rep_table[nc_dnstr] - else: - return None + return self.current_rep_table.get(nc_dnstr) def is_istg(self): '''Returns True if dsa is intersite topology generator for it's site''' @@ -629,7 +661,7 @@ class DirectoryServiceAgent(object): flags = dsdn.get_binary_integer() dnstr = str(dsdn.dn) - if not dnstr in tmp_table.keys(): + if not dnstr in tmp_table: rep = NCReplica(self.dsa_dnstr, self.dsa_guid, dnstr) tmp_table[dnstr] = rep else: @@ -653,10 +685,9 @@ class DirectoryServiceAgent(object): def add_needed_replica(self, rep): """Method to add a NC replica that "should be present" to the - needed_rep_table if not already in the table + needed_rep_table. """ - if not rep.nc_dnstr in self.needed_rep_table.keys(): - self.needed_rep_table[rep.nc_dnstr] = rep + self.needed_rep_table[rep.nc_dnstr] = rep def load_connection_table(self, samdb): """Method to load the nTDSConnections listed for DSA object. @@ -729,33 +760,15 @@ class DirectoryServiceAgent(object): def dumpstr_current_replica_table(self): '''Debug dump string output of current replica table''' - text="" - for k in self.current_rep_table.keys(): - if text: - text = text + "\n%s" % self.current_rep_table[k] - else: - text = "%s" % self.current_rep_table[k] - return text + return '\n'.join(str(x) for x in self.current_rep_table) def dumpstr_needed_replica_table(self): '''Debug dump string output of needed replica table''' - text="" - for k in self.needed_rep_table.keys(): - if text: - text = text + "\n%s" % self.needed_rep_table[k] - else: - text = "%s" % self.needed_rep_table[k] - return text + return '\n'.join(str(x) for x in self.needed_rep_table) def dumpstr_connect_table(self): '''Debug dump string output of connect table''' - text="" - for k in self.connect_table.keys(): - if text: - text = text + "\n%s" % self.connect_table[k] - else: - text = "%s" % self.connect_table[k] - return text + return '\n'.join(str(x) for x in self.connect_table) def new_connection(self, options, flags, transport, from_dnstr, sched): """Set up a new connection for the DSA based on input @@ -774,6 +787,7 @@ class DirectoryServiceAgent(object): if transport is not None: connect.transport_dnstr = transport.dnstr + connect.transport_guid = transport.guid if sched is not None: connect.schedule = sched @@ -902,11 +916,11 @@ class NTDSConnection(object): msg["objectGUID"][0])) if "transportType" in msg: - dsdn = dsdb_Dn(samdb, msg["tranportType"][0]) + dsdn = dsdb_Dn(samdb, msg["transportType"][0]) self.load_connection_transport(samdb, str(dsdn.dn)) if "schedule" in msg: - self.schedule = ndr_unpack(drsblobs.replSchedule, msg["schedule"][0]) + self.schedule = ndr_unpack(drsblobs.schedule, msg["schedule"][0]) if "whenCreated" in msg: self.whenCreated = ldb.string_to_time(msg["whenCreated"][0]) @@ -928,7 +942,7 @@ class NTDSConnection(object): scope=ldb.SCOPE_BASE, attrs=attrs) except ldb.LdbError, (enum, estr): - raise Exception("Unable to find transport (%s)" % + raise Exception("Unable to find transport (%s) - (%s)" % (tdnstr, estr)) if "objectGUID" in res[0]: @@ -1393,12 +1407,14 @@ class Site(object): """An individual site object discovered thru the configuration naming context. Contains all DSAs that exist within the site """ - def __init__(self, site_dnstr): + def __init__(self, site_dnstr, unix_now): self.site_dnstr = site_dnstr + self.site_guid = None self.site_options = 0 self.site_topo_generator = None self.site_topo_failover = 0 # appears to be in minutes self.dsa_table = {} + self.unix_now = unix_now def load_site(self, samdb): """Loads the NTDS Site Settions options attribute for the site @@ -1412,6 +1428,8 @@ class Site(object): try: res = samdb.search(base=ssdn, scope=ldb.SCOPE_BASE, attrs=attrs) + self_res = samdb.search(base=self.site_dnstr, scope=ldb.SCOPE_BASE, + attrs=['objectGUID']) except ldb.LdbError, (enum, estr): raise Exception("Unable to find site settings for (%s) - (%s)" % (ssdn, estr)) @@ -1426,6 +1444,11 @@ class Site(object): if "interSiteTopologyFailover" in msg: self.site_topo_failover = int(msg["interSiteTopologyFailover"][0]) + msg = self_res[0] + if "objectGUID" in msg: + self.site_guid = misc.GUID(samdb.schema_format_value("objectGUID", + msg["objectGUID"][0])) + self.load_all_dsa(samdb) def load_all_dsa(self, samdb): @@ -1444,7 +1467,7 @@ class Site(object): dnstr = str(msg.dn) # already loaded - if dnstr in self.dsa_table.keys(): + if dnstr in self.dsa_table: continue dsa = DirectoryServiceAgent(dnstr) @@ -1484,21 +1507,16 @@ class Site(object): mydsa.dsa_is_istg = True return True - # Find configuration NC replica for my DSA - for c_rep in mydsa.current_rep_table.values(): - if c_rep.is_config(): - break - - if c_rep is None: - raise Exception("Unable to find config NC replica for (%s)" % - mydsa.dsa_dnstr) + c_rep = get_dsa_config_rep(mydsa) - # Load repsFrom if not already loaded so we can get the current + # Load repsFrom and replUpToDateVector if not already loaded so we can get the current # state of the config replica and whether we are getting updates # from the istg c_rep.load_repsFrom(samdb) - # From MS-Tech ISTG selection: + c_rep.load_replUpToDateVector(samdb) + + # From MS-ADTS 6.2.2.3.1 ISTG selection: # First, the KCC on a writable DC determines whether it acts # as an ISTG for its site # @@ -1512,17 +1530,10 @@ class Site(object): # Which is a fancy way of saying "sort all the nTDSDSA objects # in the site by guid in ascending order". Place sorted list # in D_sort[] - D_sort = [] - d_dsa = None - - unixnow = int(time.time()) # seconds since 1970 - ntnow = unix2nttime(unixnow) # double word number of 100 nanosecond - # intervals since 1600s - - for dsa in self.dsa_table.values(): - D_sort.append(dsa) + D_sort = sorted(self.dsa_table.values(), cmp=sort_dsa_by_guid) - D_sort.sort(sort_dsa_by_guid) + ntnow = unix2nttime(self.unix_now) # double word number of 100 nanosecond + # intervals since 1600s # Let f be the duration o!interSiteTopologyFailover seconds, or 2 hours # if o!interSiteTopologyFailover is 0 or has no value. @@ -1533,6 +1544,7 @@ class Site(object): # interSiteTopologyFailover (if set) appears to be in minutes # so we'll need to convert to senconds and then 100 nanosecond # intervals + # XXX [MS-ADTS] 6.2.2.3.1 says it is seconds, not minutes. # # 10,000,000 is number of 100 nanosecond intervals in a second if self.site_topo_failover == 0: @@ -1540,18 +1552,17 @@ class Site(object): else: f = self.site_topo_failover * 60 * 10000000 - # From MS-Tech ISTG selection: + # Let o be the site settings object for the site of the local + # DC, or NULL if no such o exists. + d_dsa = self.dsa_table.get(self.site_topo_generator) + + # From MS-ADTS 6.2.2.3.1 ISTG selection: # If o != NULL and o!interSiteTopologyGenerator is not the # nTDSDSA object for the local DC and # o!interSiteTopologyGenerator is an element dj of sequence D: # - if self.site_topo_generator is not None and \ - self.site_topo_generator in self.dsa_table.keys(): - d_dsa = self.dsa_table[self.site_topo_generator] - j_idx = D_sort.index(d_dsa) - if d_dsa is not None and d_dsa is not mydsa: - # From MS-Tech ISTG selection: + # From MS-ADTS 6.2.2.3.1 ISTG Selection: # Let c be the cursor in the replUpToDateVector variable # associated with the NC replica of the config NC such # that c.uuidDsa = dj!invocationId. If no such c exists @@ -1570,16 +1581,27 @@ class Site(object): # # last_success appears to be a double word containing # number of 100 nanosecond intervals since the 1600s - if d_dsa.dsa_ivid != c_rep.source_dsa_invocation_id: - i_idx = j_idx - t_time = 0 - - elif ntnow < (c_rep.last_success - f): + j_idx = D_sort.index(d_dsa) + + found = False + for cursor in c_rep.rep_replUpToDateVector_cursors: + if d_dsa.dsa_ivid == cursor.source_dsa_invocation_id: + found = True + break + + if not found: + i_idx = j_idx + t_time = 0 + + #XXX doc says current time < c.timeLastSyncSuccess - f + # which is true only if f is negative or clocks are wrong. + # f is not negative in the default case (2 hours). + elif ntnow - cursor.last_sync_success > f: i_idx = 0 t_time = 0 else: i_idx = j_idx - t_time = c_rep.last_success + t_time = cursor.last_sync_success # Otherwise (Nominate local DC as ISTG): # Let i be the integer such that di is the nTDSDSA @@ -1783,7 +1805,7 @@ class GraphNode(object): flags = dsdb.SYSTEM_FLAG_CONFIG_ALLOW_RENAME + \ dsdb.SYSTEM_FLAG_CONFIG_ALLOW_MOVE - dsa.create_connection(opt, flags, None, edge_dnstr, None) + dsa.new_connection(opt, flags, None, edge_dnstr, None) def has_sufficient_edges(self): '''Return True if we have met the maximum "from edges" criteria''' @@ -2023,7 +2045,7 @@ class RepsFromTo(object): elif item in ['update_flags']: return self.__dict__['update_flags'] - raise AttributeError("Unknwown attribute %s" % item) + raise AttributeError("Unknown attribute %s" % item) def is_modified(self): return (self.update_flags != 0x0) @@ -2087,7 +2109,7 @@ class SiteLink(object): "siteList" ] try: res = samdb.search(base=self.dnstr, scope=ldb.SCOPE_BASE, - attrs=attrs) + attrs=attrs, controls=['extended_dn:0']) except ldb.LdbError, (enum, estr): raise Exception("Unable to find SiteLink for (%s) - (%s)" % @@ -2110,21 +2132,20 @@ class SiteLink(object): if "siteList" in msg: for value in msg["siteList"]: dsdn = dsdb_Dn(samdb, value) - dnstr = str(dsdn.dn) - if dnstr not in self.site_list: - self.site_list.append(dnstr) - - def is_sitelink(self, site1_dnstr, site2_dnstr): - """Given a siteLink object, determine if it is a link - between the two input site DNs - """ - if site1_dnstr in self.site_list and site2_dnstr in self.site_list: - return True - return False - + guid = misc.GUID(dsdn.dn.get_extended_component('GUID')) + if guid not in self.site_list: + self.site_list.append(guid) + +class KCCFailedObject(object): + def __init__(self, uuid, failure_count, time_first_failure, last_result, dns_name): + self.uuid = uuid + self.failure_count = failure_count + self.time_first_failure = time_first_failure + self.last_result = last_result + self.dns_name = dns_name class VertexColor(object): - (unknown, white, black, red) = range(0, 4) + (red, black, white, unknown) = range(0, 4) class Vertex(object): @@ -2135,6 +2156,16 @@ class Vertex(object): self.site = site self.part = part self.color = VertexColor.unknown + self.edges = [] + self.accept_red_red = [] + self.accept_black = [] + self.repl_info = ReplInfo() + self.root = self + self.guid = None + self.component_id = self + self.demoted = False + self.options = 0 + self.interval = 0 def color_vertex(self): """Color each vertex to indicate which kind of NC @@ -2164,6 +2195,7 @@ class Vertex(object): else: self.color = VertexColor.black + def is_red(self): assert(self.color != VertexColor.unknown) return (self.color == VertexColor.red) @@ -2176,8 +2208,157 @@ class Vertex(object): assert(self.color != VertexColor.unknown) return (self.color == VertexColor.white) + +class IntersiteGraph(object): + """Graph for representing the intersite""" + def __init__(self): + self.vertices = set() + self.edges = set() + self.edge_set = set() + # All vertices that are endpoints of edges + self.connected_vertices = None + +class MultiEdgeSet(object): + """Defines a multi edge set""" + def __init__(self): + self.guid = 0 # objectGuid siteLinkBridge + self.edges = [] + +class MultiEdge(object): + def __init__(self): + self.site_link = None # object siteLink + self.vertices = [] + self.con_type = None # interSiteTransport GUID + self.repl_info = ReplInfo() + self.directed = True + +class ReplInfo(object): + def __init__(self): + self.cost = 0 + self.interval = 0 + self.options = 0 + self.schedule = None + +class InternalEdge(object): + def __init__(self, v1, v2, redred, repl, eType): + self.v1 = v1 + self.v2 = v2 + self.red_red = redred + self.repl_info = repl + self.e_type = eType -- Samba Shared Repository