The branch, master has been updated
via 79dd22a objectclass_attrs: Only abort on a missing attribute when
an attribute is both MUST and replicated
via e0aa056 typo: supprise -> surprise
via 4c56793 tests/getnc_exop: Finish a comment in getnc_exop.py
via 37aa11c tests/getnc_exop: Improve the ridalloc test by performing
an alloc against a new master
via a3baf4b objectclass_attrs: correctly indent a comment
from da67acb build: Fix build with perl on debian sid.
https://git.samba.org/?p=samba.git;a=shortlog;h=master
- Log -----------------------------------------------------------------
commit 79dd22aacb4c12bd008d9ad354ec5ec088560748
Author: Clive Ferreira <[email protected]>
Date: Tue Oct 11 15:32:54 2016 +1300
objectclass_attrs: Only abort on a missing attribute when an attribute is
both MUST and replicated
If an attribute is not replicated or constructed, it is quite normal for
it to be missing. This is the case with both rIDNextRid and
rIDPreviousAllocationPool. This currently prevents us switching the RID
master. On Windows, missing this attribute does not cause any problems
for the RID manager.
We may now remove the knownfail entry added earlier.
Signed-off-by: Clive Ferreira <[email protected]>
Reviewed-by: Andrew Bartlett <[email protected]>
Pair-programmed-with: Garming Sam <[email protected]>
Pair-programmed-with: Bob Campbell <[email protected]>
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12394
Autobuild-User(master): Garming Sam <[email protected]>
Autobuild-Date(master): Wed Nov 2 01:28:44 CET 2016 on sn-devel-144
commit e0aa05609556cf7bc93d585944542d630862ba0f
Author: Clive Ferreira <[email protected]>
Date: Thu Oct 20 16:20:49 2016 +1300
typo: supprise -> surprise
Signed-off-by: Clive Ferreira <[email protected]>
Reviewed-by: Andrew Bartlett <[email protected]>
Pair-programmed-with: Garming Sam <[email protected]>
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12394
commit 4c567932165229e7fa9c33b071e9fabe79d9eef0
Author: Garming Sam <[email protected]>
Date: Thu Oct 20 16:19:43 2016 +1300
tests/getnc_exop: Finish a comment in getnc_exop.py
Signed-off-by: Garming Sam <[email protected]>
Reviewed-by: Andrew Bartlett <[email protected]>
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12394
commit 37aa11ce5b2b91cd0d84f6c7370d64674fcf5479
Author: Bob Campbell <[email protected]>
Date: Mon Oct 10 16:58:57 2016 +1300
tests/getnc_exop: Improve the ridalloc test by performing an alloc against
a new master
Currently we fail against ourselves due to rIDNextRid and
rIDPreviousAllocationPool normally being unset, despite being mandatory
attributes (being the only attributes in this situation).
Pair-programmed-with: Garming Sam <[email protected]>
Pair-programmed-with: Clive Ferreira <[email protected]>
Signed-off-by: Bob Campbell <[email protected]>
Reviewed-by: Andrew Bartlett <[email protected]>
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12394
commit a3baf4b8049d222b8be71dce3bc1cd46b8391f73
Author: Clive Ferreira <[email protected]>
Date: Tue Oct 11 15:33:06 2016 +1300
objectclass_attrs: correctly indent a comment
Signed-off-by: Clive Ferreira <[email protected]>
Reviewed-by: Andrew Bartlett <[email protected]>
Pair-programmed-with: Garming Sam <[email protected]>
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12394
-----------------------------------------------------------------------
Summary of changes:
source4/dsdb/samdb/ldb_modules/objectclass_attrs.c | 36 ++++++----
source4/dsdb/samdb/ldb_modules/rootdse.c | 2 +-
source4/torture/drs/python/getnc_exop.py | 78 +++++++++++++++++++++-
3 files changed, 102 insertions(+), 14 deletions(-)
Changeset truncated at 500 lines:
diff --git a/source4/dsdb/samdb/ldb_modules/objectclass_attrs.c
b/source4/dsdb/samdb/ldb_modules/objectclass_attrs.c
index c83c2e9..e239fb9 100644
--- a/source4/dsdb/samdb/ldb_modules/objectclass_attrs.c
+++ b/source4/dsdb/samdb/ldb_modules/objectclass_attrs.c
@@ -426,21 +426,33 @@ static int attr_handler2(struct oc_context *ac)
* replicated.
*/
if (found_must_contain[0] != NULL &&
- ldb_msg_check_string_attribute(msg, "isDeleted", "TRUE") == 0 &&
- ldb_request_get_control(ac->req, DSDB_CONTROL_DBCHECK) == NULL) {
- ldb_asprintf_errstring(ldb, "objectclass_attrs: at least one
mandatory attribute ('%s') on entry '%s' wasn't specified!",
- found_must_contain[0],
- ldb_dn_get_linearized(msg->dn));
- return LDB_ERR_OBJECT_CLASS_VIOLATION;
+ ldb_msg_check_string_attribute(msg, "isDeleted", "TRUE") == 0) {
+
+ for (i = 0; found_must_contain[i] != NULL; i++) {
+ const struct dsdb_attribute *broken_attr =
dsdb_attribute_by_lDAPDisplayName(ac->schema,
+
found_must_contain[i]);
+
+ bool replicated = (broken_attr->systemFlags &
+ (DS_FLAG_ATTR_NOT_REPLICATED |
DS_FLAG_ATTR_IS_CONSTRUCTED)) == 0;
+
+ if (replicated) {
+ ldb_asprintf_errstring(ldb, "objectclass_attrs:
at least one mandatory "
+ "attribute ('%s') on
entry '%s' wasn't specified!",
+ found_must_contain[i],
+
ldb_dn_get_linearized(msg->dn));
+ return LDB_ERR_OBJECT_CLASS_VIOLATION;
+ }
+ }
}
if (isSchemaAttr) {
- /* Before really adding an attribute in the database,
- * let's check that we can translate it into a
dbsd_attribute and
- * that we can find a valid syntax object.
- * If not it's better to reject this attribute than not
be able
- * to start samba next time due to schema being
unloadable.
- */
+ /*
+ * Before really adding an attribute in the database,
+ * let's check that we can translate it into a dsdb_attribute
and
+ * that we can find a valid syntax object.
+ * If not it's better to reject this attribute than not be able
+ * to start samba next time due to schema being unloadable.
+ */
struct dsdb_attribute *att = talloc(ac, struct dsdb_attribute);
const struct dsdb_syntax *attrSyntax;
WERROR status;
diff --git a/source4/dsdb/samdb/ldb_modules/rootdse.c
b/source4/dsdb/samdb/ldb_modules/rootdse.c
index 6a1b8ef..86ca89f 100644
--- a/source4/dsdb/samdb/ldb_modules/rootdse.c
+++ b/source4/dsdb/samdb/ldb_modules/rootdse.c
@@ -1515,7 +1515,7 @@ static int rootdse_become_master(struct ldb_module
*module,
/*
* We always delete the transaction, not commit it, because
- * this gives the least supprise to this supprising action (as
+ * this gives the least surprise to this surprising action (as
* we will never record anything done to this point
*/
rootdse_del_trans(module);
diff --git a/source4/torture/drs/python/getnc_exop.py
b/source4/torture/drs/python/getnc_exop.py
index d058e66..941d323 100644
--- a/source4/torture/drs/python/getnc_exop.py
+++ b/source4/torture/drs/python/getnc_exop.py
@@ -256,7 +256,7 @@ class DrsReplicaSyncTestCase(drs_base.DrsBaseTestCase,
ExopBaseTest):
# has an RODC, it can gain links on the server account object
def test_do_ridalloc_get_anc(self):
- """Test doing a RID allocation with a valid destination DSA guid and
"""
+ """Test doing a RID allocation with a valid destination DSA guid and
GET_ANC flag"""
fsmo_dn = ldb.Dn(self.ldb_dc1, "CN=RID Manager$,CN=System," +
self.ldb_dc1.domain_dn())
(fsmo_owner, fsmo_not_owner) = self._determine_fSMORoleOwner(fsmo_dn)
@@ -289,6 +289,82 @@ class DrsReplicaSyncTestCase(drs_base.DrsBaseTestCase,
ExopBaseTest):
# We don't check the linked_attributes_count as if the domain
# has an RODC, it can gain links on the server account object
+ def test_edit_rid_master(self):
+ """Test doing a RID allocation after changing the RID master from the
original one.
+ This should set rIDNextRID to 0 on the new RID master."""
+ # 1. a. Transfer role to non-RID master
+ # b. Check that it succeeds correctly
+ #
+ # 2. a. Call the RID alloc against the former master.
+ # b. Check that it succeeds.
+ fsmo_dn = ldb.Dn(self.ldb_dc1, "CN=RID Manager$,CN=System," +
self.ldb_dc1.domain_dn())
+ (fsmo_owner, fsmo_not_owner) = self._determine_fSMORoleOwner(fsmo_dn)
+
+ # 1. Swap RID master role
+ m = ldb.Message()
+ m.dn = ldb.Dn(self.ldb_dc1, "")
+ m["becomeRidMaster"] = ldb.MessageElement("1", ldb.FLAG_MOD_REPLACE,
+ "becomeRidMaster")
+
+ # Make sure that ldb_dc1 == RID Master
+
+ server_dn = str(ldb.Dn(self.ldb_dc1,
self.ldb_dc1.get_dsServiceName()).parent())
+
+ # self.ldb_dc1 == LOCALDC
+ if server_dn == fsmo_owner['server_dn']:
+ # ldb_dc1 == VAMPIREDC
+ ldb_dc1, ldb_dc2 = self.ldb_dc2, self.ldb_dc1
+ else:
+ # Otherwise switch the two
+ ldb_dc1, ldb_dc2 = self.ldb_dc1, self.ldb_dc2
+
+ try:
+ # ldb_dc1 is now RID MASTER (as VAMPIREDC)
+ ldb_dc1.modify(m)
+ except ldb.LdbError, (num, msg):
+ self.fail("Failed to reassign RID Master " + msg)
+
+ try:
+ # 2. Perform a RID alloc
+ req8 = self._exop_req8(dest_dsa=fsmo_owner["ntds_guid"],
+ invocation_id=fsmo_not_owner["invocation_id"],
+ nc_dn_str=fsmo_dn,
+ exop=drsuapi.DRSUAPI_EXOP_FSMO_RID_ALLOC)
+
+ (drs, drs_handle) = self._ds_bind(fsmo_not_owner["dns_name"])
+ # 3. Make sure the allocation succeeds
+ try:
+ (level, ctr) = drs.DsGetNCChanges(drs_handle, 8, req8)
+ except RuntimeError, e:
+ self.fail("RID allocation failed: " + str(e))
+
+ fsmo_dn = ldb.Dn(self.ldb_dc1, "CN=RID Manager$,CN=System," +
self.ldb_dc1.domain_dn())
+
+ self.assertEqual(level, 6, "Expected level 6 response!")
+ self.assertEqual(ctr.source_dsa_guid,
misc.GUID(fsmo_not_owner["ntds_guid"]))
+ self.assertEqual(ctr.source_dsa_invocation_id,
misc.GUID(fsmo_not_owner["invocation_id"]))
+ ctr6 = ctr
+ self.assertEqual(ctr6.extended_ret,
drsuapi.DRSUAPI_EXOP_ERR_SUCCESS)
+ self.assertEqual(ctr6.object_count, 3)
+ self.assertNotEqual(ctr6.first_object, None)
+ self.assertEqual(ldb.Dn(ldb_dc2,
ctr6.first_object.object.identifier.dn), fsmo_dn)
+ self.assertNotEqual(ctr6.first_object.next_object, None)
+ self.assertNotEqual(ctr6.first_object.next_object.next_object,
None)
+ second_object = ctr6.first_object.next_object.object
+ self.assertEqual(ldb.Dn(self.ldb_dc1,
second_object.identifier.dn), fsmo_owner["rid_set_dn"])
+ third_object = ctr6.first_object.next_object.next_object.object
+ self.assertEqual(ldb.Dn(self.ldb_dc1, third_object.identifier.dn),
fsmo_owner["server_acct_dn"])
+ finally:
+ # Swap the RID master back for other tests
+ m = ldb.Message()
+ m.dn = ldb.Dn(ldb_dc2, "")
+ m["becomeRidMaster"] = ldb.MessageElement("1",
ldb.FLAG_MOD_REPLACE, "becomeRidMaster")
+ try:
+ ldb_dc2.modify(m)
+ except ldb.LdbError, (num, msg):
+ self.fail("Failed to restore RID Master " + msg)
+
+
class DrsReplicaPrefixMapTestCase(drs_base.DrsBaseTestCase, ExopBaseTest):
def setUp(self):
super(DrsReplicaPrefixMapTestCase, self).setUp()
--
Samba Shared Repository
