The branch, master has been updated via a2d45cf provision/sambadns: CN=MicrosoftDNS,CN=System, is relative to DOMAINDN via a90067e provision: Fix comment to refer to correct file (krb5.conf) via 6da2dcd dsdb: Provide a clearer error when we fail to store the sequence number in metadata.tdb via d2ff474 ldb:rdn_name: reject 'distinguishedName' depending of the MOD flags via da7ef12 dsdb/tests/ldap: fix test_distinguished_name against w2k8r2 via 295b4de s4:dsdb/rootdse: report 'dnsHostName' instead of 'dNSHostName' via ca17392 dsdb/tests/ldap: fix test_ldapServiceName against w2k8r2 from b197de7 libndr: Avoid ommitting display of unset bitmap flags.
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log ----------------------------------------------------------------- commit a2d45cf49e4976d55261d01df955e412ac7fa73f Author: Stefan Metzmacher <me...@samba.org> Date: Wed Oct 9 09:37:52 2013 +0200 provision/sambadns: CN=MicrosoftDNS,CN=System, is relative to DOMAINDN Signed-off-by: Stefan Metzmacher <me...@samba.org> Reviewed-by: Andrew Bartlett <abart...@samba.org> Autobuild-User(master): Stefan Metzmacher <me...@samba.org> Autobuild-Date(master): Thu Oct 10 10:24:55 CEST 2013 on sn-devel-104 commit a90067ec8ef56a8edfbede992848f08e70853cb5 Author: Andrew Bartlett <abart...@samba.org> Date: Wed Sep 25 20:28:42 2013 -0700 provision: Fix comment to refer to correct file (krb5.conf) Signed-off-by: Andrew Bartlett <abart...@samba.org> Reviewed-by: Stefan Metzmacher <me...@samba.org> commit 6da2dcd17ee46d339d7d80df3dccd456703e7fe2 Author: Andrew Bartlett <abart...@samba.org> Date: Wed Sep 25 17:09:58 2013 -0700 dsdb: Provide a clearer error when we fail to store the sequence number in metadata.tdb Signed-off-by: Andrew Bartlett <abart...@samba.org> Reviewed-by: Stefan Metzmacher <me...@samba.org> commit d2ff474766ebb104309bf1e801c54ce0f8ea0a64 Author: Stefan Metzmacher <me...@samba.org> Date: Wed Sep 25 01:30:23 2013 +0200 ldb:rdn_name: reject 'distinguishedName' depending of the MOD flags This is what Windows 2008 R2 returns: LDB_MOD_ADD => LDB_ERR_UNWILLING_TO_PERFORM LDB_MOD_REPLACE => LDB_ERR_CONSTRAINT_VIOLATION LDB_MOD_DEL => LDB_ERR_UNWILLING_TO_PERFORM Signed-off-by: Stefan Metzmacher <me...@samba.org> Reviewed-by: Andrew Bartlett <abart...@samba.org> commit da7ef12b43f355fa6ff92af98645c80c85699d78 Author: Stefan Metzmacher <me...@samba.org> Date: Mon Sep 23 03:39:58 2013 +0200 dsdb/tests/ldap: fix test_distinguished_name against w2k8r2 Signed-off-by: Stefan Metzmacher <me...@samba.org> Reviewed-by: Andrew Bartlett <abart...@samba.org> commit 295b4de7215f3326f9a403973547eb6ed4339f9b Author: Stefan Metzmacher <me...@samba.org> Date: Wed Sep 25 00:49:19 2013 +0200 s4:dsdb/rootdse: report 'dnsHostName' instead of 'dNSHostName' The attribute on the RootDSE object is called 'dnsHostName' instead of 'dNSHostName' (which is used in the schema and on all other directory objects). Bug: https://bugzilla.samba.org/show_bug.cgi?id=10193 Signed-off-by: Stefan Metzmacher <me...@samba.org> Reviewed-by: Andrew Bartlett <abart...@samba.org> commit ca173923a3937a9ed08f71bfd4ba177a6aeeaeba Author: Stefan Metzmacher <me...@samba.org> Date: Sun Sep 22 23:40:12 2013 +0200 dsdb/tests/ldap: fix test_ldapServiceName against w2k8r2 Bug: https://bugzilla.samba.org/show_bug.cgi?id=10193 Signed-off-by: Stefan Metzmacher <me...@samba.org> Reviewed-by: Andrew Bartlett <abart...@samba.org> ----------------------------------------------------------------------- Summary of changes: lib/ldb/modules/rdn_name.c | 10 ++++++- python/samba/provision/__init__.py | 5 +-- python/samba/provision/sambadns.py | 16 ++++++------ .../dsdb/samdb/ldb_modules/partition_metadata.c | 25 +++++++++++++++---- source4/dsdb/samdb/ldb_modules/rootdse.c | 2 +- source4/dsdb/tests/python/ldap.py | 16 ++++++++---- 6 files changed, 48 insertions(+), 26 deletions(-) Changeset truncated at 500 lines: diff --git a/lib/ldb/modules/rdn_name.c b/lib/ldb/modules/rdn_name.c index 50b63ae..f44ea71 100644 --- a/lib/ldb/modules/rdn_name.c +++ b/lib/ldb/modules/rdn_name.c @@ -371,6 +371,7 @@ static int rdn_name_modify(struct ldb_module *module, struct ldb_request *req) { struct ldb_context *ldb; const struct ldb_val *rdn_val_p; + struct ldb_message_element *e = NULL; ldb = ldb_module_get_ctx(module); @@ -389,10 +390,15 @@ static int rdn_name_modify(struct ldb_module *module, struct ldb_request *req) return LDB_ERR_INVALID_DN_SYNTAX; } - if (ldb_msg_find_element(req->op.mod.message, "distinguishedName")) { + e = ldb_msg_find_element(req->op.mod.message, "distinguishedName"); + if (e != NULL) { ldb_asprintf_errstring(ldb, "Modify of 'distinguishedName' on %s not permitted, must use 'rename' operation instead", ldb_dn_get_linearized(req->op.mod.message->dn)); - return LDB_ERR_CONSTRAINT_VIOLATION; + if (e->flags == LDB_FLAG_MOD_REPLACE) { + return LDB_ERR_CONSTRAINT_VIOLATION; + } else { + return LDB_ERR_UNWILLING_TO_PERFORM; + } } if (ldb_msg_find_element(req->op.mod.message, "name")) { diff --git a/python/samba/provision/__init__.py b/python/samba/provision/__init__.py index 631fff6..7f6d96d 100644 --- a/python/samba/provision/__init__.py +++ b/python/samba/provision/__init__.py @@ -2241,10 +2241,9 @@ def provision_become_dc(smbconf=None, targetdir=None, def create_krb5_conf(path, dnsdomain, hostname, realm): - """Write out a file containing zone statements suitable for inclusion in a - named.conf file (including GSS-TSIG configuration). + """Write out a file containing a valid krb5.conf file - :param path: Path of the new named.conf file. + :param path: Path of the new krb5.conf file. :param dnsdomain: DNS Domain name :param hostname: Local hostname :param realm: Realm name diff --git a/python/samba/provision/sambadns.py b/python/samba/provision/sambadns.py index 4acc24b..46cfc89 100644 --- a/python/samba/provision/sambadns.py +++ b/python/samba/provision/sambadns.py @@ -1021,18 +1021,18 @@ def setup_ad_dns(samdb, secretsdb, domainsid, names, paths, lp, logger, add_dns_accounts(samdb, names.domaindn) # If dns_backend is BIND9_FLATFILE - # Populate only CN=MicrosoftDNS,CN=System,<FORESTDN> + # Populate only CN=MicrosoftDNS,CN=System,<DOMAINDN> # # If dns_backend is SAMBA_INTERNAL or BIND9_DLZ # Populate DNS partitions # If os_level < 2003 (DS_DOMAIN_FUNCTION_2000) - # All dns records are in CN=MicrosoftDNS,CN=System,<FORESTDN> + # All dns records are in CN=MicrosoftDNS,CN=System,<DOMAINDN> # # If os_level >= 2003 (DS_DOMAIN_FUNCTION_2003, DS_DOMAIN_FUNCTION_2008, # DS_DOMAIN_FUNCTION_2008_R2) - # Root server records are in CN=MicrosoftDNS,CN=System,<FORESTDN> - # Domain records are in CN=MicrosoftDNS,CN=System,<FORESTDN> + # Root server records are in CN=MicrosoftDNS,CN=System,<DOMAINDN> + # Domain records are in CN=MicrosoftDNS,CN=System,<DOMAINDN> # Domain records are in CN=MicrosoftDNS,DC=DomainDnsZones,<DOMAINDN> # Forest records are in CN=MicrosoftDNS,DC=ForestDnsZones,<FORESTDN> domaindn = names.domaindn @@ -1047,13 +1047,13 @@ def setup_ad_dns(samdb, secretsdb, domainsid, names, paths, lp, logger, domainguid = get_domainguid(samdb, domaindn) # Create CN=System - logger.info("Creating CN=MicrosoftDNS,CN=System,%s" % forestdn) - create_dns_legacy(samdb, domainsid, forestdn, dnsadmins_sid) + logger.info("Creating CN=MicrosoftDNS,CN=System,%s" % domaindn) + create_dns_legacy(samdb, domainsid, domaindn, dnsadmins_sid) if os_level == DS_DOMAIN_FUNCTION_2000: # Populating legacy dns - logger.info("Populating CN=MicrosoftDNS,CN=System,%s" % forestdn) - fill_dns_data_legacy(samdb, domainsid, forestdn, dnsdomain, site, + logger.info("Populating CN=MicrosoftDNS,CN=System,%s" % domaindn) + fill_dns_data_legacy(samdb, domainsid, domaindn, dnsdomain, site, hostname, hostip, hostip6, dnsadmins_sid) elif dns_backend in ("SAMBA_INTERNAL", "BIND9_DLZ") and \ diff --git a/source4/dsdb/samdb/ldb_modules/partition_metadata.c b/source4/dsdb/samdb/ldb_modules/partition_metadata.c index c67d6cf..db1815a 100644 --- a/source4/dsdb/samdb/ldb_modules/partition_metadata.c +++ b/source4/dsdb/samdb/ldb_modules/partition_metadata.c @@ -129,9 +129,13 @@ static int partition_metadata_set_uint64(struct ldb_module *module, } if (tdb_store(tdb, tdb_key, tdb_data, tdb_flag) != 0) { + int ret; + char *error_string = talloc_asprintf(tmp_ctx, "%s: tdb_store of key %s failed: %s", + tdb_name(tdb), key, tdb_errorstr(tdb)); + ret = ldb_module_error(module, LDB_ERR_OPERATIONS_ERROR, + error_string); talloc_free(tmp_ctx); - return ldb_module_error(module, LDB_ERR_OPERATIONS_ERROR, - tdb_errorstr(tdb)); + return ret; } talloc_free(tmp_ctx); @@ -242,9 +246,11 @@ static int partition_metadata_open(struct ldb_module *module, bool create) if (data->metadata->db == NULL) { talloc_free(tmp_ctx); if (create) { - ldb_debug(ldb, LDB_DEBUG_ERROR, - "partition_metadata: Unable to create %s", - filename); + ldb_asprintf_errstring(ldb, "partition_metadata: Unable to create %s", + filename); + } else { + ldb_asprintf_errstring(ldb, "partition_metadata: Unable to open %s", + filename); } return LDB_ERR_OPERATIONS_ERROR; } @@ -295,9 +301,16 @@ int partition_metadata_init(struct ldb_module *module) } /* metadata.tdb does not exist, create it */ - DEBUG(2, ("partition_metadata: Migrating partition metadata\n")); + DEBUG(2, ("partition_metadata: Migrating partition metadata: " + "open of metadata.tdb gave: %s\n", + ldb_errstring(ldb_module_get_ctx(module)))); ret = partition_metadata_open(module, true); if (ret != LDB_SUCCESS) { + ldb_asprintf_errstring(ldb_module_get_ctx(module), + "partition_metadata: " + "Migrating partition metadata: " + "create of metadata.tdb gave: %s\n", + ldb_errstring(ldb_module_get_ctx(module))); talloc_free(data->metadata); data->metadata = NULL; goto end; diff --git a/source4/dsdb/samdb/ldb_modules/rootdse.c b/source4/dsdb/samdb/ldb_modules/rootdse.c index eaf6451..167201e 100644 --- a/source4/dsdb/samdb/ldb_modules/rootdse.c +++ b/source4/dsdb/samdb/ldb_modules/rootdse.c @@ -270,7 +270,7 @@ static int rootdse_add_dynamic(struct ldb_module *module, struct ldb_message *ms if (ret == LDB_SUCCESS) { const char *hostname = ldb_msg_find_attr_as_string(res->msgs[0], "dNSHostName", NULL); if (hostname != NULL) { - if (ldb_msg_add_string(msg, "dNSHostName", hostname)) { + if (ldb_msg_add_string(msg, "dnsHostName", hostname)) { goto failed; } } diff --git a/source4/dsdb/tests/python/ldap.py b/source4/dsdb/tests/python/ldap.py index 0a95b2a..63c422a 100755 --- a/source4/dsdb/tests/python/ldap.py +++ b/source4/dsdb/tests/python/ldap.py @@ -952,7 +952,7 @@ class BasicTests(samba.tests.TestCase): ldb.modify(m) self.fail() except LdbError, (num, _): - self.assertEquals(num, ERR_CONSTRAINT_VIOLATION) + self.assertEquals(num, ERR_UNWILLING_TO_PERFORM) m = Message() m.dn = Dn(ldb, "cn=ldaptestgroup,cn=users," + self.base_dn) @@ -976,7 +976,7 @@ class BasicTests(samba.tests.TestCase): ldb.modify(m) self.fail() except LdbError, (num, _): - self.assertEquals(num, ERR_CONSTRAINT_VIOLATION) + self.assertEquals(num, ERR_UNWILLING_TO_PERFORM) delete_force(self.ldb, "cn=ldaptestgroup,cn=users," + self.base_dn) @@ -2980,12 +2980,16 @@ class BaseDnTests(samba.tests.TestCase): def test_ldapServiceName(self): """Testing the ldap service name in rootDSE""" res = self.ldb.search("", scope=SCOPE_BASE, - attrs=["ldapServiceName", "dNSHostName"]) + attrs=["ldapServiceName", "dnsHostName"]) self.assertEquals(len(res), 1) + self.assertTrue("ldapServiceName" in res[0]) + self.assertTrue("dnsHostName" in res[0]) + + (hostname, _, dns_domainname) = res[0]["dnsHostName"][0].partition(".") - (hostname, _, dns_domainname) = res[0]["dNSHostName"][0].partition(".") - self.assertTrue(":%s$@%s" % (hostname, dns_domainname.upper()) - in res[0]["ldapServiceName"][0]) + given = res[0]["ldapServiceName"][0] + expected = "%s:%s$@%s" % (dns_domainname.lower(), hostname.lower(), dns_domainname.upper()) + self.assertEquals(given, expected) if not "://" in host: if os.path.isfile(host): -- Samba Shared Repository