diff options
author | Matthias Dieter Wallnöfer <mwallnoefer@yahoo.de> | 2010-01-10 21:34:05 +0100 |
---|---|---|
committer | Matthias Dieter Wallnöfer <mwallnoefer@yahoo.de> | 2010-01-10 22:48:06 +0100 |
commit | 2cedefabc93c8a1fcb49d65a3f78a344e814f826 (patch) | |
tree | a56ebac6528d428e778c0d355029675e65161d51 | |
parent | e0d6b0977eb5c5a2c95ee2de10c7b18550371b50 (diff) | |
download | samba-2cedefabc93c8a1fcb49d65a3f78a344e814f826.tar.gz samba-2cedefabc93c8a1fcb49d65a3f78a344e814f826.tar.bz2 samba-2cedefabc93c8a1fcb49d65a3f78a344e814f826.zip |
s4:upgradeprovision - fix up the script regarding linked attributes
We have to try to add new objects until between two iterations we didn't make
any progress. Either we are then done (no objects remaining) or we are
incapable to do this fully automatically.
The latter can happen if important system objects (builtin groups, users...)
moved (e.g. consider one of my recent comments). Then the new object can't be
added if it contains the same "sAMAccountName" attribute as the old one. We
have to let the user delete the old one (also to give him a chance to backup
personal changes - if needed) and only then the script is capable to add the
new one onto the right place. Make this clear with an exhaustive error output.
I personally don't see a good way how to do this better for now so I would leave
this as a manual step.
-rwxr-xr-x | source4/scripting/bin/upgradeprovision | 58 |
1 files changed, 46 insertions, 12 deletions
diff --git a/source4/scripting/bin/upgradeprovision b/source4/scripting/bin/upgradeprovision index e95977a258..23980cd3da 100755 --- a/source4/scripting/bin/upgradeprovision +++ b/source4/scripting/bin/upgradeprovision @@ -560,18 +560,52 @@ def check_diff_name(newpaths,paths,creds,session,basedn,names,ischema): sam_ldb.transaction_start() - empty = ldb.Message() - message(SIMPLE,"There are %d missing objects"%(len(listMissing))) - for dn in listMissing: - reference = newsam_ldb.search(expression="dn=%s"%(str(dn)),base=basedn, scope=SCOPE_SUBTREE,controls=["search_options:1:2"]) - delta = sam_ldb.msg_diff(empty,reference[0]) - for att in hashAttrNotCopied.keys(): - delta.remove(att) - for att in backlinked: - delta.remove(att) - delta.dn = dn - - sam_ldb.add(delta,["relax:0"]) + err_num = 0 + err_msg = "" + while len(listMissing) > 0: + listMissing2 = [] + + empty = ldb.Message() + message(SIMPLE,"There are still %d objects missing"%(len(listMissing))) + + for dn in listMissing: + reference = newsam_ldb.search(expression="dn=%s" % (str(dn)), + base=basedn, scope=SCOPE_SUBTREE, + controls=["search_options:1:2"]) + delta = sam_ldb.msg_diff(empty,reference[0]) + for att in hashAttrNotCopied.keys(): + delta.remove(att) + for att in backlinked: + delta.remove(att) + delta.dn = dn + + try: + sam_ldb.add(delta,["relax:0"]) + # This is needed here since otherwise the + # "replmd_meta_data" module doesn't see the + # updated data + sam_ldb.transaction_commit() + sam_ldb.transaction_start() + except LdbError, (num, msg): + # An exception can happen if a linked object + # doesn't exist which can happen if it is also + # to be added + err_num = num + err_msg = msg + listMissing2.append(dn) + + if len(listMissing2) == len(listMissing): + # We couldn't add any object in this iteration -> + # we have to resign and hope that the user manually + # fixes the damage + + message(ERROR, "The script isn't capable to do the upgrade fully automatically!") + message(ERROR, "Often this happens when important system objects moved their location. Please look for them (for example doable using the displayed 'sAMAccountName' attribute), backup if personally changed and remove them.") + message(ERROR, "Reinvoke this script and reapply eventual modifications done before. It is possible to get this error more than once (for each problematic object).") + + raise LdbError(err_num, err_msg) + + listMissing = listMissing2 changed = 0 for dn in listPresent: |