diff options
author | Matthieu Patou <mat@matws.net> | 2011-12-04 23:19:55 +0100 |
---|---|---|
committer | Matthieu Patou <mat@matws.net> | 2011-12-05 18:23:07 +0100 |
commit | a8c89fa7d2720f58bc7ce0cf0e1c92255331a733 (patch) | |
tree | fc7ad7d8770d9582be8c6e49f469ac44701e18c2 | |
parent | f44e1a753a9dc489ded1d2e49c83c865124462f1 (diff) | |
download | samba-a8c89fa7d2720f58bc7ce0cf0e1c92255331a733.tar.gz samba-a8c89fa7d2720f58bc7ce0cf0e1c92255331a733.tar.bz2 samba-a8c89fa7d2720f58bc7ce0cf0e1c92255331a733.zip |
samba-tool: refuse to demote if the current DC has still roles
-rw-r--r-- | source4/scripting/python/samba/netcmd/domain.py | 16 |
1 files changed, 12 insertions, 4 deletions
diff --git a/source4/scripting/python/samba/netcmd/domain.py b/source4/scripting/python/samba/netcmd/domain.py index a23785f945..6c2ebfa301 100644 --- a/source4/scripting/python/samba/netcmd/domain.py +++ b/source4/scripting/python/samba/netcmd/domain.py @@ -213,19 +213,27 @@ class cmd_domain_demote(Command): server = e["dnsHostName"] break - print "Using %s as partner server for the demotion" % server ntds_guid = samdb.get_ntds_GUID() - (drsuapiBind, drsuapi_handle, supportedExtensions) = drsuapi_connect(server, lp, creds) - - msg = samdb.search(base=str(samdb.get_config_basedn()), scope=ldb.SCOPE_SUBTREE, expression="(objectGUID=%s)" % ntds_guid, attrs=['options']) if len(msg) == 0 or "options" not in msg[0]: raise CommandError("Failed to find options on %s" % ntds_guid) + ntds_dn = msg[0].dn dsa_options = int(str(msg[0]['options'])) + res = samdb.search(expression="(fSMORoleOwner=%s)" % str(ntds_dn), + controls=["search_options:1:2"]) + + if len(res) != 0: + raise CommandError("Current DC is still the owner of %d role(s), use the role command to transfer roles to another DC") + + print "Using %s as partner server for the demotion" % server + (drsuapiBind, drsuapi_handle, supportedExtensions) = drsuapi_connect(server, lp, creds) + + + print "Desactivating inbound replication" |