diff options
author | Matthieu Patou <mat@matws.net> | 2009-09-12 01:03:52 +0400 |
---|---|---|
committer | Andrew Bartlett <abartlet@samba.org> | 2009-09-14 22:41:09 -0700 |
commit | 7268720ad468b087dc723d4efaf38412603409cb (patch) | |
tree | e582b1163ea69b3b9a3e65ef9c669ad34a2e49c2 /source4/scripting/bin/rebuildextendeddn | |
parent | f410d23185f5c81dbc111285ea0ba9daf5fc111d (diff) | |
download | samba-7268720ad468b087dc723d4efaf38412603409cb.tar.gz samba-7268720ad468b087dc723d4efaf38412603409cb.tar.bz2 samba-7268720ad468b087dc723d4efaf38412603409cb.zip |
s4: Script to build or rebuild extend DN attributes
This script can be used to upgrade a provision that didn't integrate extended dn.
It can also be used to add missing extended DN that weren't created during provision.
Diffstat (limited to 'source4/scripting/bin/rebuildextendeddn')
-rwxr-xr-x | source4/scripting/bin/rebuildextendeddn | 141 |
1 files changed, 141 insertions, 0 deletions
diff --git a/source4/scripting/bin/rebuildextendeddn b/source4/scripting/bin/rebuildextendeddn new file mode 100755 index 0000000000..618d179719 --- /dev/null +++ b/source4/scripting/bin/rebuildextendeddn @@ -0,0 +1,141 @@ +#!/usr/bin/python +# +# Unix SMB/CIFS implementation. +# Extended attributes (re)building +# Copyright (C) Matthieu Patou <mat@matws.net> 2009 +# +# Based on provision a Samba4 server by +# Copyright (C) Jelmer Vernooij <jelmer@samba.org> 2007-2008 +# Copyright (C) Andrew Bartlett <abartlet@samba.org> 2008 +# +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License as published by +# the Free Software Foundation; either version 3 of the License, or +# (at your option) any later version. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program. If not, see <http://www.gnu.org/licenses/>. +# + +import getopt +import optparse +import os +import sys +# Find right directory when running from source tree +sys.path.insert(0, "bin/python") + +import samba +from samba.credentials import DONT_USE_KERBEROS +from samba.auth import system_session +from samba import Ldb, substitute_var, valid_netbios_name, check_all_substituted +from ldb import SCOPE_SUBTREE, SCOPE_ONELEVEL, SCOPE_BASE, LdbError, \ + timestring, CHANGETYPE_MODIFY, CHANGETYPE_NONE +import ldb +import samba.getopt as options +from samba.samdb import SamDB +from samba import param +from samba.provision import ProvisionPaths, ProvisionNames,provision_paths_from_lp,get_dnsyntax_attributes,get_linked_attributes + +parser = optparse.OptionParser("provision [options]") +sambaopts = options.SambaOptions(parser) +parser.add_option_group(sambaopts) +parser.add_option_group(options.VersionOptions(parser)) +credopts = options.CredentialsOptions(parser) +parser.add_option_group(credopts) +parser.add_option("--targetdir", type="string", metavar="DIR", + help="Set target directory") + +opts = parser.parse_args()[0] + +def message(text): + """print a message if quiet is not set.""" + if not opts.quiet: + print text + +if len(sys.argv) == 1: + opts.interactive = True + +lp = sambaopts.get_loadparm() +smbconf = lp.configfile + +creds = credopts.get_credentials(lp) + +creds.set_kerberos_state(DONT_USE_KERBEROS) + +session = system_session() + + +def get_paths(targetdir=None,smbconf=None): + if targetdir is not None: + if (not os.path.exists(os.path.join(targetdir, "etc"))): + os.makedirs(os.path.join(targetdir, "etc")) + smbconf = os.path.join(targetdir, "etc", "smb.conf") + if smbconf is None: + smbconf = param.default_path() + + if not os.path.exists(smbconf): + print >>sys.stderr, "Unable to find smb.conf .. "+smbconf + parser.print_usage() + sys.exit(1) + + lp = param.LoadParm() + lp.load(smbconf) + paths = provision_paths_from_lp(lp,"foo") + return paths + + + +def rebuild_en_dn(credentials,session_info,paths): + lp = param.LoadParm() + lp.load(paths.smbconf) + names = ProvisionNames() + names.domain = lp.get("workgroup") + names.realm = lp.get("realm") + names.rootdn = "DC=" + names.realm.replace(".",",DC=") + + attrs = ["dn" ] + dn = "" + sam_ldb = Ldb(paths.samdb, session_info=session_info, credentials=credentials,lp=lp) + attrs2 = ["schemaNamingContext"] + res2 = sam_ldb.search(expression="(objectClass=*)",base="", scope=SCOPE_BASE, attrs=attrs2) + attrs.extend(get_linked_attributes(ldb.Dn(sam_ldb,str(res2[0]["schemaNamingContext"])),sam_ldb).keys()) + attrs.extend(get_dnsyntax_attributes(ldb.Dn(sam_ldb,str(res2[0]["schemaNamingContext"])),sam_ldb)), + sam_ldb.transaction_start() + res = sam_ldb.search(expression="(cn=*)", scope=SCOPE_SUBTREE, attrs=attrs,controls=["search_options:1:2"] +) + mod = "" + for i in range (0,len(res)): + #print >>sys.stderr,res[i].dn + dn = res[i].dn + for att in res[i]: + if ( (att != "dn" and att != "cn") and not (res[i][att] is None) ): + m = ldb.Message() + m.dn = ldb.Dn(sam_ldb, str(dn)) + saveatt = [] + for j in range (0,len( res[i][att])): + mod = mod +att +": "+str(res[i][att][j])+"\n" + saveatt.append(str(res[i][att][j])) + m[att] = ldb.MessageElement(saveatt, ldb.FLAG_MOD_REPLACE, att) + sam_ldb.modify(m) + res3 = sam_ldb.search(expression="(&(dn=%s)(%s=*))"%(dn,att),scope=SCOPE_SUBTREE, attrs=[att],controls=["search_options:1:2"]) + if( len(res3) == 0 or (len(res3[0][att])!= len(saveatt))): + print >>sys.stderr, str(dn) + " has no attr " +att+ " or a wrong value" + for satt in saveatt: + print >>sys.stderr,str(att)+" = "+satt + sam_ldb.transaction_cancel() + sam_ldb.transaction_commit() + + + + +paths = get_paths(targetdir=opts.targetdir,smbconf=smbconf) + + +rebuild_en_dn(creds,session,paths) + |