summaryrefslogtreecommitdiff
path: root/source4/scripting
diff options
context:
space:
mode:
authorMatthieu Patou <mat@matws.net>2010-07-05 23:41:13 +0400
committerMatthias Dieter Wallnöfer <mdw@samba.org>2010-07-08 19:28:42 +0200
commit61be498adbdcefb3d2d79bc26019ede01411178f (patch)
treeebf498edb41c71821110c6fb1d84ffacd29f3154 /source4/scripting
parent690ed0c5e2c61584daa2acb5dbfb680ecee83e0f (diff)
downloadsamba-61be498adbdcefb3d2d79bc26019ede01411178f.tar.gz
samba-61be498adbdcefb3d2d79bc26019ede01411178f.tar.bz2
samba-61be498adbdcefb3d2d79bc26019ede01411178f.zip
s4 upgradeprovision: For SID > 1000 do not copy them, let the system regenerated a new one
This should avoid colliion with newly added objects that use the same SID as existing users in the upgraded provision. Signed-off-by: Matthias Dieter Wallnöfer <mdw@samba.org>
Diffstat (limited to 'source4/scripting')
-rwxr-xr-xsource4/scripting/bin/upgradeprovision6
1 files changed, 6 insertions, 0 deletions
diff --git a/source4/scripting/bin/upgradeprovision b/source4/scripting/bin/upgradeprovision
index 9d29d4a76b..48c4ce63b8 100755
--- a/source4/scripting/bin/upgradeprovision
+++ b/source4/scripting/bin/upgradeprovision
@@ -516,6 +516,11 @@ def add_missing_object(ref_samdb, samdb, dn, names, basedn, hash, index):
empty = Message()
delta = samdb.msg_diff(empty, reference[0])
delta.dn
+ if delta.get("objectSid"):
+ sid = str(ndr_unpack(security.dom_sid, str(reference[0]["objectSid"])))
+ m = re.match(r".*-(\d+)$", sid)
+ if m and int(m.group(1))>999:
+ delta.remove("objectSid")
for att in hashAttrNotCopied.keys():
delta.remove(att)
for att in backlinked:
@@ -533,6 +538,7 @@ def add_missing_object(ref_samdb, samdb, dn, names, basedn, hash, index):
delta.dn = dn
message(CHANGE,"Object %s will be added" % dn)
samdb.add(delta, ["relax:0"])
+
return True
def gen_dn_index_hash(listMissing):