diff options
-rwxr-xr-x | source4/scripting/bin/upgradeprovision | 15 |
1 files changed, 13 insertions, 2 deletions
diff --git a/source4/scripting/bin/upgradeprovision b/source4/scripting/bin/upgradeprovision index de0ad5e3e7..68d84a970d 100755 --- a/source4/scripting/bin/upgradeprovision +++ b/source4/scripting/bin/upgradeprovision @@ -813,7 +813,7 @@ def update_present(ref_samdb, samdb, basedn, listPresent, usns, invocationid): identic_rename(samdb, reference[0].dn) current = samdb.search(expression="dn=%s" % (str(dn)), base=basedn, scope=SCOPE_SUBTREE, - controls=["search_options:1:2"]) + controls=controls) delta = samdb.msg_diff(current[0], reference[0]) @@ -897,7 +897,18 @@ def update_present(ref_samdb, samdb, basedn, listPresent, usns, invocationid): if attrUSN is None: delta.remove(att) continue - + if att == "nTSecurityDescriptor": + cursd = ndr_unpack(security.descriptor, + str(current[0]["nTSecurityDescriptor"])) + cursddl = cursd.as_sddl(names.domainsid) + refsd = ndr_unpack(security.descriptor, + str(reference[0]["nTSecurityDescriptor"])) + refsddl = cursd.as_sddl(names.domainsid) + + if get_diff_sddls(refsddl, cursddl) == "": + message(CHANGE, "sd are identical") + else: + message(CHANGE, "sd are not identical") if attrUSN == -1: # This attribute was last modified by another DC forget # about it |