summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rwxr-xr-xsource4/scripting/devel/demodirsync.py156
1 files changed, 156 insertions, 0 deletions
diff --git a/source4/scripting/devel/demodirsync.py b/source4/scripting/devel/demodirsync.py
new file mode 100755
index 0000000000..41dac6ff51
--- /dev/null
+++ b/source4/scripting/devel/demodirsync.py
@@ -0,0 +1,156 @@
+#!/usr/bin/python
+
+
+import optparse
+import sys
+import base64
+
+sys.path.insert(0, "bin/python")
+
+import samba.getopt as options
+from samba.dcerpc import drsblobs, misc
+from samba.ndr import ndr_pack, ndr_unpack
+from samba import Ldb
+
+parser = optparse.OptionParser("get-descriptor [options]")
+sambaopts = options.SambaOptions(parser)
+credopts = options.CredentialsOptions(parser)
+parser.add_option_group(credopts)
+
+parser.add_option("-b", type="string", metavar="BASE",
+ help="set base DN for the search")
+parser.add_option("--host", type="string", metavar="HOST",
+ help="Ip of the host")
+
+lp = sambaopts.get_loadparm()
+creds = credopts.get_credentials(lp)
+
+opts = parser.parse_args()[0]
+
+def printdirsync(ctl):
+ arr = ctl.split(':')
+ if arr[0] == 'dirsync':
+ print "Need to continue: %s" % arr[1]
+ cookie = ndr_unpack(drsblobs.ldapControlDirSyncCookie, base64.b64decode(arr[3]))
+ print "DC's NTDS guid: %s " % cookie.blob.guid1
+ print "highest usn %s" % cookie.blob.highwatermark.highest_usn
+ print "tmp higest usn %s" % cookie.blob.highwatermark.tmp_highest_usn
+ print "reserved usn %s" % cookie.blob.highwatermark.reserved_usn
+ if cookie.blob.extra_length >0:
+ print "highest usn in extra %s" % cookie.blob.extra.ctr.cursors[0].highest_usn
+ return cookie
+
+remote_ldb= Ldb("ldap://" + opts.host + ":389", credentials=creds, lp=lp)
+tab = []
+if opts.b:
+ base = opts.b
+else:
+ base = None
+
+guid = None
+(msgs, ctrls) = remote_ldb.search(expression="(samaccountname=administrator)", base=base, attrs=["objectClass"], controls=["dirsync:1:1:50"])
+if (len(ctrls)):
+ for ctl in ctrls:
+ arr = ctl.split(':')
+ if arr[0] == 'dirsync':
+ cookie = ndr_unpack(drsblobs.ldapControlDirSyncCookie, base64.b64decode(arr[3]))
+ guid = cookie.blob.guid1
+ pass
+if not guid:
+ print "No dirsync control ... strange"
+ sys.exit(1)
+
+print ""
+print "Getting first guest without any cookie"
+(msgs, ctrls) = remote_ldb.searchex(expression="(samaccountname=guest)", base=base, attrs=["objectClass"], controls=["dirsync:1:1:50"])
+cookie = None
+if (len(ctrls)):
+ for ctl in ctrls:
+ cookie = printdirsync(ctl)
+ print "Returned %d entries" % len(msgs)
+
+savedcookie = cookie
+
+print ""
+print "Getting allusers with cookie"
+controls=["dirsync:1:1:50:%s" % base64.b64encode(ndr_pack(cookie))]
+(msgs, ctrls) = remote_ldb.searchex(expression="(samaccountname=*)", base=base, attrs=["objectClass"], controls=controls)
+if (len(ctrls)):
+ for ctl in ctrls:
+ cookie = printdirsync(ctl)
+ print "Returned %d entries" % len(msgs)
+
+cookie = savedcookie
+cookie.blob.guid1 = misc.GUID("128a99bf-e2df-4832-ac0a-1fb625e530db")
+if cookie.blob.extra_length > 0:
+ cookie.blob.extra.ctr.cursors[0].source_dsa_invocation_id = misc.GUID("128a99bf-e2df-4832-ac0a-1fb625e530db")
+
+print ""
+print "Getting all the entries"
+controls=["dirsync:1:1:50:%s" % base64.b64encode(ndr_pack(cookie))]
+(msgs, ctrls) = remote_ldb.searchex(expression="(objectclass=*)", base=base, controls=controls)
+cont = 0
+if (len(ctrls)):
+ for ctl in ctrls:
+ cookie = printdirsync(ctl)
+ if cookie != None:
+ cont = (ctl.split(':'))[1]
+ print "Returned %d entries" % len(msgs)
+
+usn = cookie.blob.highwatermark.tmp_highest_usn
+if cookie.blob.extra_length > 0:
+ bigusn = cookie.blob.extra.ctr.cursors[0].highest_usn
+else:
+ bigusn = usn + 1000
+while (cont == "1"):
+ print ""
+ controls=["dirsync:1:1:50:%s" % base64.b64encode(ndr_pack(cookie))]
+ (msgs, ctrls) = remote_ldb.searchex(expression="(objectclass=*)", base=base, controls=controls)
+ if (len(ctrls)):
+ for ctl in ctrls:
+ cookie = printdirsync(ctl)
+ if cookie != None:
+ cont = (ctl.split(':'))[1]
+ print "Returned %d entries" % len(msgs)
+
+print ""
+print "Getting with cookie but usn changed to %d we should use the one in extra" % (bigusn - 1)
+cookie.blob.highwatermark.highest_usn = 0
+cookie.blob.highwatermark.tmp_highest_usn = usn - 2
+if cookie.blob.extra_length > 0:
+ print "here"
+ cookie.blob.extra.ctr.cursors[0].highest_usn = bigusn - 1
+controls=["dirsync:1:1:50:%s" % base64.b64encode(ndr_pack(cookie))]
+(msgs, ctrls) = remote_ldb.searchex(expression="(objectclass=*)", base=base, controls=controls)
+if (len(ctrls)):
+ for ctl in ctrls:
+ cookie = printdirsync(ctl)
+ print "Returned %d entries" % len(msgs)
+
+print ""
+print "Getting with cookie but usn %d changed and extra/cursor GUID too" % (usn - 2)
+print " so that it's (tmp)highest_usn that drives the limit"
+cookie.blob.highwatermark.highest_usn = 0
+cookie.blob.highwatermark.tmp_highest_usn = usn - 2
+if cookie.blob.extra_length > 0:
+ cookie.blob.extra.ctr.cursors[0].source_dsa_invocation_id = misc.GUID("128a99bf-e2df-4832-ac0a-1fb625e530db")
+ cookie.blob.extra.ctr.cursors[0].highest_usn = bigusn - 1
+controls=["dirsync:1:1:50:%s" % base64.b64encode(ndr_pack(cookie))]
+(msgs, ctrls) = remote_ldb.searchex(expression="(objectclass=*)", base=base, controls=controls)
+if (len(ctrls)):
+ for ctl in ctrls:
+ cookie = printdirsync(ctl)
+ print "Returned %d entries" % len(msgs)
+
+print ""
+print "Getting with cookie but usn changed to %d" % (usn - 2)
+cookie.blob.highwatermark.highest_usn = 0
+cookie.blob.highwatermark.tmp_highest_usn = (usn - 2)
+if cookie.blob.extra_length > 0:
+ cookie.blob.extra.ctr.cursors[0].highest_usn = (usn - 2)
+controls=["dirsync:1:1:50:%s" % base64.b64encode(ndr_pack(cookie))]
+(msgs, ctrls) = remote_ldb.searchex(expression="(objectclass=*)", base=base, controls=controls)
+if (len(ctrls)):
+ for ctl in ctrls:
+ cookie = printdirsync(ctl)
+ print "Returned %d entries" % len(msgs)