diff options
-rwxr-xr-x | source4/scripting/devel/demodirsync.py | 156 |
1 files changed, 156 insertions, 0 deletions
diff --git a/source4/scripting/devel/demodirsync.py b/source4/scripting/devel/demodirsync.py new file mode 100755 index 0000000000..41dac6ff51 --- /dev/null +++ b/source4/scripting/devel/demodirsync.py @@ -0,0 +1,156 @@ +#!/usr/bin/python + + +import optparse +import sys +import base64 + +sys.path.insert(0, "bin/python") + +import samba.getopt as options +from samba.dcerpc import drsblobs, misc +from samba.ndr import ndr_pack, ndr_unpack +from samba import Ldb + +parser = optparse.OptionParser("get-descriptor [options]") +sambaopts = options.SambaOptions(parser) +credopts = options.CredentialsOptions(parser) +parser.add_option_group(credopts) + +parser.add_option("-b", type="string", metavar="BASE", + help="set base DN for the search") +parser.add_option("--host", type="string", metavar="HOST", + help="Ip of the host") + +lp = sambaopts.get_loadparm() +creds = credopts.get_credentials(lp) + +opts = parser.parse_args()[0] + +def printdirsync(ctl): + arr = ctl.split(':') + if arr[0] == 'dirsync': + print "Need to continue: %s" % arr[1] + cookie = ndr_unpack(drsblobs.ldapControlDirSyncCookie, base64.b64decode(arr[3])) + print "DC's NTDS guid: %s " % cookie.blob.guid1 + print "highest usn %s" % cookie.blob.highwatermark.highest_usn + print "tmp higest usn %s" % cookie.blob.highwatermark.tmp_highest_usn + print "reserved usn %s" % cookie.blob.highwatermark.reserved_usn + if cookie.blob.extra_length >0: + print "highest usn in extra %s" % cookie.blob.extra.ctr.cursors[0].highest_usn + return cookie + +remote_ldb= Ldb("ldap://" + opts.host + ":389", credentials=creds, lp=lp) +tab = [] +if opts.b: + base = opts.b +else: + base = None + +guid = None +(msgs, ctrls) = remote_ldb.search(expression="(samaccountname=administrator)", base=base, attrs=["objectClass"], controls=["dirsync:1:1:50"]) +if (len(ctrls)): + for ctl in ctrls: + arr = ctl.split(':') + if arr[0] == 'dirsync': + cookie = ndr_unpack(drsblobs.ldapControlDirSyncCookie, base64.b64decode(arr[3])) + guid = cookie.blob.guid1 + pass +if not guid: + print "No dirsync control ... strange" + sys.exit(1) + +print "" +print "Getting first guest without any cookie" +(msgs, ctrls) = remote_ldb.searchex(expression="(samaccountname=guest)", base=base, attrs=["objectClass"], controls=["dirsync:1:1:50"]) +cookie = None +if (len(ctrls)): + for ctl in ctrls: + cookie = printdirsync(ctl) + print "Returned %d entries" % len(msgs) + +savedcookie = cookie + +print "" +print "Getting allusers with cookie" +controls=["dirsync:1:1:50:%s" % base64.b64encode(ndr_pack(cookie))] +(msgs, ctrls) = remote_ldb.searchex(expression="(samaccountname=*)", base=base, attrs=["objectClass"], controls=controls) +if (len(ctrls)): + for ctl in ctrls: + cookie = printdirsync(ctl) + print "Returned %d entries" % len(msgs) + +cookie = savedcookie +cookie.blob.guid1 = misc.GUID("128a99bf-e2df-4832-ac0a-1fb625e530db") +if cookie.blob.extra_length > 0: + cookie.blob.extra.ctr.cursors[0].source_dsa_invocation_id = misc.GUID("128a99bf-e2df-4832-ac0a-1fb625e530db") + +print "" +print "Getting all the entries" +controls=["dirsync:1:1:50:%s" % base64.b64encode(ndr_pack(cookie))] +(msgs, ctrls) = remote_ldb.searchex(expression="(objectclass=*)", base=base, controls=controls) +cont = 0 +if (len(ctrls)): + for ctl in ctrls: + cookie = printdirsync(ctl) + if cookie != None: + cont = (ctl.split(':'))[1] + print "Returned %d entries" % len(msgs) + +usn = cookie.blob.highwatermark.tmp_highest_usn +if cookie.blob.extra_length > 0: + bigusn = cookie.blob.extra.ctr.cursors[0].highest_usn +else: + bigusn = usn + 1000 +while (cont == "1"): + print "" + controls=["dirsync:1:1:50:%s" % base64.b64encode(ndr_pack(cookie))] + (msgs, ctrls) = remote_ldb.searchex(expression="(objectclass=*)", base=base, controls=controls) + if (len(ctrls)): + for ctl in ctrls: + cookie = printdirsync(ctl) + if cookie != None: + cont = (ctl.split(':'))[1] + print "Returned %d entries" % len(msgs) + +print "" +print "Getting with cookie but usn changed to %d we should use the one in extra" % (bigusn - 1) +cookie.blob.highwatermark.highest_usn = 0 +cookie.blob.highwatermark.tmp_highest_usn = usn - 2 +if cookie.blob.extra_length > 0: + print "here" + cookie.blob.extra.ctr.cursors[0].highest_usn = bigusn - 1 +controls=["dirsync:1:1:50:%s" % base64.b64encode(ndr_pack(cookie))] +(msgs, ctrls) = remote_ldb.searchex(expression="(objectclass=*)", base=base, controls=controls) +if (len(ctrls)): + for ctl in ctrls: + cookie = printdirsync(ctl) + print "Returned %d entries" % len(msgs) + +print "" +print "Getting with cookie but usn %d changed and extra/cursor GUID too" % (usn - 2) +print " so that it's (tmp)highest_usn that drives the limit" +cookie.blob.highwatermark.highest_usn = 0 +cookie.blob.highwatermark.tmp_highest_usn = usn - 2 +if cookie.blob.extra_length > 0: + cookie.blob.extra.ctr.cursors[0].source_dsa_invocation_id = misc.GUID("128a99bf-e2df-4832-ac0a-1fb625e530db") + cookie.blob.extra.ctr.cursors[0].highest_usn = bigusn - 1 +controls=["dirsync:1:1:50:%s" % base64.b64encode(ndr_pack(cookie))] +(msgs, ctrls) = remote_ldb.searchex(expression="(objectclass=*)", base=base, controls=controls) +if (len(ctrls)): + for ctl in ctrls: + cookie = printdirsync(ctl) + print "Returned %d entries" % len(msgs) + +print "" +print "Getting with cookie but usn changed to %d" % (usn - 2) +cookie.blob.highwatermark.highest_usn = 0 +cookie.blob.highwatermark.tmp_highest_usn = (usn - 2) +if cookie.blob.extra_length > 0: + cookie.blob.extra.ctr.cursors[0].highest_usn = (usn - 2) +controls=["dirsync:1:1:50:%s" % base64.b64encode(ndr_pack(cookie))] +(msgs, ctrls) = remote_ldb.searchex(expression="(objectclass=*)", base=base, controls=controls) +if (len(ctrls)): + for ctl in ctrls: + cookie = printdirsync(ctl) + print "Returned %d entries" % len(msgs) |