summaryrefslogtreecommitdiff
path: root/source4/scripting/bin/samba_upgradeprovision
diff options
context:
space:
mode:
Diffstat (limited to 'source4/scripting/bin/samba_upgradeprovision')
-rwxr-xr-xsource4/scripting/bin/samba_upgradeprovision30
1 files changed, 8 insertions, 22 deletions
diff --git a/source4/scripting/bin/samba_upgradeprovision b/source4/scripting/bin/samba_upgradeprovision
index cc8c633451..8e7d792e35 100755
--- a/source4/scripting/bin/samba_upgradeprovision
+++ b/source4/scripting/bin/samba_upgradeprovision
@@ -921,7 +921,7 @@ def checkKeepAttributeWithMetadata(delta, att, message, reference, current,
" cames from the modification or from a previous bug")
dnNotToRecalculateFound = True
else:
- dnToRecalculate.append(str(dn))
+ dnToRecalculate.append(dn)
continue
if attrUSN == -1:
@@ -1282,11 +1282,12 @@ def fix_wellknown_sd(samdb, names):
get_dns_domain_microsoft_dns_descriptor)
subcontainers.append(c)
- for [dn, descriptor_fn] in subcontainers:
+ for [strdn, descriptor_fn] in subcontainers:
+ dn = Dn(samdb, strdn)
list_wellknown_dns.append(dn)
if dn in dnToRecalculate:
delta = Message()
- delta.dn = Dn(samdb, str(dn))
+ delta.dn = dn
descr = descriptor_fn(names.domainsid, name_map=names.name_map)
delta["nTSecurityDescriptor"] = MessageElement(descr, FLAG_MOD_REPLACE,
"nTSecurityDescriptor" )
@@ -1311,30 +1312,16 @@ def rebuild_sd(samdb, names):
listWellknown = fix_wellknown_sd(samdb, names)
- hash = {}
- for dn in dnToRecalculate:
- if hash.has_key(dn):
- continue
- # fetch each dn to recalculate and their child within the same partition
- res = samdb.search(expression="objectClass=*", base=dn,
- scope=SCOPE_SUBTREE, attrs=["dn", "whenCreated"])
- for obj in res:
- hash[str(obj["dn"])] = obj["whenCreated"]
-
- listKeys = list(set(hash.keys()))
- listKeys.sort(dn_sort)
-
if len(dnToRecalculate) != 0:
message(CHANGESD, "%d DNs have been marked as needed to be recalculated"
- ", recalculating %d due to inheritance"
- % (len(dnToRecalculate), len(listKeys)))
+ % (len(dnToRecalculate)))
- for key in listKeys:
+ for dn in dnToRecalculate:
# well known SDs have already been reset
- if key in listWellknown:
+ if dn in listWellknown:
continue
delta = Message()
- delta.dn = Dn(samdb, key)
+ delta.dn = dn
sd_flags = SECINFO_OWNER | SECINFO_GROUP | SECINFO_DACL | SECINFO_SACL
try:
descr = get_empty_descriptor(names.domainsid)
@@ -1840,7 +1827,6 @@ if __name__ == '__main__':
message(SIMPLE, "Update machine account")
update_machine_account_password(ldbs.sam, ldbs.secrets, names)
- dnToRecalculate.sort(dn_sort)
# 16) SD should be created with admin but as some previous acl were so wrong
# that admin can't modify them we have first to recreate them with the good
# form but with system account and then give the ownership to admin ...