From f3db67e14fd9ebcf5720e82b125d2939fdc2ac17 Mon Sep 17 00:00:00 2001 From: Kamen Mazdrashki Date: Fri, 4 Feb 2011 04:14:13 +0200 Subject: s4/samba-tool: 'drs options' command implementation Current implementation handle only one flag change per call --- source4/scripting/python/samba/netcmd/drs.py | 71 ++++++++++++++++++++++++++++ 1 file changed, 71 insertions(+) diff --git a/source4/scripting/python/samba/netcmd/drs.py b/source4/scripting/python/samba/netcmd/drs.py index 740bd209b9..3855bf1864 100644 --- a/source4/scripting/python/samba/netcmd/drs.py +++ b/source4/scripting/python/samba/netcmd/drs.py @@ -399,6 +399,76 @@ class cmd_drs_bind(Command): print("Forest GUID: %s" % info.info.config_dn_guid) + +class cmd_drs_options(Command): + """query or change 'options' for NTDS Settings object of a domain controller""" + + synopsis = ("%prog drs options " + " [--dsa-option={+|-}IS_GC | {+|-}DISABLE_INBOUND_REPL" + " |{+|-}DISABLE_OUTBOUND_REPL | {+|-}DISABLE_NTDSCONN_XLATE]") + + takes_optiongroups = { + "sambaopts": options.SambaOptions, + "versionopts": options.VersionOptions, + "credopts": options.CredentialsOptions, + } + + takes_args = ["DC"] + + takes_options = [ + Option("--dsa-option", help="DSA option to enable/disable", type="str"), + ] + + option_map = {"IS_GC": 0x00000001, + "DISABLE_INBOUND_REPL": 0x00000002, + "DISABLE_OUTBOUND_REPL": 0x00000004, + "DISABLE_NTDSCONN_XLATE": 0x00000008} + + def get_dsServiceName(ctx): + '''get the NTDS DN from the rootDSE''' + res = ctx.samdb.search(base="", scope=ldb.SCOPE_BASE, attrs=["dsServiceName"]) + return res[0]["dsServiceName"][0] + + def run(self, DC, dsa_option=None, + sambaopts=None, credopts=None, versionopts=None): + + self.lp = sambaopts.get_loadparm() + if DC is None: + DC = common.netcmd_dnsname(self.lp) + self.server = DC + self.creds = credopts.get_credentials(self.lp, fallback_machine=True) + + samdb_connect(self) + + ntds_dn = self.get_dsServiceName() + res = self.samdb.search(base=ntds_dn, scope=ldb.SCOPE_BASE, attrs=["options"]) + dsa_opts = int(res[0]["options"][0]) + + # print out current DSA options + cur_opts = [x for x in self.option_map if self.option_map[x] & dsa_opts] + self.message("Current DSA options: " + ", ".join(cur_opts)) + + # modify options + if dsa_option: + if dsa_option[:1] not in ("+", "-"): + raise CommandError("Unknown option %s" % dsa_option) + flag = dsa_option[1:] + if flag not in self.option_map.keys(): + raise CommandError("Unknown option %s" % dsa_option) + if dsa_option[:1] == "+": + dsa_opts |= self.option_map[flag] + else: + dsa_opts &= ~self.option_map[flag] + #save new options + m = ldb.Message() + m.dn = ldb.Dn(self.samdb, ntds_dn) + m["options"]= ldb.MessageElement(str(dsa_opts), ldb.FLAG_MOD_REPLACE, "options") + self.samdb.modify(m) + # print out new DSA options + cur_opts = [x for x in self.option_map if self.option_map[x] & dsa_opts] + self.message("New DSA options: " + ", ".join(cur_opts)) + + class cmd_drs(SuperCommand): """DRS commands""" @@ -407,3 +477,4 @@ class cmd_drs(SuperCommand): subcommands["kcc"] = cmd_drs_kcc() subcommands["replicate"] = cmd_drs_replicate() subcommands["showrepl"] = cmd_drs_showrepl() + subcommands["options"] = cmd_drs_options() -- cgit