From a623359fb8a54083b81436d14b7ba022c11efb18 Mon Sep 17 00:00:00 2001
From: Andrew Bartlett <abartlet@samba.org>
Date: Wed, 18 Sep 2013 14:27:26 -0700
Subject: python/drs: Ensure to pass in the local invocationID during the
 domain join

This ensures (and asserts) that we never write an all-zero GUID as an invocationID
to the database in replPropertyMetaData.

Andrew Bartlett

Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
---
 python/samba/drs_utils.py  | 8 ++++++--
 python/samba/join.py       | 2 +-
 python/samba/netcmd/drs.py | 4 +++-
 3 files changed, 10 insertions(+), 4 deletions(-)

(limited to 'python')

diff --git a/python/samba/drs_utils.py b/python/samba/drs_utils.py
index 6e2cfea9ab..49837492b7 100644
--- a/python/samba/drs_utils.py
+++ b/python/samba/drs_utils.py
@@ -147,12 +147,16 @@ def drs_DsBind(drs):
 class drs_Replicate(object):
     '''DRS replication calls'''
 
-    def __init__(self, binding_string, lp, creds, samdb):
+    def __init__(self, binding_string, lp, creds, samdb, invocation_id):
         self.drs = drsuapi.drsuapi(binding_string, lp, creds)
         (self.drs_handle, self.supported_extensions) = drs_DsBind(self.drs)
         self.net = Net(creds=creds, lp=lp)
         self.samdb = samdb
-        self.replication_state = self.net.replicate_init(self.samdb, lp, self.drs)
+        if not isinstance(invocation_id, misc.GUID):
+            raise RuntimeError("Must supply GUID for invocation_id")
+        if invocation_id == misc.GUID("00000000-0000-0000-0000-000000000000"):
+            raise RuntimeError("Must not set GUID 00000000-0000-0000-0000-000000000000 as invocation_id")
+        self.replication_state = self.net.replicate_init(self.samdb, lp, self.drs, invocation_id)
 
     def drs_get_rodc_partial_attribute_set(self):
         '''get a list of attributes for RODC replication'''
diff --git a/python/samba/join.py b/python/samba/join.py
index 15db67fbb4..2379d5f214 100644
--- a/python/samba/join.py
+++ b/python/samba/join.py
@@ -799,7 +799,7 @@ class dc_join(object):
                 binding_options += ",print"
             repl = drs_utils.drs_Replicate(
                 "ncacn_ip_tcp:%s[%s]" % (ctx.server, binding_options),
-                ctx.lp, repl_creds, ctx.local_samdb)
+                ctx.lp, repl_creds, ctx.local_samdb, ctx.invocation_id)
 
             repl.replicate(ctx.schema_dn, source_dsa_invocation_id,
                     destination_dsa_guid, schema=True, rodc=ctx.RODC,
diff --git a/python/samba/netcmd/drs.py b/python/samba/netcmd/drs.py
index de78ac71c7..36dc48e2c2 100644
--- a/python/samba/netcmd/drs.py
+++ b/python/samba/netcmd/drs.py
@@ -258,11 +258,13 @@ def drs_local_replicate(self, SOURCE_DC, NC):
 
 
     source_dsa_invocation_id = misc.GUID(self.samdb.get_invocation_id())
+    dest_dsa_invocation_id = misc.GUID(self.local_samdb.get_invocation_id())
     destination_dsa_guid = self.ntds_guid
 
     self.samdb.transaction_start()
     repl = drs_utils.drs_Replicate("ncacn_ip_tcp:%s[seal]" % self.server, self.lp,
-                                   self.creds, self.local_samdb)
+                                   self.creds, self.local_samdb, dest_dsa_invocation_id)
+
     try:
         repl.replicate(NC, source_dsa_invocation_id, destination_dsa_guid)
     except Exception, e:
-- 
cgit