From 278778c927b71847e87ce9b43e2a70665906befe Mon Sep 17 00:00:00 2001
From: Andrew Tridgell <tridge@samba.org>
Date: Fri, 5 Nov 2010 14:08:49 +1100
Subject: s4-pydrs: added rodc option to python drs replication

---
 source4/scripting/python/samba/drs_utils.py   | 9 +++++----
 source4/scripting/python/samba/netcmd/rodc.py | 2 +-
 2 files changed, 6 insertions(+), 5 deletions(-)

(limited to 'source4/scripting')

diff --git a/source4/scripting/python/samba/drs_utils.py b/source4/scripting/python/samba/drs_utils.py
index 4686259df6..a600c2310b 100644
--- a/source4/scripting/python/samba/drs_utils.py
+++ b/source4/scripting/python/samba/drs_utils.py
@@ -111,7 +111,7 @@ class drs_Replicate:
 
 
     def replicate(self, dn, source_dsa_invocation_id, destination_dsa_guid,
-                  schema=False, exop=drsuapi.DRSUAPI_EXOP_NONE):
+                  schema=False, exop=drsuapi.DRSUAPI_EXOP_NONE, rodc=False):
         '''replicate a single DN'''
 
         # setup for a GetNCChanges call
@@ -132,8 +132,9 @@ class drs_Replicate:
             req8.replica_flags		    =  (drsuapi.DRSUAPI_DRS_INIT_SYNC |
                                                 drsuapi.DRSUAPI_DRS_PER_SYNC |
                                                 drsuapi.DRSUAPI_DRS_GET_ANC |
-                                                drsuapi.DRSUAPI_DRS_NEVER_SYNCED |
-                                                drsuapi.DRSUAPI_DRS_SPECIAL_SECRET_PROCESSING)
+                                                drsuapi.DRSUAPI_DRS_NEVER_SYNCED)
+            if rodc:
+                req8.replica_flags |= drsuapi.DRSUAPI_DRS_SPECIAL_SECRET_PROCESSING
         req8.max_object_count		     = 402
         req8.max_ndr_size		     = 402116
         req8.extended_op		     = exop
@@ -143,7 +144,7 @@ class drs_Replicate:
         req8.mapping_ctr.num_mappings	     = 0
         req8.mapping_ctr.mappings	     = None
 
-        if not schema:
+        if not schema and rodc:
             req8.partial_attribute_set = self.drs_get_rodc_partial_attribute_set()
 
         while True:
diff --git a/source4/scripting/python/samba/netcmd/rodc.py b/source4/scripting/python/samba/netcmd/rodc.py
index 0fdb252b60..5f97c32b28 100644
--- a/source4/scripting/python/samba/netcmd/rodc.py
+++ b/source4/scripting/python/samba/netcmd/rodc.py
@@ -105,7 +105,7 @@ class cmd_rodc_preload(Command):
         repl = drs_Replicate("ncacn_ip_tcp:%s[seal,print]" % server, lp, creds, local_samdb)
         try:
             repl.replicate(dn, source_dsa_invocation_id, destination_dsa_guid,
-                           exop=drsuapi.DRSUAPI_EXOP_REPL_SECRET)
+                           exop=drsuapi.DRSUAPI_EXOP_REPL_SECRET, rodc=True)
         except RuntimeError, (ecode, estring):
             if estring == 'WERR_DS_DRA_ACCESS_DENIED':
                 local_samdb.transaction_cancel()
-- 
cgit