From 438971e214e6f55f19148ed2afc03ec1c7066f65 Mon Sep 17 00:00:00 2001 From: Matthias Dieter Wallnöfer Date: Tue, 25 Oct 2011 20:10:30 +0200 Subject: LDB/s4 - do not use the "(dn=...)" syntax on filters anymore Make it AD-compatible using "(distinguishedName=...)". Reviewed-by: Andrew Bartlett Signed-off-by: Andrew Bartlett --- source4/dsdb/tests/python/dirsync.py | 10 +++++----- source4/scripting/bin/rebuildextendeddn | 2 +- source4/scripting/bin/renamedc | 2 +- source4/scripting/bin/upgradeprovision | 23 +++++++++++----------- source4/scripting/devel/addlotscontacts | 2 +- source4/scripting/python/samba/idmap.py | 2 +- .../scripting/python/samba/provision/__init__.py | 2 +- source4/scripting/python/samba/samdb.py | 6 +++--- source4/scripting/python/samba/upgradehelpers.py | 14 ++++++------- 9 files changed, 32 insertions(+), 31 deletions(-) (limited to 'source4') diff --git a/source4/dsdb/tests/python/dirsync.py b/source4/dsdb/tests/python/dirsync.py index c8027fc9a0..d6a21a9544 100755 --- a/source4/dsdb/tests/python/dirsync.py +++ b/source4/dsdb/tests/python/dirsync.py @@ -247,14 +247,14 @@ class SimpleDirsyncTests(DirsyncBaseTests): # We don't return an entry if asked for objectGUID res = self.ldb_admin.search(self.base_dn, - expression="dn=%s" % self.base_dn, + expression="(distinguishedName=%s)" % str(self.base_dn), attrs=["objectGUID"], controls=["dirsync:1:0:1"]) self.assertEquals(len(res.msgs), 0) # a request on the root of a NC didn't return parentGUID res = self.ldb_admin.search(self.base_dn, - expression="dn=%s" % self.base_dn, + expression="(distinguishedName=%s)" % str(self.base_dn), attrs=["name"], controls=["dirsync:1:0:1"]) self.assertTrue(res.msgs[0].get("objectGUID") != None) @@ -319,21 +319,21 @@ class SimpleDirsyncTests(DirsyncBaseTests): def test_dirsync_with_controls(self): """Check that dirsync return correct informations when dealing with the NC""" res = self.ldb_admin.search(self.base_dn, - expression="(dn=%s)" % str(self.base_dn), + expression="(distinguishedName=%s)" % str(self.base_dn), attrs=["name"], controls=["dirsync:1:0:10000", "extended_dn:1", "show_deleted:1"]) def test_dirsync_basenc(self): """Check that dirsync return correct informations when dealing with the NC""" res = self.ldb_admin.search(self.base_dn, - expression="(dn=%s)" % str(self.base_dn), + expression="(distinguishedName=%s)" % str(self.base_dn), attrs=["name"], controls=["dirsync:1:0:10000"]) self.assertEqual(len(res.msgs), 1) self.assertEqual(len(res.msgs[0]), 3) res = self.ldb_admin.search(self.base_dn, - expression="(dn=%s)" % str(self.base_dn), + expression="(distinguishedName=%s)" % str(self.base_dn), attrs=["ntSecurityDescriptor"], controls=["dirsync:1:0:10000"]) self.assertEqual(len(res.msgs), 1) diff --git a/source4/scripting/bin/rebuildextendeddn b/source4/scripting/bin/rebuildextendeddn index 5ab90c9fbd..5a0ab1295a 100755 --- a/source4/scripting/bin/rebuildextendeddn +++ b/source4/scripting/bin/rebuildextendeddn @@ -119,7 +119,7 @@ def rebuild_en_dn(credentials,session_info,paths): saveatt.append(str(res[i][att][j])) m[att] = ldb.MessageElement(saveatt, ldb.FLAG_MOD_REPLACE, att) sam_ldb.modify(m) - res3 = sam_ldb.search(expression="(&(dn=%s)(%s=*))"%(dn,att),scope=SCOPE_SUBTREE, attrs=[att],controls=["search_options:1:2"]) + res3 = sam_ldb.search(expression="(&(distinguishedName=%s)(%s=*))"%(dn,att),scope=SCOPE_SUBTREE, attrs=[att],controls=["search_options:1:2"]) if( len(res3) == 0 or (len(res3[0][att])!= len(saveatt))): print >>sys.stderr, str(dn) + " has no attr " +att+ " or a wrong value" for satt in saveatt: diff --git a/source4/scripting/bin/renamedc b/source4/scripting/bin/renamedc index 9d6f5c4c29..1fa19b25fb 100755 --- a/source4/scripting/bin/renamedc +++ b/source4/scripting/bin/renamedc @@ -114,7 +114,7 @@ if __name__ == '__main__': ldbs.sam.modify(msg) # Do a self join one more time to resync the secrets file - res = ldbs.sam.search(expression=("dn=%s" % newdn), + res = ldbs.sam.search(expression=("distinguishedName=%s" % newdn), attrs=["msDs-keyVersionNumber", "serverReferenceBL"]) assert(len(res) == 1) kvno = int(str(res[0]["msDs-keyVersionNumber"])) diff --git a/source4/scripting/bin/upgradeprovision b/source4/scripting/bin/upgradeprovision index e578c14b80..344d7f56c2 100755 --- a/source4/scripting/bin/upgradeprovision +++ b/source4/scripting/bin/upgradeprovision @@ -513,12 +513,12 @@ def handle_special_add(samdb, dn, names): "CN=WellKnown Security Principals," "CN=Configuration,%s" % names.rootdn) - res = samdb.search(expression="(dn=%s)" % oldDn, + res = samdb.search(expression="(distinguishedName=%s)" % oldDn, base=str(names.rootdn), scope=SCOPE_SUBTREE, attrs=["dn"], controls=["search_options:1:2"]) - res2 = samdb.search(expression="(dn=%s)" % dn, + res2 = samdb.search(expression="(distinguishedName=%s)" % dn, base=str(names.rootdn), scope=SCOPE_SUBTREE, attrs=["dn"], controls=["search_options:1:2"]) @@ -538,7 +538,7 @@ def handle_special_add(samdb, dn, names): if len(res) == 0: return 2 - res = samdb.search(expression="(dn=%s)" % dntoremove, + res = samdb.search(expression="(distinguishedName=%s)" % dntoremove, base=str(names.rootdn), scope=SCOPE_SUBTREE, attrs=["dn"], controls=["search_options:1:2"]) @@ -604,8 +604,9 @@ def add_missing_object(ref_samdb, samdb, dn, names, basedn, hash, index): return True - reference = ref_samdb.search(expression="dn=%s" % (str(dn)), base=basedn, - scope=SCOPE_SUBTREE, controls=["search_options:1:2"]) + reference = ref_samdb.search(expression="(distinguishedName=%s)" % (str(dn)), + base=basedn, scope=SCOPE_SUBTREE, + controls=["search_options:1:2"]) empty = Message() delta = samdb.msg_diff(empty, reference[0]) delta.dn @@ -1029,10 +1030,10 @@ def update_present(ref_samdb, samdb, basedn, listPresent, usns): if usns is not None: message(CHANGE, "Using replPropertyMetadata for change selection") for dn in listPresent: - reference = ref_samdb.search(expression="dn=%s" % (str(dn)), base=basedn, + reference = ref_samdb.search(expression="(distinguishedName=%s)" % (str(dn)), base=basedn, scope=SCOPE_SUBTREE, controls=controls) - current = samdb.search(expression="dn=%s" % (str(dn)), base=basedn, + current = samdb.search(expression="(distinguishedName=%s)" % (str(dn)), base=basedn, scope=SCOPE_SUBTREE, controls=controls) if ( @@ -1043,7 +1044,7 @@ def update_present(ref_samdb, samdb, basedn, listPresent, usns): "Renaming %s to %s" % (str(current[0].dn), str(reference[0].dn))) identic_rename(samdb, reference[0].dn) - current = samdb.search(expression="dn=%s" % (str(dn)), base=basedn, + current = samdb.search(expression="(distinguishedName=%s)" % (str(dn)), base=basedn, scope=SCOPE_SUBTREE, controls=controls) @@ -1064,7 +1065,7 @@ def update_present(ref_samdb, samdb, basedn, listPresent, usns): if nb_items > 1 and usns is not None: # Fetch the replPropertyMetaData - res = samdb.search(expression="dn=%s" % (str(dn)), base=basedn, + res = samdb.search(expression="(distinguishedName=%s)" % (str(dn)), base=basedn, scope=SCOPE_SUBTREE, controls=controls, attrs=["replPropertyMetaData"]) ctr = ndr_unpack(drsblobs.replPropertyMetaDataBlob, @@ -1361,7 +1362,7 @@ def rebuild_sd(samdb, names): return def hasATProvision(samdb): - entry = samdb.search(expression="dn=@PROVISION", base = "", + entry = samdb.search(expression="(distinguishedName=@PROVISION)", base = "", scope=SCOPE_BASE, attrs=["dn"]) @@ -1372,7 +1373,7 @@ def hasATProvision(samdb): def removeProvisionUSN(samdb): attrs = [samba.provision.LAST_PROVISION_USN_ATTRIBUTE, "dn"] - entry = samdb.search(expression="dn=@PROVISION", base = "", + entry = samdb.search(expression="(distinguishedName=@PROVISION)", base = "", scope=SCOPE_BASE, attrs=attrs) empty = Message() diff --git a/source4/scripting/devel/addlotscontacts b/source4/scripting/devel/addlotscontacts index cc073a3500..edf54b0bad 100644 --- a/source4/scripting/devel/addlotscontacts +++ b/source4/scripting/devel/addlotscontacts @@ -63,7 +63,7 @@ if __name__ == '__main__': paths, smbconf, lp) contactdn = "OU=Contacts,%s" % str(names.domaindn) - res = ldbs.sam.search(expression="(dn=%s)" % contactdn, + res = ldbs.sam.search(expression="(distinguishedName=%s)" % contactdn, base=str(names.domaindn), scope=SCOPE_BASE) diff --git a/source4/scripting/python/samba/idmap.py b/source4/scripting/python/samba/idmap.py index ac87cbbf37..b651b2053d 100644 --- a/source4/scripting/python/samba/idmap.py +++ b/source4/scripting/python/samba/idmap.py @@ -54,7 +54,7 @@ class IDmapDB(samba.Ldb): :return xid can that be used for SID/unixid mapping """ - res = self.search(expression="dn=CN=CONFIG", base="", + res = self.search(expression="distinguishedName=CN=CONFIG", base="", scope=ldb.SCOPE_SUBTREE) id = res[0].get("xidNumber") flag = ldb.FLAG_MOD_REPLACE diff --git a/source4/scripting/python/samba/provision/__init__.py b/source4/scripting/python/samba/provision/__init__.py index d00c3ded47..d138c9e423 100644 --- a/source4/scripting/python/samba/provision/__init__.py +++ b/source4/scripting/python/samba/provision/__init__.py @@ -798,7 +798,7 @@ def secretsdb_self_join(secretsdb, domain, # but we don't delete the old record that we are about to modify, # because that would delete the keytab and previous password. res = secretsdb.search(base="cn=Primary Domains", attrs=attrs, - expression=("(&(|(flatname=%s)(realm=%s)(objectSid=%s))(objectclass=primaryDomain)(!(dn=%s)))" % (domain, realm, str(domainsid), str(msg.dn))), + expression=("(&(|(flatname=%s)(realm=%s)(objectSid=%s))(objectclass=primaryDomain)(!(distinguishedName=%s)))" % (domain, realm, str(domainsid), str(msg.dn))), scope=ldb.SCOPE_ONELEVEL) for del_msg in res: diff --git a/source4/scripting/python/samba/samdb.py b/source4/scripting/python/samba/samdb.py index 1614955b74..b37854b3e4 100644 --- a/source4/scripting/python/samba/samdb.py +++ b/source4/scripting/python/samba/samdb.py @@ -462,7 +462,7 @@ unicodePwd:: %s if force_change_at_next_login: self.force_password_change_at_next_login( - "(dn=" + str(user_dn) + ")") + "(distinguishedName=" + str(user_dn) + ")") # modify the userAccountControl to remove the disabled bit self.enable_account(search_filter) @@ -662,7 +662,7 @@ accountExpires: %u for the given attribute. None if the attribute is not replicated """ - res = self.search(expression="dn=%s" % dn, + res = self.search(expression="distinguishedName=%s" % dn, scope=ldb.SCOPE_SUBTREE, controls=["search_options:1:2"], attrs=["replPropertyMetaData"]) @@ -684,7 +684,7 @@ accountExpires: %u def set_attribute_replmetadata_version(self, dn, att, value, addifnotexist=False): - res = self.search(expression="dn=%s" % dn, + res = self.search(expression="distinguishedName=%s" % dn, scope=ldb.SCOPE_SUBTREE, controls=["search_options:1:2"], attrs=["replPropertyMetaData"]) diff --git a/source4/scripting/python/samba/upgradehelpers.py b/source4/scripting/python/samba/upgradehelpers.py index d049fa2d9e..14cc907cbd 100644 --- a/source4/scripting/python/samba/upgradehelpers.py +++ b/source4/scripting/python/samba/upgradehelpers.py @@ -466,9 +466,9 @@ def update_secrets(newsecrets_ldb, secrets_ldb, messagefunc): listPresent.append(hash_new[k]) for entry in listMissing: - reference = newsecrets_ldb.search(expression="dn=%s" % entry, + reference = newsecrets_ldb.search(expression="distinguishedName=%s" % entry, base="", scope=SCOPE_SUBTREE) - current = secrets_ldb.search(expression="dn=%s" % entry, + current = secrets_ldb.search(expression="distinguishedName=%s" % entry, base="", scope=SCOPE_SUBTREE) delta = secrets_ldb.msg_diff(empty, reference[0]) for att in hashAttrNotCopied: @@ -481,9 +481,9 @@ def update_secrets(newsecrets_ldb, secrets_ldb, messagefunc): secrets_ldb.add(delta) for entry in listPresent: - reference = newsecrets_ldb.search(expression="dn=%s" % entry, + reference = newsecrets_ldb.search(expression="distinguishedName=%s" % entry, base="", scope=SCOPE_SUBTREE) - current = secrets_ldb.search(expression="dn=%s" % entry, base="", + current = secrets_ldb.search(expression="distinguishedName=%s" % entry, base="", scope=SCOPE_SUBTREE) delta = secrets_ldb.msg_diff(current[0], reference[0]) for att in hashAttrNotCopied: @@ -497,9 +497,9 @@ def update_secrets(newsecrets_ldb, secrets_ldb, messagefunc): delta.remove(att) for entry in listPresent: - reference = newsecrets_ldb.search(expression="dn=%s" % entry, base="", + reference = newsecrets_ldb.search(expression="distinguishedName=%s" % entry, base="", scope=SCOPE_SUBTREE) - current = secrets_ldb.search(expression="dn=%s" % entry, base="", + current = secrets_ldb.search(expression="distinguishedName=%s" % entry, base="", scope=SCOPE_SUBTREE) delta = secrets_ldb.msg_diff(current[0], reference[0]) for att in hashAttrNotCopied: @@ -678,7 +678,7 @@ def delta_update_basesamdb(refsampath, sampath, creds, session, lp, message): reference = refsam.search(expression="") for refentry in reference: - entry = sam.search(expression="dn=%s" % refentry["dn"], + entry = sam.search(expression="distinguishedName=%s" % refentry["dn"], scope=SCOPE_SUBTREE) if not len(entry): delta = sam.msg_diff(empty, refentry) -- cgit