sin/samba-mirror
1
0
Fork 0
mirror of https://github.com/samba-team/samba.git synced 2025-08-02 00:22:11 +03:00
Code Activity

samba-tool: refuse to demote if the current DC has still roles

Browse Source
This commit is contained in:
Matthieu Patou
2011-12-04 23:19:55 +01:00
parent f44e1a753a
commit a8c89fa7d2
1 changed files with 12 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

16
source4/scripting/python/samba/netcmd/domain.py
View File

@ -213,19 +213,27 @@ class cmd_domain_demote(Command):
server = e["dnsHostName"]
break
print "Using %s as partner server for the demotion" % server
ntds_guid = samdb.get_ntds_GUID()
(drsuapiBind, drsuapi_handle, supportedExtensions) = drsuapi_connect(server, lp, creds)
msg = samdb.search(base=str(samdb.get_config_basedn()), scope=ldb.SCOPE_SUBTREE,
expression="(objectGUID=%s)" % ntds_guid,
attrs=['options'])
if len(msg) == 0 or "options" not in msg[0]:
raise CommandError("Failed to find options on %s" % ntds_guid)
ntds_dn = msg[0].dn
dsa_options = int(str(msg[0]['options']))
res = samdb.search(expression="(fSMORoleOwner=%s)" % str(ntds_dn),
controls=["search_options:1:2"])
if len(res) != 0:
raise CommandError("Current DC is still the owner of %d role(s), use the role command to transfer roles to another DC")
print "Using %s as partner server for the demotion" % server
(drsuapiBind, drsuapi_handle, supportedExtensions) = drsuapi_connect(server, lp, creds)
print "Desactivating inbound replication"