sin/samba-mirror
1
0
Fork 0
mirror of https://github.com/samba-team/samba.git synced 2025-07-22 16:59:09 +03:00
Code Activity

samba-tool domain demote: Refuse to remove ourself

Browse Source 
This ensures that a different server is the one being demoted from the local database

Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>
This commit is contained in:
Andrew Bartlett
2015-10-13 15:26:20 +13:00
parent 097435cfd9
commit e432c1b682
2 changed files with 13 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
python/samba/remove_dc.py
View File

@ -127,9 +127,12 @@ def offline_remove_ntds_dc(samdb, ntds_dn,
res = samdb.search("",
scope=ldb.SCOPE_BASE, attrs=["dsServiceName"])
assert len(res) == 1
my_serviceName = res[0]["dsServiceName"][0]
my_serviceName = ldb.Dn(samdb, res[0]["dsServiceName"][0])
server_dn = ntds_dn.parent()
if my_serviceName == ntds_dn:
raise DemoteException("Refusing to demote our own DSA: %s " % my_serviceName)
try:
msgs = samdb.search(base=ntds_dn, expression="objectClass=ntdsDSA",
attrs=["objectGUID"], scope=ldb.SCOPE_BASE)
@ -191,7 +194,8 @@ def offline_remove_ntds_dc(samdb, ntds_dn,
def remove_dc(samdb, dc_name):
# TODO: Check if this is the last server
# TODO: Check if this is the last server (covered mostly by
# refusing to remove our own name)
samdb.transaction_start()