mirror of
https://github.com/samba-team/samba.git
synced 2025-01-22 22:04:08 +03:00
561b654bc5
Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
145 lines
5.5 KiB
Python
Executable File
145 lines
5.5 KiB
Python
Executable File
#!/usr/bin/env python3
|
|
|
|
# script to call a DRS GetNCChanges from the command line
|
|
# this is useful for plugfest testing
|
|
from __future__ import print_function
|
|
import sys
|
|
from optparse import OptionParser
|
|
|
|
sys.path.insert(0, "bin/python")
|
|
|
|
import samba, ldb
|
|
import samba.getopt as options
|
|
from samba.dcerpc import drsuapi, misc
|
|
from samba.samdb import SamDB
|
|
from samba.auth import system_session
|
|
from samba.ndr import ndr_unpack
|
|
from samba.drs_utils import drs_get_rodc_partial_attribute_set, drs_DsBind
|
|
|
|
|
|
########### main code ###########
|
|
if __name__ == "__main__":
|
|
parser = OptionParser("getncchanges [options] server")
|
|
sambaopts = options.SambaOptions(parser)
|
|
parser.add_option_group(sambaopts)
|
|
credopts = options.CredentialsOptionsDouble(parser)
|
|
parser.add_option_group(credopts)
|
|
|
|
parser.add_option("", "--dn", dest="dn", help="DN to replicate",)
|
|
parser.add_option("", "--exop", dest="exop", help="extended operation",)
|
|
parser.add_option("", "--pas", dest="use_pas", action='store_true', default=False,
|
|
help="send partial attribute set (for RODC)")
|
|
parser.add_option("", "--nb-iter", type='int', help="Number of getncchange iterations")
|
|
parser.add_option("", "--dest-dsa", type='str', help="destination DSA GUID")
|
|
parser.add_option("", "--rodc", action='store_true', default=False,
|
|
help='use RODC replica flags')
|
|
parser.add_option("", "--partial-rw", action='store_true', default=False,
|
|
help='use RW partial replica flags, not be confused with --pas')
|
|
parser.add_option("", "--replica-flags", type='int',
|
|
default=drsuapi.DRSUAPI_DRS_INIT_SYNC |
|
|
drsuapi.DRSUAPI_DRS_PER_SYNC |
|
|
drsuapi.DRSUAPI_DRS_WRIT_REP |
|
|
drsuapi.DRSUAPI_DRS_GET_ANC |
|
|
drsuapi.DRSUAPI_DRS_NEVER_SYNCED,
|
|
help='replica flags')
|
|
|
|
(opts, args) = parser.parse_args()
|
|
if opts.rodc:
|
|
opts.replica_flags = drsuapi.DRSUAPI_DRS_INIT_SYNC |\
|
|
drsuapi.DRSUAPI_DRS_PER_SYNC |\
|
|
drsuapi.DRSUAPI_DRS_GET_ANC |\
|
|
drsuapi.DRSUAPI_DRS_NEVER_SYNCED |\
|
|
drsuapi.DRSUAPI_DRS_SPECIAL_SECRET_PROCESSING |\
|
|
drsuapi.DRSUAPI_DRS_GET_ALL_GROUP_MEMBERSHIP
|
|
|
|
if opts.partial_rw:
|
|
opts.replica_flags = drsuapi.DRSUAPI_DRS_INIT_SYNC |\
|
|
drsuapi.DRSUAPI_DRS_PER_SYNC |\
|
|
drsuapi.DRSUAPI_DRS_GET_ANC |\
|
|
drsuapi.DRSUAPI_DRS_NEVER_SYNCED
|
|
|
|
lp = sambaopts.get_loadparm()
|
|
creds = credopts.get_credentials(lp)
|
|
|
|
if len(args) != 1:
|
|
parser.error("You must supply a server")
|
|
|
|
if creds.is_anonymous():
|
|
parser.error("You must supply credentials")
|
|
|
|
if opts.partial_rw and opts.rodc:
|
|
parser.error("Can't specify --partial-rw and --rodc")
|
|
|
|
server = args[0]
|
|
|
|
binding_str = "ncacn_ip_tcp:%s[seal,print]" % server
|
|
|
|
drs = drsuapi.drsuapi(binding_str, lp, creds)
|
|
drs_handle, supported_extensions = drs_DsBind(drs)
|
|
print("DRS Handle: %s" % drs_handle)
|
|
|
|
req8 = drsuapi.DsGetNCChangesRequest8()
|
|
|
|
samdb = SamDB(url="ldap://%s" % server,
|
|
session_info=system_session(),
|
|
credentials=creds, lp=lp)
|
|
|
|
if opts.use_pas:
|
|
local_samdb = SamDB(url=None, session_info=system_session(),
|
|
credentials=creds, lp=lp)
|
|
|
|
if opts.dn is None:
|
|
opts.dn = str(samdb.get_default_basedn())
|
|
|
|
if opts.exop is None:
|
|
exop = drsuapi.DRSUAPI_EXOP_NONE
|
|
else:
|
|
exop = int(opts.exop)
|
|
|
|
dest_dsa = opts.dest_dsa
|
|
if not dest_dsa:
|
|
print("no dest_dsa specified trying to figure out from ldap")
|
|
msgs = samdb.search(controls=["search_options:1:2"],
|
|
expression='(objectclass=ntdsdsa)')
|
|
if len(msgs) == 1:
|
|
dest_dsa = str(ndr_unpack(misc.GUID, msgs[0]["invocationId"][0]))
|
|
print("Found this dsa: %s" % dest_dsa)
|
|
else:
|
|
# TODO fixme
|
|
pass
|
|
if not dest_dsa:
|
|
print("Unable to find the dest_dsa automatically please specify it")
|
|
import sys
|
|
sys.exit(1)
|
|
|
|
null_guid = misc.GUID()
|
|
req8.destination_dsa_guid = misc.GUID(dest_dsa)
|
|
req8.source_dsa_invocation_id = misc.GUID(samdb.get_invocation_id())
|
|
req8.naming_context = drsuapi.DsReplicaObjectIdentifier()
|
|
req8.naming_context.dn = opts.dn.decode("utf-8")
|
|
req8.highwatermark = drsuapi.DsReplicaHighWaterMark()
|
|
req8.highwatermark.tmp_highest_usn = 0
|
|
req8.highwatermark.reserved_usn = 0
|
|
req8.highwatermark.highest_usn = 0
|
|
req8.uptodateness_vector = None
|
|
req8.replica_flags = opts.replica_flags
|
|
req8.max_object_count = 402
|
|
req8.max_ndr_size = 402116
|
|
req8.extended_op = exop
|
|
req8.fsmo_info = 0
|
|
if opts.use_pas:
|
|
req8.partial_attribute_set = drs_get_rodc_partial_attribute_set(local_samdb)
|
|
else:
|
|
req8.partial_attribute_set = None
|
|
req8.partial_attribute_set_ex = None
|
|
req8.mapping_ctr.num_mappings = 0
|
|
req8.mapping_ctr.mappings = None
|
|
|
|
nb_iter = 0
|
|
while True:
|
|
(level, ctr) = drs.DsGetNCChanges(drs_handle, 8, req8)
|
|
nb_iter += 1
|
|
if ctr.more_data == 0 or opts.nb_iter == nb_iter:
|
|
break
|
|
req8.highwatermark = ctr.new_highwatermark
|