summaryrefslogtreecommitdiff
path: root/python
Commit message (Collapse)AuthorAgeFilesLines
* provision: Add support for BIND 9.11.xAmitay Isaacs2016-11-031-1/+5
| | | | | | | | | | | | | | | BUG: https://bugzilla.samba.org/show_bug.cgi?id=12366 Signed-off-by: Amitay Isaacs <amitay@gmail.com> Reviewed-by: Jeremy Allison <jra@samba.org> Autobuild-User(master): Jeremy Allison <jra@samba.org> Autobuild-Date(master): Fri Oct 28 03:42:25 CEST 2016 on sn-devel-144 (cherry picked from commit 2959c8888d46902e140963ed4190d23a7609b8da) Autobuild-User(v4-5-test): Karolin Seeger <kseeger@samba.org> Autobuild-Date(v4-5-test): Thu Nov 3 12:54:11 CET 2016 on sn-devel-144
* samba-tool: Run samba-tool domain tombstones expunge in a transactionAndrew Bartlett2016-10-201-0/+7
| | | | | | | Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Garming Sam <garming@catalyst.net.nz> BUG: https://bugzilla.samba.org/show_bug.cgi?id=12382 (cherry picked from commit 5620616968bd68b80d872079ad3bbb97ac1e7a8a)
* samba-tool: Add command-line tool to trigger tombstone expungeAndrew Bartlett2016-10-201-0/+74
| | | | | | | | | | This allows us to carefully test the garbage collection of tombstoned objects without running the full server and waiting for the timer to expire Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Garming Sam <garming@catalyst.net.nz> BUG: https://bugzilla.samba.org/show_bug.cgi?id=12382 (cherry picked from commit 55b9b9a969b0e7ef6590710fda85265fc3146159)
* python: Add binding for dsdb_garbage_collect_tombstones()Andrew Bartlett2016-10-201-0/+14
| | | | | | | Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Garming Sam <garming@catalyst.net.nz> BUG: https://bugzilla.samba.org/show_bug.cgi?id=12382 (cherry picked from commit 02d82af06f3f13bdfd7497d168ba06f1092ede12)
* kcc: Don't check schedule if NoneGarming Sam2016-10-201-5/+13
| | | | | | | | | | | | BUG: https://bugzilla.samba.org/show_bug.cgi?id=12286 Signed-off-by: Garming Sam <garming@catalyst.net.nz> Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz> Autobuild-User(master): Douglas Bagnall <dbagnall@samba.org> Autobuild-Date(master): Fri Sep 23 06:52:28 CEST 2016 on sn-devel-144 (cherry picked from commit 60e4bd381a8fc5b74b52e85f111cd5113bd6772b)
* python/join: do not attempt to parse log level, use parsed valueChristian Ambach2016-10-201-2/+2
| | | | | | | | | | | The log level parameter can contain debug class specific entries. Do not attempt to parse this as int, but use the values that the debugging system already parsed BUG: https://bugzilla.samba.org/show_bug.cgi?id=9945 Signed-off-by: Christian Ambach <ambi@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org> (cherry picked from commit 92178f02bd09277f783eb68b476cfd1452c7f9ef)
* python/drs_utils: do not attempt to parse log level, use parsed valueChristian Ambach2016-10-201-1/+1
| | | | | | | | | | | The log level parameter can contain debug class specific entries. Do not attempt to parse this as int, but use the values that the debugging system already parsed BUG: https://bugzilla.samba.org/show_bug.cgi?id=9945 Signed-off-by: Christian Ambach <ambi@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org> (cherry picked from commit dd25aa129b6d799853312134628402f77b492eab)
* tests/param add a test for LoadParm.log_levelChristian Ambach2016-10-201-0/+6
| | | | | | Signed-off-by: Christian Ambach <ambi@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org> (cherry picked from commit fa56dbf6706872c5287eab082bb6ba7b5bd3ccd2)
* dbcheck: Abandon dbcheck if we get an error during a transactionAndrew Bartlett2016-09-061-0/+7
| | | | | | | | | | | | | | | | | | Otherwise, anything that the transaction has already done to the DB will be left in the DB even despite the failure. For example, if a fix wrote to the DB, but then failed a post-write check, then the fix will not be unrolled. This is because we do not have nested transactions in TDB. BUG: https://bugzilla.samba.org/show_bug.cgi?id=12178 Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org> Autobuild-User(master): Stefan Metzmacher <metze@samba.org> Autobuild-Date(master): Mon Aug 29 12:46:21 CEST 2016 on sn-devel-144 (cherry picked from commit db32a0e5ea8f652857e45480cc31ecb1ef884c1a)
* KCC: Fix misnamed variable in DSA objectDouglas Bagnall2016-08-281-1/+1
| | | | | | | | | | | | | | | Found by Garming. Unlikely to affect anyone. BUG: https://bugzilla.samba.org/show_bug.cgi?id=12143 Pair-programmed-with: Garming Sam <garming@catalyst.net.nz> Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz> Signed-off-by: Garming Sam <garming@catalyst.net.nz> Autobuild-User(master): Douglas Bagnall <dbagnall@samba.org> Autobuild-Date(master): Fri Aug 12 08:20:31 CEST 2016 on sn-devel-144 (cherry picked from commit e7ad8727be6d947f31ca2ca9bfee81b2a34f25a5)
* tests:blackbox: let samba_dnsupdate.py provide more detailsStefan Metzmacher2016-08-111-4/+4
| | | | | | | | | BUG: https://bugzilla.samba.org/show_bug.cgi?id=12108 Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org> Reviewed-by: Michael Adam <obnox@samba.org> (cherry picked from commit dcdef0082a190dd9ed0b365c9103429a3a75adc3)
* tests:samba_tool: make use of assertCmdFail() in gpo.pyStefan Metzmacher2016-08-111-1/+1
| | | | | | | | | BUG: https://bugzilla.samba.org/show_bug.cgi?id=12108 Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org> Reviewed-by: Michael Adam <obnox@samba.org> (cherry picked from commit 62b7e73d4007401f52792bc74768dfd8c1472274)
* tests:samba_tool: pass stdout and stderr to assertCmdSuccess()Stefan Metzmacher2016-08-1111-60/+59
| | | | | | | | | | | | This allows us to generate better assert messages and give the developer some ideas why the command wasn't able to run. BUG: https://bugzilla.samba.org/show_bug.cgi?id=12108 Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org> Reviewed-by: Michael Adam <obnox@samba.org> (cherry picked from commit fed029a624b24e9e0b3124e1b4e0810d32a95f75)
* samba-tool/ldapcmp: ignore differences of whenChangedStefan Metzmacher2016-08-111-1/+1
| | | | | | | | | | | | | | | This is implicitly replicated, but may diverge on updates of non-replicated attributes. BUG: https://bugzilla.samba.org/show_bug.cgi?id=12129 Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Ralph Boehme <slow@samba.org> Autobuild-User(master): Ralph Böhme <slow@samba.org> Autobuild-Date(master): Mon Aug 8 17:34:24 CEST 2016 on sn-devel-144 (cherry picked from commit a0e60e96aa38407ded8d63650dcf8f39304c958a)
* tests:samba_tool_drs: test samba-tool drs replicate with --async-opStefan Metzmacher2016-07-281-0/+23
| | | | | Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Garming Sam <garming@samba.org>
* tests:samba_tool_drs: test samba-tool drs replicate with implicit machine ↵Stefan Metzmacher2016-07-281-1/+12
| | | | | | | credentials Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Garming Sam <garming@samba.org>
* samba-tool: add --async-rep option to 'samba-tool drs replicate'Stefan Metzmacher2016-07-281-4/+11
| | | | | | | We may not want to wait for the replication to finish. Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Garming Sam <garming@samba.org>
* samba-tool: use a timeout of 5 minutes in 'samba-tool drs replicate'Stefan Metzmacher2016-07-281-3/+4
| | | | | Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Garming Sam <garming@samba.org>
* kcc: Clean up repsTo attribute for old DCsGarming Sam2016-07-262-0/+73
| | | | | | | | Signed-off-by: Garming Sam <garming@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abartlet@samba.org> Autobuild-User(master): Garming Sam <garming@samba.org> Autobuild-Date(master): Tue Jul 26 05:11:57 CEST 2016 on sn-devel-144
* kcc: Add a TODO for msDS[-RO]-Replica-LocationsGarming Sam2016-07-261-0/+1
| | | | | | | When you modify the replica locations to exclude a DSA, it should be respected. Signed-off-by: Garming Sam <garming@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* kcc: Add corresponding methods for repsToGarming Sam2016-07-261-0/+95
| | | | | Signed-off-by: Garming Sam <garming@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* kcc: fix a typoGarming Sam2016-07-251-1/+1
| | | | | | | | Signed-off-by: Garming Sam <garming@catalyst.net.nz> Reviewed-by: Volker Lendecke <vl@samba.org> Autobuild-User(master): Volker Lendecke <vl@samba.org> Autobuild-Date(master): Mon Jul 25 17:42:33 CEST 2016 on sn-devel-144
* kcc: typo fix tupple => tupleGarming Sam2016-07-251-2/+2
| | | | | Signed-off-by: Garming Sam <garming@catalyst.net.nz> Reviewed-by: Volker Lendecke <vl@samba.org>
* python:samba/tests: use 'samba-tool user {getpassword,syncpasswords}' with ↵Stefan Metzmacher2016-07-221-4/+32
| | | | | | | --decrypt-samba-gpg Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Alexander Bokovoy <ab@samba.org>
* samba-tool: add --decrypt-samba-gpg support to 'user getpasswords' and 'user ↵Stefan Metzmacher2016-07-221-11/+152
| | | | | | | | | | | | | | | | | | syncpasswords' This get's the cleartext passwords by decrypting the 'Primary:SambaGPG' value in order to provide the virtual attributes: virtualClearTextUTF16, virtualClearTextUTF8, virtualCryptSHA256, virtualCryptSHA512, virtualSSHA The virtual attribute virtualSambaGPG provides the raw (encrypted) value of the 'Primary:SambaGPG' value. See the "password hash gpg key ids" option for the encryption part of this feature. Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Alexander Bokovoy <ab@samba.org>
* python:samba/tests: add simple 'samba-tool user syncpasswords' testStefan Metzmacher2016-07-221-1/+45
| | | | | Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Alexander Bokovoy <ab@samba.org>
* samba-tool: add 'user syncpasswords' commandStefan Metzmacher2016-07-221-0/+760
| | | | | | | | | | | | | | | | | | | | | | | This provides an easy way to keep passwords in sync with another account database, e.g. an OpenLDAP server. It provides a functionality like the "passwd program" for the "unix password sync" feature of a standalone, member and classic (NT4) server, but for an active directory domain controller. The provided script is called for each account/password related change. Like the 'user getpassword' command it allows virtual attributes like: virtualClearTextUTF16, virtualClearTextUTF8, virtualCryptSHA256, virtualCryptSHA512, virtualSSHA Note that this command should just run on a single domain controller (typically the PDC-emulator). Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Alexander Bokovoy <ab@samba.org>
* python:samba/tests: verify the packages order in supplementalCredentialsStefan Metzmacher2016-07-221-0/+75
| | | | | Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* python:samba/tests: add simple 'samba-tool user getpassword' testStefan Metzmacher2016-07-221-1/+23
| | | | | Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* samba-tool: add 'user getpassword' commandStefan Metzmacher2016-07-221-0/+408
| | | | | | | | | | | | | | This provides an easy way to get the passwords of a user including the cleartext passwords (if stored) and derived hashes. This is done by providing virtual attributes like: virtualClearTextUTF16, virtualClearTextUTF8, virtualCryptSHA256, virtualCryptSHA512, virtualSSHA This is much easier than using ldbsearch and manually parsing the supplementalCredentials attribute. Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Alexander Bokovoy <ab@samba.org>
* kcc: correct a typo in the debug messagesGarming Sam2016-07-211-2/+2
| | | | | Signed-off-by: Garming Sam <garming@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* dbcheck: Add a rule regarding replica locationsGarming Sam2016-07-211-1/+57
| | | | | | | | | | | | This fixes any RW DCs with repsFrom without the corresponding link. On any RODC, this just reports an error (and doesn't fix it). (the knownfail entry is also now removed) BUG: https://bugzilla.samba.org/show_bug.cgi?id=9200 Signed-off-by: Garming Sam <garming@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* join.py: Don't add replica locations without the backendGarming Sam2016-07-211-7/+8
| | | | | | | BUG: https://bugzilla.samba.org/show_bug.cgi?id=9200 Signed-off-by: Garming Sam <garming@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* join.py: Add Replica-Locations for DomainDNS and ForestDNSGarming Sam2016-07-211-4/+31
| | | | | | | BUG: https://bugzilla.samba.org/show_bug.cgi?id=9200 Signed-off-by: Garming Sam <garming@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* join.py: Ensure that all expressions are escapedGarming Sam2016-07-211-4/+6
| | | | | | | BUG: https://bugzilla.samba.org/show_bug.cgi?id=9200 Signed-off-by: Garming Sam <garming@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* kcc: Make more fault tolerant on DC demotionGarming Sam2016-07-211-0/+9
| | | | | Signed-off-by: Garming Sam <garming@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* samba_kcc: match translate connection from old KCC for RWDCGarming Sam2016-07-211-0/+6
| | | | | | | | This makes it so that repsTo are always regenerated on the target DCs. This also happens elsewhere in drepl_out, but is to be removed. Signed-off-by: Garming Sam <garming@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* samba_kcc: match translate connection from old KCC for RODCGarming Sam2016-07-211-2/+17
| | | | | Signed-off-by: Garming Sam <garming@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* kcc: Prevent the KCC from doing work on the RODCGarming Sam2016-07-211-4/+20
| | | | | | | | This should never have done any real work, new code or not. This just removes the initial KCC calls and bails out in the KCC if we actually ran it. Signed-off-by: Garming Sam <garming@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* samba-tool: Speed up all samba-tool commandsGarming Sam2016-07-201-37/+41
| | | | | | | | | | | | | | | This in particular helps the docs.py test halve in time (at least on my machine) NOTE: The removal of enable_null_tracking is required because we are no longer importing join.py in every single samba-tool invocation. Without removing this line, memory would be hanging from both the actual NULL context and the talloc_null_context (causing a segfault at system_exit). Signed-off-by: Garming Sam <garming@catalyst.net.nz> Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz> Autobuild-User(master): Garming Sam <garming@samba.org> Autobuild-Date(master): Wed Jul 20 12:47:24 CEST 2016 on sn-devel-144
* join.py: Remove talloc enable_null_trackingGarming Sam2016-07-191-3/+0
| | | | | | | | | | | The removal of enable_null_tracking is required because we will no longer importing join.py in every single samba-tool invocation. Without removing this line, memory would be hanging from both the actual NULL context and the talloc_null_context (causing a segfault at system_exit). Signed-off-by: Garming Sam <garming@catalyst.net.nz> Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* samba-tool: Put full command and subcommand in informative name when testing ↵Andrew Bartlett2016-07-191-2/+2
| | | | | | | | | | samba-tool These are not used for anything other than to print in the usage, but it seems nicer to match normal invocation of these commands Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
* dbcheck: Split out valid stale DN links and invalid onesGarming Sam2016-07-151-8/+35
| | | | | Signed-off-by: Garming Sam <garming@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* dbcheck: change argument to specify a partial --yesGarming Sam2016-07-152-4/+25
| | | | | Signed-off-by: Garming Sam <garming@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* dbcheck: check for linked atributes that should not existDouglas Bagnall2016-07-151-44/+90
| | | | | | | | | | | | | In order to do this we need to use the reveal internals control, which breaks the comparison against extended DNs. So we compare the components instead. Because this patch makes our code notice and fix stale one-way-links (eg, after a rename) now, the renamedc test needs to be adjusted to match. Signed-off-by: Andrew Bartlett <abartlet@samba.org> Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
* dbcheck: cache linkIDs and reverse attribute namesDouglas Bagnall2016-07-151-5/+17
| | | | | | | This avoids fetching the same same schema things again and again. Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* dbcheck: Script swallows input when given a carriage returnGarming Sam2016-07-151-1/+1
| | | | | Signed-off-by: Garming Sam <garming@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* python/remove_dc: handle dnsNode objects without dnsRecord attributeStefan Metzmacher2016-07-131-6/+5
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | If we have dnsNode objects without dnsRecord attribute values we trigger the following error triggered by 'samba-tool domain demote --remove-other-dead-server=server2' ERROR(<type 'exceptions.TypeError'>): uncaught exception - __ndr_unpack__() argument 1 must be string or read-only buffer, not dnsp.DnssrvRpcRecord File "/usr/lib64/python2.6/site-packages/samba/netcmd/__init__.py", line 175, in _run return self.run(*args, **kwargs) File "/usr/lib64/python2.6/site-packages/samba/netcmd/domain.py", line 720, in run remove_dc.remove_dc(samdb, logger, remove_other_dead_server) File "/usr/lib64/python2.6/site-packages/samba/remove_dc.py", line 423, in remove_dc remove_dns_account=True) File "/usr/lib64/python2.6/site-packages/samba/remove_dc.py", line 351, in offline_remove_ntds_dc remove_dns_account=remove_dns_account) File "/usr/lib64/python2.6/site-packages/samba/remove_dc.py", line 266, in offline_remove_server remove_dns_references(samdb, logger, dnsHostName) File "/usr/lib64/python2.6/site-packages/samba/remove_dc.py", line 186, in remove_dns_references for v in values if not to_remove(v) ] File "/usr/lib64/python2.6/site-packages/samba/remove_dc.py", line 160, in to_remove dnsRecord = ndr_unpack(dnsp.DnssrvRpcRecord, value) File "/usr/lib64/python2.6/site-packages/samba/ndr.py", line 45, in ndr_unpack object.__ndr_unpack__(data, allow_remaining=allow_remaining) A transaction is still active in ldb context [0xe1f320] on tdb:///var/lib/samba/private/sam.ldb "next" is used in perl not in python! BUG: https://bugzilla.samba.org/show_bug.cgi?id=12018 Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org> Autobuild-User(master): Andrew Bartlett <abartlet@samba.org> Autobuild-Date(master): Wed Jul 13 10:10:30 CEST 2016 on sn-devel-144
* samba-tool drs replicate: Allow replication call to take as long as requiredAndrew Bartlett2016-07-121-1/+2
| | | | | | | This matches the behaviour in the drsuapi server for DsReplicaSync Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Garming Sam <garming@catalyst.net.nz>
* pyrpc: Allow control of RPC timeout for IRPCAndrew Bartlett2016-07-121-0/+1
| | | | | Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Garming Sam <garming@catalyst.net.nz>
View Lorry Controller Status