The branch, master has been updated
via 81d3f92 selftest:Samba4: test --domain-critical-only in
provision_vampire_dc()
via f34f16f s3:samba-tool: add --domain-critical-only to "samba-tool
domain join"
via 5d6b848 s4:py/samba/join: add domain_critical_only=False to
join_DC/join_RODC
via a3f2621 s4:py/samba/drs_utils: pass down req/req_level to
self.net.replicate_chunk()
via daf5676 s4:libnet_vampire: don't keep the replication state if
DRSUAPI_DRS_CRITICAL_ONLY was used
via 47fcbd7 s4:libnet: passdown the DsGetNCChangesReq* to the
libnet_BecomeDC_StoreChunk handler
via da7d22d selftest:target/Samba4: use the correct configuration in
setup_vampire_dc()
from 0d1a7fd s3:libsmb: keep the request order in
cli_smb_req_unset_pending()
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master
- Log -----------------------------------------------------------------
commit 81d3f92155856891ee0ac74cada3bbdd3e7670e1
Author: Stefan Metzmacher <me...@samba.org>
Date: Thu Aug 11 23:07:35 2011 +0200
selftest:Samba4: test --domain-critical-only in provision_vampire_dc()
This way only only replicate critical objects during the initial join
as DC, then we'll replicate the whole domain while 'samba' is running.
metze
Signed-off-by: Andrew Tridgell <tri...@samba.org>
Autobuild-User: Stefan Metzmacher <me...@samba.org>
Autobuild-Date: Fri Aug 12 14:07:50 CEST 2011 on sn-devel-104
commit f34f16f7f87d39cd21ce43c51ccb5726ff44c959
Author: Stefan Metzmacher <me...@samba.org>
Date: Mon Aug 8 11:15:35 2011 +0200
s3:samba-tool: add --domain-critical-only to "samba-tool domain join"
metze
Signed-off-by: Andrew Tridgell <tri...@samba.org>
commit 5d6b8483943697cc10fe7e42fcf2d544f5758dbc
Author: Stefan Metzmacher <me...@samba.org>
Date: Mon Aug 8 11:01:21 2011 +0200
s4:py/samba/join: add domain_critical_only=False to join_DC/join_RODC
metze
Signed-off-by: Andrew Tridgell <tri...@samba.org>
commit a3f262182a65de04a41a336c7c08854723879065
Author: Stefan Metzmacher <me...@samba.org>
Date: Mon Aug 8 10:47:12 2011 +0200
s4:py/samba/drs_utils: pass down req/req_level to self.net.replicate_chunk()
metze
Signed-off-by: Andrew Tridgell <tri...@samba.org>
commit daf56768c6487dc94e6a337297d065a378fe237a
Author: Stefan Metzmacher <me...@samba.org>
Date: Tue Aug 9 12:23:29 2011 +0200
s4:libnet_vampire: don't keep the replication state if
DRSUAPI_DRS_CRITICAL_ONLY was used
In that case we have incomplete information and need to start
from 0 in the next run.
metze
Signed-off-by: Andrew Tridgell <tri...@samba.org>
commit 47fcbd71ae811eb479fe479f4526fe11c0fa86b6
Author: Stefan Metzmacher <me...@samba.org>
Date: Mon Aug 8 10:29:05 2011 +0200
s4:libnet: passdown the DsGetNCChangesReq* to the
libnet_BecomeDC_StoreChunk handler
metze
Signed-off-by: Andrew Tridgell <tri...@samba.org>
commit da7d22dadeec3bb41da0bd1e49c28ab20e83cf9f
Author: Stefan Metzmacher <me...@samba.org>
Date: Tue Aug 9 12:20:54 2011 +0200
selftest:target/Samba4: use the correct configuration in setup_vampire_dc()
This allows "TDB_NO_FSYNC=1 make -j test TESTS=vampire" to work.
metze
Signed-off-by: Andrew Tridgell <tri...@samba.org>
-----------------------------------------------------------------------
Summary of changes:
selftest/target/Samba4.pm | 4 +-
source4/libnet/libnet_become_dc.c | 25 ++++++++++++
source4/libnet/libnet_become_dc.h | 4 ++
source4/libnet/libnet_vampire.c | 30 ++++++++++++++
source4/libnet/py_net.c | 47 +++++++++++++++++++++--
source4/scripting/python/samba/drs_utils.py | 3 +-
source4/scripting/python/samba/join.py | 13 +++++-
source4/scripting/python/samba/netcmd/domain.py | 12 ++++-
8 files changed, 126 insertions(+), 12 deletions(-)
Changeset truncated at 500 lines:
diff --git a/selftest/target/Samba4.pm b/selftest/target/Samba4.pm
index 89faf01..df5a8bb 100644
--- a/selftest/target/Samba4.pm
+++ b/selftest/target/Samba4.pm
@@ -1005,7 +1005,7 @@ sub provision_vampire_dc($$$)
$cmd .=
"SOCKET_WRAPPER_DEFAULT_IFACE=\"$ret->{SOCKET_WRAPPER_DEFAULT_IFACE}\" ";
$cmd .= "KRB5_CONFIG=\"$ret->{KRB5_CONFIG}\" ";
$cmd .= "$samba_tool domain join $ret->{CONFIGURATION} $dcvars->{REALM}
DC --realm=$dcvars->{REALM}";
- $cmd .= " -U$dcvars->{DC_USERNAME}\%$dcvars->{DC_PASSWORD}";
+ $cmd .= " -U$dcvars->{DC_USERNAME}\%$dcvars->{DC_PASSWORD}
--domain-critical-only";
unless (system($cmd) == 0) {
warn("Join failed\n$cmd");
@@ -1525,6 +1525,7 @@ sub setup_vampire_dc($$$)
$cmd .=
"SOCKET_WRAPPER_DEFAULT_IFACE=\"$env->{SOCKET_WRAPPER_DEFAULT_IFACE}\"";
$cmd .= " KRB5_CONFIG=\"$env->{KRB5_CONFIG}\"";
$cmd .= " $samba_tool drs kcc $env->{DC_SERVER}";
+ $cmd .= " $env->{CONFIGURATION}";
$cmd .= " -U$dc_vars->{DC_USERNAME}\%$dc_vars->{DC_PASSWORD}";
unless (system($cmd) == 0) {
warn("Failed to exec kcc\n$cmd");
@@ -1537,6 +1538,7 @@ sub setup_vampire_dc($$$)
$cmd =
"SOCKET_WRAPPER_DEFAULT_IFACE=\"$env->{SOCKET_WRAPPER_DEFAULT_IFACE}\"";
$cmd .= " KRB5_CONFIG=\"$env->{KRB5_CONFIG}\"";
$cmd .= " $samba_tool drs replicate $env->{DC_SERVER}
$env->{VAMPIRE_DC_SERVER}";
+ $cmd .= " $dc_vars->{CONFIGURATION}";
$cmd .= " -U$dc_vars->{DC_USERNAME}\%$dc_vars->{DC_PASSWORD}";
# replicate Configuration NC
my $cmd_repl = "$cmd \"CN=Configuration,$base_dn\"";
diff --git a/source4/libnet/libnet_become_dc.c
b/source4/libnet/libnet_become_dc.c
index aabb3b4..bfa6372 100644
--- a/source4/libnet/libnet_become_dc.c
+++ b/source4/libnet/libnet_become_dc.c
@@ -2615,6 +2615,10 @@ static WERROR
becomeDC_drsuapi_pull_partition_recv(struct libnet_BecomeDC_state
struct
libnet_BecomeDC_Partition *partition,
struct
drsuapi_DsGetNCChanges *r)
{
+ uint32_t req_level = 0;
+ struct drsuapi_DsGetNCChangesRequest5 *req5 = NULL;
+ struct drsuapi_DsGetNCChangesRequest8 *req8 = NULL;
+ struct drsuapi_DsGetNCChangesRequest10 *req10 = NULL;
uint32_t ctr_level = 0;
struct drsuapi_DsGetNCChangesCtr1 *ctr1 = NULL;
struct drsuapi_DsGetNCChangesCtr6 *ctr6 = NULL;
@@ -2628,6 +2632,23 @@ static WERROR
becomeDC_drsuapi_pull_partition_recv(struct libnet_BecomeDC_state
return r->out.result;
}
+ switch (r->in.level) {
+ case 0:
+ /* none */
+ break;
+ case 5:
+ req5 = &r->in.req->req5;
+ break;
+ case 8:
+ req8 = &r->in.req->req8;
+ break;
+ case 10:
+ req10 = &r->in.req->req10;
+ break;
+ default:
+ return WERR_INVALID_PARAMETER;
+ }
+
if (*r->out.level_out == 1) {
ctr_level = 1;
ctr1 = &r->out.ctr->ctr1;
@@ -2691,6 +2712,10 @@ static WERROR
becomeDC_drsuapi_pull_partition_recv(struct libnet_BecomeDC_state
s->_sc.source_dsa = &s->source_dsa;
s->_sc.dest_dsa = &s->dest_dsa;
s->_sc.partition = partition;
+ s->_sc.req_level = req_level;
+ s->_sc.req5 = req5;
+ s->_sc.req8 = req8;
+ s->_sc.req10 = req10;
s->_sc.ctr_level = ctr_level;
s->_sc.ctr1 = ctr1;
s->_sc.ctr6 = ctr6;
diff --git a/source4/libnet/libnet_become_dc.h
b/source4/libnet/libnet_become_dc.h
index 604813f..b3b08bd 100644
--- a/source4/libnet/libnet_become_dc.h
+++ b/source4/libnet/libnet_become_dc.h
@@ -107,6 +107,10 @@ struct libnet_BecomeDC_StoreChunk {
const struct libnet_BecomeDC_SourceDSA *source_dsa;
const struct libnet_BecomeDC_DestDSA *dest_dsa;
const struct libnet_BecomeDC_Partition *partition;
+ uint32_t req_level;
+ const struct drsuapi_DsGetNCChangesRequest5 *req5;
+ const struct drsuapi_DsGetNCChangesRequest8 *req8;
+ const struct drsuapi_DsGetNCChangesRequest10 *req10;
uint32_t ctr_level;
const struct drsuapi_DsGetNCChangesCtr1 *ctr1;
const struct drsuapi_DsGetNCChangesCtr6 *ctr6;
diff --git a/source4/libnet/libnet_vampire.c b/source4/libnet/libnet_vampire.c
index 80b1a61..efbcd8a 100644
--- a/source4/libnet/libnet_vampire.c
+++ b/source4/libnet/libnet_vampire.c
@@ -626,6 +626,7 @@ NTSTATUS libnet_vampire_cb_store_chunk(void *private_data,
struct drsuapi_DsReplicaLinkedAttribute *linked_attributes;
const struct drsuapi_DsReplicaCursor2CtrEx *uptodateness_vector;
struct dsdb_extended_replicated_objects *objs;
+ uint32_t req_replica_flags;
struct repsFromTo1 *s_dsa;
char *tmp_dns_name;
uint32_t i;
@@ -667,6 +668,35 @@ NTSTATUS libnet_vampire_cb_store_chunk(void *private_data,
return NT_STATUS_INVALID_PARAMETER;
}
+ switch (c->req_level) {
+ case 0:
+ /* none */
+ req_replica_flags = 0;
+ break;
+ case 5:
+ req_replica_flags = c->req5->replica_flags;
+ break;
+ case 8:
+ req_replica_flags = c->req8->replica_flags;
+ break;
+ case 10:
+ req_replica_flags = c->req10->replica_flags;
+ break;
+ default:
+ return NT_STATUS_INVALID_PARAMETER;
+ }
+
+ if (req_replica_flags & DRSUAPI_DRS_CRITICAL_ONLY) {
+ /*
+ * If we only replicate the critical objects
+ * we should not remember what we already
+ * got, as it is incomplete.
+ */
+ ZERO_STRUCT(s_dsa->highwatermark);
+ uptodateness_vector = NULL;
+ }
+
+ /* TODO: avoid hardcoded flags */
s_dsa->replica_flags = DRSUAPI_DRS_WRIT_REP
| DRSUAPI_DRS_INIT_SYNC
| DRSUAPI_DRS_PER_SYNC;
diff --git a/source4/libnet/py_net.c b/source4/libnet/py_net.c
index 0fae791..c4b6840 100644
--- a/source4/libnet/py_net.c
+++ b/source4/libnet/py_net.c
@@ -463,16 +463,20 @@ static PyObject *py_net_replicate_init(py_net_Object
*self, PyObject *args, PyOb
*/
static PyObject *py_net_replicate_chunk(py_net_Object *self, PyObject *args,
PyObject *kwargs)
{
- const char *kwnames[] = { "state", "level", "ctr", "schema", NULL };
- PyObject *py_state, *py_ctr, *py_schema;
+ const char *kwnames[] = { "state", "level", "ctr",
+ "schema", "req_level", "req",
+ NULL };
+ PyObject *py_state, *py_ctr, *py_schema, *py_req;
struct replicate_state *s;
unsigned level;
+ unsigned req_level = 0;
NTSTATUS (*chunk_handler)(void *private_data, const struct
libnet_BecomeDC_StoreChunk *c);
NTSTATUS status;
- if (!PyArg_ParseTupleAndKeywords(args, kwargs, "OIO|O",
+ if (!PyArg_ParseTupleAndKeywords(args, kwargs, "OIO|OIO",
discard_const_p(char *, kwnames),
- &py_state, &level, &py_ctr,
&py_schema)) {
+ &py_state, &level, &py_ctr,
+ &py_schema, &req_level, &py_req)) {
return NULL;
}
@@ -510,6 +514,41 @@ static PyObject *py_net_replicate_chunk(py_net_Object
*self, PyObject *args, PyO
return NULL;
}
+ s->chunk.req5 = NULL;
+ s->chunk.req8 = NULL;
+ s->chunk.req10 = NULL;
+ if (py_req) {
+ switch (req_level) {
+ case 0:
+ break;
+ case 5:
+ if (!py_check_dcerpc_type(py_req,
"samba.dcerpc.drsuapi", "DsGetNCChangesRequest5")) {
+ return NULL;
+ }
+
+ s->chunk.req5 = pytalloc_get_ptr(py_req);
+ break;
+ case 8:
+ if (!py_check_dcerpc_type(py_req,
"samba.dcerpc.drsuapi", "DsGetNCChangesRequest8")) {
+ return NULL;
+ }
+
+ s->chunk.req8 = pytalloc_get_ptr(py_req);
+ break;
+ case 10:
+ if (!py_check_dcerpc_type(py_req,
"samba.dcerpc.drsuapi", "DsGetNCChangesRequest10")) {
+ return NULL;
+ }
+
+ s->chunk.req10 = pytalloc_get_ptr(py_req);
+ break;
+ default:
+ PyErr_Format(PyExc_TypeError, "Bad req_level %u in
replicate_chunk", req_level);
+ return NULL;
+ }
+ }
+ s->chunk.req_level = req_level;
+
chunk_handler = libnet_vampire_cb_store_chunk;
if (py_schema) {
if (!PyBool_Check(py_schema)) {
diff --git a/source4/scripting/python/samba/drs_utils.py
b/source4/scripting/python/samba/drs_utils.py
index 77f415e..80128ca 100644
--- a/source4/scripting/python/samba/drs_utils.py
+++ b/source4/scripting/python/samba/drs_utils.py
@@ -167,7 +167,8 @@ class drs_Replicate:
(level, ctr) = self.drs.DsGetNCChanges(self.drs_handle, req_level,
req)
if ctr.first_object == None and ctr.object_count != 0:
raise RuntimeError("DsGetNCChanges: NULL first_object with
object_count=%u" % (ctr.object_count))
- self.net.replicate_chunk(self.replication_state, level, ctr,
schema=schema)
+ self.net.replicate_chunk(self.replication_state, level, ctr,
+ schema=schema, req_level=req_level,
req=req)
if ctr.more_data == 0:
break
req.highwatermark.tmp_highest_usn =
ctr.new_highwatermark.tmp_highest_usn
diff --git a/source4/scripting/python/samba/join.py
b/source4/scripting/python/samba/join.py
index c24e8d6..00f2c54 100644
--- a/source4/scripting/python/samba/join.py
+++ b/source4/scripting/python/samba/join.py
@@ -480,7 +480,7 @@ class dc_join(object):
replica_flags=ctx.replica_flags)
repl.replicate(ctx.base_dn, source_dsa_invocation_id,
destination_dsa_guid, rodc=ctx.RODC,
- replica_flags=ctx.replica_flags)
+ replica_flags=ctx.domain_replica_flags)
if ctx.RODC:
repl.replicate(ctx.acct_dn, source_dsa_invocation_id,
destination_dsa_guid,
@@ -534,7 +534,7 @@ class dc_join(object):
def join_RODC(server=None, creds=None, lp=None, site=None, netbios_name=None,
- targetdir=None, domain=None):
+ targetdir=None, domain=None, domain_critical_only=False):
"""join as a RODC"""
ctx = dc_join(server, creds, lp, site, netbios_name, targetdir, domain)
@@ -569,6 +569,10 @@ def join_RODC(server=None, creds=None, lp=None, site=None,
netbios_name=None,
drsuapi.DRSUAPI_DRS_NEVER_SYNCED |
drsuapi.DRSUAPI_DRS_SPECIAL_SECRET_PROCESSING |
drsuapi.DRSUAPI_DRS_GET_ALL_GROUP_MEMBERSHIP)
+ ctx.domain_replica_flags = ctx.replica_flags
+ if domain_critical_only:
+ ctx.domain_replica_flags |= drsuapi.DRSUAPI_DRS_CRITICAL_ONLY
+
ctx.do_join()
@@ -576,7 +580,7 @@ def join_RODC(server=None, creds=None, lp=None, site=None,
netbios_name=None,
def join_DC(server=None, creds=None, lp=None, site=None, netbios_name=None,
- targetdir=None, domain=None):
+ targetdir=None, domain=None, domain_critical_only=False):
"""join as a DC"""
ctx = dc_join(server, creds, lp, site, netbios_name, targetdir, domain)
@@ -590,6 +594,9 @@ def join_DC(server=None, creds=None, lp=None, site=None,
netbios_name=None,
drsuapi.DRSUAPI_DRS_PER_SYNC |
drsuapi.DRSUAPI_DRS_FULL_SYNC_IN_PROGRESS |
drsuapi.DRSUAPI_DRS_NEVER_SYNCED)
+ ctx.domain_replica_flags = ctx.replica_flags
+ if domain_critical_only:
+ ctx.domain_replica_flags |= drsuapi.DRSUAPI_DRS_CRITICAL_ONLY
ctx.do_join()
print "Joined domain %s (SID %s) as a DC" % (ctx.domain_name, ctx.domsid)
diff --git a/source4/scripting/python/samba/netcmd/domain.py
b/source4/scripting/python/samba/netcmd/domain.py
index 50b5d80..423a812 100644
--- a/source4/scripting/python/samba/netcmd/domain.py
+++ b/source4/scripting/python/samba/netcmd/domain.py
@@ -75,12 +75,16 @@ class cmd_domain_join(Command):
Option("--server", help="DC to join", type=str),
Option("--site", help="site to join", type=str),
Option("--targetdir", help="where to store provision", type=str),
+ Option("--domain-critical-only",
+ help="only replicate critical domain objects",
+ action="store_true"),
]
takes_args = ["domain", "role?"]
def run(self, domain, role=None, sambaopts=None, credopts=None,
- versionopts=None, server=None, site=None, targetdir=None):
+ versionopts=None, server=None, site=None, targetdir=None,
+ domain_critical_only=False):
lp = sambaopts.get_loadparm()
creds = credopts.get_credentials(lp)
net = Net(creds, lp, server=credopts.ipaddress)
@@ -102,11 +106,13 @@ class cmd_domain_join(Command):
return
elif role == "DC":
join_DC(server=server, creds=creds, lp=lp, domain=domain,
- site=site, netbios_name=netbios_name, targetdir=targetdir)
+ site=site, netbios_name=netbios_name, targetdir=targetdir,
+ domain_critical_only=domain_critical_only)
return
elif role == "RODC":
join_RODC(server=server, creds=creds, lp=lp, domain=domain,
- site=site, netbios_name=netbios_name,
targetdir=targetdir)
+ site=site, netbios_name=netbios_name,
targetdir=targetdir,
+ domain_critical_only=domain_critical_only)
return
else:
raise CommandError("Invalid role %s (possible values: MEMBER, BDC,
RODC)" % role)
--
Samba Shared Repository
