The branch, master has been updated via 81d3f92 selftest:Samba4: test --domain-critical-only in provision_vampire_dc() via f34f16f s3:samba-tool: add --domain-critical-only to "samba-tool domain join" via 5d6b848 s4:py/samba/join: add domain_critical_only=False to join_DC/join_RODC via a3f2621 s4:py/samba/drs_utils: pass down req/req_level to self.net.replicate_chunk() via daf5676 s4:libnet_vampire: don't keep the replication state if DRSUAPI_DRS_CRITICAL_ONLY was used via 47fcbd7 s4:libnet: passdown the DsGetNCChangesReq* to the libnet_BecomeDC_StoreChunk handler via da7d22d selftest:target/Samba4: use the correct configuration in setup_vampire_dc() from 0d1a7fd s3:libsmb: keep the request order in cli_smb_req_unset_pending()
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log ----------------------------------------------------------------- commit 81d3f92155856891ee0ac74cada3bbdd3e7670e1 Author: Stefan Metzmacher <me...@samba.org> Date: Thu Aug 11 23:07:35 2011 +0200 selftest:Samba4: test --domain-critical-only in provision_vampire_dc() This way only only replicate critical objects during the initial join as DC, then we'll replicate the whole domain while 'samba' is running. metze Signed-off-by: Andrew Tridgell <tri...@samba.org> Autobuild-User: Stefan Metzmacher <me...@samba.org> Autobuild-Date: Fri Aug 12 14:07:50 CEST 2011 on sn-devel-104 commit f34f16f7f87d39cd21ce43c51ccb5726ff44c959 Author: Stefan Metzmacher <me...@samba.org> Date: Mon Aug 8 11:15:35 2011 +0200 s3:samba-tool: add --domain-critical-only to "samba-tool domain join" metze Signed-off-by: Andrew Tridgell <tri...@samba.org> commit 5d6b8483943697cc10fe7e42fcf2d544f5758dbc Author: Stefan Metzmacher <me...@samba.org> Date: Mon Aug 8 11:01:21 2011 +0200 s4:py/samba/join: add domain_critical_only=False to join_DC/join_RODC metze Signed-off-by: Andrew Tridgell <tri...@samba.org> commit a3f262182a65de04a41a336c7c08854723879065 Author: Stefan Metzmacher <me...@samba.org> Date: Mon Aug 8 10:47:12 2011 +0200 s4:py/samba/drs_utils: pass down req/req_level to self.net.replicate_chunk() metze Signed-off-by: Andrew Tridgell <tri...@samba.org> commit daf56768c6487dc94e6a337297d065a378fe237a Author: Stefan Metzmacher <me...@samba.org> Date: Tue Aug 9 12:23:29 2011 +0200 s4:libnet_vampire: don't keep the replication state if DRSUAPI_DRS_CRITICAL_ONLY was used In that case we have incomplete information and need to start from 0 in the next run. metze Signed-off-by: Andrew Tridgell <tri...@samba.org> commit 47fcbd71ae811eb479fe479f4526fe11c0fa86b6 Author: Stefan Metzmacher <me...@samba.org> Date: Mon Aug 8 10:29:05 2011 +0200 s4:libnet: passdown the DsGetNCChangesReq* to the libnet_BecomeDC_StoreChunk handler metze Signed-off-by: Andrew Tridgell <tri...@samba.org> commit da7d22dadeec3bb41da0bd1e49c28ab20e83cf9f Author: Stefan Metzmacher <me...@samba.org> Date: Tue Aug 9 12:20:54 2011 +0200 selftest:target/Samba4: use the correct configuration in setup_vampire_dc() This allows "TDB_NO_FSYNC=1 make -j test TESTS=vampire" to work. metze Signed-off-by: Andrew Tridgell <tri...@samba.org> ----------------------------------------------------------------------- Summary of changes: selftest/target/Samba4.pm | 4 +- source4/libnet/libnet_become_dc.c | 25 ++++++++++++ source4/libnet/libnet_become_dc.h | 4 ++ source4/libnet/libnet_vampire.c | 30 ++++++++++++++ source4/libnet/py_net.c | 47 +++++++++++++++++++++-- source4/scripting/python/samba/drs_utils.py | 3 +- source4/scripting/python/samba/join.py | 13 +++++- source4/scripting/python/samba/netcmd/domain.py | 12 ++++- 8 files changed, 126 insertions(+), 12 deletions(-) Changeset truncated at 500 lines: diff --git a/selftest/target/Samba4.pm b/selftest/target/Samba4.pm index 89faf01..df5a8bb 100644 --- a/selftest/target/Samba4.pm +++ b/selftest/target/Samba4.pm @@ -1005,7 +1005,7 @@ sub provision_vampire_dc($$$) $cmd .= "SOCKET_WRAPPER_DEFAULT_IFACE=\"$ret->{SOCKET_WRAPPER_DEFAULT_IFACE}\" "; $cmd .= "KRB5_CONFIG=\"$ret->{KRB5_CONFIG}\" "; $cmd .= "$samba_tool domain join $ret->{CONFIGURATION} $dcvars->{REALM} DC --realm=$dcvars->{REALM}"; - $cmd .= " -U$dcvars->{DC_USERNAME}\%$dcvars->{DC_PASSWORD}"; + $cmd .= " -U$dcvars->{DC_USERNAME}\%$dcvars->{DC_PASSWORD} --domain-critical-only"; unless (system($cmd) == 0) { warn("Join failed\n$cmd"); @@ -1525,6 +1525,7 @@ sub setup_vampire_dc($$$) $cmd .= "SOCKET_WRAPPER_DEFAULT_IFACE=\"$env->{SOCKET_WRAPPER_DEFAULT_IFACE}\""; $cmd .= " KRB5_CONFIG=\"$env->{KRB5_CONFIG}\""; $cmd .= " $samba_tool drs kcc $env->{DC_SERVER}"; + $cmd .= " $env->{CONFIGURATION}"; $cmd .= " -U$dc_vars->{DC_USERNAME}\%$dc_vars->{DC_PASSWORD}"; unless (system($cmd) == 0) { warn("Failed to exec kcc\n$cmd"); @@ -1537,6 +1538,7 @@ sub setup_vampire_dc($$$) $cmd = "SOCKET_WRAPPER_DEFAULT_IFACE=\"$env->{SOCKET_WRAPPER_DEFAULT_IFACE}\""; $cmd .= " KRB5_CONFIG=\"$env->{KRB5_CONFIG}\""; $cmd .= " $samba_tool drs replicate $env->{DC_SERVER} $env->{VAMPIRE_DC_SERVER}"; + $cmd .= " $dc_vars->{CONFIGURATION}"; $cmd .= " -U$dc_vars->{DC_USERNAME}\%$dc_vars->{DC_PASSWORD}"; # replicate Configuration NC my $cmd_repl = "$cmd \"CN=Configuration,$base_dn\""; diff --git a/source4/libnet/libnet_become_dc.c b/source4/libnet/libnet_become_dc.c index aabb3b4..bfa6372 100644 --- a/source4/libnet/libnet_become_dc.c +++ b/source4/libnet/libnet_become_dc.c @@ -2615,6 +2615,10 @@ static WERROR becomeDC_drsuapi_pull_partition_recv(struct libnet_BecomeDC_state struct libnet_BecomeDC_Partition *partition, struct drsuapi_DsGetNCChanges *r) { + uint32_t req_level = 0; + struct drsuapi_DsGetNCChangesRequest5 *req5 = NULL; + struct drsuapi_DsGetNCChangesRequest8 *req8 = NULL; + struct drsuapi_DsGetNCChangesRequest10 *req10 = NULL; uint32_t ctr_level = 0; struct drsuapi_DsGetNCChangesCtr1 *ctr1 = NULL; struct drsuapi_DsGetNCChangesCtr6 *ctr6 = NULL; @@ -2628,6 +2632,23 @@ static WERROR becomeDC_drsuapi_pull_partition_recv(struct libnet_BecomeDC_state return r->out.result; } + switch (r->in.level) { + case 0: + /* none */ + break; + case 5: + req5 = &r->in.req->req5; + break; + case 8: + req8 = &r->in.req->req8; + break; + case 10: + req10 = &r->in.req->req10; + break; + default: + return WERR_INVALID_PARAMETER; + } + if (*r->out.level_out == 1) { ctr_level = 1; ctr1 = &r->out.ctr->ctr1; @@ -2691,6 +2712,10 @@ static WERROR becomeDC_drsuapi_pull_partition_recv(struct libnet_BecomeDC_state s->_sc.source_dsa = &s->source_dsa; s->_sc.dest_dsa = &s->dest_dsa; s->_sc.partition = partition; + s->_sc.req_level = req_level; + s->_sc.req5 = req5; + s->_sc.req8 = req8; + s->_sc.req10 = req10; s->_sc.ctr_level = ctr_level; s->_sc.ctr1 = ctr1; s->_sc.ctr6 = ctr6; diff --git a/source4/libnet/libnet_become_dc.h b/source4/libnet/libnet_become_dc.h index 604813f..b3b08bd 100644 --- a/source4/libnet/libnet_become_dc.h +++ b/source4/libnet/libnet_become_dc.h @@ -107,6 +107,10 @@ struct libnet_BecomeDC_StoreChunk { const struct libnet_BecomeDC_SourceDSA *source_dsa; const struct libnet_BecomeDC_DestDSA *dest_dsa; const struct libnet_BecomeDC_Partition *partition; + uint32_t req_level; + const struct drsuapi_DsGetNCChangesRequest5 *req5; + const struct drsuapi_DsGetNCChangesRequest8 *req8; + const struct drsuapi_DsGetNCChangesRequest10 *req10; uint32_t ctr_level; const struct drsuapi_DsGetNCChangesCtr1 *ctr1; const struct drsuapi_DsGetNCChangesCtr6 *ctr6; diff --git a/source4/libnet/libnet_vampire.c b/source4/libnet/libnet_vampire.c index 80b1a61..efbcd8a 100644 --- a/source4/libnet/libnet_vampire.c +++ b/source4/libnet/libnet_vampire.c @@ -626,6 +626,7 @@ NTSTATUS libnet_vampire_cb_store_chunk(void *private_data, struct drsuapi_DsReplicaLinkedAttribute *linked_attributes; const struct drsuapi_DsReplicaCursor2CtrEx *uptodateness_vector; struct dsdb_extended_replicated_objects *objs; + uint32_t req_replica_flags; struct repsFromTo1 *s_dsa; char *tmp_dns_name; uint32_t i; @@ -667,6 +668,35 @@ NTSTATUS libnet_vampire_cb_store_chunk(void *private_data, return NT_STATUS_INVALID_PARAMETER; } + switch (c->req_level) { + case 0: + /* none */ + req_replica_flags = 0; + break; + case 5: + req_replica_flags = c->req5->replica_flags; + break; + case 8: + req_replica_flags = c->req8->replica_flags; + break; + case 10: + req_replica_flags = c->req10->replica_flags; + break; + default: + return NT_STATUS_INVALID_PARAMETER; + } + + if (req_replica_flags & DRSUAPI_DRS_CRITICAL_ONLY) { + /* + * If we only replicate the critical objects + * we should not remember what we already + * got, as it is incomplete. + */ + ZERO_STRUCT(s_dsa->highwatermark); + uptodateness_vector = NULL; + } + + /* TODO: avoid hardcoded flags */ s_dsa->replica_flags = DRSUAPI_DRS_WRIT_REP | DRSUAPI_DRS_INIT_SYNC | DRSUAPI_DRS_PER_SYNC; diff --git a/source4/libnet/py_net.c b/source4/libnet/py_net.c index 0fae791..c4b6840 100644 --- a/source4/libnet/py_net.c +++ b/source4/libnet/py_net.c @@ -463,16 +463,20 @@ static PyObject *py_net_replicate_init(py_net_Object *self, PyObject *args, PyOb */ static PyObject *py_net_replicate_chunk(py_net_Object *self, PyObject *args, PyObject *kwargs) { - const char *kwnames[] = { "state", "level", "ctr", "schema", NULL }; - PyObject *py_state, *py_ctr, *py_schema; + const char *kwnames[] = { "state", "level", "ctr", + "schema", "req_level", "req", + NULL }; + PyObject *py_state, *py_ctr, *py_schema, *py_req; struct replicate_state *s; unsigned level; + unsigned req_level = 0; NTSTATUS (*chunk_handler)(void *private_data, const struct libnet_BecomeDC_StoreChunk *c); NTSTATUS status; - if (!PyArg_ParseTupleAndKeywords(args, kwargs, "OIO|O", + if (!PyArg_ParseTupleAndKeywords(args, kwargs, "OIO|OIO", discard_const_p(char *, kwnames), - &py_state, &level, &py_ctr, &py_schema)) { + &py_state, &level, &py_ctr, + &py_schema, &req_level, &py_req)) { return NULL; } @@ -510,6 +514,41 @@ static PyObject *py_net_replicate_chunk(py_net_Object *self, PyObject *args, PyO return NULL; } + s->chunk.req5 = NULL; + s->chunk.req8 = NULL; + s->chunk.req10 = NULL; + if (py_req) { + switch (req_level) { + case 0: + break; + case 5: + if (!py_check_dcerpc_type(py_req, "samba.dcerpc.drsuapi", "DsGetNCChangesRequest5")) { + return NULL; + } + + s->chunk.req5 = pytalloc_get_ptr(py_req); + break; + case 8: + if (!py_check_dcerpc_type(py_req, "samba.dcerpc.drsuapi", "DsGetNCChangesRequest8")) { + return NULL; + } + + s->chunk.req8 = pytalloc_get_ptr(py_req); + break; + case 10: + if (!py_check_dcerpc_type(py_req, "samba.dcerpc.drsuapi", "DsGetNCChangesRequest10")) { + return NULL; + } + + s->chunk.req10 = pytalloc_get_ptr(py_req); + break; + default: + PyErr_Format(PyExc_TypeError, "Bad req_level %u in replicate_chunk", req_level); + return NULL; + } + } + s->chunk.req_level = req_level; + chunk_handler = libnet_vampire_cb_store_chunk; if (py_schema) { if (!PyBool_Check(py_schema)) { diff --git a/source4/scripting/python/samba/drs_utils.py b/source4/scripting/python/samba/drs_utils.py index 77f415e..80128ca 100644 --- a/source4/scripting/python/samba/drs_utils.py +++ b/source4/scripting/python/samba/drs_utils.py @@ -167,7 +167,8 @@ class drs_Replicate: (level, ctr) = self.drs.DsGetNCChanges(self.drs_handle, req_level, req) if ctr.first_object == None and ctr.object_count != 0: raise RuntimeError("DsGetNCChanges: NULL first_object with object_count=%u" % (ctr.object_count)) - self.net.replicate_chunk(self.replication_state, level, ctr, schema=schema) + self.net.replicate_chunk(self.replication_state, level, ctr, + schema=schema, req_level=req_level, req=req) if ctr.more_data == 0: break req.highwatermark.tmp_highest_usn = ctr.new_highwatermark.tmp_highest_usn diff --git a/source4/scripting/python/samba/join.py b/source4/scripting/python/samba/join.py index c24e8d6..00f2c54 100644 --- a/source4/scripting/python/samba/join.py +++ b/source4/scripting/python/samba/join.py @@ -480,7 +480,7 @@ class dc_join(object): replica_flags=ctx.replica_flags) repl.replicate(ctx.base_dn, source_dsa_invocation_id, destination_dsa_guid, rodc=ctx.RODC, - replica_flags=ctx.replica_flags) + replica_flags=ctx.domain_replica_flags) if ctx.RODC: repl.replicate(ctx.acct_dn, source_dsa_invocation_id, destination_dsa_guid, @@ -534,7 +534,7 @@ class dc_join(object): def join_RODC(server=None, creds=None, lp=None, site=None, netbios_name=None, - targetdir=None, domain=None): + targetdir=None, domain=None, domain_critical_only=False): """join as a RODC""" ctx = dc_join(server, creds, lp, site, netbios_name, targetdir, domain) @@ -569,6 +569,10 @@ def join_RODC(server=None, creds=None, lp=None, site=None, netbios_name=None, drsuapi.DRSUAPI_DRS_NEVER_SYNCED | drsuapi.DRSUAPI_DRS_SPECIAL_SECRET_PROCESSING | drsuapi.DRSUAPI_DRS_GET_ALL_GROUP_MEMBERSHIP) + ctx.domain_replica_flags = ctx.replica_flags + if domain_critical_only: + ctx.domain_replica_flags |= drsuapi.DRSUAPI_DRS_CRITICAL_ONLY + ctx.do_join() @@ -576,7 +580,7 @@ def join_RODC(server=None, creds=None, lp=None, site=None, netbios_name=None, def join_DC(server=None, creds=None, lp=None, site=None, netbios_name=None, - targetdir=None, domain=None): + targetdir=None, domain=None, domain_critical_only=False): """join as a DC""" ctx = dc_join(server, creds, lp, site, netbios_name, targetdir, domain) @@ -590,6 +594,9 @@ def join_DC(server=None, creds=None, lp=None, site=None, netbios_name=None, drsuapi.DRSUAPI_DRS_PER_SYNC | drsuapi.DRSUAPI_DRS_FULL_SYNC_IN_PROGRESS | drsuapi.DRSUAPI_DRS_NEVER_SYNCED) + ctx.domain_replica_flags = ctx.replica_flags + if domain_critical_only: + ctx.domain_replica_flags |= drsuapi.DRSUAPI_DRS_CRITICAL_ONLY ctx.do_join() print "Joined domain %s (SID %s) as a DC" % (ctx.domain_name, ctx.domsid) diff --git a/source4/scripting/python/samba/netcmd/domain.py b/source4/scripting/python/samba/netcmd/domain.py index 50b5d80..423a812 100644 --- a/source4/scripting/python/samba/netcmd/domain.py +++ b/source4/scripting/python/samba/netcmd/domain.py @@ -75,12 +75,16 @@ class cmd_domain_join(Command): Option("--server", help="DC to join", type=str), Option("--site", help="site to join", type=str), Option("--targetdir", help="where to store provision", type=str), + Option("--domain-critical-only", + help="only replicate critical domain objects", + action="store_true"), ] takes_args = ["domain", "role?"] def run(self, domain, role=None, sambaopts=None, credopts=None, - versionopts=None, server=None, site=None, targetdir=None): + versionopts=None, server=None, site=None, targetdir=None, + domain_critical_only=False): lp = sambaopts.get_loadparm() creds = credopts.get_credentials(lp) net = Net(creds, lp, server=credopts.ipaddress) @@ -102,11 +106,13 @@ class cmd_domain_join(Command): return elif role == "DC": join_DC(server=server, creds=creds, lp=lp, domain=domain, - site=site, netbios_name=netbios_name, targetdir=targetdir) + site=site, netbios_name=netbios_name, targetdir=targetdir, + domain_critical_only=domain_critical_only) return elif role == "RODC": join_RODC(server=server, creds=creds, lp=lp, domain=domain, - site=site, netbios_name=netbios_name, targetdir=targetdir) + site=site, netbios_name=netbios_name, targetdir=targetdir, + domain_critical_only=domain_critical_only) return else: raise CommandError("Invalid role %s (possible values: MEMBER, BDC, RODC)" % role) -- Samba Shared Repository