[SCM] Samba Shared Repository - branch master updated

Tue, 14 Aug 2012 09:59:09 -0700 

The branch, master has been updated
       via  4ee602c s4:dsdb/repl: fix the usage of 'GC/' prefixed principal 
names
       via  4e5e302 s4:samba-tool/drs: print the dns name of the server 
belonging to a connection
      from  a74ca56 s4:ntp_signd: fix SEGV if SID cannot be found

http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master


- Log -----------------------------------------------------------------
commit 4ee602c7f0f112aebbca2a5c354f4fdf5f211cb9
Author: Stefan Metzmacher <me...@samba.org>
Date:   Tue Aug 14 14:36:41 2012 +0200

    s4:dsdb/repl: fix the usage of 'GC/' prefixed principal names
    
    The "serverReference" attribute is available on the "server" object
    not on the "nTDSA" object.
    
    This allows connections to RODCs, as they don't have a
    E3514235-4B06-11D1-AB04-00C04FC2DCD2/${NTDSGUID}/${DNSDOMAIN}
    principal.
    
    Pair-Programmed-With: Björn Baumbach <b...@sernet.de>
    
    metze
    
    Autobuild-User(master): Stefan Metzmacher <me...@samba.org>
    Autobuild-Date(master): Tue Aug 14 18:57:41 CEST 2012 on sn-devel-104

commit 4e5e302a102cfa059c2126d12f445d356f3d5ef0
Author: Stefan Metzmacher <me...@samba.org>
Date:   Tue Aug 14 14:35:13 2012 +0200

    s4:samba-tool/drs: print the dns name of the server belonging to a 
connection
    
    Pair-Programmed-With: Björn Baumbach <b...@sernet.de>
    
    metze

-----------------------------------------------------------------------

Summary of changes:
 source4/dsdb/repl/drepl_partitions.c         |   27 +++++--------------------
 source4/scripting/python/samba/netcmd/drs.py |    5 +++-
 2 files changed, 10 insertions(+), 22 deletions(-)


Changeset truncated at 500 lines:

diff --git a/source4/dsdb/repl/drepl_partitions.c 
b/source4/dsdb/repl/drepl_partitions.c
index 7464dc1..5949f42 100644
--- a/source4/dsdb/repl/drepl_partitions.c
+++ b/source4/dsdb/repl/drepl_partitions.c
@@ -128,32 +128,16 @@ WERROR dreplsrv_load_partitions(struct dreplsrv_service 
*s)
 /*
   Check if particular SPN exists for an account
  */
-static bool dreplsrv_spn_exists(struct ldb_context *samdb, struct ldb_dn 
*ntds_dn,
+static bool dreplsrv_spn_exists(struct ldb_context *samdb, struct ldb_dn 
*account_dn,
                                const char *principal_name)
 {
        TALLOC_CTX *tmp_ctx;
-       const char *attrs[] = { "serverReference", NULL };
        const char *attrs_empty[] = { NULL };
        int ret;
        struct ldb_result *res;
-       struct ldb_dn *account_dn;
 
        tmp_ctx = talloc_new(samdb);
 
-       ret = dsdb_search_dn(samdb, tmp_ctx, &res, ntds_dn, attrs, 0);
-       if (ret != LDB_SUCCESS) {
-               talloc_free(tmp_ctx);
-               return false;
-       }
-
-       account_dn = ldb_msg_find_attr_as_dn(samdb, tmp_ctx, res->msgs[0], 
"serverReference");
-       if (account_dn == NULL) {
-               talloc_free(tmp_ctx);
-               return false;
-       }
-
-       talloc_free(res);
-
        ret = dsdb_search(samdb, tmp_ctx, &res, account_dn, LDB_SCOPE_BASE, 
attrs_empty,
                        0, "servicePrincipalName=%s",
                        ldb_binary_encode_string(tmp_ctx, principal_name));
@@ -176,11 +160,11 @@ NTSTATUS dreplsrv_get_target_principal(struct 
dreplsrv_service *s,
 {
        TALLOC_CTX *tmp_ctx;
        struct ldb_result *res;
-       const char *attrs_server[] = { "dNSHostName", NULL };
+       const char *attrs_server[] = { "dNSHostName", "serverReference", NULL };
        const char *attrs_ntds[] = { "msDS-HasDomainNCs", "hasMasterNCs", NULL 
};
        int ret;
        const char *hostname, *dnsdomain=NULL;
-       struct ldb_dn *ntds_dn, *server_dn;
+       struct ldb_dn *ntds_dn, *server_dn, *computer_dn;
        struct ldb_dn *forest_dn, *nc_dn;
 
        *target_principal = NULL;
@@ -221,7 +205,8 @@ NTSTATUS dreplsrv_get_target_principal(struct 
dreplsrv_service *s,
        }
 
        hostname = ldb_msg_find_attr_as_string(res->msgs[0], "dNSHostName", 
NULL);
-       if (hostname != NULL) {
+       computer_dn = ldb_msg_find_attr_as_dn(s->samdb, tmp_ctx, res->msgs[0], 
"serverReference");
+       if (hostname != NULL && computer_dn != NULL) {
                char *local_principal;
 
                /*
@@ -234,7 +219,7 @@ NTSTATUS dreplsrv_get_target_principal(struct 
dreplsrv_service *s,
                local_principal = talloc_asprintf(mem_ctx, "GC/%s/%s",
                                                    hostname,
                                                    
samdb_dn_to_dns_domain(tmp_ctx, forest_dn));
-               if (dreplsrv_spn_exists(s->samdb, ntds_dn, local_principal)) {
+               if (dreplsrv_spn_exists(s->samdb, computer_dn, 
local_principal)) {
                        *target_principal = local_principal;
                        talloc_free(tmp_ctx);
                        return NT_STATUS_OK;
diff --git a/source4/scripting/python/samba/netcmd/drs.py 
b/source4/scripting/python/samba/netcmd/drs.py
index 7f8dc09..e14f72f 100644
--- a/source4/scripting/python/samba/netcmd/drs.py
+++ b/source4/scripting/python/samba/netcmd/drs.py
@@ -170,10 +170,13 @@ class cmd_drs_showrepl(Command):
 
         self.message("==== KCC CONNECTION OBJECTS ====\n")
         for c in conn:
+            c_rdn, sep, c_server_dn = c['fromServer'][0].partition(',')
+            c_server_res = self.samdb.search(base=c_server_dn, 
scope=ldb.SCOPE_BASE, attrs=["dnsHostName"])
+            c_server_dns = c_server_res[0]["dnsHostName"][0]
             self.message("Connection --")
             self.message("\tConnection name: %s" % c['name'][0])
             self.message("\tEnabled        : %s" % attr_default(c, 
'enabledConnection', 'TRUE'))
-            self.message("\tServer DNS name : %s" % server_dns)
+            self.message("\tServer DNS name : %s" % c_server_dns)
             self.message("\tServer DN name  : %s" % c['fromServer'][0])
             self.message("\t\tTransportType: RPC")
             self.message("\t\toptions: 0x%08X" % int(attr_default(c, 
'options', 0)))


-- 
Samba Shared Repository

Reply via email to