X-Git-Url: http://git.samba.org/?a=blobdiff_plain;f=python%2Fsamba%2Fnetcmd%2Fdomain.py;h=becbc498b9e8d752f03fd32b2891c86302c0f5a7;hb=c390728819e73cefbf02e0d52d22805930f4c45b;hp=86249073652cc0a01e002fcafae0b5e2c411333a;hpb=e0301df111c5adbaa77299bb5d43c180cdd9df2c;p=samba.git diff --git a/python/samba/netcmd/domain.py b/python/samba/netcmd/domain.py index 86249073652..becbc498b9e 100644 --- a/python/samba/netcmd/domain.py +++ b/python/samba/netcmd/domain.py @@ -821,7 +821,10 @@ class cmd_domain_demote(Command): controls=["search_options:1:2"]) if len(res) != 0: - raise CommandError("Current DC is still the owner of %d role(s), use the role command to transfer roles to another DC" % len(res)) + raise CommandError("Current DC is still the owner of %d role(s), " + "use the role command to transfer roles to " + "another DC" % + len(res)) self.errf.write("Using %s as partner server for the demotion\n" % server) @@ -1012,9 +1015,13 @@ class cmd_domain_demote(Command): remote_samdb.modify(msg) remote_samdb.rename(newdn, dc_dn) if werr == werror.WERR_DS_DRA_NO_REPLICA: - raise CommandError("The DC %s is not present on (already removed from) the remote server: " % server_dsa_dn, e) + raise CommandError("The DC %s is not present on (already " + "removed from) the remote server: %s" % + (server_dsa_dn, e3)) else: - raise CommandError("Error while sending a removeDsServer of %s: " % server_dsa_dn, e) + raise CommandError("Error while sending a removeDsServer " + "of %s: %s" % + (server_dsa_dn, e3)) remove_dc.remove_sysvol_references(remote_samdb, logger, dc_name) @@ -1524,7 +1531,7 @@ class cmd_domain_passwordsettings_set(Command): ldb.FLAG_MOD_REPLACE, "lockOutObservationWindow") msgs.append("Duration to reset account lockout after changed!") - if max_pwd_age > 0 and min_pwd_age >= max_pwd_age: + if max_pwd_age and max_pwd_age > 0 and min_pwd_age >= max_pwd_age: raise CommandError("Maximum password age (%d) must be greater than minimum password age (%d)!" % (max_pwd_age, min_pwd_age)) if len(m) == 0: @@ -1715,7 +1722,7 @@ class DomainTrustCommand(Command): if runtime is None: return False - err32 = self._uint32(runtime[0]) + err32 = self._uint32(runtime.args[0]) if err32 == val: return True @@ -1723,24 +1730,24 @@ class DomainTrustCommand(Command): class LocalRuntimeError(CommandError): def __init__(exception_self, self, runtime, message): - err32 = self._uint32(runtime[0]) - errstr = runtime[1] + err32 = self._uint32(runtime.args[0]) + errstr = runtime.args[1] msg = "LOCAL_DC[%s]: %s - ERROR(0x%08X) - %s" % ( self.local_server, message, err32, errstr) CommandError.__init__(exception_self, msg) class RemoteRuntimeError(CommandError): def __init__(exception_self, self, runtime, message): - err32 = self._uint32(runtime[0]) - errstr = runtime[1] + err32 = self._uint32(runtime.args[0]) + errstr = runtime.args[1] msg = "REMOTE_DC[%s]: %s - ERROR(0x%08X) - %s" % ( self.remote_server, message, err32, errstr) CommandError.__init__(exception_self, msg) class LocalLdbError(CommandError): def __init__(exception_self, self, ldb_error, message): - errval = ldb_error[0] - errstr = ldb_error[1] + errval = ldb_error.args[0] + errstr = ldb_error.args[1] msg = "LOCAL_DC[%s]: %s - ERROR(%d) - %s" % ( self.local_server, message, errval, errstr) CommandError.__init__(exception_self, msg) @@ -1869,6 +1876,15 @@ class DomainTrustCommand(Command): return (policy, info) + def get_netlogon_dc_unc(self, conn, server, domain): + try: + info = conn.netr_DsRGetDCNameEx2(server, + None, 0, None, None, None, + netlogon.DS_RETURN_DNS_NAME) + return info.dc_unc + except RuntimeError: + return conn.netr_GetDcName(server, domain) + def get_netlogon_dc_info(self, conn, server): info = conn.netr_DsRGetDCNameEx2(server, None, 0, None, None, None, @@ -2502,7 +2518,8 @@ class cmd_domain_trust_create(DomainTrustCommand): raise self.RemoteRuntimeError(self, error, "failed to connect netlogon server") try: - remote_netlogon_info = self.get_netlogon_dc_info(remote_netlogon, remote_server) + remote_netlogon_dc_unc = self.get_netlogon_dc_unc(remote_netlogon, + remote_server, domain) except RuntimeError as error: raise self.RemoteRuntimeError(self, error, "failed to get netlogon dc info") @@ -2652,9 +2669,9 @@ class cmd_domain_trust_create(DomainTrustCommand): # this triggers netr_GetForestTrustInformation to our domain. # and lsaRSetForestTrustInformation() remotely, but new top level # names are disabled by default. - remote_forest_info = remote_netlogon.netr_DsRGetForestTrustInformation(remote_netlogon_info.dc_unc, - local_lsa_info.dns_domain.string, - netlogon.DS_GFTI_UPDATE_TDO) + remote_forest_info = remote_netlogon.netr_DsRGetForestTrustInformation(remote_netlogon_dc_unc, + local_lsa_info.dns_domain.string, + netlogon.DS_GFTI_UPDATE_TDO) except RuntimeError as error: raise self.RemoteRuntimeError(self, error, "netr_DsRGetForestTrustInformation() failed") @@ -2705,10 +2722,10 @@ class cmd_domain_trust_create(DomainTrustCommand): if remote_trust_info.trust_direction & lsa.LSA_TRUST_DIRECTION_OUTBOUND: self.outf.write("Validating incoming trust...\n") try: - remote_trust_verify = remote_netlogon.netr_LogonControl2Ex(remote_netlogon_info.dc_unc, - netlogon.NETLOGON_CONTROL_TC_VERIFY, - 2, - local_lsa_info.dns_domain.string) + remote_trust_verify = remote_netlogon.netr_LogonControl2Ex(remote_netlogon_dc_unc, + netlogon.NETLOGON_CONTROL_TC_VERIFY, + 2, + local_lsa_info.dns_domain.string) except RuntimeError as error: raise self.RemoteRuntimeError(self, error, "NETLOGON_CONTROL_TC_VERIFY failed")