From 873bd989049e4953afb478ca5518984b26870326 Mon Sep 17 00:00:00 2001 From: Matthieu Patou Date: Sun, 26 Sep 2010 04:57:04 +0400 Subject: [PATCH] upgradeprovision: Fix a bug with renamed entries The SD was not refetched for renamed entries, resulting with a try to add an additional SD when there was already one. --- source4/scripting/bin/upgradeprovision | 15 +++++++++++++-- 1 file changed, 13 insertions(+), 2 deletions(-) diff --git a/source4/scripting/bin/upgradeprovision b/source4/scripting/bin/upgradeprovision index de0ad5e3e7c..68d84a970db 100755 --- a/source4/scripting/bin/upgradeprovision +++ b/source4/scripting/bin/upgradeprovision @@ -813,7 +813,7 @@ def update_present(ref_samdb, samdb, basedn, listPresent, usns, invocationid): identic_rename(samdb, reference[0].dn) current = samdb.search(expression="dn=%s" % (str(dn)), base=basedn, scope=SCOPE_SUBTREE, - controls=["search_options:1:2"]) + controls=controls) delta = samdb.msg_diff(current[0], reference[0]) @@ -897,7 +897,18 @@ def update_present(ref_samdb, samdb, basedn, listPresent, usns, invocationid): if attrUSN is None: delta.remove(att) continue - + if att == "nTSecurityDescriptor": + cursd = ndr_unpack(security.descriptor, + str(current[0]["nTSecurityDescriptor"])) + cursddl = cursd.as_sddl(names.domainsid) + refsd = ndr_unpack(security.descriptor, + str(reference[0]["nTSecurityDescriptor"])) + refsddl = cursd.as_sddl(names.domainsid) + + if get_diff_sddls(refsddl, cursddl) == "": + message(CHANGE, "sd are identical") + else: + message(CHANGE, "sd are not identical") if attrUSN == -1: # This attribute was last modified by another DC forget # about it -- 2.34.1