backlinked = []
-forwardlinked = {}
+forwardlinked = set()
dn_syntax_att = []
def define_what_to_log(opts):
what = 0
linkedAttHash = get_linked_attributes(Dn(samdb, str(schemadn)), samdb)
backlinked.extend(linkedAttHash.values())
for t in linkedAttHash.keys():
- forwardlinked[t] = 1
+ forwardlinked.add(t)
+
def populate_dnsyntax(samdb, schemadn):
"""Populate an array with all the attributes that have DN synthax
if usns is not None:
# We have updated by provision usn information so let's exploit
# replMetadataProperties
- if forwardlinked.has_key(att):
+ if att in forwardlinked:
handle_links(samdb, att, basedn, current[0]["dn"],
current[0][att], reference[0][att], delta)
# a complete schema is needed as the insertion of attributes
# and class is done against it
# and the schema is self validated
- samdb.set_schema_from_ldb(schema.ldb)
+ samdb.set_schema(schema)
try:
message(SIMPLE, "There are %d missing objects" % (len(listMissing)))
add_deletedobj_containers(ref_samdb, samdb, names)
return self.schema_format_value(attribute, values.pop())
def erase_users_computers(self, dn):
- """Erases user and computer objects from our AD. This is needed since the 'samldb' module denies the deletion of primary groups. Therefore all groups shouldn't be primary somewhere anymore."""
+ """Erases user and computer objects from our AD.
+
+ This is needed since the 'samldb' module denies the deletion of primary
+ groups. Therefore all groups shouldn't be primary somewhere anymore.
+ """
try:
res = self.search(base=dn, scope=ldb.SCOPE_SUBTREE, attrs=[],
# Delete the 'visible' records, and the invisble 'deleted' records (if this DB supports it)
for msg in self.search(basedn, ldb.SCOPE_SUBTREE,
- "(&(|(objectclass=*)(distinguishedName=*))(!(distinguishedName=@BASEINFO)))",
- [], controls=["show_deleted:0"]):
+ "(&(|(objectclass=*)(distinguishedName=*))(!(distinguishedName=@BASEINFO)))",
+ [], controls=["show_deleted:0"]):
try:
self.delete(msg.dn, ["relax:0"])
except ldb.LdbError, (errno, _):
def erase(self):
"""Erase this ldb, removing all records."""
-
self.erase_except_schema_controlled()
# delete the specials
:param ldif: LDIF text.
"""
for changetype, msg in self.parse_ldif(ldif):
- if (changetype == ldb.CHANGETYPE_ADD):
+ if changetype == ldb.CHANGETYPE_ADD:
self.add(msg, controls)
else:
self.modify(msg, controls)
- def set_domain_sid(self, sid):
- """Change the domain SID used by this LDB.
-
- :param sid: The new domain sid to use.
- """
- dsdb.samdb_set_domain_sid(self, sid)
-
def domain_sid(self):
"""Read the domain SID used by this LDB.
"""
dsdb.samdb_get_domain_sid(self)
- def set_schema_from_ldif(self, pf, df):
- dsdb.dsdb_set_schema_from_ldif(self, pf, df)
-
- def set_schema_from_ldb(self, ldb):
- dsdb.dsdb_set_schema_from_ldb(self, ldb)
-
- def write_prefixes_from_schema(self):
- dsdb.dsdb_write_prefixes_from_schema_to_ldb(self)
-
def substitute_var(text, values):
"""Substitute strings of the form ${NAME} in str, replacing
logger.info("Pre-loading the Samba 4 and AD schema")
# Load the schema from the one we computed earlier
- samdb.set_schema_from_ldb(schema.ldb)
+ samdb.set_schema(schema)
# And now we can connect to the DB - the schema won't be loaded from the DB
samdb.connect(path)
else:
self.transaction_commit()
- def deletegroup (self, groupname):
+ def deletegroup(self, groupname):
"""Deletes a group
:param groupname: Name of the target group
targetgroup = self.search(base=self.domain_dn(), scope=ldb.SCOPE_SUBTREE,
expression=groupfilter, attrs=[])
if len(targetgroup) == 0:
- print('Unable to find group "%s"' % (groupname or expression))
- raise
+ raise Exception('Unable to find group "%s"' % groupname)
assert(len(targetgroup) == 1)
-
- self.delete (targetgroup[0].dn);
-
+ self.delete(targetgroup[0].dn);
except:
self.transaction_cancel()
raise
else:
self.transaction_commit()
- def add_remove_group_members (self, groupname, listofmembers,
+ def add_remove_group_members(self, groupname, listofmembers,
add_members_operation=True):
"""Adds or removes group members
targetgroup = self.search(base=self.domain_dn(), scope=ldb.SCOPE_SUBTREE,
expression=groupfilter, attrs=['member'])
if len(targetgroup) == 0:
- print('Unable to find group "%s"' % (groupname or expression))
- raise
+ raise Exception('Unable to find group "%s"' % groupname)
assert(len(targetgroup) == 1)
modified = False
res = self.search(base=self.domain_dn(), scope=ldb.SCOPE_SUBTREE,
expression=filter, attrs=[])
if len(res) == 0:
- print('Unable to find user "%s"' % (username or filter))
- raise
+ raise Exception('Unable to find user "%s"' % (username or filter))
assert(len(res) == 1)
user_dn = res[0].dn
def load_partition_usn(self, base_dn):
return dsdb.dsdb_load_partition_usn(self, base_dn)
+
+ def set_schema(self, schema):
+ self.set_schema_from_ldb(schema.ldb)
+
+ def set_schema_from_ldb(self, ldb):
+ dsdb.dsdb_set_schema_from_ldb(self, ldb)
+
+ def write_prefixes_from_schema(self):
+ dsdb.dsdb_write_prefixes_from_schema_to_ldb(self)
# We don't actually add this ldif, just parse it
prefixmap_ldif = "dn: cn=schema\nprefixMap:: %s\n\n" % self.prefixmap_data
- self.ldb.set_schema_from_ldif(prefixmap_ldif, self.schema_data)
+ self.set_from_ldif(prefixmap_ldif, self.schema_data)
+
+ def set_from_ldif(self, pf, df):
+ dsdb.dsdb_set_schema_from_ldif(self.ldb, pf, df)
def write_to_tmp_ldb(self, schemadb_path):
self.ldb.connect(url=schemadb_path)
setsysvolacl)
from samba.dcerpc import misc, security, xattr
from samba.ndr import ndr_unpack
+from samba.samdb import SamDB
# All the ldb related to registry are commented because the path for them is relative
# in the provisionPath object
"sAMAccountType":1 }
class ProvisionLDB(object):
+
def __init__(self):
self.sam = None
self.secrets = None
ldbs = ProvisionLDB()
- ldbs.sam = Ldb(paths.samdb, session_info=session, credentials=creds, lp=lp, options=["modules:samba_dsdb"])
+ ldbs.sam = SamDB(paths.samdb, session_info=session, credentials=creds, lp=lp, options=["modules:samba_dsdb"])
ldbs.secrets = Ldb(paths.secrets, session_info=session, credentials=creds, lp=lp)
ldbs.idmap = Ldb(paths.idmapdb, session_info=session, credentials=creds, lp=lp)
ldbs.privilege = Ldb(paths.privilege, session_info=session, credentials=creds, lp=lp)