Make it AD-compatible using "(distinguishedName=...)".
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
# We don't return an entry if asked for objectGUID
res = self.ldb_admin.search(self.base_dn,
- expression="dn=%s" % self.base_dn,
+ expression="(distinguishedName=%s)" % str(self.base_dn),
attrs=["objectGUID"],
controls=["dirsync:1:0:1"])
self.assertEquals(len(res.msgs), 0)
# a request on the root of a NC didn't return parentGUID
res = self.ldb_admin.search(self.base_dn,
- expression="dn=%s" % self.base_dn,
+ expression="(distinguishedName=%s)" % str(self.base_dn),
attrs=["name"],
controls=["dirsync:1:0:1"])
self.assertTrue(res.msgs[0].get("objectGUID") != None)
def test_dirsync_with_controls(self):
"""Check that dirsync return correct informations when dealing with the NC"""
res = self.ldb_admin.search(self.base_dn,
- expression="(dn=%s)" % str(self.base_dn),
+ expression="(distinguishedName=%s)" % str(self.base_dn),
attrs=["name"],
controls=["dirsync:1:0:10000", "extended_dn:1", "show_deleted:1"])
def test_dirsync_basenc(self):
"""Check that dirsync return correct informations when dealing with the NC"""
res = self.ldb_admin.search(self.base_dn,
- expression="(dn=%s)" % str(self.base_dn),
+ expression="(distinguishedName=%s)" % str(self.base_dn),
attrs=["name"],
controls=["dirsync:1:0:10000"])
self.assertEqual(len(res.msgs), 1)
self.assertEqual(len(res.msgs[0]), 3)
res = self.ldb_admin.search(self.base_dn,
- expression="(dn=%s)" % str(self.base_dn),
+ expression="(distinguishedName=%s)" % str(self.base_dn),
attrs=["ntSecurityDescriptor"],
controls=["dirsync:1:0:10000"])
self.assertEqual(len(res.msgs), 1)
saveatt.append(str(res[i][att][j]))
m[att] = ldb.MessageElement(saveatt, ldb.FLAG_MOD_REPLACE, att)
sam_ldb.modify(m)
- res3 = sam_ldb.search(expression="(&(dn=%s)(%s=*))"%(dn,att),scope=SCOPE_SUBTREE, attrs=[att],controls=["search_options:1:2"])
+ res3 = sam_ldb.search(expression="(&(distinguishedName=%s)(%s=*))"%(dn,att),scope=SCOPE_SUBTREE, attrs=[att],controls=["search_options:1:2"])
if( len(res3) == 0 or (len(res3[0][att])!= len(saveatt))):
print >>sys.stderr, str(dn) + " has no attr " +att+ " or a wrong value"
for satt in saveatt:
ldbs.sam.modify(msg)
# Do a self join one more time to resync the secrets file
- res = ldbs.sam.search(expression=("dn=%s" % newdn),
+ res = ldbs.sam.search(expression=("distinguishedName=%s" % newdn),
attrs=["msDs-keyVersionNumber", "serverReferenceBL"])
assert(len(res) == 1)
kvno = int(str(res[0]["msDs-keyVersionNumber"]))
"CN=WellKnown Security Principals,"
"CN=Configuration,%s" % names.rootdn)
- res = samdb.search(expression="(dn=%s)" % oldDn,
+ res = samdb.search(expression="(distinguishedName=%s)" % oldDn,
base=str(names.rootdn),
scope=SCOPE_SUBTREE, attrs=["dn"],
controls=["search_options:1:2"])
- res2 = samdb.search(expression="(dn=%s)" % dn,
+ res2 = samdb.search(expression="(distinguishedName=%s)" % dn,
base=str(names.rootdn),
scope=SCOPE_SUBTREE, attrs=["dn"],
controls=["search_options:1:2"])
if len(res) == 0:
return 2
- res = samdb.search(expression="(dn=%s)" % dntoremove,
+ res = samdb.search(expression="(distinguishedName=%s)" % dntoremove,
base=str(names.rootdn),
scope=SCOPE_SUBTREE, attrs=["dn"],
controls=["search_options:1:2"])
return True
- reference = ref_samdb.search(expression="dn=%s" % (str(dn)), base=basedn,
- scope=SCOPE_SUBTREE, controls=["search_options:1:2"])
+ reference = ref_samdb.search(expression="(distinguishedName=%s)" % (str(dn)),
+ base=basedn, scope=SCOPE_SUBTREE,
+ controls=["search_options:1:2"])
empty = Message()
delta = samdb.msg_diff(empty, reference[0])
delta.dn
if usns is not None:
message(CHANGE, "Using replPropertyMetadata for change selection")
for dn in listPresent:
- reference = ref_samdb.search(expression="dn=%s" % (str(dn)), base=basedn,
+ reference = ref_samdb.search(expression="(distinguishedName=%s)" % (str(dn)), base=basedn,
scope=SCOPE_SUBTREE,
controls=controls)
- current = samdb.search(expression="dn=%s" % (str(dn)), base=basedn,
+ current = samdb.search(expression="(distinguishedName=%s)" % (str(dn)), base=basedn,
scope=SCOPE_SUBTREE, controls=controls)
if (
"Renaming %s to %s" % (str(current[0].dn),
str(reference[0].dn)))
identic_rename(samdb, reference[0].dn)
- current = samdb.search(expression="dn=%s" % (str(dn)), base=basedn,
+ current = samdb.search(expression="(distinguishedName=%s)" % (str(dn)), base=basedn,
scope=SCOPE_SUBTREE,
controls=controls)
if nb_items > 1 and usns is not None:
# Fetch the replPropertyMetaData
- res = samdb.search(expression="dn=%s" % (str(dn)), base=basedn,
+ res = samdb.search(expression="(distinguishedName=%s)" % (str(dn)), base=basedn,
scope=SCOPE_SUBTREE, controls=controls,
attrs=["replPropertyMetaData"])
ctr = ndr_unpack(drsblobs.replPropertyMetaDataBlob,
return
def hasATProvision(samdb):
- entry = samdb.search(expression="dn=@PROVISION", base = "",
+ entry = samdb.search(expression="(distinguishedName=@PROVISION)", base = "",
scope=SCOPE_BASE,
attrs=["dn"])
def removeProvisionUSN(samdb):
attrs = [samba.provision.LAST_PROVISION_USN_ATTRIBUTE, "dn"]
- entry = samdb.search(expression="dn=@PROVISION", base = "",
+ entry = samdb.search(expression="(distinguishedName=@PROVISION)", base = "",
scope=SCOPE_BASE,
attrs=attrs)
empty = Message()
paths, smbconf, lp)
contactdn = "OU=Contacts,%s" % str(names.domaindn)
- res = ldbs.sam.search(expression="(dn=%s)" % contactdn,
+ res = ldbs.sam.search(expression="(distinguishedName=%s)" % contactdn,
base=str(names.domaindn),
scope=SCOPE_BASE)
:return xid can that be used for SID/unixid mapping
"""
- res = self.search(expression="dn=CN=CONFIG", base="",
+ res = self.search(expression="distinguishedName=CN=CONFIG", base="",
scope=ldb.SCOPE_SUBTREE)
id = res[0].get("xidNumber")
flag = ldb.FLAG_MOD_REPLACE
# but we don't delete the old record that we are about to modify,
# because that would delete the keytab and previous password.
res = secretsdb.search(base="cn=Primary Domains", attrs=attrs,
- expression=("(&(|(flatname=%s)(realm=%s)(objectSid=%s))(objectclass=primaryDomain)(!(dn=%s)))" % (domain, realm, str(domainsid), str(msg.dn))),
+ expression=("(&(|(flatname=%s)(realm=%s)(objectSid=%s))(objectclass=primaryDomain)(!(distinguishedName=%s)))" % (domain, realm, str(domainsid), str(msg.dn))),
scope=ldb.SCOPE_ONELEVEL)
for del_msg in res:
if force_change_at_next_login:
self.force_password_change_at_next_login(
- "(dn=" + str(user_dn) + ")")
+ "(distinguishedName=" + str(user_dn) + ")")
# modify the userAccountControl to remove the disabled bit
self.enable_account(search_filter)
for the given attribute. None if the attribute is not replicated
"""
- res = self.search(expression="dn=%s" % dn,
+ res = self.search(expression="distinguishedName=%s" % dn,
scope=ldb.SCOPE_SUBTREE,
controls=["search_options:1:2"],
attrs=["replPropertyMetaData"])
def set_attribute_replmetadata_version(self, dn, att, value,
addifnotexist=False):
- res = self.search(expression="dn=%s" % dn,
+ res = self.search(expression="distinguishedName=%s" % dn,
scope=ldb.SCOPE_SUBTREE,
controls=["search_options:1:2"],
attrs=["replPropertyMetaData"])
listPresent.append(hash_new[k])
for entry in listMissing:
- reference = newsecrets_ldb.search(expression="dn=%s" % entry,
+ reference = newsecrets_ldb.search(expression="distinguishedName=%s" % entry,
base="", scope=SCOPE_SUBTREE)
- current = secrets_ldb.search(expression="dn=%s" % entry,
+ current = secrets_ldb.search(expression="distinguishedName=%s" % entry,
base="", scope=SCOPE_SUBTREE)
delta = secrets_ldb.msg_diff(empty, reference[0])
for att in hashAttrNotCopied:
secrets_ldb.add(delta)
for entry in listPresent:
- reference = newsecrets_ldb.search(expression="dn=%s" % entry,
+ reference = newsecrets_ldb.search(expression="distinguishedName=%s" % entry,
base="", scope=SCOPE_SUBTREE)
- current = secrets_ldb.search(expression="dn=%s" % entry, base="",
+ current = secrets_ldb.search(expression="distinguishedName=%s" % entry, base="",
scope=SCOPE_SUBTREE)
delta = secrets_ldb.msg_diff(current[0], reference[0])
for att in hashAttrNotCopied:
delta.remove(att)
for entry in listPresent:
- reference = newsecrets_ldb.search(expression="dn=%s" % entry, base="",
+ reference = newsecrets_ldb.search(expression="distinguishedName=%s" % entry, base="",
scope=SCOPE_SUBTREE)
- current = secrets_ldb.search(expression="dn=%s" % entry, base="",
+ current = secrets_ldb.search(expression="distinguishedName=%s" % entry, base="",
scope=SCOPE_SUBTREE)
delta = secrets_ldb.msg_diff(current[0], reference[0])
for att in hashAttrNotCopied:
reference = refsam.search(expression="")
for refentry in reference:
- entry = sam.search(expression="dn=%s" % refentry["dn"],
+ entry = sam.search(expression="distinguishedName=%s" % refentry["dn"],
scope=SCOPE_SUBTREE)
if not len(entry):
delta = sam.msg_diff(empty, refentry)