remove_computer_obj=False,
remove_server_obj=False,
remove_sysvol_obj=False,
- remove_dns_names=False):
+ remove_dns_names=False,
+ remove_dns_account=False):
res = samdb.search("",
scope=ldb.SCOPE_BASE, attrs=["dsServiceName"])
assert len(res) == 1
computer_msgs = samdb.search(base=computer_dn,
expression="objectclass=computer",
attrs=["msDS-KrbTgtLink",
- "rIDSetReferences"],
+ "rIDSetReferences",
+ "cn"],
scope=ldb.SCOPE_BASE)
if "rIDSetReferences" in computer_msgs[0]:
samdb.delete(computer_msgs[0]["rIDSetReferences"][0])
if "dnsHostName" in msgs[0]:
dnsHostName = msgs[0]["dnsHostName"][0]
+ if remove_dns_account:
+ res = samdb.search(expression="(&(objectclass=user)(cn=dns-%s)(servicePrincipalName=DNS/%s))" %
+ (ldb.binary_encode(dc_name), dnsHostName),
+ attrs=[], scope=ldb.SCOPE_SUBTREE,
+ base=samdb.get_default_basedn())
+ if len(res) == 1:
+ samdb.delete(res[0].dn)
+
if dnsHostName is not None and remove_dns_names:
remove_dns_references(samdb, dnsHostName)
remove_connection_obj=False,
seize_stale_fsmo=False,
remove_sysvol_obj=False,
- remove_dns_names=False):
+ remove_dns_names=False,
+ remove_dns_account=False):
res = samdb.search("",
scope=ldb.SCOPE_BASE, attrs=["dsServiceName"])
assert len(res) == 1
remove_computer_obj=remove_computer_obj,
remove_server_obj=remove_server_obj,
remove_sysvol_obj=remove_sysvol_obj,
- remove_dns_names=remove_dns_names)
+ remove_dns_names=remove_dns_names,
+ remove_dns_account=remove_dns_account)
def remove_dc(samdb, dc_name):
remove_computer_obj=True,
remove_server_obj=True,
remove_sysvol_obj=True,
- remove_dns_names=True)
+ remove_dns_names=True,
+ remove_dns_account=True)
samdb.transaction_commit()
return
remove_connection_obj=True,
seize_stale_fsmo=True,
remove_sysvol_obj=True,
- remove_dns_names=True)
+ remove_dns_names=True,
+ remove_dns_account=True)
samdb.transaction_commit()
server_dn = samdb.searchone("serverReferenceBL", "cn=%s,ou=domain controllers,%s" % (self.dc2, server_nc_name))
ntds_guid = samdb.searchone("objectGUID", "cn=ntds settings,%s" % server_dn)
+ res = samdb.search(base=str(server_nc_name),
+ expression="(&(objectclass=user)(cn=dns-%s))" % (self.dc2),
+ attrs=[], scope=ldb.SCOPE_SUBTREE)
+ if len(res) == 1:
+ dns_obj = res[0]
+ else:
+ dns_obj = None
+
def demote_self():
# While we have this cloned, try demoting the other server on the clone
out = self.check_output("samba-tool domain demote --remove-other-dead-server=%s -H %s/private/sam.ldb"
samdb.searchone("CN", "<GUID=%s>" % ntds_guid)
self.assertRaises(ldb.LdbError, check_ntds_guid)
+ if dns_obj is not None:
+ # Check some of the objects that should have been removed
+ def check_dns_account_obj():
+ samdb.search(base=dns_obj.dn, scope=ldb.SCOPE_BASE,
+ attrs=[])
+ self.assertRaises(ldb.LdbError, check_dns_account_obj)
+
shutil.rmtree(os.path.join(self.tempdir, "private"))
shutil.rmtree(os.path.join(self.tempdir, "etc"))
shutil.rmtree(os.path.join(self.tempdir, "msg.lock"))