scripting/samba_upgradedns: Tighten up exception and attribute list handling

This avoids asking for attributes that will not be used, and looks only for the
expected exceptions, rather than all exceptions.

Andrew Bartlett

Reviewed-by: Stefan Metzmacher <metze@samba.org>

diff --git a/source4/scripting/bin/samba_upgradedns b/source4/scripting/bin/samba_upgradedns
index 731276df44f2d6363d10eef6a4f40f1529713bcb..306f4d60378dfca419d4b668420381cfe32a03f4 100755 (executable)
--- a/source4/scripting/bin/samba_upgradedns
+++ b/source4/scripting/bin/samba_upgradedns
@@ -298,7 +298,7 @@ if __name__ == '__main__':
                               expression='(sAMAccountName=DnsAdmins)',
                               attrs=['objectSid'])
         dnsadmins_sid = ndr_unpack(security.dom_sid, msg[0]['objectSid'][0])
-    except Exception, e:
+    except IndexError:
         logger.info("Adding DNS accounts")
         add_dns_accounts(ldbs.sam, domaindn)
         dnsadmins_sid = get_dnsadmins_sid(ldbs.sam, domaindn)
@@ -328,7 +328,7 @@ if __name__ == '__main__':
         msg = ldbs.sam.search(base=names.configdn, scope=ldb.SCOPE_DEFAULT,
                               expression=expression, attrs=['nCName'])
         ncname = msg[0]['nCName'][0]
-    except Exception, e:
+    except IndexError:
         logger.info("Creating DNS partitions")
 
         logger.info("Looking up IPv4 addresses")
@@ -429,16 +429,17 @@ if __name__ == '__main__':
             dn = 'samAccountName=dns-%s,CN=Principals' % hostname
             msg = ldbs.secrets.search(expression='(dn=%s)' % dn, attrs=['secret'])
             dnssecret = msg[0]['secret'][0]
-        except Exception:
+        except IndexError:
+
             logger.info("Adding dns-%s account" % hostname)
 
             try:
                 msg = ldbs.sam.search(base=domaindn, scope=ldb.SCOPE_DEFAULT,
                                       expression='(sAMAccountName=dns-%s)' % (hostname),
-                                      attrs=['clearTextPassword'])
+                                      attrs=[])
                 dn = msg[0].dn
                 ldbs.sam.delete(dn)
-            except Exception:
+            except IndexError:
                 pass
 
             dnspass = samba.generate_random_password(128, 255)
@@ -486,9 +487,9 @@ if __name__ == '__main__':
         # Check if dns-HOSTNAME account exists and delete it if required
         try:
             dn_str = 'samAccountName=dns-%s,CN=Principals' % hostname
-            msg = ldbs.secrets.search(expression='(dn=%s)' % dn_str, attrs=['secret'])
+            msg = ldbs.secrets.search(expression='(dn=%s)' % dn_str, attrs=[])
             dn = msg[0].dn
-        except Exception:
+        except IndexError:
             dn = None
 
         if dn is not None:
@@ -500,9 +501,9 @@ if __name__ == '__main__':
         try:
             msg = ldbs.sam.search(base=domaindn, scope=ldb.SCOPE_DEFAULT,
                                   expression='(sAMAccountName=dns-%s)' % (hostname),
-                                  attrs=['clearTextPassword'])
+                                  attrs=[])
             dn = msg[0].dn
-        except Exception:
+        except IndexError:
             dn = None
 
         if dn is not None: