gp: Skip site GP list if no site is found

[MS-GPOL] 3.2.5.1.4 Site Search says if the site
search returns ERROR_NO_SITENAME, the GP site
search should be skipped.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=15548

Signed-off-by: David Mulder <dmulder@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Autobuild-User(master): Andreas Schneider <asn@cryptomilk.org>
Autobuild-Date(master): Tue Jan 23 11:20:35 UTC 2024 on atb-devel-224

diff --git a/python/samba/gp/gpclass.py b/python/samba/gp/gpclass.py
index b7a0dcb0ed5caed1cbb3d7363b5e16a7fc633f21..26c2386847e0067fc93d1f08ef2d9874e98a882d 100644 (file)
--- a/python/samba/gp/gpclass.py
+++ b/python/samba/gp/gpclass.py
@@ -896,19 +896,25 @@ def get_gpo_list(dc_hostname, creds, lp, username):
 
     # (S)ite
     if gpo_list_machine:
-        site_dn = site_dn_for_machine(samdb, dc_hostname, lp, creds, username)
-
         try:
-            log.debug("get_gpo_list: query SITE: [%s] for GPOs" % site_dn)
-            gp_link = get_gpo_link(samdb, site_dn)
-        except ldb.LdbError as e:
-            (enum, estr) = e.args
-            log.debug(estr)
-        else:
-            add_gplink_to_gpo_list(samdb, gpo_list, forced_gpo_list,
-                                   site_dn, gp_link,
-                                   gpo.GP_LINK_SITE,
-                                   add_only_forced_gpos, token)
+            site_dn = site_dn_for_machine(samdb, dc_hostname, lp, creds, username)
+
+            try:
+                log.debug("get_gpo_list: query SITE: [%s] for GPOs" % site_dn)
+                gp_link = get_gpo_link(samdb, site_dn)
+            except ldb.LdbError as e:
+                (enum, estr) = e.args
+                log.debug(estr)
+            else:
+                add_gplink_to_gpo_list(samdb, gpo_list, forced_gpo_list,
+                                       site_dn, gp_link,
+                                       gpo.GP_LINK_SITE,
+                                       add_only_forced_gpos, token)
+        except ldb.LdbError:
+            # [MS-GPOL] 3.2.5.1.4 Site Search: If the method returns
+            # ERROR_NO_SITENAME, the remainder of this message MUST be skipped
+            # and the protocol sequence MUST continue at GPO Search
+            pass
 
     # (L)ocal
     gpo_list.insert(0, gpo.GROUP_POLICY_OBJECT("Local Policy",