summaryrefslogtreecommitdiffstats
path: root/source4/scripting/devel/getncchanges
diff options
context:
space:
mode:
Diffstat (limited to '')
-rwxr-xr-xsource4/scripting/devel/getncchanges143
1 files changed, 143 insertions, 0 deletions
diff --git a/source4/scripting/devel/getncchanges b/source4/scripting/devel/getncchanges
new file mode 100755
index 0000000..a1a4d14
--- /dev/null
+++ b/source4/scripting/devel/getncchanges
@@ -0,0 +1,143 @@
+#!/usr/bin/env python3
+
+# script to call a DRS GetNCChanges from the command line
+# this is useful for plugfest testing
+import sys
+from optparse import OptionParser
+
+sys.path.insert(0, "bin/python")
+
+import samba, ldb
+import samba.getopt as options
+from samba.dcerpc import drsuapi, misc
+from samba.samdb import SamDB
+from samba.auth import system_session
+from samba.ndr import ndr_unpack
+from samba.drs_utils import drs_get_rodc_partial_attribute_set, drs_DsBind
+
+
+########### main code ###########
+if __name__ == "__main__":
+ parser = OptionParser("getncchanges [options] server")
+ sambaopts = options.SambaOptions(parser)
+ parser.add_option_group(sambaopts)
+ credopts = options.CredentialsOptionsDouble(parser)
+ parser.add_option_group(credopts)
+
+ parser.add_option("", "--dn", dest="dn", help="DN to replicate",)
+ parser.add_option("", "--exop", dest="exop", help="extended operation",)
+ parser.add_option("", "--pas", dest="use_pas", action='store_true', default=False,
+ help="send partial attribute set (for RODC)")
+ parser.add_option("", "--nb-iter", type='int', help="Number of getncchange iterations")
+ parser.add_option("", "--dest-dsa", type='str', help="destination DSA GUID")
+ parser.add_option("", "--rodc", action='store_true', default=False,
+ help='use RODC replica flags')
+ parser.add_option("", "--partial-rw", action='store_true', default=False,
+ help='use RW partial replica flags, not be confused with --pas')
+ parser.add_option("", "--replica-flags", type='int',
+ default=drsuapi.DRSUAPI_DRS_INIT_SYNC |
+ drsuapi.DRSUAPI_DRS_PER_SYNC |
+ drsuapi.DRSUAPI_DRS_WRIT_REP |
+ drsuapi.DRSUAPI_DRS_GET_ANC |
+ drsuapi.DRSUAPI_DRS_NEVER_SYNCED,
+ help='replica flags')
+
+ (opts, args) = parser.parse_args()
+ if opts.rodc:
+ opts.replica_flags = drsuapi.DRSUAPI_DRS_INIT_SYNC |\
+ drsuapi.DRSUAPI_DRS_PER_SYNC |\
+ drsuapi.DRSUAPI_DRS_GET_ANC |\
+ drsuapi.DRSUAPI_DRS_NEVER_SYNCED |\
+ drsuapi.DRSUAPI_DRS_SPECIAL_SECRET_PROCESSING |\
+ drsuapi.DRSUAPI_DRS_GET_ALL_GROUP_MEMBERSHIP
+
+ if opts.partial_rw:
+ opts.replica_flags = drsuapi.DRSUAPI_DRS_INIT_SYNC |\
+ drsuapi.DRSUAPI_DRS_PER_SYNC |\
+ drsuapi.DRSUAPI_DRS_GET_ANC |\
+ drsuapi.DRSUAPI_DRS_NEVER_SYNCED
+
+ lp = sambaopts.get_loadparm()
+ creds = credopts.get_credentials(lp)
+
+ if len(args) != 1:
+ parser.error("You must supply a server")
+
+ if creds.is_anonymous():
+ parser.error("You must supply credentials")
+
+ if opts.partial_rw and opts.rodc:
+ parser.error("Can't specify --partial-rw and --rodc")
+
+ server = args[0]
+
+ binding_str = "ncacn_ip_tcp:%s[seal,print]" % server
+
+ drs = drsuapi.drsuapi(binding_str, lp, creds)
+ drs_handle, supported_extensions = drs_DsBind(drs)
+ print("DRS Handle: %s" % drs_handle)
+
+ req8 = drsuapi.DsGetNCChangesRequest8()
+
+ samdb = SamDB(url="ldap://%s" % server,
+ session_info=system_session(),
+ credentials=creds, lp=lp)
+
+ if opts.use_pas:
+ local_samdb = SamDB(url=None, session_info=system_session(),
+ credentials=creds, lp=lp)
+
+ if opts.dn is None:
+ opts.dn = str(samdb.get_default_basedn())
+
+ if opts.exop is None:
+ exop = drsuapi.DRSUAPI_EXOP_NONE
+ else:
+ exop = int(opts.exop)
+
+ dest_dsa = opts.dest_dsa
+ if not dest_dsa:
+ print("no dest_dsa specified trying to figure out from ldap")
+ msgs = samdb.search(controls=["search_options:1:2"],
+ expression='(objectclass=ntdsdsa)')
+ if len(msgs) == 1:
+ dest_dsa = str(ndr_unpack(misc.GUID, msgs[0]["invocationId"][0]))
+ print("Found this dsa: %s" % dest_dsa)
+ else:
+ # TODO fixme
+ pass
+ if not dest_dsa:
+ print("Unable to find the dest_dsa automatically please specify it")
+ import sys
+ sys.exit(1)
+
+ null_guid = misc.GUID()
+ req8.destination_dsa_guid = misc.GUID(dest_dsa)
+ req8.source_dsa_invocation_id = misc.GUID(samdb.get_invocation_id())
+ req8.naming_context = drsuapi.DsReplicaObjectIdentifier()
+ req8.naming_context.dn = opts.dn.decode("utf-8")
+ req8.highwatermark = drsuapi.DsReplicaHighWaterMark()
+ req8.highwatermark.tmp_highest_usn = 0
+ req8.highwatermark.reserved_usn = 0
+ req8.highwatermark.highest_usn = 0
+ req8.uptodateness_vector = None
+ req8.replica_flags = opts.replica_flags
+ req8.max_object_count = 402
+ req8.max_ndr_size = 402116
+ req8.extended_op = exop
+ req8.fsmo_info = 0
+ if opts.use_pas:
+ req8.partial_attribute_set = drs_get_rodc_partial_attribute_set(local_samdb)
+ else:
+ req8.partial_attribute_set = None
+ req8.partial_attribute_set_ex = None
+ req8.mapping_ctr.num_mappings = 0
+ req8.mapping_ctr.mappings = None
+
+ nb_iter = 0
+ while True:
+ (level, ctr) = drs.DsGetNCChanges(drs_handle, 8, req8)
+ nb_iter += 1
+ if ctr.more_data == 0 or opts.nb_iter == nb_iter:
+ break
+ req8.highwatermark = ctr.new_highwatermark