The Samba-Bugzilla – Attachment 14343 Details for
Bug 13538
samba-tool trust: support discovery via netr_GetDcName
Home
|
New
|
Browse
|
Search
|
[?]
|
Reports
|
Requests
|
Help
|
New Account
|
Log In
[x]
|
Forgot Password
Login:
[x]
[patch]
Patch for v4-7-test
tmp47.diff.txt (text/plain), 4.70 KB, created by
Stefan Metzmacher
on 2018-07-26 10:16:07 UTC
(
hide
)
Description:
Patch for v4-7-test
Filename:
MIME Type:
Creator:
Stefan Metzmacher
Created:
2018-07-26 10:16:07 UTC
Size:
4.70 KB
patch
obsolete
>From d9732aa8f9c3a08ff7cfd7623ac22e0276c187a4 Mon Sep 17 00:00:00 2001 >From: Alexander Bokovoy <ab@samba.org> >Date: Sat, 24 Feb 2018 14:34:44 +0200 >Subject: [PATCH] samba-tool trust: support discovery via netr_GetDcName > >In case a remote DC does not support netr_DsRGetDCNameEx2(), >use netr_GetDcName() instead. > >This should help with FreeIPA where embedded smbd runs as a domain >controller but does not implement full Active Directory compatibility. > >BUG: https://bugzilla.samba.org/show_bug.cgi?id=13538 > >Signed-off-by: Alexander Bokovoy <ab@samba.org> >Reviewed-by: Stefan Metzmacher <metze@samba.org> > >Autobuild-User(master): Alexander Bokovoy <ab@samba.org> >Autobuild-Date(master): Tue Jul 24 09:55:23 CEST 2018 on sn-devel-144 > >(cherry picked from commit c390728819e73cefbf02e0d52d22805930f4c45b) >--- > python/samba/netcmd/domain.py | 26 ++++++++++++++++++-------- > 1 file changed, 18 insertions(+), 8 deletions(-) > >diff --git a/python/samba/netcmd/domain.py b/python/samba/netcmd/domain.py >index e3a0e4921f26..65df89555cb3 100644 >--- a/python/samba/netcmd/domain.py >+++ b/python/samba/netcmd/domain.py >@@ -1774,6 +1774,15 @@ class DomainTrustCommand(Command): > > return (policy, info) > >+ def get_netlogon_dc_unc(self, conn, server, domain): >+ try: >+ info = conn.netr_DsRGetDCNameEx2(server, >+ None, 0, None, None, None, >+ netlogon.DS_RETURN_DNS_NAME) >+ return info.dc_unc >+ except RuntimeError: >+ return conn.netr_GetDcName(server, domain) >+ > def get_netlogon_dc_info(self, conn, server): > info = conn.netr_DsRGetDCNameEx2(server, > None, 0, None, None, None, >@@ -2408,7 +2417,8 @@ class cmd_domain_trust_create(DomainTrustCommand): > raise self.RemoteRuntimeError(self, error, "failed to connect netlogon server") > > try: >- remote_netlogon_info = self.get_netlogon_dc_info(remote_netlogon, remote_server) >+ remote_netlogon_dc_unc = self.get_netlogon_dc_unc(remote_netlogon, >+ remote_server, domain) > except RuntimeError as error: > raise self.RemoteRuntimeError(self, error, "failed to get netlogon dc info") > >@@ -2558,9 +2568,9 @@ class cmd_domain_trust_create(DomainTrustCommand): > # this triggers netr_GetForestTrustInformation to our domain. > # and lsaRSetForestTrustInformation() remotely, but new top level > # names are disabled by default. >- remote_forest_info = remote_netlogon.netr_DsRGetForestTrustInformation(remote_netlogon_info.dc_unc, >- local_lsa_info.dns_domain.string, >- netlogon.DS_GFTI_UPDATE_TDO) >+ remote_forest_info = remote_netlogon.netr_DsRGetForestTrustInformation(remote_netlogon_dc_unc, >+ local_lsa_info.dns_domain.string, >+ netlogon.DS_GFTI_UPDATE_TDO) > except RuntimeError as error: > raise self.RemoteRuntimeError(self, error, "netr_DsRGetForestTrustInformation() failed") > >@@ -2611,10 +2621,10 @@ class cmd_domain_trust_create(DomainTrustCommand): > if remote_trust_info.trust_direction & lsa.LSA_TRUST_DIRECTION_OUTBOUND: > self.outf.write("Validating incoming trust...\n") > try: >- remote_trust_verify = remote_netlogon.netr_LogonControl2Ex(remote_netlogon_info.dc_unc, >- netlogon.NETLOGON_CONTROL_TC_VERIFY, >- 2, >- local_lsa_info.dns_domain.string) >+ remote_trust_verify = remote_netlogon.netr_LogonControl2Ex(remote_netlogon_dc_unc, >+ netlogon.NETLOGON_CONTROL_TC_VERIFY, >+ 2, >+ local_lsa_info.dns_domain.string) > except RuntimeError as error: > raise self.RemoteRuntimeError(self, error, "NETLOGON_CONTROL_TC_VERIFY failed") > >-- >2.17.1 >
You cannot view the attachment while viewing its details because your browser does not support IFRAMEs.
View the attachment on a separate page
.
View Attachment As Raw
Flags:
ab
:
review+
Actions:
View
Attachments on
bug 13538
:
14341
|
14342
| 14343