The Samba-Bugzilla – Attachment 15080 Details for
Bug 13799
samba-tool domain schemaupgrade uses relax control and skips the schemaInfo update
Home
|
New
|
Browse
|
Search
|
[?]
|
Reports
|
Requests
|
Help
|
New Account
|
Log In
[x]
|
Forgot Password
Login:
[x]
[patch]
Patches for v4-9-test (without test)
tmp49.diff.txt (text/plain), 9.13 KB, created by
Stefan Metzmacher
on 2019-04-17 21:20:51 UTC
(
hide
)
Description:
Patches for v4-9-test (without test)
Filename:
MIME Type:
Creator:
Stefan Metzmacher
Created:
2019-04-17 21:20:51 UTC
Size:
9.13 KB
patch
obsolete
>From a0e7815ea398a08e36564110c5f6be149673cd25 Mon Sep 17 00:00:00 2001 >From: Stefan Metzmacher <metze@samba.org> >Date: Sat, 23 Feb 2019 00:14:31 +0100 >Subject: [PATCH 1/5] drsuapi.idl: add DRSUAPI_ATTID_schemaInfo > >BUG: https://bugzilla.samba.org/show_bug.cgi?id=13799 > >Signed-off-by: Stefan Metzmacher <metze@samba.org> >Reviewed-by: Andrew Bartlett <abartlet@samba.org> >Reviewed-by: Garming Sam <garming@catalyst.net.nz> >(cherry picked from commit 140a6733a458d0afa20237a09ef4ee2546a83a8f) >--- > librpc/idl/drsuapi.idl | 1 + > 1 file changed, 1 insertion(+) > >diff --git a/librpc/idl/drsuapi.idl b/librpc/idl/drsuapi.idl >index cd90500faf57..448a58bcd1f5 100644 >--- a/librpc/idl/drsuapi.idl >+++ b/librpc/idl/drsuapi.idl >@@ -548,6 +548,7 @@ interface drsuapi > DRSUAPI_ATTID_objectCategory = 0x0009030e, > DRSUAPI_ATTID_gPLink = 0x0009037b, > DRSUAPI_ATTID_transportAddressAttribute = 0x0009037f, >+ DRSUAPI_ATTID_schemaInfo = 0x0009054e, > DRSUAPI_ATTID_msDS_Behavior_Version = 0x000905b3, > DRSUAPI_ATTID_msDS_KeyVersionNumber = 0x000906f6, > DRSUAPI_ATTID_msDS_NonMembers = 0x00090701, >-- >2.17.1 > > >From 0c7b3e8b7abb46977986eb3b2a55442b120a08c1 Mon Sep 17 00:00:00 2001 >From: Stefan Metzmacher <metze@samba.org> >Date: Thu, 21 Feb 2019 09:20:48 +0100 >Subject: [PATCH 2/5] ldapcmp: ignore 'schemaInfo' if two domains are compared > >BUG: https://bugzilla.samba.org/show_bug.cgi?id=13799 > >Signed-off-by: Stefan Metzmacher <metze@samba.org> >Reviewed-by: Andrew Bartlett <abartlet@samba.org> >Reviewed-by: Garming Sam <garming@catalyst.net.nz> >(cherry picked from commit b5b572d5f71e2b9783ddb25c21ac32904fbfd661) >--- > python/samba/netcmd/ldapcmp.py | 2 +- > 1 file changed, 1 insertion(+), 1 deletion(-) > >diff --git a/python/samba/netcmd/ldapcmp.py b/python/samba/netcmd/ldapcmp.py >index 4e5abad7cfed..aa8aa7c7558b 100644 >--- a/python/samba/netcmd/ldapcmp.py >+++ b/python/samba/netcmd/ldapcmp.py >@@ -465,7 +465,7 @@ class LDAPObject(object): > "msDs-masteredBy", "lastSetTime", > "ipsecNegotiationPolicyReference", "subRefs", "gPCFileSysPath", > "accountExpires", "invocationId", "operatingSystemVersion", >- "oEMInformation", >+ "oEMInformation", "schemaInfo", > # After Exchange preps > "targetAddress", "msExchMailboxGuid", "siteFolderGUID"] > # >-- >2.17.1 > > >From 9e8431fec38e600f5c2e471c8eccb4148a51b08b Mon Sep 17 00:00:00 2001 >From: Stefan Metzmacher <metze@samba.org> >Date: Fri, 8 Mar 2019 11:27:14 +0100 >Subject: [PATCH 3/5] s4:provision: split out > provision_self_join_modify_schema.ldif > >BUG: https://bugzilla.samba.org/show_bug.cgi?id=13799 > >Signed-off-by: Stefan Metzmacher <metze@samba.org> >Reviewed-by: Andrew Bartlett <abartlet@samba.org> >Reviewed-by: Garming Sam <garming@catalyst.net.nz> >(cherry picked from commit 5ea84af2d69e0b3a2a801ea0cc3f4ffc66bf1764) >--- > python/samba/provision/__init__.py | 7 ++++++- > source4/setup/provision_self_join_modify_config.ldif | 5 ----- > source4/setup/provision_self_join_modify_schema.ldif | 4 ++++ > 3 files changed, 10 insertions(+), 6 deletions(-) > create mode 100644 source4/setup/provision_self_join_modify_schema.ldif > >diff --git a/python/samba/provision/__init__.py b/python/samba/provision/__init__.py >index 066411ab8d74..492ce6809f6e 100644 >--- a/python/samba/provision/__init__.py >+++ b/python/samba/provision/__init__.py >@@ -1182,7 +1182,12 @@ def setup_self_join(samdb, admin_session_info, names, fill, machinepass, > "DOMAIN_CONTROLLER_FUNCTIONALITY": str( > domainControllerFunctionality)}) > >- # Setup fSMORoleOwner entries to point at the newly created DC entry >+ # Setup fSMORoleOwner entries to point at the newly created DC entry >+ setup_modify_ldif(samdb, >+ setup_path("provision_self_join_modify_schema.ldif"), { >+ "SCHEMADN": names.schemadn, >+ "SERVERDN": names.serverdn, >+ }) > setup_modify_ldif(samdb, > setup_path("provision_self_join_modify_config.ldif"), { > "CONFIGDN": names.configdn, >diff --git a/source4/setup/provision_self_join_modify_config.ldif b/source4/setup/provision_self_join_modify_config.ldif >index 48a70924b89e..2d8e4c929449 100644 >--- a/source4/setup/provision_self_join_modify_config.ldif >+++ b/source4/setup/provision_self_join_modify_config.ldif >@@ -1,8 +1,3 @@ >-dn: ${SCHEMADN} >-changetype: modify >-replace: fSMORoleOwner >-fSMORoleOwner: CN=NTDS Settings,${SERVERDN} >- > dn: CN=Partitions,${CONFIGDN} > changetype: modify > replace: fSMORoleOwner >diff --git a/source4/setup/provision_self_join_modify_schema.ldif b/source4/setup/provision_self_join_modify_schema.ldif >new file mode 100644 >index 000000000000..edb06204e5bd >--- /dev/null >+++ b/source4/setup/provision_self_join_modify_schema.ldif >@@ -0,0 +1,4 @@ >+dn: ${SCHEMADN} >+changetype: modify >+replace: fSMORoleOwner >+fSMORoleOwner: CN=NTDS Settings,${SERVERDN} >-- >2.17.1 > > >From 109bc76a09a64c1f35ed1b1ca2ca8b7bfb2bb175 Mon Sep 17 00:00:00 2001 >From: Stefan Metzmacher <metze@samba.org> >Date: Fri, 8 Mar 2019 11:28:42 +0100 >Subject: [PATCH 4/5] python/provision: use provision and relax controls for > schema provision > >BUG: https://bugzilla.samba.org/show_bug.cgi?id=13799 > >Signed-off-by: Stefan Metzmacher <metze@samba.org> >Reviewed-by: Andrew Bartlett <abartlet@samba.org> >Reviewed-by: Garming Sam <garming@catalyst.net.nz> >(cherry picked from commit 7652439fa1aab92945f5540a43fc49568d446917) >--- > python/samba/provision/__init__.py | 19 ++++++++++++------- > 1 file changed, 12 insertions(+), 7 deletions(-) > >diff --git a/python/samba/provision/__init__.py b/python/samba/provision/__init__.py >index 492ce6809f6e..d71f5e1ce30a 100644 >--- a/python/samba/provision/__init__.py >+++ b/python/samba/provision/__init__.py >@@ -1187,7 +1187,8 @@ def setup_self_join(samdb, admin_session_info, names, fill, machinepass, > setup_path("provision_self_join_modify_schema.ldif"), { > "SCHEMADN": names.schemadn, > "SERVERDN": names.serverdn, >- }) >+ }, >+ controls=["provision:0", "relax:0"]) > setup_modify_ldif(samdb, > setup_path("provision_self_join_modify_config.ldif"), { > "CONFIGDN": names.configdn, >@@ -1406,16 +1407,20 @@ def fill_samdb(samdb, lp, names, logger, policyguid, > > # The LDIF here was created when the Schema object was constructed > ignore_checks_oid = "local_oid:%s:0" % samba.dsdb.DSDB_CONTROL_SKIP_DUPLICATES_CHECK_OID >+ schema_controls = [ >+ "provision:0", >+ "relax:0", >+ ignore_checks_oid >+ ] >+ > logger.info("Setting up sam.ldb schema") >- samdb.add_ldif(schema.schema_dn_add, >- controls=["relax:0", ignore_checks_oid]) >- samdb.modify_ldif(schema.schema_dn_modify, >- controls=[ignore_checks_oid]) >+ samdb.add_ldif(schema.schema_dn_add, controls=schema_controls) >+ samdb.modify_ldif(schema.schema_dn_modify, controls=schema_controls) > samdb.write_prefixes_from_schema() >- samdb.add_ldif(schema.schema_data, controls=["relax:0", ignore_checks_oid]) >+ samdb.add_ldif(schema.schema_data, controls=schema_controls) > setup_add_ldif(samdb, setup_path("aggregate_schema.ldif"), > {"SCHEMADN": names.schemadn}, >- controls=["relax:0", ignore_checks_oid]) >+ controls=schema_controls) > > # Now register this container in the root of the forest > msg = ldb.Message(ldb.Dn(samdb, names.domaindn)) >-- >2.17.1 > > >From b16a8fef8e57d4390456e7173c732492b55e90a7 Mon Sep 17 00:00:00 2001 >From: Aaron Haslett <aaronhaslett@catalyst.net.nz> >Date: Wed, 3 Apr 2019 16:34:42 +1300 >Subject: [PATCH 5/5] dsdb:samdb: schemainfo update with relax control > >Currently schema info's revision field isn't incremented if relax >control is present. This is so that no increment is done during >provision, but we need the relax control in other situations where >the increment is desired, so we should use the provision control instead >to disable schema info update. > >BUG: https://bugzilla.samba.org/show_bug.cgi?id=13799 > >Signed-off-by: Aaron Haslett <aaronhaslett@catalyst.net.nz> >Reviewed-by: Stefan Metzmacher <metze@samba.org> >Reviewed-by: Andrew Bartlett <abartlet@samba.org> >Reviewed-by: Garming Sam <garming@catalyst.net.nz> >(cherry picked from commit b7c1752754da1e8a83a53670cf4a410ec6e9d7b7) >--- > source4/dsdb/samdb/ldb_modules/samldb.c | 2 +- > 1 file changed, 1 insertion(+), 1 deletion(-) > >diff --git a/source4/dsdb/samdb/ldb_modules/samldb.c b/source4/dsdb/samdb/ldb_modules/samldb.c >index e69228c32c75..02eb2fa90494 100644 >--- a/source4/dsdb/samdb/ldb_modules/samldb.c >+++ b/source4/dsdb/samdb/ldb_modules/samldb.c >@@ -1333,7 +1333,7 @@ static int samldb_schema_info_update(struct samldb_ctx *ac) > } > > /* do not update schemaInfo during provisioning */ >- if (ldb_request_get_control(ac->req, LDB_CONTROL_RELAX_OID)) { >+ if (ldb_request_get_control(ac->req, LDB_CONTROL_PROVISION_OID)) { > return LDB_SUCCESS; > } > >-- >2.17.1 >
<b>You cannot view the attachment while viewing its details because your browser does not support IFRAMEs. <a href="attachment.cgi?id=15080">View the attachment on a separate page</a>.</b>
View Attachment As Raw
Flags:
metze
:
review?
(
abartlet
)
garming
:
review+
Actions:
View
Attachments on
bug 13799
:
15079
| 15080