From 372b8f15ccf37c491f43ec7ab81be692ff0fcfed Mon Sep 17 00:00:00 2001 From: David Mulder Date: Fri, 5 Jan 2024 08:47:07 -0700 Subject: [PATCH] WIP: gp: Skip site GP list if no site is found [MS-GPOL] 3.2.5.1.4 Site Search says if the site search returns ERROR_NO_SITENAME, the GP site search should be skipped. BUG: https://bugzilla.samba.org/show_bug.cgi?id=15548 Signed-off-by: David Mulder --- python/samba/gp/gpclass.py | 30 ++++++++++++++++++------------ 1 file changed, 18 insertions(+), 12 deletions(-) diff --git a/python/samba/gp/gpclass.py b/python/samba/gp/gpclass.py index b7a0dcb0ed5..26c2386847e 100644 --- a/python/samba/gp/gpclass.py +++ b/python/samba/gp/gpclass.py @@ -896,19 +896,25 @@ def get_gpo_list(dc_hostname, creds, lp, username): # (S)ite if gpo_list_machine: - site_dn = site_dn_for_machine(samdb, dc_hostname, lp, creds, username) - try: - log.debug("get_gpo_list: query SITE: [%s] for GPOs" % site_dn) - gp_link = get_gpo_link(samdb, site_dn) - except ldb.LdbError as e: - (enum, estr) = e.args - log.debug(estr) - else: - add_gplink_to_gpo_list(samdb, gpo_list, forced_gpo_list, - site_dn, gp_link, - gpo.GP_LINK_SITE, - add_only_forced_gpos, token) + site_dn = site_dn_for_machine(samdb, dc_hostname, lp, creds, username) + + try: + log.debug("get_gpo_list: query SITE: [%s] for GPOs" % site_dn) + gp_link = get_gpo_link(samdb, site_dn) + except ldb.LdbError as e: + (enum, estr) = e.args + log.debug(estr) + else: + add_gplink_to_gpo_list(samdb, gpo_list, forced_gpo_list, + site_dn, gp_link, + gpo.GP_LINK_SITE, + add_only_forced_gpos, token) + except ldb.LdbError: + # [MS-GPOL] 3.2.5.1.4 Site Search: If the method returns + # ERROR_NO_SITENAME, the remainder of this message MUST be skipped + # and the protocol sequence MUST continue at GPO Search + pass # (L)ocal gpo_list.insert(0, gpo.GROUP_POLICY_OBJECT("Local Policy", -- 2.42.1