netcmd: Better error message for backup with no RID pool

Add a better error message (and what to do about it) if the user tries to back up a DC that hasn't initialized its RID pool yet. Seems to be a fairly common problem hit by users. BUG: https://bugzilla.samba.org/show_bug.cgi?id=14048 RN: Added more informative error message if the 'samba-tool domain backup' command fails due to no RID pool being present on the DC. Signed-off-by: Tim Beale <[email protected]> Reviewed-by: Andrew Bartlett <[email protected]> Autobuild-User(master): Andrew Bartlett <[email protected]> Autobuild-Date(master): Wed Jul 24 07:07:01 UTC 2019 on sn-devel-184
trietend · Jul 24, 2019 · 9d2fd08 · 9d2fd08
1 parent 6c691bf
commit 9d2fd08
Showing 1 changed file with 13 additions and 5 deletions.
diff --git a/python/samba/netcmd/domain_backup.py b/python/samba/netcmd/domain_backup.py
@@ -59,7 +59,7 @@
 # work out a SID (based on a free RID) to use when the domain gets restored.
 # This ensures that the restored DC's SID won't clash with any other RIDs
 # already in use in the domain
-def get_sid_for_restore(samdb):
+def get_sid_for_restore(samdb, logger):
     # Find the DN of the RID set of the server
     res = samdb.search(base=ldb.Dn(samdb, samdb.get_serverName()),
                        scope=ldb.SCOPE_BASE, attrs=["serverReference"])
@@ -78,7 +78,15 @@ def get_sid_for_restore(samdb):
                               'rIDNextRID'])
 
     # Decode the bounds of the RID allocation pools
-    rid = int(res[0].get('rIDNextRID')[0])
+    try:
+        rid = int(res[0].get('rIDNextRID')[0])
+    except IndexError:
+        logger.info("The RID pool for this DC is not initalized "
+                    "(e.g. it may be a fairly new DC).")
+        logger.info("To initialize it, create a temporary user on this DC "
+                    "(you can delete it later).")
+        raise CommandError("Cannot create backup - "
+                           "please initialize this DC's RID pool first.")
 
     def split_val(num):
         high = (0xFFFFFFFF00000000 & int(num)) >> 32
@@ -255,7 +263,7 @@ def run(self, sambaopts=None, credopts=None, server=None, targetdir=None,
         # Get a free RID to use as the new DC's SID (when it gets restored)
         remote_sam = SamDB(url='ldap://' + server, credentials=creds,
                            session_info=system_session(), lp=lp)
-        new_sid = get_sid_for_restore(remote_sam)
+        new_sid = get_sid_for_restore(remote_sam, logger)
         realm = remote_sam.domain_dns_name()
 
         # Grab the remote DC's sysvol files and bundle them into a tar file
@@ -838,7 +846,7 @@ def run(self, new_domain_name, new_dns_realm, sambaopts=None,
         # get a free RID to use as the new DC's SID (when it gets restored)
         remote_sam = SamDB(url='ldap://' + server, credentials=creds,
                            session_info=system_session(), lp=lp)
-        new_sid = get_sid_for_restore(remote_sam)
+        new_sid = get_sid_for_restore(remote_sam, logger)
 
         # Grab the remote DC's sysvol files and bundle them into a tar file.
         # Note we end up with 2 sysvol dirs - the original domain's files (that
@@ -1016,7 +1024,7 @@ def run(self, sambaopts=None, targetdir=None):
         check_targetdir(logger, targetdir)
 
         samdb = SamDB(url=paths.samdb, session_info=system_session(), lp=lp)
-        sid = get_sid_for_restore(samdb)
+        sid = get_sid_for_restore(samdb, logger)
 
         backup_dirs = [paths.private_dir, paths.state_dir,
                        os.path.dirname(paths.smbconf)]  # etc dir