Skip to content

Commit

Permalink
kcc: Clean up repsTo attribute for old DCs
Browse files Browse the repository at this point in the history 
Signed-off-by: Garming Sam <[email protected]>
Reviewed-by: Andrew Bartlett <[email protected]>

Autobuild-User(master): Garming Sam <[email protected]>
Autobuild-Date(master): Tue Jul 26 05:11:57 CEST 2016 on sn-devel-144
  • Loading branch information
@GSam
GSam committed Jul 26, 2016
1 parent 9427a24 commit 8dabd57
Show file tree
Hide file tree
Showing 2 changed files with 73 additions and 0 deletions.
70 changes: 70 additions & 0 deletions python/samba/kcc/__init__.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -927,6 +927,8 @@ def translate_ntdsconn(self, current_dsa=None):
for dnstr in delete_reps:
del current_rep_table[dnstr]

# HANDLE REPS-FROM
#
# Now perform the scan of replicas we'll need
# and compare any current repsFrom against the
# connections
Expand Down Expand Up @@ -1039,6 +1041,74 @@ def translate_ntdsconn(self, current_dsa=None):
# Commit any modified repsFrom to the NC replica
n_rep.commit_repsFrom(self.samdb)

# HANDLE REPS-TO:
#
# Now perform the scan of replicas we'll need
# and compare any current repsTo against the
# connections

# RODC should never push to anybody (should we check this?)
if ro:
return

for n_rep in needed_rep_table.values():

# load any repsTo and fsmo roles as we'll
# need them during connection translation
n_rep.load_repsTo(self.samdb)

# Loop thru the existing repsTo tuples (if any)
# XXX This is a list and could contain duplicates
# (multiple load_repsTo calls)
for t_repsTo in n_rep.rep_repsTo:

# for each tuple t in n!repsTo, let s be the nTDSDSA
# object such that s!objectGUID = t.uuidDsa
guidstr = str(t_repsTo.source_dsa_obj_guid)
s_dsa = self.get_dsa_by_guidstr(guidstr)

# Source dsa is gone from config (strange)
# so cleanup stale repsTo for unlisted DSA
if s_dsa is None:
logger.warning("repsTo source DSA guid (%s) not found" %
guidstr)
t_repsTo.to_be_deleted = True
continue

# Find the connection that this repsTo would use. If
# there isn't a good one (i.e. non-RODC_TOPOLOGY,
# meaning non-FRS), we delete the repsTo.
s_dnstr = s_dsa.dsa_dnstr
if '\\0ADEL' in s_dnstr:
logger.warning("repsTo source DSA guid (%s) appears deleted" %
guidstr)
t_repsTo.to_be_deleted = True
continue

connections = s_dsa.get_connection_by_from_dnstr(self.my_dsa_dnstr)
if len(connections) > 0:
# Then this repsTo is tentatively valid
continue
else:
# There is no plausible connection for this repsTo
t_repsTo.to_be_deleted = True

if self.readonly:
# Display any to be deleted or modified repsTo
text = n_rep.dumpstr_reps_to()
if text:
logger.info("REMOVING REPS-TO:\n%s" % text)

# Peform deletion from our tables but perform
# no database modification
n_rep.commit_repsTo(self.samdb, ro=True)
else:
# Commit any modified repsTo to the NC replica
n_rep.commit_repsTo(self.samdb)

# TODO Remove any duplicate repsTo values. This should never happen in
# any normal situations.

def merge_failed_links(self, ping=None):
"""Merge of kCCFailedLinks and kCCFailedLinks from bridgeheads.
Expand Down
3 changes: 3 additions & 0 deletions python/samba/kcc/kcc_utils.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -433,6 +433,9 @@ def dumpstr_to_be_deleted(self):
def dumpstr_to_be_modified(self):
return '\n'.join(str(x) for x in self.rep_repsFrom if x.is_modified())

def dumpstr_reps_to(self):
return '\n'.join(str(x) for x in self.rep_repsTo if x.to_be_deleted)

def load_fsmo_roles(self, samdb):
"""Given an NC replica which has been discovered thru the nTDSDSA
database object, load the fSMORoleOwner attribute.
Expand Down

0 comments on commit 8dabd57

Please sign in to comment.