IdRddlZddlZddlmZddlmZmZddlmZddlm Z ddl m Z ddl m Z mZmZmZmZdZd Zidd d d d ddddddddddddddddddd d!d"d#d$d%d&d'd(d)d*id+d,d-d.d/d0d1d2d3d4d5d6d7d8d9d:d;d<d=d>d?d@dAdBdCdDdEdFdGdHdIdJdKdLidMdNdOdPdQdRdSdTdUdVdWdXdYdZd[d\d]d^d_d`dadbdcdddedfdgdhdidjdkdldmdnidodpdqdrdsdtdudvdwdxdydzd{d|d}d~ddddddddddddddddddiddddddddddddddddddddddddddddddddddidddddddddddddddd“ddēddƓddȓddʓdd̓ddΓddГddғddԓidd֓ddؓddړddܓddޓddddddddddddddddddddddddddddddddddddd Ze dedededed iZe dedededediZdgZGdd eZGd d eZy( N)sd_utils) ndr_unpackndr_pack)security) SECINFO_DACL) setup_path)DS_DOMAIN_FUNCTION_2008DS_DOMAIN_FUNCTION_2008_R2DS_DOMAIN_FUNCTION_2012DS_DOMAIN_FUNCTION_2012_R2DS_DOMAIN_FUNCTION_2016 z$27a03717-5963-48fc-ba6f-69faa33e70ed z$3467dae5-dedd-4648-9066-f48ac186b20a z$33b7ee33-1386-47cf-baa1-b03e06473253z$e9ee8d55-c2fb-4723-a333-c80ff4dfbf45z$ccfae63a-7fb5-454c-83ab-0e8e1214974ez$ad3c7909-b154-4c16-8bf7-2c3a7870bb3dz$26ad2ebf-f8f5-44a4-b97c-a616c8b9d09az$4444c516-f43a-4c12-9c4b-b5c064941d61z$436a1a4b-f41a-46e6-ac86-427720ef29f3z$b2b7fb45-f50d-41bc-a73b-8f580f3b636az$1bdf6366-c3db-4d0b-b8cb-f99ba9bce20fz$63c0f51a-067c-4640-8a4f-044fb33f1049z$dae441c0-366e-482e-98d9-60a99a1898ccz$7dd09ca6-f0d6-43bf-b7f8-ef348f435617z$6b800a81-affe-4a15-8e41-6ea0c7aa89e4z$dd07182c-3174-4c95-902a-d64fee285bbfz$ffa5ee3c-1405-476d-b344-7ad37d69cc25z$099f1587-af70-49c6-ab6c-7b3e82be0fe2z$1a3f6b15-55f2-4752-ba27-3d38a8232c4dz$dee21a17-4e8e-4f40-a58c-c0c009b685a7z$9bd98bb4-4047-4de5-bf4c-7bd1d0f6d21d z$3fe80fbf-bf39-4773-b5bd-3e5767a30d2d!z$f02915e2-9141-4f73-b8e7-2804662782da"z$39902c52-ef24-4b4b-8033-2c9dfdd173a2#z$20bf09b4-6d0b-4cd1-9c09-4231edf1209b$z$94f238bb-831c-11d6-977b-00c04f613221%z$94f238bc-831c-11d6-977b-00c04f613221&z$94f238bd-831c-11d6-977b-00c04f613221'z$94f238be-831c-11d6-977b-00c04f613221(z$94f238bf-831c-11d6-977b-00c04f613221)z$94f238c0-831c-11d6-977b-00c04f613221*z$eda27b47-e610-11d6-9793-00c04f613221+z$eda27b48-e610-11d6-9793-00c04f613221,z$eda27b49-e610-11d6-9793-00c04f613221-z$eda27b4a-e610-11d6-9793-00c04f613221.z$26d9c510-e61a-11d6-9793-00c04f613221/z$26d9c511-e61a-11d6-9793-00c04f6132210z$ea08c04c-f474-4212-b19e-5e754f9210d41z$4c0672a2-437c-4944-b953-5db8f111d6652z$4c022fd1-adab-4d84-a7f1-9580f03da8563z$c03b1f37-c240-4910-93c8-1544a452b4b54z$560cf82d-9572-48a3-9024-6f2b56f1f8665z$abd97102-88dd-4013-a009-0e2c2f967ff66z$134428a8-0043-48a6-bcda-63310d9ec4dd7z$d668ad1f-cedd-4565-ab02-9385926ce4f58z$8f86b825-c322-4101-adc4-579f12d445db9z$9fea28ff-387f-4d57-866d-3893c50f373f:z$782370ce-3d38-438d-8b0c-464220a3039d;z$002fb291-0d00-4b0c-8c00-fe7f50ce6f8d<z$dcb3c95d-deb7-4c51-ad13-43a7d5d06fc7=z$ef010a1e-bd88-48c8-a7af-2affd250d77d>z$bd3413c0-9559-469b-9f3d-51d7faabd81a?z$f814097b-3e3d-49ba-8a3a-092c25085f06@z$6eb8eaf9-3403-4ba5-8b4b-ce349a4680adAz$07e57d28-ad40-44fc-8334-8a0dc119b3f4Bz$6fd48655-1698-497a-ac8d-8267ce01c80bCz$10338d31-2423-4dff-b4b5-ef025144b01fDz$a96e2ed5-7a7c-4d5c-9d5d-965eca0051daEz$613bd063-e8e9-4a62-8f4c-cda566f7eb6fFz$2a858903-5696-4364-b4e5-4cac027ca7a6Gz$0fc5a978-0059-4b0a-9dc2-9896e8e389a1Hz$4d753a29-26ac-4d1a-bc80-311f947e4f0aIz$3b3adbdb-4485-4559-aed8-9811c4bf90e4Jz$56040c71-fe93-4037-8fe9-1a4d1a283009Kz$caa2bfad-0cca-483b-8d00-347f943292a8Lz$2b9e0609-6d75-498a-9727-c9fcc93f0e42Mz$96541a16-910a-4b66-acde-720a0dff03c7Nz$429a6334-1a00-4515-bf48-676deb55954aOz$21ae657c-6649-43c4-bbb3-7f184fdf58c1Pz$dca8f425-baae-47cd-b424-e3f6c76ed08bQz$a662b036-dbbe-4166-b4ba-21abea17f9ccRz$9d17b863-18c3-497d-9bde-45ddb95fcb65Sz$11c39bed-4bee-45f5-b195-8da0e05b573aTz$4664e973-cb20-4def-b3d5-559d6fe123e0Uz$2972d92d-a07a-44ac-9cb0-bf243356f345Vz$09a49cb3-6c54-4b83-ab20-8370838ba149Wz$77283e65-ce02-4dc3-8c1e-bf99b22527c2Xz$0afb7f53-96bd-404b-a659-89e65c269420Yz$c7f717ef-fdbe-4b4b-8dfc-fa8b839fbcfaZz$00232167-f3a4-43c6-b503-9acb7a81b01c[z$73a9515b-511c-44d2-822b-444a33d3bd33\z$e0c60003-2ed7-4fd3-8659-7655a7e79397]z$ed0c8cca-80ab-4b6b-ac5a-59b1d317e11f^z$b6a6c19a-afc9-476b-8994-61f5b14b3f05_z$defc28cd-6cb6-4479-8bcb-aabfb41e9713`z$d6bd96d4-e66b-4a38-9c6b-e976ff58c56daz$bb8efc40-3090-4fa2-8a3f-7cd1d380e695bz$2d6abe1b-4326-489e-920c-76d5337d2dc5cz$6b13dfb5-cecc-4fb8-b28d-0505cea24175dz$92e73422-c68b-46c9-b0d5-b55f9c741410ez$c0ad80b4-8e84-4cc4-9163-2f84649bcc42fz$992fe1d0-6591-4f24-a163-c820fcb7f308gz$ede85f96-7061-47bf-b11b-0c0d999595b5hz$ee0f3271-eb51-414a-bdac-8f9ba6397a39iz$587d52e0-507e-440e-9d67-e6129f33bb68jz$ce24f0f6-237e-43d6-ac04-1e918ab04aackz$7f77d431-dd6a-434f-ae4d-ce82928e498flz$ba14e1f6-7cd1-4739-804f-57d0ea74edf4mz$156ffa2a-e07c-46fb-a5c4-fbd84a4e5ccenz$7771d7dd-2231-4470-aa74-84a6f56fc3b6oz$49b2ae86-839a-4ea0-81fe-9171c1b98e83pz$1b1de989-57ec-4e96-b933-8279a8119da4qz$281c63f0-2c9a-4cce-9256-a238c23c0db9rz$4c47881a-f15a-4f6c-9f49-2742f7a11f4bsz$2aea2dc6-d1d3-4f0c-9994-66c1da21de0ftz$ae78240c-43b9-499e-ae65-2b6e0f0e202auz$261b5bba-3438-4d5c-a3e9-7b871e5f57f0vz$3fb79c05-8ea1-438c-8c7a-81f213aa61c2wz$0b2be39a-d463-4c23-8290-32186759d3b1xz$f0842b44-bc03-46a1-a860-006e8527fccdyz$93efec15-4dd9-4850-bc86-a1f2c8e2ebb9zz$9e108d96-672f-40f0-b6bd-69ee1f0b7ac4{z$1e269508-f862-4c4a-b01f-420d26c4ff8c}z$e1ab17ed-5efb-4691-ad2d-0424592c5755~z$0e848bd4-7c70-48f2-b8fc-00fbaa82e360z$016f23f7-077d-41fa-a356-de7cfdb01797z$49c140db-2de3-44c2-a99a-bab2e6d2ba81z$e0b11c80-62c5-47f7-ad0d-3734a71b8312z$2ada1a2d-b02f-4731-b4fe-59f955e24f71z$b83818c1-01a6-4f39-91b7-a3bb581c3ae3z$bbbb9db0-4009-4368-8c40-6674e980d3c3z$f754861c-3692-4a7b-b2c2-d0fa28ed0b0bz$d32f499f-3026-4af0-a5bd-13fe5a331bd2z$38618886-98ee-4e42-8cf1-d9a2cd9edf8bz$328092fb-16e7-4453-9ab8-7592db56e9c4z$3a1c887f-df0a-489f-b3f2-2d0409095f6ez$232e831f-f988-4444-8e3e-8a352e2fd411z$ddddcf0c-bec9-4a5a-ae86-3cfe6cc6e110z$a0a45aac-5550-42df-bb6a-3cc5c46b52f2z$3e7645f3-3ea5-4567-b35a-87630449c70cz$e634067b-e2c4-4d79-b6e8-73c619324d5e) rr|c eZdZy)ForestUpdateExceptionN)__name__ __module__ __qualname__5/usr/lib/python3/dist-packages/samba/forest_update.pyrrsrrceZdZdZ ddZ ddZdZddZdZdZ d Z d Z d Z d Z d ZdZdZdZdZdZdZdZdZdZdZdZdZy) ForestUpdatez2Check and update a SAM database for forest updatescPddlm}||_||_||_||_d|_|jj|_|jj|_ |jj|_ tj||_ tj|j!|_|jj|_ |j$j'd|jj|_ |j.j'di|_|t3d|j0 y #t(j*$r t-dwxYw#t(j*$r t-dwxYw) a :param samdb: LDB database :param verbose: Show the ldif changes :param fix: Apply the update if the container is missing :param add_update_container: Add the container at the end of the change :raise ForestUpdateException: r)read_ms_markdownFzCN=Operations,CN=ForestUpdatesz+Failed to add forest update container childz)CN=ActiveDirectoryUpdate,CN=ForestUpdatesz#Failed to add revision object childz/adprep/WindowsServerDocs/Forest-Wide-Updates.md)out_dictN) samba.ms_forest_updates_markdownrsamdbfixverboseadd_update_containercheck_update_appliedget_config_basedn config_dn domain_dnget_schema_basedn schema_dnrSDUtilsrdom_sidget_domain_sid domain_sidforestupdate_container add_childldbLdbErrorrrevision_object stored_ldifr)selfrrrrrs r__init__zForestUpdate.__init__s` F  $8!$)!557--/557 ((/ "**5+?+?+AB&*jj&B&B&D# W  ' ' 1 12R S $zz;;= O  * *+V W $UV"&"2"2 4|| W'(UV V W || O'(MN N Os)E$$F$FF%Nc|jj|jdgtj}t |}|rt |}|dz }nt }|j||t|}t|ddd}|rV||krP|jstd||fz|jjdt|j|fzyyy)a Apply all updates for a given old and new functional level :param functional_level: constant :param old_functional_level: constant :param update_revision: modify the stored version :raise ForestUpdateException: revision)baseattrsscoperzERevision is not high enough. Fix is set to False. Expected: %dGot: %dz:dn: %s changetype: modify replace: revision revision: %d N)rsearchrr SCOPE_BASEfunctional_level_to_max_update MIN_UPDATEcheck_updates_rangefunctional_level_to_versionintrr modify_ldifstr) rfunctional_levelold_functional_levelupdate_revisionresexpected_update min_updateexpected_version found_versions rcheck_updates_functional_levelz+ForestUpdate.check_updates_functional_levelsjjT%9%9'1l#.. J99IJ 78LMJ !OJ#J   _=67GHCF:.q12 }/??88+-DGWGTGV-VWW JJ " "$ D !#34 $5 6 @?rcv|D]}|tks |tkDr tdd|cxkrdkrnn|j|@d|cxkrdkrnn|j|`d|cxkrdkrnn|j|d|cxkrd krnn|j|t |d |z|y ) z Apply a list of updates which must be within the valid range of updates :param iterator: Iterable specifying integer update numbers to apply :raise ForestUpdateException: Update number invalid.rXr[r_rrrrr operation_%dN)r MAX_UPDATEroperation_ldifgetattr)riteratorops rcheck_updates_iteratorz#ForestUpdate.check_updates_iterators  7BJ"z/+,DEER~2~##B'rS##B'!c!##B'!c!##B'3nr1226 7rc|}|tks||kDs |tkDr td||kr|tvrnd|cxkrdkrnn|j |nud|cxkrdkrnn|j |nUd|cxkrdkrnn|j |n5d|cxkrd krnn|j |nt |d |z||d z }||kry y ) z Apply a range of updates which must be within the valid range of updates :param start: integer update to begin :param end: integer update to end (inclusive) :raise ForestUpdateException: rrXr[r_rrrrrrrN)rrrmissing_updatesrr)rstartendrs rrz ForestUpdate.check_updates_range/s : j0@'(@A ACi_$rR##B'rS##B'!c!##B'!c!##B'3nr1226 !GBCircddt|d|j} |jj|tj g}t|dk(sJtd|t|fzy#tj $r-}|j\}}|tjk7rYd}~yd}~wwxYw) zd :param op: Integer update number :return: True if update exists else False zCN=,)rrrNFrzSkip Forest Update %u: %sT) update_maprrrrrrargsERR_NO_SUCH_OBJECTlenprint)rr update_dnrenummsgs r update_existszForestUpdate.update_existsJs #-R.$2M2MN  **##*-..*,$.C3x1}} )RB,@@A|| JS#c,,,  s,A//B/#B**B/c|jjdt|dt|jdt d|t|fzy)zo Add the corresponding container object for the given update :param op: Integer update zdn: CN=rz objectClass: container zApplied Forest Update %u: %sN)radd_ldifrrrrrrs r update_addzForestUpdate.update_add^sH "~s46679 : ,JrN/CCDrcj|j|ryt|}||jvr|j|}n|j|jvr|j|j}nJ|j |jvr|j|j }nt d||fzt j|t|jt|jt|jd}|jrtd|zt| |jj||j(r|j+|yy#t j"$r.}|j$\}}|t j&k7r|Yd}~[d}~wwxYw)NTz#OPERATION %d: ldif for %s not found) CONFIG_DNFOREST_ROOT_DOMAIN SCHEMA_DNz!UPDATE (LDIF) ------ OPERATION %d)rrrlowerupperrsambasubstitute_varrrrrrrrrrrrERR_ATTRIBUTE_OR_VALUE_EXISTSrr)rrguidldifsub_ldifrrrs rrzForestUpdate.operation_ldifhss   b !"~ 4## ###D)D ZZ\T-- -##DJJL1D ZZ\T-- -##DJJL1D'(M)+T )34 4''/24>>/B/24>>/B/24>>/B /DE << 5: ; (O  JJ " "8 ,  $ $ OOB  % || JS#c777   s7E11F2$F--F2c8|jstd|zy)z Raises an exception if not set to fix. :param op: Integer operation :raise ForestUpdateException: z3Missing operation %d. Fix is currently set to FalseN)rrrs rraise_if_not_fixzForestUpdate.raise_if_not_fixs" xx'(]`b(bc crc4|j|ry|j|d}tj|jdt |j z}|jj|d|g|jr|j|yy)NY(OA;CIIO;WP;ea1b7b93-5e48-46d5-bc6c-4df4fda78a35;bf967a86-0de6-11d0-a285-00aa003049e2;PS)CN=Sam-Domain,%sdefaultSecurityDescriptor sddl_attradd_aces rrrDnrrrrupdate_aces_in_daclrrrracers r operation_88zForestUpdate.operation_88   b !  b!iFF4::'9Cr4s& *!.-  I.I.I. I . I . I.I.I.I.I.I.I.I.I.I .!I".#I$.%I&.'I(.)I*.+I,.-I../I0.1I2.3I4.5I6.7I8.9I:.;I<.=I>.?I@.AIB.CID.EIF.GIH.IIJ.KIL.MIN.OIP.QIR.SIT.UIV.WIX.YIZ.[I\.]I^._I`.aIb.cId.eIf.gIh.iIj.kIl.mIn.oIp.qIr.sIt.uIv.wIx.yIz.{I|.}I~.I@.AIB.CID.EIF.GIH.IIJ.KIN.OIP.QIR.SIT.UIV.WIZ.[I\.]I^._I`.aIb.cId.eIf.gIh.iIj.kIl.mIn.oIp.qIr.sIt.uIv.wIx.yIz /{I| /}I~ /I@ /AIB /CID /EIF /GIH /IIJ /KIL /MIN /OIP /QIR /SIT /UIV /WIX /YIZ /[I\ /]I^ /_I` /aIb /cId /eIf /gIh /iIj /kIl /mIn /oIp /qIr /sIt /uIx 0 / / / / / / / / / / /QI XRSS "QRR % I Y 6Y r