IdQddlZddlmZddlZddlmZddlmZmZddl m Z ddl Zddl m Z mZmZmZddlmZdZdZd ZGd d e ZGd d e ZGdde ZGddeZy)N)LdbError)drsuapimisc)system_session)Command CommandError SuperCommandOption)SamDBcD |j|tjdg}d|dvr0tj||dddjd}|Sd}|S#t$r6}|j\}}|tj k(rt d|zd}~wwxYw)znGets the owner of an FSMO role :param roledn: The DN of the FSMO role :param role: The FSMO role fSMORoleOwnerscopeattrsz+The '%s' role is not present in this domainNrutf8) searchldb SCOPE_BASErargsERR_NO_SUCH_OBJECTrDndecode)samdbrolednrolerese7nummsg master_owners 3/usr/lib/python3/dist-packages/samba/netcmd/fsmo.pyget_fsmo_roleownerr"$s ll6!$7HJ#a& uc!f_&=a&@&G&G&OP    WW c #(( (LtST T s#A B)1BBc |dk(r|j}d|z}n-|dk(r(tj|j}d|z}|j }|j dgt jdg} d| dvr ttjt j|| dddjd jd } tt j|| dddjd } n|j#d|zy|dk(r9| d|j%}|j'd|j%}n=|dk(r8| d|j}|j'd|j}|j)}k7rH|j+}|j-|d}t/d|zt1||}t j2}t j|||_t j6| t j8d|d<t j6|t j:d|d< |j=| tj>jA|||} |d}|d}tDjF}|dd}tj>jI||| |||j#d|zy|j#d|zy#t$r/} | j\} }t!d | dddd |d d} ~ wwxYw#t$r%}|j\} }t!d|d|d}~wwxYw#tj>jB$r}t!d|d}~wwxYw#tj>jB$r}t!d|d}~wwxYw) zTransfer dns FSMO role. domaindns$CN=Infrastructure,DC=DomainDnsZones, forestdns$CN=Infrastructure,DC=ForestDnsZones,r zextended_dn:1:1)rrcontrolsrrGUIDz"No GUID found in naming master DN z : z Nz0* The '%s' role does not have an FSMO roleowner Fz._msdcs.Tfallback_machinez ldap://%surl session_info credentialslpfSMORoleOwner_DelfSMORoleOwner_AddzFailed to add role 'z': zDrsuapi Connect failedzReplication failed&FSMO transfer of '%s' role successful 'This DC already has the '%s' FSMO role )% domain_dnsambadn_from_dns_nameforest_dns_name host_dns_namerrrstrrr)rrget_extended_componentrrrwritedomain_dns_name get_ntds_GUIDget_dsServiceName get_loadparmget_credentialsr rMessagednMessageElementFLAG_MOD_DELETE FLAG_MOD_ADDmodify drs_utilsdrsuapi_connect drsExceptionrDRSUAPI_DRS_WRIT_REPsendDsReplicaSync)outf sambaoptscredoptsrrr7 role_object forest_dnnew_host_dns_namer master_guidr e3rrmaster_dns_name new_dns_name new_ownerr0credsme5 connectionedrsuapi_connectiondrsuapi_handle req_optionsNCestrs r!transfer_dns_rolerd;s {OO% ).)>)>)@B  ,7,1,A,A,CE).)<)<)>).)>)>)@B '')I,&  # # %((d(C+9#1#3"'B0 KKMvve[)!$!3!3L474G4G4C"E "%!3!3I474D4D4C"E  L LLO  <889J9;UDJ ;!+A ']N!66KRS!B OO - -.@.<.9.0+ ? >NN4# N//N47O% O  O%c(|j}d|z}d|jz}d|z}t|j}t j ||j }t j} t j |d| _|dk(r7t|||} t jdtjd| d<n5|dk(rtt|||} |j|tjd g } t| d k(sJ| d d d } t j| tjd | d <n|dk(r6t|||} t jdtjd| d<n|dk(r6t|||} t jdtjd| d<nF|dk(r6t|||} t jdtjd| d<n td| |j!d|zy| |k7r' |j#| |j!d|zy|j!d|zy#t$$r%} | j&\}}td|d|d} ~ wwxYw)zTransfer standard FSMO role. CN=RID Manager$,CN=System,CN=Partitions,%sCN=Infrastructure,rid1becomeRidMasterpdc objectSidrr3r becomePdcnamingbecomeDomainMasterinfrastructurebecomeInfrastructureMasterschemabecomeSchemaMasterInvalid FSMO role.NzECannot transfer, no DC assigned to the %s role. Try 'seize' instead Fz Transfer of 'z' role failed: r5Tr6)r7get_config_basednr<get_schema_basednrrrArDrEr"rFFLAG_MOD_REPLACErrlenrr>rIrr)rOrrr7rid_dn naming_dninfrastructure_dn schema_dnrYr[r rside6rrs r! transfer_rolers!I )I 5F"U%<%<%>>I,y8E++-.Iue5578I A 66% AD u})%> "11 %%    )%DA ll9!$ }F3x1}}!f[!!$++ %% +  )%DA "%"4"4 %% #"  ! !)%1BDI *-*<*< %% (+* &'  )%DA "%"4"4 %% #" /00 [^bbcy  , LLO rFrytransaction_startrIcreate_own_rid_setrrERR_ENTRY_ALREADY_EXISTStransaction_canceltransaction_commit) selfrrforce serviceNamer7r[seizer e1rrr^s r! seize_rolezcmd_fsmo_seize.seize_roles--/ OO% !5 !A+e.E.E.GGU44672Y> KKM 5=66%-AD U]66%+AD X 66%0AD % %66%!7!78AD X 66%0AD34 4)%t<  #{*=LL!9:$%diiu=  %LM#  J $!%&E   LL2T9 :!$!3!3S11"!Ao   # # % 4 Q5=,,.0  $ $ & IIOOBTI JM!&J $ %HI0 4WW c5=SC,H,H%H ,,.++-8 Q#8%&VV c002*,0#,7888,,.&(,c(344( 4sI I<&&J<J M&AM!'K98M!9 L70L22L77$M!!M&c|j}|j}tj|j } d|z|_d| z|_tj} |dk(r&tj||j | _ n6|dk(r&tj||j | _ n tdd} t|| j|} | c| |k7r?|^|jd t|j|||||jd y |jj!d |zyd } || rm|jd |ztj"|tj$d| d< |j'| |jj!d|zy y#d } |jd YxYw#t($r%} | j*\}}td|d|d} ~ wwxYw)zSeize DNS FSMO role. r%r'r$r&rvFNrz&Transfer successful, not seizing role Trr6rr rrr)rAr7r8r9r: domaindns_dn forestdns_dnrrDrrErr"rrdrOr>rFryrIrr)rrrrQrPrrrr7rSr[rr e2rrs r!seize_dns_rolezcmd_fsmo_seize.seize_dns_roleNs--/ OO% **5+@+@+BC BYNBYN KKM ; 66%!2!23AD [ 66%!2!23AD34 4)%t<  #{*=LL!9: $)$))Y$*/1 %NO#  J $!%&E   LL2T9 :!$!3!3S11"!Ao  0 Q IIOOBTI J!&J $ %HI$ 0WW c"$(#$/00 0s$F?G?G H" HHNc|j}|j|d}t|t||} |dk(r|j d| ||j d| ||j d| ||j d| ||j d | ||j d | |||||j d | ||||y|d k(s|d k(r|j || ||||y|j || |y NTr*r,rrjrmrprrrtr$r&)rBrCr rrr rrrrrQrPrr0rZrs r!runzcmd_fsmo_seize.runs  # # %((d(C!.*:"'B0 5= OOE5% 0 OOE5% 0 OOHeU 3 OO,eU ; OOHeU 3    UHi +U 4    UHi +U 4{"dk&9##D%9$/8eU3NNNNNN)__name__ __module__ __qualname____doc__synopsisoptions SambaOptionsCredentialsOptionsVersionOptionstakes_optiongroupsr r< takes_options takes_argsrrrrr!rrs H))..-- tW#JS 2yK" $ xh1f 0 1 M(JWr7r,07;4rrceZdZdZdZej ejejdZ e ddde dd gZ gZ d d Zy ) cmd_fsmo_showzShow the roles.rrrrrrrrNc |j}|j|d}t|t||}|j }t j |j} d|z} d|jz} |j} d|z} d|z}d| z}| d d f| d d f| d df|ddf| ddf|ddf|ddfg}|D]L}|\}}} t|||}| |j|dt|n|jd|zNy#t$r*}|j|d|jYd}~~d}~wwxYw)NTr*r,rhrgrfr%r'rtSchemaMasterRolerrInfrastructureMasterRolerjRidAllocationMasterRolermPdcEmulationMasterRolerpDomainNamingMasterRoler$DomainDnsZonesMasterRoler&ForestDnsZonesMasterRolez owner: z%s has no current ownerz: * )rBrCr rr7r8r9r:rwrxr"rr<r)rrrQrPrr0rZrr7rSr}r|r~r{rrmastersmasterrE short_name long_namer^s r!rzcmd_fsmo_show.runs  # # %((d(C!.*:"'B0OO% **5+@+@+BC 09<&)@)@)BB ++- - 9= I = I x);<%'79STE#<=u&>?x)AB +/IJ +/IJ  BF*0 'RY B+E2zB%LL9c&k!JKLL!:i!HI B  B 9aii@AA BsAD E EE)NNNNrrrrrrrrrrr r<rrrrrr!rrs[ H))..-- tW#JS 2M J"BrrceZdZdZdZej ejejdZ e ddde dd e d d gd d gZ gZ ddZy)cmd_fsmo_transferzTransfer the role.rrrrrrrrrrrrrNcD|j}|j|d}t|t||} |dk(rt |j d| t |j d| t |j d| t |j d| t |j d | t |j ||d | t |j ||d | y|d k(s|d k(rt |j |||| yt |j || yr)rBrCr rrrOrdrs r!rzcmd_fsmo_transfer.runs # # %((d(C!.*:"'B0 5= $))UE 2 $))UE 2 $))Xu 5 $))%5u = $))Xu 5 diiH)5 2 diiHk# %{"dk&9!$))Y$Ndiiu5rrrrrr!rrsw H))..-- tW#JS 2xh1f 0 1M"J+/7;6rrcPeZdZdZiZeed<eed<eed<y)cmd_fsmoz:Flexible Single Master Operations (FSMO) roles management.rshowtransferN)rrrr subcommandsrrrrrr!rrs0DK)+K'/K/1K rr)r8 samba.getoptgetoptrrr samba.dcerpcrr samba.authrsamba.drs_utils samba.netcmdrrr r samba.samdbr r"rdrrrrrrrr!rst(  &% .Wt<~K4WK4\4BG4Bn5656p2|2r