IdIddlZddlZddlmZddlmZddlmZddlmZm Z ddl m Z m Z m Z mZmZmZGddeZd Zdd Zd Z dd Z dd ZdZdZy)N)LdbError)werror) ndr_unpack)miscdnsp) DNS_TYPE_NS DNS_TYPE_A DNS_TYPE_AAAADNS_TYPE_CNAME DNS_TYPE_SRV DNS_TYPE_PTRceZdZdZdZdZy)DemoteExceptionzBase element for demote errorsc||_yNvalue)selfrs 1/usr/lib/python3/dist-packages/samba/remove_dc.py__init__zDemoteException.__init__ s  c d|jzS)NzDemoteException: r)rs r__str__zDemoteException.__str__#s"TZZ//rN)__name__ __module__ __qualname____doc__rrrrrrs(0rrc |j}dd|zfD]}tj||} |j|j  |jd|jdd| |jd |z|j|d D]}tj||} |j|j |jd|jdd| |jd |z|j|y#tj $r t d|d|j wxYw#tj $rt d|zwxYw#tj $r/}|j\}}|tjk(rnYd}~d}~wwxYw#tj $r t d|d|jwxYw#tj $rt d|d |d wxYw#tj $r/} | j\}}|tjk(rnYd} ~ d} ~ wwxYw) Nz3CN=Enterprise,CN=Microsoft System Volumes,CN=Systemz+CN=%s,CN=Microsoft System Volumes,CN=SystemzFailed constructing DN z by adding base zCN=Xz.Failed constructing DN %s by adding child CN=XrCNzRemoving Sysvol reference: %s)zMCN=Domain System Volumes (SYSVOL share),CN=File Replication Service,CN=SystemzDCN=Topology,CN=Domain System Volume,CN=DFSR-GlobalSettings,CN=Systemz% by adding child CN=X (soon to be CN=))domain_dns_nameldbDnadd_baseget_config_basednrr add_child set_componentinfodeleteargsERR_NO_SUCH_OBJECTget_default_basedn) samdbloggerdc_namerealmsdneenumestre1s rremove_sysvol_referencesr8'sm  ! ! #EC;eCE VVE1  E KK//1 2 * LL  D'*  KK7"< = LL '8VVVE1  F KK002 3 M LL  D'*  KK7"< = LL ')|| E!%')@)@)B#DE E E || *!"R%'#)* * *|| 66LT4s--- || F!%')A)A)C#EF F F || M!?A7#LM M M|| 77LT4s--- s_D'E7%F:GG=?%H&'3E"E?G$F??G3G:=&H#&I(9$I##I(c djdtjdgdg}t|dk(ry|j } j |\}j|gjdtjdg } t| d k(sJ| dd} fd tfd | D} fd } | D]} |j!d|zj |\}}t|}|Dcgc] }| |r |}}t||k7s^|j#d|t||t|z fzj||t|||y#t $r`}|j\}} |tjk(s|tjk(r|rt|||Yd}~ytd|d| d}~wwxYw#t $r>}|j\}} |tjk(rYd}~ytd|d| d}~wwxYwcc}w)Nz.(&(objectClass=dnsZone)(!(dc=RootDNSServers)))search_options:0:2)basescope expressionattrscontrolsrz lookup of z failed: namingContextsr=r?crtj|jjdddS)N/rCr)r#r$ canonical_strsplit)r3r.s rdns_name_from_dnz/remove_dns_references..dns_name_from_dns1 vveR ..066sA>qAArc3@K|]}t|ywr)str).0r3rHs r z(remove_dns_references..s 6Bs2w' 6sc|jtk(s|jtk(r<D]7}|j|jk(s|j|jk(s7yyNTF)wTyper r data) dnsRecordrec primary_recss ra_rec_to_removez.remove_dns_references..a_rec_to_removesP ??j (IOO},L# 99 /CHH 4N rz(checking for DNS records to remove on %s1updating %s keeping %d values, removing %s values)searchr# SCOPE_SUBTREElenupper dns_lookup RuntimeErrorr+r"WERR_DNS_ERROR_NAME_DOES_NOT_EXISTWERR_DNS_ERROR_RCODE_NAME_ERRORremove_hanging_dns_referencesr dns_replace SCOPE_BASEsetdebugr))r.r/ dnsHostNameignore_no_namezonesdnsHostNameUpperr3e4r5r6resncsa_names_to_remove_fromrTa_namea_rec_dna_recse2 orig_num_recsrrHrSs` @@rremove_dns_referencesrqbsG LLb(9(9$T!#7"8  :E 5zQ"((* O"--k:\ k2& ,,r ^^4D3E  GC s8q== a&! "CB  6# 6 6). N LLCfL M!&!1!1&!9 XvF #>?1+=!>> v;- ' KKKVmc&k.IJK L   ff -!.$"%1A5I  Oww t F== = F:: :-eV.>.35 ;MNN Ob N77LT4v@@@!vt"LM M  N?sI E7(G# H-H-7 G AG GG # H*,"H%H%%H*c <fd}|D]}|jd|jz|j|jtjddg}|D]} |d}|D cgc]$} || st tj| &} } t| t|k7sP|jd|jt| t|t| z fz|j|j| y#t $rYwxYwcc} w)Nc`ttj|}|jtk(s&|jt k(s|jt k(r|jjk(ryy|jtk(r(|jjjk(ryyrN) rrDnssrvRpcRecordrOrr r rPrYr nameTarget)rrQrfs r to_removez0remove_hanging_dns_references..to_removest33U; ??k )oo/oo-~~##%)99__ ,~~((..04DDrz checking %sz/(&(objectClass=dnsNode)(!(dNSTombstoned=TRUE)))rQ)r<r=r>r?rU) rbr3rVr#rWKeyErrorrrrtrXr)dns_replace_by_dn) r.r/rfrervzonerecordsrecord orig_valuesvvaluess ` rr^r^s( ; ]TWW,-,,DGG33D3D+:&1]4 ;F $[1 +@)A,!!5!5q9@F@6{c+.. O%yy#f+";/#f+=??@ '' 6:# ; ;  @sD ')D DDc$|jdtjdg}t|dk(sJ|ddd} |j|gdtjd} | d} t | d d} tj || d dj d } t | d d}|r|j|d g| |j| dgdtj}d|dvr9t |ddd}|jd|z|j|d|dvr9t |ddd}|jd|z|j||r'|jd| z|j| d gd | vrt | d d}|r|jdtj| d|dgtj|j}t|dk(r?|jd|djz|j|dj||r t||||rt||| yy#t$rd} YwxYw#t$rd}YwxYw)Nr: dsServiceNamerBrCr)serverReferencecnrcz(objectClass=server)r<r?r=r>rrutf8rc tree_delete:0zobjectclass=computer)msDS-KrbTgtLinkrIDSetReferencesrr<r>r?r=rzRemoving RID Set: %srzRemoving RODC KDC account: %sz5Removing computer account: %s (and any child objects)z(&(objectclass=user)(cn=dns-z)(servicePrincipalName=DNS/z)))r>r?r=r<z/Removing Samba-specific DNS service account: %s)rVr#r`rXrJr$decoderwr*r) binary_encoderWr-r3rqr8)r.r/ server_dnremove_computer_objremove_server_objremove_sysvol_objremove_dns_namesremove_dns_accountrhmy_serviceNamemsgsmsgr0 computer_dnrc computer_msgs rid_set_dnkrbtgt_link_dns roffline_remove_serverrs ,,r ^^O3D  FC s8q==VO,Q/N <> %; q!1 1]1-.@A!DEJ KK.; < LL $  a 0 0 q!12C!DQ!GHN KK7.H I LL (  KKOR]] ^ LL&7 8 C c-034Kll--g6 'E!#3+<+< % 8 8 :< s8q= KKICPQFIIU V LLQ ##3eV[9 8c    s$;+I.'J. I=<I= JJc  |jdtjdg} t| dk(sJtj|| dddj d} |j } | |k(rtd| z |j|dd gtj } t| dk(rt|d |j| d}|jjd k7s|jjdk7rtd|ztt j"|d d}|rd|j|j%d|z}|D];}|j'd|jz|j)|j=|r|jdtj*d|zdg}|D]}t-| }tj.}|j|_ tj0|tj2d|d<|j5d|jd| d|j7| |j'd|z|j)|dgt9||| ||||| y#t$r6}|j\}}|tjk(rtd |zd}~wwxYw#t$r"}|j\}}td|zd}~wwxYw)Nr:rrBrCrrz#Refusing to demote our own DSA: %s zobjectClass=ntdsDSA objectGUIDrzGiven DN %s doesn't existz is not an ntdsda in r z NTDS Settingsz)Given DN (%s) wasn't the NTDS Settings DNz5(&(objectclass=nTDSConnection)(fromServer=)))r<r>zRemoving nTDSConnection: %sz(fsmoRoleOwner=))r;)r<r=r>r@ fsmoRoleOwnerrzSeizing FSMO role on: z (now owned by r!z'Removing nTDSDSA: %s (and any children)rz,Failed to remove the DCs NTDS DSA object: %srrrrr)rVr#r`rXr$rparentrrr+r,r"r3 get_rdn_name get_rdn_valuerrGUIDr&r)r*rWrJMessageMessageElementFLAG_MOD_REPLACEwarningmodifyr)r.r/ntds_dnrrremove_connection_objseize_stale_fsmorrrrhrrre5r5r6r ntds_guidstale_connectionsconnstale_fsmo_rolesrolevalme6s roffline_remove_ntds_dcr)s ,,r ^^O3D  FC s8q==VVE3q6/#:1#=#D#DV#LMN I CnTUU||5J#/.H D Q!(%*?*?*ACD D q'C % /1I%&' '499c,&7&:;I"LLe.E.E.G5CEN5O)P& "D KK5? @ LL ! " <z(&(objectClass=server)(cn=%s)))r<r?r>zFailure checking if z is an server object in z: rz is not an AD DC in zCN=NTDS Settingsz(objectClass=ntdsdsa)rz is an NTDS DSA in Tr)rrrrrrr)transaction_startuuidUUID ValueErrorrVr&r#rrr+rr"rXtransaction_cancelr3r$r%r`r,rrtransaction_commit) r.r/r0rrr server_msgse3r5r6 ntds_msgse7s r remove_dcr~s`  I$II'*  )0 :LLgRs~~,C!E  I!    $ $ &!%,e.C.C.E#GH H eV'260404/315  7 uf(|37155904150426 8 } $ N,,E,C,C,E-/32),):):7)C3D'EK  N77LT4!%,e.C.C.Et#MN N N   !  $ $ &!%,e.C.C.E#GH HN%% && 23#)$4 :ww t 3)) )I  $ $ &!%//149: : :sNC#G G"8DG E$1EEA5GG IAH<<Ic^|jt||d|jyr)start_transactionrcommit_transaction)r.rs r offline_remove_dc_RemoveDsServerrs& 5'40 r)F)FFFFF)FFFFFFF)rr#rsambar samba.ndrr samba.dcerpcrrsamba.dcerpc.dnsprr r r r r Exceptionrr8rqr^rrrrrrrrs&  #//0i08vMJ`(;Z/4,1,1+0-2 I9^05-216,1-2,1.3RAjK\r