# along with this program. If not, see <http://www.gnu.org/licenses/>.
#
+from __future__ import print_function
import os
import sys
from optparse import OptionParser
assert len(res) == 1
pfm = ndr_unpack(drsblobs.prefixMapBlob,
str(res[0]['prefixMap']))
- return pfm.ctr
+
+ pfm_schi = _samdb_fetch_schi(samdb)
+
+ return (pfm.ctr, pfm_schi)
+
+
+def _samdb_fetch_schi(samdb):
+ """Fetch schemaInfo stored in SamDB using LDB connection"""
+ res = samdb.search(base=samdb.get_schema_basedn(), expression="", scope=SCOPE_BASE, attrs=["*"])
+ assert len(res) == 1
+ if 'schemaInfo' in res[0]:
+ pfm_schi = ndr_unpack(drsblobs.schemaInfoBlob,
+ str(res[0]['schemaInfo']))
+ else:
+ pfm_schi = drsblobs.schemaInfoBlob()
+ pfm_schi.marker = 0xFF
+ return pfm_schi
+
def _drs_fetch_pfm(server, samdb, creds, lp):
"""Fetch prefixMap using DRS interface"""
binding_str = "ncacn_ip_tcp:%s[print,seal]" % server
drs = drsuapi.drsuapi(binding_str, lp, creds)
- drs_handle = drs_DsBind(drs)
- print "DRS Handle: %s" % drs_handle
+ (drs_handle, supported_extensions) = drs_DsBind(drs)
+ print("DRS Handle: %s" % drs_handle)
req8 = drsuapi.DsGetNCChangesRequest8()
pfm_it = pfm.mappings[-1]
assert pfm_it.id_prefix == 0
assert pfm_it.oid.length == 21
- assert pfm_it.oid.binary_oid[0] == 255
+ s = ''
+ for x in pfm_it.oid.binary_oid:
+ s += chr(x)
+ pfm_schi = ndr_unpack(drsblobs.schemaInfoBlob, s)
+ assert pfm_schi.marker == 0xFF
# remove schemaInfo element
pfm.num_mappings -= 1
- return pfm
+ return (pfm, pfm_schi)
+
def _pfm_verify(drs_pfm, ldb_pfm):
errors = []
errors.append("[%2d] differences in (%s)" % (i, it_err))
return errors
+
+def _pfm_schi_verify(drs_schi, ldb_schi):
+ errors = []
+ print(drs_schi.revision)
+ print(drs_schi.invocation_id)
+ if drs_schi.marker != ldb_schi.marker:
+ errors.append("Different marker in schemaInfo: drs = %d, ldb = %d"
+ % (drs_schi.marker, ldb_schi.marker))
+ if drs_schi.revision != ldb_schi.revision:
+ errors.append("Different revision in schemaInfo: drs = %d, ldb = %d"
+ % (drs_schi.revision, ldb_schi.revision))
+ if drs_schi.invocation_id != ldb_schi.invocation_id:
+ errors.append("Different invocation_id in schemaInfo: drs = %s, ldb = %s"
+ % (drs_schi.invocation_id, ldb_schi.invocation_id))
+ return errors
+
+
########### main code ###########
if __name__ == "__main__":
# command line parsing
- parser = OptionParser("getncchanges [options] server")
+ parser = OptionParser("pfm_verify.py [options] server")
sambaopts = options.SambaOptions(parser)
parser.add_option_group(sambaopts)
credopts = options.CredentialsOptionsDouble(parser)
if len(args) != 1:
import os
- if not "DC_SERVER" in os.environ.keys():
- parser.error("You must supply a server")
+ if "DC_SERVER" not in os.environ.keys():
+ parser.error("You must supply a server")
args.append(os.environ["DC_SERVER"])
if creds.is_anonymous():
server = args[0]
samdb = SamDB(url="ldap://%s" % server,
- session_info=system_session(),
+ session_info=system_session(lp),
credentials=creds, lp=lp)
- drs_pfm = _drs_fetch_pfm(server, samdb, creds, lp)
- ldb_pfm = _samdb_fetch_pfm(samdb)
+ exit_code = 0
+ (drs_pfm, drs_schi) = _drs_fetch_pfm(server, samdb, creds, lp)
+ (ldb_pfm, ldb_schi) = _samdb_fetch_pfm(samdb)
+ # verify prefixMaps
errors = _pfm_verify(drs_pfm, ldb_pfm)
if len(errors):
- print "prefixMap verification errors:"
- print "%s" % errors
- sys.exit(1)
+ print("prefixMap verification errors:")
+ print("%s" % errors)
+ exit_code = 1
+ # verify schemaInfos
+ errors = _pfm_schi_verify(drs_schi, ldb_schi)
+ if len(errors):
+ print("schemaInfo verification errors:")
+ print("%s" % errors)
+ exit_code = 2
+
+ if exit_code != 0:
+ sys.exit(exit_code)