samba_tool/fsmo: Allocate RID Set when seizing RID manager

Seizing the role without allocating a RID set for itself is likely prone
to cause issues.

Pair-programmed-with: Clive Ferreira <cliveferreira@catalyst.net.nz>

Signed-off-by: Clive Ferreira <cliveferreira@catalyst.net.nz>
Signed-off-by: Garming Sam <garming@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
BUG: https://bugzilla.samba.org/show_bug.cgi?id=9954

Autobuild-User(master): Garming Sam <garming@samba.org>
Autobuild-Date(master): Fri Nov  4 08:37:05 CET 2016 on sn-devel-144

diff --git a/python/samba/netcmd/fsmo.py b/python/samba/netcmd/fsmo.py
index 13516549392a792ca9425c44a43dcf18a43662c0..62b3e438e18d380ea068424c22576d6cde3ee251 100644 (file)
--- a/python/samba/netcmd/fsmo.py
+++ b/python/samba/netcmd/fsmo.py
@@ -295,12 +295,37 @@ You must provide an Admin user and password."""),
             m["fSMORoleOwner"]= ldb.MessageElement(
                 serviceName, ldb.FLAG_MOD_REPLACE,
                 "fSMORoleOwner")
+
+            samdb.transaction_start()
             try:
                 samdb.modify(m)
+                if role == "rid":
+                    # We may need to allocate the initial RID Set
+                    samdb.create_own_rid_set()
+
             except LdbError, (num, msg):
-                raise CommandError("Failed to seize '%s' role: %s" %
-                                   (role, msg))
+                if role == "rid" and num == ldb.ERR_ENTRY_ALREADY_EXISTS:
+
+                    # Try again without the RID Set allocation
+                    # (normal).  We have to manage the transaction as
+                    # we do not have nested transactions and creating
+                    # a RID set touches multiple objects. :-(
+                    samdb.transaction_cancel()
+                    samdb.transaction_start()
+                    try:
+                        samdb.modify(m)
+                    except LdbError, (num, msg):
+                        samdb.transaction_cancel()
+                        raise CommandError("Failed to seize '%s' role: %s" %
+                                           (role, msg))
+
+                else:
+                    samdb.transaction_cancel()
+                    raise CommandError("Failed to seize '%s' role: %s" %
+                                       (role, msg))
+            samdb.transaction_commit()
             self.outf.write("FSMO seize of '%s' role successful\n" % role)
+
             return True
 
     def seize_dns_role(self, role, samdb, credopts, sambaopts,

diff --git a/selftest/knownfail b/selftest/knownfail
index a494ec0f3247a40cc14bf1f36f0b5df7ababeb80..ddfe0ada71dd64019156eb055f1757b684f0b836 100644 (file)
--- a/selftest/knownfail
+++ b/selftest/knownfail
@@ -307,7 +307,6 @@
 ^samba4.rpc.echo.*on.*with.object.echo.addone.*nt4_dc
 ^samba4.rpc.echo.*on.*ncacn_ip_tcp.*with.object.*nt4_dc
 ^samba4.drs.ridalloc_exop.python.*ridalloc_exop.DrsReplicaSyncTestCase.test_offline_ridalloc
-^samba4.drs.ridalloc_exop.python.*ridalloc_exop.DrsReplicaSyncTestCase.test_offline_samba_tool_seized_ridalloc
 ^samba4.drs.ridalloc_exop.python.*ridalloc_exop.DrsReplicaSyncTestCase.test_join_time_ridalloc
 ^samba4.drs.ridalloc_exop.python.*ridalloc_exop.DrsReplicaSyncTestCase.test_rid_set_dbcheck_after_seize
 ^samba4.drs.ridalloc_exop.python.*ridalloc_exop.DrsReplicaSyncTestCase.test_rid_set_dbcheck
\ No newline at end of file