From 0111773310ea1ef63ab0d7b256f29aa7e27b545b Mon Sep 17 00:00:00 2001 From: Rowland Penny Date: Mon, 16 Nov 2015 16:22:31 +0000 Subject: [PATCH] samba-tool:provision: fix bug 11600 If you join a second DC after changing the name of the 'Default Domain Policy' or 'Default Domain Controllers Policy' the join will fail as the search is hardcoded to these names, this fix changes the search to the objects name. BUG: https://bugzilla.samba.org/show_bug.cgi?id=11600 Signed-off-by: Rowland Penny Reviewed-by: Michael Adam Reviewed-by: Andreas Schneider Autobuild-User(master): Michael Adam Autobuild-Date(master): Sat Nov 21 04:44:58 CET 2015 on sn-devel-104 --- python/samba/provision/__init__.py | 11 +++++------ 1 file changed, 5 insertions(+), 6 deletions(-) diff --git a/python/samba/provision/__init__.py b/python/samba/provision/__init__.py index 953bd0f3bd3..b36a7d2a7c9 100644 --- a/python/samba/provision/__init__.py +++ b/python/samba/provision/__init__.py @@ -276,16 +276,15 @@ def find_provision_key_parameters(samdb, secretsdb, idmapdb, paths, smbconf, names.domainlevel = int(res6[0]["msDS-Behavior-Version"][0]) # policy guid - res7 = samdb.search(expression="(displayName=Default Domain Policy)", + res7 = samdb.search(expression="(name={%s})" % DEFAULT_POLICY_GUID, base="CN=Policies,CN=System," + basedn, scope=ldb.SCOPE_ONELEVEL, attrs=["cn","displayName"]) names.policyid = str(res7[0]["cn"]).replace("{","").replace("}","") # dc policy guid - res8 = samdb.search(expression="(displayName=Default Domain Controllers" - " Policy)", - base="CN=Policies,CN=System," + basedn, - scope=ldb.SCOPE_ONELEVEL, - attrs=["cn","displayName"]) + res8 = samdb.search(expression="(name={%s})" % DEFAULT_DC_POLICY_GUID, + base="CN=Policies,CN=System," + basedn, + scope=ldb.SCOPE_ONELEVEL, + attrs=["cn","displayName"]) if len(res8) == 1: names.policyid_dc = str(res8[0]["cn"]).replace("{","").replace("}","") else: -- 2.34.1