source4/scripting/devel/pfm_verify.py

   1 #!/usr/bin/env python
   2 # -*- coding: utf-8 -*-
   3 #
   4 # script to verify cached prefixMap on remote
   5 # server against the prefixMap stored in Schema NC
   6 #
   7 # Copyright (C) Kamen Mazdrashki <kamenim@samba.org> 2010
   8 #
   9 # This program is free software; you can redistribute it and/or modify
  10 # it under the terms of the GNU General Public License as published by
  11 # the Free Software Foundation; either version 3 of the License, or
  12 # (at your option) any later version.
  13 #
  14 # This program is distributed in the hope that it will be useful,
  15 # but WITHOUT ANY WARRANTY; without even the implied warranty of
  16 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
  17 # GNU General Public License for more details.
  18 #
  19 # You should have received a copy of the GNU General Public License
  20 # along with this program.  If not, see <http://www.gnu.org/licenses/>.
  21 #
  22
  23 from __future__ import print_function
  24 import os
  25 import sys
  26 from optparse import OptionParser
  27
  28 sys.path.insert(0, "bin/python")
  29
  30 import samba
  31 import samba.getopt as options
  32 from ldb import SCOPE_BASE, SCOPE_SUBTREE
  33 from samba.dcerpc import drsuapi, misc, drsblobs
  34 from samba.drs_utils import drs_DsBind
  35 from samba.samdb import SamDB
  36 from samba.auth import system_session
  37 from samba.ndr import ndr_pack, ndr_unpack
  38
  39
  40 def _samdb_fetch_pfm(samdb):
  41     """Fetch prefixMap stored in SamDB using LDB connection"""
  42     res = samdb.search(base=samdb.get_schema_basedn(), expression="", scope=SCOPE_BASE, attrs=["*"])
  43     assert len(res) == 1
  44     pfm = ndr_unpack(drsblobs.prefixMapBlob,
  45                      str(res[0]['prefixMap']))
  46
  47     pfm_schi = _samdb_fetch_schi(samdb)
  48
  49     return (pfm.ctr, pfm_schi)
  50
  51 def _samdb_fetch_schi(samdb):
  52     """Fetch schemaInfo stored in SamDB using LDB connection"""
  53     res = samdb.search(base=samdb.get_schema_basedn(), expression="", scope=SCOPE_BASE, attrs=["*"])
  54     assert len(res) == 1
  55     if 'schemaInfo' in res[0]:
  56         pfm_schi = ndr_unpack(drsblobs.schemaInfoBlob,
  57                               str(res[0]['schemaInfo']))
  58     else:
  59         pfm_schi = drsblobs.schemaInfoBlob()
  60         pfm_schi.marker = 0xFF;
  61     return pfm_schi
  62
  63 def _drs_fetch_pfm(server, samdb, creds, lp):
  64     """Fetch prefixMap using DRS interface"""
  65     binding_str = "ncacn_ip_tcp:%s[print,seal]" % server
  66
  67     drs = drsuapi.drsuapi(binding_str, lp, creds)
  68     (drs_handle, supported_extensions) = drs_DsBind(drs)
  69     print("DRS Handle: %s" % drs_handle)
  70
  71     req8 = drsuapi.DsGetNCChangesRequest8()
  72
  73     dest_dsa = misc.GUID("9c637462-5b8c-4467-aef2-bdb1f57bc4ef")
  74     replica_flags = 0
  75
  76     req8.destination_dsa_guid = dest_dsa
  77     req8.source_dsa_invocation_id = misc.GUID(samdb.get_invocation_id())
  78     req8.naming_context = drsuapi.DsReplicaObjectIdentifier()
  79     req8.naming_context.dn = unicode(samdb.get_schema_basedn())
  80     req8.highwatermark = drsuapi.DsReplicaHighWaterMark()
  81     req8.highwatermark.tmp_highest_usn = 0
  82     req8.highwatermark.reserved_usn = 0
  83     req8.highwatermark.highest_usn = 0
  84     req8.uptodateness_vector = None
  85     req8.replica_flags = replica_flags
  86     req8.max_object_count = 0
  87     req8.max_ndr_size = 402116
  88     req8.extended_op = 0
  89     req8.fsmo_info = 0
  90     req8.partial_attribute_set = None
  91     req8.partial_attribute_set_ex = None
  92     req8.mapping_ctr.num_mappings = 0
  93     req8.mapping_ctr.mappings = None
  94
  95     (level, ctr) = drs.DsGetNCChanges(drs_handle, 8, req8)
  96     pfm = ctr.mapping_ctr
  97     # check for schemaInfo element
  98     pfm_it = pfm.mappings[-1]
  99     assert pfm_it.id_prefix == 0
 100     assert pfm_it.oid.length == 21
 101     s = ''
 102     for x in pfm_it.oid.binary_oid:
 103         s += chr(x)
 104     pfm_schi = ndr_unpack(drsblobs.schemaInfoBlob, s)
 105     assert pfm_schi.marker == 0xFF
 106     # remove schemaInfo element
 107     pfm.num_mappings -= 1
 108     return (pfm, pfm_schi)
 109
 110 def _pfm_verify(drs_pfm, ldb_pfm):
 111     errors = []
 112     if drs_pfm.num_mappings != ldb_pfm.num_mappings:
 113         errors.append("Different count of prefixes: drs = %d, ldb = %d"
 114                       % (drs_pfm.num_mappings, ldb_pfm.num_mappings))
 115     count = min(drs_pfm.num_mappings, ldb_pfm.num_mappings)
 116     for i in range(0, count):
 117         it_err = []
 118         drs_it = drs_pfm.mappings[i]
 119         ldb_it = ldb_pfm.mappings[i]
 120         if drs_it.id_prefix != ldb_it.id_prefix:
 121             it_err.append("id_prefix")
 122         if drs_it.oid.length != ldb_it.oid.length:
 123             it_err.append("oid.length")
 124         if drs_it.oid.binary_oid != ldb_it.oid.binary_oid:
 125             it_err.append("oid.binary_oid")
 126         if len(it_err):
 127             errors.append("[%2d] differences in (%s)" % (i, it_err))
 128     return errors
 129
 130 def _pfm_schi_verify(drs_schi, ldb_schi):
 131     errors = []
 132     print(drs_schi.revision)
 133     print(drs_schi.invocation_id)
 134     if drs_schi.marker != ldb_schi.marker:
 135         errors.append("Different marker in schemaInfo: drs = %d, ldb = %d"
 136                       % (drs_schi.marker, ldb_schi.marker))
 137     if drs_schi.revision != ldb_schi.revision:
 138         errors.append("Different revision in schemaInfo: drs = %d, ldb = %d"
 139                       % (drs_schi.revision, ldb_schi.revision))
 140     if drs_schi.invocation_id != ldb_schi.invocation_id:
 141         errors.append("Different invocation_id in schemaInfo: drs = %s, ldb = %s"
 142                       % (drs_schi.invocation_id, ldb_schi.invocation_id))
 143     return errors
 144
 145 ########### main code ###########
 146 if __name__ == "__main__":
 147     # command line parsing
 148     parser = OptionParser("pfm_verify.py [options] server")
 149     sambaopts = options.SambaOptions(parser)
 150     parser.add_option_group(sambaopts)
 151     credopts = options.CredentialsOptionsDouble(parser)
 152     parser.add_option_group(credopts)
 153
 154     (opts, args) = parser.parse_args()
 155
 156     lp = sambaopts.get_loadparm()
 157     creds = credopts.get_credentials(lp)
 158
 159     if len(args) != 1:
 160         import os
 161         if not "DC_SERVER" in os.environ.keys():
 162             parser.error("You must supply a server")
 163         args.append(os.environ["DC_SERVER"])
 164
 165     if creds.is_anonymous():
 166         parser.error("You must supply credentials")
 167         pass
 168
 169     server = args[0]
 170
 171     samdb = SamDB(url="ldap://%s" % server,
 172                   session_info=system_session(lp),
 173                   credentials=creds, lp=lp)
 174
 175     exit_code = 0
 176     (drs_pfm, drs_schi) = _drs_fetch_pfm(server, samdb, creds, lp)
 177     (ldb_pfm, ldb_schi) = _samdb_fetch_pfm(samdb)
 178     # verify prefixMaps
 179     errors = _pfm_verify(drs_pfm, ldb_pfm)
 180     if len(errors):
 181         print("prefixMap verification errors:")
 182         print("%s" % errors)
 183         exit_code = 1
 184     # verify schemaInfos
 185     errors = _pfm_schi_verify(drs_schi, ldb_schi)
 186     if len(errors):
 187         print("schemaInfo verification errors:")
 188         print("%s" % errors)
 189         exit_code = 2
 190
 191     if exit_code != 0:
 192         sys.exit(exit_code)