def run(self, sambaopts=None, credopts=None, server=None, targetdir=None, no_secrets=False, backend_store=None): logger = self.get_logger() logger.setLevel(logging.DEBUG) lp = sambaopts.get_loadparm() creds = credopts.get_credentials(lp) # Make sure we have all the required args. if server is None: raise CommandError('Server required') check_targetdir(logger, targetdir) tmpdir = tempfile.mkdtemp(dir=targetdir) # Run a clone join on the remote include_secrets = not no_secrets ctx = join_clone(logger=logger, creds=creds, lp=lp, include_secrets=include_secrets, server=server, dns_backend='SAMBA_INTERNAL', targetdir=tmpdir, backend_store=backend_store) # get the paths used for the clone, then drop the old samdb connection paths = ctx.paths del ctx # Get a free RID to use as the new DC's SID (when it gets restored) remote_sam = SamDB(url='ldap://' + server, credentials=creds, session_info=system_session(), lp=lp) new_sid = get_sid_for_restore(remote_sam, logger) realm = remote_sam.domain_dns_name() # Grab the remote DC's sysvol files and bundle them into a tar file sysvol_tar = os.path.join(tmpdir, 'sysvol.tar.gz') smb_conn = smb_sysvol_conn(server, lp, creds) backup_online(smb_conn, sysvol_tar, remote_sam.get_domain_sid()) # remove the default sysvol files created by the clone (we want to # make sure we restore the sysvol.tar.gz files instead) shutil.rmtree(paths.sysvol) # Edit the downloaded sam.ldb to mark it as a backup samdb = SamDB(url=paths.samdb, session_info=system_session(), lp=lp) time_str = get_timestamp() add_backup_marker(samdb, "backupDate", time_str) add_backup_marker(samdb, "sidForRestore", new_sid) add_backup_marker(samdb, "backupType", "online") # ensure the admin user always has a password set (same as provision) if no_secrets: set_admin_password(logger, samdb) # Add everything in the tmpdir to the backup tar file backup_file = backup_filepath(targetdir, realm, time_str) create_log_file(tmpdir, lp, "online", server, include_secrets) create_backup_tar(logger, tmpdir, backup_file) shutil.rmtree(tmpdir)
def run(self, sambaopts=None, credopts=None, server=None, targetdir=None): logger = self.get_logger() logger.setLevel(logging.DEBUG) # Make sure we have all the required args. check_online_backup_args(logger, credopts, server, targetdir) lp = sambaopts.get_loadparm() creds = credopts.get_credentials(lp) if not os.path.exists(targetdir): logger.info('Creating targetdir %s...' % targetdir) os.makedirs(targetdir) tmpdir = tempfile.mkdtemp(dir=targetdir) # Run a clone join on the remote ctx = join_clone(logger=logger, creds=creds, lp=lp, include_secrets=True, dns_backend='SAMBA_INTERNAL', server=server, targetdir=tmpdir) # get the paths used for the clone, then drop the old samdb connection paths = ctx.paths del ctx # Get a free RID to use as the new DC's SID (when it gets restored) remote_sam = SamDB(url='ldap://' + server, credentials=creds, session_info=system_session(), lp=lp) new_sid = get_sid_for_restore(remote_sam) realm = remote_sam.domain_dns_name() # Grab the remote DC's sysvol files and bundle them into a tar file sysvol_tar = os.path.join(tmpdir, 'sysvol.tar.gz') smb_conn = smb.SMB(server, "sysvol", lp=lp, creds=creds) backup_online(smb_conn, sysvol_tar, remote_sam.get_domain_sid()) # remove the default sysvol files created by the clone (we want to # make sure we restore the sysvol.tar.gz files instead) shutil.rmtree(paths.sysvol) # Edit the downloaded sam.ldb to mark it as a backup samdb = SamDB(url=paths.samdb, session_info=system_session(), lp=lp) time_str = get_timestamp() add_backup_marker(samdb, "backupDate", time_str) add_backup_marker(samdb, "sidForRestore", new_sid) # Add everything in the tmpdir to the backup tar file backup_file = backup_filepath(targetdir, realm, time_str) create_backup_tar(logger, tmpdir, backup_file) shutil.rmtree(tmpdir)
def test_backup_online(self): """ Backup service online, delete files, restore and check. """ ntacls.backup_online(self.smb_conn, self.tarfile_path, self.dom_sid) self._check_tarfile() self.smb_helper.delete_tree() ntacls.backup_restore(self.tarfile_path, self.service_root, self.samdb_conn, self.smb_conf_path) self._check_tree() # compare ntacls after restored self.assertDictEqual(self.original_ntacls, self.smb_helper.get_ntacls())
def test_backup_online(self): """ Backup service online, delete files, restore and check. """ ntacls.backup_online( self.smb_conn, self.tarfile_path, self.dom_sid) self._check_tarfile() self.smb_helper.delete_tree() ntacls.backup_restore( self.tarfile_path, self.service_root, self.samdb_conn, self.smb_conf_path) self._check_tree() # compare ntacls after restored self.assertDictEqual( self.original_ntacls, self.smb_helper.get_ntacls())
def run(self, new_domain_name, new_dns_realm, sambaopts=None, credopts=None, server=None, targetdir=None, keep_dns_realm=False, no_secrets=False): logger = self.get_logger() logger.setLevel(logging.INFO) # Make sure we have all the required args. check_online_backup_args(logger, credopts, server, targetdir) delete_old_dns = not keep_dns_realm new_dns_realm = new_dns_realm.lower() new_domain_name = new_domain_name.upper() new_base_dn = samba.dn_from_dns_name(new_dns_realm) logger.info("New realm for backed up domain: %s" % new_dns_realm) logger.info("New base DN for backed up domain: %s" % new_base_dn) logger.info("New domain NetBIOS name: %s" % new_domain_name) tmpdir = tempfile.mkdtemp(dir=targetdir) # setup a join-context for cloning the remote server lp = sambaopts.get_loadparm() creds = credopts.get_credentials(lp) include_secrets = not no_secrets ctx = DCCloneAndRenameContext(new_base_dn, new_domain_name, new_dns_realm, logger=logger, creds=creds, lp=lp, include_secrets=include_secrets, dns_backend='SAMBA_INTERNAL', server=server, targetdir=tmpdir) # sanity-check we're not "renaming" the domain to the same values old_domain = ctx.domain_name if old_domain == new_domain_name: shutil.rmtree(tmpdir) raise CommandError("Cannot use the current domain NetBIOS name.") old_realm = ctx.realm if old_realm == new_dns_realm: shutil.rmtree(tmpdir) raise CommandError("Cannot use the current domain DNS realm.") # do the clone/rename ctx.do_join() # get the paths used for the clone, then drop the old samdb connection del ctx.local_samdb paths = ctx.paths # get a free RID to use as the new DC's SID (when it gets restored) remote_sam = SamDB(url='ldap://' + server, credentials=creds, session_info=system_session(), lp=lp) new_sid = get_sid_for_restore(remote_sam) # Grab the remote DC's sysvol files and bundle them into a tar file. # Note we end up with 2 sysvol dirs - the original domain's files (that # use the old realm) backed here, as well as default files generated # for the new realm as part of the clone/join. sysvol_tar = os.path.join(tmpdir, 'sysvol.tar.gz') smb_conn = smb.SMB(server, "sysvol", lp=lp, creds=creds) backup_online(smb_conn, sysvol_tar, remote_sam.get_domain_sid()) # connect to the local DB (making sure we use the new/renamed config) lp.load(paths.smbconf) samdb = SamDB(url=paths.samdb, session_info=system_session(), lp=lp) # Edit the cloned sam.ldb to mark it as a backup time_str = get_timestamp() add_backup_marker(samdb, "backupDate", time_str) add_backup_marker(samdb, "sidForRestore", new_sid) add_backup_marker(samdb, "backupRename", old_realm) # fix up the DNS objects that are using the old dnsRoot value self.update_dns_root(logger, samdb, old_realm, delete_old_dns) # update the netBIOS name and the Partition object for the domain self.rename_domain_partition(logger, samdb, new_domain_name) if delete_old_dns: self.delete_old_dns_zones(logger, samdb, old_realm) logger.info("Fixing DN attributes after rename...") self.fix_old_dn_attributes(samdb) # ensure the admin user always has a password set (same as provision) if no_secrets: set_admin_password(logger, samdb, creds.get_username()) # Add everything in the tmpdir to the backup tar file backup_file = backup_filepath(targetdir, new_dns_realm, time_str) create_log_file( tmpdir, lp, "rename", server, include_secrets, "Original domain %s (NetBIOS), %s (DNS realm)" % (old_domain, old_realm)) create_backup_tar(logger, tmpdir, backup_file) shutil.rmtree(tmpdir)