def run(self, DC=None, sambaopts=None, credopts=None, versionopts=None, format=DEFAULT_SHOWREPL_FORMAT, verbose=False, color='no'): self.apply_colour_choice(color) self.lp = sambaopts.get_loadparm() if DC is None: DC = common.netcmd_dnsname(self.lp) self.server = DC self.creds = credopts.get_credentials(self.lp, fallback_machine=True) self.verbose = verbose output_function = { 'summary': self.summary_output, 'notify_summary': self.notify_summary_output, 'pull_summary': self.pull_summary_output, 'json': self.json_output, 'classic': self.classic_output, }.get(format) if output_function is None: raise CommandError("unknown showrepl format %s" % format) return output_function()
def run(self, server_name=None, credopts=None, sambaopts=None, versionopts=None): lp = sambaopts.get_loadparm() creds = credopts.get_credentials(lp, fallback_machine=True) net = Net(creds, lp, server=credopts.ipaddress) if server_name is None: server_name = common.netcmd_dnsname(lp) self.outf.write(net.time(server_name)+"\n")
def run(self, DC=None, dsa_option=None, sambaopts=None, credopts=None, versionopts=None): self.lp = sambaopts.get_loadparm() if DC is None: DC = common.netcmd_dnsname(self.lp) self.server = DC self.creds = credopts.get_credentials(self.lp, fallback_machine=True) samdb_connect(self) ntds_dn = self.samdb.get_dsServiceName() res = self.samdb.search(base=ntds_dn, scope=ldb.SCOPE_BASE, attrs=["options"]) dsa_opts = int(res[0]["options"][0]) # print out current DSA options cur_opts = [ x for x in self.option_map if self.option_map[x] & dsa_opts ] self.message("Current DSA options: " + ", ".join(cur_opts)) # modify options if dsa_option: if dsa_option[:1] not in ("+", "-"): raise CommandError("Unknown option %s" % dsa_option) flag = dsa_option[1:] if flag not in self.option_map.keys(): raise CommandError("Unknown option %s" % dsa_option) if dsa_option[:1] == "+": dsa_opts |= self.option_map[flag] else: dsa_opts &= ~self.option_map[flag] #save new options m = ldb.Message() m.dn = ldb.Dn(self.samdb, ntds_dn) m["options"] = ldb.MessageElement(str(dsa_opts), ldb.FLAG_MOD_REPLACE, "options") self.samdb.modify(m) # print out new DSA options cur_opts = [ x for x in self.option_map if self.option_map[x] & dsa_opts ] self.message("New DSA options: " + ", ".join(cur_opts))
def run(self, DC=None, sambaopts=None, credopts=None, versionopts=None): self.lp = sambaopts.get_loadparm() if DC is None: DC = common.netcmd_dnsname(self.lp) self.server = DC self.creds = credopts.get_credentials(self.lp, fallback_machine=True) drsuapi_connect(self) req1 = drsuapi.DsExecuteKCC1() try: self.drsuapi.DsExecuteKCC(self.drsuapi_handle, 1, req1) except Exception as e: raise CommandError("DsExecuteKCC failed", e) self.message("Consistency check on %s successful." % DC)
def run(self, DC=None, sambaopts=None, credopts=None, versionopts=None, server=None): self.lp = sambaopts.get_loadparm() if DC is None: DC = common.netcmd_dnsname(self.lp) self.server = DC self.creds = credopts.get_credentials(self.lp, fallback_machine=True) drsuapi_connect(self) req1 = drsuapi.DsExecuteKCC1() try: self.drsuapi.DsExecuteKCC(self.drsuapi_handle, 1, req1) except Exception, e: raise CommandError("DsExecuteKCC failed", e)
def run(self, DC=None, sambaopts=None, credopts=None, versionopts=None, server=None): self.lp = sambaopts.get_loadparm() if DC is None: DC = common.netcmd_dnsname(self.lp) self.server = DC self.creds = credopts.get_credentials(self.lp, fallback_machine=True) drsuapi_connect(self) samdb_connect(self) # show domain information ntds_dn = get_dsServiceName(self.samdb) server_dns = self.samdb.search(base="", scope=ldb.SCOPE_BASE, attrs=["dnsHostName"])[0]['dnsHostName'][0] (site, server) = drs_parse_ntds_dn(ntds_dn) try: ntds = self.samdb.search(base=ntds_dn, scope=ldb.SCOPE_BASE, attrs=['options', 'objectGUID', 'invocationId']) except Exception, e: raise CommandError("Failed to search NTDS DN %s" % ntds_dn)
def run(self, DC=None, dsa_option=None, sambaopts=None, credopts=None, versionopts=None): self.lp = sambaopts.get_loadparm() if DC is None: DC = common.netcmd_dnsname(self.lp) self.server = DC self.creds = credopts.get_credentials(self.lp, fallback_machine=True) samdb_connect(self) ntds_dn = self.samdb.get_dsServiceName() res = self.samdb.search(base=ntds_dn, scope=ldb.SCOPE_BASE, attrs=["options"]) dsa_opts = int(res[0]["options"][0]) # print out current DSA options cur_opts = [x for x in self.option_map if self.option_map[x] & dsa_opts] self.message("Current DSA options: " + ", ".join(cur_opts)) # modify options if dsa_option: if dsa_option[:1] not in ("+", "-"): raise CommandError("Unknown option %s" % dsa_option) flag = dsa_option[1:] if flag not in self.option_map.keys(): raise CommandError("Unknown option %s" % dsa_option) if dsa_option[:1] == "+": dsa_opts |= self.option_map[flag] else: dsa_opts &= ~self.option_map[flag] #save new options m = ldb.Message() m.dn = ldb.Dn(self.samdb, ntds_dn) m["options"]= ldb.MessageElement(str(dsa_opts), ldb.FLAG_MOD_REPLACE, "options") self.samdb.modify(m) # print out new DSA options cur_opts = [x for x in self.option_map if self.option_map[x] & dsa_opts] self.message("New DSA options: " + ", ".join(cur_opts))
def run(self, DC=None, sambaopts=None, credopts=None, versionopts=None): self.lp = sambaopts.get_loadparm() if DC is None: DC = common.netcmd_dnsname(self.lp) self.server = DC self.creds = credopts.get_credentials(self.lp, fallback_machine=True) drsuapi_connect(self) bind_info = drsuapi.DsBindInfoCtr() bind_info.length = 28 bind_info.info = drsuapi.DsBindInfo28() (info, handle) = self.drsuapi.DsBind(misc.GUID(drsuapi.DRSUAPI_DS_BIND_GUID), bind_info) optmap = [ ("DRSUAPI_SUPPORTED_EXTENSION_BASE", "DRS_EXT_BASE"), ("DRSUAPI_SUPPORTED_EXTENSION_ASYNC_REPLICATION", "DRS_EXT_ASYNCREPL"), ("DRSUAPI_SUPPORTED_EXTENSION_REMOVEAPI", "DRS_EXT_REMOVEAPI"), ("DRSUAPI_SUPPORTED_EXTENSION_MOVEREQ_V2", "DRS_EXT_MOVEREQ_V2"), ("DRSUAPI_SUPPORTED_EXTENSION_GETCHG_COMPRESS", "DRS_EXT_GETCHG_DEFLATE"), ("DRSUAPI_SUPPORTED_EXTENSION_DCINFO_V1", "DRS_EXT_DCINFO_V1"), ("DRSUAPI_SUPPORTED_EXTENSION_RESTORE_USN_OPTIMIZATION", "DRS_EXT_RESTORE_USN_OPTIMIZATION"), ("DRSUAPI_SUPPORTED_EXTENSION_ADDENTRY", "DRS_EXT_ADDENTRY"), ("DRSUAPI_SUPPORTED_EXTENSION_KCC_EXECUTE", "DRS_EXT_KCC_EXECUTE"), ("DRSUAPI_SUPPORTED_EXTENSION_ADDENTRY_V2", "DRS_EXT_ADDENTRY_V2"), ("DRSUAPI_SUPPORTED_EXTENSION_LINKED_VALUE_REPLICATION", "DRS_EXT_LINKED_VALUE_REPLICATION"), ("DRSUAPI_SUPPORTED_EXTENSION_DCINFO_V2", "DRS_EXT_DCINFO_V2"), ("DRSUAPI_SUPPORTED_EXTENSION_INSTANCE_TYPE_NOT_REQ_ON_MOD","DRS_EXT_INSTANCE_TYPE_NOT_REQ_ON_MOD"), ("DRSUAPI_SUPPORTED_EXTENSION_CRYPTO_BIND", "DRS_EXT_CRYPTO_BIND"), ("DRSUAPI_SUPPORTED_EXTENSION_GET_REPL_INFO", "DRS_EXT_GET_REPL_INFO"), ("DRSUAPI_SUPPORTED_EXTENSION_STRONG_ENCRYPTION", "DRS_EXT_STRONG_ENCRYPTION"), ("DRSUAPI_SUPPORTED_EXTENSION_DCINFO_V01", "DRS_EXT_DCINFO_VFFFFFFFF"), ("DRSUAPI_SUPPORTED_EXTENSION_TRANSITIVE_MEMBERSHIP", "DRS_EXT_TRANSITIVE_MEMBERSHIP"), ("DRSUAPI_SUPPORTED_EXTENSION_ADD_SID_HISTORY", "DRS_EXT_ADD_SID_HISTORY"), ("DRSUAPI_SUPPORTED_EXTENSION_POST_BETA3", "DRS_EXT_POST_BETA3"), ("DRSUAPI_SUPPORTED_EXTENSION_GETCHGREQ_V5", "DRS_EXT_GETCHGREQ_V5"), ("DRSUAPI_SUPPORTED_EXTENSION_GET_MEMBERSHIPS2", "DRS_EXT_GETMEMBERSHIPS2"), ("DRSUAPI_SUPPORTED_EXTENSION_GETCHGREQ_V6", "DRS_EXT_GETCHGREQ_V6"), ("DRSUAPI_SUPPORTED_EXTENSION_NONDOMAIN_NCS", "DRS_EXT_NONDOMAIN_NCS"), ("DRSUAPI_SUPPORTED_EXTENSION_GETCHGREQ_V8", "DRS_EXT_GETCHGREQ_V8"), ("DRSUAPI_SUPPORTED_EXTENSION_GETCHGREPLY_V5", "DRS_EXT_GETCHGREPLY_V5"), ("DRSUAPI_SUPPORTED_EXTENSION_GETCHGREPLY_V6", "DRS_EXT_GETCHGREPLY_V6"), ("DRSUAPI_SUPPORTED_EXTENSION_ADDENTRYREPLY_V3", "DRS_EXT_WHISTLER_BETA3"), ("DRSUAPI_SUPPORTED_EXTENSION_GETCHGREPLY_V7", "DRS_EXT_WHISTLER_BETA3"), ("DRSUAPI_SUPPORTED_EXTENSION_VERIFY_OBJECT", "DRS_EXT_WHISTLER_BETA3"), ("DRSUAPI_SUPPORTED_EXTENSION_XPRESS_COMPRESS", "DRS_EXT_W2K3_DEFLATE"), ("DRSUAPI_SUPPORTED_EXTENSION_GETCHGREQ_V10", "DRS_EXT_GETCHGREQ_V10"), ("DRSUAPI_SUPPORTED_EXTENSION_RESERVED_PART2", "DRS_EXT_RESERVED_FOR_WIN2K_OR_DOTNET_PART2"), ("DRSUAPI_SUPPORTED_EXTENSION_RESERVED_PART3", "DRS_EXT_RESERVED_FOR_WIN2K_OR_DOTNET_PART3") ] optmap_ext = [ ("DRSUAPI_SUPPORTED_EXTENSION_ADAM", "DRS_EXT_ADAM"), ("DRSUAPI_SUPPORTED_EXTENSION_LH_BETA2", "DRS_EXT_LH_BETA2"), ("DRSUAPI_SUPPORTED_EXTENSION_RECYCLE_BIN", "DRS_EXT_RECYCLE_BIN")] self.message("Bind to %s succeeded." % DC) self.message("Extensions supported:") for (opt, str) in optmap: optval = getattr(drsuapi, opt, 0) if info.info.supported_extensions & optval: yesno = "Yes" else: yesno = "No " self.message(" %-60s: %s (%s)" % (opt, yesno, str)) if isinstance(info.info, drsuapi.DsBindInfo48): self.message("\nExtended Extensions supported:") for (opt, str) in optmap_ext: optval = getattr(drsuapi, opt, 0) if info.info.supported_extensions_ext & optval: yesno = "Yes" else: yesno = "No " self.message(" %-60s: %s (%s)" % (opt, yesno, str)) self.message("\nSite GUID: %s" % info.info.site_guid) self.message("Repl epoch: %u" % info.info.repl_epoch) if isinstance(info.info, drsuapi.DsBindInfo48): self.message("Forest GUID: %s" % info.info.config_dn_guid)
def run(self, DC=None, sambaopts=None, credopts=None, versionopts=None, json=False): self.lp = sambaopts.get_loadparm() if DC is None: DC = common.netcmd_dnsname(self.lp) self.server = DC self.creds = credopts.get_credentials(self.lp, fallback_machine=True) drsuapi_connect(self) samdb_connect(self) # show domain information ntds_dn = self.samdb.get_dsServiceName() (site, server) = drs_parse_ntds_dn(ntds_dn) try: ntds = self.samdb.search( base=ntds_dn, scope=ldb.SCOPE_BASE, attrs=['options', 'objectGUID', 'invocationId']) except Exception as e: raise CommandError("Failed to search NTDS DN %s" % ntds_dn) dsa_details = { "options": int(attr_default(ntds[0], "options", 0)), "objectGUID": self.samdb.schema_format_value("objectGUID", ntds[0]["objectGUID"][0]), "invocationId": self.samdb.schema_format_value("objectGUID", ntds[0]["invocationId"][0]) } conn = self.samdb.search(base=ntds_dn, expression="(objectClass=nTDSConnection)") info = self.drsuapi_ReplicaInfo( drsuapi.DRSUAPI_DS_REPLICA_INFO_NEIGHBORS)[1] repsfrom = [self.parse_neighbour(n) for n in info.array] info = self.drsuapi_ReplicaInfo( drsuapi.DRSUAPI_DS_REPLICA_INFO_REPSTO)[1] repsto = [self.parse_neighbour(n) for n in info.array] conn_details = [] for c in conn: c_rdn, sep, c_server_dn = c['fromServer'][0].partition(',') d = { 'name': str(c['name']), 'remote DN': c['fromServer'][0], 'options': int(attr_default(c, 'options', 0)), 'enabled': (attr_default(c, 'enabledConnection', 'TRUE').upper() == 'TRUE') } conn_details.append(d) try: c_server_res = self.samdb.search(base=c_server_dn, scope=ldb.SCOPE_BASE, attrs=["dnsHostName"]) d['dns name'] = c_server_res[0]["dnsHostName"][0] except ldb.LdbError as e: (errno, _) = e.args if errno == ldb.ERR_NO_SUCH_OBJECT: d['is deleted'] = True except KeyError: pass d['replicates NC'] = [] for r in c.get('mS-DS-ReplicatesNCReason', []): a = str(r).split(':') d['replicates NC'].append((a[3], int(a[2]))) if json: import json as json_mod data = { 'dsa': dsa_details, 'repsFrom': repsfrom, 'repsTo': repsto, 'NTDSConnections': conn_details } json_mod.dump(data, self.outf, indent=2) return self.message("%s\\%s" % (site, server)) self.message("DSA Options: 0x%08x" % dsa_details["options"]) self.message("DSA object GUID: %s" % dsa_details["objectGUID"]) self.message("DSA invocationId: %s\n" % dsa_details["invocationId"]) self.message("==== INBOUND NEIGHBORS ====\n") for n in repsfrom: self.print_neighbour(n) self.message("==== OUTBOUND NEIGHBORS ====\n") for n in repsto: self.print_neighbour(n) reasons = [ 'NTDSCONN_KCC_GC_TOPOLOGY', 'NTDSCONN_KCC_RING_TOPOLOGY', 'NTDSCONN_KCC_MINIMIZE_HOPS_TOPOLOGY', 'NTDSCONN_KCC_STALE_SERVERS_TOPOLOGY', 'NTDSCONN_KCC_OSCILLATING_CONNECTION_TOPOLOGY', 'NTDSCONN_KCC_INTERSITE_GC_TOPOLOGY', 'NTDSCONN_KCC_INTERSITE_TOPOLOGY', 'NTDSCONN_KCC_SERVER_FAILOVER_TOPOLOGY', 'NTDSCONN_KCC_SITE_FAILOVER_TOPOLOGY', 'NTDSCONN_KCC_REDUNDANT_SERVER_TOPOLOGY' ] self.message("==== KCC CONNECTION OBJECTS ====\n") for d in conn_details: self.message("Connection --") if d.get('is deleted'): self.message("\tWARNING: Connection to DELETED server!") self.message("\tConnection name: %s" % d['name']) self.message("\tEnabled : %s" % str(d['enabled']).upper()) self.message("\tServer DNS name : %s" % d['dns name']) self.message("\tServer DN name : %s" % d['remote DN']) self.message("\t\tTransportType: RPC") self.message("\t\toptions: 0x%08X" % d['options']) if d['replicates NC']: for nc, reason in d['replicates NC']: self.message("\t\tReplicatesNC: %s" % nc) self.message("\t\tReason: 0x%08x" % reason) for s in reasons: if getattr(dsdb, s, 0) & reason: self.message("\t\t\t%s" % s) else: self.message("Warning: No NC replicated for Connection!")