def force_drs_replication(source_dc=None, destination_dc=None, partition_dn=None, direction="in"): if not package_installed('univention-samba4'): print( 'force_drs_replication(): skip, univention-samba4 not installed.') return if not source_dc: source_dc = get_available_s4connector_dc() if not source_dc: return 1 if not destination_dc: destination_dc = socket.gethostname() if destination_dc == source_dc: return if not partition_dn: lp = LoadParm() lp.load('/etc/samba/smb.conf') samdb = SamDB("tdb://%s" % lp.private_path("sam.ldb"), session_info=system_session(lp), lp=lp) partition_dn = str(samdb.domain_dn()) print("USING partition_dn:", partition_dn) if direction == "in": cmd = ("/usr/bin/samba-tool", "drs", "replicate", destination_dc, source_dc, partition_dn) else: cmd = ("/usr/bin/samba-tool", "drs", "replicate", source_dc, destination_dc, partition_dn) return subprocess.call(cmd)
def _wait_for_drs_replication(ldap_filter, attrs=None, base=None, scope=ldb.SCOPE_SUBTREE, lp=None, timeout=360, delta_t=1, verbose=True, should_exist=True, controls=None): # type: (str, Union[List[str], None, str], Optional[str], int, Optional[LoadParm], int, int, bool, bool, Optional[List[str]]) -> None if not package_installed('univention-samba4'): if package_installed('univention-samba'): time.sleep(15) print('Sleeping 15 seconds as a workaround for http://forge.univention.org/bugzilla/show_bug.cgi?id=52145') elif verbose: print('wait_for_drs_replication(): skip, univention-samba4 not installed.') return if not attrs: attrs = ['dn'] elif not isinstance(attrs, list): attrs = [attrs] if not lp: lp = LoadParm() lp.load('/etc/samba/smb.conf') samdb = SamDB("tdb://%s" % lp.private_path("sam.ldb"), session_info=system_session(lp), lp=lp) if not controls: controls = ["domain_scope:0"] if base is None: ucr = config_registry.ConfigRegistry() ucr.load() base = ucr['samba4/ldap/base'] else: if len(ldap.dn.str2dn(base)[0]) > 1: if verbose: print('wait_for_drs_replication(): skip, multiple RDNs are not supported') return if not base: if verbose: print('wait_for_drs_replication(): skip, no samba domain found') return if verbose: print("Waiting for DRS replication, filter: %r, base: %r, scope: %r, should_exist: %r" % (ldap_filter, base, scope, should_exist), end=' ') t = t0 = time.time() while t < t0 + timeout: try: res = samdb.search(base=base, scope=scope, expression=ldap_filter, attrs=attrs, controls=controls) if bool(res) is bool(should_exist): if verbose: print("\nDRS replication took %d seconds" % (t - t0, )) return # res except ldb.LdbError as exc: (_num, msg) = exc.args if _num == ldb.ERR_INVALID_DN_SYNTAX: raise if _num == ldb.ERR_NO_SUCH_OBJECT and not should_exist: if verbose: print("\nDRS replication took %d seconds" % (t - t0, )) return print("Error during samdb.search: %s" % (msg, )) print('.', end=' ') time.sleep(delta_t) t = time.time() raise DRSReplicationFailed("DRS replication for filter: %r failed due to timeout after %d sec." % (ldap_filter, t - t0))
class SambaOCHelper(object): def __init__(self): self.samba_lp = LoadParm() self.samba_lp.set('debug level', '0') self.samba_lp.load_default() url = self.samba_lp.get('dcerpc_mapiproxy:samdb_url') or \ self.samba_lp.private_path("sam.ldb") self.samdb = SamDB(url=url, lp=self.samba_lp, session_info=system_session()) self.conn = self._open_mysql_connection() def _open_mysql_connection(self): connection_string = self.samba_lp.get('mapiproxy:openchangedb') if not connection_string: raise Exception( "Not found mapiproxy:openchangedb on samba configuration") # mysql://openchange:password@localhost/openchange m = re.search( r'(?P<scheme>.+)://(?P<user>.+):(?P<pass>.+)@(?P<host>.+)/(?P<db>.+)', connection_string) if not m: raise Exception("Unable to parse mapiproxy:openchangedb: %s" % connection_string) group_dict = m.groupdict() if group_dict['scheme'] != 'mysql': raise Exception( "mapiproxy:openchangedb should start with mysql:// (we got %s)", group_dict['scheme']) conn = MySQLdb.connect(host=group_dict['host'], user=group_dict['user'], passwd=group_dict['pass'], db=group_dict['db']) conn.autocommit(True) return conn def invalid_user(self, username): ret = self.samdb.search(base=self.samdb.domain_dn(), scope=ldb.SCOPE_SUBTREE, expression="(sAMAccountName=%s)" % ldb.binary_encode(username)) return len(ret) != 1 def find_email_of(self, username): ret = self.samdb.search(base=self.samdb.domain_dn(), scope=ldb.SCOPE_SUBTREE, attrs=["mail"], expression="(sAMAccountName=%s)" % ldb.binary_encode(username)) return ret[0]["mail"][0] def active_openchange_users(self): c = self.conn.cursor() c.execute("SELECT name FROM mailboxes") return sorted([row[0] for row in c.fetchall()])
def wait_for_drs_replication(ldap_filter, attrs=None, base=None, scope=ldb.SCOPE_SUBTREE, lp=None, timeout=360, delta_t=1, verbose=True, should_exist=True, controls=None): if not package_installed('univention-samba4'): if verbose: print('wait_for_drs_replication(): skip, univention-samba4 not installed.') return if not lp: lp = LoadParm() lp.load('/etc/samba/smb.conf') if not attrs: attrs = ['dn'] elif not isinstance(attrs, list): attrs = [attrs] samdb = SamDB("tdb://%s" % lp.private_path("sam.ldb"), session_info=system_session(lp), lp=lp) if not controls: controls = ["domain_scope:0"] if base is None: base = samdb.domain_dn() else: if len(ldap.dn.str2dn(base)[0]) > 1: if verbose: print('wait_for_drs_replication(): skip, multiple RDNs are not supported') return if not base or base == 'None': if verbose: print('wait_for_drs_replication(): skip, no samba domain found') return if verbose: print("Waiting for DRS replication, filter: %r, base: %r, scope: %r, should_exist: %r" % (ldap_filter, base, scope, should_exist), end=' ') t = t0 = time.time() while t < t0 + timeout: try: res = samdb.search(base=base, scope=scope, expression=ldap_filter, attrs=attrs, controls=controls) if res and should_exist: if verbose: print("\nDRS replication took %d seconds" % (t - t0, )) return res if not res and not should_exist: if verbose: print("\nDRS replication took %d seconds" % (t - t0, )) return res except ldb.LdbError as exc: (_num, msg) = exc.args if _num == ldb.ERR_INVALID_DN_SYNTAX: raise if _num == ldb.ERR_NO_SUCH_OBJECT and not should_exist: if verbose: print("\nDRS replication took %d seconds" % (t - t0, )) return print("Error during samdb.search: %s" % (msg, )) print('.', end=' ') time.sleep(delta_t) t = time.time() raise DRSReplicationFailed("DRS replication for filter: %r failed due to timeout after %d sec." % (ldap_filter, t - t0))
class SambaOCHelper(object): def __init__(self): self.samba_lp = LoadParm() self.samba_lp.set('debug level', '0') self.samba_lp.load_default() url = self.samba_lp.get('dcerpc_mapiproxy:samdb_url') or \ self.samba_lp.private_path("sam.ldb") self.samdb = SamDB(url=url, lp=self.samba_lp, session_info=system_session()) self.conn = self._open_mysql_connection() def _open_mysql_connection(self): connection_string = self.samba_lp.get('mapiproxy:openchangedb') if not connection_string: raise Exception("Not found mapiproxy:openchangedb on samba configuration") # mysql://openchange:password@localhost/openchange m = re.search(r'(?P<scheme>.+)://(?P<user>.+):(?P<pass>.+)@(?P<host>.+)/(?P<db>.+)', connection_string) if not m: raise Exception("Unable to parse mapiproxy:openchangedb: %s" % connection_string) group_dict = m.groupdict() if group_dict['scheme'] != 'mysql': raise Exception("mapiproxy:openchangedb should start with mysql:// (we got %s)", group_dict['scheme']) conn = MySQLdb.connect(host=group_dict['host'], user=group_dict['user'], passwd=group_dict['pass'], db=group_dict['db']) conn.autocommit(True) return conn def invalid_user(self, username): ret = self.samdb.search(base=self.samdb.domain_dn(), scope=ldb.SCOPE_SUBTREE, expression="(sAMAccountName=%s)" % ldb.binary_encode(username)) return len(ret) != 1 def find_email_of(self, username): ret = self.samdb.search(base=self.samdb.domain_dn(), scope=ldb.SCOPE_SUBTREE, attrs=["mail"], expression="(sAMAccountName=%s)" % ldb.binary_encode(username)) return ret[0]["mail"][0] def active_openchange_users(self): c = self.conn.cursor() c.execute("SELECT name FROM mailboxes") return sorted([row[0] for row in c.fetchall()]) def get_indexing_cache(self): memcached_server = self.samba_lp.get('mapistore:indexing_cache') if not memcached_server: return "127.0.0.1:11211" # This should has a format like: --SERVER=11.22.33.44:11211 return memcached_server.split('=')[1]
def wait_for_drs_replication(ldap_filter, attrs=None, base=None, scope=ldb.SCOPE_SUBTREE, lp=None, timeout=360, delta_t=1, verbose=True): if not package_installed('univention-samba4'): if verbose: print 'wait_for_drs_replication(): skip, univention-samba4 not installed.' return if not lp: lp = LoadParm() lp.load('/etc/samba/smb.conf') if not attrs: attrs = ['dn'] elif not isinstance(attrs, list): attrs = [attrs] samdb = SamDB("tdb://%s" % lp.private_path("sam.ldb"), session_info=system_session(lp), lp=lp) controls = ["domain_scope:0"] if base is None: base = samdb.domain_dn() if not base or base == 'None': if verbose: print 'wait_for_drs_replication(): skip, no samba domain found' return if verbose: print "Waiting for DRS replication, filter: '%s'" % (ldap_filter, ), t = t0 = time.time() while t < t0 + timeout: try: res = samdb.search(base=base, scope=scope, expression=ldap_filter, attrs=attrs, controls=controls) if res: if verbose: print "\nDRS replication took %d seconds" % (t - t0, ) return res except ldb.LdbError as (_num, msg): print "Error during samdb.search: %s" % (msg, ) print '.', time.sleep(delta_t) t = time.time()
class SambaOCHelper(object): def __init__(self): self.samba_lp = LoadParm() self.samba_lp.set("debug level", "0") self.samba_lp.load_default() url = self.samba_lp.get("dcerpc_mapiproxy:samdb_url") or self.samba_lp.private_path("sam.ldb") self.samdb = SamDB(url=url, lp=self.samba_lp, session_info=system_session()) self.conn = self._open_mysql_connection() def _open_mysql_connection(self): connection_string = self.samba_lp.get("mapiproxy:openchangedb") if not connection_string: raise Exception("Not found mapiproxy:openchangedb on samba configuration") # mysql://openchange:password@localhost/openchange m = re.search(r"(?P<scheme>.+)://(?P<user>.+):(?P<pass>.+)@(?P<host>.+)/(?P<db>.+)", connection_string) if not m: raise Exception("Unable to parse mapiproxy:openchangedb: %s" % connection_string) group_dict = m.groupdict() if group_dict["scheme"] != "mysql": raise Exception("mapiproxy:openchangedb should start with mysql:// (we got %s)", group_dict["scheme"]) conn = MySQLdb.connect( host=group_dict["host"], user=group_dict["user"], passwd=group_dict["pass"], db=group_dict["db"] ) conn.autocommit(True) return conn def invalid_user(self, username): ret = self.samdb.search( base=self.samdb.domain_dn(), scope=ldb.SCOPE_SUBTREE, expression="(sAMAccountName=%s)" % ldb.binary_encode(username), ) return len(ret) != 1 def find_email_of(self, username): ret = self.samdb.search( base=self.samdb.domain_dn(), scope=ldb.SCOPE_SUBTREE, attrs=["mail"], expression="(sAMAccountName=%s)" % ldb.binary_encode(username), ) return ret[0]["mail"][0] def active_openchange_users(self): c = self.conn.cursor() c.execute("SELECT name FROM mailboxes") return sorted([row[0] for row in c.fetchall()])
def get_samba_sam_ldb_path(self): """ Returns the 'sam.ldb' path using samba conf or defaults. """ print( "\nObtaining the Samba configuration to determine Samba private path" ) smb_conf_path = getenv("SMB_CONF_PATH") SambaLP = LoadParm() if smb_conf_path: SambaLP.load(smb_conf_path) else: SambaLP.load_default() return SambaLP.private_path('sam.ldb')
def apply(cls, cur, **kwargs): # Mimetise what mapistore_interface.c (mapistore_init) does # to get the mapping path if 'lp' in kwargs: mapping_path = kwargs['lp'].private_path("mapistore") else: lp = LoadParm() lp.load_default() mapping_path = lp.private_path("mapistore") if mapping_path is None: return cur.execute("START TRANSACTION") try: # Get all mailboxes cur.execute("SELECT name FROM mailboxes") for row in cur.fetchall(): username = row[0] path = "{0}/{1}/replica_mapping.tdb".format( mapping_path, username) try: tdb_file = tdb.Tdb(path, 0, tdb.DEFAULT, os.O_RDONLY) for k in tdb_file.iterkeys(): # Check if the key is an integer try: repl_id = int(k, base=16) cls._insert_map(cur, username, repl_id, tdb_file[k]) except ValueError: # Cannot convert to int, so no repl_id continue except IOError: # Cannot read any replica mapping continue cur.execute("COMMIT") except Exception as e: print("Error migrating TDB files into the database {}, rollback". format(e), file=sys.stderr) cur.execute("ROLLBACK") raise
def apply(cls, cur, **kwargs): # Mimetise what mapistore_interface.c (mapistore_init) does # to get the mapping path if 'lp' in kwargs: mapping_path = kwargs['lp'].private_path("mapistore") else: lp = LoadParm() lp.load_default() mapping_path = lp.private_path("mapistore") if mapping_path is None: return cur.execute("START TRANSACTION") try: # Get all mailboxes cur.execute("SELECT name FROM mailboxes") for row in cur.fetchall(): username = row[0] path = "{0}/{1}/replica_mapping.tdb".format(mapping_path, username) try: tdb_file = tdb.Tdb(path, 0, tdb.DEFAULT, os.O_RDONLY) for k in tdb_file.iterkeys(): # Check if the key is an integer try: repl_id = int(k, base=16) cls._insert_map(cur, username, repl_id, tdb_file[k]) except ValueError: # Cannot convert to int, so no repl_id continue except IOError: # Cannot read any replica mapping continue cur.execute("COMMIT") except Exception as e: print("Error migrating TDB files into the database {}, rollback".format(e), file=sys.stderr) cur.execute("ROLLBACK") raise
class SambaOCHelper(object): def __init__(self): self.samba_lp = LoadParm() self.samba_lp.set('debug level', '0') self.samba_lp.load_default() self.next_fmid = None url = self.samba_lp.get('dcerpc_mapiproxy:samdb_url') or \ self.samba_lp.private_path("sam.ldb") self.samdb = SamDB(url=url, lp=self.samba_lp, session_info=system_session()) self.conn = self._open_mysql_connection() def _open_mysql_connection(self): connection_string = self.samba_lp.get('mapiproxy:openchangedb') if not connection_string: raise Exception("Not found mapiproxy:openchangedb on samba configuration") # mysql://openchange:password@localhost/openchange m = re.search(r'(?P<scheme>.+)://(?P<user>.+):(?P<pass>.+)@(?P<host>.+)/(?P<db>.+)', connection_string) if not m: raise Exception("Unable to parse mapiproxy:openchangedb: %s" % connection_string) group_dict = m.groupdict() if group_dict['scheme'] != 'mysql': raise Exception("mapiproxy:openchangedb should start with mysql:// (we got %s)", group_dict['scheme']) conn = MySQLdb.connect(host=group_dict['host'], user=group_dict['user'], passwd=group_dict['pass'], db=group_dict['db']) conn.autocommit(True) return conn def invalid_user(self, username): ret = self.samdb.search(base=self.samdb.domain_dn(), scope=ldb.SCOPE_SUBTREE, expression="(sAMAccountName=%s)" % ldb.binary_encode(username)) return len(ret) != 1 def find_email_of(self, username): ret = self.samdb.search(base=self.samdb.domain_dn(), scope=ldb.SCOPE_SUBTREE, attrs=["mail"], expression="(sAMAccountName=%s)" % ldb.binary_encode(username)) return ret[0]["mail"][0] def active_openchange_users(self): c = self.conn.cursor() c.execute("SELECT name FROM mailboxes") return sorted([row[0] for row in c.fetchall()]) def allocate_fmids(self, count, username): if self.next_fmid is None: c = self.conn.cursor() c.execute("SELECT next_fmid FROM mapistore_indexes WHERE username = '******'" % username) self.next_fmid = c.fetchone()[0] if self.next_fmid is not None: self.next_fmid = int(self.next_fmid) + count return (int(self.next_fmid) - count, self.next_fmid) def create_indexes(self, username): c = self.conn.cursor() c.execute("INSERT INTO mapistore_indexes (username,next_fmid) VALUES('%s','1024')" % (username)) return def commit_start(self): self.conn.autocommit(False) def insert_indexing(self, username, fmid, url): c = self.conn.cursor() c.execute("INSERT INTO mapistore_indexing (username,fmid,url,soft_deleted) VALUES('%s','%s','%s', '0')" % (username, str(fmid), url)) def update_indexes(self, count, username): c = self.conn.cursor() updated_number = int(count) + int(self.next_fmid) print "Updating next_fmid to %s" % str(updated_number) c.execute("UPDATE mapistore_indexes SET next_fmid='%s' WHERE username='******'" % (str(updated_number), username)) def commit_end(self): c = self.conn.cursor() self.conn.commit() c.close() self.conn.autocommit(True)