o

�/a���@s�
dd
lm
Z
dd
lZdd
lZddlmZ
dd
lZddlm	Z	
ddl
mZmZm
Z
mZ
ddlmZ
ddlmZ
ddlmZmZmZ
dd	lmZmZ
dd
lmZ
ddlmZ
ddlmZmZm Z m!Z!m"Z"
dd
l#m$Z$
ddlm%Z%
dd�Z&dd�Z'dd�Z(dd�Z)dZ*Gdd�de�Z+Gdd�de�Z,Gdd�de�Z-Gdd�de�Z.Gd d!�d!e�Z/Gd"d#�d#e�Z0Gd$d%�d%e�Z1Gd&d'�d'e�Z2d
S)(�N�
)
�common)
�system_session)�Command�CommandError�Option�SuperCommand)
�attr_default)
�SamDB)�	drs_utils�
nttime2string�dsdb)�drsuapi�misc)
�
join_clone)
�colour)�get_partition_maps�get_utdv_edges�get_utdv_distances�get_utdv_summary�get_kcc_and_dsas)
�
get_string)
�get_default_backend_storec

CsPzt�
|j|j|j�\|_|_|_WdSty'
}

zt	d
|j|
��
d}
~
w
w)z'make a DRSUAPI connection to the serverzDRS connection to %s failedN)
r�drsuapi_connect�server�lp�credsr�drsuapi_handle�bind_supported_extensions�	Exceptionr��ctx�
e�r#�2/usr/lib/python3/dist-packages/samba/netcmd/drs.pyr4s&


��rc

CsNztd
|j
t�|j|jd�|_WdSty&
}

ztd|j
|
��
d}
~
w
w)z$make a ldap connection to the server�	ldap://%s��url�session_info�credentialsrzLDAP connection to %s failedN)r
rrrr�samdbrrr r#r#r$�
samdb_connect<s



�
��r+c
Cs |\}
}|
d
kr
dSd|
|fS)z*return "was successful" or an error stringr
zwas successfulzfailed, result %u (%s)r#)�werr�ecode�estringr#r#r$�
drs_errmsgFs


r/c
Csf|�d
�
}
|
ddks|
ddks|
ddkrt
d|�
�
|
d	�d
�
d	}|
d�d
�
d	}||fS)z+parse a NTDS DN returning a site and server�
,r
zCN=NTDS Settings�z
CN=Servers�zCN=Siteszbad NTDS DN %sr�
=�)�split�RuntimeError)�ntds_dn�
ar�siter#r#r$�drs_parse_ntds_dnNs
$




r:�classicc@s
eZ
dZd
ZdZejejejd�Z	e
dddddd	�e
d
ddddd	�e
d
ddddd	�e
dddddd�e
ddddded�e
ddddd�e
dddd �gZd!g
Z
d"d#�Zd$d%�Zd&d'�Zd(d(d(d(ed)dfd*d+�
Zd,d-�Zd.d/�Zd0d1�Zd2d3�Zd4d5�Zd6d7�Zd8d9�Zd(S):�cmd_drs_showreplzShow replication status.�%prog [<DC>] [options]��	sambaopts�versionopts�credopts�--jsonz"replication details in JSON format�format�store_const�json)�help�dest�action�constz	--summaryz5summarize overall DRS health as seen from this server�summaryz--pull-summaryz:Have we successfully replicated from all relevent servers?�pull_summaryz--notify-summary�notify_summaryzsHave we successfully notified all relevent servers of local changes, and did they say they successfully replicated?)rHrIrGrFz	--classiczprint local replication detailsr;)rFrGrHrI�defaultz-vz	--verbosez
Be verbose�
store_true�rFrHz--colorzUse colour output (yes|no|auto)�no)rFrM�DC?c	
Cs�t|
j
�
}|
j|t|
j�
t|
j�
|
jt|
j�
t|
j	�
d
d�}z|j
jd|tj
gd�
Wn#tjyO
}
z|j\}}|tjkrDd|d<n
�WYd}~nd}~w
wzt|
j	�
\}}d||f|d	<W|Styl


Y|Sw)
z8Convert an ldb neighbour object into a python dictionaryF)�NC dn�DSA objectGUID�last attempt time�last attempt message�consecutive failures�last success�NTDS DN�
is deletedz	<GUID=%s>��base�scope�attrsTrYN�%s\%s�DSA)�str�source_dsa_obj_guid�naming_context_dnr�last_attemptr/�result_last_attempt�consecutive_sync_failures�last_success�source_dsa_obj_dnr*�search�ldb�
SCOPE_BASE�LdbError�args�ERR_NO_SUCH_OBJECTr:r6)	�self�
n�dsa_objectguid�
dr"�errno�
_r9rr#r#r$�parse_neighbour~s>







�



�





���

�

�z cmd_drs_showrepl.parse_neighbourcCs�|�d
|
d�

d|
vr|�d|
d�

n	|�d|
d�

|�d|
d�

|�d	|
d
|
df�

|�d|
d
�

|�d|
d�

|�d�

dS)z&print one set of neighbour informationz%srRr_z	%s via RPCz	NTDS DN: %srXz		DSA object GUID: %srSz		Last attempt @ %s %srTrUz		%u consecutive failure(s).rVz		Last success @ %srW�N)
�message)rnrqr#r#r$�print_neighbour�s




�
�
z cmd_drs_showrepl.print_neighbourc
sht�
�}|
|_z
�j��jd
|�\}
}Wnty'
}
ztd|
|��
d}~w
w�f
dd�|jD�
}|S)Nrz"DsReplicaGetInfo of type %u failedc
sg|]}
��|
�
�qSr#)
rt)�.0ro�
rnr#r$�
<listcomp>�sz3cmd_drs_showrepl.get_neighbours.<locals>.<listcomp>)r�DsReplicaGetInfoRequest1�	info_type�DsReplicaGetInforrr�array)rnr|�req1�infor"�repsr#ryr$�get_neighbours�s




�
��
zcmd_drs_showrepl.get_neighboursNFc	Cs�|�|�

|�
�|_|
durt�|j�
}
|
|_|j|jd
d�|_||_|j	|j
|j|j|j
d��|�
}|dur=td|�
�
|�S)NT�
�fallback_machine)rJrLrKrEr;zunknown showrepl format %s)�apply_colour_choice�get_loadparmrr�netcmd_dnsnamer�get_credentialsr�verbose�summary_output�notify_summary_output�pull_summary_output�json_output�classic_output�getr)	rn�DCr?rAr@rCr��color�output_functionr#r#r$�run�s$











��
zcmd_drs_showrepl.runc
Cs*|��}
|
d
=|
d=t
j|
|jdd�
dS)Nr9rr1�
�indent)�get_local_repl_datarE�dump�outf)rn�datar#r#r$r��s



zcmd_drs_showrepl.json_outputcCs
g}g}|��}|
d
kr)|dD]}|drq|ddks#|ddkr(|�
|�

q|
dkrJ|dD]}|dr8q1|ddksD|ddkrI|�
|�

q1|sN|r�|�t�d	�
�

|rj|�t�d
�
�

|D]}|�|�

qb|r~|�t�d�
�

|D]}|�|�

qvdS|�t�d
�
�

dS)zcPrint a short message if every seems fine, but print details of any
        links that seem broken.rK�repsTorYrVr
rWrL�repsFromzThere are failing connectionszFailing outbound connections:zFailing inbound connection:rz
[ALL GOOD]N)r��appendrvr�c_REDrw�c_GREEN)rn�
typeof_output�failing_repsto�failing_repsfrom�
local_data�repr#r#r$�summary_output_handler�s:






�





�








z'cmd_drs_showrepl.summary_output_handlerc

C�
|�d
�
S)NrJ�
r�ryr#r#r$r���

zcmd_drs_showrepl.summary_outputc

Cr�)NrLr�ryr#r#r$r��r�z&cmd_drs_showrepl.notify_summary_outputc

Cr�)NrKr�ryr#r#r$r�

r�z$cmd_drs_showrepl.pull_summary_outputc
Cs8t|�

t
|�

|j��}
t|
�
\}}z|jj|
tjgd
�
d�}Wnty3
}
zt	d|
�
�
d}~w
wt
t|ddd��
t|j�
d|ddd��
t|j�
d|ddd��
d
�}|jj|
dd	�}|�tj�
}|�tj�
}	g}
|D]�}t|d
d�
�d�
\}}
}t|d�
t|d
d�
t
t|dd��
tt|d
d��
��dkd�}|
�|�

z|jj|tjdg
d�}t|ddd�
|d<Wn+tjy�
}
z|j\}}|tjkr�d|d<WYd}~nd}~w
ttfy�


Yn
wg|d<|�dg�D]}t|�
�d�
}|d�|dt
|d�
f�

q�qt|||	|
||d�S)N)�options�
objectGUID�invocationIdrZzFailed to search NTDS DN %sr
r�r�r�z(objectClass=nTDSConnection))r[�
expression�
fromServerr0�name�enabledConnection�TRUE)r��	remote DNr��enabled�dnsHostName�dns nameTrY�
replicates NCzmS-DS-ReplicatesNCReason�
:r4r1)�dsar�r��NTDSConnectionsr9r)rr+r*�get_dsServiceNamer:rhrirjrr�intr	r�schema_format_valuer�r�!DRSUAPI_DS_REPLICA_INFO_NEIGHBORS�DRSUAPI_DS_REPLICA_INFO_REPSTOr`�	partition�upperr�rkrlrm�KeyError�
IndexErrorr�r5)rnr7r9r�ntdsr"�dsa_details�conn�repsfrom�repsto�conn_details�
c�c_rdn�sep�c_server_dnrq�c_server_resrrrs�
rr8r#r#r$r�
sx






��

�
��








�
��




�





�

�

 
�




�z$cmd_drs_showrepl.get_local_repl_datac
Cs�
|��}
|
d
}|
d}|
d}|
d}|
d}|
d}|�
d||f�

|�
d|d	�

|�
d
|d�

|�
d|d
�

|�
d�

|D]}|�|�

qG|�
d�

|D]}|�|�

qVgd�
}	|�
d�

|D]}}
|�
d�

|
�d�
rz|�
d�

|�
d|
d�

|�
dt|
d�
���

|�
d|
�d�
�

|�
d|
d�

|�
d�

|�
d|
d	�

|
dr�|
dD]&\}}|�
d |�

|�
d!|�

|	D]}
tt|
d"�|@r�|�
d#|
�

q�q�qi|�
d$�

qidS)%Nr�r�r�r�r9rr^zDSA Options: 0x%08xr�zDSA object GUID: %sr�zDSA invocationId: %s
r�z==== INBOUND NEIGHBORS ====
z==== OUTBOUND NEIGHBORS ====
)
�NTDSCONN_KCC_GC_TOPOLOGY�NTDSCONN_KCC_RING_TOPOLOGY�#NTDSCONN_KCC_MINIMIZE_HOPS_TOPOLOGY�#NTDSCONN_KCC_STALE_SERVERS_TOPOLOGY�,NTDSCONN_KCC_OSCILLATING_CONNECTION_TOPOLOGY�"NTDSCONN_KCC_INTERSITE_GC_TOPOLOGY�NTDSCONN_KCC_INTERSITE_TOPOLOGY�%NTDSCONN_KCC_SERVER_FAILOVER_TOPOLOGY�#NTDSCONN_KCC_SITE_FAILOVER_TOPOLOGY�&NTDSCONN_KCC_REDUNDANT_SERVER_TOPOLOGYz!==== KCC CONNECTION OBJECTS ====
z
Connection --rYz'	WARNING: Connection to DELETED server!z	Connection name: %sr�z	Enabled        : %sr�z	Server DNS name : %sr�z	Server DN name  : %sr�z		TransportType: RPCz		options: 0x%08Xr�z		ReplicatesNC: %sz		Reason: 0x%08xr
z			%sz)Warning: No NC replicated for Connection!)r�rvrwr�r`r��getattrr
)rnr�r�r�r�r�r9rro�reasonsrq�nc�reason�
sr#r#r$r�C
sR



































����zcmd_drs_showrepl.classic_output)�__name__�
__module__�__qualname__�__doc__�synopsisr��SambaOptions�VersionOptions�CredentialsOptions�takes_optiongroupsr�DEFAULT_SHOWREPL_FORMAT�
takes_options�
takes_argsrtrwr�r�r�r�r�r�r�r�r�r#r#r#r$r<[sZ


�
���

�

�

��



�%?r<c@�:eZ
dZd
ZdZejejejd�Z	dg
Z
		ddd�
ZdS)	�cmd_drs_kccz)Trigger knowledge consistency center run.r=r>rQNc
Cs�|��|_
|
durt�|j
�
}
|
|_|j|j
d
d�|_t|�

t�	�}z|j�
|jd|�
Wnty?
}
zt
d|��
d}~w
w|�d|
�

dS)NTr�rzDsExecuteKCC failedz#Consistency check on %s successful.)r�rrr�rr�rrr�
DsExecuteKCC1�DsExecuteKCCrrrrv)rnr�r?rAr@rr"r#r#r$r��
s








��zcmd_drs_kcc.run�NNNN�r�r�r�r�r�r�r�r�r�r�r�r�r#r#r#r$r�|
�


�
�r�c@s�eZ
dZd
ZdZejejejd�Z	gd�
Z
edddd�ed	d
dd�edddd�ed
ddd�edddd�edddd�edddd�edddd�gZ			ddd�
Z
			ddd�
ZdS)�cmd_drs_replicatez+Replicate a naming context between two DCs.z/%prog <destinationDC> <sourceDC> <NC> [options]r>)�DEST_DC�	SOURCE_DC�NCz	--add-refz&use ADD_REF to add to repsTo on sourcerNrOz
--sync-forcedz,use SYNC_FORCED to force inbound replicationz
--sync-allz&use SYNC_ALL to replicate from all DCsz--full-synczresync all objectsz--localzIpull changes directly into the local database (destination DC is ignored)z--local-onlinez_pull changes into the local database (destination DC is ignored) as a normal online replicationz
--async-opz use ASYNC_OP for the replicationz--single-objectz\Replicate only the object specified, instead of the whole Naming Context (only with --local)Fc
Cs�
|
|_t
|�

tt�d
|j|jdd�|_td|jt�|j|jd�|_|jjdt	j
dg
d�}|ddd|_|jj|jt	j
d	g
d�}t�
|j�d	|dd	d��
|_t�
|j���
}t�
|j���
}|j}	tj}
|rqtj}
d
}|j��
t�d|j|j|j|j|�}|j��}z|j|||	|||
|d�\}
}Wnty�
}
ztd
||��
d
}~w
w|j��
|r�|�d|
||
|jjf�

d
S|�d|
||
|jjf�

d
S)z+replicate from a source DC to the local SAMNr
)r(r'r)r�flagsr%r&ru�
dsServiceNamerZr�Tzncacn_ip_tcp:%s[seal])�rodc�	full_sync�exop�sync_forcedzError replicating DN %szMFull Replication of all %d objects and %d links from %s to %s was successful.zPIncremental replication of %d objects and %d links from %s to %s was successful.)rrr
rrr�local_samdbr*rhrirjr7r�GUIDr��	ntds_guid�get_invocation_idr�DRSUAPI_EXOP_NONE�DRSUAPI_EXOP_REPL_OBJ�transaction_startr�
drs_Replicate�am_rodc�	replicaterr�transaction_commitrvr')rnr�r�r��
single_objectr��res�source_dsa_invocation_id�dest_dsa_invocation_id�destination_dsa_guidr��replr��num_objects�	num_linksr"r#r#r$�drs_local_replicate�
sz


�


�
�
�

��








�








�
��


�
�
�
�z%cmd_drs_replicate.drs_local_replicateNc
Cs�
|
|_|�
�|_|
j|jd
d�|_|r|j|||||d�
dS|	r.tjd|jd�}t��}n
t	|�

|j}|j
}|
s=d|_t|�

|j
j|j
��dt�|�
t�|�
fgd�}t|�
d	krctd
|�
�
|d	d}|j
j|tjdd
dgd�}t|�
d	kr�td|�
�
|d	d
d	}tt|dd	��
}d	}|tj@s�|tjO}|r�|tjO}|r�|tjO}|r�|tjO}|r�|tjO}|
r�|tjO}zt� |||||�
Wntj!y�
}
ztd|��
d}~w
w|
r�|�"d||
f�

dS|�"d||
f�

dS)NTr�)r�r
r�z
irpc:dreplsrv)
�lp_ctxi,
z6(&(objectCategory=server)(|(name=%s)(dNSHostName=%s))))r[r�r]r
zFailed to find source DC %s�dnz5(|(objectCategory=nTDSDSA)(objectCategory=nTDSDSARO))r�r�)r[r\r�r]z Failed to find source NTDS DN %szDsReplicaSync failedz$Replicate from %s to %s was started.z'Replicate from %s to %s was successful.)#rr�rr�rr
rr�
policy_handlerr�request_timeoutr+r*rh�get_config_basednri�
binary_encode�lenr�SCOPE_ONELEVELr�r	r
�$DS_NTDSDSA_OPT_DISABLE_OUTBOUND_REPL�DRSUAPI_DRS_WRIT_REP�DRSUAPI_DRS_ADD_REF�DRSUAPI_DRS_SYNC_FORCED�DRSUAPI_DRS_SYNC_ALL�DRSUAPI_DRS_FULL_SYNC_NOW�DRSUAPI_DRS_ASYNC_OPr�sendDsReplicaSync�drsExceptionrv)rnr�r�r��add_refr��sync_allr��local�local_online�async_opr
r?rAr@�server_bind�server_bind_handle�msg�	server_dn�source_dsa_guid�dsa_options�req_options�estrr#r#r$r��
st





�







��



�

























��
zcmd_drs_replicate.run)FFF)FFFFFFFFNNN)r�r�r�r�r�r�r�r�r�r�r�rr�r
r�r#r#r#r$r��
s2


�






�


�G

�r�c@r�)	�cmd_drs_bindz"Show DRS capabilities of a server.r=r>rQNcCs�
|��|_
|
durt�|j
�
}
|
|_|j|j
d
d�|_t|�

t�	�}d|_
t��|_|j�
t�tj�
|�\}}gd�
}gd�
}	|�d|
�

|�d�

|D]\}
}tt|
d�}|jj|@rad	}
nd
}
|�d|
|
|f�

qNt|jtj�r�|�d�

|	D]\}
}tt|
d�}|jj|@r�d	}
nd
}
|�d|
|
|f�

q||�d
|jj�

|�d|jj�

t|jtj�r�|�d|jj�

dSdS)NTr��)")� DRSUAPI_SUPPORTED_EXTENSION_BASE�DRS_EXT_BASE)�-DRSUAPI_SUPPORTED_EXTENSION_ASYNC_REPLICATION�DRS_EXT_ASYNCREPL)�%DRSUAPI_SUPPORTED_EXTENSION_REMOVEAPI�DRS_EXT_REMOVEAPI)�&DRSUAPI_SUPPORTED_EXTENSION_MOVEREQ_V2�DRS_EXT_MOVEREQ_V2)�+DRSUAPI_SUPPORTED_EXTENSION_GETCHG_COMPRESS�DRS_EXT_GETCHG_DEFLATE)�%DRSUAPI_SUPPORTED_EXTENSION_DCINFO_V1�DRS_EXT_DCINFO_V1)�4DRSUAPI_SUPPORTED_EXTENSION_RESTORE_USN_OPTIMIZATION� DRS_EXT_RESTORE_USN_OPTIMIZATION)�$DRSUAPI_SUPPORTED_EXTENSION_ADDENTRY�DRS_EXT_ADDENTRY)�'DRSUAPI_SUPPORTED_EXTENSION_KCC_EXECUTE�DRS_EXT_KCC_EXECUTE)�'DRSUAPI_SUPPORTED_EXTENSION_ADDENTRY_V2�DRS_EXT_ADDENTRY_V2)�4DRSUAPI_SUPPORTED_EXTENSION_LINKED_VALUE_REPLICATION� DRS_EXT_LINKED_VALUE_REPLICATION)�%DRSUAPI_SUPPORTED_EXTENSION_DCINFO_V2�DRS_EXT_DCINFO_V2)�8DRSUAPI_SUPPORTED_EXTENSION_INSTANCE_TYPE_NOT_REQ_ON_MOD�$DRS_EXT_INSTANCE_TYPE_NOT_REQ_ON_MOD)�'DRSUAPI_SUPPORTED_EXTENSION_CRYPTO_BIND�DRS_EXT_CRYPTO_BIND)�)DRSUAPI_SUPPORTED_EXTENSION_GET_REPL_INFO�DRS_EXT_GET_REPL_INFO)�-DRSUAPI_SUPPORTED_EXTENSION_STRONG_ENCRYPTION�DRS_EXT_STRONG_ENCRYPTION)�&DRSUAPI_SUPPORTED_EXTENSION_DCINFO_V01�DRS_EXT_DCINFO_VFFFFFFFF)�1DRSUAPI_SUPPORTED_EXTENSION_TRANSITIVE_MEMBERSHIP�DRS_EXT_TRANSITIVE_MEMBERSHIP)�+DRSUAPI_SUPPORTED_EXTENSION_ADD_SID_HISTORY�DRS_EXT_ADD_SID_HISTORY)�&DRSUAPI_SUPPORTED_EXTENSION_POST_BETA3�DRS_EXT_POST_BETA3)�(DRSUAPI_SUPPORTED_EXTENSION_GETCHGREQ_V5�DRS_EXT_GETCHGREQ_V5)�,DRSUAPI_SUPPORTED_EXTENSION_GET_MEMBERSHIPS2�DRS_EXT_GETMEMBERSHIPS2)�(DRSUAPI_SUPPORTED_EXTENSION_GETCHGREQ_V6�DRS_EXT_GETCHGREQ_V6)�)DRSUAPI_SUPPORTED_EXTENSION_NONDOMAIN_NCS�DRS_EXT_NONDOMAIN_NCS)�(DRSUAPI_SUPPORTED_EXTENSION_GETCHGREQ_V8�DRS_EXT_GETCHGREQ_V8)�*DRSUAPI_SUPPORTED_EXTENSION_GETCHGREPLY_V5�DRS_EXT_GETCHGREPLY_V5)�*DRSUAPI_SUPPORTED_EXTENSION_GETCHGREPLY_V6�DRS_EXT_GETCHGREPLY_V6)�,DRSUAPI_SUPPORTED_EXTENSION_ADDENTRYREPLY_V3�DRS_EXT_WHISTLER_BETA3)�*DRSUAPI_SUPPORTED_EXTENSION_GETCHGREPLY_V7rd
)�)DRSUAPI_SUPPORTED_EXTENSION_VERIFY_OBJECTrd
)�+DRSUAPI_SUPPORTED_EXTENSION_XPRESS_COMPRESS�DRS_EXT_W2K3_DEFLATE)�)DRSUAPI_SUPPORTED_EXTENSION_GETCHGREQ_V10�DRS_EXT_GETCHGREQ_V10)�*DRSUAPI_SUPPORTED_EXTENSION_RESERVED_PART2�*DRS_EXT_RESERVED_FOR_WIN2K_OR_DOTNET_PART2)�*DRSUAPI_SUPPORTED_EXTENSION_RESERVED_PART3�*DRS_EXT_RESERVED_FOR_WIN2K_OR_DOTNET_PART3))� DRSUAPI_SUPPORTED_EXTENSION_ADAM�DRS_EXT_ADAM)�$DRSUAPI_SUPPORTED_EXTENSION_LH_BETA2�DRS_EXT_LH_BETA2)�'DRSUAPI_SUPPORTED_EXTENSION_RECYCLE_BIN�DRS_EXT_RECYCLE_BINzBind to %s succeeded.zExtensions supported:r
�YeszNo z  %-60s: %s (%s)z
Extended Extensions supported:z
Site GUID: %szRepl epoch: %uzForest GUID: %s)r�rrr�rr�rrr�
DsBindInfoCtr�length�DsBindInfo28r��DsBindrr��DRSUAPI_DS_BIND_GUIDrvr��supported_extensions�
isinstance�DsBindInfo48�supported_extensions_ext�	site_guid�
repl_epoch�config_dn_guid)rnr�r?rAr@�	bind_infor��handle�optmap�
optmap_ext�optr`�optval�yesnor#r#r$r�PsB








%
















�zcmd_drs_bind.runr�r�r#r#r#r$r+
Cr�r+
c@sZeZ
dZd
ZdZejejejd�Z	dg
Z
eddddd	�g
Zd
ddd
d�Z
		ddd�
ZdS)�cmd_drs_optionszJQuery or change 'options' for NTDS Settings object of a Domain Controller.r=r>rQz--dsa-optionzDSA option to enable/disabler`za{+|-}IS_GC | {+|-}DISABLE_INBOUND_REPL | {+|-}DISABLE_OUTBOUND_REPL | {+|-}DISABLE_NTDSCONN_XLATE)rF�type�metavarrr1r2�)�IS_GC�DISABLE_INBOUND_REPL�DISABLE_OUTBOUND_REPL�DISABLE_NTDSCONN_XLATENcs�
|���
_
|
durt��
j
�
}
|
�
_|j�
j
d
d��
_t�
�

�
j�	�}�
jj
|tjdg
d�}t
|ddd�
���
fdd��
jD�
}�
�dd	�|�
�

|r�|dd
�dv
r^td|�
�
|d
d�}	|	�
j��v
rqtd|�
�
|dd
�d
kr���
j|	O�n��
j|	M�t��}
t��
j|�|
_t�t��
tjd�|
d<�
j�|
�

��
fdd��
jD�
}�
�dd	�|�
�

dSdS)NTr�r�rZr
c
�g|]}
�
j|
�@r|
�qSr#�
�
option_map�rx�
x��dsa_optsrnr#r$rz��z'cmd_drs_options.run.<locals>.<listcomp>zCurrent DSA options: z, r)�
+�
-zUnknown option %sr�
c
r�
r#r�
r�
r�
r#r$rz�r�
zNew DSA options: )r�rrr�rr�rr+r*r�rhrirjr�r�
rv�joinr�keys�Message�Dnr
�MessageElementr`�FLAG_MOD_REPLACE�modify)rnr��
dsa_optionr?rAr@r7r
�cur_opts�flag�
mr#r�
r$r��s6



















�zcmd_drs_options.run)NNNNN)r�r�r�r�r�r�r�r�r�r�r�rr�r�
r�r#r#r#r$r�
�s(


�
��


�
�r�
c@s�eZ
dZd
ZdZejejejd�Z	e
dded�e
dded�e
d	d
ddd
�e
dddd
�e
dddddgde�d�e
ddddd�gZ
dg
Z				d!dd �
ZdS)"�cmd_drs_clone_dc_databasez9Replicate an initial clone of domain, but DO NOT JOIN it.z%prog <dnsdomain> [options]r>z--serverz
DC to join)rFr�
z--targetdirz#where to store provision (required)z-qz--quietzBe quietrNrOz--include-secretszAlso replicate secret valuesz--backend-store�choice�BACKENDSTORE�tdb�mdbz7Specify the database backend to be used (default is %s))r�
r�
�choicesrFz--backend-store-size�bytes�SIZEzeSpecify the size of the backend database, currentlyonly supported by lmdb backends (default is 8 Gb).)r�
r�
rF�domainNFcCsP|��}|�
|�
}
|j||d
�}|durtd�
�
t|||
||
d||	|
|d�

dS)N)r��quietz$--targetdir option must be specified�SAMBA_INTERNAL)
�loggerrrrr�
�dns_backend�	targetdir�include_secrets�
backend_store�backend_store_size)r�r��
get_loggerrr)rnr�
r?rAr@rr�
r�
r�r�
r�
r�
rrr�
r#r#r$r��s








�zcmd_drs_clone_dc_database.run)
NNNNNFFFNN)r�r�r�r�r�r�r�r�r�r�rr`rr�r�r�r#r#r#r$r�
�s6


�






��
��


�r�
c
@s�eZ
dZd
ZdZejejejd�Z	e
dddddd	�e
d
ddd
�e
dddd�e
dddd�e
dddd�e
dddd�gZdd�Zdd�Z
				d dd�
ZdS)!�cmd_drs_uptodatenesszShow uptodateness statusz%prog [options]r>z-Hz--URL�URL�
Hz%LDB URL for database or target server)r�
rGrFz-pz--partitionzrestrict to this partition)
rFrBrNzPrint data in json format)rHrFz	--maximumz#Print maximum out-of-date-ness onlyz--medianz"Print median out-of-date-ness onlyz--fullz Print full out-of-date-ness datacCstj
|
d
d�S)Nr1r�)rE�dumps)rn�partitions_summariesr#r#r$�format_as_json+s
z#cmd_drs_uptodateness.format_as_jsoncCsNg}|
��D]\}}d
d�|��D�
}d|d�
|�
f}|�|�

qd�
|�
S)Nc
Ssg|]
\}
}d|
|f�qS)
z%s: %sr#)rx�
k�
vr#r#r$rz1sz7cmd_drs_uptodateness.format_as_text.<locals>.<listcomp>z%-15s %sz  �

)�itemsr�
r�)rnr�
�lines�	part_namerJr�
�liner#r#r$�format_as_text.s






z#cmd_drs_uptodateness.format_as_textNFcCs
|��}|j
|d
d�}
t|
||
�\}}|j}t|�
\}}|r1||vr+||}||i
}ntd|�
�
g}|r:|�d�

|rA|�d�

i}i}|��D]\}}t|||||
�}t	||�}t
||d�}|||<|||<qI|rq|�|�
}n
|ry|�|�
}n|�|�
}t
||jd�
dS)NTr�zunknown partition %s�maximum�median)
�filters)
�file)r�r�rr*rrr�r�
rrrr�
r�
�printr�)rnr�
r�rEr�
r�
�fullr?rAr@r�
r�rr�	local_kcc�dsasr*�short_partitionsrs�part_dnr�
�partitions_distancesr�
r�
�
utdv_edges�	distancesrJ�outputr#r#r$r�6s:
























zcmd_drs_uptodateness.run)NNFFFFNNNFF)r�r�r�r�r�r�r�r�r�r�rr�r�
r�
r�r#r#r#r$r�
sB


�

�
�
�
�
�
��


�r�
c@sZeZ
dZd
ZiZe�ed<e�ed<e�ed<e�ed<e	�ed<e
�ed<e�ed<d	S)
�cmd_drsz0Directory Replication Services (DRS) management.�bind�kccr
�showreplr�zclone-dc-database�uptodatenessN)r�r�r�r��subcommandsr+
r�r�r<r�
r�
r�
r#r#r#r$r�
cs













r�
)3�samba.getopt�getoptr�ri�loggingrurrE�
samba.authr�samba.netcmdrrrr�samba.netcmd.commonr	�samba.samdbr
�sambarrr
�samba.dcerpcrr�
samba.joinrr�samba.uptodatenessrrrrr�samba.commonrrrr+r/r:r�r<r�r�r+
r�
r�
r�
r�
r#r#r#r$�<module>
s@












#!'a?.R