summaryrefslogtreecommitdiffstats
path: root/source4/scripting/devel/demodirsync.py
blob: 41dac6ff5172e4a3c8460eed2bc08e4257426a1d (plain) 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156

#!/usr/bin/python


import optparse
import sys
import base64

sys.path.insert(0, "bin/python")

import samba.getopt as options
from samba.dcerpc import drsblobs, misc
from samba.ndr import ndr_pack, ndr_unpack
from samba import Ldb

parser = optparse.OptionParser("get-descriptor [options]")
sambaopts = options.SambaOptions(parser)
credopts = options.CredentialsOptions(parser)
parser.add_option_group(credopts)

parser.add_option("-b", type="string", metavar="BASE",
                  help="set base DN for the search")
parser.add_option("--host", type="string", metavar="HOST",
                  help="Ip of the host")

lp = sambaopts.get_loadparm()
creds = credopts.get_credentials(lp)

opts = parser.parse_args()[0]

def printdirsync(ctl):
        arr = ctl.split(':')
        if arr[0] == 'dirsync':
            print "Need to continue: %s" % arr[1]
            cookie = ndr_unpack(drsblobs.ldapControlDirSyncCookie, base64.b64decode(arr[3]))
            print "DC's NTDS guid: %s " % cookie.blob.guid1
            print "highest usn %s" % cookie.blob.highwatermark.highest_usn
            print "tmp higest usn %s" % cookie.blob.highwatermark.tmp_highest_usn
            print "reserved usn %s" % cookie.blob.highwatermark.reserved_usn
            if cookie.blob.extra_length >0:
                print "highest usn in extra %s" % cookie.blob.extra.ctr.cursors[0].highest_usn
        return cookie

remote_ldb= Ldb("ldap://" + opts.host + ":389", credentials=creds, lp=lp)
tab = []
if opts.b:
    base = opts.b
else:
    base = None

guid = None
(msgs, ctrls) = remote_ldb.search(expression="(samaccountname=administrator)", base=base, attrs=["objectClass"], controls=["dirsync:1:1:50"])
if (len(ctrls)):
    for ctl in ctrls:
        arr = ctl.split(':')
        if arr[0] == 'dirsync':
            cookie = ndr_unpack(drsblobs.ldapControlDirSyncCookie, base64.b64decode(arr[3]))
            guid = cookie.blob.guid1
            pass
if not guid:
    print "No dirsync control ... strange"
    sys.exit(1)

print ""
print "Getting first guest without any cookie"
(msgs, ctrls) = remote_ldb.searchex(expression="(samaccountname=guest)", base=base, attrs=["objectClass"], controls=["dirsync:1:1:50"])
cookie = None
if (len(ctrls)):
    for ctl in ctrls:
        cookie = printdirsync(ctl)
    print "Returned %d entries" % len(msgs)

savedcookie = cookie

print ""
print "Getting allusers with cookie"
controls=["dirsync:1:1:50:%s" % base64.b64encode(ndr_pack(cookie))]
(msgs, ctrls) = remote_ldb.searchex(expression="(samaccountname=*)", base=base, attrs=["objectClass"], controls=controls)
if (len(ctrls)):
    for ctl in ctrls:
        cookie = printdirsync(ctl)
    print "Returned %d entries" % len(msgs)

cookie = savedcookie
cookie.blob.guid1 = misc.GUID("128a99bf-e2df-4832-ac0a-1fb625e530db")
if cookie.blob.extra_length > 0:
    cookie.blob.extra.ctr.cursors[0].source_dsa_invocation_id = misc.GUID("128a99bf-e2df-4832-ac0a-1fb625e530db")

print ""
print "Getting all the entries"
controls=["dirsync:1:1:50:%s" % base64.b64encode(ndr_pack(cookie))]
(msgs, ctrls) = remote_ldb.searchex(expression="(objectclass=*)", base=base, controls=controls)
cont = 0
if (len(ctrls)):
    for ctl in ctrls:
        cookie = printdirsync(ctl)
    if cookie != None:
        cont = (ctl.split(':'))[1]
    print "Returned %d entries" % len(msgs)

usn = cookie.blob.highwatermark.tmp_highest_usn
if cookie.blob.extra_length > 0:
    bigusn = cookie.blob.extra.ctr.cursors[0].highest_usn
else:
    bigusn  = usn + 1000
while (cont == "1"):
    print ""
    controls=["dirsync:1:1:50:%s" % base64.b64encode(ndr_pack(cookie))]
    (msgs, ctrls) = remote_ldb.searchex(expression="(objectclass=*)", base=base, controls=controls)
    if (len(ctrls)):
        for ctl in ctrls:
            cookie = printdirsync(ctl)
        if cookie != None:
            cont = (ctl.split(':'))[1]
        print "Returned %d entries" % len(msgs)

print ""
print "Getting with cookie but usn changed to %d we should use the one in extra" % (bigusn - 1)
cookie.blob.highwatermark.highest_usn = 0
cookie.blob.highwatermark.tmp_highest_usn = usn - 2
if cookie.blob.extra_length > 0:
    print "here"
    cookie.blob.extra.ctr.cursors[0].highest_usn = bigusn - 1
controls=["dirsync:1:1:50:%s" % base64.b64encode(ndr_pack(cookie))]
(msgs, ctrls) = remote_ldb.searchex(expression="(objectclass=*)", base=base, controls=controls)
if (len(ctrls)):
    for ctl in ctrls:
        cookie = printdirsync(ctl)
    print "Returned %d entries" % len(msgs)

print ""
print "Getting with cookie but usn %d changed and extra/cursor GUID too" % (usn - 2)
print " so that it's (tmp)highest_usn that drives the limit"
cookie.blob.highwatermark.highest_usn = 0
cookie.blob.highwatermark.tmp_highest_usn = usn - 2
if cookie.blob.extra_length > 0:
    cookie.blob.extra.ctr.cursors[0].source_dsa_invocation_id = misc.GUID("128a99bf-e2df-4832-ac0a-1fb625e530db")
    cookie.blob.extra.ctr.cursors[0].highest_usn = bigusn - 1
controls=["dirsync:1:1:50:%s" % base64.b64encode(ndr_pack(cookie))]
(msgs, ctrls) = remote_ldb.searchex(expression="(objectclass=*)", base=base, controls=controls)
if (len(ctrls)):
    for ctl in ctrls:
        cookie = printdirsync(ctl)
    print "Returned %d entries" % len(msgs)

print ""
print "Getting with cookie but usn changed to %d" % (usn - 2)
cookie.blob.highwatermark.highest_usn = 0
cookie.blob.highwatermark.tmp_highest_usn = (usn - 2)
if cookie.blob.extra_length > 0:
    cookie.blob.extra.ctr.cursors[0].highest_usn = (usn - 2)
controls=["dirsync:1:1:50:%s" % base64.b64encode(ndr_pack(cookie))]
(msgs, ctrls) = remote_ldb.searchex(expression="(objectclass=*)", base=base, controls=controls)
if (len(ctrls)):
    for ctl in ctrls:
        cookie = printdirsync(ctl)
    print "Returned %d entries" % len(msgs)
generated by cgit (git 2.34.1) at 2025-09-13 11:29:41 +0000
#/4ʬl;  FQ^]ֻHѩc.V xUɯTh7UϤ4nZy xI`=֪y0h:?}>|& u$ fBOv)2'4d9N%)P [rb.;K;BBԢpݕ&,ݖ sՌNX!%~fP,ҚqoD9A%x=&9\v;~ilP&;[ d5x =8py+ "_G ITFIDo!) Ob+$|f Eq ݌7x[Dٴs 8O8xgiB)X5S5E܀BtX8֒N}nufV(:)2"5;]&j;8 e˵[[Z2QReUri\QLƩNsfP)R)5X ¶i!eeb}D0u;&KY],uhX0۵{-ineλ@Wal8J'S}U;ˠwh*lV_y#sT׈lr;kyņG1(o{ DmPjlWVІS7}dL < ڃ0d@U2Ců\qȏ])G}mKL#YH,QHF{~7XdGM=Q0B.C2mT@v*.#)YJ! xZh;4ͯPDaRfL[JW\d#*$py@ Q*ckf38g{ $]x}uƍ)3h}:wcVYa`ziv"|X&0)/I^m`g5u_yuG2_j̊}= $vwk#?Izmhkܣ.ӌ2icɌVLGy+$B_2ӃxUB8UfgWbkmf BkD8ER nfpo ]vBӥ:6%Okx=O`Gjgo w @*&f.O58}e϶fdd$Tn'ړԽ5CLf|qœ )zP]`n*X=B[V@wQ8t$N*#3Q}2,)^UCZ}HXJvjv طk"ó"(< ,%sڽtBQEAIZ ?Zt.|#Q ^zOe@ėÄ M=Pk~ 43{G?:Az.K5nl,EݚI< L0PhBȂRN]tlڟ+yy}Wd x QU!\7s8.ЄLQ=٫p}v?K4MP ̣,Bcw܁G}V)ujPHzڰv@.$CGnę-ǎ%c;s&jcS2XIO0J |-S Dt]` xl)C0ʍFV e,KX[#?EAg;f-?i~SӴ@7ܧъWO=5E` 2Ho^ S@)DdO$ιHM/q5 SBD(͔QR֤EocйT٤Rg;ƣG/a#/s|Dˆ6̹3},x3xߒA{79D ^ᔄJg8s\VI{#&n͒e{SG揆DuYr%9z@;{ +PywɈ5:gCxr<?{蠍.D% % 5^J('Ąh @S!*9P08֖(m-njEx H?`/܌TKS8gn gfH b*rG<Ghc2v3XiQɑ'#0T^2)QgNL?VV(;niS>0CM_WYONIx3:1y]nQti6Ea|/{Ru;[Af=6ւ?N?^-H4 zu@X{ɶ/]Jt!tRDe.@8dxWMa/XMs2Fhfe{; +sj6xw1 ?٫?z:Q+}<vEE[-j{bX* ?&XGeL z|wMjՂ.Գf*[?e55z'Nnvdiq47Kjj=e?j_A+46 S;0!Ճ"iwIjl %`B 6u;Lf90-K3.- jA3oO8\)R;mK0x<d R"=ĦrT #bӕ>T#oe8`- lL(_Qn]ЃJD kP}oHj٩:)mw5èl f$A}Gw2 C_J~#y؎Kx$Ϊ]ʭ7%͸63iokJ@*%8Έk=ivXg~QރsIEǶ!Bޑ$S^\$Btdf%E3[Ai>%`GC o[9CL `c:/Q{hA]oB毦 9*Zfxϛڇٗ-o`jz=q&q! 2 I;qMgUK=Q1 l@|i>@yBr !Ǹ @Ha+~=jNjO}(YD` 2j: zqwtQA,; ŌwjbrQNJBmK3Φg8aDb{9Nߏ?W7CGK(Is-ء&1sR;D=x=D)l1b$EL]@w*2[珗-!RB_\zIGE1~{!h3UbG)$p{]H.Fm`+_E]R*y"\$1:. Z0䈟7~:n'dJ_/IBD*us5qJ3%-lra{Be{`Es^ۉ@o#$7ũ56 =ڪd+jPm(~z] Q贑l=i+I(OMN,G"ޛVLvNSO' uobQ6QY73Ro*R7؍Bv32n,SZUʱ%،ךcO"FґR-x_/˅3Ϳx+l۽H{4_TusYqE"uҫ(1444O猂*A(}>'-(Ԉ`Z9PdijzyҲ=.O`:Td.;@[Qh*^~i lamEŊ^b_ލ,b`uj5dImdDZ8_ZTF0߼dz~kIV59ct !q\ɿòzt9ά?l]N!'c$bٮ2@ #{*:O\*z8Yڨ`i_!:s.WQ(%g98@JK%׭!<j:2/K|B |0JF%&#KΎ+2f[{`(ۨb?(.sY?@V7NУ06v,dfxh㛉Ǟw!4=Lo ;^a{4 )!S'3vOog< w`lVUyb G{,eyfJYxJL0R@H/R`<5AB3zWs#ꉚL~6ml/x7~!yD\o6r<"%!24g7)D( fa'[fBl$2Kgˢx-U3S[w^=Η<'iIҍ!7b7S(|<̩9BpBH~C*?!̜ȢNc1<$1 _F%V+Hp3a]K|Xto5ME8ih$RO0V^)w(Nv ^I[q0iQIUHai\{y MJ~$}{˅j@u]]uߠ(ji!w@<ȓn.JJ⻵jh=yvTFƪJG"_)h?͑V1>c9f_ n[&)Z{;)uU 5+g^Nu*yF9rAR]1ٱ~Eg C:&P / ;0:AޞYT$=t#S3\4|~=) x#G+( :@اow _p}" g7X Rr]HR8`TģXɏ[`Ū@21ӮG@VO$_]€G_BՂGp/ Tm)& ARklNe G՞^dA%3U i!RzWĞ\muYp[u{4+Ti1=LϿKGJm3,'_ 7mFlL>[Ɣ?O~cÒzNGcuC .t!ކBı&N!jI-kShnհ gVc 4pʡ^Q7 R{ϝcAj¢[!)8e_iZhtn6&lKp"SԬ(2яy[õ 3T hׯWL,| lNJR-!(R\y9vj$L<Fd [z9Kv<]Ro[8R ߬I=b]{-hAULFT}4~/36zUhIOAѢy+lqܦ0b[G"Np4u4vj|e0Hᅳ{Q`XXfN'7E|s aae3d$dktᣯr0kX%?$Z+чgM`q k@`]Հ)~ר*cϭ2'sKHm7;Ɩ1@,1]p¾ђa{T"W "?PaB#2YdRcBmr:u@JqKz^0-|jq97 Z1{ ~ѣ$Y3"o&0cG^7ұeR !u#nVW; 3oy!*=(ϨC&_q= vsD7qٓKY*Q@̙ nӻ㶶r`3ews&g8 'jq&c~\P>MZLh`R1U9m DZJ4'p}^.cE{#|hժT(V |-@M<@b^8z{#[>ImAȐ˼dH7 rex;-7rօ֢fV j-= tnWEєR8rf H(9^SQMc7YkDݓ)Kgr֎$2k|G #:"j]bFN7$B拵0 BHX.bMu,Q谕mg3/`Bc^+P֬$7k8@r!m!ᒜ%}ỺRLmА4[pPܑVڊJTNŒ}8#J؋\&> pV%Bpw Gtأy[wѡ S{,Q"8~%߆]_<+odz5#qЂ ̏HbNN&\5"tcD+;nɲHV~7W@634F"4'bpR%M!k-7~KZ!CHxIWq#<D3WrH"Å_"-U˱&.vBo=s3G!؉L=鑺71(čxmM`zc)54# r/}?PXӏȯn.M#R! mfUtMlld6e4sp7ʤ#RʡWNE]ިš*T.}?ۊ \dz)BBP8m.}wBא2 p-&o]9w`j#WooybJFS 2B 3Z>GW AJ<?Թp cho}D\v ۡe?"}[Pko|3Y{/o79I-&R@13gq)<!Ǻ.0#(ni ^o:"Tg Fk=.v}#_8\c$1,C XyiM|bBV+?l>%ZN0yзeДS5V,S3y> ۅ4:j^$1:xV5E #V.xS3jNiFkZ]{GQU:*vfer5΍bVIpk#K^᧦S" Cdb:Wu`;q0Jm:I.ۗ u)zNP ;ZJwS r҆SfF(sz1o=r9|U鵹G2q ;Sify|Da?ڌ֑KBmVVv,=#ݦ\ A&D]<>+R?;ڂv"–b~g#$X*;8np99jH_YEϱs_*|(DsM 됑%ΜSQnTE6+2VM4 ]95dbZ/ TW6 #R(^"b 6;ZϽuؚ7Ys@VƻWAr/v:6Nh3S3<d{H=eFւ5 *f> v7=Hֶd *NwH@lΦNs ^2˦VBF|l'Gm8{#i<ؘN KƪRj,>6O7mD.*D+|+_GGk^OH#Jx'{m3*)N0{r;nBVα r!i1*[i~cJpoe,씝_iɖfM~P1_"X_ŽYR'Y /1kds@ CPqB8zD2&{Pey[cVyuɨC8nP+9=Ԁ#D5:op5Z =y& O/ ~l;s  HiKe8ey []PqHSWd݋=Jܶg`Nɖh x 6<(c/E`$чDj +᳐}.6ފ[O?$xvcIe {&|Ù3lޮ+js0&18m/GZD %7E JeehoC;%1gOȊ1bS-A //ZoTowߋɄR〃^/s7B6wҎNG |dLsh]3(8GeQg4|йpߢcTbE0 )6a9ym0V譬J8̂2kEd?J6_Z?ٰELp*ǁ xe[6°zWi995R5GP뒄qQF$]v ܩȁ>N3~'?]KPXR8#!}؈K[Xc!|`Fh{[)9oا[eRjjRWNa\}oť(@HTX$q;s?aimAި,D|T%|T ԋo}2` QO_{D>UAB榦Wpk;tGY V브]DX.7YqِS:O~I0yAa{V'/Bt82b-!pwMkǕi]T&z`*R$/ i>`tXS;]^<]v ݌@2b緂] Ng('a W}~+` ZQNJ(p*.M\3Z~߉W"}G`= 5BZMxD@~Ǹ."6uzޏ U?rjQ9T Z^Hۭש+NI,ߺB߁ b>u 74#:jEqaD9NlGF6cR$>b$5/2Rc$c_9v}Ґk8OZ=S2\d`x$3I yFCgIfr e.1)3dϟUb*ll9)a^hG7` K& , *y"75µ@#PvXeo &gN?~s~Yڻ/=̉& ]@&rwǢy[ɺH_QnQTg#ѵDU L CbbLJ@Bc"Fĵ PA3_n2`h7{ӫcuK-gJbGw(\1,Z/w%!gCjtSG `XsJog~`*16R8<# }[yEyQpHL\k;L!_lC=KQ*^L3R*Rx[ĚiJݯvFLkU0I]~{FND{‰(ٳa3 <=zF҈]ѦH;BO9l=IR1 ژz 7C5F3aBYSgӿJoF]c~߸^G|hua~p[U ǓSQݓݻMd{%Aaj=vKT@ vdyƼ]-]k$.GK~-l[2;tA1I'w>;3ig|<k䵰U5½p'Hf/B?w! a|8MDR!`QL wVR1q&cy3u]h??Ȩf/Q(lep- 4nυ(œTڟuɓsxd<.[C$R(eAH0r2ܦY7hwcO85YvdD?U0g͂ʃȤǐdܹ/b"y7%*[" )zqy ?w+{bXKC$~1!݈V ^:>Ƅ\m Ty,lȣLaljifL^@ЎU"W܁^k{y5Vy-ގ[meML-mޯ8}4٧P/Rيr2K',QsGlikeazj Cod1 ~X_ƌϱM7Z` Ve!Ogmjڭmximc4,&IxvE.w$\{01Y}NFߢ'[JԿ,iq·Q`=)4A%  ߘA饯>X_>h+ lX)!qe K˩>JCs'x @~ Cd򹟱L^kmY@+iR}[ݨA%!y%K>ekcPgJeBD:F_swWMB">7‚jl@XdFܽ*B65A{Ӌ)Թ^j1b%&hJ@;J\dv<4#rͺbB/|Ain #m$^J*{%3uc~+jivE)QŘv|Uu*EVzC Bz^kg-\@Y2^TXܺă2T Lsx?ѵƶ/Ow}AnC4+)OPzuxl-@nCoʊCZ-UۮE%J*SĦQ ve_h.`ġTkK>x cOlf0W U"D΄{yl&Rld􋐫g LcZMIujfcgz[/PByV" r Z?ED bDl }8Y;rtXOs`񂬌c}ŒK|109S$7וxJ\Jk泊fA: ks_A@/14Qڊ rg"၇ Qn6n{R[|7llc|ci$hZ&(w$SExRS%OCl_frC I1JD5O-uT5wYha;-EmSNσM'^?5!uH؝Ҭj_shz>36VȘ@!n]+zuBەT<$vM#|& L-==G_K@%L$t7^ b'DKLSmkgi Qh2.;\ ;OEКdPzmMIr 7* ,r!%@9i-;>%p lU}=ˎ7Seح;'tRaMn ]Wtd6da>hDMQ:H? hn*gZ[YļPzabӏ_CnRYu%d5( @0EӼ<5s_ԋ@To Ƌz#鍋^-Ose:d]x1/dR`=/aWTt,&) a;`D(:PIoO:Y'sea|/Ug@%q 7@!TO9Q^˚`X9wKWDqP!>LEFO :.oY~E6SFfMa%PGC.vb$c5N6 S| eF3tAC sb#mLC)(4n*|_ !*~,lcm(fϬ::TXpU p/u΀p>r ѻe5gb#/\CqMOga 5͑ӎ[7L~"!`WV',&/`Fte-S(C%CwW!Ρ%%FA%)2X9/7tM<UKALAѯ]d#MC #od\Z4uQ#h6,MWkb[wؚ^m?:[fB5t$?HR6*[raMwnъzIN^h2\w޴{8Cpܔ~ iʰKkhH\ť"UC8^9ld9 $S/nj{i"PX_HDj}=D%ôͭ㯄zmi*`BJlrH SP LaOP4RAQ5wFl:)|t87]uD+VtY83֍Iɜ5go>ilvF qp2W4Y[84dö uMs%DU[hSԬ(cmm;ϵaภ9k̙;R+ΒV md<Cp߳o. ۗ^pU%ܠc=o#=rеc-3|kdo$`3SBrƘEW1졢W;g Ǡ' xTѫ=2OB4BȃC>.2Y,ts/ 52ol!yN׶m pnNH+Akv_.g} pFi}f]0oBDPI-x遵lR1+CqR|Bv{C"><,.e_W _p}N5%0"?w͈nKf."J|&wߜף#b85,C v|ZTu,d/vgԒsuɬ@Fhj)^kӛ1^K6Ӏr}]Q13Ac.@/d\P\eKЅI2F=-a3C^V9 3`\m΂$ ?湿xlû0ܔ1Jfȕ,լvD$PW0ޟ0r2@J~0.EUCiwWfn3/JJ⪝8.=.]fL]v:_P*%.W fؠQV]6%{}h֑u>+1IUXgӼ=~N8zr.S-*(5yQW`s[m,ReMͦNoH_oyf5I(!sR RSqJAK]Z8`lXHN% βAfMW:^[RvWoجHLV/Utpl/NЦ@z+c Dh,i^WrO6k*k6>cY4ࣂeVa_o5L&wI]bg 8s/Mr,LԞ:XYl@Dɴԫ8JB|5Ǔ*'*,GQ݁W׵%x)8>6~4.I'wNFws