g`SSKrSSKrSSKrSSKrSSKJr SSKJr SSKJ r SSK J r SSK J r JrJrJrJr SSKJrJrJr \R,"S5r"SS \5r"S S \5r"S S \5r"SS\5r"SS\5rg)N)Ldb) ndr_unpack)security) SCOPE_SUBTREESCOPE_ONELEVEL SCOPE_BASEERR_NO_SUCH_OBJECTLdbError)Command CommandErrorOptionz^([^;]+);range=(\d+)-(\d+|\*)$c \rSrSrSSSSSSSS\R \R S4 SjrSrS r S r S r S r S r SrSrSrSrSrg)LDAPBase+FsectionSUBTc/nUnSU;a/[RRU5(aSU-nOSU-nUR5R S5(aS/nXlXl[UUUUS9UlXl Xl X@l XPl X`l XplXlXlXlXl['URR)55Ul['URR-55Ul['URR155Ul['URR555UlUR95UlUR=5Ul[@RB"SSUR*5RES S 5Ul#URI5Ul%URM5 UR(aUR(dUR ROS UR"-5 UR ROS S UR*--5 UR ROS SUR:--5 UR ROS SUR>--5 UR ROS SURF--5 ggg)Nz://ztdb://%sz ldap://%szldap://zmodules:paged_searches)url credentialslpoptionsz [Dd][Cc]=r,.z * Place-holders for %s:  z${DOMAIN_DN} => %s z${DOMAIN_NETBIOS} => %s z${SERVER_NAME} => %s z${DOMAIN_NAME} => %s )(ospathisfilelower startswithoutferrfrldb search_base search_scope two_domainsquiet descriptor sort_acesviewverbosehostskip_missing_dnstrget_default_basednbase_dnget_root_basednroot_dnget_config_basedn config_dnget_schema_basedn schema_dn find_netbiosdomain_netbios find_servers server_namesresubreplace domain_namefind_domain_sid domain_sid get_sid_mapwrite)selfr,credsrtwor'r(r)r+r*basescoper!r"r- ldb_options samdb_urls 6/usr/lib/python3/dist-packages/samba/netcmd/ldapcmp.py__init__LDAPBase.__init__-sO   ww~~d##&- '$. ??  ' ' 2 234K  9#(*, ! $"   .4886689 4883356 TXX779:TXX779:"//1 --/66+r4<<@HHcR..0    DJJ IIOO9DIIE F IIOOG&A LL')) * IIOOG&A //'00 1 IIOOG&B --'.. / IIOOG&A ,,'-- .%/ cURRURS[S9n[ [ R USSS5$)Nz(objectClass=*))rF expressionrGr objectSid)r#searchr0rrrdom_sidrCress rJr?LDAPBase.find_domain_sidbsAhhoo4<<V_c^df3x!||),-AAdGAJ---sA"c:URRSUR-[S/S9n[ W5S:Xa [ S5eUH!nSU;dM USSR5s $ g![anUup4US;a [ XB5eSnANfSnAff=f)NzCN=Partitions,%s nETBIOSNamerFrGrX)z,Operation unavailable without authenticationrzCould not find netbios name)r#rQr4rr r rYdecode)rCrTeenumestrrZs rJr7LDAPBase.find_netbiosns ,((//'9DNN'J(5m_"NC s8q=<= =A!'*1133 ,JDGG"4++H ,s-A11 B;BBcSnURRU[S9n[ U5S:H$![a#nURupEU[ :XaSnAgeSnAff=f)N)rFrGF)r#rQrr argsr rY)rC object_dnrTe2rarbs rJ object_existsLDAPBase.object_exists~s^ ((//y /CC 3x1}  77LT))   s0 AAAAcURRU5 g![RanS[ U5;deSnAgSnAff=f)NzNo such object)r#deleterr r.)rCrgr`s rJ delete_forceLDAPBase.delete_forces= . HHOOI &|| .#s1v- -- .sA AA cX[RU5nUcU$URS5$)zTReturns the real attribute name It resolved ranged results e.g. member;range=0-1499 re)RE_RANGED_RESULTmatchgroup)rCkeyms rJget_attribute_nameLDAPBase.get_attribute_names,  " "3 ' 9JwwqzrMc[RU5nUcU$URS5n[URS55nSXVS-4-nURR U[ U/S9n[U5S:Xde[US5nUS Sn Sn UHCn[RU5nUcMURS5U:waM4Un [X5n O U cU$URU 5 U RS5S:XaU$[U RS 55US-:Xde[U RS55nGM) z[Returns list with all attribute values It resolved ranged results e.g. member;range=0-1499 Nrez %s;range=%d-*r^rdn*) rprqrrintr#rQrrYdictlistextend) rCrgrsvalsrtattrhinrTfmfvalss rJget_attribute_valuesLDAPBase.get_attribute_valuessS  " "3 ' 9Kwwqz _4a.0A((//y 1#/NCs8q= =s1v,CD BE$**3/9771:%SXz  KK xx{c!  rxx{#rAv- --RXXa[!BCrMc URRU[S/S9n[U5S:Xde[ US5nUS 0nUR 5H5upEUR U5n[U5nURXU5X6'M7 U$)z9Returns dict with all default visible attributes rzr^rerry) r#rQrrYr}itemsrusortedr)rCrgrT attributesrsrnames rJget_attributesLDAPBase.get_attributesshhoo9JseoL3x1}}3q6l I IC**3/D$> B  B )r0r4r(r>r8r@r"r,r#r!r'r2r6r$r%r:rr-r)r&r+r*N)__name__ __module__ __qualname____firstlineno__sysstdoutstderrrKr?r9r7rirmrurrrrA__static_attributes__rMrJrr+s`%EUTYbjjszz43.jD.4 . 2h$- rMrcb\rSrSr\R \R 4SjrSrSr Sr Sr Sr g) DescriptorcX0lX@lXlX lURR UR5UlUR 5UlURR(aURR5 ggN) r!r"conryrsddl extract_dacl dacl_listr)sort)rC connectionryr!r"s rJrKDescriptor.__init__sb  HH009 **, 88   NN   ! rMc:SUR;a1[R"SUR5RS5nO1[R"SUR5RS5n[R "SU5$![a /s$f=f)zGExtracts the DACL as a list of ACE string (with the brackets). zS:zD:(.*?)(\(.*?\))S:r{zD:(.*?)(\(.*\))z (\(.*?\)))rr;rQrrAttributeErrorfindallrSs rJrDescriptor.extract_dacls| tyy ii 5tyyAGGJii 2DII>DDQGzz,,, I sAB 0B BBcSU-n[R"SU5n[U5S:XaU$UH.nURRUnUR XE5nM0 U$![ a MAf=f)Nrz S-[-0-9]+r)r;rrYrrr=r)rCacerTsidssidrs rJfix_sidDescriptor.fix_sid swSjzz+s+ t9>JC xx'',kk#,   s*A$$ A21A2cfSn[UR5[UR5:waAUS- nUSS[UR5--- nUSS[UR5--- nSnSnSnSnSURU-nSURU-n[U5[U5-S:XaXB4$SURU5-nSURU5-nXx:waX'<SS U<S 3- nS nO X'<SS U<S 3- nUS - nM![a SnNf=f![a SnNf=f)Nr Difference in ACE count:  => %s rTrz>60z *  Fz | re)rYr IndexErrorr) rCotherrTiflagself_ace other_aceself_ace_fixedother_ace_fixeds rJdiff_1Descriptor.diff_1s[ t~~ #eoo"6 6 9 9C 7YT^^)<<< A  77$((--GG GC w}t++!)C ($**3/""3' )J' z?Q  77%))..HH HC!w}t++"T#k"234 88   4 4C"w}t++#R4J"$4c::C M O &  %% & '!!#&& 's0H .H%H* I *I  I  I-,I-)rrryr"r!rN) rrrrrrrrKrrrrrrrMrJrrs),/JJSZZ" - B+;rMrcz\rSrSr\R \R 4SjrSrSr Sr Sr Sr Sr S rS rS rg ) LDAPObjectihc~XPlX`lXlURRUlURRUlURR UlX0lURSURR5Ul URRSSURR-5Ul URRH'nURRSSU-5Ul M) URRUR5Ul /SQUlURUlU=RS/- slU(aU=RU- sl/Ul/Ul/Ul/Ul/UlUR(Ga/U=R/SQ- sl/SQUlUR Vs/sHowR+5PM snUl/S QUlUR"Vs/sHowR+5PM snUl/S QUlUR$Vs/sHowR+5PM snUl/S QUlUR&Vs/sHowR+5PM snUlS S /UlUR(Vs/sHowR+5PM snUl[-URVs/sHowR+5PM sn5Ulgs snfs snfs snfs snfs snfs snf)N ${DOMAIN_DN}CN=${DOMAIN_NETBIOS}CN=%sCN=${SERVER_NAME}) badPasswordTime badPwdCountdSCorePropagationData lastLogoff lastLogon logonCount modifiedCountzmsDS-Cached-Membershipz!msDS-Cached-Membership-Time-StampzmsDS-EnabledFeatureBLzmsDS-ExecuteScriptPasswordz msDS-NcTypezmsDS-ReplicationEpochzmsDS-RetiredReplNCSignatureszmsDS-USNLastSyncSuccesspartialAttributeDeletionListpartialAttributeSetpekList prefixMapreplPropertyMetaDatareplUpToDateVectorrepsFromrepsTo rIDNextRIDrIDPreviousAllocationPool schemaUpdate serverStatesubRefs uSNChanged uSNCreated uSNLastObjRem whenChangedmsExchServer1HighestUSN)$objectCategory objectGUIDrP whenCreatedr pwdLastSetr creationTimer priorSetTimerIDManagerReferencegPLinkipsecNFAReferencefRSPrimaryMember fSMORoleOwner masteredByipsecOwnersReferencewellKnownObjectsotherWellKnownObjectsripsecISAKMPReferenceipsecFilterReferencezmsDs-masteredBy lastSetTimeipsecNegotiationPolicyReferencergPCFileSysPathaccountExpires invocationIdoperatingSystemoperatingSystemVersionoEMInformation schemaInfo targetAddressmsExchMailboxGuidsiteFolderGUID)&distinguishedNamedefaultObjectCategorymembermemberOfsiteListnCNamehomeMDBhomeMTAinterSiteTopologyGeneratorserverReferencezmsDS-HasInstantiatedNCs hasMasterNCszmsDS-hasMasterNCszmsDS-HasDomainNCs dMDLocationmsDS-IsDomainForrIDSetReferencesserverReferenceBLmsExchHomeRoutingGroupmsExchResponsibleMTAServersiteFolderServermsExchRoutingMasterDNmsExchRoutingGroupMembersBL homeMDBBLmsExchHomePublicMDBmsExchOwningServer templateRootsaddressBookRootsmsExchPolicyRootsglobalAddressListmsExchOwningPFTreemsExchResponsibleMTAServerBLmsExchOwningPFTreeBLz$msDS-MembersOfResourcePropertyListBLzmsDS-ValueTypeReferencez"msDS-MembersOfResourcePropertyListzmsDS-ValueTypeReferenceBLzmsDS-ClaimTypeAppliesToClass)proxyAddressesmailuserPrincipalName"msExchSmtpFullyQualifiedDomainName dnsHostNamenetworkAddressdnsRootservicePrincipalName) rrCNr dNSHostNamer8r rr!rr)r8r9rr]rrDC)r!r"rr&r'r+summaryr=r0ryr8r:rrnon_replicated_attributesignore_attributes dn_attributesdomain_attributesservername_attributesnetbios_attributesother_attributesupperr)rCrryr< filter_listr!r"rZs rJrKLDAPObject.__init__is  88//XX^^ xx''  **^TXX-=-=>''//"8'DHHD[D[:[\&&Aggoo&97Q;GDG'((11$'':#* &H"&!?!? #<"==   " "k 1 "!#%'""$ "      " "'H H """D "6:5G5G!H5G'')5G!HD &VD ":>9O9O%P9OAggi9O%PD "*^D &>B=W=W)X=W'')=W)XD &&rD #:>:Q:Q&R:QQwwy:Q&RD #%+T$4D !8<8M8M$N8M1WWY8M$ND !!$9O9O%P9OAggi9O%P!Q)"I &Q *Y'S%O%Ps$'L!L&L+L0L5;L:cdUR(dURRUS-5 ggz5 Log on the screen if there is no --quiet option set rNr'r!rBrCmsgs rJlogLDAPObject.logs$zz IIOOCI &rMc$SU-nUR(dU$UR5RURRR55(a1US[ U5[ URR5- S-nU$)Nrr)r&rDendswithrr0rYrCsrTs rJfix_dnLDAPObject.fix_dnsrQhJ 99;   0 0 6 6 8 9 97s3x#dhh&6&6"778>IC rMcJSU-nUR(dU$URURRR 5URRR 55nURURRR 5S5nU$)Nrz${DOMAIN_NAME})r&r=rr>rrDrPs rJfix_domain_nameLDAPObject.fix_domain_namesxQhJkk$((..4468L8L8R8R8TUkk$((..4468HI rMcJSU-nUR(dU$URURRR 5URRR 55nURURRR 5S5nU$)Nrz${DOMAIN_NETBIOS})r&r=rr8rrDrPs rJfix_domain_netbiosLDAPObject.fix_domain_netbiossxQhJkk$((11779488;R;R;X;X;Z[kk$((11779;NO rMcSU-nUR(a#[URR5S:aU$URRH#nUR 5R US5nM% U$)Nrrez${SERVER_NAME})r&rYrr:rDr=)rCrQrTrZs rJfix_server_nameLDAPObject.fix_server_name saQh3txx'<'<#=#AJ&&A))+%%a)9:C' rMc|URR(aURU5$URU5$r)rr(cmp_desc cmp_attrs)rCrs rJ__eq__LDAPObject.__eq__s- 88  ==' '~~e$$rMc[URURURURS9n[URURURURS9nURR S:XaUR U5nONURR S:XaURU5nO"[SURR 35eUSUl USUl US$)N)r!r"r collisionzUnknown --view option value: rer) rrryr!r"r*rrr screen_output)rCrd1d2rTs rJr^LDAPObject.cmp_descs $''  J  588$))$)) L 88==I %))B-C XX]]k )))B-C unique_attrsdf_value_attrs)rjrrrDr>rr,get isinstancer~rrCr>splitr?rRr@rUrAr[rBrXrr<rd)rCrrTr self_attrs other_attrsself_unique_attrsrZother_unique_attrs missing_attrstitleourstheirspqrtrjs rJr_LDAPObject.cmp_attrs%s 4??C?4**,?CD E4D4DE4DD::<4DEF &4u7N7NN  7;dhhmmKK KC&w{T))')58N8NN  7;eiinnLL LC'w{T))(*> ;AwwyD222aggi=6P??1%D%%))!,F$%%*VT*B*Bd|~779 5 55JNO$Q--33C8;q@$AOKQR6a..44S9!<A6ARv WWY$"4"44AA123AQA3234!Qa!A4v 779 6 66AAQ ":;?Q003QA?>?@a11!4aA@v 4<'C E7Q;1a)@@4GGC7Q;4)HH4OOC##**1-S!V $: :: ^$->(??$ %&$*=*==& n%.@)AA% &'4+>+>>' !byMDEDPR44====@@sGUU+5U"&5U' U,-U1 U6+U;V)VV 'V)rrrjryr?r@r"r>rBr=rCr!r'rdrAr<r&r+N)rrrrrrrrKrLrRrUrXr[r`r^r_rrrMrJrrhs@jjszzRB'% jrMrcl\rSrSrSS\R \R 4SjrSrSr Sr Sr Sr S r g) LDAPBundleiNcXPlX`lXlURRUlURRUlURR UlURR UlURRUlURRUl0Ul /URS'/URS'/URS'/URS'X@l U(aX0l OKUR5S;a,UR5Ul URU5Ul O [S5eSnU[!UR5:GaUR(aURUnUS[!U5[!URR"5- S-nUR%S URR&-S 5n[!URR(5S :Xa2URR(Hn UR%S U -S 5nM XRU'US - nU[!UR5:aUR(aM[+[-UR55Ul [/UR5Ul [!UR5Ulg) Nrirjknown_ignored_dnabnormal_ignored_dnDOMAIN CONFIGURATIONSCHEMA DNSDOMAIN DNSFORESTz-Unknown initialization data for LDAPBundle().rrrrrer)r!r"rr&r'r+r$r%r-r<rEdn_listrDcontext get_dn_list ExceptionrYr0r=r8r:r~rrsize) rCrrrrEr!r"countertmprZs rJrKLDAPBundle.__init__s#  88//XX^^ xx'' 88// HH11#xx77 ') ^$)+ %&+- '(.0 *+& "L ]]_ _ _"==?DL++G4DLKL LDLL))d.>.>,,w'C7s3x#dhh&6&6"778>IC++g(?(??AWXC488(()Q...A++gk3FGC/$'LL ! qLGDLL))d.>.>.>C -. dll+  % rMcdUR(dURRUS-5 ggrHrIrJs rJrLLDAPBundle.logs$zz IIOOC$J 'rMcl[UR5Ul[UR5Ulgr)rYrrr)rCs rJ update_sizeLDAPBundle.update_sizes" % dll+ rMc SnURUR:wa@URSUR<SUR<35 UR(dSn[URVs/sHo3R 5PM sn5n[URVs/sHo3R 5PM sn5nUR [:waUR(dXE- nU(aPSnURSURR-5 [U5HnURSU-5 M XT- nU(aPSnURSURR-5 [U5HnURSU-5 M XE-n URS[U 5-5 U GH n [URU URURURUR S9n [URU URURURUR S9n X:XaURR$(aURS 5 URS U R&<S U RR<S35 URS U R&<S U RR<S35 URS5 OURS 5 URS U R&<S U RR<S35 URS U R&<S U RR<S35 URU R(5 URS5 SnU RUl U RUl GM U$s snfs snf!["a%n URS U <S U <35 Sn A GMESn A ff=f!["a%n URS U <S U <35 Sn A GMwSn A ff=f)NTz! * DN lists have different size: z != Fz * DNs found only in %s:rz * Objects to be compared: %d)rryr<rEr!r"zLdbError for dn z: z Comparing:'z' []z OKz FAILED)rrLr-rrrDr%rrr,rrYrr<rEr!r"r r+ryrd)rCrrTrwself_dns other_dns self_onlyrZ other_only common_dnsryobject1r`object2s rJdiffLDAPBundle.diffs 99 " HHTYYPUPZPZ[ \''4<<80O#OAOAP P &PP  P=P88P=cLUR5S:XaURRnOUR5S:XaURRnOUR5S:XaURRnO[UR5S:XaSURR-nO-UR5S:XaSURR -n/nUR (dWUlURR5UlURS:Xa [UlOCURS :Xa [UlO'URS :Xa [UlO [S 5eURRRUR URS /S 9nUH%nUR%US R'55 M' U$![a<nURupgUR R#SUR -5 eSnAff=f)zQuery LDAP server about the DNs of certain naming self.con.ext Domain (or Default), Configuration, Schema. Parse all DNs and filter those that are 'strange' or abnormal. rrrrzDC=DomainDnsZones,%srzDC=ForestDnsZones,%srBASEONEz0Wrong 'scope' given. Choose from: SUB, ONE, BASEryr^zFailed search of base=%s N)rDrr0r4r6r2r$r%rrrrr#rQr rfr!rBrget_linearized) rCrr$rrTe3rarbrZs rJrLDAPBundle.get_dn_lists ==?h &((**K ]]_ /((,,K ]]_ (((,,K ]]_ +04883C3CCK ]]_ +04883C3CCK*D  --335    % -D    & ( *D    % ' .D OP P ((,,%%4+;+;4CTCT]a\b%cC A NN1T7113 4  77LT IIOO84;K;KK L  s6:G H#'7HH#c [[URS55URS'[[URS55URS'URS(arURSURR -5 URSR URSVs/sHn[SU-5PM sn55 URS(akURS5 URSR URSVs/sHn[SU-5PM sn55 /URS'ggs snfs snf)Nrirjz Attributes found only in %s:rz z" Attributes with different values:)r~rr<rLrr,joinr.)rCrZs rJ print_summaryLDAPBundle.print_summary4s'+C ^0L,M'N ^$)-c$,,?O2P.Q)R %& << ' HH5 E F HHRWWt||N?[\?[!c.1"45?[\] ^ <<( ) HH: ; HHRWWt||L\?]^?]!c.1"45?]^_ `-/DLL) * *]_s E# /E( )rrrr"rEr!r'r$r%rr-r<r&r+)rrrrrrrrKrLrrrrrrrMrJr{r{s648djjszz%&N(,GR#J 0rMr{cP\rSrSrSrSr\R\R\RS.r /SQr \ "SSSS S S S 9\ "S SSS S SS 9\ "SSSS S SS 9\ "SSS S SS 9\ "SSS S SS 9\ "SSSSS/SS 9\ "S!S"S#S$S%9\ "S&S'S#S(S%9\ "S)S*S+/S,QS-S 9\ "S.S/S#S0S%9\ "S1S2S S S3S 9/ r S7S5jrS6rg4)8 cmd_ldapcmpiBzCompare two ldap databases.zO%prog (domain|configuration|schema|dnsdomain|dnsforest) [options]) sambaopts versionoptscredopts)URL1URL2z context1?z context2?z context3?z context4?z context5?z-wz--tworE store_trueFz"Hosts are in two different domains)destactiondefaulthelpz-qz--quietr'z1Do not print anything but relay on just exit codez-vz --verboser+z*Print all DN pairs that have been comparedz--sdr(z,Compare nTSecurityDescriptor attributes onlyz --sort-acesr)z=Sort ACEs before comparison of nTSecurityDescriptor attributez--viewr*rrczUDisplay mode for nTSecurityDescriptor results. Possible values: section or collision.)rrchoicesrz--baserFrz:Pass search base that will build DN list for the first DC.)rrrz--base2base2znPass search base that will build DN list for the second DC. Used when --two or when compare two different DNs.z--scoperGr)rrrz>Pass search scope that builds DN list. Options: SUB, ONE, BASEz--filterfilterz>List of comma separated attributes to ignore in the comparisonz--skip-missing-dnr-zCSkip report and failure due to missing DNs in one server or anotherNc.UR5nURS5=(d URS5nU(aURUSS9nOSnURUSS9nUR 5(aUnO"UR S5 UR S5 U(a UR5(d [S5e/nUcU(a U(aS/nOW/S QnORX4XVU4HInUcMUR5S ;a[S U-5eURUR55 MK U (aU (a [S 5eU(dU(dU(aU(d [S 5e[UUUXXXUUURURUS 9n[UR5S:de[UUUXXXUUURURUS 9n[UR5S:deUR!S5nSnUGHqn U (dURR#SU -5 [%UU UURURS9n![%UU UURURS9n"U!R'U"5(a)U (d URR#SU -5 MMU (dURR#SU -5 U (d[U!R(S5[U"R(S5:Xde/U"R(S'URR#S5 URR#S5 U!R+5 U"R+5 SnGMt US:wa[SU-5eg)NldapT)fallback_machineF)guessrz3You must supply at least one username/password pairrrzIncorrect argument: %sz-You cannot set --verbose and --quiet togetherz>TU U  %:[(hG9wwy$cc&'?!'CDD * H uNO OD]^ ^eR 'U!YYTYYY4<< 1$$$fb 'e!YYTYYY4<< 1$$$ll3' G  AG KLD'{!%#?@C ScHdDeeee79 #34  6  6((*((*1 2 Q;3f<= = rMr)NNNNNFFFFFrrrrrNNNF)rrrr__doc__synopsisr SambaOptionsVersionOptionsCredentialsOptionsDoubletakes_optiongroups takes_argsr takes_optionsrrrrMrJrrBs=%`H))--44 cJ tW5u8 :tYW\5G It[yu@ BvLuB D};|US Uxfi)[AYk mxfbP RywE Fyw?UT Vz"T V"):rMr)rr;rsamba samba.getoptgetoptrr samba.ndrr samba.dcerpcrr#rrrr r samba.netcmdr r r compilerpobjectrrrr{rrrMrJrs0  !WW ::?@EvEPr;r;jggT m0m0`|>'|>rM