Index: 96univention-samba4.inst =================================================================== --- 96univention-samba4.inst (Revision 50858) +++ 96univention-samba4.inst (Arbeitskopie) @@ -272,6 +272,7 @@ if ! [ -r "/etc/krb5.keytab" ]; then echo "WARNING: /etc/krb5.keytab not created." fi + restore_rid_pool } samba_domain_join() { @@ -488,6 +489,65 @@ test -n "$search_result" && echo " done" || echo " failed" } +extract_rid_pool() { + local test_output + local ridset_dn + ## Workaround for Bug #34754 + if [ -r /var/lib/samba/private/sam.ldb ]; then + ridset_dn=$(ldbsearch -H /var/lib/samba/private/sam.ldb sAMAccountName="$hostname$" rIDSetReferences | ldapsearch-wrapper | sed -n 's/^rIDSetReferences: //p') + if [ -n "$ridset_dn" ]; then + test_output=$(ldbsearch -H /var/lib/samba/private/sam.ldb -s base -b "$ridset_dn" | ldapsearch-wrapper) + old_rIDAllocationPool=$(sed -n 's/^rIDAllocationPool: //p' <<<"$test_output") + old_rIDPreviousAllocationPool=$(sed -n 's/^rIDPreviousAllocationPool: //p' <<<"$test_output") + old_rIDNextRID=$(sed -n 's/^rIDNextRID: //p' <<<"$test_output") + fi + fi +} + +restore_rid_pool() { + local test_output + local ridset_dn + ## Workaround for Bug #34754 + if [ -r /var/lib/samba/private/sam.ldb ]; then + ridset_dn=$(ldbsearch -H /var/lib/samba/private/sam.ldb sAMAccountName="$hostname$" rIDSetReferences | ldapsearch-wrapper | sed -n 's/^rIDSetReferences: //p') + if [ -n "$ridset_dn" ]; then + test_output=$(ldbsearch -H /var/lib/samba/private/sam.ldb -s base -b "$ridset_dn" | ldapsearch-wrapper) + new_rIDAllocationPool=$(sed -n 's/^rIDAllocationPool: //p' <<<"$test_output") + new_rIDPreviousAllocationPool=$(sed -n 's/^rIDPreviousAllocationPool: //p' <<<"$test_output") + new_rIDNextRID=$(sed -n 's/^rIDNextRID: //p' <<<"$test_output") + fi + fi + if [ -n "$new_rIDAllocationPool" ] && [ -z "$new_rIDNextRID" ]; then + if [ "$new_rIDAllocationPool" = "$old_rIDAllocationPool" ] && [ -n "$old_rIDNextRID" ]; then + { + cat <<-%EOF + dn: $ridset_dn + changetype: modify + add: rIDNextRID + rIDNextRID: $old_rIDNextRID + %EOF + + if [ -z "$new_rIDPreviousAllocationPool" ]; then + if [ -n "$old_rIDPreviousAllocationPool" ]; then + cat <<-%EOF + - + add: rIDPreviousAllocationPool + rIDPreviousAllocationPool: $old_rIDPreviousAllocationPool + %EOF + else + cat <<-%EOF + - + add: rIDPreviousAllocationPool + rIDPreviousAllocationPool: $new_rIDAllocationPool + %EOF + fi + fi + } | ldbmodify -H /var/lib/samba/private/sam.ldb + fi + fi +} + + var_lib_samba_is_s4 () { test -e /var/lib/samba/private/sam.ldb @@ -498,6 +558,7 @@ local backup_folder backup_folder="/var/lib/samba_backup_$(date +%Y%m%d%H%M%S)" if var_lib_samba_is_s4; then + extract_rid_pool mv /var/lib/samba "$backup_folder" ## and copy everything back except private/* rsync -a --exclude /private/* "$backup_folder/" /var/lib/samba @@ -788,6 +849,7 @@ ## if the key version number increased, merge the old keys into the new keytab merge_backup_samba4_keytab + restore_rid_pool fi