a {a'@sdZddlmZddlmZmZmZddlmZddl m Z ddl m Z ddl mZddlmZdd lmZdd lmZmZifd d ZGd ddeZddZddZdddZdS)z(Functions for setting up a Samba Schema.) b64encode)read_and_sub_filesubstitute_varcheck_all_substituted)security)read_ms_schema)ndr_pack)SamDB get_string)dsdb) SCOPE_SUBTREESCOPE_ONELEVELcCsd}tj||}t|S)NaO:SAG:SAD:AI(OA;;CR;e12b56b6-0a95-11d1-adbb-00c04fd8d5cd;;SA)(OA;;CR;1131f6aa-9c07-11d1-f79f-00c04fc2dcd2;;ED)(OA;;CR;1131f6ab-9c07-11d1-f79f-00c04fc2dcd2;;ED)(OA;;CR;1131f6ac-9c07-11d1-f79f-00c04fc2dcd2;;ED)(OA;;CR;1131f6aa-9c07-11d1-f79f-00c04fc2dcd2;;BA)(OA;;CR;1131f6ab-9c07-11d1-f79f-00c04fc2dcd2;;BA)(OA;;CR;1131f6ac-9c07-11d1-f79f-00c04fc2dcd2;;BA)(A;CI;RPLCLORC;;;AU)(A;CI;RPWPCRCCLCLORCWOWDSW;;;SA)(A;CI;RPWPCRCCDCLCLORCWOWDSDDTSW;;;SY)(OA;;CR;1131f6ad-9c07-11d1-f79f-00c04fc2dcd2;;ED)(OA;;CR;89e95b76-444d-4c62-991a-0facbeda640c;;ED)(OA;;CR;1131f6ad-9c07-11d1-f79f-00c04fc2dcd2;;BA)(OA;;CR;89e95b76-444d-4c62-991a-0facbeda640c;;BA)(OA;;CR;1131f6aa-9c07-11d1-f79f-00c04fc2dcd2;;ER)(OA;;CR;1131f6ad-9c07-11d1-f79f-00c04fc2dcd2;;ER)(OA;;CR;89e95b76-444d-4c62-991a-0facbeda640c;;ER)S:(AU;SA;WPCCDCWOWDSDDTSW;;;WD)(AU;CISA;WP;;;WD)(AU;SA;CR;;;BA)(AU;SA;CR;;;DU)(OU;SA;CR;e12b56b6-0a95-11d1-adbb-00c04fd8d5cd;;WD)(OU;SA;CR;45ec5156-db7e-47bb-b53f-dbeb2d03c40f;;WD))rZ descriptorZ from_sddlr) domain_sidZname_mapZsddlZsecr./usr/lib/python3/dist-packages/samba/schema.pyget_schema_descriptor$src@sdeZdZdddddZdddZed d Zed d Zd dZddZ ddZ ddZ ddZ dS)Schema)z"MS-AD_Schema_2K8_R2_Attributes.txtzMS-AD_Schema_2K8_R2_Classes.txt/)z0Attributes_for_AD_DS__Windows_Server_2008_R2.ldfz-Classes_for_AD_DS__Windows_Server_2008_R2.ldfr)z)AD_DS_Attributes__Windows_Server_2012.ldfz&AD_DS_Classes__Windows_Server_2012.ldf8)z,AD_DS_Attributes__Windows_Server_2012_R2.ldfz)AD_DS_Classes__Windows_Server_2012_R2.ldfE)Z 2008_R2_oldZ2008_R2Z20122012_R2Nc sddlm}|durt}||_||_tddd|_|durJ|j|t |dtj |d|dtj |d|_ dd|durd fd d |D|_ t |j d |i|_ t|j tt|} t|d || d|_tt|d} t|d|| d|_|dur||_n|d|_|durT|jd dd |D7_t|jd|_d|j|jf} || |j |jdS)Nr) setup_pathF)Z global_schemaZam_rodcz ad-schema/%scSs6t|d}|WdS1s(0YdS)Nrb)openread)fileZ data_filerrr read_fileqs z"Schema.__init__..read_filec3s|]}t|VqdSNr ).0rrrr vsz"Schema.__init__..SCHEMADNz#provision_schema_basedn_modify.ldif)r$Z OBJVERSIONutf8zprovision_schema_basedn.ldif)r$Z DESCRIPTORz prefixMap.txtcss|]}d|VqdS)z%s Nr)r!maprrrr#zdn: %s prefixMap:: %s )Zsamba.provisionrrdefault_base_schema base_schemaschemadnr ldbZset_invocation_idr base_schemas schema_datajoinrrstr get_versionrschema_dn_modifyrrdecode schema_dn_addZprefixmap_data set_from_ldif) selfrZ invocationidr*filesoverride_prefixmapZadditional_prefixmapr)rZschema_versionZdescrZprefixmap_ldifrr"r__init__RsN      zSchema.__init__cCsdS)z&Returns the default base schema to userrrrrrr(szSchema.default_base_schemacCstj|dS)z=Returns the base schema's object version, e.g. 47 for 2008_R2)rr,)r)rrrr0szSchema.get_versioncCst|j|||dSr )r Z_dsdb_set_schema_from_ldifr+)r5ZpfZdfZdnrrrr4szSchema.set_from_ldifcCs|jj|d|jzB|jd|jd}|j||j|j|j|jWn|jYn 0|j dS)N)Zurlzpdn: @ATTRIBUTES linkID: INTEGER dn: @INDEXLIST @IDXATTR: linkID @IDXATTR: attributeSyntax @IDXGUID: objectGUID z1objectGUID: 24e2ca70-b093-4ae8-84c0-2d7ac652a1b8 ) r+ZconnectZtransaction_startZadd_ldifr3Z modify_ldifr1r-Ztransaction_cancelZtransaction_commit)r5Z schemadb_pathr3rrrwrite_to_tmp_ldbs    zSchema.write_to_tmp_ldbcCst|j|jSr )get_linked_attributesr*r+r5rrrlinked_attributesszSchema.linked_attributescCst|j|jSr )get_dnsyntax_attributesr*r+r<rrrdnsyntax_attributesszSchema.dnsyntax_attributescCst|j||Sr )r Z _dsdb_convert_schema_to_openldapr+)r5targetmappingrrrconvert_to_openldapszSchema.convert_to_openldap)NNNNNN) __name__ __module__ __qualname__r,r8 staticmethodr(r0r4r:r=r?rBrrrrr@s$ C  rcCsddg}|jd|t|d}i}tdt|D]R}dt||ddd}|j||dtd}|dur,t||t||d<q,|S) NlinkIDlDAPDisplayNamezh(&(linkID=*)(!(linkID:1.2.840.113556.1.4.803:=1))(objectclass=attributeSchema)(attributeSyntax=2.5.5.1)) expressionbasescopeattrsrzD(&(objectclass=attributeSchema)(linkID=%d)(attributeSyntax=2.5.5.1))r)ZbasednrJZ attributerL)searchrrangelenintZ searchoner r/)r* schemaldbrMres attributesirJr@rrrr;s$r;cCsH|jd|tddgd}g}tdt|D]}|t||dq(|S)NzF(&(!(linkID=*))(objectclass=attributeSchema)(attributeSyntax=2.5.5.1))rGrHrIr)rNrrOrPappendr/)r*rRrSrTrUrrrr>sr>,cn=schema,cn=configuration,dc=example,dc=comNcCs*|durt}n t|}t|||dS)aOLoad schema for the SamDB from the AD schema files and samba4_schema.ldif :param schemadn: DN of the schema :param serverdn: DN of the server Returns the schema data loaded as an object, with .ldb being a new ldb with the schema loaded. This allows certain tests to operate without a remote or local schema. N)r*r7)rZ random_sidZdom_sidr)r*Z domainsidr7rrrldb_with_schemas   rX)rWNN)__doc__base64rZsambarrrZ samba.dcerpcrZsamba.ms_schemarZ samba.ndrrZ samba.samdbr Z samba.compatr r r+r rrobjectrr;r>rXrrrrs$