a WaM@sddlmZddlmZddlZddlZddlmZddl Z ddl m Z ddl m Z mZmZmZddlmZddlmZmZmZdd lmZmZdd lmZdd lmZdd lmZmZm Z m!Z!m"Z"dd l#m$Z$ddlm%Z%ddZ&ddZ'ddZ(ddZ)ddZ*dZ+Gddde Z,Gddde Z-Gddde Z.Gd d!d!e Z/Gd"d#d#e Z0Gd$d%d%e Z1Gd&d'd'e Z2Gd(d)d)eZ3dS)*)print_functionN)common)system_session)Command CommandErrorOption SuperCommand)SamDB) drs_utils nttime2stringdsdb)drsuapimisc) join_clone)colour)get_partition_mapsget_utdv_edgesget_utdv_distancesget_utdv_summaryget_kcc_and_dsas) get_string)get_default_backend_storec Cs^z$t|j|j|j\|_|_|_Wn4tyX}zt d|j|WYd}~n d}~00dS)z'make a DRSUAPI connection to the serverzDRS connection to %s failedN) r drsuapi_connectserverlpcredsrdrsuapi_handleZbind_supported_extensions Exceptionrctxer"2/usr/lib/python3/dist-packages/samba/netcmd/drs.pyr4s$rc Cs\z"td|jt|j|jd|_Wn4tyV}ztd|j|WYd}~n d}~00dS)z$make a ldap connection to the server ldap://%surl session_info credentialsrzLDAP connection to %s failedN)r rrrrsamdbrrrr"r"r# samdb_connect<s  r*cCs |\}}|dkrdSd||fS)z*return "was successful" or an error stringrzwas successfulzfailed, result %u (%s)r")ZwerrZecodeZestringr"r"r# drs_errmsgFsr+cCs||vr||dS|S)z/get an attribute from a ldap msg with a defaultrr")msgattrnamedefaultr"r"r# attr_defaultNs r/cCsf|d}|ddks.|ddks.|ddkr:td||d d d }|d d d }||fS) z+parse a NTDS DN returning a site and server,rzCN=NTDS Settingsz CN=ServerszCN=Siteszbad NTDS DN %sr=)split RuntimeError)ntds_dnarsiter"r"r#drs_parse_ntds_dnUs  $ r:classicc @seZdZdZdZejejejdZ e dddddd e d d ddd d e d ddddd e dddddde ddddde de ddddde dddd gZ d!gZ d"d#Zd$d%Zd&d'Zd(d(d(d(e d)dfd*d+Zd,d-Zd.d/Zd0d1Zd2d3Zd4d5Zd6d7Zd8d9Zd(S):cmd_drs_showreplzShow replication status.%prog [] [options] sambaopts versionoptscredopts--jsonz"replication details in JSON formatformatZ store_constjson)helpdestactionconstz --summaryz5summarize overall DRS health as seen from this serversummaryz--pull-summaryz:Have we successfully replicated from all relevent servers? pull_summaryz--notify-summarynotify_summaryzsHave we successfully notified all relevent servers of local changes, and did they say they successfully replicated?)rGrHrFrEz --classiczprint local replication detailsr;)rErFrGrHr.z-vz --verbosez Be verbose store_truerErGz--colorzUse colour output (yes|no|auto)Zno)rEr.DC?c Cst|j}|j|t|jt|j|jt|jt|j dd}z|j j d|t j gdWnFt jy}z,|j\}}|t jkrd|d<nWYd}~n d}~00z"t|j \}}d||f|d <WntyYn0|S) z8Convert an ldb neighbour object into a python dictionaryF)NC dnDSA objectGUIDlast attempt timelast attempt messageconsecutive failures last successNTDS DN is deletedz basescopeattrsTrVN%s\%sDSA)strZsource_dsa_obj_guidZnaming_context_dnr Z last_attemptr+Zresult_last_attemptZconsecutive_sync_failuresZ last_successZsource_dsa_obj_dnr)searchldb SCOPE_BASELdbErrorargsERR_NO_SUCH_OBJECTr:r6) selfnZdsa_objectguiddr!errno_r9rr"r"r#parse_neighbours4        z cmd_drs_showrepl.parse_neighbourcCs|d|dd|vr.|d|dn|d|d|d|d|d |d |d f|d |d |d|d|ddS)z&print one set of neighbour informationz%srOr\z %s via RPCz NTDS DN: %srUz DSA object GUID: %srPz Last attempt @ %s %srQrRz %u consecutive failure(s).rSz Last success @ %srTN)message)rdrfr"r"r#print_neighbours z cmd_drs_showrepl.print_neighbourc stt}||_zjjd|\}}Wn2tyZ}ztd||WYd}~n d}~00fdd|jD}|S)Nrz"DsReplicaGetInfo of type %u failedcsg|]}|qSr")ri).0rerdr"r# z3cmd_drs_showrepl.get_neighbours..)rZDsReplicaGetInfoRequest1 info_typeZDsReplicaGetInforrrZarray)rdrqreq1infor!Zrepsr"rnr#get_neighbourss $zcmd_drs_showrepl.get_neighboursNFc Cs||||_|dur(t|j}||_|j|jdd|_||_|j |j |j |j |j d|}|durztd||S)NTZfallback_machine)rIrKrJrDr;zunknown showrepl format %s)Zapply_colour_choice get_loadparmrrnetcmd_dnsnamerget_credentialsrverbosesummary_outputnotify_summary_outputpull_summary_output json_outputclassic_outputgetr) rdDCr?rAr@rCryZcolorZoutput_functionr"r"r#runs$    zcmd_drs_showrepl.runcCs*|}|d=|d=tj||jdddS)Nr9rr1indent)get_local_repl_datarDdumpoutf)rddatar"r"r#r}szcmd_drs_showrepl.json_outputcCsg}g}|}|dkrR|dD]0}|dr.q |ddksF|ddkr ||q |dkr|dD]0}|drpqb|ddks|ddkrb||qb|s|r|td |r|td |D]}||q|r|td |D]}||qd S|td dS)zcPrint a short message if every seems fine, but print details of any links that seem broken.rJrepsTorVrSrrTrKrepsFromzThere are failing connectionszFailing outbound connections:zFailing inbound connection:rz [ALL GOOD]N)rappendrkrZc_REDrlZc_GREEN)rdZ typeof_outputZfailing_repstoZfailing_repsfromZ local_dataZrepr"r"r#summary_output_handlers6       z'cmd_drs_showrepl.summary_output_handlercCs |dS)NrIrrnr"r"r#rzszcmd_drs_showrepl.summary_outputcCs |dS)NrKrrnr"r"r#r{sz&cmd_drs_showrepl.notify_summary_outputcCs |dS)NrJrrnr"r"r#r|sz$cmd_drs_showrepl.pull_summary_outputc CsNt|t||j}t|\}}z|jj|tjgdd}Wn0tyr}zt d|WYd}~n d}~00t t |dddt |j d|dddt |j d|dddd}|jj|dd }|tj}|tj} g} |D]D} t| d dd \} } }t| d t| d dt t | ddt t | d ddkd}| |z2|jj|tjdgd}t|ddd|d<Wn\tjy}z*|j\}}|tjkrd|d<WYd}~n d}~0ttfyYn0g|d<| dgD]2}t|d}|d|dt |dfqq||| | ||dS)N)options objectGUID invocationIdrWzFailed to search NTDS DN %srrrrz(objectClass=nTDSConnection))rX expressionZ fromServerr0nameZenabledConnectionZTRUE)r remote DNrenabledZ dnsHostNamedns nameTrV replicates NCzmS-DS-ReplicatesNCReason:r4r1)dsarrNTDSConnectionsr9r)rr*r)get_dsServiceNamer:r^r_r`rrintr/rschema_format_valuertrZ!DRSUAPI_DS_REPLICA_INFO_NEIGHBORSZDRSUAPI_DS_REPLICA_INFO_REPSTOr] partitionupperrrarbrcKeyError IndexErrorrr5)rdr7r9rZntdsr! dsa_detailsZconnrepsfromrepsto conn_detailscZc_rdnsepZ c_server_dnrfZ c_server_resrgrhrr8r"r"r#r sn  "       $z$cmd_drs_showrepl.get_local_repl_datacCs|}|d}|d}|d}|d}|d}|d}|d||f|d|d |d |d |d |d |d|D]}||q|d|D]}||qgd} |d|D]} |d| dr|d|d| d|dt| d|d| d|d| d|d|d| d | dr| dD]R\} } |d | |d!| | D]&} tt| d"| @r|d#| qqvq|d$qdS)%Nrrrrr9rr[zDSA Options: 0x%08xrzDSA object GUID: %srzDSA invocationId: %s rz==== INBOUND NEIGHBORS ==== z==== OUTBOUND NEIGHBORS ==== ) ZNTDSCONN_KCC_GC_TOPOLOGYZNTDSCONN_KCC_RING_TOPOLOGYZ#NTDSCONN_KCC_MINIMIZE_HOPS_TOPOLOGYZ#NTDSCONN_KCC_STALE_SERVERS_TOPOLOGYZ,NTDSCONN_KCC_OSCILLATING_CONNECTION_TOPOLOGYZ"NTDSCONN_KCC_INTERSITE_GC_TOPOLOGYZNTDSCONN_KCC_INTERSITE_TOPOLOGYZ%NTDSCONN_KCC_SERVER_FAILOVER_TOPOLOGYZ#NTDSCONN_KCC_SITE_FAILOVER_TOPOLOGYZ&NTDSCONN_KCC_REDUNDANT_SERVER_TOPOLOGYz!==== KCC CONNECTION OBJECTS ==== z Connection --rVz' WARNING: Connection to DELETED server!z Connection name: %srz Enabled : %srz Server DNS name : %srz Server DN name : %srz TransportType: RPCz options: 0x%08Xrz ReplicatesNC: %sz Reason: 0x%08xrz %sz)Warning: No NC replicated for Connection!)rrkrlrr]rgetattrr )rdrrrrrr9rreZreasonsrfZncreasonsr"r"r#r~JsJ           zcmd_drs_showrepl.classic_output)__name__ __module__ __qualname____doc__synopsisr SambaOptionsVersionOptionsCredentialsOptionstakes_optiongroupsrDEFAULT_SHOWREPL_FORMAT takes_options takes_argsrirlrtrr}rrzr{r|rr~r"r"r"r#r<bsX  %?r<c@s6eZdZdZdZejejejdZ dgZ dddZ dS) cmd_drs_kccz)Trigger knowledge consistency center run.r=r>rNNc Cs||_|durt|j}||_|j|jdd|_t|t }z|j |j d|Wn.t y}zt d|WYd}~n d}~00|d|dS)NTrurzDsExecuteKCC failedz#Consistency check on %s successful.)rvrrrwrrxrrrZ DsExecuteKCC1Z DsExecuteKCCrrrrk)rdrr?rAr@rrr!r"r"r#rs   zcmd_drs_kcc.run)NNNN rrrrrrrrrrrrr"r"r"r#rsrc @seZdZdZdZejejejdZ gdZ e dddde d d dde d d dde d ddde dddde dddde dddde ddddgZ dddZ dddZdS)cmd_drs_replicatez+Replicate a naming context between two DCs.z/%prog [options]r>)DEST_DC SOURCE_DCNCz --add-refz&use ADD_REF to add to repsTo on sourcerLrMz --sync-forcedz,use SYNC_FORCED to force inbound replicationz --sync-allz&use SYNC_ALL to replicate from all DCsz --full-synczresync all objectsz--localzIpull changes directly into the local database (destination DC is ignored)z--local-onlinez_pull changes into the local database (destination DC is ignored) as a normal online replicationz --async-opz use ASYNC_OP for the replicationz--single-objectz\Replicate only the object specified, instead of the whole Naming Context (only with --local)Fc Cs||_t|ttd|j|jdd|_td|jt|j|jd|_|jjdt j dgd}|ddd|_ |jj|j t j d gd}t |jd |dd d|_t |j}t |j}|j} tj} |rtj} d }|jtd |j|j|j|j|} |j} z | j||| | || |d \} }Wn4tyh}ztd ||WYd}~n d}~00|j|r|d| |||jjfn|d| |||jjfdS)z+replicate from a source DC to the local SAMNr)r'r&r(rflagsr$r%rjZ dsServiceNamerWrTzncacn_ip_tcp:%s[seal])rodc full_syncexop sync_forcedzError replicating DN %szMFull Replication of all %d objects and %d links from %s to %s was successful.zPIncremental replication of %d objects and %d links from %s to %s was successful.)rrr rrrZ local_samdbr)r^r_r`r7rGUIDrZ ntds_guidZget_invocation_idrZDRSUAPI_EXOP_NONEZDRSUAPI_EXOP_REPL_OBJZtransaction_startr Z drs_ReplicateZam_rodc replicaterrZtransaction_commitrkr&)rdrrr single_objectrresZsource_dsa_invocation_idZdest_dsa_invocation_idZdestination_dsa_guidrreplrZ num_objectsZ num_linksr!r"r"r#drs_local_replicatesv     $ z%cmd_drs_replicate.drs_local_replicateNc Cs ||_| |_| j|jdd|_|r>|j|||| |ddS| r\tjd|jd}t}nt ||j}|j }| szd|_ t ||j j|j dt|t|fgd}t|d krtd ||d d }|j j|tjd d dgd}t|d krtd||d d d }tt|dd }d }|tj@s@|tjO}|rP|tjO}|r`|tjO}|rp|tjO}|r|tjO}| r|tjO}zt |||||Wn2tj!y}ztd|WYd}~n d}~00| r|"d||fn|"d||fdS)NTru)rrrz irpc:dreplsrv)Zlp_ctxi,z6(&(objectCategory=server)(|(name=%s)(dNSHostName=%s))))rXrrZrzFailed to find source DC %sdnz5(|(objectCategory=nTDSDSA)(objectCategory=nTDSDSARO))rr)rXrYrrZz Failed to find source NTDS DN %szDsReplicaSync failedz$Replicate from %s to %s was started.z'Replicate from %s to %s was successful.)#rrvrrxrrrrZ policy_handlerrZrequest_timeoutr*r)r^Zget_config_basednr_Z binary_encodelenrZSCOPE_ONELEVELrr/r Z$DS_NTDSDSA_OPT_DISABLE_OUTBOUND_REPLZDRSUAPI_DRS_WRIT_REPZDRSUAPI_DRS_ADD_REFZDRSUAPI_DRS_SYNC_FORCEDZDRSUAPI_DRS_SYNC_ALLZDRSUAPI_DRS_FULL_SYNC_NOWZDRSUAPI_DRS_ASYNC_OPr ZsendDsReplicaSyncZ drsExceptionrk)rdrrrZadd_refrZsync_allrZlocalZ local_onlineZasync_oprr?rAr@Z server_bindZserver_bind_handler,Z server_dnZsource_dsa_guidZ dsa_optionsZ req_optionsZestrr"r"r#rsp                zcmd_drs_replicate.run)FFF) FFFFFFFFNNN)rrrrrrrrrrrrrrrr"r"r"r#rs0          Grc@s6eZdZdZdZejejejdZ dgZ dddZ dS) cmd_drs_bindz"Show DRS capabilities of a server.r=r>rNNcCs||_|durt|j}||_|j|jdd|_t|t }d|_ t |_ |j ttj|\}}gd}gd} |d||d|D]>\} } tt| d} |j j| @rd } nd } |d | | | fqt|j tjr<|d | D]@\} } tt| d} |j j| @r"d } nd } |d | | | fq|d |j j|d|j jt|j tjr|d|j jdS)NTru)")Z DRSUAPI_SUPPORTED_EXTENSION_BASEZ DRS_EXT_BASE)Z-DRSUAPI_SUPPORTED_EXTENSION_ASYNC_REPLICATIONZDRS_EXT_ASYNCREPL)Z%DRSUAPI_SUPPORTED_EXTENSION_REMOVEAPIZDRS_EXT_REMOVEAPI)Z&DRSUAPI_SUPPORTED_EXTENSION_MOVEREQ_V2ZDRS_EXT_MOVEREQ_V2)Z+DRSUAPI_SUPPORTED_EXTENSION_GETCHG_COMPRESSZDRS_EXT_GETCHG_DEFLATE)Z%DRSUAPI_SUPPORTED_EXTENSION_DCINFO_V1ZDRS_EXT_DCINFO_V1)Z4DRSUAPI_SUPPORTED_EXTENSION_RESTORE_USN_OPTIMIZATIONZ DRS_EXT_RESTORE_USN_OPTIMIZATION)Z$DRSUAPI_SUPPORTED_EXTENSION_ADDENTRYZDRS_EXT_ADDENTRY)Z'DRSUAPI_SUPPORTED_EXTENSION_KCC_EXECUTEZDRS_EXT_KCC_EXECUTE)Z'DRSUAPI_SUPPORTED_EXTENSION_ADDENTRY_V2ZDRS_EXT_ADDENTRY_V2)Z4DRSUAPI_SUPPORTED_EXTENSION_LINKED_VALUE_REPLICATIONZ DRS_EXT_LINKED_VALUE_REPLICATION)Z%DRSUAPI_SUPPORTED_EXTENSION_DCINFO_V2ZDRS_EXT_DCINFO_V2)Z8DRSUAPI_SUPPORTED_EXTENSION_INSTANCE_TYPE_NOT_REQ_ON_MODZ$DRS_EXT_INSTANCE_TYPE_NOT_REQ_ON_MOD)Z'DRSUAPI_SUPPORTED_EXTENSION_CRYPTO_BINDZDRS_EXT_CRYPTO_BIND)Z)DRSUAPI_SUPPORTED_EXTENSION_GET_REPL_INFOZDRS_EXT_GET_REPL_INFO)Z-DRSUAPI_SUPPORTED_EXTENSION_STRONG_ENCRYPTIONZDRS_EXT_STRONG_ENCRYPTION)Z&DRSUAPI_SUPPORTED_EXTENSION_DCINFO_V01ZDRS_EXT_DCINFO_VFFFFFFFF)Z1DRSUAPI_SUPPORTED_EXTENSION_TRANSITIVE_MEMBERSHIPZDRS_EXT_TRANSITIVE_MEMBERSHIP)Z+DRSUAPI_SUPPORTED_EXTENSION_ADD_SID_HISTORYZDRS_EXT_ADD_SID_HISTORY)Z&DRSUAPI_SUPPORTED_EXTENSION_POST_BETA3ZDRS_EXT_POST_BETA3)Z(DRSUAPI_SUPPORTED_EXTENSION_GETCHGREQ_V5ZDRS_EXT_GETCHGREQ_V5)Z,DRSUAPI_SUPPORTED_EXTENSION_GET_MEMBERSHIPS2ZDRS_EXT_GETMEMBERSHIPS2)Z(DRSUAPI_SUPPORTED_EXTENSION_GETCHGREQ_V6ZDRS_EXT_GETCHGREQ_V6)Z)DRSUAPI_SUPPORTED_EXTENSION_NONDOMAIN_NCSZDRS_EXT_NONDOMAIN_NCS)Z(DRSUAPI_SUPPORTED_EXTENSION_GETCHGREQ_V8ZDRS_EXT_GETCHGREQ_V8)Z*DRSUAPI_SUPPORTED_EXTENSION_GETCHGREPLY_V5ZDRS_EXT_GETCHGREPLY_V5)Z*DRSUAPI_SUPPORTED_EXTENSION_GETCHGREPLY_V6ZDRS_EXT_GETCHGREPLY_V6)Z,DRSUAPI_SUPPORTED_EXTENSION_ADDENTRYREPLY_V3DRS_EXT_WHISTLER_BETA3)Z*DRSUAPI_SUPPORTED_EXTENSION_GETCHGREPLY_V7r)Z)DRSUAPI_SUPPORTED_EXTENSION_VERIFY_OBJECTr)Z+DRSUAPI_SUPPORTED_EXTENSION_XPRESS_COMPRESSZDRS_EXT_W2K3_DEFLATE)Z)DRSUAPI_SUPPORTED_EXTENSION_GETCHGREQ_V10ZDRS_EXT_GETCHGREQ_V10)Z*DRSUAPI_SUPPORTED_EXTENSION_RESERVED_PART2Z*DRS_EXT_RESERVED_FOR_WIN2K_OR_DOTNET_PART2)Z*DRSUAPI_SUPPORTED_EXTENSION_RESERVED_PART3Z*DRS_EXT_RESERVED_FOR_WIN2K_OR_DOTNET_PART3))Z DRSUAPI_SUPPORTED_EXTENSION_ADAMZ DRS_EXT_ADAM)Z$DRSUAPI_SUPPORTED_EXTENSION_LH_BETA2ZDRS_EXT_LH_BETA2)Z'DRSUAPI_SUPPORTED_EXTENSION_RECYCLE_BINZDRS_EXT_RECYCLE_BINzBind to %s succeeded.zExtensions supported:rZYeszNo z %-60s: %s (%s)z Extended Extensions supported:z Site GUID: %szRepl epoch: %uzForest GUID: %s)rvrrrwrrxrrrZ DsBindInfoCtrZlengthZ DsBindInfo28rsZDsBindrrZDRSUAPI_DS_BIND_GUIDrkrZsupported_extensions isinstanceZ DsBindInfo48Zsupported_extensions_extZ site_guidZ repl_epochZconfig_dn_guid)rdrr?rAr@Z bind_inforsZhandleZoptmapZ optmap_extZoptr]ZoptvalZyesnor"r"r#rWs@   %       zcmd_drs_bind.run)NNNNrr"r"r"r#rJsrc@sVeZdZdZdZejejejdZ dgZ e ddddd gZ d d d d dZ dddZdS)cmd_drs_optionszJQuery or change 'options' for NTDS Settings object of a Domain Controller.r=r>rNz --dsa-optionzDSA option to enable/disabler]za{+|-}IS_GC | {+|-}DISABLE_INBOUND_REPL | {+|-}DISABLE_OUTBOUND_REPL | {+|-}DISABLE_NTDSCONN_XLATE)rEtypemetavarrr1r2)ZIS_GCZDISABLE_INBOUND_REPLZDISABLE_OUTBOUND_REPLZDISABLE_NTDSCONN_XLATENc s|_|durtj}|_|jjdd_tj }jj |t j dgd}t |dddfddjD}dd ||r||dd d vrtd ||d d} | jvrtd ||dd d krj| Onj| Mt } t j|| _t tt jd| d<j| fddjD}dd |dS)NTrurrWrcsg|]}j|@r|qSr" option_maprmxZdsa_optsrdr"r#rorpz'cmd_drs_options.run..zCurrent DSA options: z, r)+-zUnknown option %srcsg|]}j|@r|qSr"rrrr"r#rorpzNew DSA options: )rvrrrwrrxrr*r)rr^r_r`rrrkjoinrkeysZMessageZDnrZMessageElementr]ZFLAG_MOD_REPLACEZmodify) rdrZ dsa_optionr?rAr@r7rZcur_optsflagmr"rr#rs4       zcmd_drs_options.run)NNNNN)rrrrrrrrrrrrrrrr"r"r"r#rs&rc @seZdZdZdZejejejdZ e dde de dde de d d d d d e ddd d e dddddgde de dddddgZ dgZd!dd ZdS)"cmd_drs_clone_dc_databasez9Replicate an initial clone of domain, but DO NOT JOIN it.z%prog [options]r>z--serverz DC to join)rErz --targetdirz#where to store provision (required)z-qz--quietzBe quietrLrMz--include-secretszAlso replicate secret valuesz--backend-storeZchoiceZ BACKENDSTOREZtdbZmdbz7Specify the database backend to be used (default is %s))rrchoicesrEz--backend-store-sizebytesZSIZEzeSpecify the size of the backend database, currentlyonly supported by lmdb backends (default is 8 Gb).)rrrEdomainNFc  CsP|} || } |j||d}|dur0tdt||| | |d|| | | d dS)N)ryquietz$--targetdir option must be specifiedZSAMBA_INTERNAL) loggerrrrrZ dns_backend targetdirinclude_secrets backend_storebackend_store_size)rvrxZ get_loggerrr)rdrr?rAr@rrrryrrrrrrr"r"r#rs  zcmd_drs_clone_dc_database.run) NNNNNFFFNN)rrrrrrrrrrrr]rrrrr"r"r"r#rs4   rc @seZdZdZdZejejejdZ e dddddd e d d d d e dddde dddde dddde ddddgZ ddZ ddZ d ddZdS)!cmd_drs_uptodatenesszShow uptodateness statusz%prog [options]r>z-Hz--URLZURLHz%LDB URL for database or target server)rrFrEz-pz --partitionzrestrict to this partition)rErBrLzPrint data in json format)rGrEz --maximumz#Print maximum out-of-date-ness onlyz--medianz"Print median out-of-date-ness onlyz--fullz Print full out-of-date-ness datacCstj|ddS)Nr1r)rDdumps)rdpartitions_summariesr"r"r#format_as_json2sz#cmd_drs_uptodateness.format_as_jsoncCsNg}|D]6\}}dd|D}d|d|f}||q d|S)NcSsg|]\}}d||fqS)z%s: %sr")rmkvr"r"r#ro8rpz7cmd_drs_uptodateness.format_as_text..z%-15s %sz  )itemsrr)rdrlines part_namerIrliner"r"r#format_as_text5s  z#cmd_drs_uptodateness.format_as_textNFc Cs|} |j| dd} t|| | \}}|j}t|\}}|rb||vrV||}||i}n td|g}|rt|d|r|di}i}|D]>\}}t|||| | }t ||}t ||d}|||<|||<q|r| |}n|r| |}n | |}t ||jddS)NTruzunknown partition %smaximummedian)filters)file)rvrxrr)rrrrrrrrrprintr)rdrrrDrrZfullr?rAr@rryrrZ local_kccZdsasr)Zshort_partitionsrhZpart_dnrZpartitions_distancesrrZ utdv_edgesZ distancesrIoutputr"r"r#r=s:           zcmd_drs_uptodateness.run) NNFFFFNNNFF)rrrrrrrrrrrrrrrr"r"r"r#rs@ rc@sZeZdZdZiZeed<eed<eed<eed<e ed<e ed<e ed<d S) cmd_drsz0Directory Replication Services (DRS) management.ZbindZkccrZshowreplrzclone-dc-databaseZ uptodatenessN) rrrrZ subcommandsrrrr<rrrr"r"r"r#rjs      r)4Z __future__rZ samba.getoptZgetoptrr_ZloggingrjrrDZ samba.authrZ samba.netcmdrrrr Z samba.samdbr Zsambar r r Z samba.dcerpcrrZ samba.joinrrZsamba.uptodatenessrrrrrZ samba.compatrrrr*r+r/r:rr<rrrrrrrr"r"r"r#s@           #!'a?.R