b 2ddlZddlZddlZddlZddlmZddlmZddlm Z ddl m Z ddl m Z mZmZmZmZddlmZmZmZejdZGdd eZGd d eZGd d eZGddeZGddeZdS)N)Ldb) ndr_unpack)security) SCOPE_SUBTREESCOPE_ONELEVEL SCOPE_BASEERR_NO_SUCH_OBJECTLdbError)Command CommandErrorOptionz^([^;]+);range=(\d+)-(\d+|\*)$c eZdZddddddddejejdf dZdZdZd Z d Z d Z d Z d Z dZdZdZdZdS)LDAPBaseFsectionSUBTcg}|}d|vr*tj|rd|z}nd|z}|drdg}| |_| |_t|||||_| |_ | |_ ||_ ||_ ||_ ||_| |_||_||_||_t'|j|_t'|j|_t'|j|_t'|j|_||_||_tAj!dd|j"d d |_#|$|_%|&|j r|j s|j'd |jz|j'd d |jzz|j'd d|jzz|j'd d|jzz|j'd d|j#zzdSdSdS)Nz://ztdb://%sz ldap://%szldap://zmodules:paged_searches)url credentialslpoptionsz [Dd][Cc]=r,.z * Place-holders for %s:  z${DOMAIN_DN} => %s z${DOMAIN_NETBIOS} => %s z${SERVER_NAME} => %s z${DOMAIN_NAME} => %s )(ospathisfilelower startswithoutferrfrldb search_base search_scope two_domainsquiet descriptor sort_acesviewverbosehostskip_missing_dnstrget_default_basednbase_dnget_root_basednroot_dnget_config_basedn config_dnget_schema_basedn schema_dn find_netbiosdomain_netbios find_servers server_namesresubreplace domain_namefind_domain_sid domain_sid get_sid_mapwrite)selfr+credsrtwor&r'r(r*r)basescoper r!r, ldb_options samdb_urls 6/usr/lib/python3/dist-packages/samba/netcmd/ldapcmp.py__init__zLDAPBase.__init__-s    w~~d## /&- '$. ??   ' ' 2 2 534K  9#(*,,, ! $"   .48668899 48335566 TX7799::TX7799::"//11 --//6+r4<@@HHcRR..00    .DJ . IOO9DIE F F F IOOG&A L')) * * * IOOG&A /'00 1 1 1 IOOG&B -'.. / / / IOOG&A ,'-- . . . . . . . . .c|j|jdt}t t j|dddS)Nz(objectClass=*))rE expressionrFr objectSid)r"searchr/rrrdom_sidrBress rIr>zLDAPBase.find_domain_sidbs@hoo4<z)LDAPBase.find_servers..ls&---AAdGAJ---rK)r"rOr/rlenrQs rIr8zLDAPBase.find_serversfs]hoo#= #L$1>V_c^dff3xx!||||------rKc|jd|jztdg}t |dksJ|D]}d|vr|ddcSdS)NzCN=Partitions,%s nETBIOSNamerErFrUr)r"rOr3rr\)rBrRrZs rIr6zLDAPBase.find_netbiosnshoo#5#F$1-JJ3xx!|||| + +A!!'****" + +rKcd} |j|t}n.#t$r!}|j\}}|t krYd}~dSd}~wwxYwt |dkS)N)rErFF)r"rOrr argsr r\)rB object_dnrRe2enumestrs rI object_existszLDAPBase.object_existsvs} (//y /CCCC   7LT4)))uuuuu    3xx1}s!& AA  A  Ac |j|dS#tj$r}dt |vsJYd}~dSd}~wwxYw)NzNo such object)r"deleterr r-)rBrces rI delete_forcezLDAPBase.delete_forcesk . HOOI & & & & &| . . .#s1vv---------- .sA AA cht|}||S|dS)zi Returns the real attribute name It resolved ranged results e.g. member;range=0-1499 Nra)RE_RANGED_RESULTmatchgroup)rBkeyms rIget_attribute_namezLDAPBase.get_attribute_names1  " "3 ' ' 9JwwqzzrKct|}||S|d}t|d} d||dzfz}|j|t |g}t|dksJt|d}|d=d} d} |D]P}t|}||d|kr9|} t||} | n~| | | dd krnOt| d |dzksJt| d}2|S) zp Returns list with all attribute values It resolved ranged results e.g. member;range=0-1499 NraTz %s;range=%d-*r_rdn*) rmrnrointr"rOrr\dictlistextend) rBrcrpvalsrqattrhinrRfmfvalss rIget_attribute_valueszLDAPBase.get_attribute_valuess  " "3 ' ' 9Kwwqzz __! "4a.0A(//y 1#/NNCs88q====s1v,,CD BE  $**3//9771::%%SXz KK   xx{{c!!rxx{{##rAv----RXXa[[!!BC! "F rKcZ|j|tdg}t|dksJt |d}|d=i}|D]C\}}||}t|}||||||<D|S)z: Returns dict with all default visible attributes rvr_rarru) r"rOrr\ryitemsrrsortedr)rBrcrR attributesrpr|names rIget_attributeszLDAPBase.get_attributesshoo9JseoLL3xx1}}}}3q6ll I  O OIC**3//D$<r8r6rgrkrrrrrrr@rKrIrr+s%EUTYbjsz43.3.3.3.jDDD...+++   ...   222h$--- ---4     rKrcFeZdZejejfdZdZdZdZ dZ dS) Descriptorc||_||_||_||_|j|j|_||_|jjr|j dSdSN) r r!conrursddl extract_dacl dacl_listr(sort)rB connectionrur r!s rIrJzDescriptor.__init__s{  H0099 **,, 8  " N   ! ! ! ! ! " "rKc d|jvr.tjd|jd}n-tjd|jd}n#t$rgcYSwxYwtjd|S)zG Extracts the DACL as a list of ACE string (with the brakets). zS:zD:(.*?)(\(.*?\))S:rwzD:(.*?)(\(.*\))z (\(.*?\)))rr:rOroAttributeErrorfindallrQs rIrzDescriptor.extract_dacls ty  i 5tyAAGGJJi 2DI>>DDQGG   III z,,,,sA$A'' A65A6cd|z}tjd|}t|dkr|S|D];} |jj|}|||},#t $rY8wxYw|S)Nrz S-[-0-9]+r)r:rr\rrr<r)rBacerRsidssidrs rIfix_sidzDescriptor.fix_sidsSjz+s++ t99>>J  C x',kk#t,,     s(A A+*A+cxd}t|jt|jkr?|dz }|ddt|jzzz }|ddt|jzzz }d}d} d}d} d|j|z}n#t$rd}YnwxYw d|j|z}n#t$rd}YnwxYwt|t|zdkrnWd||z}d||z}||kr||dd |d z }d }n ||dd |d z }|d z }||fS)Nr Difference in ACE count:  => %s rTrz>60z *  Fz | ra)r\r IndexErrorr) rBotherrRiflagself_ace other_aceself_ace_fixedother_ace_fixeds rIdiff_1zDescriptor.diff_1+s t~  #eo"6"6 6 6 9 9C 7YT^)<)<<< .Vs%LLLc S 1 1LLLrKc:g|]}|Srr)rYrrs rIr[z%Descriptor.diff_2..Ws% O O Os!3!3 O O OrKrrzACEs found only in %s: rz ACEs found in both: ) r\rrappend ValueErrorrrr+rzsetr*) rBrrR common_aces self_aces other_acesself_dacl_list_fixedother_dacl_list_fixedrs `` rIdiff_2zDescriptor.diff_2Ls t~  #eo"6"6 6 6 9 9C 7YT^)<)<<< >A   77$(-GG GC  , ,w}t++( ( (C ($**3///""3'''' ' ' '!!#&&&&& 'J'' z??Q   77%).HH HC! , ,w}t++T#k"2"23344 8  , 4 4C" , ,w}t++R4J"$4c::s$C  C,+C,;E&&FFN) rrrrrrrJrrrrrrKrIrrsn,/JSZ"""" - - -   B+;+;+;+;+;rKrc^eZdZejejfdZdZdZdZ dZ dZ dZ dZ d Zd S) LDAPObjectcX||_||_||_|jj|_|jj|_|jj|_||_|d|jj|_ |j dd|jj z|_ |jj D]%}|j dd|z|_ &|j |j |_ gd|_|j|_|xjdgz c_|r|xj|z c_g|_g|_g|_g|_g|_|jr|xjgdz c_gd|_d |jD|_gd |_d |jD|_gd |_d |jD|_gd|_d|jD|_ddg|_d|jD|_t+d|jD|_dS)N ${DOMAIN_DN}CN=${DOMAIN_NETBIOS}CN=%sCN=${SERVER_NAME}) badPasswordTime badPwdCountdSCorePropagationData lastLogoff lastLogon logonCount modifiedCountzmsDS-Cached-Membershipz!msDS-Cached-Membership-Time-StampzmsDS-EnabledFeatureBLzmsDS-ExecuteScriptPasswordz msDS-NcTypezmsDS-ReplicationEpochzmsDS-RetiredReplNCSignatureszmsDS-USNLastSyncSuccesspartialAttributeDeletionListpartialAttributeSetpekList prefixMapreplPropertyMetaDatareplUpToDateVectorrepsFromrepsTo rIDNextRIDrIDPreviousAllocationPool schemaUpdate serverStatesubRefs uSNChanged uSNCreated uSNLastObjRem whenChangedmsExchServer1HighestUSN)#objectCategory objectGUIDrN whenCreatedr pwdLastSetr creationTimer priorSetTimerIDManagerReferencegPLinkipsecNFAReferencefRSPrimaryMember fSMORoleOwner masteredByipsecOwnersReferencewellKnownObjectsotherWellKnownObjectsripsecISAKMPReferenceipsecFilterReferencezmsDs-masteredBy lastSetTimeipsecNegotiationPolicyReferencergPCFileSysPathaccountExpires invocationIdoperatingSystemVersionoEMInformation schemaInfo targetAddressmsExchMailboxGuidsiteFolderGUID)&distinguishedNamedefaultObjectCategorymembermemberOfsiteListnCNamehomeMDBhomeMTAinterSiteTopologyGeneratorserverReferencezmsDS-HasInstantiatedNCs hasMasterNCszmsDS-hasMasterNCszmsDS-HasDomainNCs dMDLocationmsDS-IsDomainForrIDSetReferencesserverReferenceBLmsExchHomeRoutingGroupmsExchResponsibleMTAServersiteFolderServermsExchRoutingMasterDNmsExchRoutingGroupMembersBL homeMDBBLmsExchHomePublicMDBmsExchOwningServer templateRootsaddressBookRootsmsExchPolicyRootsglobalAddressListmsExchOwningPFTreemsExchResponsibleMTAServerBLmsExchOwningPFTreeBLz$msDS-MembersOfResourcePropertyListBLzmsDS-ValueTypeReferencez"msDS-MembersOfResourcePropertyListzmsDS-ValueTypeReferenceBLzmsDS-ClaimTypeAppliesToClassc6g|]}|SrupperrXs rIr[z'LDAPObject.__init__..s !H!H!H!''))!H!H!HrK)proxyAddressesmailuserPrincipalName"msExchSmtpFullyQualifiedDomainName dnsHostNamenetworkAddressdnsRootservicePrincipalNamec6g|]}|Srr5rXs rIr[z'LDAPObject.__init__.. %P%P%PAaggii%P%P%PrK) rrCNr dNSHostNamer>r#rr$r"rc6g|]}|Srr5rXs rIr[z'LDAPObject.__init__..s )X)X)X!'')))X)X)XrK)r>rArr^rc6g|]}|Srr5rXs rIr[z'LDAPObject.__init__..s &R&R&RQqwwyy&R&R&RrKrDCc6g|]}|Srr5rXs rIr[z'LDAPObject.__init__..s $N$N$N1QWWYY$N$N$NrKc6g|]}|Srr5rXs rIr[z'LDAPObject.__init__..r@rK)r r!rr%r&r*summaryr<r/rur7r9rrnon_replicated_attributesignore_attributes dn_attributesdomain_attributesservername_attributesnetbios_attributesother_attributesr)rBrrurH filter_listr r!rZs rIrJzLDAPObject.__init__{s  8/X^ x'  **^TX-=>>'//"8'DHD[:[\\& H HAgoo&97Q;GGDGG(11$'::#* #* #* &H"&!? #<"==  2  " "k 1 " "!#%'""$ "  4 O  " " 'H 'H 'H H " " """D ""I!HT5G!H!H!HD &V&V&VD "&Q%P9O%P%P%PD "*^*^*^D &*Y)XT=W)X)X)XD &&r&r&rD #&R&R$:Q&R&R&RD #%+T$4D !$N$N8M$N$N$ND !!$%P%P9O%P%P%P!Q!QrKcR|js|j|dzdSdSzE Log on the screen if there is no --quiet option set rNr&r rArBmsgs rIlogzLDAPObject.logs6z ' IOOCI & & & & & ' 'rKcd|z}|js|S||jjr4|dt |t |jjz dz}|S)Nrr)r%r6endswithrr/r\rBsrRs rIfix_dnzLDAPObject.fix_dns}Qh J 99;;   0 6 6 8 8 9 9 J7s3xx#dh&6"7"7778>IC rKc"d|z}|js|S||jj|jj}||jjd}|S)Nrz${DOMAIN_NAME})r%r<rr=rr6rYs rIfix_domain_namezLDAPObject.fix_domain_name szQh Jkk$(.44668L8R8R8T8TUUkk$(.44668HII rKc"d|z}|js|S||jj|jj}||jjd}|S)Nrz${DOMAIN_NETBIOS})r%r<rr7rr6rYs rIfix_domain_netbioszLDAPObject.fix_domain_netbiosszQh Jkk$(1779948;R;X;X;Z;Z[[kk$(17799;NOO rKcd|z}|jrt|jjdkr|S|jjD]*}||d}+|S)Nrraz${SERVER_NAME})r%r\rr9r6r<)rBrZrRrZs rIfix_server_namezLDAPObject.fix_server_nameskQh 3tx'<#=#=#A#AJ& ; ;A))++%%a)9::CC rKcn|jjr||S||Sr)rr'cmp_desc cmp_attrs)rBrs rI__eq__zLDAPObject.__eq__"s3 8  (=='' '~~e$$$rKct|j|j|j|j}t|j|j|j|j}|jjdkr||}n5|jjdkr||}ntd|d|_ |d|_ |dS)N)r r!r collisionzUnknown --view option value.rar) rrrur r!r)rr Exception screen_output)rBrd1d2rRs rIrczLDAPObject.cmp_desc's $'  J J J  58$)$) L L L 8=I % %))B--CC X]k ) )))B--CC:;; ; V!!f1v rKcd}g_tdjD}tdjD}||z jz }|r%|ddjjzzz }|D] }|d|zdzz }||z jz }|r%|ddjjzzz }|D] }|d|zdzz }||z}d} jD]}|jvs||vr5tj|trdtj|trDtj|j|<tj|j|<j|j|krCd} d} d} d} |j vr;fd j|D} fd j|D} | | kr3nY|j vr>j|} j|} fd | D} fd | D} | | kr|j vrF| } | } | s| sj|} j|} fd | D} fd| D} | | kr|j vrF| } | } | s| sj|} j|} fd| D} fd| D} | | krO|jvrF| } | } | s| sj|} j|} fd| D} fd| D} | | kr| r || dzz }d} | r| r|d|zd| d| zdzz }n*|d|zdj|dj|zdzz }j||r||ksJjdxxt|z cc<jdxxjz cc<jdxxt|z cc<jdxxjz cc<|_|_|dkS)Nrc6g|]}|Srr5rYr}s rIr[z(LDAPObject.cmp_attrs..:s CCC4$**,,CCCrKc6g|]}|Srr5rns rIr[z(LDAPObject.cmp_attrs..;s EEED4::<<EEErKrzAttributes found only in %s:rrz# Difference in attribute values:cbg|]+}jjdd|k,Srrrr=splitrYjrBs rIr[z(LDAPObject.cmp_attrs..Ys6]]]Q-33C88;q@]]]rKcbg|]+}jjdd|k,SrqrrrYrurs rIr[z(LDAPObject.cmp_attrs..Zs6___a.44S99!<A___rKc:g|]}|Srr[rts rIr[z(LDAPObject.cmp_attrs..as#333AQ333rKc:g|]}|Srryrws rIr[z(LDAPObject.cmp_attrs..bs#444Qa444rKc:g|]}|Srr]rts rIr[z(LDAPObject.cmp_attrs..l'<<.m'===a..q11===rKc:g|]}|Srrarts rIr[z(LDAPObject.cmp_attrs..xr}rKc:g|]}|Srrrws rIr[z(LDAPObject.cmp_attrs..yrrKc:g|]}|Srr_rts rIr[z(LDAPObject.cmp_attrs..s'???0033???rKc:g|]}|Srrrws rIr[z(LDAPObject.cmp_attrs..s'@@@11!44@@@rKz => unique_attrsdf_value_attrs)rrrrJrr+r6 isinstancerzrrOrKrLrMrNrrHri)rBrrR self_attrs other_attrsself_unique_attrsrZother_unique_attrs missing_attrstitlepqrqrs`` rIrdzLDAPObject.cmp_attrs6s CC4?CCCDD EEE4DEEEFF &4u7NN  * 7;dhmKK KC& * *w{T))(:58NN  * 7;einLL LC' * *w{T))),>> ;E .E .AwwyyD222aggii=6P6P$/!,d33 B 5CSTUCVX\8]8] B%+DOA,>%?%?"&,U-=a-@&A&A #q!U%5a%8887799 555]]]]$/Z[J\]]]A____5K[\]K^___AAvv WWYY$"444*A(+A3333333A4444!444AAvv 7799 666AA0Q0 OA.!,Q/<<<(?(??$$$ %&&&$*==&&& n%%%.@)A)AA%%% &'''4+>>''' !byrKN)rrrrrrrJrVr[r]r_rarercrdrrKrIrrzsjsz~R~R~R~R@'''%%%   fffffrKrcPeZdZddejejfdZdZdZdZ dZ dZ dS) LDAPBundleNc||_||_||_|jj|_|jj|_|jj|_|jj|_|jj|_|jj|_i|_ g|j d<g|j d<g|j d<g|j d<||_ |r||_ nY| dvr4| |_ |||_ ntdd}|t!|j kr|jr|j |}|dt!|t!|jjz dz}|d |jjzd }t!|jjd kr(|jjD]} |d | zd }||j |<|d z }|t!|j kr|jt+t-|j |_ t/|j |_ t!|j |_dS) Nrrknown_ignored_dnabnormal_ignored_dnDOMAIN CONFIGURATIONSCHEMA DNSDOMAIN DNSFORESTz-Unknown initialization data for LDAPBundle().rrrrrar)r r!rr%r&r*r#r$r,rHrPdn_listr6context get_dn_listrhr\r/r<r7r9rzrrsize) rBrrrrPr r!counterrrZs rIrJzLDAPBundle.__init__s5  8/X^ x' 8/ H1#x7 ') ^$)+ %&+- '(.0 *+&  M"DLL ]]__ _ _ _"==??DL++G44DLLKLL LDL))))d.>),w'C7s3xx#dh&6"7"7778>IC++g(??AWXXC48())Q...HHA++gk3FGGCC$'DL ! qLGDL))))d.>)C --.. dl++  %% rKcR|js|j|dzdSdSrRrSrTs rIrVzLDAPBundle.logs6z ( IOOC$J ' ' ' ' ' ( (rKcjt|j|_t|j|_dSr)r\rrrrBs rI update_sizezLDAPBundle.update_sizes( %% dl++ rKc d}|j|jkr.|d|jd|j|jsd}td|jD}td|jD}|jt kr|js||z }|rNd}|d|jjzt|D]}|d|z||z }|rNd}|d|jjzt|D]}|d|z||z}|d t|z|D]} t|j| |j |j |j|j } n2#t $r%} |d | d | Yd} ~ ]d} ~ wwxYw t|j| |j |j |j|j } n2#t $r%} |d | d | Yd} ~ d} ~ wwxYw| | kr|jjr|d |d| jd| jjd|d| jd| jjd|dn|d |d| jd| jjd|d| jd| jjd|| j|dd}| j |_ | j |_ |S)NTz! * DN lists have different size: z != Fc6g|]}|Srr5rYrs rIr[z#LDAPBundle.diff..s 888a 888rKc6g|]}|Srr5rs rIr[z#LDAPBundle.diff..s :::q:::rKz * DNs found only in %s:rz * Objects to be compared: %d)rrurHrPr r!zLdbError for dn z: z Comparing:'z' []z OKz FAILED)rrVr,rrr$rrr+rr\rrHrPr r!r r*ruri) rBrrRself_dns other_dns self_onlyrZ other_only common_dnsruobject1rjobject2s rIdiffzLDAPBundle.diffs 9 " " HHHTYYYPUPZPZ[ \ \ \' 884<88899::EM:::;;   * *43G * 9,I *4tx}DEEE ****AHHWq[))))"X-J *4uy~EFFF ++**AHHWq[)))) )  1C OOCDDD$ ,$ ,B $(*-1\151A*.)$) EEE    RRR;<<<  $ (*-2]151A*.)$) EEE    RRR;<<< '!!8#-HH^,,,HHHGJJJ 8H8H8HIJJJHHHGJJJ 8H8H8HIJJJHH^,,,((( GK4D4D4DEFFF GK4D4D4DEFFF.///+,,,"?DL#OEMM s0..F G 'GG .G?? H. H))H.c|dkr |jj}n|dkr |jj}nt|dkr |jj}nO|dkrd|jjz}n'|dkrd|jjz}g}|js||_|j|_|jdkr t|_n?|jd kr t|_n'|jd kr t|_ntd  |jj |j|jd g }n?#t$r2}|j\}}|jd|jzd}~wwxYw|D]/}||d 0|S)z Query LDAP server about the DNs of certain naming self.con.ext Domain (or Default), Configuration, Schema. Parse all DNs and filter those that are 'strange' or abnormal. rrrrzDC=DomainDnsZones,%srzDC=ForestDnsZones,%srBASEONEz0Wrong 'scope' given. Choose from: SUB, ONE, BASErur_zFailed search of base=%s N)r6rr/r3r5r1r#r$rrrrr"rOr rbr rArget_linearized) rBrr#rrRe3rerfrZs rIrzLDAPBundle.get_dn_lists ==??h & &(*KK ]]__ / /(,KK ]]__ ( ((,KK ]]__ + +0483CCKK ]]__ + +0483CCK +*D  -3355   % % -D    & ( ( *D    % ' ' .D  OPP P (,%%4+;4CT]a\b%ccCC   7LT4 IOO84;KK L L L   5 5A NN1T71133 4 4 4 4s-E33 F/=-F**F/cptt|jd|jd<tt|jd|jd<|jdr_|d|jjz|dd|jdD|jdr^|d|dd|jdDg|jd<dSdS)Nrrz Attributes found only in %s:rc2g|]}td|zSz rWrXs rIr[z,LDAPBundle.print_summary..Gs%\\\!c.1"455\\\rKz" Attributes with different values:c2g|]}td|zSrrWrXs rIr[z,LDAPBundle.print_summary..Ks%^^^!c.1"455^^^rK)rzrrHrVrr+joinrs rI print_summaryzLDAPBundle.print_summaryAs'+C ^0L,M,M'N'N ^$)-c$,?O2P.Q.Q)R)R %& < ' _ HH5 E F F F HHRWW\\t|N?[\\\]] ^ ^ ^ <( ) 0 HH: ; ; ; HHRWW^^t|L\?]^^^__ ` ` `-/DL) * * * 0 0rK) rrrrrrrJrVrrrrrrKrIrrs48djsz%&%&%&%&N(((,,,GGGR###J 0 0 0 0 0rKrceZdZdZdZejejejdZ gdZ e ddddd d e d d ddd d e ddddd d e dddd d e dddd d e dddddgde d d!d"d#$e d%d&d"d'$e d(d)d*gd+d,e d-d.d"d/$e d0d1dd d2 g Z d5d4Z d3S)6 cmd_ldapcmpzCompare two ldap databases.zO%prog (domain|configuration|schema|dnsdomain|dnsforest) [options]) sambaopts versionoptscredopts)URL1URL2z context1?z context2?z context3?z context4?z context5?z-wz--tworD store_trueFz"Hosts are in two different domains)destactiondefaulthelpz-qz--quietr&z1Do not print anything but relay on just exit codez-vz --verboser*z*Print all DN pairs that have been comparedz--sdr'z+Compare nTSecurityDescriptor attibutes onlyz --sort-acesr(z=Sort ACEs before comparison of nTSecurityDescriptor attributez--viewr)rrgzUDisplay mode for nTSecurityDescriptor results. Possible values: section or collision.)rrchoicesrz--baserErz:Pass search base that will build DN list for the first DC.)rrrz--base2base2znPass search base that will build DN list for the second DC. Used when --two or when compare two different DNs.z--scoperFr)rrrz>Pass search scope that builds DN list. Options: SUB, ONE, BASEz--filterfilterz?List of comma separated attributes to ignore in the comparisionz--skip-missing-dnr,zCSkip report and failure due to missing DNs in one server or anotherNc|}|dp|d}|r||d}nd}||d}|r|}n*|d|d|r#|stdg}| |r|rdg}nagd }n\|||||fD]T}|| d vrtd |z| | U| r| rtd |s|s|r|std t||||| | | | | |||j |j | }t|jdksJt||||| | | | | |||j |j | }t|jdksJ|d}d}|D]T} | s|j d| zt%|| ||j |j }!t%|| ||j |j }"|!|"r | s|j d| z| s|j d| z| st|!jdt|"jdksJg|"jd<|j d|j d|!|"d}V|dkrtd|zdS)NldapT)fallback_machineF)guessrz3You must supply at least one username/password pairrrzIncorrect argument: %sz-You cannot set --verbose and --quiet togetherz> VTUU U   [ [%:[ZZ(HhG + +9wwyy$ccc&'?!'CDDD ****  Pu PNOO O _ _D _ _]^^ ^eRuy 'dU!YTYYYY4<  1$$$$fbuy 'de!YTYYYY4<  1$$$$ll3''   G M  AG KLLLD'{!%<<#?@@C ScHdDeDeeeee79 #34  666  666((***((*** Q;;3f<== = ;rK)NNNNNFFFFFrrrrrNNNF)rrr__doc__synopsisr SambaOptionsVersionOptionsCredentialsOptionsDoubletakes_optiongroups takes_argsr takes_optionsrrrKrIrrOs%%`H)-4 cbbJ tW5u8 : : :tYW\5G I I It[yu@ B B BvLuA C C C};|US U U Uxfi)[AYk m m mxfbP R R RywE F F Fyw?U?U?UT V V Vz"U W W W"):W>W>W>W>W>rKr)rr:rsamba samba.getoptgetoptrr samba.ndrr samba.dcerpcrr"rrrr r samba.netcmdr r r compilermobjectrrrrrrrKrIrs0  !!!!!!WWWWWWWWWWWWWW 2:?@@WWWWWvWWWtr;r;r;r;r;r;r;r;jbbbbbbbbJ m0m0m0m0m0m0m0m0`|>|>|>|>|>'|>|>|>|>|>rK