diff options
| author | Douglas Bagnall <douglas.bagnall@catalyst.net.nz> | 2018-03-07 13:55:08 +1300 |
|---|---|---|
| committer | Andrew Bartlett <abartlet@samba.org> | 2018-05-31 01:57:15 +0200 |
| commit | bdc0681eaebab7bc930206c2d2db68d7ca132ad3 (patch) | |
| tree | 38596848e68061345cf49e4ac0439b876f33a8ee /python/samba/netcmd | |
| parent | 07302fe03724b98e39f0beca5710b534bcb1582c (diff) | |
| download | samba-bdc0681eaebab7bc930206c2d2db68d7ca132ad3.tar.gz samba-bdc0681eaebab7bc930206c2d2db68d7ca132ad3.tar.bz2 samba-bdc0681eaebab7bc930206c2d2db68d7ca132ad3.zip | |
samba-tool visualize ntdsconn: add --importldif option
This visualizes the NTDSConnections in an LDIF file exported via
`samba_kcc --exportldif`. This functionality is already available in a
roundabout way -- you can use `samba_kcc --import_ldif`, and use the
DB that generates. This just shortens the process.
The ldif import/export feature is useful for analysing AD networks
offsite without exposing too much sensitive data.
Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Diffstat (limited to 'python/samba/netcmd')
| -rw-r--r-- | python/samba/netcmd/visualize.py | 28 |
1 files changed, 25 insertions, 3 deletions
diff --git a/python/samba/netcmd/visualize.py b/python/samba/netcmd/visualize.py index 311476a60ef..e66030d3107 100644 --- a/python/samba/netcmd/visualize.py +++ b/python/samba/netcmd/visualize.py @@ -33,7 +33,7 @@ from samba.graph import distance_matrix, COLOUR_SETS from ldb import SCOPE_BASE, SCOPE_SUBTREE, LdbError import time import re -from samba.kcc import KCC +from samba.kcc import KCC, ldif_import_export from samba.kcc.kcc_utils import KCCError from samba.compat import text_type @@ -400,13 +400,31 @@ class NTDSConn(object): class cmd_ntdsconn(GraphCommand): "Draw the NTDSConnection graph" + takes_options = COMMON_OPTIONS + [ + Option("--importldif", help="graph from samba_kcc generated ldif", + default=None), + ] + + def import_ldif_db(self, ldif, lp): + d = tempfile.mkdtemp(prefix='samba-tool-visualise') + fn = os.path.join(d, 'imported.ldb') + self._tmp_fn_to_delete = fn + samdb = ldif_import_export.ldif_to_samdb(fn, lp, ldif) + return fn + def run(self, H=None, output=None, shorten_names=False, key=True, talk_to_remote=False, sambaopts=None, credopts=None, versionopts=None, color=None, color_scheme=None, - utf8=None, format=None): + utf8=None, format=None, importldif=None): + lp = sambaopts.get_loadparm() - creds = credopts.get_credentials(lp, fallback_machine=True) + if importldif is None: + creds = credopts.get_credentials(lp, fallback_machine=True) + else: + creds = None + H = self.import_ldif_db(importldif, lp) + local_kcc, dsas = self.get_kcc_and_dsas(H, lp, creds) local_dsa_dn = local_kcc.my_dsa_dnstr.split(',', 1)[1] vertices = set() @@ -449,6 +467,10 @@ class cmd_ntdsconn(GraphCommand): attested_edges.append((msg['fromServer'][0], dest_dn, ntds_dn)) + if importldif and H == self._tmp_fn_to_delete: + os.remove(H) + os.rmdir(os.path.dirname(H)) + # now we overlay all the graphs and generate styles accordingly edges = {} for src, dest, attester in attested_edges: |