svn commit: samba r8791 - in branches/SAMBA_4_0/source/dsdb/samdb/ldb_modules: .

abartlet at samba.org abartlet at samba.org
Wed Jul 27 00:24:47 GMT 2005 

Author: abartlet
Date: 2005-07-27 00:24:47 +0000 (Wed, 27 Jul 2005)
New Revision: 8791

WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=rev&root=samba&rev=8791

Log:
(missing from previous commit)

Add templating support for foreignSecurityPrincipal to the samdb
module.

Andrew Bartltt

Modified:
   branches/SAMBA_4_0/source/dsdb/samdb/ldb_modules/samldb.c


Changeset:
Modified: branches/SAMBA_4_0/source/dsdb/samdb/ldb_modules/samldb.c
===================================================================
--- branches/SAMBA_4_0/source/dsdb/samdb/ldb_modules/samldb.c	2005-07-27 00:23:09 UTC (rev 8790)
+++ branches/SAMBA_4_0/source/dsdb/samdb/ldb_modules/samldb.c	2005-07-27 00:24:47 UTC (rev 8791)
@@ -243,10 +243,9 @@
 	return name;
 }
 
-static BOOL samldb_get_rdn_and_basedn(void *mem_ctx, const char *dn, struct ldb_dn_component **rdn, char **base_dn)
+static BOOL samldb_get_rdn(void *mem_ctx, const char *dn, struct ldb_dn_component **rdn)
 {
 	struct ldb_dn *dn_exploded = ldb_dn_explode(mem_ctx, dn);
-	struct ldb_dn base_dn_exploded;
 
 	if (!dn_exploded) {
 		return False;
@@ -256,15 +255,6 @@
 		return False;
 	}
 	
-	if (dn_exploded->comp_num < 2) {
-		*base_dn = NULL;
-	} else {
-		base_dn_exploded.comp_num = dn_exploded->comp_num - 1;
-		base_dn_exploded.components = &dn_exploded->components[1];
-		
-		*base_dn = ldb_dn_linearize(mem_ctx, &base_dn_exploded);
-	}
-
 	*rdn = &dn_exploded->components[0];
 	return True;
 }
@@ -355,7 +345,7 @@
 			    (strcasecmp((char *)el->values[j].data, "Template") == 0 ||
 			     strcasecmp((char *)el->values[j].data, "userTemplate") == 0 ||
 			     strcasecmp((char *)el->values[j].data, "groupTemplate") == 0 ||
-			     strcasecmp((char *)el->values[j].data, "foreignSecurityTemplate") == 0 ||
+			     strcasecmp((char *)el->values[j].data, "foreignSecurityPrincipalTemplate") == 0 ||
 			     strcasecmp((char *)el->values[j].data, "aliasTemplate") == 0 || 
 			     strcasecmp((char *)el->values[j].data, "trustedDomainTemplate") == 0 || 
 			     strcasecmp((char *)el->values[j].data, "secretTemplate") == 0)) {
@@ -381,7 +371,6 @@
 	struct ldb_message *msg2;
 	struct ldb_message_element *attribute;
 	struct ldb_dn_component *rdn;
-	char *basedn;
 
 	if (samldb_find_attribute(msg, "objectclass", "group") == NULL) {
 		return NULL;
@@ -401,7 +390,7 @@
 		return NULL;
 	}
 
-	if ( ! samldb_get_rdn_and_basedn(msg2, msg2->dn, &rdn, &basedn)) {
+	if ( ! samldb_get_rdn(msg2, msg2->dn, &rdn)) {
 		ldb_debug(module->ldb, LDB_DEBUG_FATAL, "samldb_fill_group_object: Bad DN (%s)!\n", msg2->dn);
 		return NULL;
 	}
@@ -438,7 +427,6 @@
 	struct ldb_message *msg2;
 	struct ldb_message_element *attribute;
 	struct ldb_dn_component *rdn;
-	char *basedn;
 
 	if ((samldb_find_attribute(msg, "objectclass", "user") == NULL) && 
 	    (samldb_find_attribute(msg, "objectclass", "computer") == NULL)) {
@@ -466,7 +454,7 @@
 		}
 	}
 
-	if ( ! samldb_get_rdn_and_basedn(msg2, msg2->dn, &rdn, &basedn)) {
+	if ( ! samldb_get_rdn(msg2, msg2->dn, &rdn)) {
 		return NULL;
 	}
 	if (strcasecmp(rdn->name, "cn") != 0) {
@@ -503,6 +491,58 @@
 	return msg2;
 }
 
+static struct ldb_message *samldb_fill_foreignSecurityPrincipal_object(struct ldb_module *module, const struct ldb_message *msg)
+{
+	struct ldb_message *msg2;
+	struct ldb_message_element *attribute;
+	struct ldb_dn_component *rdn;
+
+	if (samldb_find_attribute(msg, "objectclass", "foreignSecurityPrincipal") == NULL) {
+		return NULL;
+	}
+
+	ldb_debug(module->ldb, LDB_DEBUG_TRACE, "samldb_fill_foreignSecurityPrincipal_object\n");
+
+	/* build the new msg */
+	msg2 = ldb_msg_copy(module->ldb, msg);
+	if (!msg2) {
+		ldb_debug(module->ldb, LDB_DEBUG_FATAL, "samldb_fill_foreignSecurityPrincpal_object: ldb_msg_copy failed!\n");
+		return NULL;
+	}
+
+	if (samldb_copy_template(module, msg2, "(&(CN=TemplateForeignSecurityPrincipal)(objectclass=foreignSecurityPrincipalTemplate))") != 0) {
+		ldb_debug(module->ldb, LDB_DEBUG_WARNING, "samldb_fill_foreignSecurityPrincipal_object: Error copying template!\n");
+		return NULL;
+	}
+
+	if ( ! samldb_get_rdn(msg2, msg2->dn, &rdn)) {
+		ldb_debug(module->ldb, LDB_DEBUG_FATAL, "samldb_fill_foreignSecurityPrincipal_object: Bad DN (%s)!\n", msg2->dn);
+		return NULL;
+	}
+	if (strcasecmp(rdn->name, "cn") != 0) {
+		ldb_debug(module->ldb, LDB_DEBUG_FATAL, "samldb_fill_foreignSecurityPrincipal_object: Bad RDN (%s) for foreignSecurityPrincpal!\n", rdn->name);
+		return NULL;
+	}
+
+	if ((attribute = samldb_find_attribute(msg2, "objectSid", NULL)) == NULL ) {
+		struct dom_sid *sid = dom_sid_parse_talloc(msg2, rdn->value.data);
+		if (sid == NULL) {
+			ldb_debug(module->ldb, LDB_DEBUG_FATAL, "samldb_fill_foreignSecurityPrincipal_object: internal error! Can't parse sid in CN\n");
+			return NULL;
+		}
+
+		if (!samldb_msg_add_sid(module, msg2, "objectSid", sid)) {
+			talloc_free(sid);
+			return NULL;
+		}
+		talloc_free(sid);
+	}
+
+	talloc_steal(msg, msg2);
+
+	return msg2;
+}
+
 /* add_record */
 static int samldb_add_record(struct ldb_module *module, const struct ldb_message *msg)
 {
@@ -523,6 +563,11 @@
 		msg2 = samldb_fill_group_object(module, msg);
 	}
 
+	/* perhaps a foreignSecurityPrincipal? */
+	if ( ! msg2 ) {
+		msg2 = samldb_fill_foreignSecurityPrincipal_object(module, msg);
+	}
+
 	if (msg2) {
 		ret = ldb_next_add_record(module, msg2);
 	} else {

More information about the samba-cvs mailing list