svn commit: samba r16236 - in branches/SAMBA_4_0/source/rpc_server:
lsa netlogon samr
abartlet at samba.org
abartlet at samba.org
Wed Jun 14 23:47:45 GMT 2006
Author: abartlet
Date: 2006-06-14 23:47:45 +0000 (Wed, 14 Jun 2006)
New Revision: 16236
WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=rev&root=samba&rev=16236
Log:
Add a proper baseDN to a large number of queries. Searching the NULL
baseDN won't work once the partitions module is loaded.
Andrew Bartlett
Modified:
branches/SAMBA_4_0/source/rpc_server/lsa/dcesrv_lsa.c
branches/SAMBA_4_0/source/rpc_server/netlogon/dcerpc_netlogon.c
branches/SAMBA_4_0/source/rpc_server/samr/dcesrv_samr.c
Changeset:
Modified: branches/SAMBA_4_0/source/rpc_server/lsa/dcesrv_lsa.c
===================================================================
--- branches/SAMBA_4_0/source/rpc_server/lsa/dcesrv_lsa.c 2006-06-14 23:46:27 UTC (rev 16235)
+++ branches/SAMBA_4_0/source/rpc_server/lsa/dcesrv_lsa.c 2006-06-14 23:47:45 UTC (rev 16236)
@@ -221,6 +221,7 @@
struct lsa_policy_state **_state)
{
struct lsa_policy_state *state;
+ const struct ldb_dn *partitions_basedn = ldb_dn_string_compose(mem_ctx, samdb_base_dn(mem_ctx), "CN=Partitions,CN=Configuration");
state = talloc(mem_ctx, struct lsa_policy_state);
if (!state) {
@@ -246,7 +247,7 @@
}
state->domain_name
- = samdb_search_string(state->sam_ldb, state, NULL, "nETBIOSName",
+ = samdb_search_string(state->sam_ldb, state, partitions_basedn, "nETBIOSName",
"(&(objectclass=crossRef)(ncName=%s))", ldb_dn_linearize(mem_ctx, state->domain_dn));
if (!state->domain_name) {
Modified: branches/SAMBA_4_0/source/rpc_server/netlogon/dcerpc_netlogon.c
===================================================================
--- branches/SAMBA_4_0/source/rpc_server/netlogon/dcerpc_netlogon.c 2006-06-14 23:46:27 UTC (rev 16235)
+++ branches/SAMBA_4_0/source/rpc_server/netlogon/dcerpc_netlogon.c 2006-06-14 23:47:45 UTC (rev 16236)
@@ -99,7 +99,7 @@
return NT_STATUS_INVALID_SYSTEM_SERVICE;
}
/* pull the user attributes */
- num_records = gendb_search(sam_ctx, mem_ctx, NULL, &msgs, attrs,
+ num_records = gendb_search(sam_ctx, mem_ctx, samdb_base_dn(mem_ctx), &msgs, attrs,
"(&(sAMAccountName=%s)(objectclass=user))",
r->in.account_name);
@@ -901,6 +901,7 @@
struct netr_DomainInfo1 *info1;
int ret, ret1, ret2, i;
NTSTATUS status;
+ const struct ldb_dn *partitions_basedn = ldb_dn_string_compose(mem_ctx, samdb_base_dn(mem_ctx), "CN=Partitions,CN=Configuration");
const char *local_domain;
@@ -922,13 +923,13 @@
primary domain is also a "trusted" domain, so we need to
put the primary domain into the lists of returned trusts as
well */
- ret1 = gendb_search(sam_ctx, mem_ctx, NULL, &res1, attrs, "(objectClass=domainDNS)");
+ ret1 = gendb_search(sam_ctx, mem_ctx, samdb_base_dn(mem_ctx), &res1, attrs, "(objectClass=domainDNS)");
if (ret1 != 1) {
return NT_STATUS_INTERNAL_DB_CORRUPTION;
}
/* try and find the domain */
- ret = gendb_search(sam_ctx, mem_ctx, NULL,
+ ret = gendb_search(sam_ctx, mem_ctx, partitions_basedn,
&ref_res, ref_attrs,
"(&(objectClass=crossRef)(ncName=%s))",
ldb_dn_linearize(mem_ctx, res1[0]->dn));
@@ -938,7 +939,7 @@
local_domain = samdb_result_string(ref_res[0], "nETBIOSName", NULL);
- ret2 = gendb_search(sam_ctx, mem_ctx, NULL, &res2, attrs, "(objectClass=trustedDomain)");
+ ret2 = gendb_search(sam_ctx, mem_ctx, samdb_base_dn(mem_ctx), &res2, attrs, "(objectClass=trustedDomain)");
if (ret2 == -1) {
return NT_STATUS_INTERNAL_DB_CORRUPTION;
}
@@ -1164,6 +1165,7 @@
struct ldb_message **dom_res, **ref_res;
const char * const dom_attrs[] = { "dnsDomain", "objectSid", "objectGUID", NULL };
const char * const ref_attrs[] = { "nETBIOSName", NULL };
+ const struct ldb_dn *partitions_basedn = ldb_dn_string_compose(mem_ctx, samdb_base_dn(mem_ctx), "CN=Partitions,CN=Configuration");
ZERO_STRUCT(r->out);
@@ -1181,7 +1183,7 @@
return WERR_GENERAL_FAILURE;
}
- ret = gendb_search(sam_ctx, mem_ctx, NULL, &ref_res, ref_attrs,
+ ret = gendb_search(sam_ctx, mem_ctx, partitions_basedn, &ref_res, ref_attrs,
"(&(objectClass=crossRef)(ncName=%s))",
ldb_dn_linearize(mem_ctx, dom_res[0]->dn));
if (ret == -1) {
Modified: branches/SAMBA_4_0/source/rpc_server/samr/dcesrv_samr.c
===================================================================
--- branches/SAMBA_4_0/source/rpc_server/samr/dcesrv_samr.c 2006-06-14 23:46:27 UTC (rev 16235)
+++ branches/SAMBA_4_0/source/rpc_server/samr/dcesrv_samr.c 2006-06-14 23:47:45 UTC (rev 16236)
@@ -29,6 +29,7 @@
#include "rpc_server/samr/dcesrv_samr.h"
#include "system/time.h"
#include "lib/ldb/include/ldb.h"
+#include "lib/ldb/include/ldb_errors.h"
#include "ads.h"
#include "dsdb/samdb/samdb.h"
#include "libcli/ldap/ldap.h"
@@ -163,6 +164,7 @@
struct ldb_message **dom_msgs;
struct ldb_message **ref_msgs;
int ret;
+ const struct ldb_dn *partitions_basedn = ldb_dn_string_compose(mem_ctx, samdb_base_dn(mem_ctx), "CN=Partitions,CN=Configuration");
r->out.sid = NULL;
@@ -176,11 +178,11 @@
if (strcasecmp(r->in.domain_name->string, "BUILTIN") == 0) {
ret = gendb_search(c_state->sam_ctx,
- mem_ctx, NULL, &dom_msgs, dom_attrs,
+ mem_ctx, samdb_base_dn(mem_ctx), &dom_msgs, dom_attrs,
"(objectClass=builtinDomain)");
} else {
ret = gendb_search(c_state->sam_ctx,
- mem_ctx, NULL, &ref_msgs, ref_attrs,
+ mem_ctx, partitions_basedn, &ref_msgs, ref_attrs,
"(&(&(nETBIOSName=%s)(objectclass=crossRef))(ncName=*))",
ldb_binary_encode_string(mem_ctx, r->in.domain_name->string));
if (ret != 1) {
@@ -226,6 +228,7 @@
const char * const ref_attrs[] = { "nETBIOSName", NULL};
struct ldb_message **dom_msgs;
struct ldb_message **ref_msgs;
+ const struct ldb_dn *partitions_basedn = ldb_dn_string_compose(mem_ctx, samdb_base_dn(mem_ctx), "CN=Partitions,CN=Configuration");
*r->out.resume_handle = 0;
r->out.sam = NULL;
@@ -236,8 +239,8 @@
c_state = h->data;
count = gendb_search(c_state->sam_ctx,
- mem_ctx, NULL, &dom_msgs, dom_attrs,
- "(objectClass=domain)");
+ mem_ctx, samdb_base_dn(mem_ctx), &dom_msgs, dom_attrs,
+ "(objectClass=domain)");
if (count == -1) {
DEBUG(0,("samdb: no domains found in EnumDomains\n"));
return NT_STATUS_INTERNAL_DB_CORRUPTION;
@@ -269,7 +272,7 @@
int ret;
array->entries[i].idx = start_i + i;
/* try and find the domain */
- ret = gendb_search(c_state->sam_ctx, mem_ctx, NULL,
+ ret = gendb_search(c_state->sam_ctx, mem_ctx, partitions_basedn,
&ref_msgs, ref_attrs,
"(&(objectClass=crossRef)(ncName=%s))",
ldb_dn_linearize(mem_ctx, dom_msgs[i]->dn));
@@ -303,6 +306,7 @@
struct ldb_message **dom_msgs;
struct ldb_message **ref_msgs;
int ret;
+ const struct ldb_dn *partitions_basedn = ldb_dn_string_compose(mem_ctx, samdb_base_dn(mem_ctx), "CN=Partitions,CN=Configuration");
ZERO_STRUCTP(r->out.domain_handle);
@@ -315,14 +319,14 @@
}
ret = gendb_search(c_state->sam_ctx,
- mem_ctx, NULL, &dom_msgs, dom_attrs,
+ mem_ctx, samdb_base_dn(mem_ctx), &dom_msgs, dom_attrs,
"(&(objectSid=%s)(&(objectclass=domain)))",
ldap_encode_ndr_dom_sid(mem_ctx, r->in.sid));
if (ret != 1) {
return NT_STATUS_INTERNAL_DB_CORRUPTION;
} else {
ret = gendb_search(c_state->sam_ctx,
- mem_ctx, NULL, &ref_msgs, ref_attrs,
+ mem_ctx, partitions_basedn, &ref_msgs, ref_attrs,
"(&(&(nETBIOSName=*)(objectclass=crossRef))(ncName=%s))",
ldb_dn_linearize(mem_ctx, dom_msgs[0]->dn));
if (ret == 0) {
@@ -431,11 +435,13 @@
info->primary.string = lp_netbios_name();
info->sequence_num = 0;
info->role = ROLE_DOMAIN_PDC;
- info->num_users = samdb_search_count(state->sam_ctx, mem_ctx, NULL, "(objectClass=user)");
- info->num_groups = samdb_search_count(state->sam_ctx, mem_ctx, NULL,
+
+ /* TODO: Should these filter on SID, to avoid counting BUILTIN? */
+ info->num_users = samdb_search_count(state->sam_ctx, mem_ctx, state->domain_dn, "(objectClass=user)");
+ info->num_groups = samdb_search_count(state->sam_ctx, mem_ctx, state->domain_dn,
"(&(objectClass=group)(sAMAccountType=%u))",
ATYPE_GLOBAL_GROUP);
- info->num_aliases = samdb_search_count(state->sam_ctx, mem_ctx, NULL,
+ info->num_aliases = samdb_search_count(state->sam_ctx, mem_ctx, state->domain_dn,
"(&(objectClass=group)(sAMAccountType=%u))",
ATYPE_LOCAL_GROUP);
@@ -764,7 +770,7 @@
}
/* check if the user already exists */
- name = samdb_search_string(d_state->sam_ctx, mem_ctx, NULL,
+ name = samdb_search_string(d_state->sam_ctx, mem_ctx, samdb_base_dn(mem_ctx),
"sAMAccountName",
"(&(sAMAccountName=%s)(objectclass=user))",
ldb_binary_encode_string(mem_ctx, account_name));
@@ -830,11 +836,20 @@
/* create the user */
ret = samdb_add(d_state->sam_ctx, mem_ctx, msg);
- if (ret != 0) {
+ switch (ret) {
+ case LDB_SUCCESS:
+ break;
+ case LDB_ERR_ENTRY_ALREADY_EXISTS:
ldb_transaction_cancel(d_state->sam_ctx);
DEBUG(0,("Failed to create user record %s: %s\n",
ldb_dn_linearize(mem_ctx, msg->dn),
ldb_errstring(d_state->sam_ctx)));
+ return NT_STATUS_USER_EXISTS;
+ default:
+ ldb_transaction_cancel(d_state->sam_ctx);
+ DEBUG(0,("Failed to create user record %s: %s\n",
+ ldb_dn_linearize(mem_ctx, msg->dn),
+ ldb_errstring(d_state->sam_ctx)));
return NT_STATUS_INTERNAL_DB_CORRUPTION;
}
@@ -1256,7 +1271,7 @@
memberdn =
samdb_search_string(d_state->sam_ctx,
- mem_ctx, NULL, "distinguishedName",
+ mem_ctx, samdb_base_dn(mem_ctx), "distinguishedName",
"(objectSid=%s)",
ldap_encode_ndr_dom_sid(mem_ctx,
r->in.sids->sids[i].sid));
@@ -2164,7 +2179,7 @@
a_state = h->data;
d_state = a_state->domain_state;
- ret = gendb_search(d_state->sam_ctx, mem_ctx, NULL,
+ ret = gendb_search(d_state->sam_ctx, mem_ctx, d_state->domain_dn,
&msgs, attrs, "(objectsid=%s)",
ldap_encode_ndr_dom_sid(mem_ctx, r->in.sid));
@@ -2269,7 +2284,7 @@
a_state = h->data;
d_state = a_state->domain_state;
- memberdn = samdb_search_string(d_state->sam_ctx, mem_ctx, NULL,
+ memberdn = samdb_search_string(d_state->sam_ctx, mem_ctx, d_state->domain_dn,
"distinguishedName", "(objectSid=%s)",
ldap_encode_ndr_dom_sid(mem_ctx, r->in.sid));
@@ -2908,7 +2923,7 @@
a_state = h->data;
d_state = a_state->domain_state;
- count = samdb_search_domain(a_state->sam_ctx, mem_ctx, NULL, &res,
+ count = samdb_search_domain(a_state->sam_ctx, mem_ctx, d_state->domain_dn, &res,
attrs, d_state->domain_sid,
"(&(member=%s)(grouptype=%d)(objectclass=group))",
ldb_dn_linearize(mem_ctx, a_state->account_dn),
More information about the samba-cvs
mailing list