[SCM] Samba Shared Repository - branch master updated
Andrew Tridgell
tridge at samba.org
Tue Feb 16 03:13:23 MST 2010
The branch, master has been updated
via 1e13d3f... s4-dcerpc: fixed auth padding to be relative to the stub, not packet
via 018fb2d... s4-dsdb: return LDB_ERR_CONSTRAINT_VIOLATION on num_recs != 1
via 86f8ddf... s4-samdb: use dsdb_search() in cracknames
via 6d65f4c... s4-kcc: remove search_onelevel_with_deleted() in kcc
via 0bedb9c... s4-dsdb: removed gendb_search_single_extended_dn()
via b630530... s4-dsdb: added dsdb_search_one() and cleanup dsdb_find_dn_by_guid()
via 8f4a342... s4-dsdb: replace dsdb_find_dn_by_guid() with a dsdb_search() call
via e9be1fc... s4-dsdb: change dsdb_search_dn_with_deleted() to dsdb_search_dn() with dsdb_flags
via 90203f8... s4-dsdb: change samdb_replace() to dsdb_replace() and allow for dsdb_flags
via c6d85d6... s4-dsdb: replace dsdb_modify_permissive() with dsdb_modify() and dsdb_flags
via 67950c2... s4-dsdb: move dsdb_request_add_controls() into dsdb/common/util.c
from f6c39ce... s3-docs: Document 'smbclient -C'.
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master
- Log -----------------------------------------------------------------
commit 1e13d3fb076fca596f8c480134c6b6f877824360
Author: Andrew Tridgell <tridge at samba.org>
Date: Tue Feb 16 20:21:29 2010 +1100
s4-dcerpc: fixed auth padding to be relative to the stub, not packet
The recent dcerpc padding changes made our padding relative to the
packet header, instead of the start of the stub. Surprisingly, this
broke w2k8r2 doing a dcpromo join to a s4 server. It seems that w2k8r2
is very fussy about the padding it gets in some circumstances.
commit 018fb2d1ae4f1fa2b85afdc8c90dd7ebb8c3fa47
Author: Andrew Tridgell <tridge at samba.org>
Date: Tue Feb 16 16:39:49 2010 +1100
s4-dsdb: return LDB_ERR_CONSTRAINT_VIOLATION on num_recs != 1
In a single record search, LDB_ERR_CONSTRAINT_VIOLATION is more useful
than the generic LDB_ERR_OPERATIONS_ERROR
Pair-Programmed-With: Andrew Bartlett <abartlet at samba.org>
commit 86f8ddf75458582195954cd0b3ad3dcea28c9d0f
Author: Andrew Tridgell <tridge at samba.org>
Date: Tue Feb 16 16:09:07 2010 +1100
s4-samdb: use dsdb_search() in cracknames
greatly simplifies some of the cracknames code
Pair-Programmed-With: Andrew Bartlett <abartlet at samba.org>
commit 6d65f4c64739094f3657fbf5c081477d04b3cfe3
Author: Andrew Tridgell <tridge at samba.org>
Date: Tue Feb 16 15:54:01 2010 +1100
s4-kcc: remove search_onelevel_with_deleted() in kcc
Use dsdb_search() instead
Pair-Programmed-With: Andrew Bartlett <abartlet at samba.org>
commit 0bedb9cf5ec592dfdf84994a9ace64a2c5d1e987
Author: Andrew Tridgell <tridge at samba.org>
Date: Tue Feb 16 15:49:29 2010 +1100
s4-dsdb: removed gendb_search_single_extended_dn()
Use dsdb_search_one() instead, which allows for arbitrary controls
Pair-Programmed-With: Andrew Bartlett <abartlet at samba.org>
commit b630530730a710b7e850be2f848b1b85dbc25b4d
Author: Andrew Tridgell <tridge at samba.org>
Date: Tue Feb 16 15:40:44 2010 +1100
s4-dsdb: added dsdb_search_one() and cleanup dsdb_find_dn_by_guid()
dsdb_find_dn_by_guid() now takes a struct GUID instead of a
guid_string. All the callers in fact wanted a struct GUID, so we now
avoid the extra conversion.
Pair-Programmed-With: Andrew Bartlett <abartlet at samba.org>
commit 8f4a34272eb26e7c86ce8c0e158b5f6eabd10234
Author: Andrew Tridgell <tridge at samba.org>
Date: Tue Feb 16 15:15:35 2010 +1100
s4-dsdb: replace dsdb_find_dn_by_guid() with a dsdb_search() call
much simpler code by using dsdb_flags
Pair-Programmed-With: Andrew Bartlett <abartlet at samba.org>
commit e9be1fc41d8f541efb447e373ae089cab3b19586
Author: Andrew Tridgell <tridge at samba.org>
Date: Tue Feb 16 14:55:19 2010 +1100
s4-dsdb: change dsdb_search_dn_with_deleted() to dsdb_search_dn() with dsdb_flags
Allows for arbitrary controls
commit 90203f87e7da3346ae9236e4d30c93b95a2ddad9
Author: Andrew Tridgell <tridge at samba.org>
Date: Tue Feb 16 14:45:16 2010 +1100
s4-dsdb: change samdb_replace() to dsdb_replace() and allow for dsdb_flags
This allows for controls to be added easily where they are needed.
commit c6d85d67f9b52e4071c84749a1f55de646a5451c
Author: Andrew Tridgell <tridge at samba.org>
Date: Tue Feb 16 14:29:07 2010 +1100
s4-dsdb: replace dsdb_modify_permissive() with dsdb_modify() and dsdb_flags
commit 67950c27e473ebf8f7f81ef0ef92d2bd7931622a
Author: Andrew Tridgell <tridge at samba.org>
Date: Tue Feb 16 14:23:21 2010 +1100
s4-dsdb: move dsdb_request_add_controls() into dsdb/common/util.c
This will be used to allow the flag based ldb functions to work on
both a ldb or a module, thus saving a lot of specialist functions.
-----------------------------------------------------------------------
Summary of changes:
lib/util/util_ldb.c | 97 ----
lib/util/util_ldb.h | 8 -
source4/auth/ntlm/auth_sam.c | 10 +-
source4/auth/sam.c | 5 +-
source4/dsdb/common/util.c | 504 ++++++++++++--------
source4/dsdb/{samdb/ldb_modules => common}/util.h | 21 +-
source4/dsdb/kcc/kcc_connection.c | 6 +-
source4/dsdb/kcc/kcc_deleted.c | 55 +--
source4/dsdb/kcc/kcc_drs_replica_info.c | 19 +-
source4/dsdb/samdb/cracknames.c | 81 +---
source4/dsdb/samdb/ldb_modules/extended_dn_store.c | 2 +-
source4/dsdb/samdb/ldb_modules/samldb.c | 2 +-
source4/dsdb/samdb/ldb_modules/util.c | 80 +---
source4/dsdb/samdb/ldb_modules/util.h | 14 +-
source4/dsdb/schema/schema_init.c | 5 +-
source4/dsdb/schema/schema_set.c | 4 +-
source4/kdc/db-glue.c | 29 +-
source4/kdc/kpasswdd.c | 2 +-
source4/libnet/libnet_join.c | 2 +-
source4/libnet/libnet_samsync_ldb.c | 16 +-
source4/librpc/rpc/dcerpc.c | 12 +-
source4/ntptr/simple_ldb/ntptr_simple_ldb.c | 2 +-
source4/rpc_server/dcesrv_auth.c | 15 +-
source4/rpc_server/drsuapi/addentry.c | 3 +-
source4/rpc_server/drsuapi/writespn.c | 3 +-
source4/rpc_server/lsa/dcesrv_lsa.c | 2 +-
source4/rpc_server/netlogon/dcerpc_netlogon.c | 4 +-
source4/rpc_server/samr/dcesrv_samr.c | 2 +-
source4/rpc_server/samr/samr_password.c | 8 +-
29 files changed, 432 insertions(+), 581 deletions(-)
copy source4/dsdb/{samdb/ldb_modules => common}/util.h (75%)
Changeset truncated at 500 lines:
diff --git a/lib/util/util_ldb.c b/lib/util/util_ldb.c
index e92e3a2..9fd2ace 100644
--- a/lib/util/util_ldb.c
+++ b/lib/util/util_ldb.c
@@ -132,100 +132,3 @@ char *wrap_casefold(void *context, void *mem_ctx, const char *s, size_t n)
return strupper_talloc_n(mem_ctx, s, n);
}
-
-
-/*
- search the LDB for a single record, with the extended_dn control
- return LDB_SUCCESS on success, or an ldb error code on error
-
- if the search returns 0 entries, return LDB_ERR_NO_SUCH_OBJECT
- if the search returns more than 1 entry, return LDB_ERR_CONSTRAINT_VIOLATION
-*/
-int gendb_search_single_extended_dn(struct ldb_context *ldb,
- TALLOC_CTX *mem_ctx,
- struct ldb_dn *basedn,
- enum ldb_scope scope,
- struct ldb_message **msg,
- const char * const *attrs,
- const char *format, ...)
-{
- va_list ap;
- int ret;
- struct ldb_request *req;
- char *filter;
- TALLOC_CTX *tmp_ctx;
- struct ldb_result *res;
- struct ldb_extended_dn_control *ctrl;
-
- tmp_ctx = talloc_new(mem_ctx);
-
- res = talloc_zero(tmp_ctx, struct ldb_result);
- if (!res) {
- return LDB_ERR_OPERATIONS_ERROR;
- }
-
- va_start(ap, format);
- filter = talloc_vasprintf(tmp_ctx, format, ap);
- va_end(ap);
-
- if (filter == NULL) {
- talloc_free(tmp_ctx);
- return LDB_ERR_OPERATIONS_ERROR;
- }
-
- ret = ldb_build_search_req(&req, ldb, tmp_ctx,
- basedn,
- scope,
- filter,
- attrs,
- NULL,
- res,
- ldb_search_default_callback,
- NULL);
- if (ret != LDB_SUCCESS) {
- talloc_free(tmp_ctx);
- return ret;
- }
-
- ctrl = talloc(tmp_ctx, struct ldb_extended_dn_control);
- if (ctrl == NULL) {
- talloc_free(tmp_ctx);
- return LDB_ERR_OPERATIONS_ERROR;
- }
-
- ctrl->type = 1;
-
- ret = ldb_request_add_control(req, LDB_CONTROL_EXTENDED_DN_OID, true, ctrl);
- if (ret != LDB_SUCCESS) {
- return ret;
- }
-
- ret = ldb_request(ldb, req);
- if (ret == LDB_SUCCESS) {
- ret = ldb_wait(req->handle, LDB_WAIT_ALL);
- }
-
- if (ret != LDB_SUCCESS) {
- talloc_free(tmp_ctx);
- return ret;
- }
-
- if (res->count == 0) {
- talloc_free(tmp_ctx);
- return LDB_ERR_NO_SUCH_OBJECT;
- }
-
- if (res->count > 1) {
- /* the function is only supposed to return a single entry */
- DEBUG(0,(__location__ ": More than one return for baseDN %s filter %s\n",
- ldb_dn_get_linearized(basedn), filter));
- talloc_free(tmp_ctx);
- return LDB_ERR_CONSTRAINT_VIOLATION;
- }
-
- *msg = talloc_steal(mem_ctx, res->msgs[0]);
-
- talloc_free(tmp_ctx);
-
- return LDB_SUCCESS;
-}
diff --git a/lib/util/util_ldb.h b/lib/util/util_ldb.h
index 4575c65..f9eb028 100644
--- a/lib/util/util_ldb.h
+++ b/lib/util/util_ldb.h
@@ -26,12 +26,4 @@ int gendb_search_dn(struct ldb_context *ldb,
int gendb_add_ldif(struct ldb_context *ldb, const char *ldif_string);
char *wrap_casefold(void *context, void *mem_ctx, const char *s, size_t n);
-int gendb_search_single_extended_dn(struct ldb_context *ldb,
- TALLOC_CTX *mem_ctx,
- struct ldb_dn *basedn,
- enum ldb_scope scope,
- struct ldb_message **msg,
- const char * const *attrs,
- const char *format, ...) PRINTF_ATTRIBUTE(7,8);
-
#endif /* __LIB_UTIL_UTIL_LDB_H__ */
diff --git a/source4/auth/ntlm/auth_sam.c b/source4/auth/ntlm/auth_sam.c
index baa95f7..f476e1c 100644
--- a/source4/auth/ntlm/auth_sam.c
+++ b/source4/auth/ntlm/auth_sam.c
@@ -28,6 +28,7 @@
#include "auth/ntlm/auth_proto.h"
#include "auth/auth_sam.h"
#include "dsdb/samdb/samdb.h"
+#include "dsdb/common/util.h"
#include "param/param.h"
extern const char *user_attrs[];
@@ -45,10 +46,11 @@ static NTSTATUS authsam_search_account(TALLOC_CTX *mem_ctx, struct ldb_context *
int ret;
/* pull the user attributes */
- ret = gendb_search_single_extended_dn(sam_ctx, mem_ctx, domain_dn, LDB_SCOPE_SUBTREE,
- ret_msg, user_attrs,
- "(&(sAMAccountName=%s)(objectclass=user))",
- ldb_binary_encode_string(mem_ctx, account_name));
+ ret = dsdb_search_one(sam_ctx, mem_ctx, ret_msg, domain_dn, LDB_SCOPE_SUBTREE,
+ user_attrs,
+ DSDB_SEARCH_SHOW_EXTENDED_DN,
+ "(&(sAMAccountName=%s)(objectclass=user))",
+ ldb_binary_encode_string(mem_ctx, account_name));
if (ret == LDB_ERR_NO_SUCH_OBJECT) {
DEBUG(3,("sam_search_user: Couldn't find user [%s] in samdb, under %s\n",
account_name, ldb_dn_get_linearized(domain_dn)));
diff --git a/source4/auth/sam.c b/source4/auth/sam.c
index 4c0fafe..9d841e4 100644
--- a/source4/auth/sam.c
+++ b/source4/auth/sam.c
@@ -33,6 +33,7 @@
#include "librpc/gen_ndr/ndr_security.h"
#include "param/param.h"
#include "auth/auth_sam.h"
+#include "dsdb/common/util.h"
#define KRBTGT_ATTRS \
/* required for the krb5 kdc */ \
@@ -548,8 +549,8 @@ NTSTATUS sam_get_results_principal(struct ldb_context *sam_ctx,
}
/* pull the user attributes */
- ret = gendb_search_single_extended_dn(sam_ctx, tmp_ctx, user_dn,
- LDB_SCOPE_BASE, msg, attrs, "(objectClass=*)");
+ ret = dsdb_search_one(sam_ctx, tmp_ctx, msg, user_dn,
+ LDB_SCOPE_BASE, attrs, DSDB_SEARCH_SHOW_EXTENDED_DN, "(objectClass=*)");
if (ret != LDB_SUCCESS) {
talloc_free(tmp_ctx);
return NT_STATUS_INTERNAL_DB_CORRUPTION;
diff --git a/source4/dsdb/common/util.c b/source4/dsdb/common/util.c
index eb021df..6cdede1 100644
--- a/source4/dsdb/common/util.c
+++ b/source4/dsdb/common/util.c
@@ -39,6 +39,7 @@
#include "librpc/gen_ndr/ndr_drsblobs.h"
#include "system/locale.h"
#include "lib/util/tsort.h"
+#include "dsdb/common/util.h"
/*
search the sam for the specified attributes in a specific domain, filter on
@@ -782,7 +783,7 @@ int samdb_msg_add_delete(struct ldb_context *sam_ldb, TALLOC_CTX *mem_ctx, struc
const char *attr_name)
{
/* we use an empty replace rather than a delete, as it allows for
- samdb_replace() to be used everywhere */
+ dsdb_replace() to be used everywhere */
return ldb_msg_add_empty(msg, attr_name, LDB_FLAG_MOD_REPLACE, NULL);
}
@@ -980,26 +981,10 @@ int samdb_msg_set_string(struct ldb_context *sam_ldb, TALLOC_CTX *mem_ctx, struc
}
/*
- replace elements in a record
-*/
-int samdb_replace(struct ldb_context *sam_ldb, TALLOC_CTX *mem_ctx, struct ldb_message *msg)
-{
- int i;
-
- /* mark all the message elements as LDB_FLAG_MOD_REPLACE */
- for (i=0;i<msg->num_elements;i++) {
- msg->elements[i].flags = LDB_FLAG_MOD_REPLACE;
- }
-
- /* modify the samdb record */
- return ldb_modify(sam_ldb, msg);
-}
-
-/*
* Handle ldb_request in transaction
*/
static int dsdb_autotransaction_request(struct ldb_context *sam_ldb,
- struct ldb_request *req)
+ struct ldb_request *req)
{
int ret;
@@ -1022,55 +1007,6 @@ static int dsdb_autotransaction_request(struct ldb_context *sam_ldb,
}
/*
- * replace elements in a record using LDB_CONTROL_AS_SYSTEM
- * used to skip access checks on operations
- * that are performed by the system
- */
-int samdb_replace_as_system(struct ldb_context *sam_ldb,
- TALLOC_CTX *mem_ctx,
- struct ldb_message *msg)
-{
- int i;
- int ldb_ret;
- struct ldb_request *req = NULL;
-
- /* mark all the message elements as LDB_FLAG_MOD_REPLACE */
- for (i=0;i<msg->num_elements;i++) {
- msg->elements[i].flags = LDB_FLAG_MOD_REPLACE;
- }
-
-
- ldb_ret = ldb_msg_sanity_check(sam_ldb, msg);
- if (ldb_ret != LDB_SUCCESS) {
- return ldb_ret;
- }
-
- ldb_ret = ldb_build_mod_req(&req, sam_ldb, mem_ctx,
- msg,
- NULL,
- NULL,
- ldb_op_default_callback,
- NULL);
-
- if (ldb_ret != LDB_SUCCESS) {
- talloc_free(req);
- return ldb_ret;
- }
-
- ldb_ret = ldb_request_add_control(req, LDB_CONTROL_AS_SYSTEM_OID, false, NULL);
- if (ldb_ret != LDB_SUCCESS) {
- talloc_free(req);
- return ldb_ret;
- }
-
- /* do request and auto start a transaction */
- ldb_ret = dsdb_autotransaction_request(sam_ldb, req);
-
- talloc_free(req);
- return ldb_ret;
-}
-
-/*
return a default security descriptor
*/
struct security_descriptor *samdb_default_security_descriptor(TALLOC_CTX *mem_ctx)
@@ -2118,7 +2054,7 @@ NTSTATUS samdb_set_password_sid(struct ldb_context *ldb, TALLOC_CTX *mem_ctx,
}
/* modify the samdb record */
- ret = samdb_replace(ldb, mem_ctx, msg);
+ ret = dsdb_replace(ldb, msg, 0);
if (ret != LDB_SUCCESS) {
ldb_transaction_cancel(ldb);
talloc_free(user_dn);
@@ -2301,144 +2237,34 @@ struct ldb_dn *samdb_domain_to_dn(struct ldb_context *ldb, TALLOC_CTX *mem_ctx,
*/
int dsdb_find_dn_by_guid(struct ldb_context *ldb,
TALLOC_CTX *mem_ctx,
- const char *guid_str, struct ldb_dn **dn)
+ const struct GUID *guid, struct ldb_dn **dn)
{
int ret;
struct ldb_result *res;
const char *attrs[] = { NULL };
- struct ldb_request *search_req;
- char *expression;
- struct ldb_search_options_control *options;
-
- expression = talloc_asprintf(mem_ctx, "objectGUID=%s", guid_str);
- if (!expression) {
- DEBUG(0, (__location__ ": out of memory\n"));
- return LDB_ERR_OPERATIONS_ERROR;
- }
-
- res = talloc_zero(expression, struct ldb_result);
- if (!res) {
- DEBUG(0, (__location__ ": out of memory\n"));
- talloc_free(expression);
- return LDB_ERR_OPERATIONS_ERROR;
- }
-
- ret = ldb_build_search_req(&search_req, ldb, expression,
- ldb_get_default_basedn(ldb),
- LDB_SCOPE_SUBTREE,
- expression, attrs,
- NULL,
- res, ldb_search_default_callback,
- NULL);
- if (ret != LDB_SUCCESS) {
- talloc_free(expression);
- return ret;
- }
+ char *guid_str = GUID_string(mem_ctx, guid);
- /* we need to cope with cross-partition links, so search for
- the GUID over all partitions */
- options = talloc(search_req, struct ldb_search_options_control);
- if (options == NULL) {
- DEBUG(0, (__location__ ": out of memory\n"));
- talloc_free(expression);
+ if (!guid_str) {
return LDB_ERR_OPERATIONS_ERROR;
}
- options->search_options = LDB_SEARCH_OPTION_PHANTOM_ROOT;
-
- ret = ldb_request_add_control(search_req, LDB_CONTROL_EXTENDED_DN_OID, true, NULL);
- if (ret != LDB_SUCCESS) {
- talloc_free(expression);
- return ret;
- }
-
- ret = ldb_request_add_control(search_req,
- LDB_CONTROL_SEARCH_OPTIONS_OID,
- true, options);
- if (ret != LDB_SUCCESS) {
- talloc_free(expression);
- return ret;
- }
- ret = ldb_request(ldb, search_req);
+ ret = dsdb_search(ldb, mem_ctx, &res, NULL, LDB_SCOPE_SUBTREE, attrs,
+ DSDB_SEARCH_SEARCH_ALL_PARTITIONS |
+ DSDB_SEARCH_SHOW_EXTENDED_DN |
+ DSDB_SEARCH_ONE_ONLY,
+ "objectGUID=%s", guid_str);
+ talloc_free(guid_str);
if (ret != LDB_SUCCESS) {
- talloc_free(expression);
return ret;
}
- ret = ldb_wait(search_req->handle, LDB_WAIT_ALL);
- if (ret != LDB_SUCCESS) {
- talloc_free(expression);
- return ret;
- }
-
- /* this really should be exactly 1, but there is a bug in the
- partitions module that can return two here with the
- search_options control set */
- if (res->count < 1) {
- talloc_free(expression);
- return LDB_ERR_NO_SUCH_OBJECT;
- }
-
*dn = talloc_steal(mem_ctx, res->msgs[0]->dn);
- talloc_free(expression);
+ talloc_free(res);
return LDB_SUCCESS;
}
/*
- search for attrs on one DN, allowing for deleted objects
- */
-int dsdb_search_dn_with_deleted(struct ldb_context *ldb,
- TALLOC_CTX *mem_ctx,
- struct ldb_result **_res,
- struct ldb_dn *basedn,
- const char * const *attrs)
-{
- int ret;
- struct ldb_request *req;
- TALLOC_CTX *tmp_ctx;
- struct ldb_result *res;
-
- tmp_ctx = talloc_new(mem_ctx);
-
- res = talloc_zero(tmp_ctx, struct ldb_result);
- if (!res) {
- talloc_free(tmp_ctx);
- return LDB_ERR_OPERATIONS_ERROR;
- }
-
- ret = ldb_build_search_req(&req, ldb, tmp_ctx,
- basedn,
- LDB_SCOPE_BASE,
- NULL,
- attrs,
- NULL,
- res,
- ldb_search_default_callback,
- NULL);
- if (ret != LDB_SUCCESS) {
- talloc_free(tmp_ctx);
- return ret;
- }
-
- ret = ldb_request_add_control(req, LDB_CONTROL_SHOW_DELETED_OID, true, NULL);
- if (ret != LDB_SUCCESS) {
- talloc_free(tmp_ctx);
- return ret;
- }
-
- ret = ldb_request(ldb, req);
- if (ret == LDB_SUCCESS) {
- ret = ldb_wait(req->handle, LDB_WAIT_ALL);
- }
-
- *_res = talloc_steal(mem_ctx, res);
- talloc_free(tmp_ctx);
- return ret;
-}
-
-
-/*
use a DN to find a GUID with a given attribute name
*/
int dsdb_find_guid_attr_by_dn(struct ldb_context *ldb,
@@ -2453,7 +2279,7 @@ int dsdb_find_guid_attr_by_dn(struct ldb_context *ldb,
attrs[0] = attribute;
attrs[1] = NULL;
- ret = dsdb_search_dn_with_deleted(ldb, tmp_ctx, &res, dn, attrs);
+ ret = dsdb_search_dn(ldb, tmp_ctx, &res, dn, attrs, DSDB_SEARCH_SHOW_DELETED);
if (ret != LDB_SUCCESS) {
talloc_free(tmp_ctx);
return ret;
@@ -2527,7 +2353,7 @@ int dsdb_find_sid_by_dn(struct ldb_context *ldb,
ZERO_STRUCTP(sid);
- ret = dsdb_search_dn_with_deleted(ldb, tmp_ctx, &res, dn, attrs);
+ ret = dsdb_search_dn(ldb, tmp_ctx, &res, dn, attrs, DSDB_SEARCH_SHOW_DELETED);
if (ret != LDB_SUCCESS) {
talloc_free(tmp_ctx);
return ret;
@@ -3095,7 +2921,7 @@ int dsdb_wellknown_dn(struct ldb_context *samdb, TALLOC_CTX *mem_ctx,
return LDB_ERR_OPERATIONS_ERROR;
}
- ret = dsdb_search_dn_with_deleted(samdb, tmp_ctx, &res, dn, attrs);
+ ret = dsdb_search_dn(samdb, tmp_ctx, &res, dn, attrs, DSDB_SEARCH_SHOW_DELETED);
if (ret != LDB_SUCCESS) {
talloc_free(tmp_ctx);
return ret;
@@ -3361,14 +3187,93 @@ int dsdb_load_udv_v1(struct ldb_context *samdb, struct ldb_dn *dn, TALLOC_CTX *m
return LDB_SUCCESS;
}
+/*
+ add a set of controls to a ldb_request structure based on a set of
+ flags. See util.h for a list of available flags
+ */
+int dsdb_request_add_controls(struct ldb_request *req, uint32_t dsdb_flags)
+{
+ int ret;
+ if (dsdb_flags & DSDB_SEARCH_SEARCH_ALL_PARTITIONS) {
+ struct ldb_search_options_control *options;
+ /* Using the phantom root control allows us to search all partitions */
+ options = talloc(req, struct ldb_search_options_control);
+ if (options == NULL) {
+ return LDB_ERR_OPERATIONS_ERROR;
+ }
+ options->search_options = LDB_SEARCH_OPTION_PHANTOM_ROOT;
+
+ ret = ldb_request_add_control(req,
+ LDB_CONTROL_SEARCH_OPTIONS_OID,
+ true, options);
+ if (ret != LDB_SUCCESS) {
+ return ret;
+ }
+ }
+
+ if (dsdb_flags & DSDB_SEARCH_SHOW_DELETED) {
+ ret = ldb_request_add_control(req, LDB_CONTROL_SHOW_DELETED_OID, true, NULL);
+ if (ret != LDB_SUCCESS) {
--
Samba Shared Repository
More information about the samba-cvs
mailing list