[BUG] LDAP SAM will not return first entry.

Andrew Bartlett abartlet at pcug.org.au
Sat Jan 26 18:51:04 GMT 2002


The ldapsam backend has a little bug in the pdb_getsampwent()
implementation:

The pdb_startsampwent() function sets up the global variable for the
first user, but this function:

/**********************************************************************
Get the next entry in the LDAP password database 
*********************************************************************/
BOOL pdb_getsampwent(SAM_ACCOUNT * user)
{
	if (!global_ldap_ent.entry)
		return False;

	global_ldap_ent.entry =	ldap_next_entry(global_ldap_ent.ldap_struct,
				global_ldap_ent.entry);

	if (global_ldap_ent.entry != NULL)
	{
		return init_sam_from_ldap(user, global_ldap_ent.ldap_struct,
					  global_ldap_ent.entry);
	}
	return False;
}

Compleatly ignores it, and begins with the next user.

The fix:  Swap the init_sam_from_ldap and the ldap_next_entry calls
around.

I have a patch (for HEAD) that moves ldapsam to the new passdb
interface.  I'm currently testing it - hence finding this bug :-). 
(I'll include this fix in the patch).

I'll post it for comments once I'm comfortable with it.  (It will also
feature the non-unix-accounts extension).

Andrew Bartlett

-- 
Andrew Bartlett                                 abartlet at pcug.org.au
Manager, Authentication Subsystems, Samba Team  abartlet at samba.org
Student Network Administrator, Hawker College   abartlet at hawkerc.net
http://samba.org     http://build.samba.org     http://hawkerc.net




More information about the samba-technical mailing list