[PATCH] ldap connection caching (not ready!!!)
Stefan (metze) Metzmacher
metze at metzemix.de
Thu Oct 17 12:36:01 GMT 2002
Hi Andrew,
here's the NOT READY version of my ldap connection chaching patch
metze
-----------------------------------------------------------------------------
Stefan "metze" Metzmacher <metze at metzemix.de>
-------------- next part --------------
diff -Npur --exclude=CVS --exclude=*.bak --exclude=*.o --exclude=*.po --exclude=.#* HEAD/source/passdb/pdb_ldap.c HEAD-pdb/source/passdb/pdb_ldap.c
--- HEAD/source/passdb/pdb_ldap.c Thu Oct 17 14:32:53 2002
+++ HEAD-pdb/source/passdb/pdb_ldap.c Thu Oct 17 14:29:57 2002
@@ -681,6 +681,11 @@ static BOOL init_sam_from_ldap (struct l
pstrcpy(nt_username, username);
pstrcpy(domain, lp_workgroup());
+
+ pdb_set_username(sampass, username, PDB_SET);
+
+ pdb_set_domain(sampass, domain, PDB_DEFAULT);
+ pdb_set_nt_username(sampass, nt_username, PDB_SET);
get_single_attribute(ldap_struct, entry, "rid", temp);
user_rid = (uint32)atol(temp);
@@ -848,9 +853,10 @@ static BOOL init_sam_from_ldap (struct l
memset(hours, 0xff, hours_len);
if (!get_single_attribute (ldap_struct, entry, "lmPassword", temp)) {
- /* leave as default */
+ DEBUG(2,("no lmPassword found for user: %s\n",pdb_get_username(sampass)));
} else {
pdb_gethexpwd(temp, smblmpwd);
+ DEBUG(2,("lmPassword found for user: %s %s\n",pdb_get_username(sampass),temp));
memset((char *)temp, '\0', strlen(temp)+1);
if (!pdb_set_lanman_passwd(sampass, smblmpwd, PDB_SET))
return False;
@@ -858,9 +864,10 @@ static BOOL init_sam_from_ldap (struct l
}
if (!get_single_attribute (ldap_struct, entry, "ntPassword", temp)) {
- /* leave as default */
+ DEBUG(2,("no ntPassword found for user: %s\n",pdb_get_username(sampass)));
} else {
pdb_gethexpwd(temp, smbntpwd);
+ DEBUG(2,("ntPassword found for user: %s %s\n",pdb_get_username(sampass),temp));
memset((char *)temp, '\0', strlen(temp)+1);
if (!pdb_set_nt_passwd(sampass, smbntpwd, PDB_SET))
return False;
@@ -881,11 +888,6 @@ static BOOL init_sam_from_ldap (struct l
pdb_set_hours_len(sampass, hours_len, PDB_SET);
pdb_set_logon_divs(sampass, logon_divs, PDB_SET);
- pdb_set_username(sampass, username, PDB_SET);
-
- pdb_set_domain(sampass, domain, PDB_DEFAULT);
- pdb_set_nt_username(sampass, nt_username, PDB_SET);
-
pdb_set_munged_dial(sampass, munged_dial, PDB_SET);
/* pdb_set_unknown_3(sampass, unknown3, PDB_SET); */
@@ -1217,6 +1219,50 @@ static uint32 ldapsam_get_next_available
}
/**********************************************************************
+Connect to LDAP server
+*********************************************************************/
+static NTSTATUS ldapsam_open(struct pdb_methods *my_methods)
+{
+ struct ldapsam_privates *ldap_state = (struct ldapsam_privates *)my_methods->private_data;
+
+ if (ldap_state->ldap_struct != NULL) {
+ DEBUG(4,("The connection to the LDAP server is up\n"));
+ /* maybe we should check if the connection is still up --metze*/
+ return NT_STATUS_OK;
+ }
+
+ if (!ldapsam_open_connection(ldap_state, &ldap_state->ldap_struct)) {
+ return NT_STATUS_UNSUCCESSFUL;
+ }
+ if (!ldapsam_connect_system(ldap_state, ldap_state->ldap_struct)) {
+ ldap_unbind(ldap_state->ldap_struct);
+ ldap_state->ldap_struct = NULL;
+ return NT_STATUS_UNSUCCESSFUL;
+ }
+ DEBUG(4,("The LDAP server is succesful connected\n"));
+
+ return NT_STATUS_OK;
+}
+
+/**********************************************************************
+Disconnect from LDAP server
+*********************************************************************/
+static NTSTATUS ldapsam_close(struct pdb_methods *my_methods)
+{
+ struct ldapsam_privates *ldap_state = (struct ldapsam_privates *)my_methods->private_data;
+
+ if (ldap_state->ldap_struct != NULL) {
+ ldap_unbind(ldap_state->ldap_struct);
+ ldap_state->ldap_struct = NULL;
+ }
+
+ DEBUG(5,("The connection to the LDAP server was closed\n"));
+ /* maybe free the results here --metze */
+
+ return NT_STATUS_OK;
+}
+
+/**********************************************************************
Connect to LDAP server for password enumeration
*********************************************************************/
static NTSTATUS ldapsam_setsampwent(struct pdb_methods *my_methods, BOOL update)
@@ -1226,11 +1272,8 @@ static NTSTATUS ldapsam_setsampwent(stru
int rc;
pstring filter;
- if (!ldapsam_open_connection(ldap_state, &ldap_state->ldap_struct)) {
- return ret;
- }
- if (!ldapsam_connect_system(ldap_state, ldap_state->ldap_struct)) {
- ldap_unbind(ldap_state->ldap_struct);
+ ret = ldapsam_open(my_methods);
+ if (!NT_STATUS_IS_OK(ret)) {
return ret;
}
@@ -1245,10 +1288,8 @@ static NTSTATUS ldapsam_setsampwent(stru
DEBUG(0, ("LDAP search failed: %s\n", ldap_err2string(rc)));
DEBUG(3, ("Query was: %s, %s\n", lp_ldap_suffix(), filter));
ldap_msgfree(ldap_state->result);
- ldap_unbind(ldap_state->ldap_struct);
- ldap_state->ldap_struct = NULL;
ldap_state->result = NULL;
- return ret;
+ return NT_STATUS_UNSUCCESSFUL;
}
DEBUG(2, ("ldapsam_setsampwent: %d entries in the base!\n",
@@ -1268,10 +1309,8 @@ End enumeration of the LDAP password lis
static void ldapsam_endsampwent(struct pdb_methods *my_methods)
{
struct ldapsam_privates *ldap_state = (struct ldapsam_privates *)my_methods->private_data;
- if (ldap_state->ldap_struct && ldap_state->result) {
+ if (ldap_state->result) {
ldap_msgfree(ldap_state->result);
- ldap_unbind(ldap_state->ldap_struct);
- ldap_state->ldap_struct = NULL;
ldap_state->result = NULL;
}
}
@@ -1311,43 +1350,36 @@ static NTSTATUS ldapsam_getsampwnam(stru
{
NTSTATUS ret = NT_STATUS_UNSUCCESSFUL;
struct ldapsam_privates *ldap_state = (struct ldapsam_privates *)my_methods->private_data;
- LDAP *ldap_struct;
LDAPMessage *result;
LDAPMessage *entry;
- if (!ldapsam_open_connection(ldap_state, &ldap_struct))
- return ret;
- if (!ldapsam_connect_system(ldap_state, ldap_struct)) {
- ldap_unbind(ldap_struct);
+ ret = ldapsam_open(my_methods);
+ if (!NT_STATUS_IS_OK(ret)) {
return ret;
}
- if (ldapsam_search_one_user_by_name(ldap_state, ldap_struct, sname, &result) != LDAP_SUCCESS) {
- ldap_unbind(ldap_struct);
- return ret;
+
+ if (ldapsam_search_one_user_by_name(ldap_state, ldap_state->ldap_struct, sname, &result) != LDAP_SUCCESS) {
+ return NT_STATUS_UNSUCCESSFUL;
}
- if (ldap_count_entries(ldap_struct, result) < 1) {
+ if (ldap_count_entries(ldap_state->ldap_struct, result) < 1) {
DEBUG(4,
("We don't find this user [%s] count=%d\n", sname,
- ldap_count_entries(ldap_struct, result)));
- ldap_unbind(ldap_struct);
- return ret;
+ ldap_count_entries(ldap_state->ldap_struct, result)));
+ return NT_STATUS_UNSUCCESSFUL;
}
- entry = ldap_first_entry(ldap_struct, result);
+ entry = ldap_first_entry(ldap_state->ldap_struct, result);
if (entry) {
- if (!init_sam_from_ldap(ldap_state, user, ldap_struct, entry)) {
+ if (!init_sam_from_ldap(ldap_state, user, ldap_state->ldap_struct, entry)) {
DEBUG(1,("ldapsam_getsampwnam: init_sam_from_ldap failed for user '%s'!\n", sname));
ldap_msgfree(result);
- ldap_unbind(ldap_struct);
- return ret;
+ return NT_STATUS_UNSUCCESSFUL;
}
ldap_msgfree(result);
- ldap_unbind(ldap_struct);
ret = NT_STATUS_OK;
} else {
ldap_msgfree(result);
- ldap_unbind(ldap_struct);
}
- return ret;
+ return NT_STATUS_UNSUCCESSFUL;
}
/**********************************************************************
@@ -1357,46 +1389,38 @@ static NTSTATUS ldapsam_getsampwrid(stru
{
NTSTATUS ret = NT_STATUS_UNSUCCESSFUL;
struct ldapsam_privates *ldap_state = (struct ldapsam_privates *)my_methods->private_data;
- LDAP *ldap_struct;
LDAPMessage *result;
LDAPMessage *entry;
- if (!ldapsam_open_connection(ldap_state, &ldap_struct))
- return ret;
-
- if (!ldapsam_connect_system(ldap_state, ldap_struct)) {
- ldap_unbind(ldap_struct);
+ ret = ldapsam_open(my_methods);
+ if (!NT_STATUS_IS_OK(ret)) {
return ret;
}
- if (ldapsam_search_one_user_by_rid(ldap_state, ldap_struct, rid, &result) != LDAP_SUCCESS) {
- ldap_unbind(ldap_struct);
- return ret;
+
+ if (ldapsam_search_one_user_by_rid(ldap_state, ldap_state->ldap_struct, rid, &result) != LDAP_SUCCESS) {
+ return NT_STATUS_UNSUCCESSFUL;
}
- if (ldap_count_entries(ldap_struct, result) < 1) {
+ if (ldap_count_entries(ldap_state->ldap_struct, result) < 1) {
DEBUG(4,
("We don't find this rid [%i] count=%d\n", rid,
- ldap_count_entries(ldap_struct, result)));
- ldap_unbind(ldap_struct);
- return ret;
+ ldap_count_entries(ldap_state->ldap_struct, result)));
+ return NT_STATUS_UNSUCCESSFUL;
}
- entry = ldap_first_entry(ldap_struct, result);
+ entry = ldap_first_entry(ldap_state->ldap_struct, result);
if (entry) {
- if (!init_sam_from_ldap(ldap_state, user, ldap_struct, entry)) {
+ if (!init_sam_from_ldap(ldap_state, user, ldap_state->ldap_struct, entry)) {
DEBUG(1,("ldapsam_getsampwrid: init_sam_from_ldap failed!\n"));
ldap_msgfree(result);
- ldap_unbind(ldap_struct);
- return ret;
+ return NT_STATUS_UNSUCCESSFUL;
}
ldap_msgfree(result);
- ldap_unbind(ldap_struct);
ret = NT_STATUS_OK;
} else {
ldap_msgfree(result);
- ldap_unbind(ldap_struct);
}
- return ret;
+ return NT_STATUS_UNSUCCESSFUL;
}
static NTSTATUS ldapsam_getsampwsid(struct pdb_methods *my_methods, SAM_ACCOUNT * user, const DOM_SID *sid)
@@ -1412,12 +1436,13 @@ Do the actual modification - also change
it it set.
**********************************************************************/
-static NTSTATUS ldapsam_modify_entry(LDAP *ldap_struct,SAM_ACCOUNT *newpwd,char *dn,LDAPMod **mods,int ldap_op, BOOL pdb_add)
+static NTSTATUS ldapsam_modify_entry(struct pdb_methods *my_methods,SAM_ACCOUNT *newpwd,char *dn,LDAPMod **mods,int ldap_op, BOOL pdb_add)
{
NTSTATUS ret = NT_STATUS_UNSUCCESSFUL;
+ struct ldapsam_privates *ldap_state = (struct ldapsam_privates *)my_methods->private_data;
int rc;
- if (!ldap_struct || !newpwd || !dn) {
+ if (!my_methods || !newpwd || !dn) {
return NT_STATUS_INVALID_PARAMETER;
}
@@ -1425,38 +1450,42 @@ static NTSTATUS ldapsam_modify_entry(LDA
DEBUG(5,("mods is empty: nothing to modify\n"));
/* may be password change below however */
} else {
+ ret = ldapsam_open(my_methods);
+ if (!NT_STATUS_IS_OK(ret)) {
+ return ret;
+ }
switch(ldap_op)
{
case LDAP_MOD_ADD:
make_a_mod(&mods, LDAP_MOD_ADD, "objectclass", "account");
- if((rc = ldap_add_s(ldap_struct,dn,mods))!=LDAP_SUCCESS) {
+ if((rc = ldap_add_s(ldap_state->ldap_struct,dn,mods))!=LDAP_SUCCESS) {
char *ld_error;
- ldap_get_option(ldap_struct, LDAP_OPT_ERROR_STRING,
+ ldap_get_option(ldap_state->ldap_struct, LDAP_OPT_ERROR_STRING,
&ld_error);
DEBUG(0,
("failed to add user with uid = %s with: %s\n\t%s\n",
pdb_get_username(newpwd), ldap_err2string(rc),
ld_error));
free(ld_error);
- return ret;
+ return NT_STATUS_UNSUCCESSFUL;
}
break;
case LDAP_MOD_REPLACE:
- if((rc = ldap_modify_s(ldap_struct,dn,mods))!=LDAP_SUCCESS) {
+ if((rc = ldap_modify_s(ldap_state->ldap_struct,dn,mods))!=LDAP_SUCCESS) {
char *ld_error;
- ldap_get_option(ldap_struct, LDAP_OPT_ERROR_STRING,
+ ldap_get_option(ldap_state->ldap_struct, LDAP_OPT_ERROR_STRING,
&ld_error);
DEBUG(0,
("failed to modify user with uid = %s with: %s\n\t%s\n",
pdb_get_username(newpwd), ldap_err2string(rc),
ld_error));
free(ld_error);
- return ret;
+ return NT_STATUS_UNSUCCESSFUL;
}
break;
default:
DEBUG(0,("Wrong LDAP operation type: %d!\n",ldap_op));
- return ret;
+ return NT_STATUS_UNSUCCESSFUL;
}
}
@@ -1470,9 +1499,14 @@ static NTSTATUS ldapsam_modify_entry(LDA
char *retoid;
struct berval *retdata;
+ ret = ldapsam_open(my_methods);
+ if (!NT_STATUS_IS_OK(ret)) {
+ return ret;
+ }
+
if ((ber = ber_alloc_t(LBER_USE_DER))==NULL) {
DEBUG(0,("ber_alloc_t returns NULL\n"));
- return ret;
+ return NT_STATUS_UNSUCCESSFUL;
}
ber_printf (ber, "{");
ber_printf (ber, "ts", LDAP_TAG_EXOP_X_MODIFY_PASSWD_ID,dn);
@@ -1481,12 +1515,12 @@ static NTSTATUS ldapsam_modify_entry(LDA
if ((rc = ber_flatten (ber, &bv))<0) {
DEBUG(0,("ber_flatten returns a value <0\n"));
- return ret;
+ return NT_STATUS_UNSUCCESSFUL;
}
ber_free(ber,1);
- if ((rc = ldap_extended_operation_s(ldap_struct, LDAP_EXOP_X_MODIFY_PASSWD,
+ if ((rc = ldap_extended_operation_s(ldap_state->ldap_struct, LDAP_EXOP_X_MODIFY_PASSWD,
bv, NULL, NULL, &retoid, &retdata))!=LDAP_SUCCESS) {
DEBUG(0,("LDAP Password could not be changed for user %s: %s\n",
pdb_get_username(newpwd),ldap_err2string(rc)));
@@ -1514,55 +1548,47 @@ static NTSTATUS ldapsam_delete_sam_accou
const char *sname;
int rc;
char *dn;
- LDAP *ldap_struct;
LDAPMessage *entry;
LDAPMessage *result;
if (!sam_acct) {
DEBUG(0, ("sam_acct was NULL!\n"));
- return ret;
+ return NT_STATUS_UNSUCCESSFUL;
}
sname = pdb_get_username(sam_acct);
- if (!ldapsam_open_connection(ldap_state, &ldap_struct))
- return ret;
-
DEBUG (3, ("Deleting user %s from LDAP.\n", sname));
-
- if (!ldapsam_connect_system(ldap_state, ldap_struct)) {
- ldap_unbind (ldap_struct);
- DEBUG(0, ("Failed to delete user %s from LDAP.\n", sname));
+
+ ret = ldapsam_open(my_methods);
+ if (!NT_STATUS_IS_OK(ret)) {
return ret;
- }
+ }
- rc = ldapsam_search_one_user_by_name(ldap_state, ldap_struct, sname, &result);
- if (ldap_count_entries (ldap_struct, result) == 0) {
+ rc = ldapsam_search_one_user_by_name(ldap_state, ldap_state->ldap_struct, sname, &result);
+ if (ldap_count_entries (ldap_state->ldap_struct, result) == 0) {
DEBUG (0, ("User doesn't exit!\n"));
ldap_msgfree (result);
- ldap_unbind (ldap_struct);
- return ret;
+ return NT_STATUS_UNSUCCESSFUL;
}
- entry = ldap_first_entry (ldap_struct, result);
- dn = ldap_get_dn (ldap_struct, entry);
+ entry = ldap_first_entry (ldap_state->ldap_struct, result);
+ dn = ldap_get_dn (ldap_state->ldap_struct, entry);
ldap_msgfree(result);
- rc = ldap_delete_s (ldap_struct, dn);
+ rc = ldap_delete_s (ldap_state->ldap_struct, dn);
ldap_memfree (dn);
if (rc != LDAP_SUCCESS) {
char *ld_error;
- ldap_get_option (ldap_struct, LDAP_OPT_ERROR_STRING, &ld_error);
+ ldap_get_option (ldap_state->ldap_struct, LDAP_OPT_ERROR_STRING, &ld_error);
DEBUG (0,("failed to delete user with uid = %s with: %s\n\t%s\n",
sname, ldap_err2string (rc), ld_error));
free (ld_error);
- ldap_unbind (ldap_struct);
- return ret;
+ return NT_STATUS_UNSUCCESSFUL;
}
DEBUG (2,("successfully deleted uid = %s from the LDAP database\n", sname));
- ldap_unbind (ldap_struct);
return NT_STATUS_OK;
}
@@ -1575,7 +1601,6 @@ static NTSTATUS ldapsam_update_sam_accou
struct ldapsam_privates *ldap_state = (struct ldapsam_privates *)my_methods->private_data;
int rc;
char *dn;
- LDAP *ldap_struct;
LDAPMessage *result;
LDAPMessage *entry;
LDAPMod **mods;
@@ -1583,8 +1608,7 @@ static NTSTATUS ldapsam_update_sam_accou
if (!init_ldap_from_sam(ldap_state, &mods, LDAP_MOD_REPLACE, False, newpwd)) {
DEBUG(0, ("ldapsam_update_sam_account: init_ldap_from_sam failed!\n"));
ldap_msgfree(result);
- ldap_unbind(ldap_struct);
- return ret;
+ return NT_STATUS_UNSUCCESSFUL;
}
if (mods == NULL) {
@@ -1592,33 +1616,29 @@ static NTSTATUS ldapsam_update_sam_accou
return NT_STATUS_OK;
}
- if (!ldapsam_open_connection(ldap_state, &ldap_struct)) /* open a connection to the server */
- return ret;
-
- if (!ldapsam_connect_system(ldap_state, ldap_struct)) { /* connect as system account */
- ldap_unbind(ldap_struct);
+ ret = ldapsam_open(my_methods);
+ if (!NT_STATUS_IS_OK(ret)) {
return ret;
}
- rc = ldapsam_search_one_user_by_name(ldap_state, ldap_struct,
+ rc = ldapsam_search_one_user_by_name(ldap_state, ldap_state->ldap_struct,
pdb_get_username(newpwd), &result);
- if (ldap_count_entries(ldap_struct, result) == 0) {
+ if (ldap_count_entries(ldap_state->ldap_struct, result) == 0) {
DEBUG(0, ("No user to modify!\n"));
ldap_msgfree(result);
- ldap_unbind(ldap_struct);
- return ret;
+ return NT_STATUS_UNSUCCESSFUL;
}
- entry = ldap_first_entry(ldap_struct, result);
- dn = ldap_get_dn(ldap_struct, entry);
+ entry = ldap_first_entry(ldap_state->ldap_struct, result);
+ dn = ldap_get_dn(ldap_state->ldap_struct, entry);
ldap_msgfree(result);
- if (NT_STATUS_IS_ERR(ldapsam_modify_entry(ldap_struct,newpwd,dn,mods,LDAP_MOD_REPLACE, False))) {
+ ret = ldapsam_modify_entry(my_methods,newpwd,dn,mods,LDAP_MOD_REPLACE, False);
+ if (NT_STATUS_IS_ERR(ret)) {
DEBUG(0,("failed to modify user with uid = %s\n",
pdb_get_username(newpwd)));
ldap_mods_free(mods,1);
- ldap_unbind(ldap_struct);
return ret;
}
@@ -1627,7 +1647,6 @@ static NTSTATUS ldapsam_update_sam_accou
("successfully modified uid = %s in the LDAP database\n",
pdb_get_username(newpwd)));
ldap_mods_free(mods, 1);
- ldap_unbind(ldap_struct);
return NT_STATUS_OK;
}
@@ -1640,7 +1659,6 @@ static NTSTATUS ldapsam_add_sam_account(
struct ldapsam_privates *ldap_state = (struct ldapsam_privates *)my_methods->private_data;
int rc;
pstring filter;
- LDAP *ldap_struct = NULL;
LDAPMessage *result = NULL;
pstring dn;
LDAPMod **mods = NULL;
@@ -1650,35 +1668,31 @@ static NTSTATUS ldapsam_add_sam_account(
const char *username = pdb_get_username(newpwd);
if (!username || !*username) {
DEBUG(0, ("Cannot add user without a username!\n"));
- return ret;
+ return NT_STATUS_UNSUCCESSFUL;
}
- if (!ldapsam_open_connection(ldap_state, &ldap_struct)) /* open a connection to the server */
- return ret;
-
- if (!ldapsam_connect_system(ldap_state, ldap_struct)) { /* connect as system account */
- ldap_unbind(ldap_struct);
+ ret = ldapsam_open(my_methods);
+ if (!NT_STATUS_IS_OK(ret)) {
return ret;
}
- rc = ldapsam_search_one_user_by_name (ldap_state, ldap_struct, username, &result);
+ rc = ldapsam_search_one_user_by_name (ldap_state, ldap_state->ldap_struct, username, &result);
- if (ldap_count_entries(ldap_struct, result) != 0) {
+ if (ldap_count_entries(ldap_state->ldap_struct, result) != 0) {
DEBUG(0,("User already in the base, with samba properties\n"));
ldap_msgfree(result);
- ldap_unbind(ldap_struct);
- return ret;
+ return NT_STATUS_UNSUCCESSFUL;
}
ldap_msgfree(result);
slprintf (filter, sizeof (filter) - 1, "uid=%s", username);
- rc = ldapsam_search_one_user(ldap_state, ldap_struct, filter, &result);
- num_result = ldap_count_entries(ldap_struct, result);
+ rc = ldapsam_search_one_user(ldap_state, ldap_state->ldap_struct, filter, &result);
+ num_result = ldap_count_entries(ldap_state->ldap_struct, result);
if (num_result > 1) {
DEBUG (0, ("More than one user with that uid exists: bailing out!\n"));
ldap_msgfree(result);
- return ret;
+ return NT_STATUS_UNSUCCESSFUL;
}
/* Check if we need to update an existing entry */
@@ -1688,8 +1702,8 @@ static NTSTATUS ldapsam_add_sam_account(
DEBUG(3,("User exists without samba properties: adding them\n"));
ldap_op = LDAP_MOD_REPLACE;
- entry = ldap_first_entry (ldap_struct, result);
- tmp = ldap_get_dn (ldap_struct, entry);
+ entry = ldap_first_entry (ldap_state->ldap_struct, result);
+ tmp = ldap_get_dn (ldap_state->ldap_struct, entry);
slprintf (dn, sizeof (dn) - 1, "%s", tmp);
ldap_memfree (tmp);
} else {
@@ -1708,28 +1722,26 @@ static NTSTATUS ldapsam_add_sam_account(
if (!init_ldap_from_sam(ldap_state, &mods, ldap_op, True, newpwd)) {
DEBUG(0, ("ldapsam_add_sam_account: init_ldap_from_sam failed!\n"));
ldap_mods_free(mods, 1);
- ldap_unbind(ldap_struct);
- return ret;
+ return NT_STATUS_UNSUCCESSFUL;
}
if (mods == NULL) {
DEBUG(0,("mods is empty: nothing to add for user: %s\n",pdb_get_username(newpwd)));
- return ret;
+ return NT_STATUS_UNSUCCESSFUL;
}
make_a_mod(&mods, LDAP_MOD_ADD, "objectclass", "sambaAccount");
- if (NT_STATUS_IS_ERR(ldapsam_modify_entry(ldap_struct,newpwd,dn,mods,ldap_op, True))) {
+ ret = ldapsam_modify_entry(my_methods,newpwd,dn,mods,ldap_op, True);
+ if (NT_STATUS_IS_ERR(ret)) {
DEBUG(0,("failed to modify/add user with uid = %s (dn = %s)\n",
pdb_get_username(newpwd),dn));
ldap_mods_free(mods,1);
- ldap_unbind(ldap_struct);
return ret;
}
DEBUG(2,("added: uid = %s in the LDAP database\n", pdb_get_username(newpwd)));
ldap_mods_free(mods, 1);
- ldap_unbind(ldap_struct);
return NT_STATUS_OK;
}
@@ -1745,6 +1757,11 @@ static void free_private_data(void **vp)
memset((*ldap_state)->bind_secret, '\0', strlen((*ldap_state)->bind_secret));
}
+ if ((*ldap_state)->ldap_struct) {
+ ldap_unbind((*ldap_state)->ldap_struct);
+ (*ldap_state)->ldap_struct = NULL;
+ }
+
SAFE_FREE((*ldap_state)->bind_dn);
SAFE_FREE((*ldap_state)->bind_secret);
@@ -1763,7 +1780,7 @@ NTSTATUS pdb_init_ldapsam(PDB_CONTEXT *p
}
(*pdb_method)->name = "ldapsam";
-
+
(*pdb_method)->setsampwent = ldapsam_setsampwent;
(*pdb_method)->endsampwent = ldapsam_endsampwent;
(*pdb_method)->getsampwent = ldapsam_getsampwent;
More information about the samba-technical
mailing list