s4:dcesrv_samr_EnumDomainUsers - make this call look more similar to "EnumDomainGroups" and "EnumDomainAliases"
Matthias Dieter Wallnöfer
mdw at samba.org
Sun Jun 13 01:43:47 MDT 2010
the original intention was to fix another bug which I didn't find in the
SAMR RPC code since it is located/or not handled in the DSDB code. But
so I cleaned up each function to be more consistent to their siblings
(makes them easier to understand and maintain).
Back to my real bug: The problem is with linked attributes: if you
remove one, it is marked as "removed" on the repl_meta_data
(replication) level - but it does still exist. So the problem is, when
you do a search eg (member=xxx) and there are entries with removed
"member: xxx" attributes they are still returned! That shouldn't happen
and confuses SAMR.
It would be really nice if you or someone else could fix this! I'm
really not an expert in the "repl_meta_data" code.
Andrew Bartlett wrote:
> On Sat, 2010-06-12 at 09:52 -0500, Matthias Dieter Wallnöfer wrote:
>> The branch, master has been updated
>> via 890d590... s4:password_hash LDB module - this does really deactivate the MS LAN manager hash
>> via 3e98262... s4:password_hash LDB module - fix comment
>> via 4d68147... s4:torture - SAMR testsuite - now we do support "GetAliasMembership" as expected
>> via d2c25e1... s4:dcesrv_samr_GetAliasMembership - provide a correct implementation
>> via 4a8ee9a... s4:dcesrv_samr_EnumDomainGroups/Aliases - when we don't get a SID then the database is corrupted
>> via 4659b3c... s4:dcesrv_samr_QueryAliasInfo - return "NT_STATUS_NO_SUCH_ALIAS" when it wasn't found
>> via d2099a1... s4:dcesrv_samr_QueryGroupInfo - make it more like "QueryAliasInfo"
>> via 776eb25... s4:dcesrv_samr_QueryUserInfo - minor fixes
>> via cdecae6... s4:dcesrv_samr_QueryDomainInfo - allocate the "info" structure only when really needed
>> via 0171f71... s4:dcesrv_samr_EnumDomainGroups - mostly small fixes
>> via f2c3d39... s4:dcesrv_samr_EnumDomainAliases - return an empty array also when no entry was returned
>> via 5a1cb70... s4:dcesrv_samr_EnumDomainAliases - mostly small fixes
>> via 84bda98... s4:dcesrv_samr_EnumDomainUsers - make this call look more similar to "EnumDomainGroups" and "EnumDomainAliases"
>> via bbb0b31... s4:ldif_read_prefixMap - don't cause memory leaks on error conditions
>> from 14974ba... s3: Remove smbd_server_conn from cancel_pending_lock_requests_by_fid_smb2
> Thanks for all these fixes!
> BTW, I did want to point out, because it isn't documented anywhere, what
> functions we are trying to move our code to use, and what functions I
> would like to remove.
> In general, the samdb_*() functions are the older functions, and return
> -1 on errors etc. These we should try and use less, and eventually
> The newer utility fucntions are the dsdb_*() functions, particularly
> those in dsdb_util.c. These give better error returns, and are what I
> would like our code to start using were sensible, and to otherwise use
> the ldb_*() functions directly.
> Anyway, I do appreciate your efforts here, particularly to fix up and
> enable testing of dcesrv_samr_GetAliasMembership.
> Andrew Bartlett
More information about the samba-technical