Author: gd Date: 2005-01-25 23:30:05 +0000 (Tue, 25 Jan 2005) New Revision: 4994
WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=rev&root=samba&rev=4994 Log: Patch from abartlet: When migrating account policies to ldapsam, handle the fact that an admin might have changed the default location of the sambaDomain-object after installation. Guenther Modified: branches/SAMBA_3_0/source/passdb/pdb_ldap.c trunk/source/passdb/pdb_ldap.c Changeset: Modified: branches/SAMBA_3_0/source/passdb/pdb_ldap.c =================================================================== --- branches/SAMBA_3_0/source/passdb/pdb_ldap.c 2005-01-25 23:14:46 UTC (rev 4993) +++ branches/SAMBA_3_0/source/passdb/pdb_ldap.c 2005-01-25 23:30:05 UTC (rev 4994) @@ -96,6 +96,8 @@ /* configuration items */ int schema_ver; + + char *domain_dn; }; /********************************************************************** @@ -2885,7 +2887,7 @@ LDAPMessage *entry = NULL; int count; int rc; - pstring filter, base; + pstring filter; char **vals; const char *policy_string = NULL; int tmp_val; @@ -2915,12 +2917,13 @@ LDAP_OBJ_ACCOUNT_POLICY, get_attr_key2string(acctpol_attr_list, LDAP_ATTR_ACCOUNT_POLICY_NAME), policy_string); + + if (!ldap_state->domain_dn) { + return NT_STATUS_INVALID_PARAMETER; + } - pstr_sprintf(base, "%s=%s,%s", get_attr_key2string(dominfo_attr_list, LDAP_ATTR_DOMAIN), - get_global_sam_name(), lp_ldap_suffix()); - search: - rc = smbldap_search(ldap_state->smbldap_state, base, + rc = smbldap_search(ldap_state->smbldap_state, ldap_state->domain_dn, LDAP_SCOPE_ONELEVEL, filter, attrs, 0, &result); if (rc != LDAP_SUCCESS) @@ -2995,7 +2998,7 @@ LDAPMessage *entry = NULL; int count; int rc; - pstring filter, base, dn; + pstring filter, dn; int modop; LDAPMod **mods = NULL; fstring value_string; @@ -3029,10 +3032,11 @@ get_attr_key2string(acctpol_attr_list, LDAP_ATTR_ACCOUNT_POLICY_NAME), policy_string); - pstr_sprintf(base, "%s=%s,%s", get_attr_key2string(dominfo_attr_list, LDAP_ATTR_DOMAIN), - get_global_sam_name(), lp_ldap_suffix()); - - rc = smbldap_search(ldap_state->smbldap_state, base, + if (!ldap_state->domain_dn) { + return NT_STATUS_INVALID_PARAMETER; + } + + rc = smbldap_search(ldap_state->smbldap_state, ldap_state->domain_dn, LDAP_SCOPE_ONELEVEL, filter, attrs, 0, &result); if (rc != LDAP_SUCCESS) @@ -3069,10 +3073,9 @@ modop = LDAP_MOD_ADD; - pstr_sprintf(dn, "%s=%s,%s=%s,%s", + pstr_sprintf(dn, "%s=%s,%s", get_attr_key2string(acctpol_attr_list, LDAP_ATTR_ACCOUNT_POLICY_NAME), policy_string, - get_attr_key2string(dominfo_attr_list, LDAP_ATTR_DOMAIN), get_global_sam_name(), - lp_ldap_suffix()); + ldap_state->domain_dn); smbldap_set_mod( &mods, modop, "objectClass", LDAP_OBJ_ACCOUNT_POLICY ); @@ -3131,6 +3134,9 @@ ldap_msgfree((*ldap_state)->result); (*ldap_state)->result = NULL; } + if ((*ldap_state)->domain_dn != NULL) { + SAFE_FREE((*ldap_state)->domain_dn); + } *ldap_state = NULL; @@ -3252,6 +3258,7 @@ DOM_SID ldap_domain_sid; DOM_SID secrets_domain_sid; pstring domain_sid_string; + char *dn; if (!NT_STATUS_IS_OK(nt_status = pdb_init_ldapsam_common(pdb_context, pdb_method, location))) { return nt_status; @@ -3289,6 +3296,12 @@ return NT_STATUS_UNSUCCESSFUL; } + dn = smbldap_get_dn(ldap_state->smbldap_state->ldap_struct, entry); + if (!dn) { + return NT_STATUS_UNSUCCESSFUL; + } + + ldap_state->domain_dn = smb_xstrdup(dn); if (smbldap_get_single_pstring(ldap_state->smbldap_state->ldap_struct, entry, get_userattr_key2string(ldap_state->schema_ver, LDAP_ATTR_USER_SID), domain_sid_string)) { Modified: trunk/source/passdb/pdb_ldap.c =================================================================== --- trunk/source/passdb/pdb_ldap.c 2005-01-25 23:14:46 UTC (rev 4993) +++ trunk/source/passdb/pdb_ldap.c 2005-01-25 23:30:05 UTC (rev 4994) @@ -96,6 +96,8 @@ /* configuration items */ int schema_ver; + + char *domain_dn; }; /********************************************************************** @@ -2885,7 +2887,7 @@ LDAPMessage *entry = NULL; int count; int rc; - pstring filter, base; + pstring filter; char **vals; const char *policy_string = NULL; int tmp_val; @@ -2915,12 +2917,13 @@ LDAP_OBJ_ACCOUNT_POLICY, get_attr_key2string(acctpol_attr_list, LDAP_ATTR_ACCOUNT_POLICY_NAME), policy_string); + + if (!ldap_state->domain_dn) { + return NT_STATUS_INVALID_PARAMETER; + } - pstr_sprintf(base, "%s=%s,%s", get_attr_key2string(dominfo_attr_list, LDAP_ATTR_DOMAIN), - get_global_sam_name(), lp_ldap_suffix()); - search: - rc = smbldap_search(ldap_state->smbldap_state, base, + rc = smbldap_search(ldap_state->smbldap_state, ldap_state->domain_dn, LDAP_SCOPE_ONELEVEL, filter, attrs, 0, &result); if (rc != LDAP_SUCCESS) @@ -2995,7 +2998,7 @@ LDAPMessage *entry = NULL; int count; int rc; - pstring filter, base, dn; + pstring filter, dn; int modop; LDAPMod **mods = NULL; fstring value_string; @@ -3029,10 +3032,11 @@ get_attr_key2string(acctpol_attr_list, LDAP_ATTR_ACCOUNT_POLICY_NAME), policy_string); - pstr_sprintf(base, "%s=%s,%s", get_attr_key2string(dominfo_attr_list, LDAP_ATTR_DOMAIN), - get_global_sam_name(), lp_ldap_suffix()); - - rc = smbldap_search(ldap_state->smbldap_state, base, + if (!ldap_state->domain_dn) { + return NT_STATUS_INVALID_PARAMETER; + } + + rc = smbldap_search(ldap_state->smbldap_state, ldap_state->domain_dn, LDAP_SCOPE_ONELEVEL, filter, attrs, 0, &result); if (rc != LDAP_SUCCESS) @@ -3069,10 +3073,9 @@ modop = LDAP_MOD_ADD; - pstr_sprintf(dn, "%s=%s,%s=%s,%s", + pstr_sprintf(dn, "%s=%s,%s", get_attr_key2string(acctpol_attr_list, LDAP_ATTR_ACCOUNT_POLICY_NAME), policy_string, - get_attr_key2string(dominfo_attr_list, LDAP_ATTR_DOMAIN), get_global_sam_name(), - lp_ldap_suffix()); + ldap_state->domain_dn); smbldap_set_mod( &mods, modop, "objectClass", LDAP_OBJ_ACCOUNT_POLICY ); @@ -3131,6 +3134,9 @@ ldap_msgfree((*ldap_state)->result); (*ldap_state)->result = NULL; } + if ((*ldap_state)->domain_dn != NULL) { + SAFE_FREE((*ldap_state)->domain_dn); + } *ldap_state = NULL; @@ -3252,6 +3258,7 @@ DOM_SID ldap_domain_sid; DOM_SID secrets_domain_sid; pstring domain_sid_string; + char *dn; if (!NT_STATUS_IS_OK(nt_status = pdb_init_ldapsam_common(pdb_context, pdb_method, location))) { return nt_status; @@ -3289,6 +3296,12 @@ return NT_STATUS_UNSUCCESSFUL; } + dn = smbldap_get_dn(ldap_state->smbldap_state->ldap_struct, entry); + if (!dn) { + return NT_STATUS_UNSUCCESSFUL; + } + + ldap_state->domain_dn = smb_xstrdup(dn); if (smbldap_get_single_pstring(ldap_state->smbldap_state->ldap_struct, entry, get_userattr_key2string(ldap_state->schema_ver, LDAP_ATTR_USER_SID), domain_sid_string)) {