Author: abartlet Date: 2006-08-31 08:17:09 +0000 (Thu, 31 Aug 2006) New Revision: 17955
WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=rev&root=samba&rev=17955 Log: Don't search for the dnsDomain attribute, it is invented (not in the AD schema). Andrew Bartlett Modified: branches/SAMBA_4_0/source/dsdb/samdb/ldb_modules/password_hash.c Changeset: Modified: branches/SAMBA_4_0/source/dsdb/samdb/ldb_modules/password_hash.c =================================================================== --- branches/SAMBA_4_0/source/dsdb/samdb/ldb_modules/password_hash.c 2006-08-31 08:15:23 UTC (rev 17954) +++ branches/SAMBA_4_0/source/dsdb/samdb/ldb_modules/password_hash.c 2006-08-31 08:17:09 UTC (rev 17955) @@ -90,7 +90,7 @@ struct domain_data { uint_t pwdProperties; uint_t pwdHistoryLength; - char *dnsDomain; + char *dns_domain; char *realm; }; @@ -165,7 +165,7 @@ if (name[strlen(name)-1] == '$') { name[strlen(name)-1] = '\0'; } - saltbody = talloc_asprintf(msg, "%s.%s", name, domain->dnsDomain); + saltbody = talloc_asprintf(msg, "%s.%s", name, domain->dns_domain); krb5_ret = krb5_make_principal(smb_krb5_context->krb5_context, &salt_principal, @@ -480,7 +480,7 @@ /* attrs[] is returned from this function in ac->dom_req->op.search.attrs, so it must be static, as otherwise the compiler can put it on the stack */ - static const char * const attrs[] = { "pwdProperties", "pwdHistoryLength", "dnsDomain", NULL }; + static const char * const attrs[] = { "pwdProperties", "pwdHistoryLength", NULL }; char *filter; ac->dom_req = talloc_zero(ac, struct ldb_request); @@ -520,7 +520,8 @@ struct domain_data *data; const char *tmp; struct ph_context *ac; - + char *p; + ac = talloc_get_type(ctx, struct ph_context); data = talloc_zero(ac, struct domain_data); @@ -536,11 +537,26 @@ data->pwdProperties = samdb_result_uint(res->message, "pwdProperties", 0); data->pwdHistoryLength = samdb_result_uint(res->message, "pwdHistoryLength", 0); - tmp = ldb_msg_find_attr_as_string(res->message, "dnsDomain", NULL); + /* For a domain DN, this puts things in dotted notation */ + /* For builtin domains, this will give details for the host, + * but that doesn't really matter, as it's just used for salt + * and kerberos principals, which don't exist here */ + + tmp = ldb_dn_canonical_string(ctx, res->message->dn); + if (!tmp) { + return NULL; + } + + /* But it puts a trailing (or just before 'builtin') / on things, so kill that */ + p = strchr(tmp, '/'); + if (p) { + p[0] = '\0'; + } + if (tmp != NULL) { - data->dnsDomain = talloc_strdup(data, tmp); - if (data->dnsDomain == NULL) { + data->dns_domain = strlower_talloc(data, tmp); + if (data->dns_domain == NULL) { ldb_debug(module->ldb, LDB_DEBUG_ERROR, "Out of memory!\n"); return NULL; }