The branch, master has been updated
via 3055ead... s4:torture/ldap/basic.c - add more error code/messages
tests
via 7cbe303... s4:ldap_backend.c - more customisations to match Windows
Server error behaviour on renames
via e315ace... ldb:ldb_dn.c - don't support "ldb_dn_add_child" on a ""
parent DN
via bce8017... s4:python/samba/__init__.py - now specify the "relax"
control for the delete operation before the provision
via c0538a0... ldb:api.py - add a small test for the enhanced
"py_ldb_delete" syntax
via ca34ffa... ldb:python bindings - some small cleanup & improvements
in "py_ldb_add"
via 2aeea4b... ldb:python bindings - let also "py_ldb_delete" support
controls
via d16697d... s4:objectclass LDB module - disable delete operations
when "SYSTEM_FLAG_DISALLOW_DELETE" is specified
via 46bcf88... s4:rootdse LDB module - strip trailing whitespaces
via 7f46a91... s4:rootdse LDB module - protect add and delete
operations on the rootdse entry
via 72e14ea... s4:rootdse LDB module - Return "UNWILLING_TO_PERFORM"
when no attribute fits on a change
via 2af67a3... s4:rootdse LDB module - refactor error messages
via a438123... s4:objectclass LDB module - use the old DN when
displaying error messages
via ee2bb44... s4:objectclass LDB module - add a better message when
the parent DN is invalid
via 04890bb... s4:objectclass LDB module - add an error message when
someone tries to add entries without objectclasses
via 9da8b06... s4:objectclass LDB module - handle the case when there
is a retry to add the root basedn
from 24930aa... wafsamba: Use octal modes directly rather than constants.
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master
- Log -----------------------------------------------------------------
commit 3055ead4cff55895917ca88c3fb91c89da34ad5f
Author: Matthias Dieter Wallnöfer <m...@samba.org>
Date: Thu Jun 17 15:39:06 2010 +0200
s4:torture/ldap/basic.c - add more error code/messages tests
And now we do match at least the LDAP error code (the WERROR one does still
differ from Windows - we will see how to change that).
commit 7cbe3035d9f0d534d017f65fa2250011c45bb415
Author: Matthias Dieter Wallnöfer <m...@samba.org>
Date: Sat Jun 19 14:58:31 2010 +0200
s4:ldap_backend.c - more customisations to match Windows Server error
behaviour on renames
commit e315aceda357711284da08094f80b1e03346fef0
Author: Matthias Dieter Wallnöfer <m...@samba.org>
Date: Sat Jun 19 14:49:23 2010 +0200
ldb:ldb_dn.c - don't support "ldb_dn_add_child" on a "" parent DN
It's meaningless and could end in DNs as "cn=child,".
commit bce8017ca9f64ce8e3bf94312d69f97e87d3d41a
Author: Matthias Dieter Wallnöfer <m...@samba.org>
Date: Fri Jun 18 22:20:22 2010 +0200
s4:python/samba/__init__.py - now specify the "relax" control for the
delete operation before the provision
commit c0538a006d5381f3bc17d90f873e791d35bbde17
Author: Matthias Dieter Wallnöfer <m...@samba.org>
Date: Fri Jun 18 22:17:54 2010 +0200
ldb:api.py - add a small test for the enhanced "py_ldb_delete" syntax
commit ca34ffaaac4cc98dc600cb8b5bc6e8ecf93f7492
Author: Matthias Dieter Wallnöfer <m...@samba.org>
Date: Fri Jun 18 22:08:58 2010 +0200
ldb:python bindings - some small cleanup & improvements in "py_ldb_add"
Also to make it similar to "py_ldb_delete".
commit 2aeea4bb4d214675334da7c45e896d88ccb85832
Author: Matthias Dieter Wallnöfer <m...@samba.org>
Date: Fri Jun 18 22:04:07 2010 +0200
ldb:python bindings - let also "py_ldb_delete" support controls
commit d16697df4908de57a379796e22c82929b8422b92
Author: Matthias Dieter Wallnöfer <m...@samba.org>
Date: Fri Jun 18 21:35:43 2010 +0200
s4:objectclass LDB module - disable delete operations when
"SYSTEM_FLAG_DISALLOW_DELETE" is specified
commit 46bcf883bfe07d50b1009f1878093d8643d70a95
Author: Matthias Dieter Wallnöfer <m...@samba.org>
Date: Fri Jun 18 21:13:39 2010 +0200
s4:rootdse LDB module - strip trailing whitespaces
commit 7f46a91e7764766460cb374b5cc65e769184d91f
Author: Matthias Dieter Wallnöfer <m...@samba.org>
Date: Fri Jun 18 21:10:19 2010 +0200
s4:rootdse LDB module - protect add and delete operations on the rootdse
entry
commit 72e14ea8bd47695dcdf1a3c8ee3a017c6d2e4d5c
Author: Matthias Dieter Wallnöfer <m...@samba.org>
Date: Fri Jun 18 20:53:25 2010 +0200
s4:rootdse LDB module - Return "UNWILLING_TO_PERFORM" when no attribute
fits on a change
commit 2af67a3602528f55f3fb871bac0bc15ee88df702
Author: Matthias Dieter Wallnöfer <m...@samba.org>
Date: Fri Jun 18 20:52:33 2010 +0200
s4:rootdse LDB module - refactor error messages
Fix indentations, use "set_errstring" when no "asprintf" functionality
required.
commit a4381239ba364ad025308e9b8f310942dde36db8
Author: Matthias Dieter Wallnöfer <m...@samba.org>
Date: Sat Jun 19 17:47:22 2010 +0200
s4:objectclass LDB module - use the old DN when displaying error messages
commit ee2bb4474f38ce3c8d7a641059ca85cde1a12e9c
Author: Matthias Dieter Wallnöfer <m...@samba.org>
Date: Sat Jun 19 17:46:57 2010 +0200
s4:objectclass LDB module - add a better message when the parent DN is
invalid
commit 04890bb750ba900e8ee476690e8f882676217c72
Author: Matthias Dieter Wallnöfer <m...@samba.org>
Date: Thu Jun 17 15:32:48 2010 +0200
s4:objectclass LDB module - add an error message when someone tries to add
entries without objectclasses
commit 9da8b06112257f87860e31273c9d3128bc811371
Author: Matthias Dieter Wallnöfer <m...@samba.org>
Date: Thu Jun 17 15:17:05 2010 +0200
s4:objectclass LDB module - handle the case when there is a retry to add
the root basedn
This isn't quitted with a normal "NO_SUCH_OBJECT" (parent not found) but
with a
very special referral: one with the DN itself and the hostname is the last
component value of the DN.
-----------------------------------------------------------------------
Summary of changes:
source4/dsdb/samdb/ldb_modules/objectclass.c | 127 ++++++++++-
source4/dsdb/samdb/ldb_modules/rootdse.c | 142 ++++++++-----
source4/ldap_server/ldap_backend.c | 29 ++--
source4/lib/ldb/common/ldb_dn.c | 7 +
source4/lib/ldb/pyldb.c | 83 ++++++--
source4/lib/ldb/tests/python/api.py | 9 +
source4/scripting/python/samba/__init__.py | 10 +-
source4/torture/ldap/basic.c | 294 +++++++++++++++++++++++---
8 files changed, 568 insertions(+), 133 deletions(-)
Changeset truncated at 500 lines:
diff --git a/source4/dsdb/samdb/ldb_modules/objectclass.c
b/source4/dsdb/samdb/ldb_modules/objectclass.c
index e5769a6..ed97a7d 100644
--- a/source4/dsdb/samdb/ldb_modules/objectclass.c
+++ b/source4/dsdb/samdb/ldb_modules/objectclass.c
@@ -360,6 +360,8 @@ static int objectclass_add(struct ldb_module *module,
struct ldb_request *req)
struct ldb_request *search_req;
struct oc_context *ac;
struct ldb_dn *parent_dn;
+ const struct ldb_val *val;
+ char *value;
int ret;
static const char * const parent_attrs[] = { "objectGUID",
"objectClass", NULL };
@@ -372,9 +374,34 @@ static int objectclass_add(struct ldb_module *module,
struct ldb_request *req)
return ldb_next_request(module, req);
}
- /* the objectClass must be specified on add */
- if (ldb_msg_find_element(req->op.add.message,
- "objectClass") == NULL) {
+ /* An add operation on the root basedn has a special handling when the
+ * relax control isn't specified. */
+ if (ldb_dn_compare(ldb_get_root_basedn(ldb), req->op.add.message->dn)
== 0) {
+ if (ldb_request_get_control(req,
+ LDB_CONTROL_RELAX_OID) == NULL) {
+ /* When we are trying to readd the root basedn then
+ * this is denied, but with an interesting mechanism:
+ * there is generated a referral with the last
+ * component value as hostname. */
+ val = ldb_dn_get_component_val(req->op.add.message->dn,
+
ldb_dn_get_comp_num(req->op.add.message->dn) - 1);
+ if (val == NULL) {
+ return LDB_ERR_OPERATIONS_ERROR;
+ }
+ value = talloc_asprintf(req, "ldap://%s/%s";, val->data,
+
ldb_dn_get_linearized(req->op.add.message->dn));
+ if (value == NULL) {
+ return LDB_ERR_OPERATIONS_ERROR;
+ }
+
+ return ldb_module_send_referral(req, value);
+ }
+ }
+
+ /* the various objectclasses must be specified on add operations */
+ if (ldb_msg_find_element(req->op.add.message, "objectClass") == NULL) {
+ ldb_asprintf_errstring(ldb, "objectclass: Cannot add %s, no
objectclass specified!",
+
ldb_dn_get_linearized(req->op.add.message->dn));
return LDB_ERR_OBJECT_CLASS_VIOLATION;
}
@@ -1027,8 +1054,9 @@ static int objectclass_rename(struct ldb_module *module,
struct ldb_request *req
parent_dn = ldb_dn_get_parent(ac, req->op.rename.newdn);
if (parent_dn == NULL) {
- ldb_oom(ldb);
- return LDB_ERR_OPERATIONS_ERROR;
+ ldb_asprintf_errstring(ldb, "objectclass: Cannot rename %s, the
parent DN does not exist!",
+
ldb_dn_get_linearized(req->op.rename.olddn));
+ return LDB_ERR_NO_SUCH_OBJECT;
}
/* this looks up the parent object for fetching some important
@@ -1072,7 +1100,7 @@ static int objectclass_do_rename(struct oc_context *ac)
* we don't get a LDB_ERR_NO_SUCH_OBJECT error. */
if (ac->search_res == NULL) {
ldb_asprintf_errstring(ldb, "objectclass: Cannot rename %s,
parent does not exist!",
-
ldb_dn_get_linearized(ac->req->op.rename.newdn));
+
ldb_dn_get_linearized(ac->req->op.rename.olddn));
return LDB_ERR_OTHER;
}
@@ -1112,7 +1140,7 @@ static int objectclass_do_rename2(struct oc_context *ac)
* we don't get a LDB_ERR_NO_SUCH_OBJECT error. */
if (ac->search_res == NULL) {
ldb_asprintf_errstring(ldb, "objectclass: Cannot rename %s,
entry does not exist!",
-
ldb_dn_get_linearized(ac->req->op.rename.newdn));
+
ldb_dn_get_linearized(ac->req->op.rename.olddn));
return LDB_ERR_NO_SUCH_OBJECT;
}
@@ -1214,10 +1242,84 @@ static int objectclass_do_rename2(struct oc_context *ac)
return ldb_next_request(ac->module, rename_req);
}
+static int objectclass_do_delete(struct oc_context *ac);
+
+static int objectclass_delete(struct ldb_module *module, struct ldb_request
*req)
+{
+ static const char * const attrs[] = { "systemFlags", NULL };
+ struct ldb_context *ldb;
+ struct ldb_request *search_req;
+ struct oc_context *ac;
+ int ret;
+
+ ldb = ldb_module_get_ctx(module);
+
+ ldb_debug(ldb, LDB_DEBUG_TRACE, "objectclass_delete\n");
+
+ /* do not manipulate our control entries */
+ if (ldb_dn_is_special(req->op.del.dn)) {
+ return ldb_next_request(module, req);
+ }
+
+ /* Bypass the "systemFlags" checks when we do have the "RELAX" control
+ * set. */
+ if (ldb_request_get_control(req, LDB_CONTROL_RELAX_OID) != NULL) {
+ return ldb_next_request(module, req);
+ }
+
+ ac = oc_init_context(module, req);
+ if (ac == NULL) {
+ return LDB_ERR_OPERATIONS_ERROR;
+ }
+
+ /* this looks up the entry object for fetching some important
+ * informations (systemFlags...) */
+ ret = ldb_build_search_req(&search_req, ldb,
+ ac, req->op.del.dn, LDB_SCOPE_BASE,
+ "(objectClass=*)",
+ attrs, NULL,
+ ac, get_search_callback,
+ req);
+ if (ret != LDB_SUCCESS) {
+ return ret;
+ }
+
+ ac->step_fn = objectclass_do_delete;
+
+ return ldb_next_request(ac->module, search_req);
+}
+
+static int objectclass_do_delete(struct oc_context *ac)
+{
+ struct ldb_context *ldb;
+ int32_t systemFlags;
+
+ ldb = ldb_module_get_ctx(ac->module);
+
+ /* Check if we have a valid entry - this check is needed since
+ * we don't get a LDB_ERR_NO_SUCH_OBJECT error. */
+ if (ac->search_res == NULL) {
+ ldb_asprintf_errstring(ldb, "objectclass: Cannot delete %s,
entry does not exist!",
+
ldb_dn_get_linearized(ac->req->op.del.dn));
+ return LDB_ERR_NO_SUCH_OBJECT;
+ }
+
+ systemFlags = ldb_msg_find_attr_as_int(ac->search_res->message,
+ "systemFlags", 0);
+ if ((systemFlags & SYSTEM_FLAG_DISALLOW_DELETE) != 0) {
+ ldb_asprintf_errstring(ldb, "objectclass: Cannot delete %s, it
isn't permitted!",
+
ldb_dn_get_linearized(ac->req->op.del.dn));
+ return LDB_ERR_UNWILLING_TO_PERFORM;
+ }
+
+ return ldb_next_request(ac->module, ac->req);
+}
+
static int objectclass_init(struct ldb_module *module)
{
struct ldb_context *ldb = ldb_module_get_ctx(module);
int ret;
+
/* Init everything else */
ret = ldb_next_init(module);
if (ret != LDB_SUCCESS) {
@@ -1231,9 +1333,10 @@ static int objectclass_init(struct ldb_module *module)
}
_PUBLIC_ const struct ldb_module_ops ldb_objectclass_module_ops = {
- .name = "objectclass",
- .add = objectclass_add,
- .modify = objectclass_modify,
- .rename = objectclass_rename,
- .init_context = objectclass_init
+ .name = "objectclass",
+ .add = objectclass_add,
+ .modify = objectclass_modify,
+ .rename = objectclass_rename,
+ .del = objectclass_delete,
+ .init_context = objectclass_init
};
diff --git a/source4/dsdb/samdb/ldb_modules/rootdse.c
b/source4/dsdb/samdb/ldb_modules/rootdse.c
index bf56420..2b0e449 100644
--- a/source4/dsdb/samdb/ldb_modules/rootdse.c
+++ b/source4/dsdb/samdb/ldb_modules/rootdse.c
@@ -1,21 +1,21 @@
-/*
+/*
Unix SMB/CIFS implementation.
rootDSE ldb module
Copyright (C) Andrew Tridgell 2005
Copyright (C) Simo Sorce 2005-2008
-
+
This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation; either version 3 of the License, or
(at your option) any later version.
-
+
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
-
+
You should have received a copy of the GNU General Public License
along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
@@ -153,13 +153,13 @@ static int expand_dn_in_message(struct ldb_module
*module, struct ldb_message *m
talloc_free(tmp_ctx);
return LDB_SUCCESS;
-}
-
+}
+
/*
add dynamically generated attributes to rootDSE result
*/
-static int rootdse_add_dynamic(struct ldb_module *module, struct ldb_message
*msg,
+static int rootdse_add_dynamic(struct ldb_module *module, struct ldb_message
*msg,
const char * const *attrs, struct ldb_request
*req)
{
struct ldb_context *ldb;
@@ -189,7 +189,7 @@ static int rootdse_add_dynamic(struct ldb_module *module,
struct ldb_message *ms
ldb_msg_remove_attr(msg, "name");
if (do_attribute(attrs, "currentTime")) {
- if (ldb_msg_add_steal_string(msg, "currentTime",
+ if (ldb_msg_add_steal_string(msg, "currentTime",
ldb_timestring(msg, time(NULL)))
!= 0) {
goto failed;
}
@@ -220,7 +220,7 @@ static int rootdse_add_dynamic(struct ldb_module *module,
struct ldb_message *ms
}
}
- server_sasl = talloc_get_type(ldb_get_opaque(ldb,
"supportedSASLMechanims"),
+ server_sasl = talloc_get_type(ldb_get_opaque(ldb,
"supportedSASLMechanims"),
char *);
if (server_sasl && do_attribute(attrs, "supportedSASLMechanisms")) {
unsigned int i;
@@ -240,7 +240,7 @@ static int rootdse_add_dynamic(struct ldb_module *module,
struct ldb_message *ms
uint64_t seq_num;
int ret = ldb_sequence_number(ldb, LDB_SEQ_HIGHEST_SEQ,
&seq_num);
if (ret == LDB_SUCCESS) {
- if (ldb_msg_add_fmt(msg, "highestCommittedUSN",
+ if (ldb_msg_add_fmt(msg, "highestCommittedUSN",
"%llu", (unsigned long
long)seq_num) != 0) {
goto failed;
}
@@ -255,7 +255,7 @@ static int rootdse_add_dynamic(struct ldb_module *module,
struct ldb_message *ms
n++;
}
- if (ldb_msg_add_fmt(msg, "dsSchemaAttrCount",
+ if (ldb_msg_add_fmt(msg, "dsSchemaAttrCount",
"%u", n) != 0) {
goto failed;
}
@@ -269,14 +269,14 @@ static int rootdse_add_dynamic(struct ldb_module *module,
struct ldb_message *ms
n++;
}
- if (ldb_msg_add_fmt(msg, "dsSchemaClassCount",
+ if (ldb_msg_add_fmt(msg, "dsSchemaClassCount",
"%u", n) != 0) {
goto failed;
}
}
if (schema && do_attribute_explicit(attrs, "dsSchemaPrefixCount")) {
- if (ldb_msg_add_fmt(msg, "dsSchemaPrefixCount",
+ if (ldb_msg_add_fmt(msg, "dsSchemaPrefixCount",
"%u", schema->prefixmap->length) != 0) {
goto failed;
}
@@ -320,14 +320,14 @@ static int rootdse_add_dynamic(struct ldb_module *module,
struct ldb_message *ms
}
if (do_attribute_explicit(attrs, "vendorVersion")) {
- if (ldb_msg_add_fmt(msg, "vendorVersion",
+ if (ldb_msg_add_fmt(msg, "vendorVersion",
"%s", SAMBA_VERSION_STRING) != 0) {
goto failed;
}
}
if (priv && do_attribute(attrs, "domainFunctionality")) {
- if (ldb_msg_add_fmt(msg, "domainFunctionality",
+ if (ldb_msg_add_fmt(msg, "domainFunctionality",
"%d", dsdb_functional_level(ldb)) != 0) {
goto failed;
}
@@ -335,7 +335,7 @@ static int rootdse_add_dynamic(struct ldb_module *module,
struct ldb_message *ms
if (priv && do_attribute(attrs, "forestFunctionality")
&& (val = talloc_get_type(ldb_get_opaque(ldb,
"forestFunctionality"), int))) {
- if (ldb_msg_add_fmt(msg, "forestFunctionality",
+ if (ldb_msg_add_fmt(msg, "forestFunctionality",
"%d", *val) != 0) {
goto failed;
}
@@ -343,7 +343,7 @@ static int rootdse_add_dynamic(struct ldb_module *module,
struct ldb_message *ms
if (priv && do_attribute(attrs, "domainControllerFunctionality")
&& (val = talloc_get_type(ldb_get_opaque(ldb,
"domainControllerFunctionality"), int))) {
- if (ldb_msg_add_fmt(msg, "domainControllerFunctionality",
+ if (ldb_msg_add_fmt(msg, "domainControllerFunctionality",
"%d", *val) != 0) {
goto failed;
}
@@ -633,7 +633,7 @@ static int rootdse_init(struct ldb_module *module)
LDB_SCOPE_BASE, attrs, NULL);
if (ret == LDB_SUCCESS && res->count == 1) {
int domain_behaviour_version
- = ldb_msg_find_attr_as_int(res->msgs[0],
+ = ldb_msg_find_attr_as_int(res->msgs[0],
"msDS-Behavior-Version", -1);
if (domain_behaviour_version != -1) {
int *val = talloc(ldb, int);
@@ -656,7 +656,7 @@ static int rootdse_init(struct ldb_module *module)
LDB_SCOPE_BASE, attrs, NULL);
if (ret == LDB_SUCCESS && res->count == 1) {
int forest_behaviour_version
- = ldb_msg_find_attr_as_int(res->msgs[0],
+ = ldb_msg_find_attr_as_int(res->msgs[0],
"msDS-Behavior-Version", -1);
if (forest_behaviour_version != -1) {
int *val = talloc(ldb, int);
@@ -679,14 +679,14 @@ static int rootdse_init(struct ldb_module *module)
LDB_SCOPE_BASE, ds_attrs, NULL);
if (ret == LDB_SUCCESS && res->count == 1) {
struct ldb_dn *ds_dn
- = ldb_msg_find_attr_as_dn(ldb, mem_ctx, res->msgs[0],
+ = ldb_msg_find_attr_as_dn(ldb, mem_ctx, res->msgs[0],
"dsServiceName");
if (ds_dn) {
- ret = ldb_search(ldb, mem_ctx, &res, ds_dn,
+ ret = ldb_search(ldb, mem_ctx, &res, ds_dn,
LDB_SCOPE_BASE, attrs, NULL);
if (ret == LDB_SUCCESS && res->count == 1) {
int domain_controller_behaviour_version
- =
ldb_msg_find_attr_as_int(res->msgs[0],
+ = ldb_msg_find_attr_as_int(res->msgs[0],
"msDS-Behavior-Version", -1);
if (domain_controller_behaviour_version != -1) {
int *val = talloc(ldb, int);
@@ -696,7 +696,7 @@ static int rootdse_init(struct ldb_module *module)
return LDB_ERR_OPERATIONS_ERROR;
}
*val =
domain_controller_behaviour_version;
- ret = ldb_set_opaque(ldb,
+ ret = ldb_set_opaque(ldb,
"domainControllerFunctionality", val);
if (ret != LDB_SUCCESS) {
talloc_free(mem_ctx);
@@ -708,7 +708,7 @@ static int rootdse_init(struct ldb_module *module)
}
talloc_free(mem_ctx);
-
+
return LDB_SUCCESS;
}
@@ -729,28 +729,28 @@ static int get_optional_feature_dn_guid(struct
ldb_request *req, struct ldb_cont
ldb_val_str = ldb_msg_find_attr_as_string(msg, "enableOptionalFeature",
NULL);
if (!ldb_val_str) {
- ldb_asprintf_errstring(ldb,
- "rootdse: unable to find
enableOptionalFeature\n");
+ ldb_set_errstring(ldb,
+ "rootdse: unable to find
'enableOptionalFeature'!");
return LDB_ERR_UNWILLING_TO_PERFORM;
}
guid = strchr(ldb_val_str, ':');
if (!guid) {
- ldb_asprintf_errstring(ldb,
- "rootdse: unable to find GUID in
enableOptionalFeature\n");
+ ldb_set_errstring(ldb,
+ "rootdse: unable to find GUID in
'enableOptionalFeature'!");
return LDB_ERR_UNWILLING_TO_PERFORM;
}
status = GUID_from_string(guid+1, op_feature_guid);
if (!NT_STATUS_IS_OK(status)) {
- ldb_asprintf_errstring(ldb,
- "rootdse: bad GUID in
enableOptionalFeature\n");
+ ldb_set_errstring(ldb,
+ "rootdse: bad GUID in
'enableOptionalFeature'!");
return LDB_ERR_UNWILLING_TO_PERFORM;
}
dn = talloc_strndup(tmp_ctx, ldb_val_str, guid-ldb_val_str);
if (!dn) {
- ldb_asprintf_errstring(ldb,
- "rootdse: bad DN in
enableOptionalFeature\n");
+ ldb_set_errstring(ldb,
+ "rootdse: bad DN in
'enableOptionalFeature'!");
return LDB_ERR_UNWILLING_TO_PERFORM;
}
@@ -787,8 +787,8 @@ static int dsdb_find_optional_feature(struct ldb_module
*module, struct ldb_cont
}
if (res->count != 1) {
ldb_asprintf_errstring(ldb,
- "More than one object found matching optional
feature GUID %s\n",
- GUID_string(tmp_ctx, &op_feature_guid));
+ "More than one object found matching
optional feature GUID %s\n",
+ GUID_string(tmp_ctx, &op_feature_guid));
talloc_free(tmp_ctx);
return LDB_ERR_OPERATIONS_ERROR;
}
@@ -813,16 +813,15 @@ static int rootdse_enable_recycle_bin(struct ldb_module
*module,struct ldb_conte
ret = ldb_msg_find_attr_as_int(op_feature_msg,
"msDS-RequiredForestBehaviorVersion", 0);
if (domain_func_level < ret){
ldb_asprintf_errstring(ldb,
- "rootdse: Domain
functional level must be at least %d\n",
- ret);
+ "rootdse_enable_recycle_bin: Domain
functional level must be at least %d\n",
+ ret);
return LDB_ERR_UNWILLING_TO_PERFORM;
}
tmp_ctx = talloc_new(mem_ctx);
ntds_settings_dn = samdb_ntds_settings_dn(ldb);
if (!ntds_settings_dn) {
- ldb_asprintf_errstring(ldb,
- __location__ ": Failed to find NTDS settings
DN\n");
+ DEBUG(0, (__location__ ": Failed to find NTDS settings DN\n"));
ret = LDB_ERR_OPERATIONS_ERROR;
talloc_free(tmp_ctx);
return ret;
@@ -845,8 +844,9 @@ static int rootdse_enable_recycle_bin(struct ldb_module
*module,struct ldb_conte
ret = dsdb_module_modify(module, msg, 0);
if (ret != LDB_SUCCESS) {
ldb_asprintf_errstring(ldb,
- "rootdse_enable_recycle_bin: Failed to modify
object %s - %s",
- ldb_dn_get_linearized(ntds_settings_dn),
ldb_errstring(ldb));
+ "rootdse_enable_recycle_bin: Failed to
modify object %s - %s",
+ ldb_dn_get_linearized(ntds_settings_dn),
+ ldb_errstring(ldb));
talloc_free(tmp_ctx);
return ret;
}
@@ -854,8 +854,10 @@ static int rootdse_enable_recycle_bin(struct ldb_module
*module,struct ldb_conte
msg->dn = op_feature_scope_dn;
ret = dsdb_module_modify(module, msg, 0);
if (ret != LDB_SUCCESS) {
- ldb_asprintf_errstring(ldb, "rootdse_enable_recycle_bin: Failed
to modify object %s - %s",
-
ldb_dn_get_linearized(op_feature_scope_dn), ldb_errstring(ldb));
+ ldb_asprintf_errstring(ldb,
+ "rootdse_enable_recycle_bin: Failed to
modify object %s - %s",
+
ldb_dn_get_linearized(op_feature_scope_dn),
+ ldb_errstring(ldb));
talloc_free(tmp_ctx);
return ret;
}
@@ -886,7 +888,7 @@ static int rootdse_enableoptionalfeature(struct ldb_module
*module, struct ldb_r
const char *guid_string;
if (security_session_user_level(session_info, NULL) != SECURITY_SYSTEM)
{
- ldb_asprintf_errstring(ldb, "rootdse: Insufficient rights for
enableoptionalfeature");
+ ldb_set_errstring(ldb, "rootdse: Insufficient rights for
enableoptionalfeature");
return LDB_ERR_UNWILLING_TO_PERFORM;
}
@@ -898,14 +900,15 @@ static int rootdse_enableoptionalfeature(struct
ldb_module *module, struct ldb_r
guid_string = GUID_string(tmp_ctx, &op_feature_guid);
if (!guid_string) {
- ldb_asprintf_errstring(ldb, "rootdse: bad optional feature
GUID");
+ ldb_set_errstring(ldb, "rootdse: bad optional feature GUID");
return LDB_ERR_UNWILLING_TO_PERFORM;
}
ret = dsdb_find_optional_feature(module, ldb, tmp_ctx, op_feature_guid,
&op_feature_msg);
if (ret != LDB_SUCCESS) {
- ldb_asprintf_errstring(ldb, "rootdse: unable to find optional
feature for %s - %s",
- guid_string,
ldb_errstring(ldb));
+ ldb_asprintf_errstring(ldb,
+ "rootdse: unable to find optional
feature for %s - %s",
+ guid_string, ldb_errstring(ldb));
talloc_free(tmp_ctx);
return ret;
}
@@ -915,13 +918,15 @@ static int rootdse_enableoptionalfeature(struct
ldb_module *module, struct ldb_r
tmp_ctx,
op_feature_scope_dn,
op_feature_msg);
} else {
- ldb_asprintf_errstring(ldb, "rootdse: unknown optional feature
%s",
+ ldb_asprintf_errstring(ldb,
+ "rootdse: unknown optional feature %s",
guid_string);
--
Samba Shared Repository
