Author: mimir
Date: 2004-08-11 05:23:55 +0000 (Wed, 11 Aug 2004)
New Revision: 1718
WebSVN: http://websvn.samba.org/websvn/changeset.php?rep=samba&path=/&rev=1718&nolog=1
Log:
Deleting trust password stored in ldap directory is now possible.
rafal
Modified:
trunk/source/passdb/pdb_ldap.c
Changeset:
Modified: trunk/source/passdb/pdb_ldap.c
===================================================================
--- trunk/source/passdb/pdb_ldap.c 2004-08-11 04:02:54 UTC (rev 1717)
+++ trunk/source/passdb/pdb_ldap.c 2004-08-11 05:23:55 UTC (rev 1718)
@@ -3701,7 +3701,7 @@
static NTSTATUS ldapsam_update_trust_passwd(struct pdb_methods *methods, const
SAM_TRUST_PASSWD *trust)
{
struct ldapsam_privates *ldap_state = (struct ldapsam_privates
*)methods->private_data;
- NTSTATUS nt_status = NT_STATUS_UNSUCCESSFUL;
+ NTSTATUS nt_status = NT_STATUS_OK;
SAM_TRUST_PASSWD trustpw;
char **attr_list;
LDAPMessage *res = NULL;
@@ -3796,7 +3796,65 @@
static NTSTATUS ldapsam_delete_trust_passwd(struct pdb_methods *methods, const
SAM_TRUST_PASSWD *trust)
{
- NTSTATUS nt_status = NT_STATUS_NOT_IMPLEMENTED;
+ struct ldapsam_privates *ldap_state = (struct ldapsam_privates
*)methods->private_data;
+ NTSTATUS nt_status;
+ const char *dom_name;
+ char **attr_list, *dn = NULL;
+ LDAPMessage *res = NULL;
+ int rc, count;
+
+ if (!trust) {
+ DEBUG(0, ("trust was NULL!\n"));
+ return NT_STATUS_INVALID_PARAMETER;
+ }
+
+ dom_name = pdb_get_tp_domain_name_c(trust);
+ if (!dom_name) {
+ DEBUG(0, ("Couldn't get char-converted domain name\n"));
+ return NT_STATUS_UNSUCCESSFUL;
+ }
+
+ attr_list = get_attr_list(trustpw_attr_list);
+
+ /* Checking if such trust password already exists in the directory
+ - search and count the results */
+ rc = ldapsam_search_trustpw_by_name(ldap_state, dom_name, &res, attr_list);
+ if (rc != LDAP_SUCCESS) {
+ free_attr_list(attr_list);
+ return NT_STATUS_UNSUCCESSFUL;
+ }
+
+ /* Counting the actual number of entries returned (we need only one) */
+ count = ldap_count_entries(ldap_state->smbldap_state->ldap_struct, res);
+ if (count < 1) {
+ DEBUG(0, ("Trust password (%s) does not exist in the directory!\n",
dom_name));
+ return NT_STATUS_UNSUCCESSFUL;
+
+ } else if (count > 1) {
+ DEBUG(0, ("Multiple entries found for trust password [%s]!\n",
dom_name));
+ return NT_STATUS_UNSUCCESSFUL;
+
+ } else
+ DEBUG(3, ("Trust password (%s) found in the directory\n", dom_name));
+
+ /* Getting distinguished name of the ldap entry */
+ dn = smbldap_get_dn(ldap_state->smbldap_state->ldap_struct, res);
+ if (!dn) {
+ return NT_STATUS_UNSUCCESSFUL;
+ }
+
+ /* Time to delete ... */
+ rc = smbldap_delete(ldap_state->smbldap_state, dn);
+ if (rc != LDAP_SUCCESS) {
+ char *ldap_err = NULL;
+ ldap_get_option(ldap_state->smbldap_state->ldap_struct,
LDAP_OPT_ERROR_STRING,
+ &ldap_err);
+ DEBUG(1, ("Failed to delete trustpw dn= %s with %s\n\t%s\n", dn,
+ ldap_err2string(rc), ldap_err ? ldap_err : "unknown"));
+ SAFE_FREE(ldap_err);
+ return NT_STATUS_UNSUCCESSFUL;
+ }
+
return nt_status;
}
