s3-libnet_join: return account rid in libnet_JoinCtx

Guenther

Signed-off-by: Guenther Deschner <gd@samba.org>
Reviewed-by: Alexander Bokovoy <ab@samba.org>

diff --git a/source3/libads/ldap.c b/source3/libads/ldap.c
index f7f0ee432133e2f69d88374e008907592bc2f3d3..1bc271785e2a258021f37d2175e4407b42aeb1e8 100755 (executable)
--- a/source3/libads/ldap.c
+++ b/source3/libads/ldap.c
@@ -1463,6 +1463,7 @@ char *ads_parent_dn(const char *dn)
                "msDS-AdditionalDnsHostName",
                "msDS-SupportedEncryptionTypes",
                "nTSecurityDescriptor",
+               "objectSid",
 
                NULL
        };

diff --git a/source3/libnet/libnet_join.c b/source3/libnet/libnet_join.c
index 822edc12a75ae428e4eeae676bbfe3b009692012..553ab05b32c3c32c88f8ecd00155dcc48781c6c8 100644 (file)
--- a/source3/libnet/libnet_join.c
+++ b/source3/libnet/libnet_join.c
@@ -422,6 +422,7 @@ static ADS_STATUS libnet_join_find_machine_acct(TALLOC_CTX *mem_ctx,
        ADS_STATUS status;
        LDAPMessage *res = NULL;
        char *dn = NULL;
+       struct dom_sid sid;
 
        if (!r->in.machine_name) {
                return ADS_ERROR(LDAP_NO_MEMORY);
@@ -456,6 +457,12 @@ static ADS_STATUS libnet_join_find_machine_acct(TALLOC_CTX *mem_ctx,
                r->out.set_encryption_types = 0;
        }
 
+       if (!ads_pull_sid(r->in.ads, res, "objectSid", &sid)) {
+               status = ADS_ERROR_LDAP(LDAP_NO_MEMORY);
+               goto done;
+       }
+
+       dom_sid_split_rid(mem_ctx, &sid, NULL, &r->out.account_rid);
  done:
        ads_msgfree(r->in.ads, res);
        TALLOC_FREE(dn);
@@ -1333,7 +1340,6 @@ static NTSTATUS libnet_join_joindomain_rpc(TALLOC_CTX *mem_ctx,
        NTSTATUS status = NT_STATUS_UNSUCCESSFUL, result;
        char *acct_name;
        struct lsa_String lsa_acct_name;
-       uint32_t user_rid;
        uint32_t acct_flags = ACB_WSTRUST;
        struct samr_Ids user_rids;
        struct samr_Ids name_types;
@@ -1447,7 +1453,7 @@ static NTSTATUS libnet_join_joindomain_rpc(TALLOC_CTX *mem_ctx,
                                                 access_desired,
                                                 &user_pol,
                                                 &access_granted,
-                                                &user_rid,
+                                                &r->out.account_rid,
                                                 &result);
                if (!NT_STATUS_IS_OK(status)) {
                        goto done;
@@ -1517,14 +1523,14 @@ static NTSTATUS libnet_join_joindomain_rpc(TALLOC_CTX *mem_ctx,
                goto done;
        }
 
-       user_rid = user_rids.ids[0];
+       r->out.account_rid = user_rids.ids[0];
 
        /* Open handle on user */
 
        status = dcerpc_samr_OpenUser(b, mem_ctx,
                                      &domain_pol,
                                      SEC_FLAG_MAXIMUM_ALLOWED,
-                                     user_rid,
+                                     r->out.account_rid,
                                      &user_pol,
                                      &result);
        if (!NT_STATUS_IS_OK(status)) {

diff --git a/source3/librpc/idl/libnet_join.idl b/source3/librpc/idl/libnet_join.idl
index 018018b6dc28b5144855b8373dfd3a5b750892e8..2c49ec5b158c201f9219ecbe61745ca11518f203 100644 (file)
--- a/source3/librpc/idl/libnet_join.idl
+++ b/source3/librpc/idl/libnet_join.idl
@@ -58,7 +58,8 @@ interface libnetjoin
                [out] boolean8 domain_is_ad,
                [out] uint32 set_encryption_types,
                [out] string krb5_salt,
-               [out,unique] netr_DsRGetDCNameInfo *dcinfo
+               [out,unique] netr_DsRGetDCNameInfo *dcinfo,
+               [out] uint32 account_rid
                );
 
        [nopush,nopull,noopnum] WERROR libnet_UnjoinCtx(