2 Unix SMB/CIFS implementation.
4 implement the DRSUpdateRefs call
6 Copyright (C) Andrew Tridgell 2009
8 This program is free software; you can redistribute it and/or modify
9 it under the terms of the GNU General Public License as published by
10 the Free Software Foundation; either version 3 of the License, or
11 (at your option) any later version.
13 This program is distributed in the hope that it will be useful,
14 but WITHOUT ANY WARRANTY; without even the implied warranty of
15 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
16 GNU General Public License for more details.
18 You should have received a copy of the GNU General Public License
19 along with this program. If not, see <http://www.gnu.org/licenses/>.
23 #include "librpc/gen_ndr/ndr_drsuapi.h"
24 #include "rpc_server/dcerpc_server.h"
25 #include "rpc_server/common/common.h"
26 #include "rpc_server/drsuapi/dcesrv_drsuapi.h"
27 #include "dsdb/samdb/samdb.h"
28 #include "lib/ldb/include/ldb_errors.h"
29 #include "param/param.h"
30 #include "librpc/gen_ndr/ndr_drsblobs.h"
31 #include "auth/auth.h"
35 struct repsFromToBlob *r;
39 load the repsTo structure for a given partition GUID
41 static WERROR uref_loadreps(struct ldb_context *sam_ctx, TALLOC_CTX *mem_ctx, struct GUID *guid,
45 const char *attrs[] = { "repsTo", NULL };
46 struct ldb_result *res;
47 TALLOC_CTX *tmp_ctx = talloc_new(mem_ctx);
49 struct ldb_message_element *el;
51 if (dsdb_find_dn_by_guid(sam_ctx, tmp_ctx, GUID_string(tmp_ctx, guid), &dn) != LDB_SUCCESS) {
52 DEBUG(0,("drsuapi_addref: failed to find partition with GUID %s\n",
53 GUID_string(tmp_ctx, guid)));
55 return WERR_DS_DRA_BAD_NC;
58 /* TODO: possibly check in the rootDSE to see that this DN is
59 * one of our partition roots */
61 if (ldb_search(sam_ctx, tmp_ctx, &res, dn, LDB_SCOPE_BASE, attrs, NULL) != LDB_SUCCESS) {
62 DEBUG(0,("drsuapi_addref: failed to read partition object\n"));
64 return WERR_DS_DRA_INTERNAL_ERROR;
69 el = ldb_msg_find_element(res->msgs[0], "repsTo");
75 reps->count = el->num_values;
76 reps->r = talloc_array(mem_ctx, struct repsFromToBlob, reps->count);
77 if (reps->r == NULL) {
79 return WERR_DS_DRA_INTERNAL_ERROR;
82 for (i=0; i<reps->count; i++) {
83 enum ndr_err_code ndr_err;
84 ndr_err = ndr_pull_struct_blob(&el->values[i],
85 mem_ctx, lp_iconv_convenience(ldb_get_opaque(sam_ctx, "loadparm")),
87 (ndr_pull_flags_fn_t)ndr_pull_repsFromToBlob);
88 if (!NDR_ERR_CODE_IS_SUCCESS(ndr_err)) {
90 return WERR_DS_DRA_INTERNAL_ERROR;
100 save the repsTo structure for a given partition GUID
102 static WERROR uref_savereps(struct ldb_context *sam_ctx, TALLOC_CTX *mem_ctx, struct GUID *guid,
106 TALLOC_CTX *tmp_ctx = talloc_new(mem_ctx);
107 struct ldb_message *msg;
108 struct ldb_message_element *el;
111 if (dsdb_find_dn_by_guid(sam_ctx, tmp_ctx, GUID_string(tmp_ctx, guid), &dn) != LDB_SUCCESS) {
112 DEBUG(0,("drsuapi_addref: failed to find partition with GUID %s\n",
113 GUID_string(tmp_ctx, guid)));
114 talloc_free(tmp_ctx);
115 return WERR_DS_DRA_BAD_NC;
118 msg = ldb_msg_new(tmp_ctx);
120 if (ldb_msg_add_empty(msg, "repsTo", LDB_FLAG_MOD_REPLACE, &el) != LDB_SUCCESS) {
124 el->values = talloc_array(msg, struct ldb_val, reps->count);
129 for (i=0; i<reps->count; i++) {
131 enum ndr_err_code ndr_err;
133 ndr_err = ndr_push_struct_blob(&v, tmp_ctx, lp_iconv_convenience(ldb_get_opaque(sam_ctx, "loadparm")),
135 (ndr_push_flags_fn_t)ndr_push_repsFromToBlob);
136 if (!NDR_ERR_CODE_IS_SUCCESS(ndr_err)) {
144 if (ldb_modify(sam_ctx, msg) != LDB_SUCCESS) {
145 DEBUG(0,("Failed to store repsTo - %s\n", ldb_errstring(sam_ctx)));
149 talloc_free(tmp_ctx);
154 talloc_free(tmp_ctx);
155 return WERR_DS_DRA_INTERNAL_ERROR;
159 add a replication destination for a given partition GUID
161 static WERROR uref_add_dest(struct ldb_context *sam_ctx, TALLOC_CTX *mem_ctx,
162 struct GUID *guid, struct repsFromTo1 *dest)
167 werr = uref_loadreps(sam_ctx, mem_ctx, guid, &reps);
168 if (!W_ERROR_IS_OK(werr)) {
172 reps.r = talloc_realloc(mem_ctx, reps.r, struct repsFromToBlob, reps.count+1);
173 if (reps.r == NULL) {
174 return WERR_DS_DRA_INTERNAL_ERROR;
176 ZERO_STRUCT(reps.r[reps.count]);
177 reps.r[reps.count].version = 1;
178 reps.r[reps.count].ctr.ctr1 = *dest;
181 werr = uref_savereps(sam_ctx, mem_ctx, guid, &reps);
182 if (!W_ERROR_IS_OK(werr)) {
190 delete a replication destination for a given partition GUID
192 static WERROR uref_del_dest(struct ldb_context *sam_ctx, TALLOC_CTX *mem_ctx,
193 struct GUID *guid, struct GUID *dest_guid)
199 werr = uref_loadreps(sam_ctx, mem_ctx, guid, &reps);
200 if (!W_ERROR_IS_OK(werr)) {
204 for (i=0; i<reps.count; i++) {
205 if (GUID_compare(dest_guid, &reps.r[i].ctr.ctr1.source_dsa_obj_guid) == 0) {
206 if (i+1 < reps.count) {
207 memmove(&reps.r[i], &reps.r[i+1], sizeof(reps.r[i])*(reps.count-(i+1)));
213 werr = uref_savereps(sam_ctx, mem_ctx, guid, &reps);
214 if (!W_ERROR_IS_OK(werr)) {
222 drsuapi_DsReplicaUpdateRefs
224 WERROR dcesrv_drsuapi_DsReplicaUpdateRefs(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
225 struct drsuapi_DsReplicaUpdateRefs *r)
227 struct drsuapi_DsReplicaUpdateRefsRequest1 *req;
228 struct ldb_context *sam_ctx;
231 if (r->in.level != 1) {
232 DEBUG(0,("DrReplicUpdateRefs - unsupported level %u\n", r->in.level));
233 return WERR_DS_DRA_INVALID_PARAMETER;
236 req = &r->in.req.req1;
237 DEBUG(4,("DrReplicUpdateRefs for host '%s' with GUID %s options 0x%08x nc=%s\n",
238 req->dest_dsa_dns_name, GUID_string(mem_ctx, &req->dest_dsa_guid),
240 drs_ObjectIdentifier_to_string(mem_ctx, req->naming_context)));
242 /* TODO: We need to authenticate this operation pretty carefully */
243 sam_ctx = samdb_connect(mem_ctx, dce_call->event_ctx, dce_call->conn->dce_ctx->lp_ctx,
244 system_session(mem_ctx, dce_call->conn->dce_ctx->lp_ctx));
246 return WERR_DS_DRA_INTERNAL_ERROR;
249 if (ldb_transaction_start(sam_ctx) != LDB_SUCCESS) {
250 DEBUG(0,(__location__ ": Failed to start transaction on samdb\n"));
251 return WERR_DS_DRA_INTERNAL_ERROR;
254 if (req->options & DRSUAPI_DS_REPLICA_UPDATE_DELETE_REFERENCE) {
255 werr = uref_del_dest(sam_ctx, mem_ctx, &req->naming_context->guid, &req->dest_dsa_guid);
256 if (!W_ERROR_IS_OK(werr)) {
257 DEBUG(0,("Failed to delete repsTo for %s\n",
258 GUID_string(dce_call, &req->dest_dsa_guid)));
263 if (req->options & DRSUAPI_DS_REPLICA_UPDATE_ADD_REFERENCE) {
264 struct repsFromTo1 dest;
265 struct repsFromTo1OtherInfo oi;
270 oi.dns_name = req->dest_dsa_dns_name;
271 dest.other_info = &oi;
272 dest.source_dsa_obj_guid = req->dest_dsa_guid;
273 dest.replica_flags = req->options;
275 werr = uref_add_dest(sam_ctx, mem_ctx, &req->naming_context->guid, &dest);
276 if (!W_ERROR_IS_OK(werr)) {
277 DEBUG(0,("Failed to delete repsTo for %s\n",
278 GUID_string(dce_call, &dest.source_dsa_obj_guid)));
283 if (ldb_transaction_commit(sam_ctx) != LDB_SUCCESS) {
284 DEBUG(0,(__location__ ": Failed to commit transaction on samdb\n"));
285 return WERR_DS_DRA_INTERNAL_ERROR;
288 talloc_free(sam_ctx);
292 ldb_transaction_cancel(sam_ctx);
293 talloc_free(sam_ctx);