s4:ldap-backend Fix LSA test failures with OpenLDAP backend - convert SIDs

The SIDs in some queries were not being passed as binary, but as
strings in comparison with the securityIdentifer object.  We need to
recognise that these are SIDs in the simple_ldap_map.

Andrew Bartlett

diff --git a/source4/dsdb/samdb/ldb_modules/simple_ldap_map.c b/source4/dsdb/samdb/ldb_modules/simple_ldap_map.c
index 592cd01b220cffb08609c812ecab782251ad9008..1bf72d9710738246c818e5de110f05d28e77b0d3 100644 (file)
--- a/source4/dsdb/samdb/ldb_modules/simple_ldap_map.c
+++ b/source4/dsdb/samdb/ldb_modules/simple_ldap_map.c
@@ -282,6 +282,18 @@ static const struct ldb_map_attribute entryuuid_attributes[] =
                        },
                },
        },
+       /* securityIdentifier */
+       {
+               .local_name = "securityIdentifier",
+               .type = LDB_MAP_CONVERT,
+               .u = {
+                       .convert = {
+                               .remote_name = "securityIdentifier",
+                               .convert_local = sid_always_binary,
+                               .convert_remote = val_copy,
+                       },
+               },
+       },
        {
                .local_name = "name",
                .type = LDB_MAP_RENAME,
@@ -492,6 +504,18 @@ static const struct ldb_map_attribute nsuniqueid_attributes[] =
                        }
                }
        },
+       /* securityIdentifier */
+       {
+               .local_name = "securityIdentifier",
+               .type = LDB_MAP_CONVERT,
+               .u = {
+                       .convert = {
+                               .remote_name = "securityIdentifier",
+                               .convert_local = sid_always_binary,
+                               .convert_remote = val_copy,
+                       },
+               },
+       },
        {
                .local_name = "whenCreated",
                .type = LDB_MAP_RENAME,