s4-samr: Use dom_sid_split_rid() to get the RID in dcesrv_samr_EnumDomainUsers

Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Gary Lockyer <gary@catalyst.net.nz>

diff --git a/source4/rpc_server/samr/dcesrv_samr.c b/source4/rpc_server/samr/dcesrv_samr.c
index 3a5b0146ba709882d6efb7187faa935ec991bd7b..53e2347fef602d9dcd810514c3749159b9cba10c 100644 (file)
--- a/source4/rpc_server/samr/dcesrv_samr.c
+++ b/source4/rpc_server/samr/dcesrv_samr.c
@@ -1623,10 +1623,12 @@ static NTSTATUS dcesrv_samr_EnumDomainUsers(struct dcesrv_call_state *dce_call,
                return NT_STATUS_NO_MEMORY;
        }
        for (i = 0; i < results; i++) {
-               struct dom_sid *sid;
+               struct dom_sid *objectsid;
+               uint32_t rid;
                struct ldb_result *rec;
                const uint32_t idx = *r->in.resume_handle + i;
                int ret;
+               NTSTATUS status;
                const char *name = NULL;
 
                resume_handle++;
@@ -1657,8 +1659,10 @@ static NTSTATUS dcesrv_samr_EnumDomainUsers(struct dcesrv_call_state *dce_call,
                        clear_guid_cache(cache);
                        return NT_STATUS_INTERNAL_DB_CORRUPTION;
                }
-               sid = samdb_result_dom_sid(mem_ctx, rec->msgs[0], "objectSID");
-               if (sid == NULL) {
+               objectsid = samdb_result_dom_sid(mem_ctx,
+                                                rec->msgs[0],
+                                                "objectSID");
+               if (objectsid == NULL) {
                        char *guid_str =
                            GUID_string(mem_ctx, &cache->entries[idx]);
                        DBG_WARNING("objectSID for GUID [%s] not found\n",
@@ -1670,8 +1674,26 @@ static NTSTATUS dcesrv_samr_EnumDomainUsers(struct dcesrv_call_state *dce_call,
                      r->in.acct_flags) == 0)) {
                        continue;
                }
-               entries[count].idx = samdb_result_rid_from_sid(
-                   mem_ctx, rec->msgs[0], "objectSid", 0);
+               status = dom_sid_split_rid(NULL,
+                                          objectsid,
+                                          NULL,
+                                          &rid);
+               if (!NT_STATUS_IS_OK(status)) {
+                       struct dom_sid_buf sid_buf;
+                       char *sid_str =
+                               dom_sid_str_buf(objectsid,
+                                               &sid_buf);
+                       struct GUID_txt_buf guid_buf;
+                       char *guid_str =
+                               GUID_buf_string(&cache->entries[idx],
+                                               &guid_buf);
+                       DBG_WARNING("objectSID [%s] for GUID [%s] invalid\n",
+                                   sid_str,
+                                   guid_str);
+                       continue;
+               }
+
+               entries[count].idx = rid;
                name = ldb_msg_find_attr_as_string(
                    rec->msgs[0], "sAMAccountName", "");
                entries[count].name.string = talloc_strdup(entries, name);