nt_status = auth_check_password(auth_context, mem_ctx, user_info, &server_info);
NT_STATUS_NOT_OK_RETURN(nt_status);
- nt_status = auth_convert_server_info_sambaseinfo(mem_ctx, server_info, &sam);
- NT_STATUS_NOT_OK_RETURN(nt_status);
+ switch (r->in.validation_level) {
+ case 2:
+ nt_status = auth_convert_server_info_sambaseinfo(mem_ctx, server_info, &sam);
+ NT_STATUS_NOT_OK_RETURN(nt_status);
+
+ sam2 = talloc_zero(mem_ctx, struct netr_SamInfo2);
+ NT_STATUS_HAVE_NO_MEMORY(sam2);
+ sam2->base = *sam;
+
+ /* And put into the talloc tree */
+ talloc_steal(sam2, sam);
+ r->out.validation->sam2 = sam2;
+
+ sam = &sam2->base;
+ break;
+
+ case 3:
+ nt_status = auth_convert_server_info_saminfo3(mem_ctx,
+ server_info,
+ &sam3);
+ NT_STATUS_NOT_OK_RETURN(nt_status);
+
+ r->out.validation->sam3 = sam3;
+
+ sam = &sam3->base;
+ break;
+
+ case 6:
+ nt_status = auth_convert_server_info_saminfo3(mem_ctx,
+ server_info,
+ &sam3);
+ NT_STATUS_NOT_OK_RETURN(nt_status);
+
+ sam6 = talloc_zero(mem_ctx, struct netr_SamInfo6);
+ NT_STATUS_HAVE_NO_MEMORY(sam6);
+ sam6->base = sam3->base;
+ sam = &sam6->base;
+ sam6->sidcount = sam3->sidcount;
+ sam6->sids = sam3->sids;
+
+ sam6->dns_domainname.string = lp_dnsdomain(dce_call->conn->dce_ctx->lp_ctx);
+ sam6->principle.string = talloc_asprintf(mem_ctx, "%s@%s",
+ sam->account_name.string, sam6->dns_domainname.string);
+ NT_STATUS_HAVE_NO_MEMORY(sam6->principle.string);
+ /* And put into the talloc tree */
+ talloc_steal(sam6, sam3);
+
+ r->out.validation->sam6 = sam6;
+ break;
+
+ default:
+ break;
+ }
/* Don't crypt an all-zero key, it would give away the NETLOGON pipe session key */
/* It appears that level 6 is not individually encrypted */
}
}
- switch (r->in.validation_level) {
- case 2:
- sam2 = talloc_zero(mem_ctx, struct netr_SamInfo2);
- NT_STATUS_HAVE_NO_MEMORY(sam2);
- sam2->base = *sam;
- r->out.validation->sam2 = sam2;
- break;
-
- case 3:
- sam3 = talloc_zero(mem_ctx, struct netr_SamInfo3);
- NT_STATUS_HAVE_NO_MEMORY(sam3);
- sam3->base = *sam;
- r->out.validation->sam3 = sam3;
- break;
-
- case 6:
- sam6 = talloc_zero(mem_ctx, struct netr_SamInfo6);
- NT_STATUS_HAVE_NO_MEMORY(sam6);
- sam6->base = *sam;
- sam6->forest.string = lp_dnsdomain(dce_call->conn->dce_ctx->lp_ctx);
- sam6->principle.string = talloc_asprintf(mem_ctx, "%s@%s",
- sam->account_name.string, sam6->forest.string);
- NT_STATUS_HAVE_NO_MEMORY(sam6->principle.string);
- r->out.validation->sam6 = sam6;
- break;
-
- default:
- break;
- }
-
*r->out.authoritative = 1;
/* TODO: Describe and deal with these flags */
/* MS-NRPC 3.5.4.3.9 - must be set to NULL for trust list */
info->dns_forestname.string = NULL;
} else {
- char *p;
- /* TODO: we need a common function for pulling the forest */
- info->dns_forestname.string = ldb_dn_canonical_string(info, ldb_get_root_basedn(sam_ctx));
- if (!info->dns_forestname.string) {
- return NT_STATUS_NO_SUCH_DOMAIN;
- }
- p = strchr(info->dns_forestname.string, '/');
- if (p) {
- *p = '\0';
- }
+ info->dns_forestname.string = samdb_forest_name(sam_ctx, mem_ctx);
+ NT_STATUS_HAVE_NO_MEMORY(info->dns_forestname.string);
info->dns_forestname.string = talloc_asprintf(mem_ctx, "%s.", info->dns_forestname.string);
-
+ NT_STATUS_HAVE_NO_MEMORY(info->dns_forestname.string);
}
if (is_local) {
* Check that the DNS hostname when it should be updated
* will be used only by maximum one host.
*/
- ret = gendb_search(sam_ctx, mem_ctx, samdb_base_dn(sam_ctx),
+ ret = gendb_search(sam_ctx, mem_ctx,
+ ldb_get_default_basedn(sam_ctx),
&res0, attrs3, "(dNSHostName=%s)",
r->in.query->workstation_info->dns_hostname);
if (ret < 0) {
primary domain is also a "trusted" domain, so we need to
put the primary domain into the lists of returned trusts as
well. */
- ret = gendb_search_dn(sam_ctx, mem_ctx, samdb_base_dn(sam_ctx),
+ ret = gendb_search_dn(sam_ctx, mem_ctx, ldb_get_default_basedn(sam_ctx),
&res2, attrs);
if (ret != 1) {
return NT_STATUS_INTERNAL_DB_CORRUPTION;
info->dc_address_type = DS_ADDRESS_TYPE_INET;
info->domain_guid = samdb_result_guid(res[0], "objectGUID");
info->domain_name = lp_dnsdomain(lp_ctx);
- info->forest_name = lp_dnsdomain(lp_ctx);
+ info->forest_name = samdb_forest_name(sam_ctx, mem_ctx);
+ W_ERROR_HAVE_NO_MEMORY(info->forest_name);
info->dc_flags = DS_DNS_FOREST_ROOT |
DS_DNS_DOMAIN |
DS_DNS_CONTROLLER |
W_ERROR_HAVE_NO_MEMORY(e);
e->flags = 0;
- e->level = LSA_FOREST_TRUST_TOP_LEVEL_NAME;
+ e->type = LSA_FOREST_TRUST_TOP_LEVEL_NAME;
e->time = 0; /* so far always 0 in trces. */
- e->forest_trust_data.top_level_name.string = lp_dnsdomain(lp_ctx);
+ e->forest_trust_data.top_level_name.string = samdb_forest_name(sam_ctx,
+ mem_ctx);
+ W_ERROR_HAVE_NO_MEMORY(e->forest_trust_data.top_level_name.string);
info->entries[0] = e;
/* TODO: check if disabled and set flags accordingly */
e->flags = 0;
- e->level = LSA_FOREST_TRUST_DOMAIN_INFO;
+ e->type = LSA_FOREST_TRUST_DOMAIN_INFO;
e->time = 0; /* so far always 0 in traces. */
domain_info = &e->forest_trust_data.domain_info;