r9015: Fix access to BUILTIN again.
authorAndrew Bartlett <abartlet@samba.org>
Wed, 3 Aug 2005 19:58:58 +0000 (19:58 +0000)
committerGerald (Jerry) Carter <jerry@samba.org>
Wed, 10 Oct 2007 18:31:08 +0000 (13:31 -0500)
Andrew Bartlett
(This used to be commit 2beb694226429319ff3799adbd7be50af99df02c)

source4/rpc_server/samr/dcesrv_samr.c

index 57da9b79b24f8b5f86d77e3baacba1ce97e4c014..1e47199d20ed0872024b49daa42e65a5e2d9aba5 100644 (file)
@@ -271,14 +271,14 @@ static NTSTATUS samr_EnumDomains(struct dcesrv_call_state *dce_call, TALLOC_CTX
                int ret;
                array->entries[i].idx = start_i + i;
                /* try and find the domain */
-               ret = gendb_search(c_state->sam_ctx, mem_ctx, NULL, &ref_msgs, ref_attrs, 
+               ret = gendb_search(c_state->sam_ctx, mem_ctx, NULL, 
+                                  &ref_msgs, ref_attrs, 
                                   "(&(objectClass=crossRef)(ncName=%s))", 
-                                  dom_msgs[0]->dn);
+                                  dom_msgs[i]->dn);
                if (ret == 1) {
                        array->entries[i].name.string = samdb_result_string(ref_msgs[0], "nETBIOSName", NULL);
                } else {
-                       /* Builtin? If we can't find the reference, punt */
-                       array->entries[i].name.string = samdb_result_string(dom_msgs[0], "cn", NULL);
+                       array->entries[i].name.string = samdb_result_string(dom_msgs[i], "cn", NULL);
                }
        }
 
@@ -300,7 +300,7 @@ static NTSTATUS samr_OpenDomain(struct dcesrv_call_state *dce_call, TALLOC_CTX *
        const char *domain_name;
        struct samr_connect_state *c_state;
        struct samr_domain_state *d_state;
-       const char * const dom_attrs[] = { NULL};
+       const char * const dom_attrs[] = { "cn", NULL};
        const char * const ref_attrs[] = { "nETBIOSName", NULL};
        struct ldb_message **dom_msgs;
        struct ldb_message **ref_msgs;
@@ -318,23 +318,36 @@ static NTSTATUS samr_OpenDomain(struct dcesrv_call_state *dce_call, TALLOC_CTX *
 
        ret = gendb_search(c_state->sam_ctx,
                           mem_ctx, NULL, &dom_msgs, dom_attrs,
-                          "(&(objectSid=%s)(objectclass=domain))", 
+                          "(&(objectSid=%s)(&(objectclass=domain)(!(objectClass=builtinDomain))))",
                           ldap_encode_ndr_dom_sid(mem_ctx, r->in.sid));
-       if (ret != 1) {
-               return NT_STATUS_NO_SUCH_DOMAIN;
-       }
-
-       ret = gendb_search(c_state->sam_ctx,
-                          mem_ctx, NULL, &ref_msgs, ref_attrs,
-                          "(&(&(nETBIOSName=*)(objectclass=crossRef))(ncName=%s))", 
-                          dom_msgs[0]->dn);
-       if (ret != 1) {
-               return NT_STATUS_NO_SUCH_DOMAIN;
-       }
+       if (ret == -1) {
+               return NT_STATUS_INTERNAL_DB_CORRUPTION;
+       } else if (ret == 0) {
+               ret = gendb_search(c_state->sam_ctx,
+                                  mem_ctx, NULL, &dom_msgs, dom_attrs,
+                                  "(&(objectSid=%s)(objectClass=builtinDomain))", 
+                                  ldap_encode_ndr_dom_sid(mem_ctx, r->in.sid));
+               if (ret != 1) {
+                       return NT_STATUS_NO_SUCH_DOMAIN;
+               }
 
-       domain_name = ldb_msg_find_string(ref_msgs[0], "nETBIOSName", NULL);
-       if (domain_name == NULL) {
-               return NT_STATUS_NO_SUCH_DOMAIN;
+               domain_name = ldb_msg_find_string(dom_msgs[0], "cn", NULL);
+               if (domain_name == NULL) {
+                       return NT_STATUS_NO_SUCH_DOMAIN;
+               }
+       } else {
+               ret = gendb_search(c_state->sam_ctx,
+                                  mem_ctx, NULL, &ref_msgs, ref_attrs,
+                                  "(&(&(nETBIOSName=*)(objectclass=crossRef))(ncName=%s))", 
+                                  dom_msgs[0]->dn);
+               if (ret != 1) {
+                       return NT_STATUS_NO_SUCH_DOMAIN;
+               }
+               
+               domain_name = ldb_msg_find_string(ref_msgs[0], "nETBIOSName", NULL);
+               if (domain_name == NULL) {
+                       return NT_STATUS_NO_SUCH_DOMAIN;
+               }
        }
 
        d_state = talloc(c_state, struct samr_domain_state);
@@ -406,10 +419,8 @@ static NTSTATUS samr_info_DomInfo2(struct samr_domain_state *state, TALLOC_CTX *
                                   struct samr_DomInfo2 *info)
 {
        const char * const dom_attrs[] = { "comment", NULL };
-       const char * const ref_attrs[] = { "nETBIOSName", NULL };
        int ret;
        struct ldb_message **dom_msgs;
-       struct ldb_message **ref_msgs;
        const char *domain_name;
        
        ret = gendb_search_dn(state->sam_ctx, mem_ctx,
@@ -418,15 +429,7 @@ static NTSTATUS samr_info_DomInfo2(struct samr_domain_state *state, TALLOC_CTX *
                return NT_STATUS_INTERNAL_DB_CORRUPTION;
        }
 
-       ret = gendb_search(state->sam_ctx,
-                          mem_ctx, NULL, &ref_msgs, ref_attrs,
-                          "(&(&(nETBIOSName=*)(objectclass=crossRef))(ncName=%s))", 
-                          dom_msgs[0]->dn);
-       if (ret != 1) {
-               return NT_STATUS_NO_SUCH_DOMAIN;
-       }
-
-       domain_name = ldb_msg_find_string(ref_msgs[0], "nETBIOSName", NULL);
+       domain_name = state->domain_name;
        /* where is this supposed to come from? is it settable? */
        info->force_logoff_time = 0x8000000000000000LL;