struct pdb_samba_dsdb_state *state = talloc_get_type_abort(
m->private_data, struct pdb_samba_dsdb_state);
struct ldb_message *msg;
- char *sidstr, *filter;
+ struct dom_sid_buf sidstr;
+ char *filter;
NTSTATUS status;
msg = (struct ldb_message *)
return talloc_get_type_abort(msg, struct ldb_message);
}
- sidstr = dom_sid_string(talloc_tos(), pdb_get_user_sid(sam));
- if (sidstr == NULL) {
- return NULL;
- }
-
filter = talloc_asprintf(
- talloc_tos(), "(&(objectsid=%s)(objectclass=user))", sidstr);
- TALLOC_FREE(sidstr);
+ talloc_tos(),
+ "(&(objectsid=%s)(objectclass=user))",
+ dom_sid_str_buf(pdb_get_user_sid(sam), &sidstr));
if (filter == NULL) {
return NULL;
}
NTSTATUS status;
struct pdb_samba_dsdb_state *state = talloc_get_type_abort(
m->private_data, struct pdb_samba_dsdb_state);
- char *sidstr;
-
- sidstr = dom_sid_string(talloc_tos(), sid);
- NT_STATUS_HAVE_NO_MEMORY(sidstr);
+ struct dom_sid_buf buf;
status = pdb_samba_dsdb_getsampwfilter(m, state, sam_acct,
"(&(objectsid=%s)(objectclass=user))",
- sidstr);
- talloc_free(sidstr);
+ dom_sid_str_buf(sid, &buf));
return status;
}
m->private_data, struct pdb_samba_dsdb_state);
struct ldb_dn *dn;
int rc;
+ struct dom_sid_buf buf;
TALLOC_CTX *tmp_ctx = talloc_new(mem_ctx);
NT_STATUS_HAVE_NO_MEMORY(tmp_ctx);
- dn = ldb_dn_new_fmt(tmp_ctx, state->ldb, "<SID=%s>", dom_sid_string(tmp_ctx, pdb_get_user_sid(sam)));
+ dn = ldb_dn_new_fmt(
+ tmp_ctx,
+ state->ldb,
+ "<SID=%s>",
+ dom_sid_str_buf(pdb_get_user_sid(sam), &buf));
if (!dn || !ldb_dn_validate(dn)) {
talloc_free(tmp_ctx);
return NT_STATUS_NO_MEMORY;
/* This interface takes a fully populated struct samu and places it in
* the database. This is not implemented at this time as we need to
- * be careful around the creation of arbitary SIDs (ie, we must ensrue
+ * be careful around the creation of arbitrary SIDs (ie, we must ensure
* they are not left in a RID pool */
static NTSTATUS pdb_samba_dsdb_add_sam_account(struct pdb_methods *m,
struct samu *sampass)
return NT_STATUS_NOT_IMPLEMENTED;
}
-/* This is not implemented, as this module is exptected to be used
- * with auth_samba_dsdb, and this is responible for login counters etc
+/* This is not implemented, as this module is expected to be used
+ * with auth_samba_dsdb, and this is responsible for login counters etc
*
*/
static NTSTATUS pdb_samba_dsdb_update_login_attempts(struct pdb_methods *m,
{
char *filter;
NTSTATUS status;
+ struct dom_sid_buf buf;
filter = talloc_asprintf(talloc_tos(),
"(&(objectsid=%s)(objectclass=group))",
- sid_string_talloc(talloc_tos(), &sid));
+ dom_sid_str_buf(&sid, &buf));
if (filter == NULL) {
return NT_STATUS_NO_MEMORY;
}
struct ldb_message *msg;
struct ldb_dn *dn;
int rc;
+ struct dom_sid_buf buf;
TALLOC_CTX *tmp_ctx = talloc_new(mem_ctx);
NT_STATUS_HAVE_NO_MEMORY(tmp_ctx);
return NT_STATUS_INTERNAL_ERROR;
}
- dn = ldb_dn_new_fmt(tmp_ctx, state->ldb, "<SID=%s>", dom_sid_string(tmp_ctx, &sid));
+ dn = ldb_dn_new_fmt(
+ tmp_ctx,
+ state->ldb,
+ "<SID=%s>",
+ dom_sid_str_buf(&sid, &buf));
if (!dn || !ldb_dn_validate(dn)) {
talloc_free(tmp_ctx);
ldb_transaction_cancel(state->ldb);
talloc_free(tmp_ctx);
ldb_transaction_cancel(state->ldb);
return NT_STATUS_NO_SUCH_GROUP;
+ } else if (rc != LDB_SUCCESS) {
+ talloc_free(tmp_ctx);
+ DEBUG(10, ("dsdb_search_one failed %s\n",
+ ldb_errstring(state->ldb)));
+ ldb_transaction_cancel(state->ldb);
+ return NT_STATUS_LDAP(rc);
}
rc = ldb_delete(state->ldb, dn);
if (rc == LDB_ERR_NO_SUCH_OBJECT) {
uint32_t *members;
struct ldb_dn *dn;
NTSTATUS status;
+ struct dom_sid_buf buf;
TALLOC_CTX *tmp_ctx = talloc_new(mem_ctx);
NT_STATUS_HAVE_NO_MEMORY(tmp_ctx);
- dn = ldb_dn_new_fmt(tmp_ctx, state->ldb, "<SID=%s>", dom_sid_string(tmp_ctx, group));
+ dn = ldb_dn_new_fmt(
+ tmp_ctx,
+ state->ldb,
+ "<SID=%s>",
+ dom_sid_str_buf(group, &buf));
if (!dn || !ldb_dn_validate(dn)) {
return NT_STATUS_NO_MEMORY;
}
if (id_map.xid.type == ID_TYPE_GID || id_map.xid.type == ID_TYPE_BOTH) {
gids[0] = id_map.xid.id;
} else {
+ struct dom_sid_buf buf1, buf2;
DEBUG(1, (__location__
"Group %s, of which %s is a member, could not be converted to a GID\n",
- dom_sid_string(tmp_ctx, &group_sids[0]),
- dom_sid_string(tmp_ctx, &user->user_sid)));
+ dom_sid_str_buf(&group_sids[0], &buf1),
+ dom_sid_str_buf(&user->user_sid, &buf2)));
talloc_free(tmp_ctx);
/* We must error out, otherwise a user might
* avoid a DENY acl based on a group they
if (id_map.xid.type == ID_TYPE_GID || id_map.xid.type == ID_TYPE_BOTH) {
gids[num_groups] = id_map.xid.id;
} else {
+ struct dom_sid_buf buf;
DEBUG(1, (__location__
"Group %s, of which %s is a member, could not be converted to a GID\n",
- dom_sid_string(tmp_ctx, &group_sids[num_groups]),
+ dom_sid_str_buf(&group_sids[num_groups],
+ &buf),
ldb_dn_get_linearized(msg->dn)));
talloc_free(tmp_ctx);
/* We must error out, otherwise a user might
struct ldb_message *msg;
int ret;
struct ldb_message_element *el;
+ struct dom_sid_buf buf;
TALLOC_CTX *tmp_ctx = talloc_new(mem_ctx);
NT_STATUS_HAVE_NO_MEMORY(tmp_ctx);
msg = ldb_msg_new(tmp_ctx);
return NT_STATUS_NO_MEMORY;
}
- msg->dn = ldb_dn_new_fmt(msg, state->ldb, "<SID=%s>", dom_sid_string(tmp_ctx, groupsid));
+ msg->dn = ldb_dn_new_fmt(
+ msg,
+ state->ldb,
+ "<SID=%s>",
+ dom_sid_str_buf(groupsid, &buf));
if (!msg->dn || !ldb_dn_validate(msg->dn)) {
talloc_free(tmp_ctx);
return NT_STATUS_NO_MEMORY;
}
- ret = ldb_msg_add_fmt(msg, "member", "<SID=%s>", dom_sid_string(tmp_ctx, membersid));
+ ret = ldb_msg_add_fmt(
+ msg,
+ "member",
+ "<SID=%s>",
+ dom_sid_str_buf(membersid, &buf));
if (ret != LDB_SUCCESS) {
talloc_free(tmp_ctx);
return NT_STATUS_NO_MEMORY;
struct ldb_message *msg;
struct ldb_dn *dn;
int rc;
+ struct dom_sid_buf buf;
TALLOC_CTX *tmp_ctx = talloc_stackframe();
NT_STATUS_HAVE_NO_MEMORY(tmp_ctx);
- dn = ldb_dn_new_fmt(tmp_ctx, state->ldb, "<SID=%s>", dom_sid_string(tmp_ctx, sid));
+ dn = ldb_dn_new_fmt(
+ tmp_ctx,
+ state->ldb,
+ "<SID=%s>",
+ dom_sid_str_buf(sid, &buf));
if (!dn || !ldb_dn_validate(dn)) {
talloc_free(tmp_ctx);
return NT_STATUS_NO_MEMORY;
talloc_free(tmp_ctx);
ldb_transaction_cancel(state->ldb);
return NT_STATUS_NO_SUCH_ALIAS;
+ } else if (rc != LDB_SUCCESS) {
+ talloc_free(tmp_ctx);
+ DEBUG(10, ("dsdb_search_one failed %s\n",
+ ldb_errstring(state->ldb)));
+ ldb_transaction_cancel(state->ldb);
+ return NT_STATUS_LDAP(rc);
}
rc = ldb_delete(state->ldb, dn);
if (rc == LDB_ERR_NO_SUCH_OBJECT) {
return NT_STATUS_OK;
}
-#if 0
-static NTSTATUS pdb_samba_dsdb_set_aliasinfo(struct pdb_methods *m,
- const struct dom_sid *sid,
- struct acct_info *info)
-{
- struct pdb_samba_dsdb_state *state = talloc_get_type_abort(
- m->private_data, struct pdb_samba_dsdb_state);
- struct tldap_context *ld;
- const char *attrs[3] = { "objectSid", "description",
- "samAccountName" };
- struct ldb_message **msg;
- char *sidstr, *dn;
- int rc;
- struct tldap_mod *mods;
- int num_mods;
- bool ok;
-
- ld = pdb_samba_dsdb_ld(state);
- if (ld == NULL) {
- return NT_STATUS_LDAP(TLDAP_SERVER_DOWN);
- }
-
- sidstr = sid_binstring(talloc_tos(), sid);
- NT_STATUS_HAVE_NO_MEMORY(sidstr);
-
- rc = pdb_samba_dsdb_search_fmt(state, state->domaindn, TLDAP_SCOPE_SUB,
- attrs, ARRAY_SIZE(attrs), 0, talloc_tos(),
- &msg, "(&(objectSid=%s)(objectclass=group)"
- "(|(grouptype=%d)(grouptype=%d)))",
- sidstr, GTYPE_SECURITY_BUILTIN_LOCAL_GROUP,
- GTYPE_SECURITY_DOMAIN_LOCAL_GROUP);
- TALLOC_FREE(sidstr)
- if (rc != LDB_SUCCESS) {
- DEBUG(10, ("ldap_search failed %s\n",
- ldb_errstring(state->ldb)));
- return NT_STATUS_LDAP(rc);
- }
- switch talloc_array_length(msg) {
- case 0:
- return NT_STATUS_NO_SUCH_ALIAS;
- case 1:
- break;
- default:
- return NT_STATUS_INTERNAL_DB_CORRUPTION;
- }
-
- if (!tldap_entry_dn(msg[0], &dn)) {
- TALLOC_FREE(msg);
- return NT_STATUS_INTERNAL_DB_CORRUPTION;
- }
-
- mods = NULL;
- num_mods = 0;
- ok = true;
-
- ok &= tldap_make_mod_fmt(
- msg[0], msg, &num_mods, &mods, "description",
- "%s", info->acct_desc);
- ok &= tldap_make_mod_fmt(
- msg[0], msg, &num_mods, &mods, "samAccountName",
- "%s", info->acct_name);
- if (!ok) {
- TALLOC_FREE(msg);
- return NT_STATUS_NO_MEMORY;
- }
- if (num_mods == 0) {
- /* no change */
- TALLOC_FREE(msg);
- return NT_STATUS_OK;
- }
-
- rc = tldap_modify(ld, dn, num_mods, mods, NULL, 0, NULL, 0);
- TALLOC_FREE(msg);
- if (rc != LDB_SUCCESS) {
- DEBUG(10, ("ldap_modify failed: %s\n",
- ldb_errstring(state->ldb)));
- return NT_STATUS_LDAP(rc);
- }
- return NT_STATUS_OK;
-}
-#endif
static NTSTATUS pdb_samba_dsdb_add_aliasmem(struct pdb_methods *m,
const struct dom_sid *alias,
const struct dom_sid *member)
struct ldb_dn *dn;
unsigned int num_members;
NTSTATUS status;
+ struct dom_sid_buf buf;
TALLOC_CTX *tmp_ctx = talloc_new(mem_ctx);
NT_STATUS_HAVE_NO_MEMORY(tmp_ctx);
- dn = ldb_dn_new_fmt(tmp_ctx, state->ldb, "<SID=%s>", dom_sid_string(tmp_ctx, alias));
+ dn = ldb_dn_new_fmt(
+ tmp_ctx,
+ state->ldb,
+ "<SID=%s>",
+ dom_sid_str_buf(alias, &buf));
if (!dn || !ldb_dn_validate(dn)) {
return NT_STATUS_NO_MEMORY;
}
status = dsdb_enum_group_mem(state->ldb, mem_ctx, dn, pmembers, &num_members);
- *pnum_members = num_members;
if (NT_STATUS_IS_OK(status)) {
- talloc_steal(mem_ctx, pmembers);
+ *pnum_members = num_members;
}
talloc_free(tmp_ctx);
return status;
uint32_t *alias_rids = NULL;
size_t num_alias_rids = 0;
int i;
- struct dom_sid *groupSIDs = NULL;
- unsigned int num_groupSIDs = 0;
+ struct auth_SidAttr *groupSIDs = NULL;
+ uint32_t num_groupSIDs = 0;
char *filter;
NTSTATUS status;
- const char *sid_string;
const char *sid_dn;
DATA_BLOB sid_blob;
* either the SAM or BUILTIN
*/
- filter = talloc_asprintf(tmp_ctx, "(&(objectClass=group)(groupType:1.2.840.113556.1.4.803:=%u))",
+ filter = talloc_asprintf(tmp_ctx, "(&(objectClass=group)(groupType:"LDB_OID_COMPARATOR_AND":=%u))",
GROUP_TYPE_BUILTIN_LOCAL_GROUP);
if (filter == NULL) {
return NT_STATUS_NO_MEMORY;
}
for (i = 0; i < num_members; i++) {
- sid_string = dom_sid_string(tmp_ctx, &members[i]);
- if (sid_string == NULL) {
- TALLOC_FREE(tmp_ctx);
- return NT_STATUS_NO_MEMORY;
- }
+ struct dom_sid_buf buf;
- sid_dn = talloc_asprintf(tmp_ctx, "<SID=%s>", sid_string);
+ sid_dn = talloc_asprintf(
+ tmp_ctx,
+ "<SID=%s>",
+ dom_sid_str_buf(&members[i], &buf));
if (sid_dn == NULL) {
TALLOC_FREE(tmp_ctx);
return NT_STATUS_NO_MEMORY;
}
for (i=0; i<num_groupSIDs; i++) {
- if (sid_peek_check_rid(domain_sid, &groupSIDs[i],
+ if (sid_peek_check_rid(domain_sid, &groupSIDs[i].sid,
&alias_rids[num_alias_rids])) {
num_alias_rids++;;
}
static uint32_t pdb_samba_dsdb_capabilities(struct pdb_methods *m)
{
- return PDB_CAP_STORE_RIDS | PDB_CAP_ADS;
+ return PDB_CAP_STORE_RIDS | PDB_CAP_ADS | PDB_CAP_TRUSTED_DOMAINS_EX;
}
static bool pdb_samba_dsdb_new_rid(struct pdb_methods *m, uint32_t *rid)
trust_direction_flags = ldb_msg_find_attr_as_int(msg, "trustDirection", 0);
if (!(trust_direction_flags & LSA_TRUST_DIRECTION_OUTBOUND)) {
- DEBUG(2, ("Trusted domain %s is is not an outbound trust.\n",
- domain));
+ DBG_WARNING("Trusted domain %s is not an outbound trust.\n",
+ domain);
TALLOC_FREE(tmp_ctx);
return false;
}
trust_type = ldb_msg_find_attr_as_int(msg, "trustType", 0);
if (trust_type == LSA_TRUST_TYPE_MIT) {
- DEBUG(1, ("Trusted domain %s is is not an AD trust "
- "(trustType == LSA_TRUST_TYPE_MIT).\n",
- domain));
+ DBG_WARNING("Trusted domain %s is not an AD trust "
+ "(trustType == LSA_TRUST_TYPE_MIT).\n", domain);
TALLOC_FREE(tmp_ctx);
return false;
}
(ndr_pull_flags_fn_t)ndr_pull_trustAuthInOutBlob);
if (!NDR_ERR_CODE_IS_SUCCESS(ndr_err)) {
DEBUG(0, ("Failed to get trusted domain password for %s, "
- "attribute trustAuthOutgoing coult not be parsed %s.\n",
+ "attribute trustAuthOutgoing could not be parsed %s.\n",
domain,
ndr_map_error2string(ndr_err)));
TALLOC_FREE(tmp_ctx);
trust_direction_flags = ldb_msg_find_attr_as_int(msg, "trustDirection", 0);
if (!(trust_direction_flags & LSA_TRUST_DIRECTION_OUTBOUND)) {
- DEBUG(2, ("Trusted domain %s is is not an outbound trust.\n",
- domain));
+ DBG_WARNING("Trusted domain %s is not an outbound trust.\n",
+ domain);
TALLOC_FREE(tmp_ctx);
return NT_STATUS_CANT_ACCESS_DOMAIN_INFO;
}
trust_type = ldb_msg_find_attr_as_int(msg, "trustType", 0);
if (trust_type == LSA_TRUST_TYPE_MIT) {
- DEBUG(1, ("Trusted domain %s is is not an AD trust "
- "(trustType == LSA_TRUST_TYPE_MIT).\n",
- domain));
+ DBG_WARNING("Trusted domain %s is not an AD trust "
+ "(trustType == LSA_TRUST_TYPE_MIT).\n", domain);
TALLOC_FREE(tmp_ctx);
return NT_STATUS_CANT_ACCESS_DOMAIN_INFO;
}
(ndr_pull_flags_fn_t)ndr_pull_trustAuthInOutBlob);
if (!NDR_ERR_CODE_IS_SUCCESS(ndr_err)) {
DEBUG(0, ("Failed to get trusted domain password for %s, "
- "attribute trustAuthOutgoing coult not be parsed %s.\n",
+ "attribute trustAuthOutgoing could not be parsed %s.\n",
domain,
ndr_map_error2string(ndr_err)));
TALLOC_FREE(tmp_ctx);
* Force kerberos if this is an active directory domain
*/
cli_credentials_set_kerberos_state(creds,
- CRED_MUST_USE_KERBEROS);
+ CRED_USE_KERBEROS_REQUIRED,
+ CRED_SPECIFIED);
} else {
/*
* TODO: we should allow krb5 with the raw nt hash.
*/
cli_credentials_set_kerberos_state(creds,
- CRED_DONT_USE_KERBEROS);
+ CRED_USE_KERBEROS_DISABLED,
+ CRED_SPECIFIED);
}
*_creds = talloc_move(mem_ctx, &creds);
struct ldb_message *msg = NULL;
int trust_direction_flags;
int trust_type;
- int i;
+ uint32_t i; /* The same type as old_blob.current.count */
const struct ldb_val *old_val = NULL;
struct trustAuthInOutBlob old_blob = {};
uint32_t old_version = 0;
trust_direction_flags = ldb_msg_find_attr_as_int(msg, "trustDirection", 0);
if (!(trust_direction_flags & LSA_TRUST_DIRECTION_OUTBOUND)) {
- DEBUG(2, ("Trusted domain %s is is not an outbound trust, can't set a password.\n",
- domain));
+ DBG_WARNING("Trusted domain %s is not an outbound trust, can't set a password.\n",
+ domain);
TALLOC_FREE(tmp_ctx);
ldb_transaction_cancel(state->ldb);
return false;
(ndr_pull_flags_fn_t)ndr_pull_trustAuthInOutBlob);
if (!NDR_ERR_CODE_IS_SUCCESS(ndr_err)) {
DEBUG(0, ("Failed to get trusted domain password for %s, "
- "attribute trustAuthOutgoing coult not be parsed %s.\n",
+ "attribute trustAuthOutgoing could not be parsed %s.\n",
domain,
ndr_map_error2string(ndr_err)));
TALLOC_FREE(tmp_ctx);
}
msg->num_elements = 0;
- ret = ldb_msg_add_empty(msg, "trustAuthOutgoing",
- LDB_FLAG_MOD_REPLACE, NULL);
+ ret = ldb_msg_append_value(msg, "trustAuthOutgoing",
+ &new_val, LDB_FLAG_MOD_REPLACE);
if (ret != LDB_SUCCESS) {
- DEBUG(0, ("ldb_msg_add_empty() failed\n"));
- TALLOC_FREE(tmp_ctx);
- ldb_transaction_cancel(state->ldb);
- return false;
- }
- ret = ldb_msg_add_value(msg, "trustAuthOutgoing",
- &new_val, NULL);
- if (ret != LDB_SUCCESS) {
- DEBUG(0, ("ldb_msg_add_value() failed\n"));
+ DEBUG(0, ("ldb_msg_append_value() failed\n"));
TALLOC_FREE(tmp_ctx);
ldb_transaction_cancel(state->ldb);
return false;
domains[di++] = d;
}
- talloc_realloc(domains, domains, struct trustdom_info *, di);
+ domains = talloc_realloc(domains, domains, struct trustdom_info *, di);
*_domains = talloc_move(mem_ctx, &domains);
*_num_domains = di;
TALLOC_FREE(tmp_ctx);
};
struct ldb_message *msg = NULL;
struct pdb_trusted_domain *d = NULL;
+ struct dom_sid_buf buf;
NTSTATUS status;
status = dsdb_trust_search_tdo_by_sid(state->ldb, sid,
attrs, tmp_ctx, &msg);
if (!NT_STATUS_IS_OK(status)) {
DBG_ERR("dsdb_trust_search_tdo_by_sid(%s) - %s ",
- dom_sid_string(tmp_ctx, sid), nt_errstr(status));
+ dom_sid_str_buf(sid, &buf),
+ nt_errstr(status));
TALLOC_FREE(tmp_ctx);
return status;
}
status = pdb_samba_dsdb_msg_to_trusted_domain(msg, mem_ctx, &d);
if (!NT_STATUS_IS_OK(status)) {
DBG_ERR("pdb_samba_dsdb_msg_to_trusted_domain(%s) - %s ",
- dom_sid_string(tmp_ctx, sid), nt_errstr(status));
+ dom_sid_str_buf(sid, &buf),
+ nt_errstr(status));
TALLOC_FREE(tmp_ctx);
return status;
}
};
char *netbios_encoded = NULL;
char *dns_encoded = NULL;
- struct dom_sid *tmp_sid1;
- struct dom_sid *tmp_sid2;
- uint32_t tmp_rid;
char *sid_encoded = NULL;
int ret;
struct trustAuthInOutBlob taiob;
* We expect S-1-5-21-A-B-C, but we don't
* allow S-1-5-21-0-0-0 as this is used
* for claims and compound identities.
- *
- * So we call dom_sid_split_rid() 3 times
- * and compare the result to S-1-5-21
*/
- status = dom_sid_split_rid(tmp_ctx,
- &td->security_identifier,
- &tmp_sid1, &tmp_rid);
- if (!NT_STATUS_IS_OK(status)) {
- goto out;
- }
- status = dom_sid_split_rid(tmp_ctx, tmp_sid1, &tmp_sid2, &tmp_rid);
- if (!NT_STATUS_IS_OK(status)) {
- goto out;
- }
- status = dom_sid_split_rid(tmp_ctx, tmp_sid2, &tmp_sid1, &tmp_rid);
- if (!NT_STATUS_IS_OK(status)) {
- goto out;
- }
- ok = dom_sid_parse("S-1-5-21", tmp_sid2);
- if (!ok) {
- status = NT_STATUS_INTERNAL_ERROR;
- goto out;
- }
- ok = dom_sid_equal(tmp_sid1, tmp_sid2);
- if (!ok) {
- status = NT_STATUS_INVALID_PARAMETER;
- goto out;
- }
- ok = dom_sid_parse("S-1-5-21-0-0-0", tmp_sid2);
- if (!ok) {
- return NT_STATUS_INTERNAL_ERROR;
- }
- ok = !dom_sid_equal(&td->security_identifier, tmp_sid2);
+ ok = dom_sid_is_valid_account_domain(&td->security_identifier);
if (!ok) {
status = NT_STATUS_INVALID_PARAMETER;
goto out;
domains[di++] = d;
}
- talloc_realloc(domains, domains, struct pdb_trusted_domain *, di);
+ domains = talloc_realloc(domains, domains, struct pdb_trusted_domain *,
+ di);
*_domains = talloc_move(mem_ctx, &domains);
*_num_domains = di;
TALLOC_FREE(tmp_ctx);
state->ev,
state->lp_ctx,
system_session(state->lp_ctx),
- 0, location,
- &state->ldb, &errstring);
+ 0,
+ location,
+ NULL,
+ &state->ldb,
+ &errstring);
if (!state->ldb) {
DEBUG(0, ("samdb_connect failed: %s: %s\n",