2 Unix SMB/CIFS mplementation.
4 The module that handles the Schema FSMO Role Owner
5 checkings, it also loads the dsdb_schema.
7 Copyright (C) Stefan Metzmacher <metze@samba.org> 2007
9 This program is free software; you can redistribute it and/or modify
10 it under the terms of the GNU General Public License as published by
11 the Free Software Foundation; either version 3 of the License, or
12 (at your option) any later version.
14 This program is distributed in the hope that it will be useful,
15 but WITHOUT ANY WARRANTY; without even the implied warranty of
16 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
17 GNU General Public License for more details.
19 You should have received a copy of the GNU General Public License
20 along with this program. If not, see <http://www.gnu.org/licenses/>.
25 #include "ldb_module.h"
26 #include "dsdb/samdb/samdb.h"
27 #include "librpc/gen_ndr/ndr_misc.h"
28 #include "librpc/gen_ndr/ndr_drsuapi.h"
29 #include "librpc/gen_ndr/ndr_drsblobs.h"
30 #include "param/param.h"
32 static int generate_objectClasses(struct ldb_context *ldb, struct ldb_message *msg,
33 const struct dsdb_schema *schema);
34 static int generate_attributeTypes(struct ldb_context *ldb, struct ldb_message *msg,
35 const struct dsdb_schema *schema);
36 static int generate_dITContentRules(struct ldb_context *ldb, struct ldb_message *msg,
37 const struct dsdb_schema *schema);
38 static int generate_extendedAttributeInfo(struct ldb_context *ldb, struct ldb_message *msg,
39 const struct dsdb_schema *schema);
40 static int generate_extendedClassInfo(struct ldb_context *ldb, struct ldb_message *msg,
41 const struct dsdb_schema *schema);
42 static int generate_possibleInferiors(struct ldb_context *ldb, struct ldb_message *msg,
43 const struct dsdb_schema *schema);
47 int (*fn)(struct ldb_context *, struct ldb_message *, const struct dsdb_schema *);
49 } generated_attrs[] = {
51 .attr = "objectClasses",
52 .fn = generate_objectClasses,
56 .attr = "attributeTypes",
57 .fn = generate_attributeTypes,
61 .attr = "dITContentRules",
62 .fn = generate_dITContentRules,
66 .attr = "extendedAttributeInfo",
67 .fn = generate_extendedAttributeInfo,
71 .attr = "extendedClassInfo",
72 .fn = generate_extendedClassInfo,
76 .attr = "possibleInferiors",
77 .fn = generate_possibleInferiors,
82 struct schema_fsmo_private_data {
83 struct ldb_dn *aggregate_dn;
86 struct schema_fsmo_search_data {
87 struct ldb_module *module;
88 struct ldb_request *req;
90 const struct dsdb_schema *schema;
93 static int schema_fsmo_init(struct ldb_module *module)
95 struct ldb_context *ldb;
97 struct ldb_dn *schema_dn;
98 struct dsdb_schema *schema;
99 char *error_string = NULL;
101 struct schema_fsmo_private_data *data;
103 ldb = ldb_module_get_ctx(module);
104 schema_dn = samdb_schema_dn(ldb);
106 ldb_reset_err_string(ldb);
107 ldb_debug(ldb, LDB_DEBUG_WARNING,
108 "schema_fsmo_init: no schema dn present: (skip schema loading)\n");
109 return ldb_next_init(module);
112 data = talloc(module, struct schema_fsmo_private_data);
115 return LDB_ERR_OPERATIONS_ERROR;
118 /* Check to see if this is a result on the CN=Aggregate schema */
119 data->aggregate_dn = ldb_dn_copy(data, schema_dn);
120 if (!ldb_dn_add_child_fmt(data->aggregate_dn, "CN=Aggregate")) {
122 return LDB_ERR_OPERATIONS_ERROR;
125 ldb_module_set_private(module, data);
127 if (dsdb_get_schema(ldb)) {
128 return ldb_next_init(module);
131 mem_ctx = talloc_new(module);
134 return LDB_ERR_OPERATIONS_ERROR;
137 ret = dsdb_schema_from_schema_dn(mem_ctx, ldb,
138 lp_iconv_convenience(ldb_get_opaque(ldb, "loadparm")),
139 schema_dn, &schema, &error_string);
141 if (ret == LDB_ERR_NO_SUCH_OBJECT) {
142 ldb_reset_err_string(ldb);
143 ldb_debug(ldb, LDB_DEBUG_WARNING,
144 "schema_fsmo_init: no schema head present: (skip schema loading)\n");
145 talloc_free(mem_ctx);
146 return ldb_next_init(module);
149 if (ret != LDB_SUCCESS) {
150 ldb_asprintf_errstring(ldb,
151 "schema_fsmo_init: dsdb_schema load failed: %s",
153 talloc_free(mem_ctx);
157 /* dsdb_set_schema() steal schema into the ldb_context */
158 ret = dsdb_set_schema(ldb, schema);
159 if (ret != LDB_SUCCESS) {
160 ldb_debug_set(ldb, LDB_DEBUG_FATAL,
161 "schema_fsmo_init: dsdb_set_schema() failed: %d:%s",
162 ret, ldb_strerror(ret));
163 talloc_free(mem_ctx);
167 talloc_free(mem_ctx);
168 return ldb_next_init(module);
171 static int schema_fsmo_add(struct ldb_module *module, struct ldb_request *req)
173 struct ldb_context *ldb;
174 struct dsdb_schema *schema;
175 const char *attributeID = NULL;
176 const char *governsID = NULL;
177 const char *oid_attr = NULL;
178 const char *oid = NULL;
182 ldb = ldb_module_get_ctx(module);
184 /* special objects should always go through */
185 if (ldb_dn_is_special(req->op.add.message->dn)) {
186 return ldb_next_request(module, req);
189 /* replicated update should always go through */
190 if (ldb_request_get_control(req, DSDB_CONTROL_REPLICATED_UPDATE_OID)) {
191 return ldb_next_request(module, req);
194 schema = dsdb_get_schema(ldb);
196 return ldb_next_request(module, req);
199 if (!schema->fsmo.we_are_master) {
200 ldb_debug_set(ldb, LDB_DEBUG_ERROR,
201 "schema_fsmo_add: we are not master: reject request\n");
202 return LDB_ERR_UNWILLING_TO_PERFORM;
205 attributeID = samdb_result_string(req->op.add.message, "attributeID", NULL);
206 governsID = samdb_result_string(req->op.add.message, "governsID", NULL);
209 oid_attr = "attributeID";
211 } else if (governsID) {
212 oid_attr = "governsID";
217 return ldb_next_request(module, req);
220 status = dsdb_map_oid2int(schema, oid, &id32);
221 if (W_ERROR_IS_OK(status)) {
222 return ldb_next_request(module, req);
223 } else if (!W_ERROR_EQUAL(WERR_DS_NO_MSDS_INTID, status)) {
224 ldb_debug_set(ldb, LDB_DEBUG_ERROR,
225 "schema_fsmo_add: failed to map %s[%s]: %s\n",
226 oid_attr, oid, win_errstr(status));
227 return LDB_ERR_UNWILLING_TO_PERFORM;
230 status = dsdb_create_prefix_mapping(ldb, schema, oid);
231 if (!W_ERROR_IS_OK(status)) {
232 ldb_debug_set(ldb, LDB_DEBUG_ERROR,
233 "schema_fsmo_add: failed to create prefix mapping for %s[%s]: %s\n",
234 oid_attr, oid, win_errstr(status));
235 return LDB_ERR_UNWILLING_TO_PERFORM;
238 return ldb_next_request(module, req);
241 static int schema_fsmo_extended(struct ldb_module *module, struct ldb_request *req)
243 struct ldb_context *ldb;
244 struct ldb_dn *schema_dn;
245 struct dsdb_schema *schema;
246 char *error_string = NULL;
250 ldb = ldb_module_get_ctx(module);
252 if (strcmp(req->op.extended.oid, DSDB_EXTENDED_SCHEMA_UPDATE_NOW_OID) != 0) {
253 return ldb_next_request(module, req);
256 schema_dn = samdb_schema_dn(ldb);
258 ldb_reset_err_string(ldb);
259 ldb_debug(ldb, LDB_DEBUG_WARNING,
260 "schema_fsmo_extended: no schema dn present: (skip schema loading)\n");
261 return ldb_next_request(module, req);
264 mem_ctx = talloc_new(module);
267 return LDB_ERR_OPERATIONS_ERROR;
270 ret = dsdb_schema_from_schema_dn(mem_ctx, ldb,
271 lp_iconv_convenience(ldb_get_opaque(ldb, "loadparm")),
272 schema_dn, &schema, &error_string);
274 if (ret == LDB_ERR_NO_SUCH_OBJECT) {
275 ldb_reset_err_string(ldb);
276 ldb_debug(ldb, LDB_DEBUG_WARNING,
277 "schema_fsmo_extended: no schema head present: (skip schema loading)\n");
278 talloc_free(mem_ctx);
279 return ldb_next_request(module, req);
282 if (ret != LDB_SUCCESS) {
283 ldb_asprintf_errstring(ldb,
284 "schema_fsmo_extended: dsdb_schema load failed: %s",
286 talloc_free(mem_ctx);
287 return ldb_next_request(module, req);
290 /* Replace the old schema*/
291 ret = dsdb_set_schema(ldb, schema);
292 if (ret != LDB_SUCCESS) {
293 ldb_debug_set(ldb, LDB_DEBUG_FATAL,
294 "schema_fsmo_extended: dsdb_set_schema() failed: %d:%s",
295 ret, ldb_strerror(ret));
296 talloc_free(mem_ctx);
300 dsdb_make_schema_global(ldb);
302 talloc_free(mem_ctx);
306 static int generate_objectClasses(struct ldb_context *ldb, struct ldb_message *msg,
307 const struct dsdb_schema *schema)
309 const struct dsdb_class *sclass;
312 for (sclass = schema->classes; sclass; sclass = sclass->next) {
313 ret = ldb_msg_add_string(msg, "objectClasses", schema_class_to_description(msg, sclass));
314 if (ret != LDB_SUCCESS) {
320 static int generate_attributeTypes(struct ldb_context *ldb, struct ldb_message *msg,
321 const struct dsdb_schema *schema)
323 const struct dsdb_attribute *attribute;
326 for (attribute = schema->attributes; attribute; attribute = attribute->next) {
327 ret = ldb_msg_add_string(msg, "attributeTypes", schema_attribute_to_description(msg, attribute));
328 if (ret != LDB_SUCCESS) {
335 static int generate_dITContentRules(struct ldb_context *ldb, struct ldb_message *msg,
336 const struct dsdb_schema *schema)
338 const struct dsdb_class *sclass;
341 for (sclass = schema->classes; sclass; sclass = sclass->next) {
342 if (sclass->auxiliaryClass || sclass->systemAuxiliaryClass) {
343 char *ditcontentrule = schema_class_to_dITContentRule(msg, sclass, schema);
344 if (!ditcontentrule) {
346 return LDB_ERR_OPERATIONS_ERROR;
348 ret = ldb_msg_add_steal_string(msg, "dITContentRules", ditcontentrule);
349 if (ret != LDB_SUCCESS) {
357 static int generate_extendedAttributeInfo(struct ldb_context *ldb,
358 struct ldb_message *msg,
359 const struct dsdb_schema *schema)
361 const struct dsdb_attribute *attribute;
364 for (attribute = schema->attributes; attribute; attribute = attribute->next) {
365 char *val = schema_attribute_to_extendedInfo(msg, attribute);
368 return LDB_ERR_OPERATIONS_ERROR;
371 ret = ldb_msg_add_string(msg, "extendedAttributeInfo", val);
372 if (ret != LDB_SUCCESS) {
380 static int generate_extendedClassInfo(struct ldb_context *ldb,
381 struct ldb_message *msg,
382 const struct dsdb_schema *schema)
384 const struct dsdb_class *sclass;
387 for (sclass = schema->classes; sclass; sclass = sclass->next) {
388 char *val = schema_class_to_extendedInfo(msg, sclass);
391 return LDB_ERR_OPERATIONS_ERROR;
394 ret = ldb_msg_add_string(msg, "extendedClassInfo", val);
395 if (ret != LDB_SUCCESS) {
404 static int generate_possibleInferiors(struct ldb_context *ldb, struct ldb_message *msg,
405 const struct dsdb_schema *schema)
407 struct ldb_dn *dn = msg->dn;
409 const char *first_component_name = ldb_dn_get_component_name(dn, 0);
410 const struct ldb_val *first_component_val;
411 const char *class_name;
412 const struct dsdb_class *schema_class;
413 const char **possibleInferiors;
415 if (strcasecmp(first_component_name, "cn") != 0) {
419 first_component_val = ldb_dn_get_component_val(dn, 0);
420 class_name = (const char *)first_component_val->data;
422 schema_class = dsdb_class_by_cn(schema, class_name);
423 if (schema_class == NULL) {
427 possibleInferiors = schema_class->possibleInferiors;
428 if (possibleInferiors == NULL) {
432 for (i=0;possibleInferiors[i];i++) {
433 ret = ldb_msg_add_string(msg, "possibleInferiors", possibleInferiors[i]);
434 if (ret != LDB_SUCCESS) {
443 /* Add objectClasses, attributeTypes and dITContentRules from the
444 schema object (they are not stored in the database)
446 static int schema_fsmo_search_callback(struct ldb_request *req, struct ldb_reply *ares)
448 struct ldb_context *ldb;
449 struct schema_fsmo_search_data *ac;
450 struct schema_fsmo_private_data *mc;
453 ac = talloc_get_type(req->context, struct schema_fsmo_search_data);
454 mc = talloc_get_type(ldb_module_get_private(ac->module), struct schema_fsmo_private_data);
455 ldb = ldb_module_get_ctx(ac->module);
458 return ldb_module_done(ac->req, NULL, NULL,
459 LDB_ERR_OPERATIONS_ERROR);
461 if (ares->error != LDB_SUCCESS) {
462 return ldb_module_done(ac->req, ares->controls,
463 ares->response, ares->error);
465 /* Only entries are interesting, and we handle the case of the parent seperatly */
467 switch (ares->type) {
468 case LDB_REPLY_ENTRY:
470 if (ldb_dn_compare(ares->message->dn, mc->aggregate_dn) == 0) {
471 for (i=0; i < ARRAY_SIZE(generated_attrs); i++) {
472 if (generated_attrs[i].aggregate &&
473 ldb_attr_in_list(ac->req->op.search.attrs, generated_attrs[i].attr)) {
474 ret = generated_attrs[i].fn(ldb, ares->message, ac->schema);
475 if (ret != LDB_SUCCESS) {
481 for (i=0; i < ARRAY_SIZE(generated_attrs); i++) {
482 if (!generated_attrs[i].aggregate &&
483 ldb_attr_in_list(ac->req->op.search.attrs, generated_attrs[i].attr)) {
484 ret = generated_attrs[i].fn(ldb, ares->message, ac->schema);
485 if (ret != LDB_SUCCESS) {
493 return ldb_module_send_entry(ac->req, ares->message, ares->controls);
495 case LDB_REPLY_REFERRAL:
497 return ldb_module_send_referral(ac->req, ares->referral);
501 return ldb_module_done(ac->req, ares->controls,
502 ares->response, ares->error);
509 static int schema_fsmo_search(struct ldb_module *module, struct ldb_request *req)
511 struct ldb_context *ldb = ldb_module_get_ctx(module);
513 struct schema_fsmo_search_data *search_context;
514 struct ldb_request *down_req;
515 struct dsdb_schema *schema = dsdb_get_schema(ldb);
517 if (!schema || !ldb_module_get_private(module)) {
518 /* If there is no schema, there is little we can do */
519 return ldb_next_request(module, req);
521 for (i=0; i < ARRAY_SIZE(generated_attrs); i++) {
522 if (ldb_attr_in_list(req->op.search.attrs, generated_attrs[i].attr)) {
526 if (i == ARRAY_SIZE(generated_attrs)) {
527 /* No request for a generated attr found, nothing to
528 * see here, move along... */
529 return ldb_next_request(module, req);
532 search_context = talloc(req, struct schema_fsmo_search_data);
533 if (!search_context) {
535 return LDB_ERR_OPERATIONS_ERROR;
538 search_context->module = module;
539 search_context->req = req;
540 search_context->schema = schema;
542 ret = ldb_build_search_req_ex(&down_req, ldb, search_context,
544 req->op.search.scope,
546 req->op.search.attrs,
548 search_context, schema_fsmo_search_callback,
550 if (ret != LDB_SUCCESS) {
551 return LDB_ERR_OPERATIONS_ERROR;
554 return ldb_next_request(module, down_req);
558 _PUBLIC_ const struct ldb_module_ops ldb_schema_fsmo_module_ops = {
559 .name = "schema_fsmo",
560 .init_context = schema_fsmo_init,
561 .add = schema_fsmo_add,
562 .extended = schema_fsmo_extended,
563 .search = schema_fsmo_search
git.samba.org / ira / wip.git / blob