static int construct_primary_group_token(struct ldb_module *module,
struct ldb_message *msg)
{
- struct ldb_parse_tree objectclass_is_group = {
- .operation = LDB_OP_EQUALITY,
- .u.equality.attr = "objectClass",
- .u.equality.value = data_blob_string_const("group")
- };
struct ldb_context *ldb;
uint32_t primary_group_token;
ldb = ldb_module_get_ctx(module);
- if (ldb_match_msg(ldb, msg, &objectclass_is_group, msg->dn, LDB_SCOPE_BASE) == 1) {
+ if (ldb_match_msg_objectclass(msg, "group") == 1) {
primary_group_token
= samdb_result_rid_from_sid(ldb, msg, "objectSid", 0);
if (primary_group_token == 0) {
const struct ldb_val *parent_guid;
const char *attrs[] = { "objectGUID", NULL };
int ret;
+ struct ldb_val v;
/* TODO: In the future, this needs to honour the partition boundaries */
struct ldb_dn *parent_dn = ldb_dn_get_parent(msg, msg->dn);
- if (parent_dn == NULL){
+ if (parent_dn == NULL) {
DEBUG(4,(__location__ ": Failed to find parent for dn %s\n",
ldb_dn_get_linearized(msg->dn)));
return LDB_SUCCESS;
ret = dsdb_module_search_dn(module, msg, &res, parent_dn, attrs, DSDB_SEARCH_SHOW_DELETED);
talloc_free(parent_dn);
/* if there is no parentGUID for this object, then return */
- if (ret == LDB_ERR_NO_SUCH_OBJECT){
+ if (ret == LDB_ERR_NO_SUCH_OBJECT) {
DEBUG(4,(__location__ ": Parent dn for %s does not exist \n",
ldb_dn_get_linearized(msg->dn)));
return LDB_SUCCESS;
return LDB_SUCCESS;
}
- talloc_steal(msg->elements, parent_guid->data);
+ v = data_blob_dup_talloc(res, parent_guid);
+ if (!v.data) {
+ talloc_free(res);
+ return LDB_ERR_OPERATIONS_ERROR;
+ }
+ ret = ldb_msg_add_steal_value(msg, "parentGUID", &v);
talloc_free(res);
- return ldb_msg_add_value(msg, "parentGUID", parent_guid, 0);
+ return ret;
}
/*
const char *attr;
enum op_remove op;
} operational_remove[] = {
- { "nTSecurityDescriptor", OPERATIONAL_REMOVE_UNASKED },
- { "parentGUID", OPERATIONAL_REMOVE_ALWAYS },
- { "replPropertyMetaData", OPERATIONAL_REMOVE_UNASKED },
- { "ntPwdHistory", OPERATIONAL_REMOVE_UNASKED },
- { "lmPwdHistory", OPERATIONAL_REMOVE_UNASKED },
- { "unicodePwd", OPERATIONAL_REMOVE_UNASKED },
- { "supplementalCredentials", OPERATIONAL_REMOVE_UNASKED },
- { "dBCSPwd", OPERATIONAL_REMOVE_UNASKED }
+ { "nTSecurityDescriptor", OPERATIONAL_REMOVE_UNASKED },
+ { "parentGUID", OPERATIONAL_REMOVE_ALWAYS },
+ { "replPropertyMetaData", OPERATIONAL_REMOVE_UNASKED },
+ { "unicodePwd", OPERATIONAL_REMOVE_UNASKED },
+ { "dBCSPwd", OPERATIONAL_REMOVE_UNASKED },
+ { "ntPwdHistory", OPERATIONAL_REMOVE_UNASKED },
+ { "lmPwdHistory", OPERATIONAL_REMOVE_UNASKED },
+ { "supplementalCredentials", OPERATIONAL_REMOVE_UNASKED }
};