}
domain_dn = samdb_result_dn(mem_ctx, msgs_domain_ref[0], "nCName", NULL);
- } else {
- domain_dn = samdb_base_dn(mem_ctx);
}
/* pull the user attributes */
}
/* find the domain's DN */
- ret = gendb_search(sam_ctx, mem_ctx, samdb_base_dn(mem_ctx), &msgs_tmp, NULL,
+ ret = gendb_search(sam_ctx, mem_ctx, NULL, &msgs_tmp, NULL,
"(&(objectSid=%s)(objectclass=domain))",
ldap_encode_ndr_dom_sid(mem_ctx, domain_sid));
if (ret == -1) {
TALLOC_CTX *tmp_ctx = talloc_new(mem_ctx);
group_ret = gendb_search(sam_ctx,
- tmp_ctx, samdb_base_dn(tmp_ctx), &group_msgs, group_attrs,
+ tmp_ctx, NULL, &group_msgs, group_attrs,
"(&(member=%s)(sAMAccountType=*))",
ldb_dn_linearize(tmp_ctx, msg->dn));
if (group_ret == -1) {
if (count == 0 && domain_guid) {
/* OK, so no dice with the name, try and find the domain with the GUID */
- count = gendb_search(cldapd->samctx, mem_ctx, samdb_base_dn(mem_ctx), &dom_res, dom_attrs,
+ count = gendb_search(cldapd->samctx, mem_ctx, NULL, &dom_res, dom_attrs,
"(&(objectClass=domainDNS)(objectGUID=%s))",
domain_guid);
if (count == 1) {
int ret;
struct ldb_message **res = NULL;
- ret = gendb_search_dn(sidmap->samctx, mem_ctx, samdb_base_dn(mem_ctx),
- &res, attrs);
+ ret = gendb_search_dn(sidmap->samctx, mem_ctx, NULL, &res, attrs);
if (ret != 1) {
talloc_free(res);
return NT_STATUS_NO_SUCH_DOMAIN;
tmp_ctx = talloc_new(sidmap);
- ret = gendb_search(sidmap->samctx, tmp_ctx, samdb_base_dn(tmp_ctx), &res, attrs,
+ ret = gendb_search(sidmap->samctx, tmp_ctx, NULL, &res, attrs,
"objectSid=%s", ldap_encode_ndr_dom_sid(tmp_ctx, sid));
if (ret != 1) {
goto allocated_sid;
tmp_ctx = talloc_new(sidmap);
- ret = gendb_search(sidmap->samctx, tmp_ctx, samdb_base_dn(tmp_ctx), &res, attrs,
+ ret = gendb_search(sidmap->samctx, tmp_ctx, NULL, &res, attrs,
"objectSid=%s", ldap_encode_ndr_dom_sid(tmp_ctx, sid));
if (ret != 1) {
goto allocated_sid;
given uid
*/
- ret = gendb_search(sidmap->samctx, tmp_ctx, samdb_base_dn(tmp_ctx), &res, attrs,
+ ret = gendb_search(sidmap->samctx, tmp_ctx, NULL, &res, attrs,
"uidNumber=%u", (unsigned int)uid);
for (i=0;i<ret;i++) {
if (!is_user_account(res[i])) continue;
given gid
*/
- ret = gendb_search(sidmap->samctx, tmp_ctx, samdb_base_dn(tmp_ctx), &res, attrs,
+ ret = gendb_search(sidmap->samctx, tmp_ctx, NULL, &res, attrs,
"gidNumber=%u", (unsigned int)gid);
for (i=0;i<ret;i++) {
if (!is_group_account(res[i])) continue;
goto allocate_sid;
}
- ret = gendb_search(sidmap->samctx, tmp_ctx, samdb_base_dn(tmp_ctx), &res, attrs,
+ ret = gendb_search(sidmap->samctx, tmp_ctx, NULL, &res, attrs,
"(|(unixName=%s)(sAMAccountName=%s))",
grp->gr_name, grp->gr_name);
for (i=0;i<ret;i++) {
return DRSUAPI_DS_NAME_STATUS_RESOLVE_ERROR;
}
- service_dn = ldb_dn_string_compose(tmp_ctx, samdb_base_dn(tmp_ctx),
+ service_dn = ldb_dn_string_compose(tmp_ctx, NULL,
"CN=Directory Service,CN=Windows NT"
",CN=Services,CN=Configuration");
service_dn_str = ldb_dn_linearize(tmp_ctx, service_dn);
struct ldb_message **result_res = NULL;
const struct ldb_dn *result_basedn;
const struct ldb_dn *partitions_basedn = ldb_dn_string_compose(mem_ctx, samdb_base_dn(mem_ctx), "CN=Partitions,CN=Configuration");
- const struct ldb_dn *basedn = samdb_base_dn(mem_ctx);
const char * const _domain_attrs_1779[] = { "ncName", "dnsRoot", NULL};
const char * const _result_attrs_null[] = { NULL };
return WERR_OK;
}
dom_sid->num_auths--;
- ldb_ret = gendb_search(sam_ctx, mem_ctx, basedn, &domain_res, attrs,
+ ldb_ret = gendb_search(sam_ctx, mem_ctx, NULL, &domain_res, attrs,
"(&(objectSid=%s)(objectClass=domain))", ldap_encode_ndr_dom_sid(mem_ctx, dom_sid));
if (ldb_ret != 1) {
info1->status = DRSUAPI_DS_NAME_STATUS_NOT_FOUND;
filter = talloc_asprintf(mem_ctx, "(objectSid=%s)",
ldap_encode_ndr_dom_sid(mem_ctx, sid));
- ret = ldb_search(module->ldb, samdb_base_dn(mem_ctx), LDB_SCOPE_SUBTREE, filter, attrs, &res);
+ ret = ldb_search(module->ldb, NULL, LDB_SCOPE_SUBTREE, filter, attrs, &res);
if (ret == LDB_SUCCESS) {
if (res->count > 0) {
talloc_free(res);
filter = talloc_asprintf(mem_ctx, "(&(objectSid=%s)(objectclass=domain))",
ldap_encode_ndr_dom_sid(mem_ctx, dom_sid));
- ret = ldb_search(module->ldb, samdb_base_dn(mem_ctx), LDB_SCOPE_SUBTREE, filter, attrs, &dom_res);
+ ret = ldb_search(module->ldb, NULL, LDB_SCOPE_SUBTREE, filter, attrs, &dom_res);
if (ret == LDB_SUCCESS) {
talloc_steal(mem_ctx, dom_res);
if (dom_res->count == 0) {
return sd;
}
-struct ldb_dn *samdb_base_dn(TALLOC_CTX *mem_ctx)
+const struct ldb_dn *samdb_base_dn(TALLOC_CTX *mem_ctx)
{
TALLOC_CTX *tmp_ctx = talloc_new(mem_ctx);
int server_role = lp_server_role();
return NT_STATUS_INTERNAL_DB_CORRUPTION;
}
- count = gendb_search(ctx, mem_ctx, samdb_base_dn(mem_ctx), &res, domain_attrs,
+ count = gendb_search(ctx, mem_ctx, NULL, &res, domain_attrs,
"(objectSid=%s)",
ldap_encode_ndr_dom_sid(mem_ctx, domain_sid));
if (count != 1) {
return NT_STATUS_TRANSACTION_ABORTED;
}
- user_dn = samdb_search_dn(ctx, mem_ctx, samdb_base_dn(mem_ctx),
+ user_dn = samdb_search_dn(ctx, mem_ctx, NULL,
"(&(objectSid=%s)(objectClass=user))",
ldap_encode_ndr_dom_sid(mem_ctx, user_sid));
if (!user_dn) {
* cn=For...,cn=Builtin,dc={BASEDN}. -- vl
*/
- basedn = samdb_search_dn(sam_ctx, mem_ctx, samdb_base_dn(mem_ctx),
+ basedn = samdb_search_dn(sam_ctx, mem_ctx, NULL,
"(&(objectClass=container)(cn=ForeignSecurityPrincipals))");
if (basedn == NULL) {
return WERR_SERVER_UNAVAILABLE;
}
- ret = gendb_search_dn(sam_ctx, mem_ctx, samdb_base_dn(mem_ctx), &res, attrs);
+ ret = gendb_search_dn(sam_ctx, mem_ctx, NULL, &res, attrs);
if (ret != 1) {
return WERR_SERVER_UNAVAILABLE;
}
/* NOTE: This call must only return accounts that have at least
one privilege set
*/
- ret = gendb_search(state->sam_ldb, mem_ctx, samdb_base_dn(mem_ctx), &res, attrs,
+ ret = gendb_search(state->sam_ldb, mem_ctx, NULL, &res, attrs,
"(&(objectSid=*)(privilege=*))");
if (ret < 0) {
return NT_STATUS_NO_SUCH_USER;
return NT_STATUS_NO_MEMORY;
}
- ret = gendb_search(astate->policy->sam_ldb, mem_ctx, samdb_base_dn(mem_ctx), &res, attrs,
+ ret = gendb_search(astate->policy->sam_ldb, mem_ctx, NULL, &res, attrs,
"objectSid=%s", sidstr);
if (ret != 1) {
return NT_STATUS_OK;
return NT_STATUS_NO_MEMORY;
}
- ret = gendb_search(state->sam_ldb, mem_ctx, samdb_base_dn(mem_ctx), &res, attrs,
+ ret = gendb_search(state->sam_ldb, mem_ctx, NULL, &res, attrs,
"(&(objectSid=%s)(privilege=*))", sidstr);
if (ret == 0) {
return NT_STATUS_OBJECT_NAME_NOT_FOUND;
}
msg->dn = samdb_search_dn(state->sam_ldb, mem_ctx,
- samdb_base_dn(mem_ctx), "objectSid=%s", sidstr);
+ NULL, "objectSid=%s", sidstr);
if (msg->dn == NULL) {
NTSTATUS status;
if (ldb_flag == LDB_FLAG_MOD_DELETE) {
return NT_STATUS_NO_SUCH_PRIVILEGE;
}
- ret = gendb_search(state->sam_ldb, mem_ctx, samdb_base_dn(mem_ctx), &res, attrs,
+ ret = gendb_search(state->sam_ldb, mem_ctx, NULL, &res, attrs,
"privilege=%s", privname);
if (ret == -1) {
return NT_STATUS_INTERNAL_DB_CORRUPTION;
return NT_STATUS_INVALID_SYSTEM_SERVICE;
}
/* pull the user attributes */
- num_records = gendb_search(sam_ctx, mem_ctx, samdb_base_dn(mem_ctx), &msgs, attrs,
+ num_records = gendb_search(sam_ctx, mem_ctx, NULL, &msgs, attrs,
"(&(sAMAccountName=%s)(objectclass=user))",
r->in.account_name);
primary domain is also a "trusted" domain, so we need to
put the primary domain into the lists of returned trusts as
well */
- ret1 = gendb_search(sam_ctx, mem_ctx, samdb_base_dn(mem_ctx), &res1, attrs, "(objectClass=domainDNS)");
+ ret1 = gendb_search(sam_ctx, mem_ctx, NULL, &res1, attrs, "(objectClass=domainDNS)");
if (ret1 != 1) {
return NT_STATUS_INTERNAL_DB_CORRUPTION;
}
local_domain = samdb_result_string(ref_res[0], "nETBIOSName", NULL);
- ret2 = gendb_search(sam_ctx, mem_ctx, samdb_base_dn(mem_ctx), &res2, attrs, "(objectClass=trustedDomain)");
+ ret2 = gendb_search(sam_ctx, mem_ctx, NULL, &res2, attrs, "(objectClass=trustedDomain)");
if (ret2 == -1) {
return NT_STATUS_INTERNAL_DB_CORRUPTION;
}
return WERR_GENERAL_FAILURE;
}
- ret = gendb_search_dn(sam_ctx, mem_ctx, samdb_base_dn(mem_ctx), &dom_res, dom_attrs);
+ ret = gendb_search_dn(sam_ctx, mem_ctx, NULL, &dom_res, dom_attrs);
if (ret == -1) {
return WERR_GENERAL_FAILURE;
}
if (strcasecmp(r->in.domain_name->string, "BUILTIN") == 0) {
ret = gendb_search(c_state->sam_ctx,
- mem_ctx, samdb_base_dn(mem_ctx), &dom_msgs, dom_attrs,
+ mem_ctx, NULL, &dom_msgs, dom_attrs,
"(objectClass=builtinDomain)");
} else {
ret = gendb_search(c_state->sam_ctx,
c_state = h->data;
count = gendb_search(c_state->sam_ctx,
- mem_ctx, samdb_base_dn(mem_ctx), &dom_msgs, dom_attrs,
+ mem_ctx, NULL, &dom_msgs, dom_attrs,
"(objectClass=domain)");
if (count == -1) {
DEBUG(0,("samdb: no domains found in EnumDomains\n"));
}
ret = gendb_search(c_state->sam_ctx,
- mem_ctx, samdb_base_dn(mem_ctx), &dom_msgs, dom_attrs,
+ mem_ctx, NULL, &dom_msgs, dom_attrs,
"(&(objectSid=%s)(&(objectclass=domain)))",
ldap_encode_ndr_dom_sid(mem_ctx, r->in.sid));
if (ret != 1) {
}
/* check if the user already exists */
- name = samdb_search_string(d_state->sam_ctx, mem_ctx, samdb_base_dn(mem_ctx),
+ name = samdb_search_string(d_state->sam_ctx, mem_ctx, NULL,
"sAMAccountName",
"(&(sAMAccountName=%s)(objectclass=user))",
ldb_binary_encode_string(mem_ctx, account_name));
memberdn =
samdb_search_string(d_state->sam_ctx,
- mem_ctx, samdb_base_dn(mem_ctx), "distinguishedName",
+ mem_ctx, NULL, "distinguishedName",
"(objectSid=%s)",
ldap_encode_ndr_dom_sid(mem_ctx,
r->in.sids->sids[i].sid));
a_state = h->data;
d_state = a_state->domain_state;
- ret = gendb_search(d_state->sam_ctx, mem_ctx, samdb_base_dn(mem_ctx),
+ ret = gendb_search(d_state->sam_ctx, mem_ctx, NULL,
&msgs, attrs, "(objectsid=%s)",
ldap_encode_ndr_dom_sid(mem_ctx, r->in.sid));
a_state = h->data;
d_state = a_state->domain_state;
- memberdn = samdb_search_string(d_state->sam_ctx, mem_ctx, samdb_base_dn(mem_ctx),
+ memberdn = samdb_search_string(d_state->sam_ctx, mem_ctx, NULL,
"distinguishedName", "(objectSid=%s)",
ldap_encode_ndr_dom_sid(mem_ctx, r->in.sid));
/* The domain name in this call is ignored */
ret = gendb_search_dn(sam_ctx,
- mem_ctx, samdb_base_dn(mem_ctx), &msgs, attrs);
+ mem_ctx, NULL, &msgs, attrs);
if (ret <= 0) {
return NT_STATUS_NO_SUCH_DOMAIN;
}
user SID). We also need the current lm password hash in
order to decrypt the incoming password */
ret = gendb_search(sam_ctx,
- mem_ctx, samdb_base_dn(mem_ctx), &res, attrs,
+ mem_ctx, NULL, &res, attrs,
"(&(sAMAccountName=%s)(objectclass=user))",
r->in.account->string);
if (ret != 1) {
user SID). We also need the current lm and nt password hashes
in order to decrypt the incoming passwords */
ret = gendb_search(sam_ctx,
- mem_ctx, samdb_base_dn(mem_ctx), &res, attrs,
+ mem_ctx, NULL, &res, attrs,
"(&(sAMAccountName=%s)(objectclass=user))",
r->in.account->string);
if (ret != 1) {