filter = talloc_asprintf(talloc_tos(), "(&%s%s)", "(uid=%u)",
get_objclass_filter(ldap_state->schema_ver));
if (!filter) {
+ SAFE_FREE(escape_user);
return LDAP_NO_MEMORY;
}
/*
filter = talloc_all_string_sub(talloc_tos(),
filter, "%u", escape_user);
+ SAFE_FREE(escape_user);
if (!filter) {
return LDAP_NO_MEMORY;
}
- SAFE_FREE(escape_user);
ret = smbldap_search_suffix(ldap_state->smbldap_state,
filter, attr, result);
filter = talloc_asprintf(talloc_tos(), "(&(%s=%s)%s)",
get_userattr_key2string(ldap_state->schema_ver,
LDAP_ATTR_USER_SID),
- sid_to_string(sid_string, sid),
+ sid_to_fstring(sid_string, sid),
get_objclass_filter(ldap_state->schema_ver));
if (!filter) {
return LDAP_NO_MEMORY;
}
}
if (hex_failed) {
- DEBUG(0,("init_sam_from_ldap: Failed to get password history for user %s\n",
+ DEBUG(2,("init_sam_from_ldap: Failed to get password history for user %s\n",
username));
memset(pwhist, '\0', pwHistLen * PW_HISTORY_ENTRY_LEN);
}
case SCHEMAVER_SAMBASAMACCOUNT:
smbldap_make_mod(ldap_state->smbldap_state->ldap_struct, existing, mods,
get_userattr_key2string(ldap_state->schema_ver, LDAP_ATTR_USER_SID),
- sid_to_string(sid_string, user_sid));
+ sid_to_fstring(sid_string, user_sid));
break;
default:
case SCHEMAVER_SAMBASAMACCOUNT:
smbldap_make_mod(ldap_state->smbldap_state->ldap_struct, existing, mods,
get_userattr_key2string(ldap_state->schema_ver,
- LDAP_ATTR_PRIMARY_GROUP_SID), sid_to_string(sid_string, group_sid));
+ LDAP_ATTR_PRIMARY_GROUP_SID), sid_to_fstring(sid_string, group_sid));
break;
default:
return True;
}
-/**********************************************************************
- Connect to LDAP server for password enumeration.
-*********************************************************************/
-
-static NTSTATUS ldapsam_setsampwent(struct pdb_methods *my_methods, bool update, uint32 acb_mask)
-{
- struct ldapsam_privates *ldap_state = (struct ldapsam_privates *)my_methods->private_data;
- int rc;
- char *filter = NULL;
- const char *suffix;
- const char **attr_list;
- bool machine_mask = False, user_mask = False;
- NTSTATUS status = NT_STATUS_OK;
- TALLOC_CTX *ctx = talloc_init("ldapsam_setsampwent");
-
- if (!ctx) {
- return NT_STATUS_NO_MEMORY;
- }
- filter = talloc_asprintf(ctx, "(&%s%s)", "(uid=%u)",
- get_objclass_filter(ldap_state->schema_ver));
- if (!filter) {
- status = NT_STATUS_NO_MEMORY;
- goto out;
- }
-
- filter = talloc_all_string_sub(ctx, filter, "%u", "*");
- if (!filter) {
- status = NT_STATUS_NO_MEMORY;
- goto out;
- }
-
- machine_mask = ((acb_mask != 0) && (acb_mask & (ACB_WSTRUST|ACB_SVRTRUST|ACB_DOMTRUST)));
- user_mask = ((acb_mask != 0) && (acb_mask & ACB_NORMAL));
-
- if (machine_mask) {
- suffix = lp_ldap_machine_suffix();
- } else if (user_mask) {
- suffix = lp_ldap_user_suffix();
- } else {
- suffix = lp_ldap_suffix();
- }
-
- DEBUG(10,("ldapsam_setsampwent: LDAP Query for acb_mask 0x%x will use suffix %s\n",
- acb_mask, suffix));
-
- attr_list = get_userattr_list(NULL, ldap_state->schema_ver);
- rc = smbldap_search(ldap_state->smbldap_state, suffix, LDAP_SCOPE_SUBTREE, filter,
- attr_list, 0, &ldap_state->result);
- TALLOC_FREE( attr_list );
-
- if (rc != LDAP_SUCCESS) {
- DEBUG(0, ("ldapsam_setsampwent: LDAP search failed: %s\n", ldap_err2string(rc)));
- DEBUG(3, ("ldapsam_setsampwent: Query was: %s, %s\n", suffix, filter));
- ldap_msgfree(ldap_state->result);
- ldap_state->result = NULL;
- status = NT_STATUS_UNSUCCESSFUL;
- goto out;
- }
-
- DEBUG(2, ("ldapsam_setsampwent: %d entries in the base %s\n",
- ldap_count_entries(ldap_state->smbldap_state->ldap_struct,
- ldap_state->result), suffix));
-
- ldap_state->entry = ldap_first_entry(ldap_state->smbldap_state->ldap_struct,
- ldap_state->result);
- ldap_state->index = 0;
-
- out:
-
- TALLOC_FREE(ctx);
- return status;
-}
-
/**********************************************************************
End enumeration of the LDAP password list.
*********************************************************************/
}
}
-/**********************************************************************
-Get the next entry in the LDAP password database.
-*********************************************************************/
-
-static NTSTATUS ldapsam_getsampwent(struct pdb_methods *my_methods,
- struct samu *user)
-{
- NTSTATUS ret = NT_STATUS_UNSUCCESSFUL;
- struct ldapsam_privates *ldap_state =
- (struct ldapsam_privates *)my_methods->private_data;
- bool bret = False;
-
- while (!bret) {
- if (!ldap_state->entry)
- return ret;
-
- ldap_state->index++;
- bret = init_sam_from_ldap(ldap_state, user, ldap_state->entry);
-
- ldap_state->entry = ldap_next_entry(priv2ld(ldap_state),
- ldap_state->entry);
- }
-
- return NT_STATUS_OK;
-}
-
static void append_attr(TALLOC_CTX *mem_ctx, const char ***attr_list,
const char *new_attr)
{
struct berval *retdata = NULL;
char *utf8_password;
char *utf8_dn;
+ size_t converted_size;
if (!ldap_state->is_nds_ldap) {
}
}
- if (push_utf8_allocate(&utf8_password, pdb_get_plaintext_passwd(newpwd)) == (size_t)-1) {
+ if (!push_utf8_allocate(&utf8_password,
+ pdb_get_plaintext_passwd(newpwd),
+ &converted_size))
+ {
return NT_STATUS_NO_MEMORY;
}
- if (push_utf8_allocate(&utf8_dn, dn) == (size_t)-1) {
+ if (!push_utf8_allocate(&utf8_dn, dn, &converted_size)) {
SAFE_FREE(utf8_password);
return NT_STATUS_NO_MEMORY;
}
return NT_STATUS_UNSUCCESSFUL;
}
- ber_printf (ber, "{");
- ber_printf (ber, "ts", LDAP_TAG_EXOP_MODIFY_PASSWD_ID, utf8_dn);
- ber_printf (ber, "ts", LDAP_TAG_EXOP_MODIFY_PASSWD_NEW, utf8_password);
- ber_printf (ber, "n}");
+ if ((ber_printf (ber, "{") < 0) ||
+ (ber_printf (ber, "ts", LDAP_TAG_EXOP_MODIFY_PASSWD_ID, utf8_dn) < 0) ||
+ (ber_printf (ber, "ts", LDAP_TAG_EXOP_MODIFY_PASSWD_NEW, utf8_password) < 0) ||
+ (ber_printf (ber, "n}") < 0)) {
+ DEBUG(0,("ldapsam_modify_entry: ber_printf returns a value <0\n"));
+ ber_free(ber,1);
+ SAFE_FREE(utf8_dn);
+ SAFE_FREE(utf8_password);
+ return NT_STATUS_UNSUCCESSFUL;
+ }
if ((rc = ber_flatten (ber, &bv))<0) {
DEBUG(0,("ldapsam_modify_entry: ber_flatten returns a value <0\n"));
pdb_get_username(newpwd), ldap_err2string(rc), ld_error?ld_error:"unknown"));
SAFE_FREE(ld_error);
ber_bvfree(bv);
+#if defined(LDAP_CONSTRAINT_VIOLATION)
+ if (rc == LDAP_CONSTRAINT_VIOLATION)
+ return NT_STATUS_PASSWORD_RESTRICTION;
+#endif
return NT_STATUS_UNSUCCESSFUL;
} else {
DEBUG(3,("ldapsam_modify_entry: LDAP Password changed for user %s\n",pdb_get_username(newpwd)));
ldap_mods_free(mods,True);
return NT_STATUS_UNSUCCESSFUL;
}
-
- if (mods == NULL) {
+
+ if ((lp_ldap_passwd_sync() != LDAP_PASSWD_SYNC_ONLY)
+ && (mods == NULL)) {
DEBUG(4,("ldapsam_update_sam_account: mods is empty: nothing to update for user: %s\n",
pdb_get_username(newpwd)));
SAFE_FREE(dn);
}
ret = ldapsam_modify_entry(my_methods,newpwd,dn,mods,LDAP_MOD_REPLACE, element_is_changed);
- ldap_mods_free(mods,True);
+
+ if (mods != NULL) {
+ ldap_mods_free(mods,True);
+ }
+
SAFE_FREE(dn);
/*
/* rename the posix user */
rename_script = SMB_STRDUP(lp_renameuser_script());
- if (rename_script) {
+ if (rename_script == NULL) {
return NT_STATUS_NO_MEMORY;
}
{
char *filter = NULL;
NTSTATUS status;
+ fstring tmp;
if (asprintf(&filter, "(&(objectClass=%s)(%s=%s))",
LDAP_OBJ_GROUPMAP,
get_attr_key2string(groupmap_attr_list, LDAP_ATTR_GROUP_SID),
- sid_string_static(&sid)) < 0) {
+ sid_to_fstring(tmp, &sid)) < 0) {
return NT_STATUS_NO_MEMORY;
}
goto done;
}
- rc = smbldap_search(conn, lp_ldap_user_suffix(),
+ rc = smbldap_search(conn, lp_ldap_suffix(),
LDAP_SCOPE_SUBTREE, filter, sid_attrs, 0,
&result);
entry, "sambaSID",
mem_ctx);
if (!sidstr) {
- DEBUG(0, ("Severe DB error, sambaSamAccount can't miss "
- "the sambaSID attribute\n"));
+ DEBUG(0, ("Severe DB error, %s can't miss the sambaSID"
+ "attribute\n", LDAP_OBJ_SAMBASAMACCOUNT));
ret = NT_STATUS_INTERNAL_DB_CORRUPTION;
goto done;
}
LDAP_OBJ_SAMBASAMACCOUNT,
gidstr);
- rc = smbldap_search(conn, lp_ldap_user_suffix(),
+ rc = smbldap_search(conn, lp_ldap_suffix(),
LDAP_SCOPE_SUBTREE, filter, sid_attrs, 0,
&result);
entry,
get_global_sam_sid(),
&rid)) {
- DEBUG(0, ("Severe DB error, sambaSamAccount can't miss "
- "the sambaSID attribute\n"));
+ DEBUG(0, ("Severe DB error, %s can't miss the samba SID" "attribute\n", LDAP_OBJ_SAMBASAMACCOUNT));
ret = NT_STATUS_INTERNAL_DB_CORRUPTION;
goto done;
}
goto done;
}
- rc = smbldap_search(conn, lp_ldap_user_suffix(),
+ rc = smbldap_search(conn, lp_ldap_suffix(),
LDAP_SCOPE_SUBTREE, filter, attrs, 0, &result);
if (rc != LDAP_SUCCESS)
/* This sid will be replaced later */
- if (!add_sid_to_array_unique(mem_ctx, &global_sid_NULL, pp_sids, &num_sids)) {
- ret = NT_STATUS_NO_MEMORY;
+ ret = add_sid_to_array_unique(mem_ctx, &global_sid_NULL, pp_sids,
+ &num_sids);
+ if (!NT_STATUS_IS_OK(ret)) {
goto done;
}
ret = NT_STATUS_NO_MEMORY;
goto done;
}
- if (!add_sid_to_array_unique(mem_ctx, &sid, pp_sids,
- &num_sids)) {
- ret = NT_STATUS_NO_MEMORY;
+ ret = add_sid_to_array_unique(mem_ctx, &sid, pp_sids,
+ &num_sids);
+ if (!NT_STATUS_IS_OK(ret)) {
goto done;
}
}
int rc;
filter = talloc_asprintf(mem_ctx,
- "(&(objectClass=posixGroup)(gidNumber=%u))",
- map->gid);
+ "(&(objectClass=%s)(gidNumber=%u))",
+ LDAP_OBJ_POSIXGROUP, map->gid);
if (filter == NULL) {
return NT_STATUS_NO_MEMORY;
}
mods = NULL;
smbldap_set_mod(&mods, LDAP_MOD_ADD, "objectClass",
- "sambaGroupMapping");
+ LDAP_OBJ_GROUPMAP);
smbldap_make_mod(ldap_state->smbldap_state->ldap_struct, entry, &mods, "sambaSid",
- sid_string_static(&map->sid));
+ sid_string_talloc(mem_ctx, &map->sid));
smbldap_make_mod(ldap_state->smbldap_state->ldap_struct, entry, &mods, "sambaGroupType",
talloc_asprintf(mem_ctx, "%d", map->sid_name_use));
smbldap_make_mod(ldap_state->smbldap_state->ldap_struct, entry, &mods, "displayName",
mods = NULL;
smbldap_make_mod(ldap_state->smbldap_state->ldap_struct, NULL, &mods, "objectClass",
- "sambaSidEntry");
+ LDAP_OBJ_SID_ENTRY);
smbldap_make_mod(ldap_state->smbldap_state->ldap_struct, NULL, &mods, "objectClass",
- "sambaGroupMapping");
-
+ LDAP_OBJ_GROUPMAP);
smbldap_make_mod(ldap_state->smbldap_state->ldap_struct, NULL, &mods, "sambaSid",
sid_string_talloc(mem_ctx, &map->sid));
smbldap_make_mod(ldap_state->smbldap_state->ldap_struct, NULL, &mods, "sambaGroupType",
LDAPMod **mods = NULL;
int rc;
enum lsa_SidType type = SID_NAME_USE_NONE;
+ fstring tmp;
char *filter = NULL;
if (asprintf(&filter,
"(&(objectClass=%s)(sambaSid=%s)(sambaGroupType=%d))",
- LDAP_OBJ_GROUPMAP, sid_string_static(alias),
+ LDAP_OBJ_GROUPMAP, sid_to_fstring(tmp, alias),
type) < 0) {
return NT_STATUS_NO_MEMORY;
}
smbldap_set_mod(&mods, modop,
get_attr_key2string(groupmap_attr_list,
LDAP_ATTR_SID_LIST),
- sid_string_static(member));
+ sid_to_fstring(tmp, member));
rc = smbldap_modify(ldap_state->smbldap_state, dn, mods);
char *filter = NULL;
size_t num_members = 0;
enum lsa_SidType type = SID_NAME_USE_NONE;
+ fstring tmp;
*pp_members = NULL;
*p_num_members = 0;
if (asprintf(&filter,
"(&(objectClass=%s)(sambaSid=%s)(sambaGroupType=%d))",
- LDAP_OBJ_GROUPMAP, sid_string_static(alias),
+ LDAP_OBJ_GROUPMAP, sid_to_fstring(tmp, alias),
type) < 0) {
return NT_STATUS_NO_MEMORY;
}
for (i=0; i<count; i++) {
DOM_SID member;
+ NTSTATUS status;
if (!string_to_sid(&member, values[i]))
continue;
- if (!add_sid_to_array(NULL, &member, pp_members, &num_members)) {
+ status = add_sid_to_array(NULL, &member, pp_members,
+ &num_members);
+ if (!NT_STATUS_IS_OK(status)) {
ldap_value_free(values);
ldap_msgfree(result);
- return NT_STATUS_NO_MEMORY;
+ return status;
}
}
for (i=0; i<num_rids; i++) {
DOM_SID sid;
sid_compose(&sid, domain_sid, rids[i]);
- allsids = talloc_asprintf_append_buffer(allsids, "(sambaSid=%s)",
- sid_string_static(&sid));
+ allsids = talloc_asprintf_append_buffer(
+ allsids, "(sambaSid=%s)",
+ sid_string_talloc(mem_ctx, &sid));
if (allsids == NULL) {
goto done;
}
char *escaped = NULL;
char *result = NULL;
- asprintf(&filter, "(&%s(objectclass=sambaSamAccount))",
- "(uid=%u)");
+ asprintf(&filter, "(&%s(objectclass=%s))",
+ "(uid=%u)", LDAP_OBJ_SAMBASAMACCOUNT);
if (filter == NULL) goto done;
escaped = escape_ldap_string_alloc(username);
struct samr_displayentry *result)
{
char **vals;
+ size_t converted_size;
DOM_SID sid;
uint32 acct_flags;
DEBUG(5, ("\"uid\" not found\n"));
return False;
}
- pull_utf8_talloc(mem_ctx,
- CONST_DISCARD(char **, &result->account_name),
- vals[0]);
+ if (!pull_utf8_talloc(mem_ctx,
+ CONST_DISCARD(char **, &result->account_name),
+ vals[0], &converted_size))
+ {
+ DEBUG(0,("ldapuser2displayentry: pull_utf8_talloc failed: %s",
+ strerror(errno)));
+ }
+
ldap_value_free(vals);
vals = ldap_get_values(ld, entry, "displayName");
if ((vals == NULL) || (vals[0] == NULL))
DEBUG(8, ("\"displayName\" not found\n"));
- else
- pull_utf8_talloc(mem_ctx,
- CONST_DISCARD(char **, &result->fullname),
- vals[0]);
+ else if (!pull_utf8_talloc(mem_ctx,
+ CONST_DISCARD(char **, &result->fullname),
+ vals[0], &converted_size))
+ {
+ DEBUG(0,("ldapuser2displayentry: pull_utf8_talloc failed: %s",
+ strerror(errno)));
+ }
+
ldap_value_free(vals);
vals = ldap_get_values(ld, entry, "description");
if ((vals == NULL) || (vals[0] == NULL))
DEBUG(8, ("\"description\" not found\n"));
- else
- pull_utf8_talloc(mem_ctx,
- CONST_DISCARD(char **, &result->description),
- vals[0]);
+ else if (!pull_utf8_talloc(mem_ctx,
+ CONST_DISCARD(char **, &result->description),
+ vals[0], &converted_size))
+ {
+ DEBUG(0,("ldapuser2displayentry: pull_utf8_talloc failed: %s",
+ strerror(errno)));
+ }
+
ldap_value_free(vals);
if ((result->account_name == NULL) ||
struct samr_displayentry *result)
{
char **vals;
+ size_t converted_size;
DOM_SID sid;
uint16 group_type;
DEBUG(5, ("\"cn\" not found\n"));
return False;
}
- pull_utf8_talloc(mem_ctx,
- CONST_DISCARD(char **, &result->account_name),
- vals[0]);
+ if (!pull_utf8_talloc(mem_ctx,
+ CONST_DISCARD(char **,
+ &result->account_name),
+ vals[0], &converted_size))
+ {
+ DEBUG(0,("ldapgroup2displayentry: pull_utf8_talloc "
+ "failed: %s", strerror(errno)));
+ }
}
- else {
- pull_utf8_talloc(mem_ctx,
- CONST_DISCARD(char **, &result->account_name),
- vals[0]);
+ else if (!pull_utf8_talloc(mem_ctx,
+ CONST_DISCARD(char **,
+ &result->account_name),
+ vals[0], &converted_size))
+ {
+ DEBUG(0,("ldapgroup2displayentry: pull_utf8_talloc failed: %s",
+ strerror(errno)));
}
ldap_value_free(vals);
vals = ldap_get_values(ld, entry, "description");
if ((vals == NULL) || (vals[0] == NULL))
DEBUG(8, ("\"description\" not found\n"));
- else
- pull_utf8_talloc(mem_ctx,
- CONST_DISCARD(char **, &result->description),
- vals[0]);
+ else if (!pull_utf8_talloc(mem_ctx,
+ CONST_DISCARD(char **, &result->description),
+ vals[0], &converted_size))
+ {
+ DEBUG(0,("ldapgroup2displayentry: pull_utf8_talloc failed: %s",
+ strerror(errno)));
+ }
ldap_value_free(vals);
if ((result->account_name == NULL) ||
DEBUG(0,("unkown group type: %d\n", group_type));
return False;
}
-
+
+ result->acct_flags = 0;
+
return True;
}
struct ldapsam_privates *ldap_state =
(struct ldapsam_privates *)methods->private_data;
struct ldap_search_state *state;
+ fstring tmp;
state = TALLOC_P(search->mem_ctx, struct ldap_search_state);
if (state == NULL) {
state->connection = ldap_state->smbldap_state;
state->scope = LDAP_SCOPE_SUBTREE;
state->filter = talloc_asprintf(search->mem_ctx,
- "(&(objectclass=sambaGroupMapping)"
- "(sambaGroupType=%d)(sambaSID=%s*))",
- type, sid_string_static(sid));
+ "(&(objectclass=%s)"
+ "(sambaGroupType=%d)(sambaSID=%s*))",
+ LDAP_OBJ_GROUPMAP,
+ type, sid_to_fstring(tmp, sid));
state->attrs = talloc_attrs(search->mem_ctx, "cn", "sambaSid",
"displayName", "description",
"sambaGroupType", NULL);
rc = smbldap_search_suffix(ldap_state->smbldap_state, filter, NULL, &result);
if (rc != LDAP_SUCCESS) {
DEBUG(0,("ldapsam_create_user: ldap search failed!\n"));
- return NT_STATUS_UNSUCCESSFUL;
+ return NT_STATUS_ACCESS_DENIED;
}
talloc_autofree_ldapmsg(tmp_ctx, result);
DEBUG(0,("ldapsam_set_primary_group: Attempt to set primary group for user [%s]\n", pdb_get_username(sampass)));
if (!sid_to_gid(pdb_get_group_sid(sampass), &gid)) {
- DEBUG(0,("ldapsam_set_primary_group: failed to retieve gid from user's group SID!\n"));
+ DEBUG(0,("ldapsam_set_primary_group: failed to retrieve gid from user's group SID!\n"));
return NT_STATUS_UNSUCCESSFUL;
}
gidstr = talloc_asprintf(mem_ctx, "%d", gid);
}
static bool get_trusteddom_pw_int(struct ldapsam_privates *ldap_state,
+ TALLOC_CTX *mem_ctx,
const char *domain, LDAPMessage **entry)
{
int rc;
rc = smbldap_search(ldap_state->smbldap_state, trusted_dn, scope,
filter, attrs, attrsonly, &result);
+ if (result != NULL) {
+ talloc_autofree_ldapmsg(mem_ctx, result);
+ }
+
if (rc == LDAP_NO_SUCH_OBJECT) {
*entry = NULL;
return True;
if (num_result > 1) {
DEBUG(1, ("ldapsam_get_trusteddom_pw: more than one "
- "sambaTrustedDomainPassword object for domain '%s'"
- "?!\n", domain));
+ "%s object for domain '%s'?!\n",
+ LDAP_OBJ_TRUSTDOM_PASSWORD, domain));
return False;
}
if (num_result == 0) {
DEBUG(1, ("ldapsam_get_trusteddom_pw: no "
- "sambaTrustedDomainPassword object for domain %s.\n",
- domain));
+ "%s object for domain %s.\n",
+ LDAP_OBJ_TRUSTDOM_PASSWORD, domain));
*entry = NULL;
} else {
*entry = ldap_first_entry(priv2ld(ldap_state), result);
DEBUG(10, ("ldapsam_get_trusteddom_pw called for domain %s\n", domain));
- if (!get_trusteddom_pw_int(ldap_state, domain, &entry) ||
+ if (!get_trusteddom_pw_int(ldap_state, talloc_tos(), domain, &entry) ||
(entry == NULL))
{
return False;
* get the current entry (if there is one) in order to put the
* current password into the previous password attribute
*/
- if (!get_trusteddom_pw_int(ldap_state, domain, &entry)) {
+ if (!get_trusteddom_pw_int(ldap_state, talloc_tos(), domain, &entry)) {
return False;
}
mods = NULL;
smbldap_make_mod(priv2ld(ldap_state), entry, &mods, "objectClass",
- "sambaTrustedDomainPassword");
+ LDAP_OBJ_TRUSTDOM_PASSWORD);
smbldap_make_mod(priv2ld(ldap_state), entry, &mods, "sambaDomainName",
domain);
smbldap_make_mod(priv2ld(ldap_state), entry, &mods, "sambaSID",
talloc_asprintf(talloc_tos(), "%li", time(NULL)));
smbldap_make_mod(priv2ld(ldap_state), entry, &mods,
"sambaClearTextPassword", pwd);
+
+ talloc_autofree_ldapmod(talloc_tos(), mods);
+
if (entry != NULL) {
prev_pwd = smbldap_talloc_single_attribute(priv2ld(ldap_state),
entry, "sambaClearTextPassword", talloc_tos());
LDAPMessage *entry = NULL;
const char *trusted_dn;
- if (!get_trusteddom_pw_int(ldap_state, domain, &entry)) {
+ if (!get_trusteddom_pw_int(ldap_state, talloc_tos(), domain, &entry)) {
return False;
}
attrsonly,
&result);
+ if (result != NULL) {
+ talloc_autofree_ldapmsg(mem_ctx, result);
+ }
+
if (rc != LDAP_SUCCESS) {
return NT_STATUS_UNSUCCESSFUL;
}
(*pdb_method)->name = "ldapsam";
- (*pdb_method)->setsampwent = ldapsam_setsampwent;
- (*pdb_method)->endsampwent = ldapsam_endsampwent;
- (*pdb_method)->getsampwent = ldapsam_getsampwent;
(*pdb_method)->getsampwnam = ldapsam_getsampwnam;
(*pdb_method)->getsampwsid = ldapsam_getsampwsid;
(*pdb_method)->add_sam_account = ldapsam_add_sam_account;
entry,
get_userattr_key2string(ldap_state->schema_ver,
LDAP_ATTR_USER_SID),
- NULL);
+ talloc_tos());
if (domain_sid_string) {
bool found_sid;
entry,
get_attr_key2string( dominfo_attr_list,
LDAP_ATTR_ALGORITHMIC_RID_BASE ),
- NULL);
+ talloc_tos());
if (alg_rid_base_string) {
alg_rid_base = (uint32)atol(alg_rid_base_string);
if (alg_rid_base != algorithmic_rid_base()) {