#include "libcli/ldap/ldap_ndr.h"
#include "libcli/security/security.h"
#include "rpc_server/samr/proto.h"
-#include "util/util_ldb.h"
+#include "../lib/util/util_ldb.h"
#include "param/param.h"
/* these query macros make samr_Query[User|Group]Info a bit easier to read */
partitions_basedn = samdb_partitions_dn(c_state->sam_ctx, mem_ctx);
- ret = ldb_search_exp_fmt(c_state->sam_ctx, mem_ctx, &dom_res, ldb_get_default_basedn(c_state->sam_ctx),
+ ret = ldb_search(c_state->sam_ctx, mem_ctx, &dom_res, ldb_get_default_basedn(c_state->sam_ctx),
LDB_SCOPE_SUBTREE, dom_attrs, "(|(|(objectClass=domain)(objectClass=builtinDomain))(objectClass=samba4LocalDomain))");
if (ret != LDB_SUCCESS) {
DEBUG(0,("samdb: unable to find domains: %s\n", ldb_errstring(c_state->sam_ctx)));
for (i=0;i<dom_res->count-start_i;i++) {
array->entries[i].idx = start_i + i;
/* try and find the domain */
- ret = ldb_search_exp_fmt(c_state->sam_ctx, mem_ctx, &ref_res, partitions_basedn,
+ ret = ldb_search(c_state->sam_ctx, mem_ctx, &ref_res, partitions_basedn,
LDB_SCOPE_SUBTREE, ref_attrs, "(&(objectClass=crossRef)(ncName=%s))",
ldb_dn_get_linearized(dom_res->msgs[i]->dn));
/*
return DomInfo2
*/
-static NTSTATUS dcesrv_samr_info_DomInfo2(struct samr_domain_state *state,
- TALLOC_CTX *mem_ctx,
- struct ldb_message **dom_msgs,
- struct samr_DomInfo2 *info)
+static NTSTATUS dcesrv_samr_info_DomGeneralInformation(struct samr_domain_state *state,
+ TALLOC_CTX *mem_ctx,
+ struct ldb_message **dom_msgs,
+ struct samr_DomGeneralInformation *info)
{
/* This pulls the NetBIOS name from the
cn=NTDS Settings,cn=<NETBIOS name of PDC>,....
info->force_logoff_time = ldb_msg_find_attr_as_uint64(dom_msgs[0], "forceLogoff",
0x8000000000000000LL);
- info->comment.string = samdb_result_string(dom_msgs[0], "comment", NULL);
+ info->oem_information.string = samdb_result_string(dom_msgs[0], "oEMInformation", NULL);
info->domain_name.string = state->domain_name;
info->sequence_num = ldb_msg_find_attr_as_uint64(dom_msgs[0], "modifiedCount",
/*
return DomInfo4
*/
-static NTSTATUS dcesrv_samr_info_DomInfo4(struct samr_domain_state *state,
+static NTSTATUS dcesrv_samr_info_DomOEMInformation(struct samr_domain_state *state,
TALLOC_CTX *mem_ctx,
struct ldb_message **dom_msgs,
- struct samr_DomInfo4 *info)
+ struct samr_DomOEMInformation *info)
{
- info->comment.string = samdb_result_string(dom_msgs[0], "comment", NULL);
+ info->oem_information.string = samdb_result_string(dom_msgs[0], "oEMInformation", NULL);
return NT_STATUS_OK;
}
/*
return DomInfo11
*/
-static NTSTATUS dcesrv_samr_info_DomInfo11(struct samr_domain_state *state,
+static NTSTATUS dcesrv_samr_info_DomGeneralInformation2(struct samr_domain_state *state,
TALLOC_CTX *mem_ctx,
struct ldb_message **dom_msgs,
- struct samr_DomInfo11 *info)
+ struct samr_DomGeneralInformation2 *info)
{
NTSTATUS status;
- status = dcesrv_samr_info_DomInfo2(state, mem_ctx, dom_msgs, &info->info2);
+ status = dcesrv_samr_info_DomGeneralInformation(state, mem_ctx, dom_msgs, &info->general);
if (!NT_STATUS_IS_OK(status)) {
return status;
}
case 2:
{
static const char * const attrs2[] = {"forceLogoff",
- "comment",
+ "oEMInformation",
"modifiedCount",
"fSMORoleOwner",
NULL};
}
case 4:
{
- static const char * const attrs2[] = {"comment",
+ static const char * const attrs2[] = {"oEMInformation",
NULL};
attrs = attrs2;
break;
break;
case 11:
{
- static const char * const attrs2[] = { "comment", "forceLogoff",
+ static const char * const attrs2[] = { "oEMInformation", "forceLogoff",
"modifiedCount",
"lockoutDuration",
"lockOutObservationWindow",
switch (r->in.level) {
case 1:
return dcesrv_samr_info_DomInfo1(d_state, mem_ctx, dom_msgs,
- &r->out.info->info1);
+ &r->out.info->info1);
case 2:
- return dcesrv_samr_info_DomInfo2(d_state, mem_ctx, dom_msgs,
- &r->out.info->info2);
+ return dcesrv_samr_info_DomGeneralInformation(d_state, mem_ctx, dom_msgs,
+ &r->out.info->general);
case 3:
return dcesrv_samr_info_DomInfo3(d_state, mem_ctx, dom_msgs,
- &r->out.info->info3);
+ &r->out.info->info3);
case 4:
- return dcesrv_samr_info_DomInfo4(d_state, mem_ctx, dom_msgs,
- &r->out.info->info4);
+ return dcesrv_samr_info_DomOEMInformation(d_state, mem_ctx, dom_msgs,
+ &r->out.info->oem);
case 5:
return dcesrv_samr_info_DomInfo5(d_state, mem_ctx, dom_msgs,
- &r->out.info->info5);
+ &r->out.info->info5);
case 6:
return dcesrv_samr_info_DomInfo6(d_state, mem_ctx, dom_msgs,
- &r->out.info->info6);
+ &r->out.info->info6);
case 7:
return dcesrv_samr_info_DomInfo7(d_state, mem_ctx, dom_msgs,
- &r->out.info->info7);
+ &r->out.info->info7);
case 8:
return dcesrv_samr_info_DomInfo8(d_state, mem_ctx, dom_msgs,
- &r->out.info->info8);
+ &r->out.info->info8);
case 9:
return dcesrv_samr_info_DomInfo9(d_state, mem_ctx, dom_msgs,
- &r->out.info->info9);
+ &r->out.info->info9);
case 11:
- return dcesrv_samr_info_DomInfo11(d_state, mem_ctx, dom_msgs,
- &r->out.info->info11);
+ return dcesrv_samr_info_DomGeneralInformation2(d_state, mem_ctx, dom_msgs,
+ &r->out.info->general2);
case 12:
return dcesrv_samr_info_DomInfo12(d_state, mem_ctx, dom_msgs,
- &r->out.info->info12);
+ &r->out.info->info12);
case 13:
return dcesrv_samr_info_DomInfo13(d_state, mem_ctx, dom_msgs,
- &r->out.info->info13);
+ &r->out.info->info13);
}
-
+
return NT_STATUS_INVALID_INFO_CLASS;
}
SET_INT64 (msg, info1.min_password_age, "minPwdAge");
break;
case 3:
- SET_UINT64 (msg, info3.force_logoff_time, "forceLogoff");
+ SET_UINT64 (msg, info3.force_logoff_time, "forceLogoff");
break;
case 4:
- SET_STRING(msg, info4.comment, "comment");
+ SET_STRING(msg, oem.oem_information, "oEMInformation");
break;
case 6:
d_state = h->data;
/* don't have to worry about users in the builtin domain, as there are none */
- ret = ldb_search_exp_fmt(d_state->sam_ctx, mem_ctx, &res, d_state->domain_dn, LDB_SCOPE_SUBTREE, attrs, "objectClass=user");
+ ret = ldb_search(d_state->sam_ctx, mem_ctx, &res, d_state->domain_dn, LDB_SCOPE_SUBTREE, attrs, "objectClass=user");
if (ret != LDB_SUCCESS) {
DEBUG(3, ("Failed to search for Domain Users in %s: %s\n",
a_state = h->data;
- ret = ldb_search_exp_fmt(a_state->sam_ctx, mem_ctx, &res, a_state->account_dn, LDB_SCOPE_SUBTREE, attrs, "objectClass=*");
+ ret = ldb_search(a_state->sam_ctx, mem_ctx, &res, a_state->account_dn, LDB_SCOPE_SUBTREE, attrs, "objectClass=*");
if (ret == LDB_ERR_NO_SUCH_OBJECT) {
return NT_STATUS_NO_SUCH_GROUP;
/* In native mode, AD can also nest domain groups. Not sure yet
* whether this is also available via RPC. */
- ret = ldb_search_exp_fmt(d_state->sam_ctx, mem_ctx, &res,
+ ret = ldb_search(d_state->sam_ctx, mem_ctx, &res,
d_state->domain_dn, LDB_SCOPE_SUBTREE, attrs,
"(&(objectSid=%s)(objectclass=user))",
ldap_encode_ndr_dom_sid(mem_ctx, membersid));
/* In native mode, AD can also nest domain groups. Not sure yet
* whether this is also available via RPC. */
- ret = ldb_search_exp_fmt(d_state->sam_ctx, mem_ctx, &res,
+ ret = ldb_search(d_state->sam_ctx, mem_ctx, &res,
d_state->domain_dn, LDB_SCOPE_SUBTREE, attrs,
"(&(objectSid=%s)(objectclass=user))",
ldap_encode_ndr_dom_sid(mem_ctx, membersid));
struct ldb_message **res2;
const char * const attrs2[2] = { "objectSid", NULL };
ret = gendb_search_dn(a_state->sam_ctx, mem_ctx,
- ldb_dn_new(mem_ctx, a_state->sam_ctx, (const char *)el->values[i].data),
+ ldb_dn_from_ldb_val(mem_ctx, a_state->sam_ctx, &el->values[i]),
&res2, attrs2);
if (ret != 1)
return NT_STATUS_INTERNAL_DB_CORRUPTION;
ret = gendb_search_dn(d_state->sam_ctx, mem_ctx,
a_state->account_dn, &msgs, attrs);
- if (ret != 1)
+ if (ret == -1) {
+ return NT_STATUS_INTERNAL_DB_CORRUPTION;
+ } else if (ret == 0) {
+ return NT_STATUS_OBJECT_NAME_NOT_FOUND;
+ } else if (ret != 1) {
return NT_STATUS_INTERNAL_DB_CORRUPTION;
+ }
r->out.sids->num_sids = 0;
r->out.sids->sids = NULL;
struct ldb_message **msgs2;
const char * const attrs2[2] = { "objectSid", NULL };
ret = gendb_search_dn(a_state->sam_ctx, mem_ctx,
- ldb_dn_new(mem_ctx, a_state->sam_ctx, (const char *)el->values[i].data),
- &msgs2, attrs2);
+ ldb_dn_from_ldb_val(mem_ctx, a_state->sam_ctx, &el->values[i]),
+ &msgs2, attrs2);
if (ret != 1)
return NT_STATUS_INTERNAL_DB_CORRUPTION;
case 1:
{
static const char * const attrs2[] = {"sAMAccountName", "displayName",
- "primaryGroupID", "description",
+ "primaryroupID", "description",
"comment", NULL};
attrs = attrs2;
break;
status = dcesrv_samr_Connect(dce_call, mem_ctx, &c);
- r->out.info->info1.unknown1 = 3;
+ r->out.info->info1.client_version = SAMR_CONNECT_AFTER_W2K;
r->out.info->info1.unknown2 = 0;
r->out.level = r->in.level;