r8791: (missing from previous commit)

author Andrew Bartlett <abartlet@samba.org>

Wed, 27 Jul 2005 00:24:47 +0000 (00:24 +0000)

committer Gerald (Jerry) Carter <jerry@samba.org>

Wed, 10 Oct 2007 18:30:06 +0000 (13:30 -0500)
author Andrew Bartlett <abartlet@samba.org>
Wed, 27 Jul 2005 00:24:47 +0000 (00:24 +0000)
committer Gerald (Jerry) Carter <jerry@samba.org>
Wed, 10 Oct 2007 18:30:06 +0000 (13:30 -0500)
diff --git a/source4/dsdb/samdb/ldb_modules/samldb.c b/source4/dsdb/samdb/ldb_modules/samldb.c

index 7b82621c8da5ff99df8ee2fb059915f86d620d56..88c1ab58048c0c76a3894a4069e57ced1138b5e5 100644 (file)
--- a/source4/dsdb/samdb/ldb_modules/samldb.c
+++ b/source4/dsdb/samdb/ldb_modules/samldb.c
@@ -243,10 +243,9 @@ static char *samldb_generate_samAccountName(const void *mem_ctx) {
         return name;
  }
  
-static BOOL samldb_get_rdn_and_basedn(void *mem_ctx, const char *dn, struct ldb_dn_component **rdn, char **base_dn)
+static BOOL samldb_get_rdn(void *mem_ctx, const char *dn, struct ldb_dn_component **rdn)
  {
         struct ldb_dn *dn_exploded = ldb_dn_explode(mem_ctx, dn);
-       struct ldb_dn base_dn_exploded;
  
         if (!dn_exploded) {
                 return False;
@@ -256,15 +255,6 @@ static BOOL samldb_get_rdn_and_basedn(void *mem_ctx, const char *dn, struct ldb_
                 return False;
         }
         
-       if (dn_exploded->comp_num < 2) {
-               *base_dn = NULL;
-       } else {
-               base_dn_exploded.comp_num = dn_exploded->comp_num - 1;
-               base_dn_exploded.components = &dn_exploded->components[1];
-               
-               *base_dn = ldb_dn_linearize(mem_ctx, &base_dn_exploded);
-       }
-
         *rdn = &dn_exploded->components[0];
         return True;
  }
@@ -355,7 +345,7 @@ static int samldb_copy_template(struct ldb_module *module, struct ldb_message *m
                             (strcasecmp((char *)el->values[j].data, "Template") == 0 ||
                              strcasecmp((char *)el->values[j].data, "userTemplate") == 0 ||
                              strcasecmp((char *)el->values[j].data, "groupTemplate") == 0 ||
-                            strcasecmp((char *)el->values[j].data, "foreignSecurityTemplate") == 0 ||
+                            strcasecmp((char *)el->values[j].data, "foreignSecurityPrincipalTemplate") == 0 ||
                              strcasecmp((char *)el->values[j].data, "aliasTemplate") == 0 || 
                              strcasecmp((char *)el->values[j].data, "trustedDomainTemplate") == 0 || 
                              strcasecmp((char *)el->values[j].data, "secretTemplate") == 0)) {
@@ -381,7 +371,6 @@ static struct ldb_message *samldb_fill_group_object(struct ldb_module *module, c
         struct ldb_message *msg2;
         struct ldb_message_element *attribute;
         struct ldb_dn_component *rdn;
-       char *basedn;
  
         if (samldb_find_attribute(msg, "objectclass", "group") == NULL) {
                 return NULL;
@@ -401,7 +390,7 @@ static struct ldb_message *samldb_fill_group_object(struct ldb_module *module, c
                 return NULL;
         }
  
-       if ( ! samldb_get_rdn_and_basedn(msg2, msg2->dn, &rdn, &basedn)) {
+       if ( ! samldb_get_rdn(msg2, msg2->dn, &rdn)) {
                 ldb_debug(module->ldb, LDB_DEBUG_FATAL, "samldb_fill_group_object: Bad DN (%s)!\n", msg2->dn);
                 return NULL;
         }
@@ -438,7 +427,6 @@ static struct ldb_message *samldb_fill_user_or_computer_object(struct ldb_module
         struct ldb_message *msg2;
         struct ldb_message_element *attribute;
         struct ldb_dn_component *rdn;
-       char *basedn;
  
         if ((samldb_find_attribute(msg, "objectclass", "user") == NULL) && 
             (samldb_find_attribute(msg, "objectclass", "computer") == NULL)) {
@@ -466,7 +454,7 @@ static struct ldb_message *samldb_fill_user_or_computer_object(struct ldb_module
                 }
         }
  
-       if ( ! samldb_get_rdn_and_basedn(msg2, msg2->dn, &rdn, &basedn)) {
+       if ( ! samldb_get_rdn(msg2, msg2->dn, &rdn)) {
                 return NULL;
         }
         if (strcasecmp(rdn->name, "cn") != 0) {
@@ -503,6 +491,58 @@ static struct ldb_message *samldb_fill_user_or_computer_object(struct ldb_module
         return msg2;
  }
  
+static struct ldb_message *samldb_fill_foreignSecurityPrincipal_object(struct ldb_module *module, const struct ldb_message *msg)
+{
+       struct ldb_message *msg2;
+       struct ldb_message_element *attribute;
+       struct ldb_dn_component *rdn;
+
+       if (samldb_find_attribute(msg, "objectclass", "foreignSecurityPrincipal") == NULL) {
+               return NULL;
+       }
+
+       ldb_debug(module->ldb, LDB_DEBUG_TRACE, "samldb_fill_foreignSecurityPrincipal_object\n");
+
+       /* build the new msg */
+       msg2 = ldb_msg_copy(module->ldb, msg);
+       if (!msg2) {
+               ldb_debug(module->ldb, LDB_DEBUG_FATAL, "samldb_fill_foreignSecurityPrincpal_object: ldb_msg_copy failed!\n");
+               return NULL;
+       }
+
+       if (samldb_copy_template(module, msg2, "(&(CN=TemplateForeignSecurityPrincipal)(objectclass=foreignSecurityPrincipalTemplate))") != 0) {
+               ldb_debug(module->ldb, LDB_DEBUG_WARNING, "samldb_fill_foreignSecurityPrincipal_object: Error copying template!\n");
+               return NULL;
+       }
+
+       if ( ! samldb_get_rdn(msg2, msg2->dn, &rdn)) {
+               ldb_debug(module->ldb, LDB_DEBUG_FATAL, "samldb_fill_foreignSecurityPrincipal_object: Bad DN (%s)!\n", msg2->dn);
+               return NULL;
+       }
+       if (strcasecmp(rdn->name, "cn") != 0) {
+               ldb_debug(module->ldb, LDB_DEBUG_FATAL, "samldb_fill_foreignSecurityPrincipal_object: Bad RDN (%s) for foreignSecurityPrincpal!\n", rdn->name);
+               return NULL;
+       }
+
+       if ((attribute = samldb_find_attribute(msg2, "objectSid", NULL)) == NULL ) {
+               struct dom_sid *sid = dom_sid_parse_talloc(msg2, rdn->value.data);
+               if (sid == NULL) {
+                       ldb_debug(module->ldb, LDB_DEBUG_FATAL, "samldb_fill_foreignSecurityPrincipal_object: internal error! Can't parse sid in CN\n");
+                       return NULL;
+               }
+
+               if (!samldb_msg_add_sid(module, msg2, "objectSid", sid)) {
+                       talloc_free(sid);
+                       return NULL;
+               }
+               talloc_free(sid);
+       }
+
+       talloc_steal(msg, msg2);
+
+       return msg2;
+}
+
  /* add_record */
  static int samldb_add_record(struct ldb_module *module, const struct ldb_message *msg)
  {
@@ -523,6 +563,11 @@ static int samldb_add_record(struct ldb_module *module, const struct ldb_message
                 msg2 = samldb_fill_group_object(module, msg);
         }
  
+       /* perhaps a foreignSecurityPrincipal? */
+       if ( ! msg2 ) {
+               msg2 = samldb_fill_foreignSecurityPrincipal_object(module, msg);
+       }
+
         if (msg2) {
                 ret = ldb_next_add_record(module, msg2);
         } else {
author	Andrew Bartlett <abartlet@samba.org>
	Wed, 27 Jul 2005 00:24:47 +0000 (00:24 +0000)
committer	Gerald (Jerry) Carter <jerry@samba.org>
	Wed, 10 Oct 2007 18:30:06 +0000 (13:30 -0500)