s4-cracknames: fixed cracknames to use more specific search

this uses the bitwise comparison ldap operators to ensure we only get
NC roots

Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>

Autobuild-User: Andrew Bartlett <abartlet@samba.org>
Autobuild-Date: Mon Sep  5 12:48:39 CEST 2011 on sn-devel-104

diff --git a/source4/dsdb/samdb/cracknames.c b/source4/dsdb/samdb/cracknames.c
index 1e70a7731c869c35eb2f0df43696842961fef73c..105de560566487461af53f62d3f7cfba9084378e 100644 (file)
--- a/source4/dsdb/samdb/cracknames.c
+++ b/source4/dsdb/samdb/cracknames.c
@@ -299,12 +299,14 @@ static WERROR DsCrackNameUPN(struct ldb_context *sam_ctx, TALLOC_CTX *mem_ctx,
                                         principal);
 
        ldb_ret = ldb_search(sam_ctx, mem_ctx, &domain_res,
-                                    samdb_partitions_dn(sam_ctx, mem_ctx), 
-                                    LDB_SCOPE_ONELEVEL,
-                                    domain_attrs,
-                                    "(&(&(|(&(dnsRoot=%s)(nETBIOSName=*))(nETBIOSName=%s))(objectclass=crossRef))(ncName=*))",
-                                    ldb_binary_encode_string(mem_ctx, realm), 
-                                    ldb_binary_encode_string(mem_ctx, realm));
+                            samdb_partitions_dn(sam_ctx, mem_ctx),
+                            LDB_SCOPE_ONELEVEL,
+                            domain_attrs,
+                            "(&(objectClass=crossRef)(|(dnsRoot=%s)(netbiosName=%s))(systemFlags:%s:=%u))",
+                            ldb_binary_encode_string(mem_ctx, realm),
+                            ldb_binary_encode_string(mem_ctx, realm),
+                            LDB_OID_COMPARATOR_AND,
+                            SYSTEM_FLAG_CR_NTDS_DOMAIN);
 
        if (ldb_ret != LDB_SUCCESS) {
                DEBUG(2, ("DsCrackNameUPN domain ref search failed: %s\n", ldb_errstring(sam_ctx)));
@@ -464,7 +466,6 @@ WERROR DsCrackNameOneName(struct ldb_context *sam_ctx, TALLOC_CTX *mem_ctx,
        case DRSUAPI_DS_NAME_FORMAT_NT4_ACCOUNT: {
                char *p;
                char *domain;
-               struct ldb_dn *dn_domain;
                const char *account = NULL;
 
                domain = talloc_strdup(mem_ctx, name);
@@ -482,14 +483,12 @@ WERROR DsCrackNameOneName(struct ldb_context *sam_ctx, TALLOC_CTX *mem_ctx,
                        account = &p[1];
                }
 
-               /* it could be in DNS domain form */
-               dn_domain = samdb_dns_domain_to_dn(sam_ctx, mem_ctx, domain);
-               W_ERROR_HAVE_NO_MEMORY(dn_domain);
-
                domain_filter = talloc_asprintf(mem_ctx, 
-                                               "(&(&(|(nETBIOSName=%s)(nCName=%s))(objectclass=crossRef))(ncName=*))",
+                                               "(&(objectClass=crossRef)(|(dnsRoot=%s)(netbiosName=%s))(systemFlags:%s:=%u))",
+                                               ldb_binary_encode_string(mem_ctx, domain),
                                                ldb_binary_encode_string(mem_ctx, domain),
-                                               ldb_dn_get_linearized(dn_domain));
+                                               LDB_OID_COMPARATOR_AND,
+                                               SYSTEM_FLAG_CR_NTDS_DOMAIN);
                W_ERROR_HAVE_NO_MEMORY(domain_filter);
                if (account) {
                        result_filter = talloc_asprintf(mem_ctx, "(sAMAccountName=%s)",