static WERROR dsdb_syntax_NTTIME_ldb_to_drsuapi(struct ldb_context *ldb,
const struct dsdb_schema *schema,
const struct dsdb_attribute *attr,
const struct ldb_message_element *in,
TALLOC_CTX *mem_ctx,
struct drsuapi_DsReplicaAttribute *out)
{
uint32_t i;
DATA_BLOB *blobs;
if (attr->attributeID_id == 0xFFFFFFFF) {
return WERR_FOOBAR;
}
out->attid = attr->attributeID_id;
out->value_ctr.num_values = in->num_values;
out->value_ctr.values = talloc_array(mem_ctx,
struct drsuapi_DsAttributeValue,
in->num_values);
W_ERROR_HAVE_NO_MEMORY(out->value_ctr.values);
blobs = talloc_array(mem_ctx, DATA_BLOB, in->num_values);
W_ERROR_HAVE_NO_MEMORY(blobs);
for (i=0; i < in->num_values; i++) {
NTTIME v;
time_t t;
out->value_ctr.values[i].blob = &blobs[i];
blobs[i] = data_blob_talloc(blobs, NULL, 8);
W_ERROR_HAVE_NO_MEMORY(blobs[i].data);
t = ldb_string_to_time((const char *)in->values[i].data);
unix_to_nt_time(&v, t);
v /= 10000000;
SBVAL(blobs[i].data, 0, v);
}
return WERR_OK;
}
/*
return sequenceNumber from @BASEINFO
*/
static int ltdb_sequence_number(struct ltdb_context *ctx,
struct ldb_extended **ext)
{
struct ldb_context *ldb;
struct ldb_module *module = ctx->module;
struct ldb_request *req = ctx->req;
TALLOC_CTX *tmp_ctx = NULL;
struct ldb_seqnum_request *seq;
struct ldb_seqnum_result *res;
struct ldb_message *msg = NULL;
struct ldb_dn *dn;
const char *date;
int ret = LDB_SUCCESS;
ldb = ldb_module_get_ctx(module);
seq = talloc_get_type(req->op.extended.data,
struct ldb_seqnum_request);
if (seq == NULL) {
return LDB_ERR_OPERATIONS_ERROR;
}
ldb_request_set_state(req, LDB_ASYNC_PENDING);
if (ltdb_lock_read(module) != 0) {
return LDB_ERR_OPERATIONS_ERROR;
}
res = talloc_zero(req, struct ldb_seqnum_result);
if (res == NULL) {
ret = LDB_ERR_OPERATIONS_ERROR;
goto done;
}
tmp_ctx = talloc_new(req);
if (tmp_ctx == NULL) {
ret = LDB_ERR_OPERATIONS_ERROR;
goto done;
}
dn = ldb_dn_new(tmp_ctx, ldb, LTDB_BASEINFO);
if (dn == NULL) {
ret = LDB_ERR_OPERATIONS_ERROR;
goto done;
}
msg = ldb_msg_new(tmp_ctx);
if (msg == NULL) {
ret = LDB_ERR_OPERATIONS_ERROR;
goto done;
}
ret = ltdb_search_dn1(module, dn, msg);
if (ret != LDB_SUCCESS) {
goto done;
}
switch (seq->type) {
case LDB_SEQ_HIGHEST_SEQ:
res->seq_num = ldb_msg_find_attr_as_uint64(msg, LTDB_SEQUENCE_NUMBER, 0);
break;
case LDB_SEQ_NEXT:
res->seq_num = ldb_msg_find_attr_as_uint64(msg, LTDB_SEQUENCE_NUMBER, 0);
res->seq_num++;
break;
case LDB_SEQ_HIGHEST_TIMESTAMP:
date = ldb_msg_find_attr_as_string(msg, LTDB_MOD_TIMESTAMP, NULL);
if (date) {
res->seq_num = ldb_string_to_time(date);
} else {
res->seq_num = 0;
/* zero is as good as anything when we don't know */
}
break;
}
*ext = talloc_zero(req, struct ldb_extended);
if (*ext == NULL) {
ret = LDB_ERR_OPERATIONS_ERROR;
goto done;
}
(*ext)->oid = LDB_EXTENDED_SEQUENCE_NUMBER;
(*ext)->data = talloc_steal(*ext, res);
done:
talloc_free(tmp_ctx);
ltdb_unlock_read(module);
return ret;
}
/*
check to see if any deleted objects need scavenging
*/
NTSTATUS kccsrv_check_deleted(struct kccsrv_service *s, TALLOC_CTX *mem_ctx)
{
struct kccsrv_partition *part;
int ret;
uint32_t tombstoneLifetime;
bool do_fs = false;
time_t interval = lpcfg_parm_int(s->task->lp_ctx, NULL, "kccsrv",
"check_deleted_full_scan_interval", 86400);
time_t t = time(NULL);
if (t - s->last_deleted_check < lpcfg_parm_int(s->task->lp_ctx, NULL, "kccsrv",
"check_deleted_interval", 600)) {
return NT_STATUS_OK;
}
s->last_deleted_check = t;
ret = dsdb_tombstone_lifetime(s->samdb, &tombstoneLifetime);
if (ret != LDB_SUCCESS) {
DEBUG(1,(__location__ ": Failed to get tombstone lifetime\n"));
return NT_STATUS_INTERNAL_DB_CORRUPTION;
}
if (s->last_full_scan_deleted_check > 0 && ((t - s->last_full_scan_deleted_check) > interval )) {
do_fs = true;
s->last_full_scan_deleted_check = t;
}
if (s->last_full_scan_deleted_check == 0) {
/*
* If we never made a full scan set the last full scan event to be in the past
* and that 9/10 of the full scan interval has already passed.
* This is done to avoid the full scan to fire just at the begining of samba
* or a couple of minutes after the start.
* With this "setup" and default values of interval, the full scan will fire
* 2.4 hours after the start of samba
*/
s->last_full_scan_deleted_check = t - ((9 * interval) / 10);
}
for (part=s->partitions; part; part=part->next) {
struct ldb_dn *do_dn;
struct ldb_result *res;
const char *attrs[] = { "whenChanged", NULL };
unsigned int i;
ret = dsdb_get_deleted_objects_dn(s->samdb, mem_ctx, part->dn, &do_dn);
if (ret != LDB_SUCCESS) {
/* some partitions have no Deleted Objects
container */
continue;
}
if (!do_fs && ldb_dn_compare(ldb_get_config_basedn(s->samdb), part->dn)) {
ret = dsdb_search(s->samdb, do_dn, &res, do_dn, LDB_SCOPE_ONELEVEL, attrs,
DSDB_SEARCH_SHOW_RECYCLED, NULL);
} else {
if (do_fs) {
DEBUG(1, ("Doing a full scan on %s and looking for deleted object\n",
ldb_dn_get_linearized(part->dn)));
}
ret = dsdb_search(s->samdb, part->dn, &res, part->dn, LDB_SCOPE_SUBTREE, attrs,
DSDB_SEARCH_SHOW_RECYCLED, "(isDeleted=TRUE)");
}
if (ret != LDB_SUCCESS) {
DEBUG(1,(__location__ ": Failed to search for deleted objects in %s\n",
ldb_dn_get_linearized(do_dn)));
talloc_free(do_dn);
continue;
}
for (i=0; i<res->count; i++) {
const char *tstring;
time_t whenChanged = 0;
if (ldb_dn_compare(do_dn, res->msgs[i]->dn) == 0) {
/* Skip the Deleted Object Container */
continue;
}
tstring = ldb_msg_find_attr_as_string(res->msgs[i], "whenChanged", NULL);
if (tstring) {
whenChanged = ldb_string_to_time(tstring);
}
if (t - whenChanged > tombstoneLifetime*60*60*24) {
ret = dsdb_delete(s->samdb, res->msgs[i]->dn, DSDB_SEARCH_SHOW_DELETED);
if (ret != LDB_SUCCESS) {
DEBUG(1,(__location__ ": Failed to remove deleted object %s\n",
ldb_dn_get_linearized(res->msgs[i]->dn)));
} else {
DEBUG(4,("Removed deleted object %s\n",
ldb_dn_get_linearized(res->msgs[i]->dn)));
}
}
}
talloc_free(do_dn);
}
return NT_STATUS_OK;
}
