/* construct a subSchemaSubEntry */ static int construct_subschema_subentry(struct ldb_module *module, struct ldb_message *msg, enum ldb_scope scope, struct ldb_request *parent) { struct operational_data *data = talloc_get_type(ldb_module_get_private(module), struct operational_data); char *subSchemaSubEntry; /* We may be being called before the init function has finished */ if (!data) { return LDB_SUCCESS; } /* Try and set this value up, if possible. Don't worry if it * fails, we may not have the DB set up yet, and it's not * really vital anyway */ if (!data->aggregate_dn) { struct ldb_context *ldb = ldb_module_get_ctx(module); data->aggregate_dn = samdb_aggregate_schema_dn(ldb, data); } if (data->aggregate_dn) { subSchemaSubEntry = ldb_dn_alloc_linearized(msg, data->aggregate_dn); return ldb_msg_add_steal_string(msg, "subSchemaSubEntry", subSchemaSubEntry); } return LDB_SUCCESS; }
/* construct a canonical name from a message */ static int construct_canonical_name(struct ldb_module *module, struct ldb_message *msg) { char *canonicalName; canonicalName = ldb_dn_canonical_string(msg, msg->dn); if (canonicalName == NULL) { return -1; } return ldb_msg_add_steal_string(msg, "canonicalName", canonicalName); }
static int prepare_modules_line(struct ldb_context *ldb, TALLOC_CTX *mem_ctx, const struct ldb_message *rootdse_msg, struct ldb_message *msg, const char *backend_attr, const char *backend_mod, const char **backend_mod_list) { int ret; const char **backend_full_list; const char *backend_dn; char *mod_list_string; char *full_string; TALLOC_CTX *tmp_ctx = talloc_new(mem_ctx); if (!tmp_ctx) { return ldb_oom(ldb); } if (backend_attr) { backend_dn = ldb_msg_find_attr_as_string(rootdse_msg, backend_attr, NULL); if (!backend_dn) { ldb_asprintf_errstring(ldb, "samba_dsdb_init: " "unable to read %s from %s:%s", backend_attr, ldb_dn_get_linearized(rootdse_msg->dn), ldb_errstring(ldb)); return LDB_ERR_CONSTRAINT_VIOLATION; } } else { backend_dn = "*"; } if (backend_mod) { backend_full_list = (const char **)str_list_make_single(tmp_ctx, backend_mod); } else { backend_full_list = (const char **)str_list_make_empty(tmp_ctx); } if (!backend_full_list) { talloc_free(tmp_ctx); return ldb_oom(ldb); } backend_full_list = str_list_append_const(backend_full_list, backend_mod_list); if (!backend_full_list) { talloc_free(tmp_ctx); return ldb_oom(ldb); } mod_list_string = str_list_join(tmp_ctx, backend_full_list, ','); if (!mod_list_string) { talloc_free(tmp_ctx); return ldb_oom(ldb); } full_string = talloc_asprintf(tmp_ctx, "%s:%s", backend_dn, mod_list_string); ret = ldb_msg_add_steal_string(msg, "modules", full_string); talloc_free(tmp_ctx); return ret; }
/* construct a canonical name from a message */ static int construct_canonical_name(struct ldb_module *module, struct ldb_message *msg, enum ldb_scope scope, struct ldb_request *parent) { char *canonicalName; canonicalName = ldb_dn_canonical_string(msg, msg->dn); if (canonicalName == NULL) { return ldb_operr(ldb_module_get_ctx(module)); } return ldb_msg_add_steal_string(msg, "canonicalName", canonicalName); }
/* add a DN element to a message WARNING: this uses the linearized string from the dn, and does not copy the string. */ int ldb_msg_add_linearized_dn(struct ldb_message *msg, const char *attr_name, struct ldb_dn *dn) { char *str = ldb_dn_alloc_linearized(msg, dn); if (str == NULL) { /* we don't want to have unknown DNs added */ return LDB_ERR_OPERATIONS_ERROR; } return ldb_msg_add_steal_string(msg, attr_name, str); }
/* add special SPNs needed for DRS replication to machine accounts when an AddEntry is done to create a nTDSDSA object */ static WERROR drsuapi_add_SPNs(struct drsuapi_bind_state *b_state, struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx, const struct drsuapi_DsReplicaObjectListItem *first_object) { int ret; const struct drsuapi_DsReplicaObjectListItem *obj; const char *attrs[] = { "serverReference", "objectGUID", NULL }; for (obj = first_object; obj; obj=obj->next_object) { const char *dn_string = obj->object.identifier->dn; struct ldb_dn *dn = ldb_dn_new(mem_ctx, b_state->sam_ctx, dn_string); struct ldb_result *res, *res2; struct ldb_dn *ref_dn; struct GUID ntds_guid; struct ldb_message *msg; struct ldb_message_element *el; const char *ntds_guid_str; const char *dom_string; const char *attrs2[] = { "dNSHostName", "cn", NULL }; const char *dNSHostName, *cn; DEBUG(6,(__location__ ": Adding SPNs for %s\n", ldb_dn_get_linearized(dn))); ret = ldb_search(b_state->sam_ctx, mem_ctx, &res, dn, LDB_SCOPE_BASE, attrs, "(objectClass=ntDSDSA)"); if (ret != LDB_SUCCESS) { DEBUG(0,(__location__ ": Failed to find dn '%s'\n", dn_string)); return WERR_DS_DRA_INTERNAL_ERROR; } if (res->count < 1) { /* we only add SPNs for nTDSDSA objects */ continue; } ref_dn = samdb_result_dn(b_state->sam_ctx, mem_ctx, res->msgs[0], "serverReference", NULL); if (ref_dn == NULL) { /* we only add SPNs for objects with a serverReference */ continue; } DEBUG(6,(__location__ ": serverReference %s\n", ldb_dn_get_linearized(ref_dn))); ntds_guid = samdb_result_guid(res->msgs[0], "objectGUID"); ntds_guid_str = GUID_string(res, &ntds_guid); dom_string = lpcfg_dnsdomain(dce_call->conn->dce_ctx->lp_ctx); /* get the dNSHostName and cn */ ret = ldb_search(b_state->sam_ctx, mem_ctx, &res2, ref_dn, LDB_SCOPE_BASE, attrs2, NULL); if (ret != LDB_SUCCESS) { DEBUG(0,(__location__ ": Failed to find ref_dn '%s'\n", ldb_dn_get_linearized(ref_dn))); return WERR_DS_DRA_INTERNAL_ERROR; } dNSHostName = ldb_msg_find_attr_as_string(res2->msgs[0], "dNSHostName", NULL); cn = ldb_msg_find_attr_as_string(res2->msgs[0], "cn", NULL); /* * construct a modify request to add the new SPNs to * the machine account */ msg = ldb_msg_new(mem_ctx); if (msg == NULL) { return WERR_NOT_ENOUGH_MEMORY; } msg->dn = ref_dn; ret = ldb_msg_add_empty(msg, "servicePrincipalName", LDB_FLAG_MOD_ADD, &el); if (ret != LDB_SUCCESS) { return WERR_NOT_ENOUGH_MEMORY; } ldb_msg_add_steal_string(msg, "servicePrincipalName", talloc_asprintf(el->values, "E3514235-4B06-11D1-AB04-00C04FC2DCD2/%s/%s", ntds_guid_str, dom_string)); ldb_msg_add_steal_string(msg, "servicePrincipalName", talloc_asprintf(el->values, "ldap/%s._msdcs.%s", ntds_guid_str, dom_string)); if (cn) { ldb_msg_add_steal_string(msg, "servicePrincipalName", talloc_asprintf(el->values, "ldap/%s", cn)); } if (dNSHostName) { ldb_msg_add_steal_string(msg, "servicePrincipalName", talloc_asprintf(el->values, "ldap/%s", dNSHostName)); } if (el->num_values < 2) { return WERR_NOT_ENOUGH_MEMORY; } ret = dsdb_modify(b_state->sam_ctx, msg, DSDB_MODIFY_PERMISSIVE); if (ret != LDB_SUCCESS) { DEBUG(0,(__location__ ": Failed to add SPNs - %s\n", ldb_errstring(b_state->sam_ctx))); return WERR_DS_DRA_INTERNAL_ERROR; } } return WERR_OK; }