DWORD
LwLdapIsValidADEntry(
HANDLE hDirectory,
LDAPMessage* pMessage,
PBOOLEAN pbValidADEntry
)
{
DWORD dwError = LW_ERROR_SUCCESS;
PSTR pszValue = NULL;
dwError = LwLdapGetDN(
hDirectory,
pMessage,
&pszValue);
BAIL_ON_LW_ERROR(dwError);
if (LW_IS_NULL_OR_EMPTY_STR(pszValue))
{
dwError = LW_ERROR_INVALID_LDAP_ATTR_VALUE;
BAIL_ON_LW_ERROR(dwError);
}
*pbValidADEntry = TRUE;
cleanup:
LW_SAFE_FREE_STRING(pszValue);
return dwError;
error:
*pbValidADEntry = FALSE;
goto cleanup;
}
static
DWORD
AD_RawFindComputerDn(
IN HANDLE hDirectory,
IN PCSTR pszDnsDomainName,
IN PCSTR pszSamAccountName,
OUT PSTR* ppszComputerDn
)
{
DWORD dwError = 0;
LDAP* pLd = NULL;
PSTR pszDirectoryRoot = NULL;
PSTR pszEscapedSamAccountName = NULL;
PSTR szAttributeList[] = {"*", NULL};
PSTR pszQuery = NULL;
LDAPMessage *pMessage = NULL;
int count = 0;
PSTR pszComputerDn = NULL;
pLd = LwLdapGetSession(hDirectory);
dwError = LwLdapConvertDomainToDN(
pszDnsDomainName,
&pszDirectoryRoot);
BAIL_ON_LSA_ERROR(dwError);
dwError = LwLdapEscapeString(
&pszEscapedSamAccountName,
pszSamAccountName);
BAIL_ON_LSA_ERROR(dwError);
LwStrToUpper(pszEscapedSamAccountName);
dwError = LwAllocateStringPrintf(
&pszQuery,
"(sAMAccountName=%s)",
pszEscapedSamAccountName);
BAIL_ON_LSA_ERROR(dwError);
dwError = LwLdapDirectorySearch(
hDirectory,
pszDirectoryRoot,
LDAP_SCOPE_SUBTREE,
pszQuery,
szAttributeList,
&pMessage);
BAIL_ON_LSA_ERROR(dwError);
count = ldap_count_entries(pLd, pMessage);
if (count < 0)
{
dwError = LW_ERROR_LDAP_ERROR;
}
else if (count == 0)
{
dwError = LW_ERROR_NO_SUCH_DOMAIN;
}
else if (count > 1)
{
dwError = LW_ERROR_DUPLICATE_DOMAINNAME;
}
BAIL_ON_LSA_ERROR(dwError);
dwError = LwLdapGetDN(hDirectory, pMessage, &pszComputerDn);
BAIL_ON_LSA_ERROR(dwError);
if (LW_IS_NULL_OR_EMPTY_STR(pszComputerDn))
{
dwError = LW_ERROR_LDAP_FAILED_GETDN;
BAIL_ON_LSA_ERROR(dwError);
}
error:
if (dwError)
{
LW_SAFE_FREE_STRING(pszComputerDn);
}
LW_SAFE_FREE_STRING(pszDirectoryRoot);
LW_SAFE_FREE_STRING(pszEscapedSamAccountName);
LW_SAFE_FREE_STRING(pszQuery);
if (pMessage)
{
ldap_msgfree(pMessage);
}
*ppszComputerDn = pszComputerDn;
return dwError;
}
DWORD
ADGetCellInformation(
IN PLSA_DM_LDAP_CONNECTION pConn,
PCSTR pszDN,
PSTR* ppszCellDN
)
{
DWORD dwError = 0;
LDAP *pLd = NULL;
PSTR szAttributeList[] = {"*", NULL};
LDAPMessage *pMessage = NULL;
DWORD dwCount = 0;
PSTR pszCellDN = NULL;
HANDLE hDirectory = NULL;
dwError = LsaDmLdapDirectorySearch(
pConn,
pszDN,
LDAP_SCOPE_ONELEVEL,
"(name=$LikewiseIdentityCell)",
szAttributeList,
&hDirectory,
&pMessage);
BAIL_ON_LSA_ERROR(dwError);
pLd = LwLdapGetSession(hDirectory);
dwCount = ldap_count_entries(
pLd,
pMessage
);
if (dwCount < 0) {
dwError = LW_ERROR_LDAP_ERROR;
} else if (dwCount == 0) {
dwError = LW_ERROR_NO_SUCH_CELL;
} else if (dwCount > 1) {
dwError = LW_ERROR_INTERNAL;
}
BAIL_ON_LSA_ERROR(dwError);
dwError = LwLdapGetDN(
hDirectory,
pMessage,
&pszCellDN);
BAIL_ON_LSA_ERROR(dwError);
if (LW_IS_NULL_OR_EMPTY_STR(pszCellDN))
{
dwError = LW_ERROR_LDAP_FAILED_GETDN;
BAIL_ON_LSA_ERROR(dwError);
}
*ppszCellDN = pszCellDN;
cleanup:
if (pMessage) {
ldap_msgfree(pMessage);
}
return dwError;
error:
*ppszCellDN = NULL;
LW_SAFE_FREE_STRING(pszCellDN);
goto cleanup;
}
DWORD
ADFindComputerDN(
IN PLSA_DM_LDAP_CONNECTION pConn,
PCSTR pszSamAccountName,
PCSTR pszDomainName,
PSTR* ppszComputerDN
)
{
DWORD dwError = 0;
LDAP *pLd = NULL;
PSTR pszDirectoryRoot = NULL;
PSTR szAttributeList[] = {"*", NULL};
PSTR pszQuery = NULL;
LDAPMessage *pMessage = NULL;
DWORD dwCount = 0;
PSTR pszComputerDN = NULL;
PSTR pszEscapedUpperSamAccountName = NULL;
HANDLE hDirectory = NULL;
dwError = LwLdapConvertDomainToDN(pszDomainName, &pszDirectoryRoot);
BAIL_ON_LSA_ERROR(dwError);
dwError = LwLdapEscapeString(
&pszEscapedUpperSamAccountName,
pszSamAccountName);
BAIL_ON_LSA_ERROR(dwError);
LwStrToUpper(pszEscapedUpperSamAccountName);
dwError = LwAllocateStringPrintf(&pszQuery,
"(sAMAccountName=%s)",
pszEscapedUpperSamAccountName);
BAIL_ON_LSA_ERROR(dwError);
dwError = LsaDmLdapDirectorySearch(
pConn,
pszDirectoryRoot,
LDAP_SCOPE_SUBTREE,
pszQuery,
szAttributeList,
&hDirectory,
&pMessage);
BAIL_ON_LSA_ERROR(dwError);
pLd = LwLdapGetSession(hDirectory);
dwCount = ldap_count_entries(
pLd,
pMessage
);
if (dwCount < 0) {
dwError = LW_ERROR_LDAP_ERROR;
} else if (dwCount == 0) {
dwError = LW_ERROR_NO_SUCH_DOMAIN;
} else if (dwCount > 1) {
dwError = LW_ERROR_DUPLICATE_DOMAINNAME;
}
BAIL_ON_LSA_ERROR(dwError);
dwError = LwLdapGetDN(
hDirectory,
pMessage,
&pszComputerDN);
BAIL_ON_LSA_ERROR(dwError);
if (LW_IS_NULL_OR_EMPTY_STR(pszComputerDN))
{
dwError = LW_ERROR_LDAP_FAILED_GETDN;
BAIL_ON_LSA_ERROR(dwError);
}
*ppszComputerDN = pszComputerDN;
cleanup:
LW_SAFE_FREE_STRING(pszEscapedUpperSamAccountName);
LW_SAFE_FREE_STRING(pszDirectoryRoot);
LW_SAFE_FREE_STRING(pszQuery);
if (pMessage) {
ldap_msgfree(pMessage);
}
return dwError;
error:
*ppszComputerDN = NULL;
LW_SAFE_FREE_STRING(pszComputerDN);
goto cleanup;
}
