int dsdb_schema_from_ldb_results(TALLOC_CTX *mem_ctx, struct ldb_context *ldb,
struct ldb_result *schema_res,
struct ldb_result *attrs_class_res,
struct dsdb_schema **schema_out,
char **error_string)
{
WERROR status;
const struct ldb_val *prefix_val;
const struct ldb_val *info_val;
struct ldb_val info_val_default;
struct dsdb_schema *schema;
struct loadparm_context *lp_ctx = NULL;
int ret;
schema = dsdb_new_schema(mem_ctx);
if (!schema) {
dsdb_oom(error_string, mem_ctx);
return ldb_operr(ldb);
}
schema->base_dn = talloc_steal(schema, schema_res->msgs[0]->dn);
prefix_val = ldb_msg_find_ldb_val(schema_res->msgs[0], "prefixMap");
if (!prefix_val) {
*error_string = talloc_asprintf(mem_ctx,
"schema_fsmo_init: no prefixMap attribute found");
DEBUG(0,(__location__ ": %s\n", *error_string));
return LDB_ERR_CONSTRAINT_VIOLATION;
}
info_val = ldb_msg_find_ldb_val(schema_res->msgs[0], "schemaInfo");
if (!info_val) {
status = dsdb_schema_info_blob_new(mem_ctx, &info_val_default);
if (!W_ERROR_IS_OK(status)) {
*error_string = talloc_asprintf(mem_ctx,
"schema_fsmo_init: dsdb_schema_info_blob_new() failed - %s",
win_errstr(status));
DEBUG(0,(__location__ ": %s\n", *error_string));
return ldb_operr(ldb);
}
info_val = &info_val_default;
}
status = dsdb_load_oid_mappings_ldb(schema, prefix_val, info_val);
if (!W_ERROR_IS_OK(status)) {
*error_string = talloc_asprintf(mem_ctx,
"schema_fsmo_init: failed to load oid mappings: %s",
win_errstr(status));
DEBUG(0,(__location__ ": %s\n", *error_string));
return LDB_ERR_CONSTRAINT_VIOLATION;
}
ret = dsdb_load_ldb_results_into_schema(mem_ctx, ldb, schema, attrs_class_res, error_string);
if (ret != LDB_SUCCESS) {
return ret;
}
schema->fsmo.master_dn = ldb_msg_find_attr_as_dn(ldb, schema, schema_res->msgs[0], "fSMORoleOwner");
if (ldb_dn_compare(samdb_ntds_settings_dn(ldb), schema->fsmo.master_dn) == 0) {
schema->fsmo.we_are_master = true;
} else {
schema->fsmo.we_are_master = false;
}
lp_ctx = talloc_get_type(ldb_get_opaque(ldb, "loadparm"),
struct loadparm_context);
if (lp_ctx) {
bool allowed = lpcfg_parm_bool(lp_ctx, NULL,
"dsdb", "schema update allowed",
false);
schema->fsmo.update_allowed = allowed;
} else {
schema->fsmo.update_allowed = false;
}
DEBUG(5, ("schema_fsmo_init: we are master[%s] updates allowed[%s]\n",
(schema->fsmo.we_are_master?"yes":"no"),
(schema->fsmo.update_allowed?"yes":"no")));
*schema_out = schema;
return LDB_SUCCESS;
}
WERROR dsdb_set_schema_from_ldif(struct ldb_context *ldb,
const char *pf, const char *df,
const char *dn)
{
struct ldb_ldif *ldif;
struct ldb_message *msg;
TALLOC_CTX *mem_ctx;
WERROR status;
int ret;
struct dsdb_schema *schema;
const struct ldb_val *prefix_val;
const struct ldb_val *info_val;
struct ldb_val info_val_default;
mem_ctx = talloc_new(ldb);
if (!mem_ctx) {
goto nomem;
}
schema = dsdb_new_schema(mem_ctx);
if (!schema) {
goto nomem;
}
schema->base_dn = ldb_dn_new(schema, ldb, dn);
if (!schema->base_dn) {
goto nomem;
}
schema->fsmo.we_are_master = true;
schema->fsmo.update_allowed = true;
schema->fsmo.master_dn = ldb_dn_new(schema, ldb, "@PROVISION_SCHEMA_MASTER");
if (!schema->fsmo.master_dn) {
goto nomem;
}
/*
* load the prefixMap attribute from pf
*/
ldif = ldb_ldif_read_string(ldb, &pf);
if (!ldif) {
status = WERR_INVALID_PARAM;
goto failed;
}
talloc_steal(mem_ctx, ldif);
ret = ldb_msg_normalize(ldb, mem_ctx, ldif->msg, &msg);
if (ret != LDB_SUCCESS) {
goto nomem;
}
talloc_free(ldif);
prefix_val = ldb_msg_find_ldb_val(msg, "prefixMap");
if (!prefix_val) {
status = WERR_INVALID_PARAM;
goto failed;
}
info_val = ldb_msg_find_ldb_val(msg, "schemaInfo");
if (!info_val) {
status = dsdb_schema_info_blob_new(mem_ctx, &info_val_default);
W_ERROR_NOT_OK_GOTO(status, failed);
info_val = &info_val_default;
}
status = dsdb_load_oid_mappings_ldb(schema, prefix_val, info_val);
if (!W_ERROR_IS_OK(status)) {
DEBUG(0,("ERROR: dsdb_load_oid_mappings_ldb() failed with %s\n", win_errstr(status)));
goto failed;
}
/* load the attribute and class definitions out of df */
while ((ldif = ldb_ldif_read_string(ldb, &df))) {
talloc_steal(mem_ctx, ldif);
ret = ldb_msg_normalize(ldb, ldif, ldif->msg, &msg);
if (ret != LDB_SUCCESS) {
goto nomem;
}
status = dsdb_schema_set_el_from_ldb_msg(ldb, schema, msg);
talloc_free(ldif);
if (!W_ERROR_IS_OK(status)) {
goto failed;
}
}
ret = dsdb_set_schema(ldb, schema);
if (ret != LDB_SUCCESS) {
status = WERR_FOOBAR;
goto failed;
}
ret = dsdb_schema_fill_extended_dn(ldb, schema);
if (ret != LDB_SUCCESS) {
status = WERR_FOOBAR;
goto failed;
}
goto done;
nomem:
status = WERR_NOMEM;
failed:
done:
talloc_free(mem_ctx);
return status;
}
int dsdb_schema_from_ldb_results(TALLOC_CTX *mem_ctx, struct ldb_context *ldb,
struct ldb_result *schema_res,
struct ldb_result *attrs_res, struct ldb_result *objectclass_res,
struct dsdb_schema **schema_out,
char **error_string)
{
WERROR status;
unsigned int i;
const struct ldb_val *prefix_val;
const struct ldb_val *info_val;
struct ldb_val info_val_default;
struct dsdb_schema *schema;
schema = dsdb_new_schema(mem_ctx);
if (!schema) {
dsdb_oom(error_string, mem_ctx);
return ldb_operr(ldb);
}
schema->base_dn = talloc_steal(schema, schema_res->msgs[0]->dn);
prefix_val = ldb_msg_find_ldb_val(schema_res->msgs[0], "prefixMap");
if (!prefix_val) {
*error_string = talloc_asprintf(mem_ctx,
"schema_fsmo_init: no prefixMap attribute found");
DEBUG(0,(__location__ ": %s\n", *error_string));
return LDB_ERR_CONSTRAINT_VIOLATION;
}
info_val = ldb_msg_find_ldb_val(schema_res->msgs[0], "schemaInfo");
if (!info_val) {
status = dsdb_schema_info_blob_new(mem_ctx, &info_val_default);
if (!W_ERROR_IS_OK(status)) {
*error_string = talloc_asprintf(mem_ctx,
"schema_fsmo_init: dsdb_schema_info_blob_new() failed - %s",
win_errstr(status));
DEBUG(0,(__location__ ": %s\n", *error_string));
return ldb_operr(ldb);
}
info_val = &info_val_default;
}
status = dsdb_load_oid_mappings_ldb(schema, prefix_val, info_val);
if (!W_ERROR_IS_OK(status)) {
*error_string = talloc_asprintf(mem_ctx,
"schema_fsmo_init: failed to load oid mappings: %s",
win_errstr(status));
DEBUG(0,(__location__ ": %s\n", *error_string));
return LDB_ERR_CONSTRAINT_VIOLATION;
}
for (i=0; i < attrs_res->count; i++) {
status = dsdb_attribute_from_ldb(ldb, schema, attrs_res->msgs[i]);
if (!W_ERROR_IS_OK(status)) {
*error_string = talloc_asprintf(mem_ctx,
"schema_fsmo_init: failed to load attribute definition: %s:%s",
ldb_dn_get_linearized(attrs_res->msgs[i]->dn),
win_errstr(status));
DEBUG(0,(__location__ ": %s\n", *error_string));
return LDB_ERR_CONSTRAINT_VIOLATION;
}
}
for (i=0; i < objectclass_res->count; i++) {
status = dsdb_class_from_ldb(schema, objectclass_res->msgs[i]);
if (!W_ERROR_IS_OK(status)) {
*error_string = talloc_asprintf(mem_ctx,
"schema_fsmo_init: failed to load class definition: %s:%s",
ldb_dn_get_linearized(objectclass_res->msgs[i]->dn),
win_errstr(status));
DEBUG(0,(__location__ ": %s\n", *error_string));
return LDB_ERR_CONSTRAINT_VIOLATION;
}
}
schema->fsmo.master_dn = ldb_msg_find_attr_as_dn(ldb, schema, schema_res->msgs[0], "fSMORoleOwner");
if (ldb_dn_compare(samdb_ntds_settings_dn(ldb), schema->fsmo.master_dn) == 0) {
schema->fsmo.we_are_master = true;
} else {
schema->fsmo.we_are_master = false;
}
DEBUG(5, ("schema_fsmo_init: we are master: %s\n",
(schema->fsmo.we_are_master?"yes":"no")));
*schema_out = schema;
return LDB_SUCCESS;
}
