/* port functions */
static WERROR sptr_EnumPorts(struct ntptr_context *ntptr, TALLOC_CTX *mem_ctx,
struct spoolss_EnumPorts *r)
{
struct ldb_context *sptr_db = talloc_get_type(ntptr->private_data, struct ldb_context);
struct ldb_message **msgs;
int count;
int i;
union spoolss_PortInfo *info;
count = sptr_db_search(sptr_db, mem_ctx, NULL, &msgs, NULL,
"(&(objectclass=port))");
if (count == 0) return WERR_OK;
if (count < 0) return WERR_GENERAL_FAILURE;
info = talloc_array(mem_ctx, union spoolss_PortInfo, count);
W_ERROR_HAVE_NO_MEMORY(info);
switch (r->in.level) {
case 1:
for (i = 0; i < count; i++) {
info[i].info1.port_name = samdb_result_string(msgs[i], "port-name", "");
W_ERROR_HAVE_NO_MEMORY(info[i].info1.port_name);
}
break;
case 2:
for (i=0; i < count; i++) {
info[i].info2.port_name = samdb_result_string(msgs[i], "port-name", "");
W_ERROR_HAVE_NO_MEMORY(info[i].info2.port_name);
info[i].info2.monitor_name = samdb_result_string(msgs[i], "monitor-name", "");
W_ERROR_HAVE_NO_MEMORY(info[i].info2.monitor_name);
info[i].info2.description = samdb_result_string(msgs[i], "description", "");
W_ERROR_HAVE_NO_MEMORY(info[i].info2.description);
info[i].info2.port_type = samdb_result_uint(msgs[i], "port-type", SPOOLSS_PORT_TYPE_WRITE);
info[i].info2.reserved = samdb_result_uint(msgs[i], "reserved", 0);
}
break;
default:
return WERR_UNKNOWN_LEVEL;
}
*r->out.info = info;
*r->out.count = count;
return WERR_OK;
}
static NTSTATUS unbecomeDC_ldap_computer_object(struct libnet_UnbecomeDC_state *s)
{
int ret;
struct ldb_result *r;
struct ldb_dn *basedn;
static const char *attrs[] = {
"distinguishedName",
"userAccountControl",
NULL
};
basedn = ldb_dn_new(s, s->ldap.ldb, s->domain.dn_str);
NT_STATUS_HAVE_NO_MEMORY(basedn);
ret = ldb_search(s->ldap.ldb, s, &r, basedn, LDB_SCOPE_SUBTREE, attrs,
"(&(|(objectClass=user)(objectClass=computer))(sAMAccountName=%s$))",
s->dest_dsa.netbios_name);
talloc_free(basedn);
if (ret != LDB_SUCCESS) {
return NT_STATUS_LDAP(ret);
} else if (r->count != 1) {
talloc_free(r);
return NT_STATUS_INVALID_NETWORK_RESPONSE;
}
s->dest_dsa.computer_dn_str = samdb_result_string(r->msgs[0], "distinguishedName", NULL);
if (!s->dest_dsa.computer_dn_str) return NT_STATUS_INVALID_NETWORK_RESPONSE;
talloc_steal(s, s->dest_dsa.computer_dn_str);
s->dest_dsa.user_account_control = samdb_result_uint(r->msgs[0], "userAccountControl", 0);
talloc_free(r);
return NT_STATUS_OK;
}
/* monitor functions */
static WERROR sptr_EnumMonitors(struct ntptr_context *ntptr, TALLOC_CTX *mem_ctx,
struct spoolss_EnumMonitors *r)
{
struct ldb_context *sptr_db = talloc_get_type(ntptr->private_data, struct ldb_context);
struct ldb_message **msgs;
int count;
int i;
union spoolss_MonitorInfo *info;
count = sptr_db_search(sptr_db, mem_ctx, NULL, &msgs, NULL,
"(&(objectclass=monitor))");
if (count == 0) return WERR_OK;
if (count < 0) return WERR_GENERAL_FAILURE;
info = talloc_array(mem_ctx, union spoolss_MonitorInfo, count);
W_ERROR_HAVE_NO_MEMORY(info);
switch (r->in.level) {
case 1:
for (i = 0; i < count; i++) {
info[i].info1.monitor_name = samdb_result_string(msgs[i], "monitor-name", "");
W_ERROR_HAVE_NO_MEMORY(info[i].info1.monitor_name);
}
break;
case 2:
for (i=0; i < count; i++) {
info[i].info2.monitor_name = samdb_result_string(msgs[i], "monitor-name", "");
W_ERROR_HAVE_NO_MEMORY(info[i].info2.monitor_name);
info[i].info2.environment = samdb_result_string(msgs[i], "environment", "");
W_ERROR_HAVE_NO_MEMORY(info[i].info2.environment);
info[i].info2.dll_name = samdb_result_string(msgs[i], "dll-name", "");
W_ERROR_HAVE_NO_MEMORY(info[i].info2.dll_name);
}
break;
default:
return WERR_UNKNOWN_LEVEL;
}
*r->out.info = info;
*r->out.count = count;
return WERR_OK;
}
/* Printer Form functions */
static WERROR sptr_GetPrinterForm(struct ntptr_GenericHandle *printer, TALLOC_CTX *mem_ctx,
struct spoolss_GetForm *r)
{
struct ldb_context *sptr_db = talloc_get_type(printer->ntptr->private_data, struct ldb_context);
struct ldb_message **msgs;
struct ldb_dn *base_dn;
int count;
union spoolss_FormInfo *info;
/* TODO: do checks access here
* if (!(printer->access_mask & desired_access)) {
* return WERR_FOOBAR;
* }
*/
base_dn = ldb_dn_new_fmt(mem_ctx, sptr_db, "CN=Forms,CN=%s,CN=Printers", printer->object_name);
W_ERROR_HAVE_NO_MEMORY(base_dn);
count = sptr_db_search(sptr_db, mem_ctx, base_dn, &msgs, NULL,
"(&(form-name=%s)(objectClass=form))",
r->in.form_name);
if (count == 0) return WERR_FOOBAR;
if (count > 1) return WERR_FOOBAR;
if (count < 0) return WERR_GENERAL_FAILURE;
info = talloc(mem_ctx, union spoolss_FormInfo);
W_ERROR_HAVE_NO_MEMORY(info);
switch (r->in.level) {
case 1:
info->info1.flags = samdb_result_uint(msgs[0], "flags", SPOOLSS_FORM_BUILTIN);
info->info1.form_name = samdb_result_string(msgs[0], "form-name", NULL);
W_ERROR_HAVE_NO_MEMORY(info->info1.form_name);
info->info1.size.width = samdb_result_uint(msgs[0], "size-width", 0);
info->info1.size.height = samdb_result_uint(msgs[0], "size-height", 0);
info->info1.area.left = samdb_result_uint(msgs[0], "area-left", 0);
info->info1.area.top = samdb_result_uint(msgs[0], "area-top", 0);
info->info1.area.right = samdb_result_uint(msgs[0], "area-right", 0);
info->info1.area.bottom = samdb_result_uint(msgs[0], "area-bottom", 0);
break;
default:
return WERR_UNKNOWN_LEVEL;
}
r->out.info = info;
return WERR_OK;
}
/* PrintServer Form functions */
static WERROR sptr_EnumPrintServerForms(struct ntptr_GenericHandle *server, TALLOC_CTX *mem_ctx,
struct spoolss_EnumForms *r)
{
struct ldb_context *sptr_db = talloc_get_type(server->ntptr->private_data, struct ldb_context);
struct ldb_message **msgs;
int count;
int i;
union spoolss_FormInfo *info;
count = sptr_db_search(sptr_db, mem_ctx,
ldb_dn_new(mem_ctx, sptr_db, "CN=Forms,CN=PrintServer"),
&msgs, NULL, "(&(objectClass=form))");
if (count == 0) return WERR_OK;
if (count < 0) return WERR_GENERAL_FAILURE;
info = talloc_array(mem_ctx, union spoolss_FormInfo, count);
W_ERROR_HAVE_NO_MEMORY(info);
switch (r->in.level) {
case 1:
for (i=0; i < count; i++) {
info[i].info1.flags = samdb_result_uint(msgs[i], "flags", SPOOLSS_FORM_BUILTIN);
info[i].info1.form_name = samdb_result_string(msgs[i], "form-name", NULL);
W_ERROR_HAVE_NO_MEMORY(info[i].info1.form_name);
info[i].info1.size.width = samdb_result_uint(msgs[i], "size-width", 0);
info[i].info1.size.height = samdb_result_uint(msgs[i], "size-height", 0);
info[i].info1.area.left = samdb_result_uint(msgs[i], "area-left", 0);
info[i].info1.area.top = samdb_result_uint(msgs[i], "area-top", 0);
info[i].info1.area.right = samdb_result_uint(msgs[i], "area-right", 0);
info[i].info1.area.bottom = samdb_result_uint(msgs[i], "area-bottom", 0);
}
break;
default:
return WERR_UNKNOWN_LEVEL;
}
*r->out.info = info;
*r->out.count = count;
return WERR_OK;
}
/* Printer functions */
static WERROR sptr_EnumPrinters(struct ntptr_context *ntptr, TALLOC_CTX *mem_ctx,
struct spoolss_EnumPrinters *r)
{
struct ldb_context *sptr_db = talloc_get_type(ntptr->private_data, struct ldb_context);
struct ldb_message **msgs;
int count;
int i;
union spoolss_PrinterInfo *info;
count = sptr_db_search(sptr_db, mem_ctx, NULL, &msgs, NULL,
"(&(objectclass=printer))");
if (count == 0) return WERR_OK;
if (count < 0) return WERR_GENERAL_FAILURE;
info = talloc_array(mem_ctx, union spoolss_PrinterInfo, count);
W_ERROR_HAVE_NO_MEMORY(info);
switch(r->in.level) {
case 1:
for (i = 0; i < count; i++) {
info[i].info1.flags = samdb_result_uint(msgs[i], "flags", 0);
info[i].info1.name = samdb_result_string(msgs[i], "name", "");
W_ERROR_HAVE_NO_MEMORY(info[i].info1.name);
info[i].info1.description = samdb_result_string(msgs[i], "description", "");
W_ERROR_HAVE_NO_MEMORY(info[i].info1.description);
info[i].info1.comment = samdb_result_string(msgs[i], "comment", NULL);
}
break;
case 2:
for (i = 0; i < count; i++) {
info[i].info2.servername = samdb_result_string(msgs[i], "servername", "");
W_ERROR_HAVE_NO_MEMORY(info[i].info2.servername);
info[i].info2.printername = samdb_result_string(msgs[i], "printername", "");
W_ERROR_HAVE_NO_MEMORY(info[i].info2.printername);
info[i].info2.sharename = samdb_result_string(msgs[i], "sharename", "");
W_ERROR_HAVE_NO_MEMORY(info[i].info2.sharename);
info[i].info2.portname = samdb_result_string(msgs[i], "portname", "");
W_ERROR_HAVE_NO_MEMORY(info[i].info2.portname);
info[i].info2.drivername = samdb_result_string(msgs[i], "drivername", "");
W_ERROR_HAVE_NO_MEMORY(info[i].info2.drivername);
info[i].info2.comment = samdb_result_string(msgs[i], "comment", NULL);
info[i].info2.location = samdb_result_string(msgs[i], "location", NULL);
info[i].info2.devmode = NULL;
info[i].info2.sepfile = samdb_result_string(msgs[i], "sepfile", NULL);
info[i].info2.printprocessor = samdb_result_string(msgs[i], "printprocessor", "");
W_ERROR_HAVE_NO_MEMORY(info[i].info2.printprocessor);
info[i].info2.datatype = samdb_result_string(msgs[i], "datatype", "");
W_ERROR_HAVE_NO_MEMORY(info[i].info2.datatype);
info[i].info2.parameters = samdb_result_string(msgs[i], "parameters", NULL);
info[i].info2.secdesc = NULL;
info[i].info2.attributes = samdb_result_uint(msgs[i], "attributes", 0);
info[i].info2.priority = samdb_result_uint(msgs[i], "priority", 0);
info[i].info2.defaultpriority = samdb_result_uint(msgs[i], "defaultpriority", 0);
info[i].info2.starttime = samdb_result_uint(msgs[i], "starttime", 0);
info[i].info2.untiltime = samdb_result_uint(msgs[i], "untiltime", 0);
info[i].info2.status = samdb_result_uint(msgs[i], "status", 0);
info[i].info2.cjobs = samdb_result_uint(msgs[i], "cjobs", 0);
info[i].info2.averageppm = samdb_result_uint(msgs[i], "averageppm", 0);
}
break;
case 4:
for (i = 0; i < count; i++) {
info[i].info4.printername = samdb_result_string(msgs[i], "printername", "");
W_ERROR_HAVE_NO_MEMORY(info[i].info2.printername);
info[i].info4.servername = samdb_result_string(msgs[i], "servername", "");
W_ERROR_HAVE_NO_MEMORY(info[i].info2.servername);
info[i].info4.attributes = samdb_result_uint(msgs[i], "attributes", 0);
}
break;
case 5:
for (i = 0; i < count; i++) {
info[i].info5.printername = samdb_result_string(msgs[i], "name", "");
W_ERROR_HAVE_NO_MEMORY(info[i].info5.printername);
info[i].info5.portname = samdb_result_string(msgs[i], "port", "");
W_ERROR_HAVE_NO_MEMORY(info[i].info5.portname);
info[i].info5.attributes = samdb_result_uint(msgs[i], "attributes", 0);
info[i].info5.device_not_selected_timeout = samdb_result_uint(msgs[i], "device_not_selected_timeout", 0);
info[i].info5.transmission_retry_timeout = samdb_result_uint(msgs[i], "transmission_retry_timeout", 0);
}
break;
default:
return WERR_UNKNOWN_LEVEL;
}
*r->out.info = info;
*r->out.count = count;
return WERR_OK;
}
static int samldb_fill_foreignSecurityPrincipal_object(struct ldb_module *module, const struct ldb_message *msg,
struct ldb_message **ret_msg)
{
struct ldb_message *msg2;
const char *rdn_name;
struct dom_sid *dom_sid;
struct dom_sid *sid;
const char *dom_attrs[] = { "name", NULL };
struct ldb_message **dom_msgs;
const char *errstr;
int ret;
TALLOC_CTX *mem_ctx = talloc_new(msg);
if (!mem_ctx) {
return LDB_ERR_OPERATIONS_ERROR;
}
/* build the new msg */
msg2 = ldb_msg_copy(mem_ctx, msg);
if (!msg2) {
ldb_debug(module->ldb, LDB_DEBUG_FATAL, "samldb_fill_foreignSecurityPrincpal_object: ldb_msg_copy failed!\n");
talloc_free(mem_ctx);
return LDB_ERR_OPERATIONS_ERROR;
}
ret = samdb_copy_template(module->ldb, msg2,
"(&(CN=TemplateForeignSecurityPrincipal)(objectclass=foreignSecurityPrincipalTemplate))",
&errstr);
if (ret != 0) {
ldb_asprintf_errstring(module->ldb,
"samldb_fill_foreignSecurityPrincipal_object: "
"Error copying template: %s",
errstr);
talloc_free(mem_ctx);
return ret;
}
rdn_name = ldb_dn_get_rdn_name(msg2->dn);
if (strcasecmp(rdn_name, "cn") != 0) {
ldb_asprintf_errstring(module->ldb, "Bad RDN (%s=) for ForeignSecurityPrincipal, should be CN=!", rdn_name);
talloc_free(mem_ctx);
return LDB_ERR_CONSTRAINT_VIOLATION;
}
/* Slightly different for the foreign sids. We don't want
* domain SIDs ending up there, it would cause all sorts of
* pain */
sid = dom_sid_parse_talloc(msg2, (const char *)ldb_dn_get_rdn_val(msg2->dn)->data);
if (!sid) {
ldb_set_errstring(module->ldb, "No valid found SID in ForeignSecurityPrincipal CN!");
talloc_free(mem_ctx);
return LDB_ERR_CONSTRAINT_VIOLATION;
}
if ( ! samldb_msg_add_sid(module, msg2, "objectSid", sid)) {
talloc_free(sid);
return LDB_ERR_OPERATIONS_ERROR;
}
dom_sid = dom_sid_dup(mem_ctx, sid);
if (!dom_sid) {
talloc_free(mem_ctx);
return LDB_ERR_OPERATIONS_ERROR;
}
/* get the domain component part of the provided SID */
dom_sid->num_auths--;
/* find the domain DN */
ret = gendb_search(module->ldb,
mem_ctx, NULL, &dom_msgs, dom_attrs,
"(&(objectSid=%s)(objectclass=domain))",
ldap_encode_ndr_dom_sid(mem_ctx, dom_sid));
if (ret >= 1) {
/* We don't really like the idea of foreign sids that are not foreign, but it happens */
const char *name = samdb_result_string(dom_msgs[0], "name", NULL);
ldb_debug(module->ldb, LDB_DEBUG_TRACE, "NOTE (strange but valid): Adding foreign SID record with SID %s, but this domian (%s) is already in the database",
dom_sid_string(mem_ctx, sid), name);
} else if (ret == -1) {
ldb_asprintf_errstring(module->ldb,
"samldb_fill_foreignSecurityPrincipal_object: error searching for a domain with this sid: %s\n",
dom_sid_string(mem_ctx, dom_sid));
talloc_free(dom_msgs);
return LDB_ERR_OPERATIONS_ERROR;
}
/* This isn't an operation on a domain we know about, so just
* check for the SID, looking for duplicates via the common
* code */
ret = samldb_notice_sid(module, msg2, sid);
if (ret == 0) {
talloc_steal(msg, msg2);
*ret_msg = msg2;
}
return ret;
}
/*
fill in the cldap netlogon union for a given version
*/
static NTSTATUS cldapd_netlogon_fill(struct cldapd_server *cldapd,
TALLOC_CTX *mem_ctx,
const char *domain,
const char *domain_guid,
const char *user,
const char *src_address,
uint32_t version,
union nbt_cldap_netlogon *netlogon)
{
const char *ref_attrs[] = {"nETBIOSName", "dnsRoot", "ncName", NULL};
const char *dom_attrs[] = {"objectGUID", NULL};
struct ldb_message **ref_res, **dom_res;
int ret, count = 0;
const char **services = lp_server_services();
uint32_t server_type;
const char *pdc_name;
struct GUID domain_uuid;
const char *realm;
const char *dns_domain;
const char *pdc_dns_name;
const char *flatname;
const char *server_site;
const char *client_site;
const char *pdc_ip;
struct ldb_dn *partitions_basedn;
partitions_basedn = samdb_partitions_dn(cldapd->samctx, mem_ctx);
/* the domain has an optional trailing . */
if (domain && domain[strlen(domain)-1] == '.') {
domain = talloc_strndup(mem_ctx, domain, strlen(domain)-1);
}
if (domain) {
struct ldb_result *dom_ldb_result;
struct ldb_dn *dom_dn;
/* try and find the domain */
count = gendb_search(cldapd->samctx, mem_ctx, partitions_basedn, &ref_res, ref_attrs,
"(&(&(objectClass=crossRef)(dnsRoot=%s))(nETBIOSName=*))",
domain);
if (count == 1) {
dom_dn = samdb_result_dn(cldapd->samctx, mem_ctx, ref_res[0], "ncName", NULL);
if (!dom_dn) {
return NT_STATUS_NO_SUCH_DOMAIN;
}
ret = ldb_search(cldapd->samctx, dom_dn,
LDB_SCOPE_BASE, "objectClass=domain",
dom_attrs, &dom_ldb_result);
if (ret != LDB_SUCCESS) {
DEBUG(2,("Error finding domain '%s'/'%s' in sam: %s\n", domain, ldb_dn_get_linearized(dom_dn), ldb_errstring(cldapd->samctx)));
return NT_STATUS_NO_SUCH_DOMAIN;
}
talloc_steal(mem_ctx, dom_ldb_result);
if (dom_ldb_result->count != 1) {
DEBUG(2,("Error finding domain '%s'/'%s' in sam\n", domain, ldb_dn_get_linearized(dom_dn)));
return NT_STATUS_NO_SUCH_DOMAIN;
}
dom_res = dom_ldb_result->msgs;
}
}
if (count == 0 && domain_guid) {
/* OK, so no dice with the name, try and find the domain with the GUID */
count = gendb_search(cldapd->samctx, mem_ctx, NULL, &dom_res, dom_attrs,
"(&(objectClass=domainDNS)(objectGUID=%s))",
domain_guid);
if (count == 1) {
/* try and find the domain */
ret = gendb_search(cldapd->samctx, mem_ctx, partitions_basedn, &ref_res, ref_attrs,
"(&(objectClass=crossRef)(ncName=%s))",
ldb_dn_get_linearized(dom_res[0]->dn));
if (ret != 1) {
DEBUG(2,("Unable to find referece to '%s' in sam\n",
ldb_dn_get_linearized(dom_res[0]->dn)));
return NT_STATUS_NO_SUCH_DOMAIN;
}
}
}
if (count == 0) {
DEBUG(2,("Unable to find domain with name %s or GUID {%s}\n", domain, domain_guid));
return NT_STATUS_NO_SUCH_DOMAIN;
}
server_type =
NBT_SERVER_PDC | NBT_SERVER_GC |
NBT_SERVER_DS | NBT_SERVER_TIMESERV |
NBT_SERVER_CLOSEST | NBT_SERVER_WRITABLE |
NBT_SERVER_GOOD_TIMESERV;
if (str_list_check(services, "ldap")) {
server_type |= NBT_SERVER_LDAP;
}
if (str_list_check(services, "kdc")) {
server_type |= NBT_SERVER_KDC;
}
pdc_name = talloc_asprintf(mem_ctx, "\\\\%s", lp_netbios_name());
domain_uuid = samdb_result_guid(dom_res[0], "objectGUID");
realm = samdb_result_string(ref_res[0], "dnsRoot", lp_realm());
dns_domain = samdb_result_string(ref_res[0], "dnsRoot", lp_realm());
pdc_dns_name = talloc_asprintf(mem_ctx, "%s.%s",
strlower_talloc(mem_ctx, lp_netbios_name()),
dns_domain);
flatname = samdb_result_string(ref_res[0], "nETBIOSName", lp_workgroup());
server_site = "Default-First-Site-Name";
client_site = "Default-First-Site-Name";
pdc_ip = iface_best_ip(src_address);
ZERO_STRUCTP(netlogon);
switch (version & 0xF) {
case 0:
case 1:
netlogon->logon1.type = (user?19+2:19);
netlogon->logon1.pdc_name = pdc_name;
netlogon->logon1.user_name = user;
netlogon->logon1.domain_name = flatname;
netlogon->logon1.nt_version = 1;
netlogon->logon1.lmnt_token = 0xFFFF;
netlogon->logon1.lm20_token = 0xFFFF;
break;
case 2:
case 3:
netlogon->logon3.type = (user?19+2:19);
netlogon->logon3.pdc_name = pdc_name;
netlogon->logon3.user_name = user;
netlogon->logon3.domain_name = flatname;
netlogon->logon3.domain_uuid = domain_uuid;
netlogon->logon3.forest = realm;
netlogon->logon3.dns_domain = dns_domain;
netlogon->logon3.pdc_dns_name = pdc_dns_name;
netlogon->logon3.pdc_ip = pdc_ip;
netlogon->logon3.server_type = server_type;
netlogon->logon3.lmnt_token = 0xFFFF;
netlogon->logon3.lm20_token = 0xFFFF;
break;
case 4:
case 5:
case 6:
case 7:
netlogon->logon5.type = (user?23+2:23);
netlogon->logon5.server_type = server_type;
netlogon->logon5.domain_uuid = domain_uuid;
netlogon->logon5.forest = realm;
netlogon->logon5.dns_domain = dns_domain;
netlogon->logon5.pdc_dns_name = pdc_dns_name;
netlogon->logon5.domain = flatname;
netlogon->logon5.pdc_name = lp_netbios_name();
netlogon->logon5.user_name = user;
netlogon->logon5.server_site = server_site;
netlogon->logon5.client_site = client_site;
netlogon->logon5.lmnt_token = 0xFFFF;
netlogon->logon5.lm20_token = 0xFFFF;
break;
default:
netlogon->logon13.type = (user?23+2:23);
netlogon->logon13.server_type = server_type;
netlogon->logon13.domain_uuid = domain_uuid;
netlogon->logon13.forest = realm;
netlogon->logon13.dns_domain = dns_domain;
netlogon->logon13.pdc_dns_name = pdc_dns_name;
netlogon->logon13.domain = flatname;
netlogon->logon13.pdc_name = lp_netbios_name();
netlogon->logon13.user_name = user;
netlogon->logon13.server_site = server_site;
netlogon->logon13.client_site = client_site;
netlogon->logon13.unknown = 10;
netlogon->logon13.unknown2 = 2;
netlogon->logon13.pdc_ip = pdc_ip;
netlogon->logon13.lmnt_token = 0xFFFF;
netlogon->logon13.lm20_token = 0xFFFF;
break;
}
return NT_STATUS_OK;
}
static WERROR DsCrackNameOneFilter(struct ldb_context *sam_ctx, TALLOC_CTX *mem_ctx,
struct smb_krb5_context *smb_krb5_context,
uint32_t format_flags, uint32_t format_offered, uint32_t format_desired,
struct ldb_dn *name_dn, const char *name,
const char *domain_filter, const char *result_filter,
struct drsuapi_DsNameInfo1 *info1)
{
int ldb_ret;
struct ldb_result *domain_res = NULL;
const char * const *domain_attrs;
const char * const *result_attrs;
struct ldb_message **result_res = NULL;
struct ldb_message *result = NULL;
struct ldb_dn *result_basedn = NULL;
int i;
char *p;
struct ldb_dn *partitions_basedn = samdb_partitions_dn(sam_ctx, mem_ctx);
const char * const _domain_attrs_1779[] = { "ncName", "dnsRoot", NULL};
const char * const _result_attrs_null[] = { NULL };
const char * const _domain_attrs_canonical[] = { "ncName", "dnsRoot", NULL};
const char * const _result_attrs_canonical[] = { "canonicalName", NULL };
const char * const _domain_attrs_nt4[] = { "ncName", "dnsRoot", "nETBIOSName", NULL};
const char * const _result_attrs_nt4[] = { "sAMAccountName", "objectSid", "objectClass", NULL};
const char * const _domain_attrs_guid[] = { "ncName", "dnsRoot", NULL};
const char * const _result_attrs_guid[] = { "objectGUID", NULL};
const char * const _domain_attrs_display[] = { "ncName", "dnsRoot", NULL};
const char * const _result_attrs_display[] = { "displayName", "samAccountName", NULL};
const char * const _domain_attrs_none[] = { "ncName", "dnsRoot" , NULL};
const char * const _result_attrs_none[] = { NULL};
/* here we need to set the attrs lists for domain and result lookups */
switch (format_desired) {
case DRSUAPI_DS_NAME_FORMAT_FQDN_1779:
case DRSUAPI_DS_NAME_FORMAT_CANONICAL_EX:
domain_attrs = _domain_attrs_1779;
result_attrs = _result_attrs_null;
break;
case DRSUAPI_DS_NAME_FORMAT_CANONICAL:
domain_attrs = _domain_attrs_canonical;
result_attrs = _result_attrs_canonical;
break;
case DRSUAPI_DS_NAME_FORMAT_NT4_ACCOUNT:
domain_attrs = _domain_attrs_nt4;
result_attrs = _result_attrs_nt4;
break;
case DRSUAPI_DS_NAME_FORMAT_GUID:
domain_attrs = _domain_attrs_guid;
result_attrs = _result_attrs_guid;
break;
case DRSUAPI_DS_NAME_FORMAT_DISPLAY:
domain_attrs = _domain_attrs_display;
result_attrs = _result_attrs_display;
break;
default:
domain_attrs = _domain_attrs_none;
result_attrs = _result_attrs_none;
break;
}
if (domain_filter) {
/* if we have a domain_filter look it up and set the result_basedn and the dns_domain_name */
ldb_ret = ldb_search(sam_ctx, mem_ctx, &domain_res,
partitions_basedn,
LDB_SCOPE_ONELEVEL,
domain_attrs,
"%s", domain_filter);
if (ldb_ret != LDB_SUCCESS) {
DEBUG(2, ("DsCrackNameOneFilter domain ref search failed: %s", ldb_errstring(sam_ctx)));
info1->status = DRSUAPI_DS_NAME_STATUS_RESOLVE_ERROR;
return WERR_OK;
}
switch (domain_res->count) {
case 1:
break;
case 0:
info1->status = DRSUAPI_DS_NAME_STATUS_NOT_FOUND;
return WERR_OK;
default:
info1->status = DRSUAPI_DS_NAME_STATUS_NOT_UNIQUE;
return WERR_OK;
}
info1->dns_domain_name = samdb_result_string(domain_res->msgs[0], "dnsRoot", NULL);
W_ERROR_HAVE_NO_MEMORY(info1->dns_domain_name);
info1->status = DRSUAPI_DS_NAME_STATUS_DOMAIN_ONLY;
} else {
info1->dns_domain_name = NULL;
info1->status = DRSUAPI_DS_NAME_STATUS_RESOLVE_ERROR;
}
if (result_filter) {
int ret;
struct ldb_result *res;
if (domain_res) {
result_basedn = samdb_result_dn(sam_ctx, mem_ctx, domain_res->msgs[0], "ncName", NULL);
ret = ldb_search(sam_ctx, mem_ctx, &res,
result_basedn, LDB_SCOPE_SUBTREE,
result_attrs, "%s", result_filter);
if (ret != LDB_SUCCESS) {
talloc_free(result_res);
info1->status = DRSUAPI_DS_NAME_STATUS_RESOLVE_ERROR;
return WERR_OK;
}
ldb_ret = res->count;
result_res = res->msgs;
} else {
/* search with the 'phantom root' flag */
struct ldb_request *req;
res = talloc_zero(mem_ctx, struct ldb_result);
W_ERROR_HAVE_NO_MEMORY(res);
ret = ldb_build_search_req(&req, sam_ctx, mem_ctx,
ldb_get_root_basedn(sam_ctx),
LDB_SCOPE_SUBTREE,
result_filter,
result_attrs,
NULL,
res,
ldb_search_default_callback,
NULL);
if (ret == LDB_SUCCESS) {
struct ldb_search_options_control *search_options;
search_options = talloc(req, struct ldb_search_options_control);
W_ERROR_HAVE_NO_MEMORY(search_options);
search_options->search_options = LDB_SEARCH_OPTION_PHANTOM_ROOT;
ret = ldb_request_add_control(req, LDB_CONTROL_SEARCH_OPTIONS_OID, false, search_options);
}
if (ret != LDB_SUCCESS) {
talloc_free(res);
info1->status = DRSUAPI_DS_NAME_STATUS_RESOLVE_ERROR;
return WERR_OK;
}
ret = ldb_request(sam_ctx, req);
if (ret == LDB_SUCCESS) {
ret = ldb_wait(req->handle, LDB_WAIT_ALL);
}
talloc_free(req);
if (ret != LDB_SUCCESS) {
DEBUG(2, ("DsCrackNameOneFilter phantom root search failed: %s",
ldb_errstring(sam_ctx)));
info1->status = DRSUAPI_DS_NAME_STATUS_RESOLVE_ERROR;
return WERR_OK;
}
ldb_ret = res->count;
result_res = res->msgs;
}
} else if (format_offered == DRSUAPI_DS_NAME_FORMAT_FQDN_1779) {
