WERROR dreplsrv_load_partitions(struct dreplsrv_service *s) { WERROR status; static const char *attrs[] = { "namingContexts", NULL }; unsigned int i; int ret; TALLOC_CTX *tmp_ctx; struct ldb_result *res; struct ldb_message_element *el; tmp_ctx = talloc_new(s); W_ERROR_HAVE_NO_MEMORY(tmp_ctx); ret = ldb_search(s->samdb, tmp_ctx, &res, ldb_dn_new(tmp_ctx, s->samdb, ""), LDB_SCOPE_BASE, attrs, NULL); if (ret != LDB_SUCCESS) { DEBUG(1,("Searching for namingContexts in rootDSE failed: %s\n", ldb_errstring(s->samdb))); talloc_free(tmp_ctx); return WERR_DS_DRA_INTERNAL_ERROR; } el = ldb_msg_find_element(res->msgs[0], "namingContexts"); if (!el) { DEBUG(1,("Finding namingContexts element in root_res failed: %s\n", ldb_errstring(s->samdb))); talloc_free(tmp_ctx); return WERR_DS_DRA_INTERNAL_ERROR; } for (i=0; i<el->num_values; i++) { struct ldb_dn *pdn; struct dreplsrv_partition *p; pdn = ldb_dn_from_ldb_val(tmp_ctx, s->samdb, &el->values[i]); if (pdn == NULL) { talloc_free(tmp_ctx); return WERR_DS_DRA_INTERNAL_ERROR; } if (!ldb_dn_validate(pdn)) { return WERR_DS_DRA_INTERNAL_ERROR; } p = talloc_zero(s, struct dreplsrv_partition); W_ERROR_HAVE_NO_MEMORY(p); p->dn = talloc_steal(p, pdn); DLIST_ADD(s->partitions, p); DEBUG(2, ("dreplsrv_partition[%s] loaded\n", ldb_dn_get_linearized(p->dn))); } talloc_free(tmp_ctx); status = dreplsrv_refresh_partitions(s); W_ERROR_NOT_OK_RETURN(status); return WERR_OK; }
int ridalloc_new_own_pool(struct ldb_module *module, uint64_t *new_pool, struct ldb_request *parent) { TALLOC_CTX *tmp_ctx = talloc_new(module); struct ldb_dn *rid_manager_dn, *fsmo_role_dn; int ret; struct ldb_context *ldb = ldb_module_get_ctx(module); bool is_us; /* work out who is the RID Manager */ ret = dsdb_module_rid_manager_dn(module, tmp_ctx, &rid_manager_dn, parent); if (ret != LDB_SUCCESS) { ldb_asprintf_errstring(ldb, "Failed to find RID Manager object - %s", ldb_errstring(ldb)); talloc_free(tmp_ctx); return ret; } /* find the DN of the RID Manager */ ret = dsdb_module_reference_dn(module, tmp_ctx, rid_manager_dn, "fSMORoleOwner", &fsmo_role_dn, parent); if (ret != LDB_SUCCESS) { ldb_asprintf_errstring(ldb, "Failed to find fSMORoleOwner in RID Manager object - %s", ldb_errstring(ldb)); talloc_free(tmp_ctx); return ret; } ret = samdb_dn_is_our_ntdsa(ldb, fsmo_role_dn, &is_us); if (ret != LDB_SUCCESS) { ldb_asprintf_errstring(ldb, "Failed to confirm if our ntdsDsa is %s: %s", ldb_dn_get_linearized(fsmo_role_dn), ldb_errstring(ldb)); talloc_free(tmp_ctx); return ret; } if (!is_us) { ret = ridalloc_poke_rid_manager(module); if (ret != LDB_SUCCESS) { ldb_asprintf_errstring(ldb, "Request for remote refresh of RID Set allocation failed: %s", ldb_errstring(ldb)); } else { ldb_asprintf_errstring(ldb, "Remote RID Set refresh needed"); } talloc_free(tmp_ctx); return LDB_ERR_UNWILLING_TO_PERFORM; } /* grab a pool from the RID Manager object */ ret = ridalloc_rid_manager_allocate(module, rid_manager_dn, new_pool, parent); if (ret != LDB_SUCCESS) { talloc_free(tmp_ctx); return ret; } talloc_free(tmp_ctx); return ret; }
int main(int argc, const char **argv) { struct ldb_context *ldb; unsigned int i, count = 0; int ret = LDB_SUCCESS; TALLOC_CTX *mem_ctx = talloc_new(NULL); ldb = ldb_init(mem_ctx, NULL); if (ldb == NULL) { return LDB_ERR_OPERATIONS_ERROR; } options = ldb_cmdline_process(ldb, argc, argv, usage); ret = ldb_transaction_start(ldb); if (ret != LDB_SUCCESS) { printf("Failed to start transaction: %s\n", ldb_errstring(ldb)); return ret; } if (options->argc == 0) { ret = process_file(ldb, stdin, &count); } else { for (i=0;i<options->argc;i++) { const char *fname = options->argv[i]; FILE *f; f = fopen(fname, "r"); if (!f) { perror(fname); return LDB_ERR_OPERATIONS_ERROR; } ret = process_file(ldb, f, &count); fclose(f); } } if (count != 0) { ret = ldb_transaction_commit(ldb); if (ret != LDB_SUCCESS) { printf("Failed to commit transaction: %s\n", ldb_errstring(ldb)); return ret; } } else { ldb_transaction_cancel(ldb); } talloc_free(mem_ctx); if (ret) { printf("Add failed after processing %u records\n", count); } else { printf("Added %u records successfully\n", count); } return ret; }
/* allocate a new range of RIDs in the RID Manager object */ static int ridalloc_rid_manager_allocate(struct ldb_module *module, struct ldb_dn *rid_manager_dn, uint64_t *new_pool, struct ldb_request *parent) { int ret; TALLOC_CTX *tmp_ctx = talloc_new(module); const char *attrs[] = { "rIDAvailablePool", NULL }; uint64_t rid_pool, new_rid_pool, dc_pool; uint32_t rid_pool_lo, rid_pool_hi; struct ldb_result *res; struct ldb_context *ldb = ldb_module_get_ctx(module); const unsigned alloc_size = 500; ret = dsdb_module_search_dn(module, tmp_ctx, &res, rid_manager_dn, attrs, DSDB_FLAG_NEXT_MODULE, parent); if (ret != LDB_SUCCESS) { ldb_asprintf_errstring(ldb, "Failed to find rIDAvailablePool in %s - %s", ldb_dn_get_linearized(rid_manager_dn), ldb_errstring(ldb)); talloc_free(tmp_ctx); return ret; } rid_pool = ldb_msg_find_attr_as_uint64(res->msgs[0], "rIDAvailablePool", 0); rid_pool_lo = rid_pool & 0xFFFFFFFF; rid_pool_hi = rid_pool >> 32; if (rid_pool_lo >= rid_pool_hi) { ldb_asprintf_errstring(ldb, "Out of RIDs in RID Manager - rIDAvailablePool is %u-%u", rid_pool_lo, rid_pool_hi); talloc_free(tmp_ctx); return ret; } /* lower part of new pool is the low part of the rIDAvailablePool */ dc_pool = rid_pool_lo; /* allocate 500 RIDs to this DC */ rid_pool_lo = MIN(rid_pool_hi, rid_pool_lo + alloc_size); /* work out upper part of new pool */ dc_pool |= (((uint64_t)rid_pool_lo-1)<<32); /* and new rIDAvailablePool value */ new_rid_pool = rid_pool_lo | (((uint64_t)rid_pool_hi)<<32); ret = dsdb_module_constrainted_update_uint64(module, rid_manager_dn, "rIDAvailablePool", &rid_pool, &new_rid_pool, parent); if (ret != LDB_SUCCESS) { ldb_asprintf_errstring(ldb, "Failed to update rIDAvailablePool - %s", ldb_errstring(ldb)); talloc_free(tmp_ctx); return ret; } (*new_pool) = dc_pool; talloc_free(tmp_ctx); return LDB_SUCCESS; }
/* * add any missing repsFrom structures to our partitions */ static NTSTATUS kccsrv_add_repsFrom(struct kccsrv_service *s, TALLOC_CTX *mem_ctx, struct repsFromToBlob *reps, uint32_t count) { struct kccsrv_partition *p; /* update the repsFrom on all partitions */ for (p=s->partitions; p; p=p->next) { struct repsFromToBlob *old_reps; uint32_t old_count; WERROR werr; int i; bool modified = false; werr = dsdb_loadreps(s->samdb, mem_ctx, p->dn, "repsFrom", &old_reps, &old_count); if (!W_ERROR_IS_OK(werr)) { DEBUG(0,(__location__ ": Failed to load repsFrom from %s - %s\n", ldb_dn_get_linearized(p->dn), ldb_errstring(s->samdb))); return NT_STATUS_INTERNAL_DB_CORRUPTION; } /* add any new ones */ for (i=0; i<count; i++) { if (!reps_in_list(&reps[i], old_reps, old_count)) { old_reps = talloc_realloc(mem_ctx, old_reps, struct repsFromToBlob, old_count+1); NT_STATUS_HAVE_NO_MEMORY(old_reps); old_reps[old_count] = reps[i]; old_count++; modified = true; } } /* remove any stale ones */ for (i=0; i<old_count; i++) { if (!reps_in_list(&old_reps[i], reps, count)) { memmove(&old_reps[i], &old_reps[i+1], (old_count-(i+1))*sizeof(old_reps[0])); old_count--; i--; modified = true; } } if (modified) { werr = dsdb_savereps(s->samdb, mem_ctx, p->dn, "repsFrom", old_reps, old_count); if (!W_ERROR_IS_OK(werr)) { DEBUG(0,(__location__ ": Failed to save repsFrom to %s - %s\n", ldb_dn_get_linearized(p->dn), ldb_errstring(s->samdb))); return NT_STATUS_INTERNAL_DB_CORRUPTION; } } }
/* refresh a RID Set object for the specified DC also returns the first RID for the new pool */ static int ridalloc_refresh_rid_set_ntds(struct ldb_module *module, struct ldb_dn *rid_manager_dn, struct ldb_dn *ntds_dn, uint64_t *new_pool) { TALLOC_CTX *tmp_ctx = talloc_new(module); struct ldb_dn *server_dn, *machine_dn, *rid_set_dn; struct ldb_context *ldb = ldb_module_get_ctx(module); int ret; /* grab a pool from the RID Manager object */ ret = ridalloc_rid_manager_allocate(module, rid_manager_dn, new_pool); if (ret != LDB_SUCCESS) { talloc_free(tmp_ctx); return ret; } server_dn = ldb_dn_get_parent(tmp_ctx, ntds_dn); if (!server_dn) { ldb_module_oom(module); talloc_free(tmp_ctx); return LDB_ERR_OPERATIONS_ERROR; } ret = dsdb_module_reference_dn(module, tmp_ctx, server_dn, "serverReference", &machine_dn); if (ret != LDB_SUCCESS) { ldb_asprintf_errstring(ldb, "Failed to find serverReference in %s - %s", ldb_dn_get_linearized(server_dn), ldb_errstring(ldb)); talloc_free(tmp_ctx); return ret; } ret = dsdb_module_reference_dn(module, tmp_ctx, machine_dn, "rIDSetReferences", &rid_set_dn); if (ret != LDB_SUCCESS) { ldb_asprintf_errstring(ldb, "Failed to find rIDSetReferences in %s - %s", ldb_dn_get_linearized(machine_dn), ldb_errstring(ldb)); talloc_free(tmp_ctx); return ret; } ret = dsdb_module_set_integer(module, rid_set_dn, "rIDAllocationPool", *new_pool); if (ret != LDB_SUCCESS) { ldb_asprintf_errstring(ldb, "Failed to modify RID Set object %s - %s", ldb_dn_get_linearized(rid_set_dn), ldb_errstring(ldb)); talloc_free(tmp_ctx); return ret; } talloc_free(tmp_ctx); return LDB_SUCCESS; }
static int map_ldb_error(struct ldb_context *ldb, int err, const char **errstring) { *errstring = ldb_errstring(ldb); /* its 1:1 for now */ return err; }
/* construct msDS-UserPasswordExpiryTimeComputed */ static int construct_msds_user_password_expiry_time_computed(struct ldb_module *module, struct ldb_message *msg, enum ldb_scope scope, struct ldb_request *parent) { struct ldb_context *ldb = ldb_module_get_ctx(module); struct ldb_dn *nc_root; int64_t password_expiry_time; int ret; ret = dsdb_find_nc_root(ldb, msg, msg->dn, &nc_root); if (ret != 0) { ldb_asprintf_errstring(ldb, "Failed to find NC root of DN: %s: %s", ldb_dn_get_linearized(msg->dn), ldb_errstring(ldb)); return ret; } if (ldb_dn_compare(nc_root, ldb_get_default_basedn(ldb)) != 0) { /* Only calculate this on our default NC */ return 0; } password_expiry_time = get_msds_user_password_expiry_time_computed(module, msg, nc_root); return samdb_msg_add_int64(ldb, msg->elements, msg, "msDS-UserPasswordExpiryTimeComputed", password_expiry_time); }
/* add records from an opened file */ static int process_file(struct ldb_context *ldb, FILE *f, int *count, int *failures) { struct ldb_ldif *ldif; int ret = LDB_SUCCESS; while ((ldif = ldb_ldif_read_file(ldb, f))) { if (ldif->changetype != LDB_CHANGETYPE_ADD && ldif->changetype != LDB_CHANGETYPE_NONE) { fprintf(stderr, "Only CHANGETYPE_ADD records allowed\n"); break; } ldif->msg = ldb_msg_canonicalize(ldb, ldif->msg); ret = ldb_add(ldb, ldif->msg); if (ret != LDB_SUCCESS) { fprintf(stderr, "ERR: \"%s\" on DN %s\n", ldb_errstring(ldb), ldb_dn_linearize(ldb, ldif->msg->dn)); (*failures)++; } else { (*count)++; } ldb_ldif_read_free(ldb, ldif); } return ret; }
static isc_result_t dlz_bind9_writeable_zone_hook(dns_view_t *view, const char *zone_name) { struct torture_context *tctx = talloc_get_type((void *)view, struct torture_context); struct ldb_context *samdb = samdb_connect_url(tctx, NULL, tctx->lp_ctx, system_session(tctx->lp_ctx), 0, lpcfg_private_path(tctx, tctx->lp_ctx, "dns/sam.ldb")); struct ldb_message *msg; int ret; const char *attrs[] = { NULL }; if (!samdb) { torture_fail(tctx, "Failed to connect to samdb"); return ISC_R_FAILURE; } ret = dsdb_search_one(samdb, tctx, &msg, NULL, LDB_SCOPE_SUBTREE, attrs, DSDB_SEARCH_SEARCH_ALL_PARTITIONS, "(&(objectClass=dnsZone)(name=%s))", zone_name); if (ret != LDB_SUCCESS) { torture_fail(tctx, talloc_asprintf(tctx, "Failed to search for %s: %s", zone_name, ldb_errstring(samdb))); return ISC_R_FAILURE; } talloc_free(msg); return ISC_R_SUCCESS; }
static int ldb_delete_recursive(struct ldb_context *ldb, struct ldb_dn *dn) { int ret, i, total=0; const char *attrs[] = { NULL }; struct ldb_result *res; ret = ldb_search(ldb, ldb, &res, dn, LDB_SCOPE_SUBTREE, attrs, "distinguishedName=*"); if (ret != LDB_SUCCESS) return -1; /* sort the DNs, deepest first */ qsort(res->msgs, res->count, sizeof(res->msgs[0]), dn_cmp); for (i = 0; i < res->count; i++) { if (ldb_delete(ldb, res->msgs[i]->dn) == 0) { total++; } else { printf("Failed to delete '%s' - %s\n", ldb_dn_get_linearized(res->msgs[i]->dn), ldb_errstring(ldb)); } } talloc_free(res); if (total == 0) { return -1; } printf("Deleted %d records\n", total); return 0; }
static int prepare_modules_line(struct ldb_context *ldb, TALLOC_CTX *mem_ctx, const struct ldb_message *rootdse_msg, struct ldb_message *msg, const char *backend_attr, const char *backend_mod, const char **backend_mod_list) { int ret; const char **backend_full_list; const char *backend_dn; char *mod_list_string; char *full_string; TALLOC_CTX *tmp_ctx = talloc_new(mem_ctx); if (!tmp_ctx) { return ldb_oom(ldb); } if (backend_attr) { backend_dn = ldb_msg_find_attr_as_string(rootdse_msg, backend_attr, NULL); if (!backend_dn) { ldb_asprintf_errstring(ldb, "samba_dsdb_init: " "unable to read %s from %s:%s", backend_attr, ldb_dn_get_linearized(rootdse_msg->dn), ldb_errstring(ldb)); return LDB_ERR_CONSTRAINT_VIOLATION; } } else { backend_dn = "*"; } if (backend_mod) { char **b = str_list_make_single(tmp_ctx, backend_mod); backend_full_list = discard_const_p(const char *, b); } else {
/* process modifies for one file */ static int process_file(struct ldb_context *ldb, FILE *f, int *count) { struct ldb_ldif *ldif; int ret = LDB_SUCCESS; while ((ldif = ldb_ldif_read_file(ldb, f))) { switch (ldif->changetype) { case LDB_CHANGETYPE_NONE: case LDB_CHANGETYPE_ADD: ret = ldb_add(ldb, ldif->msg); break; case LDB_CHANGETYPE_DELETE: ret = ldb_delete(ldb, ldif->msg->dn); break; case LDB_CHANGETYPE_MODIFY: ret = ldb_modify(ldb, ldif->msg); break; } if (ret != LDB_SUCCESS) { fprintf(stderr, "ERR: \"%s\" on DN %s\n", ldb_errstring(ldb), ldb_dn_get_linearized(ldif->msg->dn)); failures++; } else { (*count)++; } ldb_ldif_read_free(ldb, ldif); } return ret; }
int main(int argc, const char **argv) { struct ldb_context *ldb; int ret; struct ldb_cmdline *options; const struct ldb_dn *dn1, *dn2; ldb_global_init(); ldb = ldb_init(NULL); options = ldb_cmdline_process(ldb, argc, argv, usage); if (options->argc < 2) { usage(); } dn1 = ldb_dn_explode(ldb, options->argv[0]); dn2 = ldb_dn_explode(ldb, options->argv[1]); ret = ldb_rename(ldb, dn1, dn2); if (ret == 0) { printf("Renamed 1 record\n"); } else { printf("rename of '%s' to '%s' failed - %s\n", options->argv[0], options->argv[1], ldb_errstring(ldb)); } talloc_free(ldb); return ret; }
static int samldb_allocate_next_rid(struct ldb_module *module, TALLOC_CTX *mem_ctx, struct ldb_dn *dn, const struct dom_sid *dom_sid, struct dom_sid **new_sid) { struct dom_sid *obj_sid; uint32_t old_rid; int ret; ret = samldb_find_next_rid(module, mem_ctx, dn, &old_rid); if (ret) { return ret; } /* return the new object sid */ obj_sid = dom_sid_add_rid(mem_ctx, dom_sid, old_rid); *new_sid = dom_sid_add_rid(mem_ctx, dom_sid, old_rid + 1); if (!*new_sid) { return LDB_ERR_OPERATIONS_ERROR; } ret = samldb_notice_sid(module, mem_ctx, *new_sid); if (ret != 0) { /* gah, there are conflicting sids. * This is a critical situation it means that someone messed up with * the DB and nextRid is not returning free RIDs, report an error * and refuse to create any user until the problem is fixed */ ldb_asprintf_errstring(module->ldb, "Critical Error: unconsistent DB, unable to retireve an unique RID to generate a new SID: %s", ldb_errstring(module->ldb)); return ret; } return ret; }
/* search the domain related to the provided dn allocate a new RID for the domain return the new sid string */ static int samldb_get_new_sid(struct ldb_module *module, TALLOC_CTX *mem_ctx, struct ldb_dn *obj_dn, struct dom_sid **sid) { const char * const attrs[2] = { "objectSid", NULL }; struct ldb_result *res = NULL; struct ldb_dn *dom_dn; int ret; struct dom_sid *dom_sid; /* get the domain component part of the provided dn */ dom_dn = samldb_search_domain(module, mem_ctx, obj_dn); if (dom_dn == NULL) { ldb_asprintf_errstring(module->ldb, "Invalid dn (%s) not child of a domain object!\n", ldb_dn_get_linearized(obj_dn)); return LDB_ERR_CONSTRAINT_VIOLATION; } /* find the domain sid */ ret = ldb_search(module->ldb, dom_dn, LDB_SCOPE_BASE, "objectSid=*", attrs, &res); if (ret != LDB_SUCCESS) { ldb_asprintf_errstring(module->ldb, "samldb_get_new_sid: error retrieving domain sid from %s: %s!\n", ldb_dn_get_linearized(dom_dn), ldb_errstring(module->ldb)); talloc_free(res); return ret; } if (res->count != 1) { ldb_asprintf_errstring(module->ldb, "samldb_get_new_sid: error retrieving domain sid from %s: not found!\n", ldb_dn_get_linearized(dom_dn)); talloc_free(res); return LDB_ERR_CONSTRAINT_VIOLATION; } dom_sid = samdb_result_dom_sid(res, res->msgs[0], "objectSid"); if (dom_sid == NULL) { ldb_set_errstring(module->ldb, "samldb_get_new_sid: error parsing domain sid!\n"); talloc_free(res); return LDB_ERR_CONSTRAINT_VIOLATION; } /* allocate a new Rid for the domain */ ret = samldb_allocate_next_rid(module, mem_ctx, dom_dn, dom_sid, sid); if (ret != 0) { ldb_debug(module->ldb, LDB_DEBUG_FATAL, "Failed to increment nextRid of %s: %s\n", ldb_dn_get_linearized(dom_dn), ldb_errstring(module->ldb)); talloc_free(res); return ret; } talloc_free(res); return ret; }
/* construct msDS-User-Account-Control-Computed attr */ static int construct_msds_user_account_control_computed(struct ldb_module *module, struct ldb_message *msg, enum ldb_scope scope, struct ldb_request *parent) { uint32_t userAccountControl; uint32_t msDS_User_Account_Control_Computed = 0; struct ldb_context *ldb = ldb_module_get_ctx(module); NTTIME now; struct ldb_dn *nc_root; int ret; ret = dsdb_find_nc_root(ldb, msg, msg->dn, &nc_root); if (ret != 0) { ldb_asprintf_errstring(ldb, "Failed to find NC root of DN: %s: %s", ldb_dn_get_linearized(msg->dn), ldb_errstring(ldb_module_get_ctx(module))); return ret; } if (ldb_dn_compare(nc_root, ldb_get_default_basedn(ldb)) != 0) { /* Only calculate this on our default NC */ return 0; } /* Test account expire time */ unix_to_nt_time(&now, time(NULL)); userAccountControl = ldb_msg_find_attr_as_uint(msg, "userAccountControl", 0); if (!(userAccountControl & _UF_TRUST_ACCOUNTS)) { int64_t lockoutTime = ldb_msg_find_attr_as_int64(msg, "lockoutTime", 0); if (lockoutTime != 0) { int64_t lockoutDuration = samdb_search_int64(ldb, msg, 0, nc_root, "lockoutDuration", NULL); if (lockoutDuration >= 0) { msDS_User_Account_Control_Computed |= UF_LOCKOUT; } else if (lockoutTime - lockoutDuration >= now) { msDS_User_Account_Control_Computed |= UF_LOCKOUT; } } } if (!(userAccountControl & _UF_NO_EXPIRY_ACCOUNTS)) { NTTIME must_change_time = get_msds_user_password_expiry_time_computed(module, msg, nc_root); /* check for expired password */ if (must_change_time < now) { msDS_User_Account_Control_Computed |= UF_PASSWORD_EXPIRED; } } return samdb_msg_add_int64(ldb, msg->elements, msg, "msDS-User-Account-Control-Computed", msDS_User_Account_Control_Computed); }
static int prepare_modules_line(struct ldb_context *ldb, TALLOC_CTX *mem_ctx, const struct ldb_message *rootdse_msg, struct ldb_message *msg, const char *backend_attr, const char *backend_mod, const char **backend_mod_list) { int ret; const char **backend_full_list; const char *backend_dn; char *mod_list_string; char *full_string; TALLOC_CTX *tmp_ctx = talloc_new(mem_ctx); if (!tmp_ctx) { return ldb_oom(ldb); } if (backend_attr) { backend_dn = ldb_msg_find_attr_as_string(rootdse_msg, backend_attr, NULL); if (!backend_dn) { ldb_asprintf_errstring(ldb, "samba_dsdb_init: " "unable to read %s from %s:%s", backend_attr, ldb_dn_get_linearized(rootdse_msg->dn), ldb_errstring(ldb)); return LDB_ERR_CONSTRAINT_VIOLATION; } } else { backend_dn = "*"; } if (backend_mod) { backend_full_list = (const char **)str_list_make_single(tmp_ctx, backend_mod); } else { backend_full_list = (const char **)str_list_make_empty(tmp_ctx); } if (!backend_full_list) { talloc_free(tmp_ctx); return ldb_oom(ldb); } backend_full_list = str_list_append_const(backend_full_list, backend_mod_list); if (!backend_full_list) { talloc_free(tmp_ctx); return ldb_oom(ldb); } mod_list_string = str_list_join(tmp_ctx, backend_full_list, ','); if (!mod_list_string) { talloc_free(tmp_ctx); return ldb_oom(ldb); } full_string = talloc_asprintf(tmp_ctx, "%s:%s", backend_dn, mod_list_string); ret = ldb_msg_add_steal_string(msg, "modules", full_string); talloc_free(tmp_ctx); return ret; }
/* * Initialize metadata. Load metadata.tdb. * If missing, create it and fill in sequence number */ int partition_metadata_init(struct ldb_module *module) { struct partition_private_data *data; int ret; data = talloc_get_type_abort(ldb_module_get_private(module), struct partition_private_data); data->metadata = talloc_zero(data, struct partition_metadata); if (data->metadata == NULL) { return ldb_module_oom(module); } ret = partition_metadata_open(module, false); if (ret == LDB_SUCCESS) { goto end; } /* metadata.tdb does not exist, create it */ DEBUG(2, ("partition_metadata: Migrating partition metadata: " "open of metadata.tdb gave: %s\n", ldb_errstring(ldb_module_get_ctx(module)))); ret = partition_metadata_open(module, true); if (ret != LDB_SUCCESS) { ldb_asprintf_errstring(ldb_module_get_ctx(module), "partition_metadata: " "Migrating partition metadata: " "create of metadata.tdb gave: %s\n", ldb_errstring(ldb_module_get_ctx(module))); talloc_free(data->metadata); data->metadata = NULL; goto end; } ret = partition_metadata_set_sequence_number(module); if (ret != LDB_SUCCESS) { talloc_free(data->metadata); data->metadata = NULL; } end: return ret; }
/* get a new RID pool for ourselves also returns the first rid for the new pool */ static int ridalloc_new_own_pool(struct ldb_module *module, uint64_t *new_pool, struct ldb_request *parent) { TALLOC_CTX *tmp_ctx = talloc_new(module); struct ldb_dn *rid_manager_dn, *fsmo_role_dn; int ret; struct ldb_context *ldb = ldb_module_get_ctx(module); /* work out who is the RID Manager */ ret = dsdb_module_rid_manager_dn(module, tmp_ctx, &rid_manager_dn, parent); if (ret != LDB_SUCCESS) { ldb_asprintf_errstring(ldb, "Failed to find RID Manager object - %s", ldb_errstring(ldb)); talloc_free(tmp_ctx); return ret; } /* find the DN of the RID Manager */ ret = dsdb_module_reference_dn(module, tmp_ctx, rid_manager_dn, "fSMORoleOwner", &fsmo_role_dn, parent); if (ret != LDB_SUCCESS) { ldb_asprintf_errstring(ldb, "Failed to find fSMORoleOwner in RID Manager object - %s", ldb_errstring(ldb)); talloc_free(tmp_ctx); return ret; } if (ldb_dn_compare(samdb_ntds_settings_dn(ldb), fsmo_role_dn) != 0) { ridalloc_poke_rid_manager(module); ldb_asprintf_errstring(ldb, "Remote RID Set allocation needs refresh"); talloc_free(tmp_ctx); return LDB_ERR_UNWILLING_TO_PERFORM; } /* grab a pool from the RID Manager object */ ret = ridalloc_rid_manager_allocate(module, rid_manager_dn, new_pool, parent); if (ret != LDB_SUCCESS) { talloc_free(tmp_ctx); return ret; } talloc_free(tmp_ctx); return ret; }
/* search the sam for the specified attributes - va_list variant */ int gendb_search_v(struct ldb_context *ldb, TALLOC_CTX *mem_ctx, struct ldb_dn *basedn, struct ldb_message ***msgs, const char * const *attrs, const char *format, va_list ap) { enum ldb_scope scope = LDB_SCOPE_SUBTREE; struct ldb_result *res; char *expr = NULL; int ret; if (format) { expr = talloc_vasprintf(mem_ctx, format, ap); if (expr == NULL) { return -1; } } else { scope = LDB_SCOPE_BASE; } res = NULL; ret = ldb_search(ldb, mem_ctx, &res, basedn, scope, attrs, expr?"%s":NULL, expr); if (ret == LDB_SUCCESS) { talloc_steal(mem_ctx, res->msgs); DEBUG(6,("gendb_search_v: %s %s -> %d\n", basedn?ldb_dn_get_linearized(basedn):"NULL", expr?expr:"NULL", res->count)); ret = res->count; *msgs = res->msgs; talloc_free(res); } else if (scope == LDB_SCOPE_BASE && ret == LDB_ERR_NO_SUCH_OBJECT) { ret = 0; *msgs = NULL; } else { DEBUG(4,("gendb_search_v: search failed: %s\n", ldb_errstring(ldb))); ret = -1; } talloc_free(expr); return ret; }
static PyObject *py_dsdb_load_partition_usn(PyObject *self, PyObject *args) { PyObject *py_dn, *py_ldb, *result; struct ldb_dn *dn; uint64_t highest_uSN, urgent_uSN; struct ldb_context *ldb; TALLOC_CTX *mem_ctx; int ret; if (!PyArg_ParseTuple(args, "OO", &py_ldb, &py_dn)) { return NULL; } PyErr_LDB_OR_RAISE(py_ldb, ldb); mem_ctx = talloc_new(NULL); if (mem_ctx == NULL) { PyErr_NoMemory(); return NULL; } if (!pyldb_Object_AsDn(mem_ctx, py_dn, ldb, &dn)) { talloc_free(mem_ctx); return NULL; } ret = dsdb_load_partition_usn(ldb, dn, &highest_uSN, &urgent_uSN); if (ret != LDB_SUCCESS) { PyErr_Format(PyExc_RuntimeError, "Failed to load partition [%s] uSN - %s", ldb_dn_get_linearized(dn), ldb_errstring(ldb)); talloc_free(mem_ctx); return NULL; } talloc_free(mem_ctx); result = PyDict_New(); PyDict_SetItemString(result, "uSNHighest", PyInt_FromLong((uint64_t)highest_uSN)); PyDict_SetItemString(result, "uSNUrgent", PyInt_FromLong((uint64_t)urgent_uSN)); return result; }
int confdb_create_base(struct confdb_ctx *cdb) { int ret; struct ldb_ldif *ldif; const char *base_ldif = CONFDB_BASE_LDIF; while ((ldif = ldb_ldif_read_string(cdb->ldb, &base_ldif))) { ret = ldb_add(cdb->ldb, ldif->msg); if (ret != LDB_SUCCESS) { DEBUG(0, ("Failed to initialize DB (%d,[%s]), aborting!\n", ret, ldb_errstring(cdb->ldb))); return EIO; } ldb_ldif_read_free(cdb->ldb, ldif); } return EOK; }
int main(int argc, const char **argv) { struct ldb_context *ldb; int ret = 0, i; struct ldb_cmdline *options; ldb = ldb_init(NULL, NULL); options = ldb_cmdline_process(ldb, argc, argv, usage); if (options->argc < 1) { usage(); exit(1); } for (i=0;i<options->argc;i++) { struct ldb_dn *dn; dn = ldb_dn_new(ldb, ldb, options->argv[i]); if ( ! ldb_dn_validate(dn)) { printf("Invalid DN format\n"); exit(1); } if (options->recursive) { ret = ldb_delete_recursive(ldb, dn); } else { ret = ldb_delete(ldb, dn); if (ret == 0) { printf("Deleted 1 record\n"); } } if (ret != 0) { printf("delete of '%s' failed - %s\n", ldb_dn_get_linearized(dn), ldb_errstring(ldb)); } } talloc_free(ldb); return ret; }
/* return the dn key to be used for an index caller frees */ static struct ldb_dn *ltdb_index_key(struct ldb_context *ldb, const char *attr, const struct ldb_val *value) { struct ldb_dn *ret; struct ldb_val v; const struct ldb_schema_attribute *a; char *attr_folded; int r; attr_folded = ldb_attr_casefold(ldb, attr); if (!attr_folded) { return NULL; } a = ldb_schema_attribute_by_name(ldb, attr); r = a->syntax->canonicalise_fn(ldb, ldb, value, &v); if (r != LDB_SUCCESS) { const char *errstr = ldb_errstring(ldb); /* canonicalisation can be refused. For example, a attribute that takes wildcards will refuse to canonicalise if the value contains a wildcard */ ldb_asprintf_errstring(ldb, "Failed to create index key for attribute '%s':%s%s%s", attr, ldb_strerror(r), (errstr?":":""), (errstr?errstr:"")); talloc_free(attr_folded); return NULL; } if (ldb_should_b64_encode(&v)) { char *vstr = ldb_base64_encode(ldb, (char *)v.data, v.length); if (!vstr) return NULL; ret = ldb_dn_new_fmt(ldb, ldb, "%s:%s::%s", LTDB_INDEX, attr_folded, vstr); talloc_free(vstr); } else { ret = ldb_dn_new_fmt(ldb, ldb, "%s:%s:%.*s", LTDB_INDEX, attr_folded, (int)v.length, (char *)v.data); } if (v.data != value->data) { talloc_free(v.data); } talloc_free(attr_folded); return ret; }
/* call into samdb_rodc() */ static PyObject *py_dsdb_am_rodc(PyObject *self, PyObject *args) { PyObject *py_ldb; struct ldb_context *ldb; int ret; bool am_rodc; if (!PyArg_ParseTuple(args, "O", &py_ldb)) return NULL; PyErr_LDB_OR_RAISE(py_ldb, ldb); ret = samdb_rodc(ldb, &am_rodc); if (ret != LDB_SUCCESS) { PyErr_SetString(PyExc_RuntimeError, ldb_errstring(ldb)); return NULL; } return PyBool_FromLong(am_rodc); }
static int confdb_write_ldif(struct confdb_ctx *cdb, const char *config_ldif, bool replace_whole_db) { int ret; struct ldb_ldif *ldif; while ((ldif = ldb_ldif_read_string(cdb->ldb, &config_ldif))) { if (ldif->changetype == LDB_CHANGETYPE_DELETE) { /* We should remove this section */ ret = ldb_delete(cdb->ldb, ldif->msg->dn); if (ret == LDB_ERR_NO_SUCH_OBJECT) { /* Removing a non-existing section is not an error */ ret = LDB_SUCCESS; } } else { ret = ldb_add(cdb->ldb, ldif->msg); if (ret != LDB_SUCCESS && replace_whole_db == false) { /* This section already existed, remove and re-add it. We * really want to replace the whole thing instead of messing * around with changetypes and flags on individual elements */ ret = ldb_delete(cdb->ldb, ldif->msg->dn); if (ret == LDB_SUCCESS) { ret = ldb_add(cdb->ldb, ldif->msg); } } } if (ret != LDB_SUCCESS) { DEBUG(SSSDBG_FATAL_FAILURE, "Failed to initialize DB (%d,[%s]), aborting!\n", ret, ldb_errstring(cdb->ldb)); return EIO; } ldb_ldif_read_free(cdb->ldb, ldif); } return EOK; }
/** * Writes schema_info structure into schemaInfo * attribute on SCHEMA partition * * @param dsdb_flags DSDB_FLAG_... flag of 0 */ int dsdb_module_schema_info_blob_write(struct ldb_module *ldb_module, uint32_t dsdb_flags, struct ldb_val *schema_info_blob, struct ldb_request *parent) { int ldb_err; struct ldb_message *msg; TALLOC_CTX *temp_ctx; temp_ctx = talloc_new(ldb_module); if (temp_ctx == NULL) { return ldb_module_oom(ldb_module); } /* write serialized schemaInfo into LDB */ ldb_err = dsdb_schema_info_write_prepare(ldb_module_get_ctx(ldb_module), schema_info_blob, temp_ctx, &msg); if (ldb_err != LDB_SUCCESS) { talloc_free(temp_ctx); return ldb_err; } ldb_err = dsdb_module_modify(ldb_module, msg, dsdb_flags, parent); talloc_free(temp_ctx); if (ldb_err != LDB_SUCCESS) { ldb_asprintf_errstring(ldb_module_get_ctx(ldb_module), "dsdb_module_schema_info_blob_write: dsdb_replace failed: %s (%s)\n", ldb_strerror(ldb_err), ldb_errstring(ldb_module_get_ctx(ldb_module))); return ldb_err; } return LDB_SUCCESS; }
errno_t sysdb_svc_remove_alias(struct sysdb_ctx *sysdb, struct ldb_dn *dn, const char *alias) { errno_t ret; struct ldb_message *msg; int lret; msg = ldb_msg_new(NULL); if (!msg) { ret = ENOMEM; goto done; } msg->dn = dn; ret = add_string(msg, SYSDB_MOD_DEL, SYSDB_NAME_ALIAS, alias); if (ret != EOK) goto done; lret = ldb_modify(sysdb->ldb, msg); if (lret != LDB_SUCCESS) { DEBUG(SSSDBG_MINOR_FAILURE, "ldb_modify failed: [%s](%d)[%s]\n", ldb_strerror(lret), lret, ldb_errstring(sysdb->ldb)); } ret = sysdb_error_to_errno(lret); done: if (ret) { DEBUG(SSSDBG_TRACE_INTERNAL, "Error: %d (%s)\n", ret, strerror(ret)); } talloc_zfree(msg); return ret; }
int main(int argc, const char **argv) { struct ldb_context *ldb; int ret; struct ldb_cmdline *options; struct ldb_dn *dn1, *dn2; TALLOC_CTX *mem_ctx = talloc_new(NULL); ldb = ldb_init(mem_ctx, NULL); if (ldb == NULL) { return LDB_ERR_OPERATIONS_ERROR; } options = ldb_cmdline_process(ldb, argc, argv, usage); if (options->argc < 2) { usage(ldb); } dn1 = ldb_dn_new(ldb, ldb, options->argv[0]); dn2 = ldb_dn_new(ldb, ldb, options->argv[1]); if ((dn1 == NULL) || (dn2 == NULL)) { return LDB_ERR_OPERATIONS_ERROR; } ret = ldb_rename(ldb, dn1, dn2); if (ret == LDB_SUCCESS) { printf("Renamed 1 record\n"); } else { printf("rename of '%s' to '%s' failed - %s\n", options->argv[0], options->argv[1], ldb_errstring(ldb)); } talloc_free(mem_ctx); return ret; }