diff options
author | Volker Lendecke <vl@samba.org> | 2011-02-22 15:30:14 +0100 |
---|---|---|
committer | Volker Lendecke <vlendec@samba.org> | 2011-02-22 20:59:07 +0100 |
commit | 56f02e8520095e3ece5787b9f87eb1f222f96344 (patch) | |
tree | 551ad8197cef583f8f07673edadce315339ee87e | |
parent | ecb65332eabd87fa9d4befefada6a117892061ee (diff) | |
download | samba-56f02e8520095e3ece5787b9f87eb1f222f96344.tar.gz samba-56f02e8520095e3ece5787b9f87eb1f222f96344.tar.bz2 samba-56f02e8520095e3ece5787b9f87eb1f222f96344.zip |
s3: Fix filtering in pdb_ads_search_users
Autobuild-User: Volker Lendecke <vlendec@samba.org>
Autobuild-Date: Tue Feb 22 20:59:07 CET 2011 on sn-devel-104
-rw-r--r-- | source3/passdb/pdb_ads.c | 25 |
1 files changed, 19 insertions, 6 deletions
diff --git a/source3/passdb/pdb_ads.c b/source3/passdb/pdb_ads.c index f74fb125ed..48def7e44a 100644 --- a/source3/passdb/pdb_ads.c +++ b/source3/passdb/pdb_ads.c @@ -1985,6 +1985,7 @@ static void pdb_ads_search_end(struct pdb_search *search) static bool pdb_ads_search_filter(struct pdb_methods *m, struct pdb_search *search, const char *filter, + uint32_t acct_flags, struct pdb_ads_search_state **pstate) { struct pdb_ads_state *state = talloc_get_type_abort( @@ -1999,6 +2000,7 @@ static bool pdb_ads_search_filter(struct pdb_methods *m, if (sstate == NULL) { return false; } + sstate->acct_flags = acct_flags; rc = pdb_ads_search_fmt( state, state->domaindn, TLDAP_SCOPE_SUB, @@ -2036,7 +2038,19 @@ static bool pdb_ads_search_filter(struct pdb_methods *m, sid_peek_rid(&sid, &e->rid); if (tldap_pull_uint32(users[i], "userAccountControl", &ctrl)) { + e->acct_flags = ds_uf2acb(ctrl); + + DEBUG(10, ("pdb_ads_search_filter: Found %x, " + "filter %x\n", (int)e->acct_flags, + (int)sstate->acct_flags)); + + + if ((sstate->acct_flags != 0) && + ((sstate->acct_flags & e->acct_flags) == 0)) { + continue; + } + if (e->acct_flags & (ACB_WSTRUST|ACB_SVRTRUST)) { e->acct_flags |= ACB_NORMAL; } @@ -2092,6 +2106,8 @@ static bool pdb_ads_search_users(struct pdb_methods *m, char *filter; bool ret; + DEBUG(10, ("pdb_ads_search_users got flags %x\n", acct_flags)); + if (acct_flags & ACB_NORMAL) { filter = talloc_asprintf( talloc_tos(), @@ -2109,12 +2125,11 @@ static bool pdb_ads_search_users(struct pdb_methods *m, return false; } - ret = pdb_ads_search_filter(m, search, filter, &sstate); + ret = pdb_ads_search_filter(m, search, filter, acct_flags, &sstate); TALLOC_FREE(filter); if (!ret) { return false; } - sstate->acct_flags = acct_flags; return true; } @@ -2131,12 +2146,11 @@ static bool pdb_ads_search_groups(struct pdb_methods *m, if (filter == NULL) { return false; } - ret = pdb_ads_search_filter(m, search, filter, &sstate); + ret = pdb_ads_search_filter(m, search, filter, 0, &sstate); TALLOC_FREE(filter); if (!ret) { return false; } - sstate->acct_flags = 0; return true; } @@ -2157,12 +2171,11 @@ static bool pdb_ads_search_aliases(struct pdb_methods *m, if (filter == NULL) { return false; } - ret = pdb_ads_search_filter(m, search, filter, &sstate); + ret = pdb_ads_search_filter(m, search, filter, 0, &sstate); TALLOC_FREE(filter); if (!ret) { return false; } - sstate->acct_flags = 0; return true; } |