summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorVolker Lendecke <vl@samba.org>2009-06-07 23:29:58 +0200
committerVolker Lendecke <vl@samba.org>2009-06-08 21:14:10 +0200
commit66c3cd1e9237fa605d725c1020a37fe61143bf4a (patch)
tree2124469af18cae812c96fd5056bd6f8112878cad
parent963efb5542a18b545824ec2349fe9d2c590329b0 (diff)
downloadsamba-66c3cd1e9237fa605d725c1020a37fe61143bf4a.tar.gz
samba-66c3cd1e9237fa605d725c1020a37fe61143bf4a.tar.bz2
samba-66c3cd1e9237fa605d725c1020a37fe61143bf4a.zip
Implement pdb_ads_create_dom_group()
-rw-r--r--source3/passdb/pdb_ads.c70
1 files changed, 69 insertions, 1 deletions
diff --git a/source3/passdb/pdb_ads.c b/source3/passdb/pdb_ads.c
index d4f381cb0d..26bf176aaf 100644
--- a/source3/passdb/pdb_ads.c
+++ b/source3/passdb/pdb_ads.c
@@ -605,7 +605,75 @@ static NTSTATUS pdb_ads_create_dom_group(struct pdb_methods *m,
TALLOC_CTX *mem_ctx, const char *name,
uint32 *rid)
{
- return NT_STATUS_NOT_IMPLEMENTED;
+ TALLOC_CTX *frame = talloc_stackframe();
+ struct pdb_ads_state *state = talloc_get_type_abort(
+ m->private_data, struct pdb_ads_state);
+ const char *attrs[1] = { "objectSid" };
+ int num_mods = 0;
+ struct tldap_mod *mods = NULL;
+ struct tldap_message **alias;
+ struct dom_sid sid;
+ char *dn;
+ int rc;
+ bool ok = true;
+
+ dn = talloc_asprintf(talloc_tos(), "cn=%s,cn=users,%s", name,
+ state->domaindn);
+ if (dn == NULL) {
+ TALLOC_FREE(frame);
+ return NT_STATUS_NO_MEMORY;
+ }
+
+ ok &= tldap_make_mod_fmt(
+ NULL, talloc_tos(), &num_mods, &mods, "samAccountName", "%s",
+ name);
+ ok &= tldap_make_mod_fmt(
+ NULL, talloc_tos(), &num_mods, &mods, "objectClass", "group");
+ ok &= tldap_make_mod_fmt(
+ NULL, talloc_tos(), &num_mods, &mods, "groupType",
+ "%d", (int)GTYPE_SECURITY_GLOBAL_GROUP);
+
+ if (!ok) {
+ TALLOC_FREE(frame);
+ return NT_STATUS_NO_MEMORY;
+ }
+
+ rc = tldap_add(state->ld, dn, num_mods, mods, NULL, NULL);
+ if (rc != TLDAP_SUCCESS) {
+ DEBUG(10, ("ldap_add failed %s\n",
+ tldap_errstr(debug_ctx(), state->ld, rc)));
+ TALLOC_FREE(frame);
+ return NT_STATUS_LDAP(rc);
+ }
+
+ rc = tldap_search_fmt(
+ state->ld, state->domaindn, TLDAP_SCOPE_SUB,
+ attrs, ARRAY_SIZE(attrs), 0, talloc_tos(), &alias,
+ "(&(objectclass=group)(samaccountname=%s))", name);
+ if (rc != TLDAP_SUCCESS) {
+ DEBUG(10, ("Could not find just created alias %s: %s\n",
+ name, tldap_errstr(debug_ctx(), state->ld, rc)));
+ TALLOC_FREE(frame);
+ return NT_STATUS_LDAP(rc);
+ }
+
+ if (talloc_array_length(alias) != 1) {
+ DEBUG(10, ("Got %d alias, expected one\n",
+ (int)talloc_array_length(alias)));
+ TALLOC_FREE(frame);
+ return NT_STATUS_LDAP(rc);
+ }
+
+ if (!tldap_pull_binsid(alias[0], "objectSid", &sid)) {
+ DEBUG(10, ("Could not fetch objectSid from alias %s\n",
+ name));
+ TALLOC_FREE(frame);
+ return NT_STATUS_INTERNAL_DB_CORRUPTION;
+ }
+
+ sid_peek_rid(&sid, rid);
+ TALLOC_FREE(frame);
+ return NT_STATUS_OK;
}
static NTSTATUS pdb_ads_delete_dom_group(struct pdb_methods *m,