summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorStefan Metzmacher <metze@samba.org>2007-01-19 15:14:45 +0000
committerGerald (Jerry) Carter <jerry@samba.org>2007-10-10 14:43:50 -0500
commit89278a1469fe8f6c6080d6cb6b81de504802470d (patch)
tree34c433d3703ffcc6f6ad321141346646caf33281
parentc2e492ece3e5dd39c3c113dfe7f745fc900a5dc0 (diff)
downloadsamba-89278a1469fe8f6c6080d6cb6b81de504802470d.tar.gz
samba-89278a1469fe8f6c6080d6cb6b81de504802470d.tar.bz2
samba-89278a1469fe8f6c6080d6cb6b81de504802470d.zip
r20906: allow LDAP simple binds using the following syntaxes in the DN field:
CN=Administrator,CN=Users,DC=w2k3,DC=vmnet1,DC=vm,DC=base Administrator@W2K3 W2K3\Administrator w2k3.vmnet1.vm.base/Users/Administrator w2k3 also allows this (and maybe more...?) metze (This used to be commit 40c27ef88df9021e9ef2a6c43aabab709ac9662f)
-rw-r--r--source4/dsdb/samdb/cracknames.c41
-rw-r--r--source4/ldap_server/ldap_bind.c2
2 files changed, 35 insertions, 8 deletions
diff --git a/source4/dsdb/samdb/cracknames.c b/source4/dsdb/samdb/cracknames.c
index 28c9890db5..02644c78f1 100644
--- a/source4/dsdb/samdb/cracknames.c
+++ b/source4/dsdb/samdb/cracknames.c
@@ -996,9 +996,10 @@ NTSTATUS crack_service_principal_name(struct ldb_context *sam_ctx,
}
-NTSTATUS crack_dn_to_nt4_name(TALLOC_CTX *mem_ctx,
- const char *dn,
- const char **nt4_domain, const char **nt4_account)
+NTSTATUS crack_name_to_nt4_name(TALLOC_CTX *mem_ctx,
+ uint32_t format_offered,
+ const char *name,
+ const char **nt4_domain, const char **nt4_account)
{
WERROR werr;
struct drsuapi_DsNameInfo1 info1;
@@ -1006,7 +1007,7 @@ NTSTATUS crack_dn_to_nt4_name(TALLOC_CTX *mem_ctx,
char *p;
/* Handle anonymous bind */
- if (!dn || !*dn) {
+ if (!name || !*name) {
*nt4_domain = "";
*nt4_account = "";
return NT_STATUS_OK;
@@ -1018,9 +1019,9 @@ NTSTATUS crack_dn_to_nt4_name(TALLOC_CTX *mem_ctx,
}
werr = DsCrackNameOneName(ldb, mem_ctx, 0,
- DRSUAPI_DS_NAME_FORMAT_FQDN_1779,
+ format_offered,
DRSUAPI_DS_NAME_FORMAT_NT4_ACCOUNT,
- dn,
+ name,
&info1);
if (!W_ERROR_IS_OK(werr)) {
return werror_to_ntstatus(werr);
@@ -1054,5 +1055,31 @@ NTSTATUS crack_dn_to_nt4_name(TALLOC_CTX *mem_ctx,
}
return NT_STATUS_OK;
-
+}
+
+NTSTATUS crack_auto_name_to_nt4_name(TALLOC_CTX *mem_ctx,
+ const char *name,
+ const char **nt4_domain,
+ const char **nt4_account)
+{
+ uint32_t format_offered = DRSUAPI_DS_NAME_FORMAT_UKNOWN;
+
+ /* Handle anonymous bind */
+ if (!name || !*name) {
+ *nt4_domain = "";
+ *nt4_account = "";
+ return NT_STATUS_OK;
+ }
+
+ if (strchr_m(name, '=')) {
+ format_offered = DRSUAPI_DS_NAME_FORMAT_FQDN_1779;
+ } else if (strchr_m(name, '@')) {
+ format_offered = DRSUAPI_DS_NAME_FORMAT_USER_PRINCIPAL;
+ } else if (strchr_m(name, '\\')) {
+ format_offered = DRSUAPI_DS_NAME_FORMAT_NT4_ACCOUNT;
+ } else if (strchr_m(name, '/')) {
+ format_offered = DRSUAPI_DS_NAME_FORMAT_CANONICAL;
+ }
+
+ return crack_name_to_nt4_name(mem_ctx, format_offered, name, nt4_domain, nt4_account);
}
diff --git a/source4/ldap_server/ldap_bind.c b/source4/ldap_server/ldap_bind.c
index f88d08e822..3d5df58e21 100644
--- a/source4/ldap_server/ldap_bind.c
+++ b/source4/ldap_server/ldap_bind.c
@@ -45,7 +45,7 @@ static NTSTATUS ldapsrv_BindSimple(struct ldapsrv_call *call)
DEBUG(10, ("BindSimple dn: %s\n",req->dn));
- status = crack_dn_to_nt4_name(call, req->dn, &nt4_domain, &nt4_account);
+ status = crack_auto_name_to_nt4_name(call, req->dn, &nt4_domain, &nt4_account);
if (NT_STATUS_IS_OK(status)) {
status = authenticate_username_pw(call,
call->conn->connection->event.ctx,