summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorAndrew Bartlett <abartlet@samba.org>2011-08-11 15:46:26 +1000
committerAndrew Bartlett <abartlet@samba.org>2011-08-13 12:30:49 +1000
commit2993113a56032be89272a626a7ef4c436d73080a (patch)
treef34b8d5a77f3148232ed4b136067ea4134480e07
parentadd8505fde9d178b3a0dbb71a207485cdb8fc161 (diff)
downloadsamba-2993113a56032be89272a626a7ef4c436d73080a.tar.gz
samba-2993113a56032be89272a626a7ef4c436d73080a.tar.bz2
samba-2993113a56032be89272a626a7ef4c436d73080a.zip
s4-dsdb Add ability to force a particular SID in the upgrade case
-rw-r--r--source3/passdb/pdb_samba4.c3
-rw-r--r--source4/dsdb/common/util_samr.c17
-rw-r--r--source4/rpc_server/samr/dcesrv_samr.c3
3 files changed, 20 insertions, 3 deletions
diff --git a/source3/passdb/pdb_samba4.c b/source3/passdb/pdb_samba4.c
index 5848c23de8..aa3352a658 100644
--- a/source3/passdb/pdb_samba4.c
+++ b/source3/passdb/pdb_samba4.c
@@ -580,7 +580,8 @@ static NTSTATUS pdb_samba4_create_user(struct pdb_methods *m,
/* Internally this uses transactions to ensure all the steps
* happen or fail as one */
- status = dsdb_add_user(state->ldb, tmp_ctx, name, acct_flags, &sid, &dn);
+ status = dsdb_add_user(state->ldb, tmp_ctx, name, acct_flags, NULL,
+ &sid, &dn);
if (!NT_STATUS_IS_OK(status)) {
talloc_free(tmp_ctx);
return status;
diff --git a/source4/dsdb/common/util_samr.c b/source4/dsdb/common/util_samr.c
index 83a8c385af..3ce8d76018 100644
--- a/source4/dsdb/common/util_samr.c
+++ b/source4/dsdb/common/util_samr.c
@@ -36,6 +36,7 @@ NTSTATUS dsdb_add_user(struct ldb_context *ldb,
TALLOC_CTX *mem_ctx,
const char *account_name,
uint32_t acct_flags,
+ const struct dom_sid *forced_sid,
struct dom_sid **sid,
struct ldb_dn **dn)
{
@@ -143,6 +144,18 @@ NTSTATUS dsdb_add_user(struct ldb_context *ldb,
ldb_msg_add_string(msg, "sAMAccountName", account_name);
ldb_msg_add_string(msg, "objectClass", obj_class);
+ /* This is only here for migrations using pdb_samba4, the
+ * caller and the samldb are responsible for ensuring it makes
+ * sense */
+ if (forced_sid) {
+ ret = samdb_msg_add_dom_sid(ldb, msg, msg, "objectSID", forced_sid);
+ if (ret != LDB_SUCCESS) {
+ ldb_transaction_cancel(ldb);
+ talloc_free(tmp_ctx);
+ return NT_STATUS_INTERNAL_ERROR;
+ }
+ }
+
/* create the user */
ret = ldb_add(ldb, msg);
switch (ret) {
@@ -244,7 +257,9 @@ NTSTATUS dsdb_add_user(struct ldb_context *ldb,
return NT_STATUS_INTERNAL_DB_CORRUPTION;
}
*dn = talloc_steal(mem_ctx, account_dn);
- *sid = talloc_steal(mem_ctx, account_sid);
+ if (sid) {
+ *sid = talloc_steal(mem_ctx, account_sid);
+ }
talloc_free(tmp_ctx);
return NT_STATUS_OK;
}
diff --git a/source4/rpc_server/samr/dcesrv_samr.c b/source4/rpc_server/samr/dcesrv_samr.c
index 32aafcd23f..7d062ffff4 100644
--- a/source4/rpc_server/samr/dcesrv_samr.c
+++ b/source4/rpc_server/samr/dcesrv_samr.c
@@ -1205,7 +1205,8 @@ static NTSTATUS dcesrv_samr_CreateUser2(struct dcesrv_call_state *dce_call, TALL
return NT_STATUS_INVALID_PARAMETER;
}
- status = dsdb_add_user(d_state->sam_ctx, mem_ctx, account_name, r->in.acct_flags, &sid, &dn);
+ status = dsdb_add_user(d_state->sam_ctx, mem_ctx, account_name, r->in.acct_flags, NULL,
+ &sid, &dn);
if (!NT_STATUS_IS_OK(status)) {
return status;
}