diff options
| author | Nadezhda Ivanova <nivanova@samba.org> | 2010-06-28 10:34:14 +0300 |
|---|---|---|
| committer | Nadezhda Ivanova <nivanova@samba.org> | 2010-06-28 10:43:50 +0300 |
| commit | 5a18fc2b2a520977440e301d816bdf11ac966bc2 (patch) | |
| tree | bd00c54b063c3b1be473b353c776e37ebf977e27 /source4/dsdb/common | |
| parent | a0bb31df5d48ddd346728971ff4e0506b8304d9a (diff) | |
| download | samba-5a18fc2b2a520977440e301d816bdf11ac966bc2.tar.gz samba-5a18fc2b2a520977440e301d816bdf11ac966bc2.tar.bz2 samba-5a18fc2b2a520977440e301d816bdf11ac966bc2.zip | |
Implementation of self membership validated right.
When this right is granted, the user can add or remove themselves from a group even
if they dont have write property right.
Diffstat (limited to 'source4/dsdb/common')
| -rw-r--r-- | source4/dsdb/common/util.c | 31 |
1 files changed, 31 insertions, 0 deletions
diff --git a/source4/dsdb/common/util.c b/source4/dsdb/common/util.c index 515d96d085..80736b1712 100644 --- a/source4/dsdb/common/util.c +++ b/source4/dsdb/common/util.c @@ -2514,6 +2514,37 @@ int dsdb_find_sid_by_dn(struct ldb_context *ldb, return LDB_SUCCESS; } +/* + use a SID to find a DN + */ +int dsdb_find_dn_by_sid(struct ldb_context *ldb, + TALLOC_CTX *mem_ctx, + struct dom_sid *sid, struct ldb_dn **dn) +{ + int ret; + struct ldb_result *res; + const char *attrs[] = { NULL }; + char *sid_str = dom_sid_string(mem_ctx, sid); + + if (!sid_str) { + return LDB_ERR_OPERATIONS_ERROR; + } + + ret = dsdb_search(ldb, mem_ctx, &res, NULL, LDB_SCOPE_SUBTREE, attrs, + DSDB_SEARCH_SEARCH_ALL_PARTITIONS | + DSDB_SEARCH_SHOW_EXTENDED_DN | + DSDB_SEARCH_ONE_ONLY, + "objectSID=%s", sid_str); + talloc_free(sid_str); + if (ret != LDB_SUCCESS) { + return ret; + } + + *dn = talloc_steal(mem_ctx, res->msgs[0]->dn); + talloc_free(res); + + return LDB_SUCCESS; +} /* load a repsFromTo blob list for a given partition GUID |