diff options
| author | Andrew Tridgell <tridge@samba.org> | 2010-08-20 17:17:23 +1000 |
|---|---|---|
| committer | Andrew Tridgell <tridge@samba.org> | 2010-08-20 20:34:12 +1000 |
| commit | 0cc3525c039e08bee32199109a515fa08933b31d (patch) | |
| tree | 7e66fa885f83153d01e6de39788b8b8151cfc9ac /source4/dsdb | |
| parent | 3d13c9e53a25a3af73c520a0ecfa35eafc80784c (diff) | |
| download | samba-0cc3525c039e08bee32199109a515fa08933b31d.tar.gz samba-0cc3525c039e08bee32199109a515fa08933b31d.tar.bz2 samba-0cc3525c039e08bee32199109a515fa08933b31d.zip | |
s4-dsdb: the RODC_JOIN control also changes samAccountName
when adding a user with the RODC_JOIN control, the samAccountName is
automatically set to the krbtgt_NNNNN form
Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
Diffstat (limited to 'source4/dsdb')
| -rw-r--r-- | source4/dsdb/samdb/ldb_modules/samldb.c | 22 |
1 files changed, 13 insertions, 9 deletions
diff --git a/source4/dsdb/samdb/ldb_modules/samldb.c b/source4/dsdb/samdb/ldb_modules/samldb.c index a12b189027..e657381e96 100644 --- a/source4/dsdb/samdb/ldb_modules/samldb.c +++ b/source4/dsdb/samdb/ldb_modules/samldb.c @@ -410,6 +410,11 @@ found: return ldb_operr(ldb); } + ret = ldb_msg_add_fmt(ac->msg, "samAccountName", "krbtgt_%u", krbtgt_number); + if (ret != LDB_SUCCESS) { + return ldb_operr(ldb); + } + return samldb_next_step(ac); } @@ -986,6 +991,14 @@ static int samldb_fill_object(struct samldb_ctx *ac, const char *type) return LDB_ERR_OPERATIONS_ERROR; } + rodc_control = ldb_request_get_control(ac->req, LDB_CONTROL_RODC_DCPROMO_OID); + if (rodc_control) { + /* see [MS-ADTS] 3.1.1.3.4.1.23 LDAP_SERVER_RODC_DCPROMO_OID */ + rodc_control->critical = false; + ret = samldb_add_step(ac, samldb_rodc_add); + if (ret != LDB_SUCCESS) return ret; + } + /* check if we have a valid samAccountName */ ret = samldb_add_step(ac, samldb_check_samAccountName); if (ret != LDB_SUCCESS) return ret; @@ -1024,15 +1037,6 @@ static int samldb_fill_object(struct samldb_ctx *ac, const char *type) } } - rodc_control = ldb_request_get_control(ac->req, LDB_CONTROL_RODC_DCPROMO_OID); - if (rodc_control) { - /* see [MS-ADTS] 3.1.1.3.4.1.23 LDAP_SERVER_RODC_DCPROMO_OID */ - rodc_control->critical = false; - ret = samldb_add_step(ac, samldb_rodc_add); - if (ret != LDB_SUCCESS) return ret; - } - - /* finally proceed with adding the entry */ ret = samldb_add_step(ac, samldb_add_entry); if (ret != LDB_SUCCESS) return ret; |