summaryrefslogtreecommitdiff
path: root/source4/rpc_server/lsa
diff options
context:
space:
mode:
authorSimo Sorce <idra@samba.org>2010-02-19 18:09:48 -0500
committerSimo Sorce <idra@samba.org>2010-02-19 18:31:45 -0500
commitda1970c0ff4cd3556102e9357b2e0cf65728c8d6 (patch)
tree5076be44213a1aa271ee63415741dfb86b6dda99 /source4/rpc_server/lsa
parentc8a3c015850b91c991da10d388ec33ea02c5e155 (diff)
downloadsamba-da1970c0ff4cd3556102e9357b2e0cf65728c8d6.tar.gz
samba-da1970c0ff4cd3556102e9357b2e0cf65728c8d6.tar.bz2
samba-da1970c0ff4cd3556102e9357b2e0cf65728c8d6.zip
s4:lsa open trusted domain also with dns name
When searching for a trusted domain object to open, search also the DNS Name attributes for a match. W2K8R2 uses the DNS domain if available.
Diffstat (limited to 'source4/rpc_server/lsa')
-rw-r--r--source4/rpc_server/lsa/dcesrv_lsa.c10
1 files changed, 7 insertions, 3 deletions
diff --git a/source4/rpc_server/lsa/dcesrv_lsa.c b/source4/rpc_server/lsa/dcesrv_lsa.c
index c129612bd7..45fe08eaf0 100644
--- a/source4/rpc_server/lsa/dcesrv_lsa.c
+++ b/source4/rpc_server/lsa/dcesrv_lsa.c
@@ -1261,7 +1261,7 @@ static NTSTATUS dcesrv_lsa_OpenTrustedDomainByName(struct dcesrv_call_state *dce
const char *attrs[] = {
NULL
};
-
+ char *td_name;
int ret;
DCESRV_PULL_HANDLE(policy_handle, r->in.handle, LSA_HANDLE_POLICY);
@@ -1279,10 +1279,12 @@ static NTSTATUS dcesrv_lsa_OpenTrustedDomainByName(struct dcesrv_call_state *dce
trusted_domain_state->policy = policy_state;
/* search for the trusted_domain record */
+ td_name = ldb_binary_encode_string(mem_ctx, r->in.name.string);
ret = gendb_search(trusted_domain_state->policy->sam_ldb,
mem_ctx, policy_state->system_dn, &msgs, attrs,
- "(&(flatname=%s)(objectclass=trustedDomain))",
- ldb_binary_encode_string(mem_ctx, r->in.name.string));
+ "(&(|(flatname=%s)(cn=%s)(trustPartner=%s))"
+ "(objectclass=trustedDomain))",
+ td_name, td_name, td_name);
if (ret == 0) {
return NT_STATUS_OBJECT_NAME_NOT_FOUND;
}
@@ -1293,6 +1295,8 @@ static NTSTATUS dcesrv_lsa_OpenTrustedDomainByName(struct dcesrv_call_state *dce
return NT_STATUS_INTERNAL_DB_CORRUPTION;
}
+ /* TODO: perform access checks */
+
trusted_domain_state->trusted_domain_dn = talloc_reference(trusted_domain_state, msgs[0]->dn);
handle = dcesrv_handle_new(dce_call->context, LSA_HANDLE_TRUSTED_DOMAIN);