diff options
| author | Andrew Bartlett <abartlet@samba.org> | 2007-07-26 07:27:46 +0000 |
|---|---|---|
| committer | Gerald (Jerry) Carter <jerry@samba.org> | 2007-10-10 15:01:19 -0500 |
| commit | 41ab04e37c038418008cd8a31e30a57593ac846c (patch) | |
| tree | a6809a8227d695369dd81e65730a6e0df1ad0ba6 /source4/rpc_server/samr | |
| parent | 32d55960b5417fbee1af5d82960e6c2da58ec8a2 (diff) | |
| download | samba-41ab04e37c038418008cd8a31e30a57593ac846c.tar.gz samba-41ab04e37c038418008cd8a31e30a57593ac846c.tar.bz2 samba-41ab04e37c038418008cd8a31e30a57593ac846c.zip | |
r24053: Ensure we filter EnumDomainUsers with the supplied mask.
Should fix another part (list of domains in usrmgr incorrectly
including accounts) of bug #4815 by mwallnoefer@yahoo.de.
Andrew Bartlett
(This used to be commit 7f7e4fe2989ef4cb7ec0f855b25e558f3bbd18c5)
Diffstat (limited to 'source4/rpc_server/samr')
| -rw-r--r-- | source4/rpc_server/samr/dcesrv_samr.c | 32 |
1 files changed, 20 insertions, 12 deletions
diff --git a/source4/rpc_server/samr/dcesrv_samr.c b/source4/rpc_server/samr/dcesrv_samr.c index cedf4059e2..f1c4ac24c9 100644 --- a/source4/rpc_server/samr/dcesrv_samr.c +++ b/source4/rpc_server/samr/dcesrv_samr.c @@ -1428,9 +1428,9 @@ static NTSTATUS dcesrv_samr_EnumDomainUsers(struct dcesrv_call_state *dce_call, struct dcesrv_handle *h; struct samr_domain_state *d_state; struct ldb_message **res; - int count, i, first; + int count, num_filtered_entries, i, first; struct samr_SamEntry *entries; - const char * const attrs[3] = { "objectSid", "sAMAccountName", NULL }; + const char * const attrs[] = { "objectSid", "sAMAccountName", "userAccountControl", NULL }; *r->out.resume_handle = 0; r->out.sam = NULL; @@ -1456,27 +1456,31 @@ static NTSTATUS dcesrv_samr_EnumDomainUsers(struct dcesrv_call_state *dce_call, if (!entries) { return NT_STATUS_NO_MEMORY; } + num_filtered_entries = 0; for (i=0;i<count;i++) { - entries[i].idx = samdb_result_rid_from_sid(mem_ctx, res[i], "objectSid", 0); - entries[i].name.string = samdb_result_string(res[i], "sAMAccountName", ""); + /* Check if a mask has been requested */ + if (r->in.acct_flags + && ((samdb_result_acct_flags(res[i], + "userAccountControl") & r->in.acct_flags) == 0)) { + continue; + } + entries[num_filtered_entries].idx = samdb_result_rid_from_sid(mem_ctx, res[i], "objectSid", 0); + entries[num_filtered_entries].name.string = samdb_result_string(res[i], "sAMAccountName", ""); + num_filtered_entries++; } /* sort the results by rid */ - qsort(entries, count, sizeof(struct samr_SamEntry), + qsort(entries, num_filtered_entries, sizeof(struct samr_SamEntry), (comparison_fn_t)compare_SamEntry); /* find the first entry to return */ for (first=0; - first<count && entries[first].idx <= *r->in.resume_handle; + first<num_filtered_entries && entries[first].idx <= *r->in.resume_handle; first++) ; - if (first == count) { - return NT_STATUS_OK; - } - /* return the rest, limit by max_size. Note that we use the w2k3 element size value of 54 */ - r->out.num_entries = count - first; + r->out.num_entries = num_filtered_entries - first; r->out.num_entries = MIN(r->out.num_entries, 1+(r->in.max_size/SAMR_ENUM_USERS_MULTIPLIER)); @@ -1488,7 +1492,11 @@ static NTSTATUS dcesrv_samr_EnumDomainUsers(struct dcesrv_call_state *dce_call, r->out.sam->entries = entries+first; r->out.sam->count = r->out.num_entries; - if (r->out.num_entries < count - first) { + if (first == num_filtered_entries) { + return NT_STATUS_OK; + } + + if (r->out.num_entries < num_filtered_entries - first) { *r->out.resume_handle = entries[first+r->out.num_entries-1].idx; return STATUS_MORE_ENTRIES; } |