summaryrefslogtreecommitdiff
path: root/source4/rpc_server/samr
diff options
context:
space:
mode:
authorAndrew Bartlett <abartlet@samba.org>2007-07-26 07:27:46 +0000
committerGerald (Jerry) Carter <jerry@samba.org>2007-10-10 15:01:19 -0500
commit41ab04e37c038418008cd8a31e30a57593ac846c (patch)
treea6809a8227d695369dd81e65730a6e0df1ad0ba6 /source4/rpc_server/samr
parent32d55960b5417fbee1af5d82960e6c2da58ec8a2 (diff)
downloadsamba-41ab04e37c038418008cd8a31e30a57593ac846c.tar.gz
samba-41ab04e37c038418008cd8a31e30a57593ac846c.tar.bz2
samba-41ab04e37c038418008cd8a31e30a57593ac846c.zip
r24053: Ensure we filter EnumDomainUsers with the supplied mask.
Should fix another part (list of domains in usrmgr incorrectly including accounts) of bug #4815 by mwallnoefer@yahoo.de. Andrew Bartlett (This used to be commit 7f7e4fe2989ef4cb7ec0f855b25e558f3bbd18c5)
Diffstat (limited to 'source4/rpc_server/samr')
-rw-r--r--source4/rpc_server/samr/dcesrv_samr.c32
1 files changed, 20 insertions, 12 deletions
diff --git a/source4/rpc_server/samr/dcesrv_samr.c b/source4/rpc_server/samr/dcesrv_samr.c
index cedf4059e2..f1c4ac24c9 100644
--- a/source4/rpc_server/samr/dcesrv_samr.c
+++ b/source4/rpc_server/samr/dcesrv_samr.c
@@ -1428,9 +1428,9 @@ static NTSTATUS dcesrv_samr_EnumDomainUsers(struct dcesrv_call_state *dce_call,
struct dcesrv_handle *h;
struct samr_domain_state *d_state;
struct ldb_message **res;
- int count, i, first;
+ int count, num_filtered_entries, i, first;
struct samr_SamEntry *entries;
- const char * const attrs[3] = { "objectSid", "sAMAccountName", NULL };
+ const char * const attrs[] = { "objectSid", "sAMAccountName", "userAccountControl", NULL };
*r->out.resume_handle = 0;
r->out.sam = NULL;
@@ -1456,27 +1456,31 @@ static NTSTATUS dcesrv_samr_EnumDomainUsers(struct dcesrv_call_state *dce_call,
if (!entries) {
return NT_STATUS_NO_MEMORY;
}
+ num_filtered_entries = 0;
for (i=0;i<count;i++) {
- entries[i].idx = samdb_result_rid_from_sid(mem_ctx, res[i], "objectSid", 0);
- entries[i].name.string = samdb_result_string(res[i], "sAMAccountName", "");
+ /* Check if a mask has been requested */
+ if (r->in.acct_flags
+ && ((samdb_result_acct_flags(res[i],
+ "userAccountControl") & r->in.acct_flags) == 0)) {
+ continue;
+ }
+ entries[num_filtered_entries].idx = samdb_result_rid_from_sid(mem_ctx, res[i], "objectSid", 0);
+ entries[num_filtered_entries].name.string = samdb_result_string(res[i], "sAMAccountName", "");
+ num_filtered_entries++;
}
/* sort the results by rid */
- qsort(entries, count, sizeof(struct samr_SamEntry),
+ qsort(entries, num_filtered_entries, sizeof(struct samr_SamEntry),
(comparison_fn_t)compare_SamEntry);
/* find the first entry to return */
for (first=0;
- first<count && entries[first].idx <= *r->in.resume_handle;
+ first<num_filtered_entries && entries[first].idx <= *r->in.resume_handle;
first++) ;
- if (first == count) {
- return NT_STATUS_OK;
- }
-
/* return the rest, limit by max_size. Note that we
use the w2k3 element size value of 54 */
- r->out.num_entries = count - first;
+ r->out.num_entries = num_filtered_entries - first;
r->out.num_entries = MIN(r->out.num_entries,
1+(r->in.max_size/SAMR_ENUM_USERS_MULTIPLIER));
@@ -1488,7 +1492,11 @@ static NTSTATUS dcesrv_samr_EnumDomainUsers(struct dcesrv_call_state *dce_call,
r->out.sam->entries = entries+first;
r->out.sam->count = r->out.num_entries;
- if (r->out.num_entries < count - first) {
+ if (first == num_filtered_entries) {
+ return NT_STATUS_OK;
+ }
+
+ if (r->out.num_entries < num_filtered_entries - first) {
*r->out.resume_handle = entries[first+r->out.num_entries-1].idx;
return STATUS_MORE_ENTRIES;
}