summaryrefslogtreecommitdiff
path: root/source4/rpc_server/samr
diff options
context:
space:
mode:
authorAndrew Bartlett <abartlet@samba.org>2006-07-06 05:23:29 +0000
committerGerald (Jerry) Carter <jerry@samba.org>2007-10-10 14:09:48 -0500
commitf2e8b3202c99065dafca3ba36a43450c509d0bd8 (patch)
tree4775c5023eab78b1a3f8e95bea249f40b6d8cc26 /source4/rpc_server/samr
parent3aa8a700e6b838ffc32bb7e9aebbb197e91c4704 (diff)
downloadsamba-f2e8b3202c99065dafca3ba36a43450c509d0bd8.tar.gz
samba-f2e8b3202c99065dafca3ba36a43450c509d0bd8.tar.bz2
samba-f2e8b3202c99065dafca3ba36a43450c509d0bd8.zip
r16827: Factor out some code into common samdb functions:
- creation of ForeignSecurityPrincipals - template duplication code Rework much of the LSA server to pass the RPC-LSA test. Much of the server code was untested. In implementing the LSA Accounts feature, I have opted to have it only create entires when privilages are applied, and not to delete entries, but to delete the privilages. We skip some parts of the test, but it is much better than not testing it at all. Andrew Bartlett (This used to be commit 10eeea6da465564ed9f785d06e2d2ed06cfe29a4)
Diffstat (limited to 'source4/rpc_server/samr')
-rw-r--r--source4/rpc_server/samr/dcesrv_samr.c56
1 files changed, 6 insertions, 50 deletions
diff --git a/source4/rpc_server/samr/dcesrv_samr.c b/source4/rpc_server/samr/dcesrv_samr.c
index 40d562fc0c..e36c0e96ea 100644
--- a/source4/rpc_server/samr/dcesrv_samr.c
+++ b/source4/rpc_server/samr/dcesrv_samr.c
@@ -2527,6 +2527,7 @@ static NTSTATUS samr_AddAliasMember(struct dcesrv_call_state *dce_call, TALLOC_C
const char * const attrs[] = { NULL };
struct ldb_dn *memberdn = NULL;
int ret;
+ NTSTATUS status;
DCESRV_PULL_HANDLE(h, r->in.alias_handle, SAMR_HANDLE_ALIAS);
@@ -2544,58 +2545,13 @@ static NTSTATUS samr_AddAliasMember(struct dcesrv_call_state *dce_call, TALLOC_C
ret, dom_sid_string(mem_ctx, r->in.sid)));
return NT_STATUS_INTERNAL_DB_CORRUPTION;
} else if (ret == 0) {
- struct ldb_message *msg;
- struct ldb_dn *basedn;
- const char *sidstr;
-
- sidstr = dom_sid_string(mem_ctx, r->in.sid);
- NT_STATUS_HAVE_NO_MEMORY(sidstr);
-
- /* We might have to create a ForeignSecurityPrincipal, even if this user
- * is in our own domain */
-
- msg = ldb_msg_new(mem_ctx);
- if (msg == NULL) {
- return NT_STATUS_NO_MEMORY;
- }
-
- /* TODO: Hmmm. This feels wrong. How do I find the base dn to
- * put the ForeignSecurityPrincipals? d_state->domain_dn does
- * not work, this is wrong for the Builtin domain, there's no
- * cn=For...,cn=Builtin,dc={BASEDN}. -- vl
- */
-
- basedn = samdb_search_dn(d_state->sam_ctx, mem_ctx, samdb_base_dn(mem_ctx),
- "(&(objectClass=container)(cn=ForeignSecurityPrincipals))");
-
- if (basedn == NULL) {
- DEBUG(0, ("Failed to find DN for "
- "ForeignSecurityPrincipal container\n"));
- return NT_STATUS_INTERNAL_DB_CORRUPTION;
- }
-
- /* add core elements to the ldb_message for the alias */
- msg->dn = ldb_dn_build_child(mem_ctx, "CN", sidstr, basedn);
- if (msg->dn == NULL)
- return NT_STATUS_NO_MEMORY;
-
- memberdn = msg->dn;
-
- samdb_msg_add_string(d_state->sam_ctx, mem_ctx, msg,
- "objectClass",
- "foreignSecurityPrincipal");
-
- /* create the alias */
- ret = samdb_add(d_state->sam_ctx, mem_ctx, msg);
- if (ret != 0) {
- DEBUG(0,("Failed to create foreignSecurityPrincipal "
- "record %s: %s\n",
- ldb_dn_linearize(mem_ctx, msg->dn),
- ldb_errstring(d_state->sam_ctx)));
- return NT_STATUS_INTERNAL_DB_CORRUPTION;
+ status = samdb_create_foreign_security_principal(d_state->sam_ctx, mem_ctx,
+ r->in.sid, &memberdn);
+ if (!NT_STATUS_IS_OK(status)) {
+ return status;
}
} else {
- DEBUG(0, ("samdb_search returned %d\n", ret));
+ DEBUG(0, ("samdb_search returned %d: %s\n", ret, ldb_errstring(d_state->sam_ctx)));
}
if (memberdn == NULL) {