diff options
author | Stefan Metzmacher <metze@samba.org> | 2005-07-12 10:59:12 +0000 |
---|---|---|
committer | Gerald (Jerry) Carter <jerry@samba.org> | 2007-10-10 13:20:12 -0500 |
commit | 557c78e36d67e3171996f155de293a71e27ad286 (patch) | |
tree | 4b20e63631a6cb7e9f2ee2ea0410701bfacbb4df /source4/rpc_server/samr | |
parent | 5b567cfbb61b08a583cdbb715621a1b3576f6d1e (diff) | |
download | samba-557c78e36d67e3171996f155de293a71e27ad286.tar.gz samba-557c78e36d67e3171996f155de293a71e27ad286.tar.bz2 samba-557c78e36d67e3171996f155de293a71e27ad286.zip |
r8370: remove the '$' from in the cn: attribute for computer and dc accounts
metze
(This used to be commit 206f33778e8ff88b5eea493ead31342cc4405a22)
Diffstat (limited to 'source4/rpc_server/samr')
-rw-r--r-- | source4/rpc_server/samr/dcesrv_samr.c | 28 |
1 files changed, 21 insertions, 7 deletions
diff --git a/source4/rpc_server/samr/dcesrv_samr.c b/source4/rpc_server/samr/dcesrv_samr.c index 700070fb1b..31b49bcd86 100644 --- a/source4/rpc_server/samr/dcesrv_samr.c +++ b/source4/rpc_server/samr/dcesrv_samr.c @@ -660,7 +660,9 @@ static NTSTATUS samr_CreateUser2(struct dcesrv_call_state *dce_call, TALLOC_CTX const char *account_name; struct dcesrv_handle *u_handle; int ret; - const char *container, *class=NULL; + const char *container, *obj_class=NULL; + char *cn_name; + int cn_name_len; ZERO_STRUCTP(r->out.user_handle); *r->out.access_granted = 0; @@ -689,34 +691,46 @@ static NTSTATUS samr_CreateUser2(struct dcesrv_call_state *dce_call, TALLOC_CTX return NT_STATUS_NO_MEMORY; } + cn_name = talloc_strdup(mem_ctx, account_name); + NT_STATUS_HAVE_NO_MEMORY(cn_name); + cn_name_len = strlen(cn_name); + /* This must be one of these values *only* */ if (r->in.acct_flags == ACB_NORMAL) { container = "Users"; - class = "user"; + obj_class = "user"; } else if (r->in.acct_flags == ACB_WSTRUST) { + if (cn_name[cn_name_len - 1] != '$') { + return NT_STATUS_FOOBAR; + } + cn_name[cn_name_len - 1] = '\0'; container = "Computers"; - class = "computer"; + obj_class = "computer"; } else if (r->in.acct_flags == ACB_SVRTRUST) { + if (cn_name[cn_name_len - 1] != '$') { + return NT_STATUS_FOOBAR; + } + cn_name[cn_name_len - 1] = '\0'; container = "Domain Controllers"; - class = "computer"; + obj_class = "computer"; } else if (r->in.acct_flags == ACB_DOMTRUST) { container = "Users"; - class = "computer"; + obj_class = "user"; } else { return NT_STATUS_INVALID_PARAMETER; } /* add core elements to the ldb_message for the user */ - msg->dn = talloc_asprintf(mem_ctx, "CN=%s,CN=%s,%s", account_name, container, d_state->domain_dn); + msg->dn = talloc_asprintf(mem_ctx, "CN=%s,CN=%s,%s", cn_name, container, d_state->domain_dn); if (!msg->dn) { return NT_STATUS_NO_MEMORY; } samdb_msg_add_string(d_state->sam_ctx, mem_ctx, msg, "sAMAccountName", account_name); - samdb_msg_add_string(d_state->sam_ctx, mem_ctx, msg, "objectClass", class); + samdb_msg_add_string(d_state->sam_ctx, mem_ctx, msg, "objectClass", obj_class); /* create the user */ ret = samdb_add(d_state->sam_ctx, mem_ctx, msg); if (ret != 0) { |