r9654: introduce the samdb_search_dn call

(This used to be commit 333ebb40d55c60465564b894d5028b364e99ee00)

5 files changed, 40 insertions, 33 deletions

diff --git a/source4/dsdb/samdb/samdb.c b/source4/dsdb/samdb/samdb.c
index 9cb9a93446..aed47d1ed2 100644
--- a/source4/dsdb/samdb/samdb.c
+++ b/source4/dsdb/samdb/samdb.c
@@ -127,6 +127,28 @@ const char *samdb_search_string(struct ldb_context *sam_ldb,
 	return str;
 }
 
+struct ldb_dn *samdb_search_dn(struct ldb_context *sam_ldb,
+			       TALLOC_CTX *mem_ctx,
+			       const struct ldb_dn *basedn,
+			       const char *format, ...) _PRINTF_ATTRIBUTE(4,5)
+{
+	va_list ap;
+	struct ldb_dn *ret;
+	struct ldb_message **res = NULL;
+	int count;
+
+	va_start(ap, format);
+	count = gendb_search_v(sam_ldb, mem_ctx, basedn, &res, NULL, format, ap);
+	va_end(ap);
+
+	if (count != 1) return NULL;
+
+	ret = talloc_steal(mem_ctx, res[0]->dn);
+	talloc_free(res);
+
+	return ret;
+}
+
 /*
   search the sam for a dom_sid attribute in exactly 1 record
 */
diff --git a/source4/libnet/libnet_samsync_ldb.c b/source4/libnet/libnet_samsync_ldb.c
index f595880e8e..837170afac 100644
--- a/source4/libnet/libnet_samsync_ldb.c
+++ b/source4/libnet/libnet_samsync_ldb.c
@@ -58,11 +58,9 @@ static NTSTATUS samsync_ldb_add_foreignSecurityPrincipal(TALLOC_CTX *mem_ctx,
 {
 	const char *sidstr = dom_sid_string(mem_ctx, sid);
 	/* We assume that ForeignSecurityPrincipals are under the BASEDN of the main domain */
-	struct ldb_dn *basedn = ldb_dn_explode(mem_ctx,
-						samdb_search_string(state->sam_ldb, mem_ctx,
-									state->base_dn[SAM_DATABASE_DOMAIN],
-									"dn", "(&(objectClass=container)"
-										"(cn=ForeignSecurityPrincipals))"));
+	struct ldb_dn *basedn = samdb_search_dn(state->sam_ldb, mem_ctx,
+						state->base_dn[SAM_DATABASE_DOMAIN],
+						"(&(objectClass=container)(cn=ForeignSecurityPrincipals))");
 	struct ldb_message *msg;
 	int ret;
 
diff --git a/source4/rpc_server/lsa/dcesrv_lsa.c b/source4/rpc_server/lsa/dcesrv_lsa.c
index bac25fcc24..c81eb99a0e 100644
--- a/source4/rpc_server/lsa/dcesrv_lsa.c
+++ b/source4/rpc_server/lsa/dcesrv_lsa.c
@@ -261,18 +261,15 @@ static NTSTATUS lsa_get_policy_state(struct dcesrv_call_state *dce_call, TALLOC_
 
 	/* work out the builtin_dn - useful for so many calls its worth
 	   fetching here */
-	state->builtin_dn = ldb_dn_explode(state, 
-					 samdb_search_string(state->sam_ldb, mem_ctx, NULL,
-							     "dn", "objectClass=builtinDomain"));
+	state->builtin_dn = samdb_search_dn(state->sam_ldb, mem_ctx, NULL, "objectClass=builtinDomain");
 	if (!state->builtin_dn) {
 		return NT_STATUS_NO_SUCH_DOMAIN;		
 	}
 
 	/* work out the system_dn - useful for so many calls its worth
 	   fetching here */
-	state->system_dn = ldb_dn_explode(state, 
-					samdb_search_string(state->sam_ldb, mem_ctx, state->domain_dn,
-							    "dn", "(&(objectClass=container)(cn=System))"));
+	state->system_dn = samdb_search_dn(state->sam_ldb, mem_ctx,
+					   state->domain_dn, "(&(objectClass=container)(cn=System))");
 	if (!state->system_dn) {
 		return NT_STATUS_NO_SUCH_DOMAIN;		
 	}
@@ -1304,13 +1301,9 @@ static NTSTATUS lsa_OpenAccount(struct dcesrv_call_state *dce_call, TALLOC_CTX *
 	}
 	
 	/* check it really exists */
-	astate->account_dn = 
-		ldb_dn_explode(mem_ctx,
-				samdb_search_string(state->sam_ldb, astate,
-						    NULL, "dn", 
-						    "(&(objectSid=%s)(objectClass=group))", 
-						    ldap_encode_ndr_dom_sid(mem_ctx,
-									    astate->account_sid)));
+	astate->account_dn = samdb_search_string(state->sam_ldb, astate,
+						 NULL, "(&(objectSid=%s)(objectClass=group))", 
+						 ldap_encode_ndr_dom_sid(mem_ctx, astate->account_sid));
 	if (astate->account_dn == NULL) {
 		talloc_free(astate);
 		return NT_STATUS_NO_SUCH_USER;
@@ -1466,8 +1459,7 @@ static NTSTATUS lsa_AddRemoveAccountRights(struct dcesrv_call_state *dce_call,
 		return NT_STATUS_NO_MEMORY;
 	}
 
-	dn = samdb_search_string(state->sam_ldb, mem_ctx, NULL, "dn", 
-				 "objectSid=%s", sidstr);
+	dn = samdb_search_dn(state->sam_ldb, mem_ctx, NULL, "objectSid=%s", sidstr);
 	if (dn == NULL) {
 		return NT_STATUS_NO_SUCH_USER;
 	}
diff --git a/source4/rpc_server/samr/dcesrv_samr.c b/source4/rpc_server/samr/dcesrv_samr.c
index ff15eb43bb..aeea3a120c 100644
--- a/source4/rpc_server/samr/dcesrv_samr.c
+++ b/source4/rpc_server/samr/dcesrv_samr.c
@@ -2117,11 +2117,8 @@ static NTSTATUS samr_AddAliasMember(struct dcesrv_call_state *dce_call, TALLOC_C
 		 * cn=For...,cn=Builtin,dc={BASEDN}.  -- vl
 		 */
 
-		basedn = ldb_dn_explode(mem_ctx,
-					samdb_search_string(d_state->sam_ctx,
-							    mem_ctx, NULL, "dn",
-							    "(&(objectClass=container)"
-							    "(cn=ForeignSecurityPrincipals))"));
+		basedn = samdb_search_dn(d_state->sam_ctx, mem_ctx, NULL,
+					 "(&(objectClass=container)(cn=ForeignSecurityPrincipals))");
 
 		if (basedn == NULL) {
 			DEBUG(0, ("Failed to find DN for "
diff --git a/source4/rpc_server/samr/samr_password.c b/source4/rpc_server/samr/samr_password.c
index c862763101..ab99b69458 100644
--- a/source4/rpc_server/samr/samr_password.c
+++ b/source4/rpc_server/samr/samr_password.c
@@ -210,10 +210,9 @@ NTSTATUS samr_OemChangePasswordUser2(struct dcesrv_call_state *dce_call, TALLOC_
 		return NT_STATUS_NO_SUCH_USER;
 	}
 
-	domain_dn = ldb_dn_explode(mem_ctx,
-				   samdb_search_string(sam_ctx, mem_ctx, NULL, "dn",
-							"(objectSid=%s)", 
-							ldap_encode_ndr_dom_sid(mem_ctx, domain_sid)));
+	domain_dn = samdb_search_dn(sam_ctx, mem_ctx, NULL,
+				    "(objectSid=%s)", 
+				    ldap_encode_ndr_dom_sid(mem_ctx, domain_sid));
 	if (!domain_dn) {
 		return NT_STATUS_INTERNAL_DB_CORRUPTION;
 	}
@@ -361,10 +360,9 @@ NTSTATUS samr_ChangePasswordUser3(struct dcesrv_call_state *dce_call,
 		goto failed;
 	}
 
-	domain_dn = ldb_dn_explode(mem_ctx,
-				   samdb_search_string(sam_ctx, mem_ctx, NULL, "dn",
-							"(objectSid=%s)", 
-							ldap_encode_ndr_dom_sid(mem_ctx, domain_sid)));
+	domain_dn = samdb_search_dn(sam_ctx, mem_ctx, NULL,
+				    "(objectSid=%s)", 
+				    ldap_encode_ndr_dom_sid(mem_ctx, domain_sid));
 	if (!domain_dn) {
 		status = NT_STATUS_INTERNAL_DB_CORRUPTION;
 		goto failed;