summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--source4/dsdb/samdb/ldb_modules/samldb.c58
1 files changed, 29 insertions, 29 deletions
diff --git a/source4/dsdb/samdb/ldb_modules/samldb.c b/source4/dsdb/samdb/ldb_modules/samldb.c
index 40092e68de..ed95d2e7d1 100644
--- a/source4/dsdb/samdb/ldb_modules/samldb.c
+++ b/source4/dsdb/samdb/ldb_modules/samldb.c
@@ -226,39 +226,39 @@ static int samldb_allocate_next_rid(struct ldb_module *module, TALLOC_CTX *mem_c
struct ldb_message **sid_msgs;
const char *sid_attrs[] = { NULL };
- do {
- ret = samldb_find_next_rid(module, mem_ctx, dn, &old_rid);
- if (ret) {
- return ret;
- }
+ ret = samldb_find_next_rid(module, mem_ctx, dn, &old_rid);
+ if (ret) {
+ return ret;
+ }
- /* return the new object sid */
- obj_sid = dom_sid_add_rid(mem_ctx, dom_sid, old_rid);
+ /* return the new object sid */
+ obj_sid = dom_sid_add_rid(mem_ctx, dom_sid, old_rid);
- ret = samldb_set_next_rid(module->ldb, mem_ctx, dn, old_rid, old_rid + 1);
- if (ret != 0) {
- return ret;
- }
+ ret = samldb_set_next_rid(module->ldb, mem_ctx, dn, old_rid, old_rid + 1);
+ if (ret != 0) {
+ return ret;
+ }
- *new_sid = dom_sid_add_rid(mem_ctx, dom_sid, old_rid + 1);
- if (!*new_sid) {
- return LDB_ERR_OPERATIONS_ERROR;
- }
+ *new_sid = dom_sid_add_rid(mem_ctx, dom_sid, old_rid + 1);
+ if (!*new_sid) {
+ return LDB_ERR_OPERATIONS_ERROR;
+ }
- ret = gendb_search(module->ldb,
- mem_ctx, NULL, &sid_msgs, sid_attrs,
- "objectSid=%s",
- ldap_encode_ndr_dom_sid(mem_ctx, *new_sid));
- if (ret == 0) {
- /* Great. There are no conflicting users/groups/etc */
- return 0;
- } else if (ret == -1) {
- /* Bugger, there is a problem, and we don't know what it is until gendb_search improves */
- return ret;
- } else {
- /* gah, there are conflicting sids, lets move around the loop again... */
- }
- } while (1);
+ ret = gendb_search(module->ldb,
+ mem_ctx, NULL, &sid_msgs, sid_attrs,
+ "objectSid=%s",
+ ldap_encode_ndr_dom_sid(mem_ctx, *new_sid));
+ if (ret == -1) {
+ /* Bugger, there is a problem, and we don't know what it is until gendb_search improves */
+ return ret;
+ } else {
+ /* gah, there are conflicting sids.
+ * This is a critical situation it means that someone messed up with
+ * the DB and nextRid is not returning free RIDs, report an error
+ * and refuse to create any user until the problem is fixed */
+ ldb_set_errstring(module->ldb, talloc_asprintf(mem_ctx, "Critical Error: unconsistent DB, unable to retireve an unique RID to generate a new SID"));
+ return LDB_ERR_OPERATIONS_ERROR;
+ }
return ret;
}