diff options
-rw-r--r-- | source4/dsdb/samdb/cracknames.c | 10 |
1 files changed, 8 insertions, 2 deletions
diff --git a/source4/dsdb/samdb/cracknames.c b/source4/dsdb/samdb/cracknames.c index 99d25c4e9c..63fe34552d 100644 --- a/source4/dsdb/samdb/cracknames.c +++ b/source4/dsdb/samdb/cracknames.c @@ -453,6 +453,7 @@ WERROR DsCrackNameOneName(struct ldb_context *sam_ctx, TALLOC_CTX *mem_ctx, case DRSUAPI_DS_NAME_FORMAT_NT4_ACCOUNT: { char *p; char *domain; + struct ldb_dn *dn_domain; const char *account = NULL; domain = talloc_strdup(mem_ctx, name); @@ -470,9 +471,14 @@ WERROR DsCrackNameOneName(struct ldb_context *sam_ctx, TALLOC_CTX *mem_ctx, account = &p[1]; } + /* it could be in DNS domain form */ + dn_domain = samdb_dns_domain_to_dn(sam_ctx, mem_ctx, domain); + W_ERROR_HAVE_NO_MEMORY(dn_domain); + domain_filter = talloc_asprintf(mem_ctx, - "(&(&(nETBIOSName=%s)(objectclass=crossRef))(ncName=*))", - ldb_binary_encode_string(mem_ctx, domain)); + "(&(&(|(nETBIOSName=%s)(nCName=%s))(objectclass=crossRef))(ncName=*))", + ldb_binary_encode_string(mem_ctx, domain), + ldb_dn_get_linearized(dn_domain)); W_ERROR_HAVE_NO_MEMORY(domain_filter); if (account) { result_filter = talloc_asprintf(mem_ctx, "(sAMAccountName=%s)", |