2 files changed, 75 insertions, 8 deletions

diff --git a/source4/dsdb/samdb/ldb_modules/samldb.c b/source4/dsdb/samdb/ldb_modules/samldb.c
index dad5ff2e80..8e21e38139 100644
--- a/source4/dsdb/samdb/ldb_modules/samldb.c
+++ b/source4/dsdb/samdb/ldb_modules/samldb.c
@@ -467,20 +467,87 @@ static int samldb_generate_samAccountName(struct ldb_message *msg)
 }
 
 
-static int samldb_check_samAccountName(struct samldb_ctx *ac)
+static int samldb_check_samAccountName_callback(struct ldb_request *req,
+						struct ldb_reply *ares)
 {
+	struct samldb_ctx *ac;
 	int ret;
+	
+	ac = talloc_get_type(req->context, struct samldb_ctx);
+	
+	if (ares->error != LDB_SUCCESS) {
+		return ldb_module_done(ac->req, ares->controls,
+                                       ares->response, ares->error);
+	}
+	
+	switch (ares->type) {
+	case LDB_REPLY_ENTRY:		
+		/* if we get an entry it means this samAccountName
+		 * already exists */
+		return ldb_module_done(ac->req, NULL, NULL,
+                                       LDB_ERR_ENTRY_ALREADY_EXISTS);
+		
+	case LDB_REPLY_REFERRAL:
+		/* this should not happen */
+		return ldb_module_done(ac->req, NULL, NULL,
+                                       LDB_ERR_OPERATIONS_ERROR);
+		
+	case LDB_REPLY_DONE:
+		/* not found, go on */
+		talloc_free(ares);
+		ret = samldb_next_step(ac);
+		break;
+	}
+	
+	if (ret != LDB_SUCCESS) {
+		return ldb_module_done(ac->req, NULL, NULL, ret);
+	}
+	
+	return LDB_SUCCESS;
+}
 
-	if (ldb_msg_find_element(ac->msg, "samAccountName") == NULL) {
-		ret = samldb_generate_samAccountName(ac->msg);
-		if (ret != LDB_SUCCESS) {
-			return ret;
-		}
+
+static int samldb_check_samAccountName(struct samldb_ctx *ac)
+{
+	struct ldb_context *ldb;
+	struct ldb_request *req;
+	const char *name;
+	char *filter;
+        int ret;
+	
+	ldb = ldb_module_get_ctx(ac->module);
+	
+        if (ldb_msg_find_element(ac->msg, "samAccountName") == NULL) {
+                ret = samldb_generate_samAccountName(ac->msg);
+                if (ret != LDB_SUCCESS) {
+                        return ret;
+                }
+        }
+	
+	name = ldb_msg_find_attr_as_string(ac->msg, "samAccountName", NULL);
+	if (name == NULL) {
+		return LDB_ERR_OPERATIONS_ERROR;
+	}
+	filter = talloc_asprintf(ac, "samAccountName=%s", ldb_binary_encode_string(ac, name));
+	if (filter == NULL) {
+		return LDB_ERR_OPERATIONS_ERROR;
 	}
 	
-	return samldb_next_step(ac);
+	ret = ldb_build_search_req(&req, ldb, ac,
+				   ac->domain_dn, LDB_SCOPE_SUBTREE,
+				   filter, NULL,
+				   NULL,
+				   ac, samldb_check_samAccountName_callback,
+				   ac->req);
+	talloc_free(filter);
+	if (ret != LDB_SUCCESS) {
+		return ret;
+	}
+	ac->ares = NULL;
+	return ldb_next_request(ac->module, req);
 }
 
+
 static int samldb_check_samAccountType(struct samldb_ctx *ac)
 {
 	struct ldb_context *ldb;
diff --git a/source4/dsdb/schema/schema_init.c b/source4/dsdb/schema/schema_init.c
index 2f63931494..1084679f8d 100644
--- a/source4/dsdb/schema/schema_init.c
+++ b/source4/dsdb/schema/schema_init.c
@@ -589,7 +589,7 @@ WERROR dsdb_read_prefixes_from_ldb(TALLOC_CTX *mem_ctx, struct ldb_context *ldb,
  */
 static bool dsdb_schema_unique_attribute(const char *attr)
 {
-	const char *attrs[] = { "samAccountName", "objectGUID", "objectSID" , NULL };
+	const char *attrs[] = { "objectGUID", "objectSID" , NULL };
 	int i;
 	for (i=0;attrs[i];i++) {
 		if (strcasecmp(attr, attrs[i]) == 0) {