summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--source4/ldap_server/ldap_rootdse.c42
-rw-r--r--source4/ldap_server/rootdse.ldif51
-rwxr-xr-xsource4/script/rootdse.pl23
3 files changed, 48 insertions, 68 deletions
diff --git a/source4/ldap_server/ldap_rootdse.c b/source4/ldap_server/ldap_rootdse.c
index b936c92da3..631b38d383 100644
--- a/source4/ldap_server/ldap_rootdse.c
+++ b/source4/ldap_server/ldap_rootdse.c
@@ -100,7 +100,7 @@ void *rootdse_db_connect(TALLOC_CTX *mem_ctx)
return NULL;
}
- DEBUG(10, ("opening %s", db_path));
+ DEBUG(10, ("opening %s\n", db_path));
ctx->ldb = ldb_connect(db_path, 0, NULL);
if (ctx->ldb == NULL) {
talloc_free(ctx);
@@ -291,7 +291,6 @@ static NTSTATUS fill_dynamic_values(void *mem_ctx, struct ldap_attribute *attrs)
* 2
*/
-def:
{
DATA_BLOB *x = talloc_array_p(mem_ctx, DATA_BLOB, 1);
x[0] = ATTR_BLOB_CONST("0");
@@ -312,7 +311,8 @@ static NTSTATUS rootdse_Search(struct ldapsrv_partition *partition, struct ldaps
struct ldapsrv_reply *ent_r, *done_r;
struct rootdse_db_context *rootdsedb;
const char *errstr = NULL;
- int count, i, j, y;
+ int count, j, y;
+ const char **attrs = NULL;
if (r->scope != LDAP_SEARCH_SCOPE_BASE) {
count = -1;
@@ -325,10 +325,21 @@ static NTSTATUS rootdse_Search(struct ldapsrv_partition *partition, struct ldaps
rootdsedb = rootdse_db_connect(local_ctx);
ALLOC_CHECK(rootdsedb);
+ if (r->num_attributes >= 1) {
+ attrs = talloc_array_p(rootdsedb, const char *, r->num_attributes+1);
+ ALLOC_CHECK(attrs);
+
+ for (j=0; j < r->num_attributes; j++) {
+ DEBUG(10,("rootDSE_Search: attrs: [%s]\n",r->attributes[j]));
+ attrs[j] = r->attributes[j];
+ }
+ attrs[j] = NULL;
+ }
+
ldb_set_alloc(rootdsedb->ldb, talloc_realloc_fn, rootdsedb);
- count = ldb_search(rootdsedb->ldb, "", 0, "dn=rootDSE", NULL, &res);
+ count = ldb_search(rootdsedb->ldb, "", 0, "dn=cn=rootDSE", attrs, &res);
- for (i = 0; i < count; i++) {
+ if (count == 1) {
ent_r = ldapsrv_init_reply(call, LDAP_TAG_SearchResultEntry);
if (!ent_r) {
return NT_STATUS_NO_MEMORY;
@@ -338,19 +349,19 @@ static NTSTATUS rootdse_Search(struct ldapsrv_partition *partition, struct ldaps
ent->dn = "";
ent->num_attributes = 0;
ent->attributes = NULL;
- if (res[i]->num_elements == 0) {
+ if (res[0]->num_elements == 0) {
goto queue_reply;
}
- ent->num_attributes = res[i]->num_elements;
+ ent->num_attributes = res[0]->num_elements;
ent->attributes = talloc_array_p(ent_r, struct ldap_attribute, ent->num_attributes);
ALLOC_CHECK(ent->attributes);
for (j=0; j < ent->num_attributes; j++) {
- ent->attributes[j].name = talloc_steal(ent->attributes, res[i]->elements[j].name);
+ ent->attributes[j].name = talloc_steal(ent->attributes, res[0]->elements[j].name);
ent->attributes[j].num_values = 0;
ent->attributes[j].values = NULL;
- ent->attributes[j].num_values = res[i]->elements[j].num_values;
+ ent->attributes[j].num_values = res[0]->elements[j].num_values;
if (ent->attributes[j].num_values == 1 &&
- strncmp(res[i]->elements[j].values[0].data, "_DYNAMIC_", 9) == 0) {
+ strncmp(res[0]->elements[j].values[0].data, "_DYNAMIC_", 9) == 0) {
fill_dynamic_values(ent->attributes, &(ent->attributes[j]));
if (ent->attributes[j].values[0].data == NULL) {
DEBUG (10, ("ARRGHH!\n"));
@@ -360,9 +371,9 @@ static NTSTATUS rootdse_Search(struct ldapsrv_partition *partition, struct ldaps
DATA_BLOB, ent->attributes[j].num_values);
ALLOC_CHECK(ent->attributes[j].values);
for (y=0; y < ent->attributes[j].num_values; y++) {
- ent->attributes[j].values[y].length = res[i]->elements[j].values[y].length;
+ ent->attributes[j].values[y].length = res[0]->elements[j].values[y].length;
ent->attributes[j].values[y].data = talloc_steal(ent->attributes[j].values,
- res[i]->elements[j].values[y].data);
+ res[0]->elements[j].values[y].data);
}
}
}
@@ -382,10 +393,14 @@ no_base_scope:
return NT_STATUS_NO_MEMORY;
}
- if (count > 0) {
+ if (count == 1) {
DEBUG(10,("rootdse_Search: results: [%d]\n",count));
result = 0;
errstr = NULL;
+ } else if (count > 1) {
+ DEBUG(10,("rootdse_Search: to many results[%d]\n", count));
+ result = 80; /* nosuchobject */
+ errstr = talloc_strdup(done_r, "internal error");
} else if (count == 0) {
DEBUG(10,("rootdse_Search: no results\n"));
result = 32; /* nosuchobject */
@@ -396,7 +411,6 @@ no_base_scope:
errstr = talloc_strdup(done_r, ldb_errstring(rootdsedb->ldb));
}
-
done = &done_r->msg.r.SearchResultDone;
done->resultcode = result;
done->dn = NULL;
diff --git a/source4/ldap_server/rootdse.ldif b/source4/ldap_server/rootdse.ldif
index f129492732..86ba2fd676 100644
--- a/source4/ldap_server/rootdse.ldif
+++ b/source4/ldap_server/rootdse.ldif
@@ -1,61 +1,26 @@
-dn: rootDSE
+dn: @INDEXLIST
+
+dn: @ATTRIBUTES
+
+dn: @SUBCLASSES
+
+dn: cn=rootDSE
currentTime: _DYNAMIC_
subschemaSubentry: CN=Aggregate,CN=Schema,CN=Configuration,${BASEDN}
dsServiceName: CN=NTDS Settings,CN=${NETBIOSNAME},CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,${BASEDN}
namingContexts: ${BASEDN}
namingContexts: CN=Configuration,${BASEDN}
namingContexts: CN=Schema,CN=Configuration,${BASEDN}
-namingContexts: DC=DomainDnsZones,${BASEDN}
-namingContexts: DC=ForestDnsZones,${BASEDN}
defaultNamingContext: ${BASEDN}
rootDomainNamingContext: ${BASEDN}
configurationNamingContext: CN=Configuration,${BASEDN}
schemaNamingContext: CN=Schema,CN=Configuration,${BASEDN}
-supportedControl: 1.2.840.113556.1.4.319
-supportedControl: 1.2.840.113556.1.4.801
-supportedControl: 1.2.840.113556.1.4.473
-supportedControl: 1.2.840.113556.1.4.528
-supportedControl: 1.2.840.113556.1.4.417
-supportedControl: 1.2.840.113556.1.4.619
-supportedControl: 1.2.840.113556.1.4.841
-supportedControl: 1.2.840.113556.1.4.529
-supportedControl: 1.2.840.113556.1.4.805
-supportedControl: 1.2.840.113556.1.4.521
-supportedControl: 1.2.840.113556.1.4.970
-supportedControl: 1.2.840.113556.1.4.1338
-supportedControl: 1.2.840.113556.1.4.474
-supportedControl: 1.2.840.113556.1.4.1339
-supportedControl: 1.2.840.113556.1.4.1340
-supportedControl: 1.2.840.113556.1.4.1413
-supportedControl: 2.16.840.1.113730.3.4.9
-supportedControl: 2.16.840.1.113730.3.4.10
-supportedControl: 1.2.840.113556.1.4.1504
-supportedControl: 1.2.840.113556.1.4.1852
-supportedControl: 1.2.840.113556.1.4.802
supportedLDAPVersion: 3
-supportedLDAPPolicies: MaxPoolThreads
-supportedLDAPPolicies: MaxDatagramRecv
-supportedLDAPPolicies: MaxReceiveBuffer
-supportedLDAPPolicies: InitRecvTimeout
-supportedLDAPPolicies: MaxConnections
-supportedLDAPPolicies: MaxConnIdleTime
-supportedLDAPPolicies: MaxPageSize
-supportedLDAPPolicies: MaxQueryDuration
-supportedLDAPPolicies: MaxTempTableSize
-supportedLDAPPolicies: MaxResultSetSize
-supportedLDAPPolicies: MaxNotificationPerConn
-supportedLDAPPolicies: MaxValRange
highestCommittedUSN: _DYNAMIC_
-supportedSASLMechanisms: GSSAPI
supportedSASLMechanisms: GSS-SPNEGO
-supportedSASLMechanisms: EXTERNAL
-supportedSASLMechanisms: DIGEST-MD5
-dnsHostName: ${NETBIOSNAME}.${DNSDOMAIN}
+dnsHostName: ${DNSNAME}
ldapServiceName: ${DNSDOMAIN}:${NETBIOSNAME}$@${DNSDOMAIN}
serverName: CN=${NETBIOSNAME},CN=Servers,CN=Default-First-Site,CN=Sites,CN=Configuration,${BASEDN}
-supportedCapabilities: 1.2.840.113556.1.4.800
-supportedCapabilities: 1.2.840.113556.1.4.1670
-supportedCapabilities: 1.2.840.113556.1.4.1791
isSynchronized: _DYNAMIC_
domainFunctionality: 0
forestFunctionality: 0
diff --git a/source4/script/rootdse.pl b/source4/script/rootdse.pl
index 5e620a0991..8d8bb2e5f9 100755
--- a/source4/script/rootdse.pl
+++ b/source4/script/rootdse.pl
@@ -5,9 +5,9 @@ use Getopt::Long;
my $opt_hostname = `hostname`;
chomp $opt_hostname;
+my $netbiosname;
my $opt_realm;
my $opt_domain;
-my $opt_netbiosname;
my $dnsdomain;
my $dnsname;
my $basedn;
@@ -30,7 +30,11 @@ sub substitute($)
}
if ($var eq "NETBIOSNAME") {
- return $opt_netbiosname;
+ return $netbiosname;
+ }
+
+ if ($var eq "DNSNAME") {
+ return $dnsname;
}
if ($var eq "DNSDOMAIN") {
@@ -78,7 +82,6 @@ rootdse.pl [options]
--realm REALM set realm
--domain DOMAIN set domain
--hostname HOSTNAME set hostname
- --netbiosname NETBIOSNAME choose admin password (otherwise random)
You must provide at least a realm and domain
@@ -93,28 +96,26 @@ GetOptions(
'realm=s' => \$opt_realm,
'domain=s' => \$opt_domain,
'hostname=s' => \$opt_hostname,
- 'netbiosname=s' => \$opt_netbiosname,
);
if ($opt_help ||
!$opt_realm ||
!$opt_domain ||
- !$opt_hostname ||
- !$opt_netbiosname) {
+ !$opt_hostname) {
ShowHelp();
}
$opt_realm=uc($opt_realm);
$opt_domain=uc($opt_domain);
-$opt_hostname=uc($opt_hostname);
-$opt_netbiosname=uc($opt_netbiosname);
+$opt_hostname=lc($opt_hostname);
+$netbiosname=uc($opt_hostname);
-print "Provisioning host '$opt_hostname' with netbios name '$opt_netbiosname' for domain '$opt_domain' in realm '$opt_realm'\n";
+print "Provisioning host '$opt_hostname' with netbios name '$netbiosname' for domain '$opt_domain' in realm '$opt_realm'\n";
print "generating ldif ...\n";
$dnsdomain = lc($opt_realm);
-$dnsname = lc($opt_hostname).".".$dnsdomain;
+$dnsname = $opt_hostname.".".$dnsdomain;
$basedn = "DC=" . join(",DC=", split(/\./, $opt_realm));
my $data = FileLoad("rootdse.ldif") || die "Unable to load rootdse.ldif\n";
@@ -141,7 +142,7 @@ print "creating newrootdse.ldb ...\n";
# allow provisioning to be run from the source directory
$ENV{"PATH"} .= ":bin";
-system("ldbadd -H newrootdse.ldb newroodse.ldif");
+system("ldbadd -H newrootdse.ldb newrootdse.ldif");
print "done