diff options
-rw-r--r-- | source4/ldap_server/ldap_rootdse.c | 42 | ||||
-rw-r--r-- | source4/ldap_server/rootdse.ldif | 51 | ||||
-rwxr-xr-x | source4/script/rootdse.pl | 23 |
3 files changed, 48 insertions, 68 deletions
diff --git a/source4/ldap_server/ldap_rootdse.c b/source4/ldap_server/ldap_rootdse.c index b936c92da3..631b38d383 100644 --- a/source4/ldap_server/ldap_rootdse.c +++ b/source4/ldap_server/ldap_rootdse.c @@ -100,7 +100,7 @@ void *rootdse_db_connect(TALLOC_CTX *mem_ctx) return NULL; } - DEBUG(10, ("opening %s", db_path)); + DEBUG(10, ("opening %s\n", db_path)); ctx->ldb = ldb_connect(db_path, 0, NULL); if (ctx->ldb == NULL) { talloc_free(ctx); @@ -291,7 +291,6 @@ static NTSTATUS fill_dynamic_values(void *mem_ctx, struct ldap_attribute *attrs) * 2 */ -def: { DATA_BLOB *x = talloc_array_p(mem_ctx, DATA_BLOB, 1); x[0] = ATTR_BLOB_CONST("0"); @@ -312,7 +311,8 @@ static NTSTATUS rootdse_Search(struct ldapsrv_partition *partition, struct ldaps struct ldapsrv_reply *ent_r, *done_r; struct rootdse_db_context *rootdsedb; const char *errstr = NULL; - int count, i, j, y; + int count, j, y; + const char **attrs = NULL; if (r->scope != LDAP_SEARCH_SCOPE_BASE) { count = -1; @@ -325,10 +325,21 @@ static NTSTATUS rootdse_Search(struct ldapsrv_partition *partition, struct ldaps rootdsedb = rootdse_db_connect(local_ctx); ALLOC_CHECK(rootdsedb); + if (r->num_attributes >= 1) { + attrs = talloc_array_p(rootdsedb, const char *, r->num_attributes+1); + ALLOC_CHECK(attrs); + + for (j=0; j < r->num_attributes; j++) { + DEBUG(10,("rootDSE_Search: attrs: [%s]\n",r->attributes[j])); + attrs[j] = r->attributes[j]; + } + attrs[j] = NULL; + } + ldb_set_alloc(rootdsedb->ldb, talloc_realloc_fn, rootdsedb); - count = ldb_search(rootdsedb->ldb, "", 0, "dn=rootDSE", NULL, &res); + count = ldb_search(rootdsedb->ldb, "", 0, "dn=cn=rootDSE", attrs, &res); - for (i = 0; i < count; i++) { + if (count == 1) { ent_r = ldapsrv_init_reply(call, LDAP_TAG_SearchResultEntry); if (!ent_r) { return NT_STATUS_NO_MEMORY; @@ -338,19 +349,19 @@ static NTSTATUS rootdse_Search(struct ldapsrv_partition *partition, struct ldaps ent->dn = ""; ent->num_attributes = 0; ent->attributes = NULL; - if (res[i]->num_elements == 0) { + if (res[0]->num_elements == 0) { goto queue_reply; } - ent->num_attributes = res[i]->num_elements; + ent->num_attributes = res[0]->num_elements; ent->attributes = talloc_array_p(ent_r, struct ldap_attribute, ent->num_attributes); ALLOC_CHECK(ent->attributes); for (j=0; j < ent->num_attributes; j++) { - ent->attributes[j].name = talloc_steal(ent->attributes, res[i]->elements[j].name); + ent->attributes[j].name = talloc_steal(ent->attributes, res[0]->elements[j].name); ent->attributes[j].num_values = 0; ent->attributes[j].values = NULL; - ent->attributes[j].num_values = res[i]->elements[j].num_values; + ent->attributes[j].num_values = res[0]->elements[j].num_values; if (ent->attributes[j].num_values == 1 && - strncmp(res[i]->elements[j].values[0].data, "_DYNAMIC_", 9) == 0) { + strncmp(res[0]->elements[j].values[0].data, "_DYNAMIC_", 9) == 0) { fill_dynamic_values(ent->attributes, &(ent->attributes[j])); if (ent->attributes[j].values[0].data == NULL) { DEBUG (10, ("ARRGHH!\n")); @@ -360,9 +371,9 @@ static NTSTATUS rootdse_Search(struct ldapsrv_partition *partition, struct ldaps DATA_BLOB, ent->attributes[j].num_values); ALLOC_CHECK(ent->attributes[j].values); for (y=0; y < ent->attributes[j].num_values; y++) { - ent->attributes[j].values[y].length = res[i]->elements[j].values[y].length; + ent->attributes[j].values[y].length = res[0]->elements[j].values[y].length; ent->attributes[j].values[y].data = talloc_steal(ent->attributes[j].values, - res[i]->elements[j].values[y].data); + res[0]->elements[j].values[y].data); } } } @@ -382,10 +393,14 @@ no_base_scope: return NT_STATUS_NO_MEMORY; } - if (count > 0) { + if (count == 1) { DEBUG(10,("rootdse_Search: results: [%d]\n",count)); result = 0; errstr = NULL; + } else if (count > 1) { + DEBUG(10,("rootdse_Search: to many results[%d]\n", count)); + result = 80; /* nosuchobject */ + errstr = talloc_strdup(done_r, "internal error"); } else if (count == 0) { DEBUG(10,("rootdse_Search: no results\n")); result = 32; /* nosuchobject */ @@ -396,7 +411,6 @@ no_base_scope: errstr = talloc_strdup(done_r, ldb_errstring(rootdsedb->ldb)); } - done = &done_r->msg.r.SearchResultDone; done->resultcode = result; done->dn = NULL; diff --git a/source4/ldap_server/rootdse.ldif b/source4/ldap_server/rootdse.ldif index f129492732..86ba2fd676 100644 --- a/source4/ldap_server/rootdse.ldif +++ b/source4/ldap_server/rootdse.ldif @@ -1,61 +1,26 @@ -dn: rootDSE +dn: @INDEXLIST + +dn: @ATTRIBUTES + +dn: @SUBCLASSES + +dn: cn=rootDSE currentTime: _DYNAMIC_ subschemaSubentry: CN=Aggregate,CN=Schema,CN=Configuration,${BASEDN} dsServiceName: CN=NTDS Settings,CN=${NETBIOSNAME},CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,${BASEDN} namingContexts: ${BASEDN} namingContexts: CN=Configuration,${BASEDN} namingContexts: CN=Schema,CN=Configuration,${BASEDN} -namingContexts: DC=DomainDnsZones,${BASEDN} -namingContexts: DC=ForestDnsZones,${BASEDN} defaultNamingContext: ${BASEDN} rootDomainNamingContext: ${BASEDN} configurationNamingContext: CN=Configuration,${BASEDN} schemaNamingContext: CN=Schema,CN=Configuration,${BASEDN} -supportedControl: 1.2.840.113556.1.4.319 -supportedControl: 1.2.840.113556.1.4.801 -supportedControl: 1.2.840.113556.1.4.473 -supportedControl: 1.2.840.113556.1.4.528 -supportedControl: 1.2.840.113556.1.4.417 -supportedControl: 1.2.840.113556.1.4.619 -supportedControl: 1.2.840.113556.1.4.841 -supportedControl: 1.2.840.113556.1.4.529 -supportedControl: 1.2.840.113556.1.4.805 -supportedControl: 1.2.840.113556.1.4.521 -supportedControl: 1.2.840.113556.1.4.970 -supportedControl: 1.2.840.113556.1.4.1338 -supportedControl: 1.2.840.113556.1.4.474 -supportedControl: 1.2.840.113556.1.4.1339 -supportedControl: 1.2.840.113556.1.4.1340 -supportedControl: 1.2.840.113556.1.4.1413 -supportedControl: 2.16.840.1.113730.3.4.9 -supportedControl: 2.16.840.1.113730.3.4.10 -supportedControl: 1.2.840.113556.1.4.1504 -supportedControl: 1.2.840.113556.1.4.1852 -supportedControl: 1.2.840.113556.1.4.802 supportedLDAPVersion: 3 -supportedLDAPPolicies: MaxPoolThreads -supportedLDAPPolicies: MaxDatagramRecv -supportedLDAPPolicies: MaxReceiveBuffer -supportedLDAPPolicies: InitRecvTimeout -supportedLDAPPolicies: MaxConnections -supportedLDAPPolicies: MaxConnIdleTime -supportedLDAPPolicies: MaxPageSize -supportedLDAPPolicies: MaxQueryDuration -supportedLDAPPolicies: MaxTempTableSize -supportedLDAPPolicies: MaxResultSetSize -supportedLDAPPolicies: MaxNotificationPerConn -supportedLDAPPolicies: MaxValRange highestCommittedUSN: _DYNAMIC_ -supportedSASLMechanisms: GSSAPI supportedSASLMechanisms: GSS-SPNEGO -supportedSASLMechanisms: EXTERNAL -supportedSASLMechanisms: DIGEST-MD5 -dnsHostName: ${NETBIOSNAME}.${DNSDOMAIN} +dnsHostName: ${DNSNAME} ldapServiceName: ${DNSDOMAIN}:${NETBIOSNAME}$@${DNSDOMAIN} serverName: CN=${NETBIOSNAME},CN=Servers,CN=Default-First-Site,CN=Sites,CN=Configuration,${BASEDN} -supportedCapabilities: 1.2.840.113556.1.4.800 -supportedCapabilities: 1.2.840.113556.1.4.1670 -supportedCapabilities: 1.2.840.113556.1.4.1791 isSynchronized: _DYNAMIC_ domainFunctionality: 0 forestFunctionality: 0 diff --git a/source4/script/rootdse.pl b/source4/script/rootdse.pl index 5e620a0991..8d8bb2e5f9 100755 --- a/source4/script/rootdse.pl +++ b/source4/script/rootdse.pl @@ -5,9 +5,9 @@ use Getopt::Long; my $opt_hostname = `hostname`; chomp $opt_hostname; +my $netbiosname; my $opt_realm; my $opt_domain; -my $opt_netbiosname; my $dnsdomain; my $dnsname; my $basedn; @@ -30,7 +30,11 @@ sub substitute($) } if ($var eq "NETBIOSNAME") { - return $opt_netbiosname; + return $netbiosname; + } + + if ($var eq "DNSNAME") { + return $dnsname; } if ($var eq "DNSDOMAIN") { @@ -78,7 +82,6 @@ rootdse.pl [options] --realm REALM set realm --domain DOMAIN set domain --hostname HOSTNAME set hostname - --netbiosname NETBIOSNAME choose admin password (otherwise random) You must provide at least a realm and domain @@ -93,28 +96,26 @@ GetOptions( 'realm=s' => \$opt_realm, 'domain=s' => \$opt_domain, 'hostname=s' => \$opt_hostname, - 'netbiosname=s' => \$opt_netbiosname, ); if ($opt_help || !$opt_realm || !$opt_domain || - !$opt_hostname || - !$opt_netbiosname) { + !$opt_hostname) { ShowHelp(); } $opt_realm=uc($opt_realm); $opt_domain=uc($opt_domain); -$opt_hostname=uc($opt_hostname); -$opt_netbiosname=uc($opt_netbiosname); +$opt_hostname=lc($opt_hostname); +$netbiosname=uc($opt_hostname); -print "Provisioning host '$opt_hostname' with netbios name '$opt_netbiosname' for domain '$opt_domain' in realm '$opt_realm'\n"; +print "Provisioning host '$opt_hostname' with netbios name '$netbiosname' for domain '$opt_domain' in realm '$opt_realm'\n"; print "generating ldif ...\n"; $dnsdomain = lc($opt_realm); -$dnsname = lc($opt_hostname).".".$dnsdomain; +$dnsname = $opt_hostname.".".$dnsdomain; $basedn = "DC=" . join(",DC=", split(/\./, $opt_realm)); my $data = FileLoad("rootdse.ldif") || die "Unable to load rootdse.ldif\n"; @@ -141,7 +142,7 @@ print "creating newrootdse.ldb ...\n"; # allow provisioning to be run from the source directory $ENV{"PATH"} .= ":bin"; -system("ldbadd -H newrootdse.ldb newroodse.ldif"); +system("ldbadd -H newrootdse.ldb newrootdse.ldif"); print "done |