diff options
Diffstat (limited to 'source4/auth')
-rw-r--r-- | source4/auth/auth_sam.c | 13 | ||||
-rw-r--r-- | source4/auth/sam.c | 5 |
2 files changed, 11 insertions, 7 deletions
diff --git a/source4/auth/auth_sam.c b/source4/auth/auth_sam.c index dbf79bd34d..96d8a0d40a 100644 --- a/source4/auth/auth_sam.c +++ b/source4/auth/auth_sam.c @@ -45,6 +45,7 @@ static NTSTATUS authsam_search_account(TALLOC_CTX *mem_ctx, struct ldb_context * struct ldb_message **msgs_tmp; struct ldb_message **msgs; struct ldb_message **msgs_domain_ref; + const struct ldb_dn *partitions_basedn = ldb_dn_string_compose(mem_ctx, samdb_base_dn(mem_ctx), "CN=Partitions,CN=Configuration"); int ret; int ret_domain; @@ -54,7 +55,7 @@ static NTSTATUS authsam_search_account(TALLOC_CTX *mem_ctx, struct ldb_context * if (domain_name) { char *escaped_domain = ldb_binary_encode_string(mem_ctx, domain_name); /* find the domain's DN */ - ret_domain = gendb_search(sam_ctx, mem_ctx, NULL, &msgs_domain_ref, domain_ref_attrs, + ret_domain = gendb_search(sam_ctx, mem_ctx, partitions_basedn, &msgs_domain_ref, domain_ref_attrs, "(&(&(|(&(dnsRoot=%s)(nETBIOSName=*))(nETBIOSName=%s))(objectclass=crossRef))(ncName=*))", escaped_domain, escaped_domain); if (ret_domain == -1) { @@ -74,6 +75,8 @@ static NTSTATUS authsam_search_account(TALLOC_CTX *mem_ctx, struct ldb_context * } domain_dn = samdb_result_dn(mem_ctx, msgs_domain_ref[0], "nCName", NULL); + } else { + domain_dn = samdb_base_dn(mem_ctx); } /* pull the user attributes */ @@ -85,8 +88,8 @@ static NTSTATUS authsam_search_account(TALLOC_CTX *mem_ctx, struct ldb_context * } if (ret == 0) { - DEBUG(3,("sam_search_user: Couldn't find user [%s] in samdb.\n", - account_name)); + DEBUG(3,("sam_search_user: Couldn't find user [%s\\%s] in samdb, under %s\n", + domain_name, account_name, ldb_dn_linearize(mem_ctx, domain_dn))); return NT_STATUS_NO_SUCH_USER; } @@ -104,7 +107,7 @@ static NTSTATUS authsam_search_account(TALLOC_CTX *mem_ctx, struct ldb_context * } /* find the domain's DN */ - ret = gendb_search(sam_ctx, mem_ctx, NULL, &msgs_tmp, NULL, + ret = gendb_search(sam_ctx, mem_ctx, samdb_base_dn(mem_ctx), &msgs_tmp, NULL, "(&(objectSid=%s)(objectclass=domain))", ldap_encode_ndr_dom_sid(mem_ctx, domain_sid)); if (ret == -1) { @@ -123,7 +126,7 @@ static NTSTATUS authsam_search_account(TALLOC_CTX *mem_ctx, struct ldb_context * return NT_STATUS_INTERNAL_DB_CORRUPTION; } - ret_domain = gendb_search(sam_ctx, mem_ctx, NULL, &msgs_domain_ref, domain_ref_attrs, + ret_domain = gendb_search(sam_ctx, mem_ctx, partitions_basedn, &msgs_domain_ref, domain_ref_attrs, "(nCName=%s)", ldb_dn_linearize(msgs_tmp, msgs_tmp[0]->dn)); if (ret_domain == -1) { diff --git a/source4/auth/sam.c b/source4/auth/sam.c index 0e9fa5c02e..e7f70aa370 100644 --- a/source4/auth/sam.c +++ b/source4/auth/sam.c @@ -206,7 +206,7 @@ _PUBLIC_ NTSTATUS authsam_make_server_info(TALLOC_CTX *mem_ctx, struct ldb_conte TALLOC_CTX *tmp_ctx = talloc_new(mem_ctx); group_ret = gendb_search(sam_ctx, - tmp_ctx, NULL, &group_msgs, group_attrs, + tmp_ctx, samdb_base_dn(tmp_ctx), &group_msgs, group_attrs, "(&(member=%s)(sAMAccountType=*))", ldb_dn_linearize(tmp_ctx, msg->dn)); if (group_ret == -1) { @@ -321,6 +321,7 @@ _PUBLIC_ NTSTATUS sam_get_results_principal(struct ldb_context *sam_ctx, NTSTATUS nt_status; TALLOC_CTX *tmp_ctx = talloc_new(mem_ctx); int ret; + const struct ldb_dn *partitions_basedn = ldb_dn_string_compose(mem_ctx, samdb_base_dn(mem_ctx), "CN=Partitions,CN=Configuration"); if (!tmp_ctx) { return NT_STATUS_NO_MEMORY; @@ -333,7 +334,7 @@ _PUBLIC_ NTSTATUS sam_get_results_principal(struct ldb_context *sam_ctx, } /* grab domain info from the reference */ - ret = gendb_search(sam_ctx, tmp_ctx, NULL, msgs_domain_ref, domain_ref_attrs, + ret = gendb_search(sam_ctx, tmp_ctx, partitions_basedn, msgs_domain_ref, domain_ref_attrs, "(ncName=%s)", ldb_dn_linearize(tmp_ctx, domain_dn)); if (ret != 1) { |