9 files changed, 288 insertions, 63 deletions
diff --git a/source4/dsdb/samdb/ldb_modules/config.mk b/source4/dsdb/samdb/ldb_modules/config.mk
index 456ff5756c..ea4e722822 100644
--- a/source4/dsdb/samdb/ldb_modules/config.mk
+++ b/source4/dsdb/samdb/ldb_modules/config.mk
@@ -1,4 +1,14 @@
 ################################################
+# Start SUBSYSTEM DSDB_MODULE_HELPERS
+[SUBSYSTEM::DSDB_MODULE_HELPERS]
+PRIVATE_DEPENDENCIES = LIBLDB
+
+DSDB_MODULE_HELPERS_OBJ_FILES = $(dsdbsrcdir)/samdb/ldb_modules/util.o
+
+$(eval $(call proto_header_template,$(dsdbsrcdir)/samdb/ldb_modules/util_proto.h,$(DSDB_MODULE_HELPERS_OBJ_FILES:.o=.c)))
+
+
+################################################
 # Start MODULE ldb_objectguid
 [MODULE::ldb_objectguid]
 SUBSYSTEM = LIBLDB
@@ -15,7 +25,7 @@ ldb_objectguid_OBJ_FILES = $(dsdbsrcdir)/samdb/ldb_modules/objectguid.o
 SUBSYSTEM = LIBLDB
 PRIVATE_DEPENDENCIES = SAMDB LIBTALLOC LIBEVENTS \
 			LIBNDR NDR_DRSUAPI \
-			NDR_DRSBLOBS LIBNDR
+			NDR_DRSBLOBS LIBNDR DSDB_MODULE_HELPERS
 INIT_FUNCTION = LDB_MODULE(repl_meta_data)
 # End MODULE ldb_repl_meta_data
 ################################################
@@ -39,7 +49,7 @@ ldb_dsdb_cache_OBJ_FILES = \
 # Start MODULE ldb_schema_fsmo
 [MODULE::ldb_schema_fsmo]
 SUBSYSTEM = LIBLDB
-PRIVATE_DEPENDENCIES = SAMDB LIBTALLOC LIBEVENTS
+PRIVATE_DEPENDENCIES = SAMDB LIBTALLOC LIBEVENTS DSDB_MODULE_HELPERS
 INIT_FUNCTION = LDB_MODULE(schema_fsmo)
 # End MODULE ldb_schema_fsmo
 ################################################
@@ -51,7 +61,7 @@ ldb_schema_fsmo_OBJ_FILES = \
 # Start MODULE ldb_naming_fsmo
 [MODULE::ldb_naming_fsmo]
 SUBSYSTEM = LIBLDB
-PRIVATE_DEPENDENCIES = SAMDB LIBTALLOC LIBEVENTS
+PRIVATE_DEPENDENCIES = SAMDB LIBTALLOC LIBEVENTS DSDB_MODULE_HELPERS
 INIT_FUNCTION = LDB_MODULE(naming_fsmo)
 # End MODULE ldb_naming_fsmo
 ################################################
@@ -63,7 +73,7 @@ ldb_naming_fsmo_OBJ_FILES = \
 # Start MODULE ldb_pdc_fsmo
 [MODULE::ldb_pdc_fsmo]
 SUBSYSTEM = LIBLDB
-PRIVATE_DEPENDENCIES = SAMDB LIBTALLOC LIBEVENTS
+PRIVATE_DEPENDENCIES = SAMDB LIBTALLOC LIBEVENTS DSDB_MODULE_HELPERS
 INIT_FUNCTION = LDB_MODULE(pdc_fsmo)
 # End MODULE ldb_pdc_fsmo
 ################################################
@@ -220,7 +230,7 @@ ldb_show_deleted_OBJ_FILES = $(dsdbsrcdir)/samdb/ldb_modules/show_deleted.o
 # Start MODULE ldb_partition
 [MODULE::ldb_partition]
 SUBSYSTEM = LIBLDB
-PRIVATE_DEPENDENCIES = LIBTALLOC LIBEVENTS SAMDB
+PRIVATE_DEPENDENCIES = LIBTALLOC LIBEVENTS SAMDB DSDB_MODULE_HELPERS
 INIT_FUNCTION = LDB_MODULE(partition)
 # End MODULE ldb_partition
 ################################################
diff --git a/source4/dsdb/samdb/ldb_modules/naming_fsmo.c b/source4/dsdb/samdb/ldb_modules/naming_fsmo.c
index 607bf054d2..15cad259ce 100644
--- a/source4/dsdb/samdb/ldb_modules/naming_fsmo.c
+++ b/source4/dsdb/samdb/ldb_modules/naming_fsmo.c
@@ -28,6 +28,7 @@
 #include "librpc/gen_ndr/ndr_drsuapi.h"
 #include "librpc/gen_ndr/ndr_drsblobs.h"
 #include "../lib/util/dlinklist.h"
+#include "dsdb/samdb/ldb_modules/util.h"
 
 static int naming_fsmo_init(struct ldb_module *module)
 {
@@ -65,34 +66,15 @@ static int naming_fsmo_init(struct ldb_module *module)
 	}
 	ldb_module_set_private(module, naming_fsmo);
 
-	ret = ldb_search(ldb, mem_ctx, &naming_res,
-			 naming_dn, LDB_SCOPE_BASE,
-			 naming_attrs, NULL);
+	ret = dsdb_module_search_dn(module, mem_ctx, &naming_res,
+				    naming_dn, 
+				    naming_attrs);
 	if (ret == LDB_ERR_NO_SUCH_OBJECT) {
 		ldb_debug(ldb, LDB_DEBUG_WARNING,
 			  "naming_fsmo_init: no partitions dn present: (skip loading of naming contexts details)\n");
 		talloc_free(mem_ctx);
 		return ldb_next_init(module);
 	}
-	if (ret != LDB_SUCCESS) {
-		ldb_debug_set(ldb, LDB_DEBUG_FATAL,
-			      "naming_fsmo_init: failed to search the cross-ref container: %s: %s",
-			      ldb_strerror(ret), ldb_errstring(ldb));
-		talloc_free(mem_ctx);
-		return ret;
-	}
-	if (naming_res->count == 0) {
-		ldb_debug(ldb, LDB_DEBUG_WARNING,
-			  "naming_fsmo_init: no cross-ref container present: (skip loading of naming contexts details)\n");
-		talloc_free(mem_ctx);
-		return ldb_next_init(module);
-	} else if (naming_res->count > 1) {
-		ldb_debug_set(ldb, LDB_DEBUG_FATAL,
-			      "naming_fsmo_init: [%u] cross-ref containers found on a base search",
-			      naming_res->count);
-		talloc_free(mem_ctx);
-		return LDB_ERR_CONSTRAINT_VIOLATION;
-	}
 
 	naming_fsmo->master_dn = ldb_msg_find_attr_as_dn(ldb, naming_fsmo, naming_res->msgs[0], "fSMORoleOwner");
 	if (ldb_dn_compare(samdb_ntds_settings_dn(ldb), naming_fsmo->master_dn) == 0) {
diff --git a/source4/dsdb/samdb/ldb_modules/objectclass.c b/source4/dsdb/samdb/ldb_modules/objectclass.c
index b6f1a1aa23..b5e058df0b 100644
--- a/source4/dsdb/samdb/ldb_modules/objectclass.c
+++ b/source4/dsdb/samdb/ldb_modules/objectclass.c
@@ -706,7 +706,13 @@ static int objectclass_modify(struct ldb_module *module, struct ldb_request *req
 	if (!schema) {
 		return ldb_next_request(module, req);
 	}
-	objectclass_element = ldb_msg_find_element(req->op.mod.message, "objectClass");
+
+	/* As with the "real" AD we don't accept empty messages */
+	if (req->op.mod.message->num_elements == 0) {
+		ldb_set_errstring(ldb, "objectclass: modify message must have "
+				       "elements/attributes!");
+		return LDB_ERR_UNWILLING_TO_PERFORM;
+	}
 
 	ac = oc_init_context(module, req);
 	if (ac == NULL) {
@@ -715,6 +721,7 @@ static int objectclass_modify(struct ldb_module *module, struct ldb_request *req
 
 	/* If no part of this touches the objectClass, then we don't
 	 * need to make any changes.  */
+	objectclass_element = ldb_msg_find_element(req->op.mod.message, "objectClass");
 
 	/* If the only operation is the deletion of the objectClass
 	 * then go on with just fixing the attribute case */
diff --git a/source4/dsdb/samdb/ldb_modules/password_hash.c b/source4/dsdb/samdb/ldb_modules/password_hash.c
index fdb044198b..adb62d3544 100644
--- a/source4/dsdb/samdb/ldb_modules/password_hash.c
+++ b/source4/dsdb/samdb/ldb_modules/password_hash.c
@@ -1673,7 +1673,7 @@ static int build_domain_data_request(struct ph_context *ac)
 	ldb = ldb_module_get_ctx(ac->module);
 
 	filter = talloc_asprintf(ac,
-				"(&(objectSid=%s)(|(|(objectClass=domain)(objectClass=builtinDomain))(objectClass=samba4LocalDomain)))",
+				"(&(objectSid=%s)(|(objectClass=domain)(objectClass=builtinDomain)))",
 				 ldap_encode_ndr_dom_sid(ac, ac->domain_sid));
 	if (filter == NULL) {
 		ldb_oom(ldb);
diff --git a/source4/dsdb/samdb/ldb_modules/pdc_fsmo.c b/source4/dsdb/samdb/ldb_modules/pdc_fsmo.c
index 950f87eb74..6d814f9334 100644
--- a/source4/dsdb/samdb/ldb_modules/pdc_fsmo.c
+++ b/source4/dsdb/samdb/ldb_modules/pdc_fsmo.c
@@ -27,6 +27,7 @@
 #include "librpc/gen_ndr/ndr_drsuapi.h"
 #include "librpc/gen_ndr/ndr_drsblobs.h"
 #include "../lib/util/dlinklist.h"
+#include "dsdb/samdb/ldb_modules/util.h"
 
 static int pdc_fsmo_init(struct ldb_module *module)
 {
@@ -64,9 +65,9 @@ static int pdc_fsmo_init(struct ldb_module *module)
 	}
 	ldb_module_set_private(module, pdc_fsmo);
 
-	ret = ldb_search(ldb, mem_ctx, &pdc_res,
-			 pdc_dn, LDB_SCOPE_BASE,
-			 pdc_attrs, NULL);
+	ret = dsdb_module_search_dn(module, mem_ctx, &pdc_res,
+				    pdc_dn, 
+				    pdc_attrs);
 	if (ret == LDB_ERR_NO_SUCH_OBJECT) {
 		ldb_debug(ldb, LDB_DEBUG_WARNING,
 			  "pdc_fsmo_init: no domain object present: (skip loading of domain details)\n");
@@ -79,19 +80,6 @@ static int pdc_fsmo_init(struct ldb_module *module)
 		talloc_free(mem_ctx);
 		return ret;
 	}
-	if (pdc_res->count == 0) {
-		ldb_debug(ldb, LDB_DEBUG_WARNING,
-			  "pdc_fsmo_init: no domain object present: (skip loading of domain details)\n");
-		talloc_free(mem_ctx);
-		return ldb_next_init(module);
-	} else if (pdc_res->count > 1) {
-		ldb_debug_set(ldb, LDB_DEBUG_FATAL,
-			      "pdc_fsmo_init: [%u] domain objects found on a base search",
-			      pdc_res->count);
-		DEBUG(0,(__location__ ": %s\n", ldb_errstring(ldb)));
-		talloc_free(mem_ctx);
-		return LDB_ERR_CONSTRAINT_VIOLATION;
-	}
 
 	pdc_fsmo->master_dn = ldb_msg_find_attr_as_dn(ldb, mem_ctx, pdc_res->msgs[0], "fSMORoleOwner");
 	if (ldb_dn_compare(samdb_ntds_settings_dn(ldb), pdc_fsmo->master_dn) == 0) {
diff --git a/source4/dsdb/samdb/ldb_modules/samldb.c b/source4/dsdb/samdb/ldb_modules/samldb.c
index 2d87a017fd..2a0bb2dfe6 100644
--- a/source4/dsdb/samdb/ldb_modules/samldb.c
+++ b/source4/dsdb/samdb/ldb_modules/samldb.c
@@ -284,8 +284,7 @@ static int samldb_get_parent_domain(struct samldb_ctx *ac)
 	ret = ldb_build_search_req(&req, ldb, ac,
 				   dn, LDB_SCOPE_BASE,
 				   "(|(objectClass=domain)"
-				     "(objectClass=builtinDomain)"
-				     "(objectClass=samba4LocalDomain))",
+				   "(objectClass=builtinDomain))",
 				   attrs,
 				   NULL,
 				   ac, samldb_get_parent_domain_callback,
@@ -559,10 +558,10 @@ static int samldb_get_sid_domain(struct samldb_ctx *ac)
 	/* get the domain component part of the provided SID */
 	ac->domain_sid->num_auths--;
 
-	filter = talloc_asprintf(ac, "(&(objectSid=%s)"
-				       "(|(objectClass=domain)"
-				         "(objectClass=builtinDomain)"
-				         "(objectClass=samba4LocalDomain)))",
+	filter = talloc_asprintf(ac, 
+				 "(&(objectSid=%s)"
+				 "(|(objectClass=domain)"
+				 "(objectClass=builtinDomain)))",
 				 ldap_encode_ndr_dom_sid(ac, ac->domain_sid));
 	if (filter == NULL) {
 		return LDB_ERR_OPERATIONS_ERROR;
diff --git a/source4/dsdb/samdb/ldb_modules/schema_fsmo.c b/source4/dsdb/samdb/ldb_modules/schema_fsmo.c
index c482ab57df..2b6606c147 100644
--- a/source4/dsdb/samdb/ldb_modules/schema_fsmo.c
+++ b/source4/dsdb/samdb/ldb_modules/schema_fsmo.c
@@ -5,6 +5,7 @@
    checkings, it also loads the dsdb_schema.
    
    Copyright (C) Stefan Metzmacher <metze@samba.org> 2007
+   Copyright (C) Andrew Bartlett <abartlet@samba.org> 2009
     
    This program is free software; you can redistribute it and/or modify
    it under the terms of the GNU General Public License as published by
@@ -28,6 +29,7 @@
 #include "librpc/gen_ndr/ndr_drsuapi.h"
 #include "librpc/gen_ndr/ndr_drsblobs.h"
 #include "param/param.h"
+#include "dsdb/samdb/ldb_modules/util.h"
 
 static int generate_objectClasses(struct ldb_context *ldb, struct ldb_message *msg,
 				  const struct dsdb_schema *schema);
@@ -90,13 +92,107 @@ struct schema_fsmo_search_data {
 	const struct dsdb_schema *schema;
 };
 
+/*
+  Given an LDB module (pointing at the schema DB), and the DN, set the populated schema
+*/
+
+static int dsdb_schema_from_schema_dn(TALLOC_CTX *mem_ctx, struct ldb_module *module,
+				      struct smb_iconv_convenience *iconv_convenience, 
+				      struct ldb_dn *schema_dn,
+				      struct dsdb_schema **schema) 
+{
+	TALLOC_CTX *tmp_ctx;
+	char *error_string;
+	int ret;
+	struct ldb_context *ldb = ldb_module_get_ctx(module);
+	struct ldb_result *schema_res;
+	struct ldb_result *a_res;
+	struct ldb_result *c_res;
+	static const char *schema_attrs[] = {
+		"prefixMap",
+		"schemaInfo",
+		"fSMORoleOwner",
+		NULL
+	};
+	unsigned flags;
+
+	tmp_ctx = talloc_new(mem_ctx);
+	if (!tmp_ctx) {
+		ldb_oom(ldb);
+		return LDB_ERR_OPERATIONS_ERROR;
+	}
+
+	/* we don't want to trace the schema load */
+	flags = ldb_get_flags(ldb);
+	ldb_set_flags(ldb, flags & ~LDB_FLG_ENABLE_TRACING);
+
+	/*
+	 * setup the prefix mappings and schema info
+	 */
+	ret = dsdb_module_search_dn(module, tmp_ctx, &schema_res,
+				    schema_dn, schema_attrs);
+	if (ret == LDB_ERR_NO_SUCH_OBJECT) {
+		goto failed;
+	} else if (ret != LDB_SUCCESS) {
+		ldb_asprintf_errstring(ldb, 
+				       "dsdb_schema: failed to search the schema head: %s",
+				       ldb_errstring(ldb));
+		goto failed;
+	}
+
+	/*
+	 * load the attribute definitions
+	 */
+	ret = dsdb_module_search(module, tmp_ctx, &a_res,
+				 schema_dn, LDB_SCOPE_ONELEVEL, NULL,
+				 "(objectClass=attributeSchema)");
+	if (ret != LDB_SUCCESS) {
+		ldb_asprintf_errstring(ldb, 
+				       "dsdb_schema: failed to search attributeSchema objects: %s",
+				       ldb_errstring(ldb));
+		goto failed;
+	}
+
+	/*
+	 * load the objectClass definitions
+	 */
+	ret = dsdb_module_search(module, tmp_ctx, &c_res,
+				 schema_dn, LDB_SCOPE_ONELEVEL, NULL,
+				 "(objectClass=classSchema)");
+	if (ret != LDB_SUCCESS) {
+		ldb_asprintf_errstring(ldb, 
+				       "dsdb_schema: failed to search attributeSchema objects: %s",
+				       ldb_errstring(ldb));
+		goto failed;
+	}
+
+	ret = dsdb_schema_from_ldb_results(tmp_ctx, ldb,
+					   lp_iconv_convenience(ldb_get_opaque(ldb, "loadparm")),
+					   schema_res, a_res, c_res, schema, &error_string);
+	if (ret != LDB_SUCCESS) {
+		ldb_asprintf_errstring(ldb, 
+						    "dsdb_schema load failed: %s",
+						    error_string);
+		goto failed;
+	}
+	talloc_steal(mem_ctx, *schema);
+
+failed:
+	if (flags & LDB_FLG_ENABLE_TRACING) {
+		flags = ldb_get_flags(ldb);
+		ldb_set_flags(ldb, flags | LDB_FLG_ENABLE_TRACING);
+	}
+	talloc_free(tmp_ctx);
+	return ret;
+}	
+
+
 static int schema_fsmo_init(struct ldb_module *module)
 {
 	struct ldb_context *ldb;
 	TALLOC_CTX *mem_ctx;
 	struct ldb_dn *schema_dn;
 	struct dsdb_schema *schema;
-	char *error_string = NULL;
 	int ret;
 	struct schema_fsmo_private_data *data;
 
@@ -134,9 +230,9 @@ static int schema_fsmo_init(struct ldb_module *module)
 		return LDB_ERR_OPERATIONS_ERROR;
 	}
 
-	ret = dsdb_schema_from_schema_dn(mem_ctx, ldb,
+	ret = dsdb_schema_from_schema_dn(mem_ctx, module,
 					 lp_iconv_convenience(ldb_get_opaque(ldb, "loadparm")),
-					 schema_dn, &schema, &error_string);
+					 schema_dn, &schema);
 
 	if (ret == LDB_ERR_NO_SUCH_OBJECT) {
 		ldb_reset_err_string(ldb);
@@ -147,9 +243,6 @@ static int schema_fsmo_init(struct ldb_module *module)
 	}
 
 	if (ret != LDB_SUCCESS) {
-		ldb_asprintf_errstring(ldb, 
-				       "schema_fsmo_init: dsdb_schema load failed: %s",
-				       error_string);
 		talloc_free(mem_ctx);
 		return ret;
 	}
@@ -246,7 +339,6 @@ static int schema_fsmo_extended(struct ldb_module *module, struct ldb_request *r
 	struct ldb_context *ldb;
 	struct ldb_dn *schema_dn;
 	struct dsdb_schema *schema;
-	char *error_string = NULL;
 	int ret;
 	TALLOC_CTX *mem_ctx;
 
@@ -270,9 +362,9 @@ static int schema_fsmo_extended(struct ldb_module *module, struct ldb_request *r
 		return LDB_ERR_OPERATIONS_ERROR;
 	}
 	
-	ret = dsdb_schema_from_schema_dn(mem_ctx, ldb,
+	ret = dsdb_schema_from_schema_dn(mem_ctx, module,
 					 lp_iconv_convenience(ldb_get_opaque(ldb, "loadparm")),
-					 schema_dn, &schema, &error_string);
+					 schema_dn, &schema);
 
 	if (ret == LDB_ERR_NO_SUCH_OBJECT) {
 		ldb_reset_err_string(ldb);
@@ -283,9 +375,6 @@ static int schema_fsmo_extended(struct ldb_module *module, struct ldb_request *r
 	}
 
 	if (ret != LDB_SUCCESS) {
-		ldb_asprintf_errstring(ldb, 
-				       "schema_fsmo_extended: dsdb_schema load failed: %s",
-				       error_string);
 		talloc_free(mem_ctx);
 		return ldb_next_request(module, req);
 	}
diff --git a/source4/dsdb/samdb/ldb_modules/util.c b/source4/dsdb/samdb/ldb_modules/util.c
new file mode 100644
index 0000000000..476eb08ed0
--- /dev/null
+++ b/source4/dsdb/samdb/ldb_modules/util.c
@@ -0,0 +1,128 @@
+/* 
+   Unix SMB/CIFS implementation.
+   Samba utility functions
+
+   Copyright (C) Andrew Tridgell 2009
+   Copyright (C) Andrew Bartlett <abartlet@samba.org> 2009
+
+   This program is free software; you can redistribute it and/or modify
+   it under the terms of the GNU General Public License as published by
+   the Free Software Foundation; either version 3 of the License, or
+   (at your option) any later version.
+
+   This program is distributed in the hope that it will be useful,
+   but WITHOUT ANY WARRANTY; without even the implied warranty of
+   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+   GNU General Public License for more details.
+
+   You should have received a copy of the GNU General Public License
+   along with this program.  If not, see <http://www.gnu.org/licenses/>.
+*/
+
+#include "ldb.h"
+#include "ldb_module.h"
+
+/*
+  search for attrs on one DN, in the modules below
+ */
+int dsdb_module_search_dn(struct ldb_module *module,
+			  TALLOC_CTX *mem_ctx,
+			  struct ldb_result **_res,
+			  struct ldb_dn *basedn,
+			  const char * const *attrs)
+{
+	int ret;
+	struct ldb_request *req;
+	TALLOC_CTX *tmp_ctx;
+	struct ldb_result *res;
+
+	tmp_ctx = talloc_new(mem_ctx);
+
+	res = talloc_zero(tmp_ctx, struct ldb_result);
+	if (!res) {
+		return LDB_ERR_OPERATIONS_ERROR;
+	}
+
+	ret = ldb_build_search_req(&req, ldb_module_get_ctx(module), tmp_ctx,
+				   basedn,
+				   LDB_SCOPE_BASE,
+				   NULL,
+				   attrs,
+				   NULL,
+				   res,
+				   ldb_search_default_callback,
+				   NULL);
+	if (ret != LDB_SUCCESS) {
+		talloc_free(tmp_ctx);
+		return ret;
+	}
+
+	ret = ldb_next_request(module, req);
+	if (ret == LDB_SUCCESS) {
+		ret = ldb_wait(req->handle, LDB_WAIT_ALL);
+	}
+
+	if (ret != LDB_SUCCESS) {
+		talloc_free(tmp_ctx);
+		return ret;
+	}
+
+	if (res->count != 1) {
+		/* we may be reading a DB that does not have the 'check base on search' option... */
+		ret = LDB_ERR_NO_SUCH_OBJECT;
+	} else {
+		*_res = talloc_steal(mem_ctx, res);
+	}
+	talloc_free(tmp_ctx);
+	return ret;
+}
+
+/*
+  search for attrs in the modules below
+ */
+int dsdb_module_search(struct ldb_module *module,
+		       TALLOC_CTX *mem_ctx,
+		       struct ldb_result **_res,
+		       struct ldb_dn *basedn, enum ldb_scope scope, 
+		       const char * const *attrs,
+		       const char *expression)
+{
+	int ret;
+	struct ldb_request *req;
+	TALLOC_CTX *tmp_ctx;
+	struct ldb_result *res;
+
+	tmp_ctx = talloc_new(mem_ctx);
+
+	res = talloc_zero(tmp_ctx, struct ldb_result);
+	if (!res) {
+		return LDB_ERR_OPERATIONS_ERROR;
+	}
+
+	ret = ldb_build_search_req(&req, ldb_module_get_ctx(module), tmp_ctx,
+				   basedn,
+				   scope,
+				   expression,
+				   attrs,
+				   NULL,
+				   res,
+				   ldb_search_default_callback,
+				   NULL);
+	if (ret != LDB_SUCCESS) {
+		talloc_free(tmp_ctx);
+		return ret;
+	}
+
+	ret = ldb_next_request(module, req);
+	if (ret == LDB_SUCCESS) {
+		ret = ldb_wait(req->handle, LDB_WAIT_ALL);
+	}
+
+	talloc_free(req);
+	if (ret == LDB_SUCCESS) {
+		*_res = talloc_steal(mem_ctx, res);
+	}
+	talloc_free(tmp_ctx);
+	return ret;
+}
+
diff --git a/source4/dsdb/samdb/ldb_modules/util.h b/source4/dsdb/samdb/ldb_modules/util.h
new file mode 100644
index 0000000000..0a1ab83c6d
--- /dev/null
+++ b/source4/dsdb/samdb/ldb_modules/util.h
@@ -0,0 +1,22 @@
+/* 
+   Unix SMB/CIFS implementation.
+   Samba utility functions
+
+   Copyright (C) Andrew Tridgell 2009
+   Copyright (C) Andrew Bartlett <abartlet@samba.org> 2009
+
+   This program is free software; you can redistribute it and/or modify
+   it under the terms of the GNU General Public License as published by
+   the Free Software Foundation; either version 3 of the License, or
+   (at your option) any later version.
+
+   This program is distributed in the hope that it will be useful,
+   but WITHOUT ANY WARRANTY; without even the implied warranty of
+   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+   GNU General Public License for more details.
+
+   You should have received a copy of the GNU General Public License
+   along with this program.  If not, see <http://www.gnu.org/licenses/>.
+*/
+
+#include "dsdb/samdb/ldb_modules/util_proto.h"