diff options
Diffstat (limited to 'source4/dsdb')
-rw-r--r-- | source4/dsdb/repl/drepl_notify.c | 18 | ||||
-rw-r--r-- | source4/dsdb/repl/drepl_out_helpers.c | 208 | ||||
-rw-r--r-- | source4/dsdb/samdb/ldb_modules/samldb.c | 180 | ||||
-rw-r--r-- | source4/dsdb/samdb/ldb_modules/schema_load.c | 2 |
4 files changed, 241 insertions, 167 deletions
diff --git a/source4/dsdb/repl/drepl_notify.c b/source4/dsdb/repl/drepl_notify.c index fe3b2d2497..2f0fa4892b 100644 --- a/source4/dsdb/repl/drepl_notify.c +++ b/source4/dsdb/repl/drepl_notify.c @@ -101,13 +101,14 @@ static void dreplsrv_op_notify_replica_sync_send(struct dreplsrv_op_notify_state /* called when we have an established connection */ -static void dreplsrv_op_notify_connect_recv(struct composite_context *creq) +static void dreplsrv_op_notify_connect_done(struct tevent_req *subreq) { - struct dreplsrv_op_notify_state *st = talloc_get_type(creq->async.private_data, - struct dreplsrv_op_notify_state); + struct dreplsrv_op_notify_state *st = tevent_req_callback_data(subreq, + struct dreplsrv_op_notify_state); struct composite_context *c = st->creq; - c->status = dreplsrv_out_drsuapi_recv(creq); + c->status = dreplsrv_out_drsuapi_recv(subreq); + TALLOC_FREE(subreq); if (!composite_is_ok(c)) return; dreplsrv_op_notify_replica_sync_send(st); @@ -119,8 +120,8 @@ static void dreplsrv_op_notify_connect_recv(struct composite_context *creq) static struct composite_context *dreplsrv_op_notify_send(struct dreplsrv_notify_operation *op) { struct composite_context *c; - struct composite_context *creq; struct dreplsrv_op_notify_state *st; + struct tevent_req *subreq; c = composite_create(op, op->service->task->event_ctx); if (c == NULL) return NULL; @@ -131,8 +132,11 @@ static struct composite_context *dreplsrv_op_notify_send(struct dreplsrv_notify_ st->creq = c; st->op = op; - creq = dreplsrv_out_drsuapi_send(op->source_dsa->conn); - composite_continue(c, creq, dreplsrv_op_notify_connect_recv, st); + subreq = dreplsrv_out_drsuapi_send(st, + op->service->task->event_ctx, + op->source_dsa->conn); + if (composite_nomem(subreq, c)) return c; + tevent_req_set_callback(subreq, dreplsrv_op_notify_connect_done, st); return c; } diff --git a/source4/dsdb/repl/drepl_out_helpers.c b/source4/dsdb/repl/drepl_out_helpers.c index 03f8842494..722db4f8ee 100644 --- a/source4/dsdb/repl/drepl_out_helpers.c +++ b/source4/dsdb/repl/drepl_out_helpers.c @@ -34,10 +34,9 @@ #include "libcli/composite/composite.h" #include "auth/gensec/gensec.h" #include "param/param.h" +#include "../lib/util/tevent_ntstatus.h" struct dreplsrv_out_drsuapi_state { - struct composite_context *creq; - struct dreplsrv_out_connection *conn; struct dreplsrv_drsuapi_connection *drsuapi; @@ -46,139 +45,160 @@ struct dreplsrv_out_drsuapi_state { struct drsuapi_DsBind bind_r; }; -static void dreplsrv_out_drsuapi_connect_recv(struct composite_context *creq); +static void dreplsrv_out_drsuapi_connect_done(struct composite_context *creq); -struct composite_context *dreplsrv_out_drsuapi_send(struct dreplsrv_out_connection *conn) +struct tevent_req *dreplsrv_out_drsuapi_send(TALLOC_CTX *mem_ctx, + struct tevent_context *ev, + struct dreplsrv_out_connection *conn) { - struct composite_context *c; + struct tevent_req *req; + struct dreplsrv_out_drsuapi_state *state; struct composite_context *creq; - struct dreplsrv_out_drsuapi_state *st; - c = composite_create(conn, conn->service->task->event_ctx); - if (c == NULL) return NULL; + req = tevent_req_create(mem_ctx, &state, + struct dreplsrv_out_drsuapi_state); + if (req == NULL) { + return NULL; + } - st = talloc_zero(c, struct dreplsrv_out_drsuapi_state); - if (composite_nomem(st, c)) return c; + state->conn = conn; + state->drsuapi = conn->drsuapi; - c->private_data = st; + if (state->drsuapi && !state->drsuapi->pipe->conn->dead) { + tevent_req_done(req); + return tevent_req_post(req, ev); + } - st->creq = c; - st->conn = conn; - st->drsuapi = conn->drsuapi; - - if (st->drsuapi && !st->drsuapi->pipe->conn->dead) { - composite_done(c); - return c; - } else if (st->drsuapi && st->drsuapi->pipe->conn->dead) { - talloc_free(st->drsuapi); + if (state->drsuapi && state->drsuapi->pipe->conn->dead) { + talloc_free(state->drsuapi); conn->drsuapi = NULL; } - st->drsuapi = talloc_zero(st, struct dreplsrv_drsuapi_connection); - if (composite_nomem(st->drsuapi, c)) return c; + state->drsuapi = talloc_zero(state, struct dreplsrv_drsuapi_connection); + if (tevent_req_nomem(state->drsuapi, req)) { + return tevent_req_post(req, ev); + } - creq = dcerpc_pipe_connect_b_send(st, conn->binding, &ndr_table_drsuapi, + creq = dcerpc_pipe_connect_b_send(state, conn->binding, &ndr_table_drsuapi, conn->service->system_session_info->credentials, - c->event_ctx, conn->service->task->lp_ctx); - composite_continue(c, creq, dreplsrv_out_drsuapi_connect_recv, st); + ev, conn->service->task->lp_ctx); + if (tevent_req_nomem(creq, req)) { + return tevent_req_post(req, ev); + } + composite_continue(NULL, creq, dreplsrv_out_drsuapi_connect_done, req); - return c; + return req; } -static void dreplsrv_out_drsuapi_bind_send(struct dreplsrv_out_drsuapi_state *st); +static void dreplsrv_out_drsuapi_bind_done(struct rpc_request *rreq); -static void dreplsrv_out_drsuapi_connect_recv(struct composite_context *creq) +static void dreplsrv_out_drsuapi_connect_done(struct composite_context *creq) { - struct dreplsrv_out_drsuapi_state *st = talloc_get_type(creq->async.private_data, - struct dreplsrv_out_drsuapi_state); - struct composite_context *c = st->creq; - - c->status = dcerpc_pipe_connect_b_recv(creq, st->drsuapi, &st->drsuapi->pipe); - if (!composite_is_ok(c)) return; - - c->status = gensec_session_key(st->drsuapi->pipe->conn->security_state.generic_state, - &st->drsuapi->gensec_skey); - if (!composite_is_ok(c)) return; - - dreplsrv_out_drsuapi_bind_send(st); -} + struct tevent_req *req = talloc_get_type(creq->async.private_data, + struct tevent_req); + struct dreplsrv_out_drsuapi_state *state = tevent_req_data(req, + struct dreplsrv_out_drsuapi_state); + NTSTATUS status; + struct rpc_request *rreq; -static void dreplsrv_out_drsuapi_bind_recv(struct rpc_request *req); + status = dcerpc_pipe_connect_b_recv(creq, + state->drsuapi, + &state->drsuapi->pipe); + if (tevent_req_nterror(req, status)) { + return; + } -static void dreplsrv_out_drsuapi_bind_send(struct dreplsrv_out_drsuapi_state *st) -{ - struct composite_context *c = st->creq; - struct rpc_request *req; + status = gensec_session_key(state->drsuapi->pipe->conn->security_state.generic_state, + &state->drsuapi->gensec_skey); + if (tevent_req_nterror(req, status)) { + return; + } - st->bind_info_ctr.length = 28; - st->bind_info_ctr.info.info28 = st->conn->service->bind_info28; + state->bind_info_ctr.length = 28; + state->bind_info_ctr.info.info28 = state->conn->service->bind_info28; - st->bind_r.in.bind_guid = &st->conn->service->ntds_guid; - st->bind_r.in.bind_info = &st->bind_info_ctr; - st->bind_r.out.bind_handle = &st->drsuapi->bind_handle; + state->bind_r.in.bind_guid = &state->conn->service->ntds_guid; + state->bind_r.in.bind_info = &state->bind_info_ctr; + state->bind_r.out.bind_handle = &state->drsuapi->bind_handle; - req = dcerpc_drsuapi_DsBind_send(st->drsuapi->pipe, st, &st->bind_r); - composite_continue_rpc(c, req, dreplsrv_out_drsuapi_bind_recv, st); + rreq = dcerpc_drsuapi_DsBind_send(state->drsuapi->pipe, + state, + &state->bind_r); + if (tevent_req_nomem(rreq, req)) { + return; + } + composite_continue_rpc(NULL, rreq, dreplsrv_out_drsuapi_bind_done, req); } -static void dreplsrv_out_drsuapi_bind_recv(struct rpc_request *req) +static void dreplsrv_out_drsuapi_bind_done(struct rpc_request *rreq) { - struct dreplsrv_out_drsuapi_state *st = talloc_get_type(req->async.private_data, - struct dreplsrv_out_drsuapi_state); - struct composite_context *c = st->creq; + struct tevent_req *req = talloc_get_type(rreq->async.private_data, + struct tevent_req); + struct dreplsrv_out_drsuapi_state *state = tevent_req_data(req, + struct dreplsrv_out_drsuapi_state); + NTSTATUS status; - c->status = dcerpc_ndr_request_recv(req); - if (!composite_is_ok(c)) return; + status = dcerpc_ndr_request_recv(rreq); + if (tevent_req_nterror(req, status)) { + return; + } - if (!W_ERROR_IS_OK(st->bind_r.out.result)) { - composite_error(c, werror_to_ntstatus(st->bind_r.out.result)); + if (!W_ERROR_IS_OK(state->bind_r.out.result)) { + status = werror_to_ntstatus(state->bind_r.out.result); + tevent_req_nterror(req, status); return; } - ZERO_STRUCT(st->drsuapi->remote_info28); - if (st->bind_r.out.bind_info) { - switch (st->bind_r.out.bind_info->length) { + ZERO_STRUCT(state->drsuapi->remote_info28); + if (state->bind_r.out.bind_info) { + struct drsuapi_DsBindInfo28 *info28; + info28 = &state->drsuapi->remote_info28; + + switch (state->bind_r.out.bind_info->length) { case 24: { struct drsuapi_DsBindInfo24 *info24; - info24 = &st->bind_r.out.bind_info->info.info24; - st->drsuapi->remote_info28.supported_extensions = info24->supported_extensions; - st->drsuapi->remote_info28.site_guid = info24->site_guid; - st->drsuapi->remote_info28.pid = info24->pid; - st->drsuapi->remote_info28.repl_epoch = 0; + info24 = &state->bind_r.out.bind_info->info.info24; + + info28->supported_extensions = info24->supported_extensions; + info28->site_guid = info24->site_guid; + info28->pid = info24->pid; + info28->repl_epoch = 0; break; } case 48: { struct drsuapi_DsBindInfo48 *info48; - info48 = &st->bind_r.out.bind_info->info.info48; - st->drsuapi->remote_info28.supported_extensions = info48->supported_extensions; - st->drsuapi->remote_info28.site_guid = info48->site_guid; - st->drsuapi->remote_info28.pid = info48->pid; - st->drsuapi->remote_info28.repl_epoch = info48->repl_epoch; + info48 = &state->bind_r.out.bind_info->info.info48; + + info28->supported_extensions = info48->supported_extensions; + info28->site_guid = info48->site_guid; + info28->pid = info48->pid; + info28->repl_epoch = info48->repl_epoch; break; } case 28: - st->drsuapi->remote_info28 = st->bind_r.out.bind_info->info.info28; + *info28 = state->bind_r.out.bind_info->info.info28; break; } } - composite_done(c); + tevent_req_done(req); } -NTSTATUS dreplsrv_out_drsuapi_recv(struct composite_context *c) +NTSTATUS dreplsrv_out_drsuapi_recv(struct tevent_req *req) { + struct dreplsrv_out_drsuapi_state *state = tevent_req_data(req, + struct dreplsrv_out_drsuapi_state); NTSTATUS status; - struct dreplsrv_out_drsuapi_state *st = talloc_get_type(c->private_data, - struct dreplsrv_out_drsuapi_state); - status = composite_wait(c); - - if (NT_STATUS_IS_OK(status)) { - st->conn->drsuapi = talloc_steal(st->conn, st->drsuapi); + if (tevent_req_is_nterror(req, &status)) { + tevent_req_received(req); + return status; } - talloc_free(c); - return status; + state->conn->drsuapi = talloc_move(state->conn, &state->drsuapi); + + tevent_req_received(req); + return NT_STATUS_OK; } struct dreplsrv_op_pull_source_state { @@ -195,13 +215,13 @@ struct dreplsrv_op_pull_source_state { struct drsuapi_DsGetNCChangesCtr6 *ctr6; }; -static void dreplsrv_op_pull_source_connect_recv(struct composite_context *creq); +static void dreplsrv_op_pull_source_connect_done(struct tevent_req *subreq); struct composite_context *dreplsrv_op_pull_source_send(struct dreplsrv_out_operation *op) { struct composite_context *c; - struct composite_context *creq; struct dreplsrv_op_pull_source_state *st; + struct tevent_req *subreq; c = composite_create(op, op->service->task->event_ctx); if (c == NULL) return NULL; @@ -212,21 +232,25 @@ struct composite_context *dreplsrv_op_pull_source_send(struct dreplsrv_out_opera st->creq = c; st->op = op; - creq = dreplsrv_out_drsuapi_send(op->source_dsa->conn); - composite_continue(c, creq, dreplsrv_op_pull_source_connect_recv, st); + subreq = dreplsrv_out_drsuapi_send(st, + op->service->task->event_ctx, + op->source_dsa->conn); + if (composite_nomem(subreq, c)) return c; + tevent_req_set_callback(subreq, dreplsrv_op_pull_source_connect_done, st); return c; } static void dreplsrv_op_pull_source_get_changes_send(struct dreplsrv_op_pull_source_state *st); -static void dreplsrv_op_pull_source_connect_recv(struct composite_context *creq) +static void dreplsrv_op_pull_source_connect_done(struct tevent_req *subreq) { - struct dreplsrv_op_pull_source_state *st = talloc_get_type(creq->async.private_data, + struct dreplsrv_op_pull_source_state *st = tevent_req_callback_data(subreq, struct dreplsrv_op_pull_source_state); struct composite_context *c = st->creq; - c->status = dreplsrv_out_drsuapi_recv(creq); + c->status = dreplsrv_out_drsuapi_recv(subreq); + TALLOC_FREE(subreq); if (!composite_is_ok(c)) return; dreplsrv_op_pull_source_get_changes_send(st); diff --git a/source4/dsdb/samdb/ldb_modules/samldb.c b/source4/dsdb/samdb/ldb_modules/samldb.c index fc286c4d83..17a99c74c7 100644 --- a/source4/dsdb/samdb/ldb_modules/samldb.c +++ b/source4/dsdb/samdb/ldb_modules/samldb.c @@ -9,12 +9,12 @@ it under the terms of the GNU General Public License as published by the Free Software Foundation; either version 3 of the License, or (at your option) any later version. - + This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details. - + You should have received a copy of the GNU General Public License along with this program. If not, see <http://www.gnu.org/licenses/>. */ @@ -333,37 +333,37 @@ static int samldb_check_samAccountName_callback(struct ldb_request *req, { struct samldb_ctx *ac; int ret; - + ac = talloc_get_type(req->context, struct samldb_ctx); - + if (ares->error != LDB_SUCCESS) { return ldb_module_done(ac->req, ares->controls, ares->response, ares->error); } - + switch (ares->type) { - case LDB_REPLY_ENTRY: + case LDB_REPLY_ENTRY: /* if we get an entry it means this samAccountName * already exists */ return ldb_module_done(ac->req, NULL, NULL, LDB_ERR_ENTRY_ALREADY_EXISTS); - + case LDB_REPLY_REFERRAL: /* this should not happen */ return ldb_module_done(ac->req, NULL, NULL, LDB_ERR_OPERATIONS_ERROR); - + case LDB_REPLY_DONE: /* not found, go on */ talloc_free(ares); ret = samldb_next_step(ac); break; } - + if (ret != LDB_SUCCESS) { return ldb_module_done(ac->req, NULL, NULL, ret); } - + return LDB_SUCCESS; } @@ -374,16 +374,16 @@ static int samldb_check_samAccountName(struct samldb_ctx *ac) const char *name; char *filter; int ret; - + ldb = ldb_module_get_ctx(ac->module); - + if (ldb_msg_find_element(ac->msg, "samAccountName") == NULL) { ret = samldb_generate_samAccountName(ac->msg); if (ret != LDB_SUCCESS) { return ret; } } - + name = ldb_msg_find_attr_as_string(ac->msg, "samAccountName", NULL); if (name == NULL) { return LDB_ERR_OPERATIONS_ERROR; @@ -393,7 +393,7 @@ static int samldb_check_samAccountName(struct samldb_ctx *ac) if (filter == NULL) { return LDB_ERR_OPERATIONS_ERROR; } - + ret = ldb_build_search_req(&req, ldb, ac, ac->domain_dn, LDB_SCOPE_SUBTREE, filter, NULL, @@ -569,7 +569,7 @@ static int samldb_get_sid_domain(struct samldb_ctx *ac) /* get the domain component part of the provided SID */ ac->domain_sid->num_auths--; - filter = talloc_asprintf(ac, + filter = talloc_asprintf(ac, "(&(objectSid=%s)" "(|(objectClass=domain)" "(objectClass=builtinDomain)))", @@ -713,7 +713,7 @@ static int samldb_check_primaryGroupID_2(struct samldb_ctx *ac) struct ldb_context *ldb; ldb = ldb_module_get_ctx(ac->module); ldb_asprintf_errstring(ldb, - "Failed to find group sid %s!", + "Failed to find group sid %s!", dom_sid_string(ac->sid, ac->sid)); return LDB_ERR_UNWILLING_TO_PERFORM; } @@ -918,36 +918,33 @@ done: static int samldb_set_defaultObjectCategory(struct samldb_ctx *ac) { + struct ldb_context *ldb; + struct ldb_message *msg; + struct ldb_request *req; int ret; - if (ac->dn) { - struct ldb_request *req; - struct ldb_context *ldb; - struct ldb_message *msg = ldb_msg_new(ac); - - msg->dn = ac->dn; - - ldb_msg_add_empty(msg, "defaultObjectCategory", LDB_FLAG_MOD_REPLACE, NULL); - - ldb_msg_add_steal_string(msg, "defaultObjectCategory", ldb_dn_alloc_linearized(msg, ac->dn)); - - ldb = ldb_module_get_ctx(ac->module); - ret = ldb_build_mod_req(&req, ldb, ac, - msg, NULL, - ac, samldb_set_defaultObjectCategory_callback, - ac->req); - if (ret != LDB_SUCCESS) { - return ret; - } + ldb = ldb_module_get_ctx(ac->module); - return ldb_next_request(ac->module, req); - } + /* (Re)set the default object category to have it set to the DN in the + * storage format */ + msg = ldb_msg_new(ac); + msg->dn = ac->msg->dn; + ldb_msg_add_empty(msg, "defaultObjectCategory", + LDB_FLAG_MOD_REPLACE, NULL); + ldb_msg_add_steal_string(msg, "defaultObjectCategory", + ldb_dn_alloc_linearized(msg, ac->dn)); - ret = samldb_next_step(ac); + ret = ldb_build_mod_req(&req, ldb, ac, + msg, NULL, + ac, + samldb_set_defaultObjectCategory_callback, + ac->req); if (ret != LDB_SUCCESS) { - return ldb_module_done(ac->req, NULL, NULL, ret); + talloc_free(msg); + return ret; } - return ret; + + return ldb_next_request(ac->module, req); } /* @@ -955,14 +952,35 @@ static int samldb_set_defaultObjectCategory(struct samldb_ctx *ac) */ static int samldb_find_for_defaultObjectCategory_callback(struct ldb_request *req, - struct ldb_reply *ares) + struct ldb_reply *ares) { + struct ldb_context *ldb; struct samldb_ctx *ac; int ret; ac = talloc_get_type(req->context, struct samldb_ctx); + ldb = ldb_module_get_ctx(ac->module); + if (!ares) { + ret = LDB_ERR_OPERATIONS_ERROR; + goto done; + } if (ares->error != LDB_SUCCESS) { + if (ares->error == LDB_ERR_NO_SUCH_OBJECT) { + if (ldb_request_get_control(ac->req, + LDB_CONTROL_RELAX_OID) != NULL) { + /* Don't be pricky when the DN doesn't exist */ + /* if we have the RELAX control specified */ + ac->dn = req->op.search.base; + return samldb_next_step(ac); + } else { + ldb_set_errstring(ldb, + "samldb_find_defaultObjectCategory: " + "Invalid DN for 'defaultObjectCategory'!"); + ares->error = LDB_ERR_CONSTRAINT_VIOLATION; + } + } + return ldb_module_done(ac->req, ares->controls, ares->response, ares->error); } @@ -970,22 +988,33 @@ static int samldb_find_for_defaultObjectCategory_callback(struct ldb_request *re switch (ares->type) { case LDB_REPLY_ENTRY: ac->dn = talloc_steal(ac, ares->message->dn); + + ret = LDB_SUCCESS; break; + case LDB_REPLY_REFERRAL: /* this should not happen */ - return ldb_module_done(ac->req, NULL, NULL, - LDB_ERR_OPERATIONS_ERROR); + talloc_free(ares); + ret = LDB_ERR_OPERATIONS_ERROR; + break; case LDB_REPLY_DONE: - /* found or not found, go on */ talloc_free(ares); - ret = samldb_next_step(ac); - if (ret != LDB_SUCCESS) { - return ldb_module_done(ac->req, NULL, NULL, ret); + + if (ac->dn != NULL) { + /* when found go on */ + ret = samldb_next_step(ac); + } else { + ret = LDB_ERR_OPERATIONS_ERROR; } break; } +done: + if (ret != LDB_SUCCESS) { + return ldb_module_done(ac->req, NULL, NULL, ret); + } + return LDB_SUCCESS; } @@ -993,38 +1022,55 @@ static int samldb_find_for_defaultObjectCategory(struct samldb_ctx *ac) { struct ldb_context *ldb; struct ldb_request *req; - int ret; static const char *no_attrs[] = { NULL }; + int ret; + const struct ldb_val *val; + struct ldb_dn *def_obj_cat_dn; ldb = ldb_module_get_ctx(ac->module); ac->dn = NULL; - if (ldb_msg_find_element(ac->msg, "defaultObjectCategory") == NULL) { - ret = ldb_build_search_req(&req, ldb, ac, - ac->msg->dn, LDB_SCOPE_BASE, - "objectClass=classSchema", no_attrs, - NULL, - ac, samldb_find_for_defaultObjectCategory_callback, - ac->req); - if (ret != LDB_SUCCESS) { - return ret; - } - ret = dsdb_request_add_controls(ac->module, req, DSDB_SEARCH_SHOW_DN_IN_STORAGE_FORMAT); - if (ret != LDB_SUCCESS) { - return ret; + val = ldb_msg_find_ldb_val(ac->msg, "defaultObjectCategory"); + if (val != NULL) { + /* "defaultObjectCategory" has been set by the caller. Do some + * checks for consistency. + * NOTE: The real constraint check (that 'defaultObjectCategory' + * is the DN of the new objectclass or any parent of it) is + * still incomplete. + * For now we say that 'defaultObjectCategory' is valid if it + * exists and it is of objectclass "classSchema". */ + def_obj_cat_dn = ldb_dn_from_ldb_val(ac, ldb, val); + if (def_obj_cat_dn == NULL) { + ldb_set_errstring(ldb, + "samldb_find_defaultObjectCategory: Invalid DN " + "for 'defaultObjectCategory'!"); + return LDB_ERR_CONSTRAINT_VIOLATION; } - return ldb_next_request(ac->module, req); + } else { + /* "defaultObjectCategory" has not been set by the caller. Use + * the entry DN for it. */ + def_obj_cat_dn = ac->msg->dn; } - ret = samldb_next_step(ac); + ret = ldb_build_search_req(&req, ldb, ac, + def_obj_cat_dn, LDB_SCOPE_BASE, + "objectClass=classSchema", no_attrs, + NULL, + ac, samldb_find_for_defaultObjectCategory_callback, + ac->req); if (ret != LDB_SUCCESS) { - return ldb_module_done(ac->req, NULL, NULL, ret); + return ret; } - return ret; -} + ret = dsdb_request_add_controls(ac->module, req, + DSDB_SEARCH_SHOW_DN_IN_STORAGE_FORMAT); + if (ret != LDB_SUCCESS) { + return ret; + } + return ldb_next_request(ac->module, req); +} /* @@ -1377,7 +1423,7 @@ static int samldb_foreign_notice_sid(struct samldb_ctx *ac) } - filter = talloc_asprintf(ac, + filter = talloc_asprintf(ac, "(&(objectSid=%s)" "(|(objectClass=domain)" "(objectClass=builtinDomain)))", diff --git a/source4/dsdb/samdb/ldb_modules/schema_load.c b/source4/dsdb/samdb/ldb_modules/schema_load.c index c7cd76a395..c72911fe89 100644 --- a/source4/dsdb/samdb/ldb_modules/schema_load.c +++ b/source4/dsdb/samdb/ldb_modules/schema_load.c @@ -102,7 +102,7 @@ static int dsdb_schema_from_schema_dn(TALLOC_CTX *mem_ctx, struct ldb_module *mo "(objectClass=classSchema)"); if (ret != LDB_SUCCESS) { ldb_asprintf_errstring(ldb, - "dsdb_schema: failed to search attributeSchema objects: %s", + "dsdb_schema: failed to search classSchema objects: %s", ldb_errstring(ldb)); goto failed; } |