diff options
Diffstat (limited to 'source4/rpc_server')
-rw-r--r-- | source4/rpc_server/lsa/dcesrv_lsa.c | 18 | ||||
-rw-r--r-- | source4/rpc_server/samr/dcesrv_samr.c | 22 |
2 files changed, 16 insertions, 24 deletions
diff --git a/source4/rpc_server/lsa/dcesrv_lsa.c b/source4/rpc_server/lsa/dcesrv_lsa.c index beae1e340a..0b2c5a0cfb 100644 --- a/source4/rpc_server/lsa/dcesrv_lsa.c +++ b/source4/rpc_server/lsa/dcesrv_lsa.c @@ -285,7 +285,6 @@ static NTSTATUS lsa_get_policy_state(struct dcesrv_call_state *dce_call, TALLOC_ "dnsRoot", NULL }; - char *ref_filter; int ret; state = talloc(mem_ctx, struct lsa_policy_state); @@ -337,31 +336,30 @@ static NTSTATUS lsa_get_policy_state(struct dcesrv_call_state *dce_call, TALLOC_ talloc_free(dom_res); - ref_filter = talloc_asprintf(state, "(&(objectclass=crossRef)(ncName=%s))", - ldb_dn_get_linearized(state->domain_dn)); - if (!ref_filter) { - return NT_STATUS_NO_MEMORY; - } - - ret = ldb_search(state->sam_ldb, partitions_basedn, LDB_SCOPE_SUBTREE, ref_filter, ref_attrs, &ref_res); - talloc_steal(state, ref_res); - talloc_free(ref_filter); + ret = ldb_search_exp_fmt(state->sam_ldb, state, &ref_res, + partitions_basedn, LDB_SCOPE_SUBTREE, ref_attrs, + "(&(objectclass=crossRef)(ncName=%s))", + ldb_dn_get_linearized(state->domain_dn)); if (ret != LDB_SUCCESS) { + talloc_free(ref_res); return NT_STATUS_INVALID_SYSTEM_SERVICE; } if (ref_res->count != 1) { + talloc_free(ref_res); return NT_STATUS_NO_SUCH_DOMAIN; } state->domain_name = ldb_msg_find_attr_as_string(ref_res->msgs[0], "nETBIOSName", NULL); if (!state->domain_name) { + talloc_free(ref_res); return NT_STATUS_NO_SUCH_DOMAIN; } talloc_steal(state, state->domain_name); state->domain_dns = ldb_msg_find_attr_as_string(ref_res->msgs[0], "dnsRoot", NULL); if (!state->domain_dns) { + talloc_free(ref_res); return NT_STATUS_NO_SUCH_DOMAIN; } talloc_steal(state, state->domain_dns); diff --git a/source4/rpc_server/samr/dcesrv_samr.c b/source4/rpc_server/samr/dcesrv_samr.c index 398d347b07..bc85e4e665 100644 --- a/source4/rpc_server/samr/dcesrv_samr.c +++ b/source4/rpc_server/samr/dcesrv_samr.c @@ -2093,7 +2093,6 @@ static NTSTATUS samr_AddGroupMember(struct dcesrv_call_state *dce_call, TALLOC_C const char *memberdn; struct ldb_result *res; const char * const attrs[] = { NULL }; - const char *filter; int ret; DCESRV_PULL_HANDLE(h, r->in.group_handle, SAMR_HANDLE_GROUP); @@ -2105,18 +2104,16 @@ static NTSTATUS samr_AddGroupMember(struct dcesrv_call_state *dce_call, TALLOC_C if (membersid == NULL) return NT_STATUS_NO_MEMORY; - filter = talloc_asprintf(mem_ctx, "(&(objectSid=%s)(objectclass=user))", - ldap_encode_ndr_dom_sid(mem_ctx, membersid)); - /* In native mode, AD can also nest domain groups. Not sure yet * whether this is also available via RPC. */ - ret = ldb_search(d_state->sam_ctx, d_state->domain_dn, LDB_SCOPE_SUBTREE, - filter, attrs, &res); + ret = ldb_search_exp_fmt(d_state->sam_ctx, mem_ctx, &res, + d_state->domain_dn, LDB_SCOPE_SUBTREE, attrs, + "(&(objectSid=%s)(objectclass=user))", + ldap_encode_ndr_dom_sid(mem_ctx, membersid)); if (ret != 0) { return NT_STATUS_INTERNAL_DB_CORRUPTION; } - talloc_steal(mem_ctx, res); if (res->count == 0) { return NT_STATUS_NO_SUCH_USER; @@ -2198,7 +2195,6 @@ static NTSTATUS samr_DeleteGroupMember(struct dcesrv_call_state *dce_call, TALLO const char *memberdn; struct ldb_result *res; const char * const attrs[] = { NULL }; - const char *filter; int ret; DCESRV_PULL_HANDLE(h, r->in.group_handle, SAMR_HANDLE_GROUP); @@ -2210,18 +2206,16 @@ static NTSTATUS samr_DeleteGroupMember(struct dcesrv_call_state *dce_call, TALLO if (membersid == NULL) return NT_STATUS_NO_MEMORY; - filter = talloc_asprintf(mem_ctx, "(&(objectSid=%s)(objectclass=user))", - ldap_encode_ndr_dom_sid(mem_ctx, membersid)); - /* In native mode, AD can also nest domain groups. Not sure yet * whether this is also available via RPC. */ - ret = ldb_search(d_state->sam_ctx, d_state->domain_dn, LDB_SCOPE_SUBTREE, - filter, attrs, &res); + ret = ldb_search_exp_fmt(d_state->sam_ctx, mem_ctx, &res, + d_state->domain_dn, LDB_SCOPE_SUBTREE, attrs, + "(&(objectSid=%s)(objectclass=user))", + ldap_encode_ndr_dom_sid(mem_ctx, membersid)); if (ret != 0) { return NT_STATUS_INTERNAL_DB_CORRUPTION; } - talloc_steal(mem_ctx, res); if (res->count == 0) { return NT_STATUS_NO_SUCH_USER; |