diff options
Diffstat (limited to 'source4')
-rw-r--r-- | source4/auth/auth_domain.c | 55 | ||||
-rw-r--r-- | source4/auth/auth_sam.c | 8 | ||||
-rw-r--r-- | source4/dsdb/samdb/samdb.c | 22 | ||||
-rw-r--r-- | source4/dsdb/samdb/samdb_privilege.c | 2 | ||||
-rw-r--r-- | source4/include/secrets.h | 3 | ||||
-rw-r--r-- | source4/lib/basic.mk | 2 | ||||
-rw-r--r-- | source4/lib/cmdline/config.mk | 2 | ||||
-rw-r--r-- | source4/lib/cmdline/popt_common.c | 21 | ||||
-rw-r--r-- | source4/lib/credentials.c | 79 | ||||
-rw-r--r-- | source4/lib/gendb.c (renamed from source4/rpc_server/common/gendb.c) | 21 | ||||
-rw-r--r-- | source4/libcli/auth/kerberos_verify.c | 4 | ||||
-rw-r--r-- | source4/libnet/libnet_join.c | 5 | ||||
-rw-r--r-- | source4/ntvfs/common/sidmap.c | 14 | ||||
-rw-r--r-- | source4/rpc_server/config.mk | 3 | ||||
-rw-r--r-- | source4/rpc_server/drsuapi/drsuapi_cracknames.c | 4 | ||||
-rw-r--r-- | source4/rpc_server/dssetup/dcesrv_dssetup.c | 2 | ||||
-rw-r--r-- | source4/rpc_server/lsa/dcesrv_lsa.c | 38 | ||||
-rw-r--r-- | source4/rpc_server/netlogon/dcerpc_netlogon.c | 18 | ||||
-rw-r--r-- | source4/rpc_server/samr/dcesrv_samr.c | 40 | ||||
-rw-r--r-- | source4/rpc_server/samr/samr_password.c | 12 |
20 files changed, 181 insertions, 174 deletions
diff --git a/source4/auth/auth_domain.c b/source4/auth/auth_domain.c index 86669b9b30..6a968592bd 100644 --- a/source4/auth/auth_domain.c +++ b/source4/auth/auth_domain.c @@ -40,17 +40,6 @@ static NTSTATUS domain_check_password(struct auth_method_context *ctx, struct netr_LogonSamLogon r; struct netr_Authenticator auth, auth2; struct netr_NetworkInfo ninfo; - const char *machine_account; - const char *password; - struct ldb_context *ldb; - int ldb_ret; - struct ldb_message **msgs; - const char *base_dn = SECRETS_PRIMARY_DOMAIN_DN; - const char *attrs[] = { - "secret", - "samAccountName", - NULL - }; struct creds_CredentialState *creds; struct cli_credentials *credentials; @@ -63,50 +52,12 @@ static NTSTATUS domain_check_password(struct auth_method_context *ctx, } credentials = cli_credentials_init(mem_ctx); + status = cli_credentials_set_machine_account(credentials); - /* Fetch join password */ - - /* Local secrets are stored in secrets.ldb */ - ldb = secrets_db_connect(mem_ctx); - if (!ldb) { - return NT_STATUS_CANT_ACCESS_DOMAIN_INFO; - } - - /* search for the secret record */ - ldb_ret = samdb_search(ldb, - mem_ctx, base_dn, &msgs, attrs, - "(&(flatname=%s)(objectclass=primaryDomain))", - lp_workgroup()); - if (ldb_ret == 0) { - DEBUG(1, ("Could not find join record to domain: %s\n", - lp_workgroup())); - return NT_STATUS_CANT_ACCESS_DOMAIN_INFO; - } else if (ldb_ret != 1) { - DEBUG(1, ("Found %d records matching flatname=%s under DN %s\n", ldb_ret, - lp_workgroup(), base_dn)); - return NT_STATUS_INTERNAL_ERROR; - } - - password = ldb_msg_find_string(msgs[0], "secret", NULL); - if (!password) { - DEBUG(1, ("Could not find 'secret' in join record to domain: %s\n", - lp_workgroup())); - return NT_STATUS_CANT_ACCESS_DOMAIN_INFO; - } - - machine_account = ldb_msg_find_string(msgs[0], "samAccountName", NULL); - if (!machine_account) { - DEBUG(1, ("Could not find 'samAccountName' in join record to domain: %s\n", - lp_workgroup())); - return NT_STATUS_CANT_ACCESS_DOMAIN_INFO; + if (!NT_STATUS_IS_OK(status)) { + return status; } - cli_credentials_set_domain(credentials, lp_workgroup(), CRED_SPECIFIED); - cli_credentials_set_username(credentials, machine_account, CRED_SPECIFIED); - cli_credentials_set_password(credentials, password, CRED_SPECIFIED); - - cli_credentials_guess(credentials); - /* Connect to DC (take a binding string for now) */ status = dcerpc_parse_binding(mem_ctx, binding, &b); diff --git a/source4/auth/auth_sam.c b/source4/auth/auth_sam.c index 2a2a437ded..b2aeff78d8 100644 --- a/source4/auth/auth_sam.c +++ b/source4/auth/auth_sam.c @@ -214,7 +214,7 @@ static NTSTATUS authsam_search_account(TALLOC_CTX *mem_ctx, void *sam_ctx, if (domain_name) { /* find the domain's DN */ - ret_domain = samdb_search(sam_ctx, mem_ctx, NULL, &msgs_domain, domain_attrs, + ret_domain = gendb_search(sam_ctx, mem_ctx, NULL, &msgs_domain, domain_attrs, "(&(|(realm=%s)(name=%s))(objectclass=domain))", domain_name, domain_name); if (ret_domain == -1) { @@ -237,7 +237,7 @@ static NTSTATUS authsam_search_account(TALLOC_CTX *mem_ctx, void *sam_ctx, } /* pull the user attributes */ - ret = samdb_search(sam_ctx, mem_ctx, domain_dn, &msgs, attrs, + ret = gendb_search(sam_ctx, mem_ctx, domain_dn, &msgs, attrs, "(&(sAMAccountName=%s)(objectclass=user))", account_name); if (ret == -1) { @@ -264,7 +264,7 @@ static NTSTATUS authsam_search_account(TALLOC_CTX *mem_ctx, void *sam_ctx, } /* find the domain's DN */ - ret_domain = samdb_search(sam_ctx, mem_ctx, NULL, &msgs_domain, domain_attrs, + ret_domain = gendb_search(sam_ctx, mem_ctx, NULL, &msgs_domain, domain_attrs, "(&(objectSid=%s)(objectclass=domain))", domain_sid); if (ret_domain == -1) { @@ -360,7 +360,7 @@ static NTSTATUS authsam_make_server_info(TALLOC_CTX *mem_ctx, void *sam_ctx, uint_t rid; TALLOC_CTX *tmp_ctx = talloc_new(mem_ctx); - group_ret = samdb_search(sam_ctx, + group_ret = gendb_search(sam_ctx, tmp_ctx, NULL, &group_msgs, group_attrs, "(&(member=%s)(sAMAccountType=*))", msgs[0]->dn); diff --git a/source4/dsdb/samdb/samdb.c b/source4/dsdb/samdb/samdb.c index 4cebcfc692..6f9251dd32 100644 --- a/source4/dsdb/samdb/samdb.c +++ b/source4/dsdb/samdb/samdb.c @@ -37,26 +37,6 @@ struct ldb_context *samdb_connect(TALLOC_CTX *mem_ctx) } /* - search the sam for the specified attributes - varargs variant -*/ -int samdb_search(struct ldb_context *sam_ldb, - TALLOC_CTX *mem_ctx, - const char *basedn, - struct ldb_message ***res, - const char * const *attrs, - const char *format, ...) _PRINTF_ATTRIBUTE(6,7) -{ - va_list ap; - int count; - - va_start(ap, format); - count = gendb_search_v(sam_ldb, mem_ctx, basedn, res, attrs, format, ap); - va_end(ap); - - return count; -} - -/* search the sam for the specified attributes in a specific domain, filter on objectSid being in domain_sid. */ @@ -585,7 +565,7 @@ int samdb_copy_template(struct ldb_context *sam_ldb, TALLOC_CTX *mem_ctx, /* pull the template record */ - ret = samdb_search(sam_ldb, mem_ctx, NULL, &res, NULL, "%s", expression); + ret = gendb_search(sam_ldb, mem_ctx, NULL, &res, NULL, "%s", expression); if (ret != 1) { DEBUG(1,("samdb: ERROR: template '%s' matched %d records\n", expression, ret)); diff --git a/source4/dsdb/samdb/samdb_privilege.c b/source4/dsdb/samdb/samdb_privilege.c index 08435e2731..77ddcbbdcd 100644 --- a/source4/dsdb/samdb/samdb_privilege.c +++ b/source4/dsdb/samdb/samdb_privilege.c @@ -44,7 +44,7 @@ static NTSTATUS samdb_privilege_setup_sid(void *samctx, TALLOC_CTX *mem_ctx, return NT_STATUS_NO_MEMORY; } - ret = samdb_search(samctx, mem_ctx, NULL, &res, attrs, "objectSid=%s", sidstr); + ret = gendb_search(samctx, mem_ctx, NULL, &res, attrs, "objectSid=%s", sidstr); if (ret != 1) { talloc_free(sidstr); /* not an error to not match */ diff --git a/source4/include/secrets.h b/source4/include/secrets.h index 8b0d7801e6..09cb0dda69 100644 --- a/source4/include/secrets.h +++ b/source4/include/secrets.h @@ -59,4 +59,7 @@ struct machine_acct_pass { #define SECRETS_PRIMARY_DOMAIN_DN "cn=Primary Domains" +#define SECRETS_PRIMARY_DOMAIN_FILTER "(&(flatname=%s)(objectclass=primaryDomain))" +#define SECRETS_PRIMARY_REALM_FILTER "(&(realm=%s)(objectclass=primaryDomain))" + #endif /* _SECRETS_H */ diff --git a/source4/lib/basic.mk b/source4/lib/basic.mk index 29dbbd22c7..7d6847c465 100644 --- a/source4/lib/basic.mk +++ b/source4/lib/basic.mk @@ -65,8 +65,10 @@ ADD_OBJ_FILES = \ lib/unix_privs.o \ lib/db_wrap.o \ lib/gencache.o \ + lib/gendb.o \ lib/credentials.o REQUIRED_SUBSYSTEMS = \ LIBLDB CHARSET LIBREPLACE LIBNETIF LIBCRYPTO EXT_LIB_DL LIBTALLOC # End SUBSYSTEM LIBBASIC ############################## + diff --git a/source4/lib/cmdline/config.mk b/source4/lib/cmdline/config.mk index 803c81f273..831461b7f3 100644 --- a/source4/lib/cmdline/config.mk +++ b/source4/lib/cmdline/config.mk @@ -2,6 +2,6 @@ # Start SUBSYSTEM LIBCMDLINE_CREDENTIALS [SUBSYSTEM::LIBCMDLINE_CREDENTIALS] ADD_OBJ_FILES = lib/cmdline/getsmbpass.o \ - lib/cmdline/credentials.o + lib/cmdline/credentials.o # End SUBSYSTEM LIBCMDLINE_CREDENTIALS ############################## diff --git a/source4/lib/cmdline/popt_common.c b/source4/lib/cmdline/popt_common.c index 7049ce65df..50e07d95e9 100644 --- a/source4/lib/cmdline/popt_common.c +++ b/source4/lib/cmdline/popt_common.c @@ -213,26 +213,7 @@ static void popt_common_credentials_callback(poptContext con, case 'P': { - char *opt_password = NULL; - /* it is very useful to be able to make ads queries as the - machine account for testing purposes and for domain leave */ - - if (!secrets_init()) { - d_printf("ERROR: Unable to open secrets database\n"); - exit(1); - } - - opt_password = secrets_fetch_machine_password(lp_workgroup()); - - if (!opt_password) { - d_printf("ERROR: Unable to fetch machine password\n"); - exit(1); - } - cmdline_credentials->username = talloc_asprintf(cmdline_credentials, "%s$", lp_netbios_name()); - cmdline_credentials->username_obtained = CRED_SPECIFIED; - cli_credentials_set_password(cmdline_credentials, opt_password, CRED_SPECIFIED); - free(opt_password); - + cli_credentials_set_machine_account(cmdline_credentials); } /* machine accounts only work with kerberos */ diff --git a/source4/lib/credentials.c b/source4/lib/credentials.c index 211cb9ce07..b997e6ae53 100644 --- a/source4/lib/credentials.c +++ b/source4/lib/credentials.c @@ -22,11 +22,23 @@ #include "includes.h" #include "system/filesys.h" +#include "lib/cmdline/popt_common.h" +#include "include/secrets.h" +#include "lib/ldb/include/ldb.h" /* Create a new credentials structure, on the specified TALLOC_CTX */ struct cli_credentials *cli_credentials_init(TALLOC_CTX *mem_ctx) { - return talloc_zero(mem_ctx, struct cli_credentials); + struct cli_credentails *cred = talloc_zero(mem_ctx, struct cli_credentials); + if (!cred) { + return cred; + } + + cli_credentials_set_domain(cred, lp_workgroup(), CRED_GUESSED); + cli_credentials_set_workstation(cred, lp_netbios_name(), CRED_GUESSED); + cli_credentials_set_realm(cred, lp_realm(), CRED_GUESSED); + + return cred; } const char *cli_credentials_get_username(struct cli_credentials *cred) @@ -279,10 +291,6 @@ void cli_credentials_guess(struct cli_credentials *cred) { char *p; - cli_credentials_set_domain(cred, lp_workgroup(), CRED_GUESSED); - cli_credentials_set_workstation(cred, lp_netbios_name(), CRED_GUESSED); - cli_credentials_set_realm(cred, lp_realm(), CRED_GUESSED); - if (getenv("LOGNAME")) { cli_credentials_set_username(cred, getenv("LOGNAME"), CRED_GUESSED); } @@ -311,6 +319,67 @@ void cli_credentials_guess(struct cli_credentials *cred) } } +NTSTATUS cli_credentials_set_machine_account(struct cli_credentials *creds) +{ + TALLOC_CTX *mem_ctx = talloc_named(creds, 0, "cli_credentials fetch machine password"); + + struct ldb_context *ldb; + int ldb_ret; + struct ldb_message **msgs; + const char *base_dn = SECRETS_PRIMARY_DOMAIN_DN; + const char *attrs[] = { + "secret", + "samAccountName", + NULL + }; + + const char *machine_account; + const char *password; + + /* Local secrets are stored in secrets.ldb */ + ldb = secrets_db_connect(mem_ctx); + if (!ldb) { + return NT_STATUS_CANT_ACCESS_DOMAIN_INFO; + } + + /* search for the secret record */ + ldb_ret = gendb_search(ldb, + mem_ctx, base_dn, &msgs, attrs, + SECRETS_PRIMARY_DOMAIN_FILTER, + cli_credentials_get_domain(creds)); + if (ldb_ret == 0) { + DEBUG(1, ("Could not find join record to domain: %s\n", + lp_workgroup())); + talloc_free(mem_ctx); + return NT_STATUS_CANT_ACCESS_DOMAIN_INFO; + } else if (ldb_ret != 1) { + talloc_free(mem_ctx); + return NT_STATUS_CANT_ACCESS_DOMAIN_INFO; + } + + password = ldb_msg_find_string(msgs[0], "secret", NULL); + if (!password) { + DEBUG(1, ("Could not find 'secret' in join record to domain: %s\n", + cli_credentials_get_domain(creds))); + talloc_free(mem_ctx); + return NT_STATUS_CANT_ACCESS_DOMAIN_INFO; + } + + machine_account = ldb_msg_find_string(msgs[0], "samAccountName", NULL); + if (!machine_account) { + DEBUG(1, ("Could not find 'samAccountName' in join record to domain: %s\n", + cli_credentials_get_domain(creds))); + talloc_free(mem_ctx); + return NT_STATUS_CANT_ACCESS_DOMAIN_INFO; + } + + cli_credentials_set_username(creds, machine_account, CRED_SPECIFIED); + cli_credentials_set_password(creds, password, CRED_SPECIFIED); + talloc_free(mem_ctx); + + return NT_STATUS_OK; +} + /* Fill in a credentails structure as anonymous */ void cli_credentials_set_anonymous(struct cli_credentials *cred) { diff --git a/source4/rpc_server/common/gendb.c b/source4/lib/gendb.c index bca1b823c2..befdd63c9e 100644 --- a/source4/rpc_server/common/gendb.c +++ b/source4/lib/gendb.c @@ -57,3 +57,24 @@ int gendb_search_v(struct ldb_context *ldb, return count; } + +/* + search the LDB for the specified attributes - varargs variant +*/ +int gendb_search(struct ldb_context *sam_ldb, + TALLOC_CTX *mem_ctx, + const char *basedn, + struct ldb_message ***res, + const char * const *attrs, + const char *format, ...) _PRINTF_ATTRIBUTE(6,7) +{ + va_list ap; + int count; + + va_start(ap, format); + count = gendb_search_v(sam_ldb, mem_ctx, basedn, res, attrs, format, ap); + va_end(ap); + + return count; +} + diff --git a/source4/libcli/auth/kerberos_verify.c b/source4/libcli/auth/kerberos_verify.c index 2aef38fcd9..6e7907fc43 100644 --- a/source4/libcli/auth/kerberos_verify.c +++ b/source4/libcli/auth/kerberos_verify.c @@ -204,9 +204,9 @@ static krb5_error_code ads_secrets_verify_ticket(TALLOC_CTX *mem_ctx, krb5_conte } /* search for the secret record */ - ldb_ret = samdb_search(ldb, + ldb_ret = gendb_search(ldb, mem_ctx, base_dn, &msgs, attrs, - "(&(realm=%s)(objectclass=primaryDomain))", + SECRETS_PRIMARY_REALM_FILTER, lp_realm()); if (ldb_ret == 0) { DEBUG(1, ("Could not find domain join record for %s\n", diff --git a/source4/libnet/libnet_join.c b/source4/libnet/libnet_join.c index 1186853520..1f02cc83b6 100644 --- a/source4/libnet/libnet_join.c +++ b/source4/libnet/libnet_join.c @@ -24,6 +24,7 @@ #include "librpc/gen_ndr/ndr_samr.h" #include "lib/crypto/crypto.h" #include "lib/ldb/include/ldb.h" +#include "include/secrets.h" /* * do a domain join using DCERPC/SAMR calls @@ -373,9 +374,9 @@ static NTSTATUS libnet_Join_primary_domain(struct libnet_context *ctx, msg = ldb_msg_new(mem_ctx); /* search for the secret record */ - ret = samdb_search(ldb, + ret = gendb_search(ldb, mem_ctx, base_dn, &msgs, attrs, - "(&(flatname=%s)(objectclass=primaryDomain))", + SECRETS_PRIMARY_DOMAIN_FILTER, r->generic.in.domain_name); if (ret == 0) { msg->dn = talloc_asprintf(mem_ctx, "flatname=%s,%s", diff --git a/source4/ntvfs/common/sidmap.c b/source4/ntvfs/common/sidmap.c index 2a530c4a6b..a39ee2f0eb 100644 --- a/source4/ntvfs/common/sidmap.c +++ b/source4/ntvfs/common/sidmap.c @@ -102,7 +102,7 @@ static NTSTATUS sidmap_primary_domain_sid(struct sidmap_context *sidmap, int ret; struct ldb_message **res; - ret = samdb_search(sidmap->samctx, ctx, NULL, &res, attrs, + ret = gendb_search(sidmap->samctx, ctx, NULL, &res, attrs, "(&(objectClass=domain)(name=%s))", lp_workgroup()); if (ret != 1) { talloc_free(ctx); @@ -148,7 +148,7 @@ NTSTATUS sidmap_sid_to_unixuid(struct sidmap_context *sidmap, return NT_STATUS_NO_MEMORY; } - ret = samdb_search(sidmap->samctx, ctx, NULL, &res, attrs, + ret = gendb_search(sidmap->samctx, ctx, NULL, &res, attrs, "objectSid=%s", sidstr); if (ret != 1) { goto allocated_sid; @@ -247,7 +247,7 @@ NTSTATUS sidmap_sid_to_unixgid(struct sidmap_context *sidmap, return NT_STATUS_NO_MEMORY; } - ret = samdb_search(sidmap->samctx, ctx, NULL, &res, attrs, + ret = gendb_search(sidmap->samctx, ctx, NULL, &res, attrs, "objectSid=%s", sidstr); if (ret != 1) { goto allocated_sid; @@ -360,7 +360,7 @@ NTSTATUS sidmap_uid_to_sid(struct sidmap_context *sidmap, given uid */ - ret = samdb_search(sidmap->samctx, ctx, NULL, &res, attrs, + ret = gendb_search(sidmap->samctx, ctx, NULL, &res, attrs, "unixID=%u", (unsigned int)uid); for (i=0;i<ret;i++) { const char *sidstr; @@ -387,7 +387,7 @@ NTSTATUS sidmap_uid_to_sid(struct sidmap_context *sidmap, goto allocate_sid; } - ret = samdb_search(sidmap->samctx, ctx, NULL, &res, attrs, + ret = gendb_search(sidmap->samctx, ctx, NULL, &res, attrs, "(|(unixName=%s)(sAMAccountName=%s))", pwd->pw_name, pwd->pw_name); for (i=0;i<ret;i++) { @@ -472,7 +472,7 @@ NTSTATUS sidmap_gid_to_sid(struct sidmap_context *sidmap, given gid */ - ret = samdb_search(sidmap->samctx, ctx, NULL, &res, attrs, + ret = gendb_search(sidmap->samctx, ctx, NULL, &res, attrs, "unixID=%u", (unsigned int)gid); for (i=0;i<ret;i++) { const char *sidstr; @@ -499,7 +499,7 @@ NTSTATUS sidmap_gid_to_sid(struct sidmap_context *sidmap, goto allocate_sid; } - ret = samdb_search(sidmap->samctx, ctx, NULL, &res, attrs, + ret = gendb_search(sidmap->samctx, ctx, NULL, &res, attrs, "(|(unixName=%s)(sAMAccountName=%s))", grp->gr_name, grp->gr_name); for (i=0;i<ret;i++) { diff --git a/source4/rpc_server/config.mk b/source4/rpc_server/config.mk index 765f2237bc..a3dfd3de51 100644 --- a/source4/rpc_server/config.mk +++ b/source4/rpc_server/config.mk @@ -5,8 +5,7 @@ [SUBSYSTEM::DCERPC_COMMON] ADD_OBJ_FILES = \ rpc_server/common/server_info.o \ - rpc_server/common/share_info.o \ - rpc_server/common/gendb.o + rpc_server/common/share_info.o # # End SUBSYSTEM DCERPC_COMMON ################################################ diff --git a/source4/rpc_server/drsuapi/drsuapi_cracknames.c b/source4/rpc_server/drsuapi/drsuapi_cracknames.c index 47a4715cf8..65da137356 100644 --- a/source4/rpc_server/drsuapi/drsuapi_cracknames.c +++ b/source4/rpc_server/drsuapi/drsuapi_cracknames.c @@ -143,7 +143,7 @@ static WERROR DsCrackNameOneName(struct drsuapi_bind_state *b_state, TALLOC_CTX } /* if we have a domain_filter look it up and set the result_basedn and the dns_domain_name */ - ret = samdb_search(b_state->sam_ctx, mem_ctx, NULL, &domain_res, domain_attrs, + ret = gendb_search(b_state->sam_ctx, mem_ctx, NULL, &domain_res, domain_attrs, "%s", domain_filter); switch (ret) { case 1: @@ -166,7 +166,7 @@ static WERROR DsCrackNameOneName(struct drsuapi_bind_state *b_state, TALLOC_CTX if (result_filter) { result_basedn = samdb_result_string(domain_res[0], "dn", NULL); - ret = samdb_search(b_state->sam_ctx, mem_ctx, result_basedn, &result_res, + ret = gendb_search(b_state->sam_ctx, mem_ctx, result_basedn, &result_res, result_attrs, "%s", result_filter); switch (ret) { case 1: diff --git a/source4/rpc_server/dssetup/dcesrv_dssetup.c b/source4/rpc_server/dssetup/dcesrv_dssetup.c index 5df9c4fc0b..fa219343c1 100644 --- a/source4/rpc_server/dssetup/dcesrv_dssetup.c +++ b/source4/rpc_server/dssetup/dcesrv_dssetup.c @@ -87,7 +87,7 @@ static WERROR dssetup_DsRoleGetPrimaryDomainInformation(struct dcesrv_call_state return WERR_SERVER_UNAVAILABLE; } - ret = samdb_search(sam_ctx, mem_ctx, NULL, &res, attrs, + ret = gendb_search(sam_ctx, mem_ctx, NULL, &res, attrs, "(&(objectClass=domainDNS)(!(objectClass=builtinDomain)))"); if (ret != 1) { return WERR_SERVER_UNAVAILABLE; diff --git a/source4/rpc_server/lsa/dcesrv_lsa.c b/source4/rpc_server/lsa/dcesrv_lsa.c index 2e1a621eee..ea803559c4 100644 --- a/source4/rpc_server/lsa/dcesrv_lsa.c +++ b/source4/rpc_server/lsa/dcesrv_lsa.c @@ -359,7 +359,7 @@ static NTSTATUS lsa_info_AccountDomain(struct lsa_policy_state *state, TALLOC_CT int ret; struct ldb_message **res; - ret = samdb_search(state->sam_ldb, mem_ctx, NULL, &res, attrs, + ret = gendb_search(state->sam_ldb, mem_ctx, NULL, &res, attrs, "dn=%s", state->domain_dn); if (ret != 1) { return NT_STATUS_INTERNAL_DB_CORRUPTION; @@ -381,7 +381,7 @@ static NTSTATUS lsa_info_DNS(struct lsa_policy_state *state, TALLOC_CTX *mem_ctx int ret; struct ldb_message **res; - ret = samdb_search(state->sam_ldb, mem_ctx, NULL, &res, attrs, + ret = gendb_search(state->sam_ldb, mem_ctx, NULL, &res, attrs, "dn=%s", state->domain_dn); if (ret != 1) { return NT_STATUS_INTERNAL_DB_CORRUPTION; @@ -496,7 +496,7 @@ static NTSTATUS lsa_EnumAccounts(struct dcesrv_call_state *dce_call, TALLOC_CTX state = h->data; - ret = samdb_search(state->sam_ldb, mem_ctx, state->builtin_dn, &res, attrs, + ret = gendb_search(state->sam_ldb, mem_ctx, state->builtin_dn, &res, attrs, "privilege=*"); if (ret <= 0) { return NT_STATUS_NO_SUCH_USER; @@ -600,7 +600,7 @@ static NTSTATUS lsa_CreateTrustedDomain(struct dcesrv_call_state *dce_call, TALL } /* search for the trusted_domain record */ - ret = samdb_search(trusted_domain_state->policy->sam_ldb, + ret = gendb_search(trusted_domain_state->policy->sam_ldb, mem_ctx, policy_state->system_dn, &msgs, attrs, "(&(cn=%s)(objectclass=trustedDomain))", r->in.info->name.string); @@ -700,7 +700,7 @@ static NTSTATUS lsa_OpenTrustedDomain(struct dcesrv_call_state *dce_call, TALLOC } /* search for the trusted_domain record */ - ret = samdb_search(trusted_domain_state->policy->sam_ldb, + ret = gendb_search(trusted_domain_state->policy->sam_ldb, mem_ctx, policy_state->system_dn, &msgs, attrs, "(&(securityIdentifier=%s)(objectclass=trustedDomain))", sid_string); @@ -765,7 +765,7 @@ static NTSTATUS lsa_OpenTrustedDomainByName(struct dcesrv_call_state *dce_call, trusted_domain_state->policy = policy_state; /* search for the trusted_domain record */ - ret = samdb_search(trusted_domain_state->policy->sam_ldb, + ret = gendb_search(trusted_domain_state->policy->sam_ldb, mem_ctx, policy_state->system_dn, &msgs, attrs, "(&(flatname=%s)(objectclass=trustedDomain))", r->in.name.string); @@ -850,7 +850,7 @@ static NTSTATUS lsa_QueryTrustedDomainInfo(struct dcesrv_call_state *dce_call, T trusted_domain_state = h->data; /* pull all the user attributes */ - ret = samdb_search(trusted_domain_state->policy->sam_ldb, mem_ctx, NULL, &res, attrs, + ret = gendb_search(trusted_domain_state->policy->sam_ldb, mem_ctx, NULL, &res, attrs, "dn=%s", trusted_domain_state->trusted_domain_dn); if (ret != 1) { return NT_STATUS_INTERNAL_DB_CORRUPTION; @@ -970,7 +970,7 @@ static NTSTATUS lsa_EnumTrustDom(struct dcesrv_call_state *dce_call, TALLOC_CTX /* search for all users in this domain. This could possibly be cached and resumed based on resume_key */ - count = samdb_search(policy_state->sam_ldb, mem_ctx, policy_state->system_dn, &domains, attrs, + count = gendb_search(policy_state->sam_ldb, mem_ctx, policy_state->system_dn, &domains, attrs, "objectclass=trustedDomain"); if (count == -1) { return NT_STATUS_INTERNAL_DB_CORRUPTION; @@ -1105,7 +1105,7 @@ static NTSTATUS lsa_lookup_sid(struct lsa_policy_state *state, TALLOC_CTX *mem_c const char * const attrs[] = { "sAMAccountName", "sAMAccountType", "name", NULL}; NTSTATUS status; - ret = samdb_search(state->sam_ldb, mem_ctx, NULL, &res, attrs, + ret = gendb_search(state->sam_ldb, mem_ctx, NULL, &res, attrs, "objectSid=%s", sid_str); if (ret == 1) { *name = ldb_msg_find_string(res[0], "sAMAccountName", NULL); @@ -1373,7 +1373,7 @@ static NTSTATUS lsa_EnumPrivsAccount(struct dcesrv_call_state *dce_call, r->out.privs->unknown = 0; r->out.privs->set = NULL; - ret = samdb_search(astate->policy->sam_ldb, mem_ctx, NULL, &res, attrs, + ret = gendb_search(astate->policy->sam_ldb, mem_ctx, NULL, &res, attrs, "dn=%s", astate->account_dn); if (ret != 1) { return NT_STATUS_OK; @@ -1429,7 +1429,7 @@ static NTSTATUS lsa_EnumAccountRights(struct dcesrv_call_state *dce_call, return NT_STATUS_NO_MEMORY; } - ret = samdb_search(state->sam_ldb, mem_ctx, NULL, &res, attrs, + ret = gendb_search(state->sam_ldb, mem_ctx, NULL, &res, attrs, "objectSid=%s", sidstr); if (ret != 1) { return NT_STATUS_OBJECT_NAME_NOT_FOUND; @@ -1746,7 +1746,7 @@ static NTSTATUS lsa_CreateSecret(struct dcesrv_call_state *dce_call, TALLOC_CTX name2 = talloc_asprintf(mem_ctx, "%s Secret", name); /* search for the secret record */ - ret = samdb_search(secret_state->sam_ldb, + ret = gendb_search(secret_state->sam_ldb, mem_ctx, policy_state->system_dn, &msgs, attrs, "(&(cn=%s)(objectclass=secret))", name2); @@ -1776,7 +1776,7 @@ static NTSTATUS lsa_CreateSecret(struct dcesrv_call_state *dce_call, TALLOC_CTX secret_state->sam_ldb = talloc_reference(secret_state, secrets_db_connect(mem_ctx)); /* search for the secret record */ - ret = samdb_search(secret_state->sam_ldb, + ret = gendb_search(secret_state->sam_ldb, mem_ctx, "cn=LSA Secrets", &msgs, attrs, "(&(cn=%s)(objectclass=secret))", name); @@ -1872,7 +1872,7 @@ static NTSTATUS lsa_OpenSecret(struct dcesrv_call_state *dce_call, TALLOC_CTX *m } /* search for the secret record */ - ret = samdb_search(secret_state->sam_ldb, + ret = gendb_search(secret_state->sam_ldb, mem_ctx, policy_state->system_dn, &msgs, attrs, "(&(cn=%s Secret)(objectclass=secret))", name); @@ -1895,7 +1895,7 @@ static NTSTATUS lsa_OpenSecret(struct dcesrv_call_state *dce_call, TALLOC_CTX *m } /* search for the secret record */ - ret = samdb_search(secret_state->sam_ldb, + ret = gendb_search(secret_state->sam_ldb, mem_ctx, "cn=LSA Secrets", &msgs, attrs, "(&(cn=%s)(objectclass=secret))", name); @@ -2048,7 +2048,7 @@ static NTSTATUS lsa_SetSecret(struct dcesrv_call_state *dce_call, TALLOC_CTX *me }; /* search for the secret record */ - ret = samdb_search(secret_state->sam_ldb, + ret = gendb_search(secret_state->sam_ldb, mem_ctx, NULL, &res, attrs, "(dn=%s)", secret_state->secret_dn); if (ret == 0) { @@ -2121,7 +2121,7 @@ static NTSTATUS lsa_QuerySecret(struct dcesrv_call_state *dce_call, TALLOC_CTX * secret_state = h->data; /* pull all the user attributes */ - ret = samdb_search(secret_state->sam_ldb, mem_ctx, NULL, &res, attrs, + ret = gendb_search(secret_state->sam_ldb, mem_ctx, NULL, &res, attrs, "dn=%s", secret_state->secret_dn); if (ret != 1) { return NT_STATUS_INTERNAL_DB_CORRUPTION; @@ -2340,7 +2340,7 @@ static NTSTATUS lsa_EnumAccountsWithUserRight(struct dcesrv_call_state *dce_call return NT_STATUS_NO_SUCH_PRIVILEGE; } - ret = samdb_search(state->sam_ldb, mem_ctx, NULL, &res, attrs, + ret = gendb_search(state->sam_ldb, mem_ctx, NULL, &res, attrs, "privilege=%s", privname); if (ret <= 0) { return NT_STATUS_NO_SUCH_USER; @@ -2541,7 +2541,7 @@ static NTSTATUS lsa_lookup_name(struct lsa_policy_state *state, TALLOC_CTX *mem_ name = p + 1; } - ret = samdb_search(state->sam_ldb, mem_ctx, NULL, &res, attrs, "sAMAccountName=%s", name); + ret = gendb_search(state->sam_ldb, mem_ctx, NULL, &res, attrs, "sAMAccountName=%s", name); if (ret == 1) { const char *sid_str = ldb_msg_find_string(res[0], "objectSid", NULL); if (sid_str == NULL) { diff --git a/source4/rpc_server/netlogon/dcerpc_netlogon.c b/source4/rpc_server/netlogon/dcerpc_netlogon.c index 6a29bf7db8..0b6106d485 100644 --- a/source4/rpc_server/netlogon/dcerpc_netlogon.c +++ b/source4/rpc_server/netlogon/dcerpc_netlogon.c @@ -152,7 +152,7 @@ static NTSTATUS netr_ServerAuthenticate3(struct dcesrv_call_state *dce_call, TAL return NT_STATUS_INVALID_SYSTEM_SERVICE; } /* pull the user attributes */ - num_records = samdb_search(sam_ctx, mem_ctx, NULL, &msgs, attrs, + num_records = gendb_search(sam_ctx, mem_ctx, NULL, &msgs, attrs, "(&(sAMAccountName=%s)(objectclass=user))", r->in.account_name); @@ -327,7 +327,7 @@ static NTSTATUS netr_ServerPasswordSet(struct dcesrv_call_state *dce_call, TALLO return NT_STATUS_INVALID_SYSTEM_SERVICE; } /* pull the user attributes */ - num_records = samdb_search(sam_ctx, mem_ctx, NULL, &msgs, attrs, + num_records = gendb_search(sam_ctx, mem_ctx, NULL, &msgs, attrs, "(&(sAMAccountName=%s)(objectclass=user))", pipe_state->creds->account_name); if (num_records == -1) { @@ -353,7 +353,7 @@ static NTSTATUS netr_ServerPasswordSet(struct dcesrv_call_state *dce_call, TALLO } /* find the domain's DN */ - num_records_domain = samdb_search(sam_ctx, mem_ctx, NULL, + num_records_domain = gendb_search(sam_ctx, mem_ctx, NULL, &msgs_domain, domain_attrs, "(&(objectSid=%s)(objectclass=domain))", domain_sid); @@ -951,12 +951,12 @@ static NTSTATUS netr_LogonGetDomainInfo(struct dcesrv_call_state *dce_call, TALL primary domain is also a "trusted" domain, so we need to put the primary domain into the lists of returned trusts as well */ - ret1 = samdb_search(sam_ctx, mem_ctx, NULL, &res1, attrs, "(objectClass=domainDNS)"); + ret1 = gendb_search(sam_ctx, mem_ctx, NULL, &res1, attrs, "(objectClass=domainDNS)"); if (ret1 != 1) { return NT_STATUS_INTERNAL_DB_CORRUPTION; } - ret2 = samdb_search(sam_ctx, mem_ctx, NULL, &res2, attrs, "(objectClass=trustedDomain)"); + ret2 = gendb_search(sam_ctx, mem_ctx, NULL, &res2, attrs, "(objectClass=trustedDomain)"); if (ret2 == -1) { return NT_STATUS_INTERNAL_DB_CORRUPTION; } @@ -1030,7 +1030,7 @@ static NTSTATUS netr_ServerPasswordSet2(struct dcesrv_call_state *dce_call, TALL return NT_STATUS_INVALID_SYSTEM_SERVICE; } /* pull the user attributes */ - num_records = samdb_search(sam_ctx, mem_ctx, NULL, &msgs, attrs, + num_records = gendb_search(sam_ctx, mem_ctx, NULL, &msgs, attrs, "(&(sAMAccountName=%s)(objectclass=user))", pipe_state->creds->account_name); if (num_records == -1) { @@ -1056,7 +1056,7 @@ static NTSTATUS netr_ServerPasswordSet2(struct dcesrv_call_state *dce_call, TALL } /* find the domain's DN */ - num_records_domain = samdb_search(sam_ctx, mem_ctx, NULL, + num_records_domain = gendb_search(sam_ctx, mem_ctx, NULL, &msgs_domain, domain_attrs, "(&(objectSid=%s)(objectclass=domain))", domain_sid); @@ -1160,7 +1160,7 @@ static WERROR netr_DrsGetDCNameEx2(struct dcesrv_call_state *dce_call, TALLOC_CT return WERR_DS_SERVICE_UNAVAILABLE; } - ret = samdb_search(sam_ctx, mem_ctx, NULL, &res, attrs, + ret = gendb_search(sam_ctx, mem_ctx, NULL, &res, attrs, "(&(objectClass=domainDNS)(dnsDomain=%s))", r->in.domain_name); if (ret != 1) { @@ -1248,7 +1248,7 @@ static WERROR netr_DsrEnumerateDomainTrusts(struct dcesrv_call_state *dce_call, return WERR_GENERAL_FAILURE; } - ret = samdb_search(sam_ctx, mem_ctx, NULL, &res, attrs, "(objectClass=domainDNS)"); + ret = gendb_search(sam_ctx, mem_ctx, NULL, &res, attrs, "(objectClass=domainDNS)"); if (ret == -1) { return WERR_GENERAL_FAILURE; } diff --git a/source4/rpc_server/samr/dcesrv_samr.c b/source4/rpc_server/samr/dcesrv_samr.c index 44f3890e44..41074b4128 100644 --- a/source4/rpc_server/samr/dcesrv_samr.c +++ b/source4/rpc_server/samr/dcesrv_samr.c @@ -288,7 +288,7 @@ static NTSTATUS samr_OpenDomain(struct dcesrv_call_state *dce_call, TALLOC_CTX * return NT_STATUS_INVALID_PARAMETER; } - ret = samdb_search(c_state->sam_ctx, + ret = gendb_search(c_state->sam_ctx, mem_ctx, NULL, &msgs, attrs, "(&(objectSid=%s)(objectclass=domain))", sidstr); @@ -343,7 +343,7 @@ static NTSTATUS samr_info_DomInfo1(struct samr_domain_state *state, int ret; struct ldb_message **res; - ret = samdb_search(state->sam_ctx, mem_ctx, NULL, &res, attrs, + ret = gendb_search(state->sam_ctx, mem_ctx, NULL, &res, attrs, "dn=%s", state->domain_dn); if (ret != 1) { return NT_STATUS_INTERNAL_DB_CORRUPTION; @@ -373,7 +373,7 @@ static NTSTATUS samr_info_DomInfo2(struct samr_domain_state *state, TALLOC_CTX * int ret; struct ldb_message **res; - ret = samdb_search(state->sam_ctx, mem_ctx, NULL, &res, attrs, + ret = gendb_search(state->sam_ctx, mem_ctx, NULL, &res, attrs, "dn=%s", state->domain_dn); if (ret != 1) { return NT_STATUS_INTERNAL_DB_CORRUPTION; @@ -887,7 +887,7 @@ static NTSTATUS samr_EnumDomainUsers(struct dcesrv_call_state *dce_call, TALLOC_ /* search for all users in this domain. This could possibly be cached and resumed based on resume_key */ - count = samdb_search(d_state->sam_ctx, mem_ctx, d_state->domain_dn, &res, attrs, + count = gendb_search(d_state->sam_ctx, mem_ctx, d_state->domain_dn, &res, attrs, "objectclass=user"); if (count == -1) { return NT_STATUS_INTERNAL_DB_CORRUPTION; @@ -1288,7 +1288,7 @@ static NTSTATUS samr_LookupNames(struct dcesrv_call_state *dce_call, TALLOC_CTX r->out.rids.ids[i] = 0; r->out.types.ids[i] = SID_NAME_UNKNOWN; - count = samdb_search(d_state->sam_ctx, mem_ctx, d_state->domain_dn, &res, attrs, + count = gendb_search(d_state->sam_ctx, mem_ctx, d_state->domain_dn, &res, attrs, "sAMAccountName=%s", r->in.names[i].string); if (count != 1) { status = STATUS_SOME_UNMAPPED; @@ -1367,7 +1367,7 @@ static NTSTATUS samr_LookupRids(struct dcesrv_call_state *dce_call, TALLOC_CTX * ids[i] = SID_NAME_UNKNOWN; - count = samdb_search(d_state->sam_ctx, mem_ctx, + count = gendb_search(d_state->sam_ctx, mem_ctx, d_state->domain_dn, &res, attrs, "(objectSid=%s-%u)", d_state->domain_sid, r->in.rids[i]); @@ -1431,7 +1431,7 @@ static NTSTATUS samr_OpenGroup(struct dcesrv_call_state *dce_call, TALLOC_CTX *m } /* search for the group record */ - ret = samdb_search(d_state->sam_ctx, + ret = gendb_search(d_state->sam_ctx, mem_ctx, d_state->domain_dn, &msgs, attrs, "(&(objectSid=%s)(objectclass=group)" "(grouptype=%s))", @@ -1547,7 +1547,7 @@ static NTSTATUS samr_QueryGroupInfo(struct dcesrv_call_state *dce_call, TALLOC_C a_state = h->data; /* pull all the group attributes */ - ret = samdb_search(a_state->sam_ctx, mem_ctx, NULL, &res, attrs, + ret = gendb_search(a_state->sam_ctx, mem_ctx, NULL, &res, attrs, "dn=%s", a_state->account_dn); if (ret != 1) { return NT_STATUS_INTERNAL_DB_CORRUPTION; @@ -1667,7 +1667,7 @@ static NTSTATUS samr_AddGroupMember(struct dcesrv_call_state *dce_call, TALLOC_C /* In native mode, AD can also nest domain groups. Not sure yet * whether this is also available via RPC. */ - ret = samdb_search(d_state->sam_ctx, mem_ctx, d_state->domain_dn, + ret = gendb_search(d_state->sam_ctx, mem_ctx, d_state->domain_dn, &msgs, attrs, "(&(objectSid=%s)(objectclass=user))", membersidstr); @@ -1755,7 +1755,7 @@ static NTSTATUS samr_DeleteGroupMember(struct dcesrv_call_state *dce_call, TALLO /* In native mode, AD can also nest domain groups. Not sure yet * whether this is also available via RPC. */ - ret = samdb_search(d_state->sam_ctx, mem_ctx, d_state->domain_dn, + ret = gendb_search(d_state->sam_ctx, mem_ctx, d_state->domain_dn, &msgs, attrs, "(&(objectSid=%s)(objectclass=user))", membersidstr); @@ -1807,7 +1807,7 @@ static NTSTATUS samr_QueryGroupMember(struct dcesrv_call_state *dce_call, TALLOC a_state = h->data; /* pull the member attribute */ - ret = samdb_search(a_state->sam_ctx, mem_ctx, NULL, &res, attrs, + ret = gendb_search(a_state->sam_ctx, mem_ctx, NULL, &res, attrs, "dn=%s", a_state->account_dn); if (ret != 1) { @@ -1841,7 +1841,7 @@ static NTSTATUS samr_QueryGroupMember(struct dcesrv_call_state *dce_call, TALLOC for (i=0; i<el->num_values; i++) { struct ldb_message **res2; const char * const attrs2[2] = { "objectSid", NULL }; - ret = samdb_search(a_state->sam_ctx, mem_ctx, NULL, + ret = gendb_search(a_state->sam_ctx, mem_ctx, NULL, &res2, attrs2, "dn=%s", (char *)el->values[i].data); if (ret != 1) @@ -1902,7 +1902,7 @@ static NTSTATUS samr_OpenAlias(struct dcesrv_call_state *dce_call, TALLOC_CTX *m return NT_STATUS_NO_MEMORY; /* search for the group record */ - ret = samdb_search(d_state->sam_ctx, + ret = gendb_search(d_state->sam_ctx, mem_ctx, d_state->domain_dn, &msgs, attrs, "(&(objectSid=%s)(objectclass=group)" "(|(grouptype=%s)(grouptype=%s)))", @@ -1973,7 +1973,7 @@ static NTSTATUS samr_QueryAliasInfo(struct dcesrv_call_state *dce_call, TALLOC_C a_state = h->data; /* pull all the alias attributes */ - ret = samdb_search(a_state->sam_ctx, mem_ctx, NULL, &res, attrs, + ret = gendb_search(a_state->sam_ctx, mem_ctx, NULL, &res, attrs, "dn=%s", a_state->account_dn); if (ret != 1) { return NT_STATUS_INTERNAL_DB_CORRUPTION; @@ -2092,7 +2092,7 @@ static NTSTATUS samr_AddAliasMember(struct dcesrv_call_state *dce_call, TALLOC_C if (sidstr == NULL) return NT_STATUS_INVALID_PARAMETER; - ret = samdb_search(d_state->sam_ctx, mem_ctx, NULL, + ret = gendb_search(d_state->sam_ctx, mem_ctx, NULL, &msgs, attrs, "(objectsid=%s)", sidstr); if (ret == 1) { @@ -2269,7 +2269,7 @@ static NTSTATUS samr_GetMembersInAlias(struct dcesrv_call_state *dce_call, TALLO a_state = h->data; d_state = a_state->domain_state; - ret = samdb_search(d_state->sam_ctx, mem_ctx, NULL, &msgs, attrs, + ret = gendb_search(d_state->sam_ctx, mem_ctx, NULL, &msgs, attrs, "dn=%s", a_state->account_dn); if (ret != 1) @@ -2292,7 +2292,7 @@ static NTSTATUS samr_GetMembersInAlias(struct dcesrv_call_state *dce_call, TALLO for (i=0; i<el->num_values; i++) { struct ldb_message **msgs2; const char * const attrs2[2] = { "objectSid", NULL }; - ret = samdb_search(a_state->sam_ctx, mem_ctx, NULL, + ret = gendb_search(a_state->sam_ctx, mem_ctx, NULL, &msgs2, attrs2, "dn=%s", (char *)el->values[i].data); if (ret != 1) @@ -2339,7 +2339,7 @@ static NTSTATUS samr_OpenUser(struct dcesrv_call_state *dce_call, TALLOC_CTX *me } /* search for the user record */ - ret = samdb_search(d_state->sam_ctx, + ret = gendb_search(d_state->sam_ctx, mem_ctx, d_state->domain_dn, &msgs, attrs, "(&(objectSid=%s)(objectclass=user))", sidstr); @@ -2431,7 +2431,7 @@ static NTSTATUS samr_QueryUserInfo(struct dcesrv_call_state *dce_call, TALLOC_CT a_state = h->data; /* pull all the user attributes */ - ret = samdb_search(a_state->sam_ctx, mem_ctx, NULL, &res, NULL, + ret = gendb_search(a_state->sam_ctx, mem_ctx, NULL, &res, NULL, "dn=%s", a_state->account_dn); if (ret != 1) { return NT_STATUS_INTERNAL_DB_CORRUPTION; @@ -3362,7 +3362,7 @@ static NTSTATUS samr_GetDomPwInfo(struct dcesrv_call_state *dce_call, TALLOC_CTX return NT_STATUS_INVALID_SYSTEM_SERVICE; } - ret = samdb_search(sam_ctx, + ret = gendb_search(sam_ctx, mem_ctx, NULL, &msgs, attrs, "(&(name=%s)(objectclass=domain))", lp_workgroup()); diff --git a/source4/rpc_server/samr/samr_password.c b/source4/rpc_server/samr/samr_password.c index 468f02d831..f5390cc1d5 100644 --- a/source4/rpc_server/samr/samr_password.c +++ b/source4/rpc_server/samr/samr_password.c @@ -50,7 +50,7 @@ NTSTATUS samr_ChangePasswordUser(struct dcesrv_call_state *dce_call, TALLOC_CTX a_state = h->data; /* fetch the old hashes */ - ret = samdb_search(a_state->sam_ctx, mem_ctx, NULL, &res, attrs, + ret = gendb_search(a_state->sam_ctx, mem_ctx, NULL, &res, attrs, "dn=%s", a_state->account_dn); if (ret != 1) { return NT_STATUS_INTERNAL_DB_CORRUPTION; @@ -167,7 +167,7 @@ NTSTATUS samr_OemChangePasswordUser2(struct dcesrv_call_state *dce_call, TALLOC_ /* we need the users dn and the domain dn (derived from the user SID). We also need the current lm password hash in order to decrypt the incoming password */ - ret = samdb_search(sam_ctx, + ret = gendb_search(sam_ctx, mem_ctx, NULL, &res, attrs, "(&(sAMAccountName=%s)(objectclass=user))", r->in.account->string); @@ -295,7 +295,7 @@ NTSTATUS samr_ChangePasswordUser3(struct dcesrv_call_state *dce_call, /* we need the users dn and the domain dn (derived from the user SID). We also need the current lm and nt password hashes in order to decrypt the incoming passwords */ - ret = samdb_search(sam_ctx, + ret = gendb_search(sam_ctx, mem_ctx, NULL, &res, attrs, "(&(sAMAccountName=%s)(objectclass=user))", r->in.account->string); @@ -400,7 +400,7 @@ NTSTATUS samr_ChangePasswordUser3(struct dcesrv_call_state *dce_call, return NT_STATUS_OK; failed: - ret = samdb_search(sam_ctx, + ret = gendb_search(sam_ctx, mem_ctx, NULL, &res, dom_attrs, "dn=%s", domain_dn); @@ -517,7 +517,7 @@ NTSTATUS samdb_set_password(void *ctx, TALLOC_CTX *mem_ctx, unix_to_nt_time(&now_nt, now); /* pull all the user parameters */ - count = samdb_search(ctx, mem_ctx, NULL, &res, user_attrs, "dn=%s", user_dn); + count = gendb_search(ctx, mem_ctx, NULL, &res, user_attrs, "dn=%s", user_dn); if (count != 1) { return NT_STATUS_INTERNAL_DB_CORRUPTION; } @@ -533,7 +533,7 @@ NTSTATUS samdb_set_password(void *ctx, TALLOC_CTX *mem_ctx, pwdLastSet = samdb_result_uint64(res[0], "pwdLastSet", 0); /* pull the domain parameters */ - count = samdb_search(ctx, mem_ctx, NULL, &res, domain_attrs, "dn=%s", domain_dn); + count = gendb_search(ctx, mem_ctx, NULL, &res, domain_attrs, "dn=%s", domain_dn); if (count != 1) { return NT_STATUS_INTERNAL_DB_CORRUPTION; } |