diff options
Diffstat (limited to 'source4')
-rw-r--r-- | source4/dsdb/samdb/ldb_modules/repl_meta_data.c | 140 | ||||
-rw-r--r-- | source4/torture/libnet/libnet_BecomeDC.c | 37 |
2 files changed, 32 insertions, 145 deletions
diff --git a/source4/dsdb/samdb/ldb_modules/repl_meta_data.c b/source4/dsdb/samdb/ldb_modules/repl_meta_data.c index 5a3cc4bef4..a21cf250cb 100644 --- a/source4/dsdb/samdb/ldb_modules/repl_meta_data.c +++ b/source4/dsdb/samdb/ldb_modules/repl_meta_data.c @@ -240,12 +240,9 @@ static int replmd_prepare_originating(struct ldb_module *module, struct ldb_requ struct ldb_dn *dn, const char *fn_name, int (*fn)(struct ldb_module *, struct ldb_request *, - const struct dsdb_schema *, - const struct dsdb_control_current_partition *)) + const struct dsdb_schema *)) { const struct dsdb_schema *schema; - const struct ldb_control *partition_ctrl; - const struct dsdb_control_current_partition *partition; /* do not manipulate our control entries */ if (ldb_dn_is_special(dn)) { @@ -260,46 +257,16 @@ static int replmd_prepare_originating(struct ldb_module *module, struct ldb_requ return LDB_ERR_CONSTRAINT_VIOLATION; } - partition_ctrl = ldb_request_get_control(req, DSDB_CONTROL_CURRENT_PARTITION_OID); - if (!partition_ctrl) { - ldb_debug_set(module->ldb, LDB_DEBUG_FATAL, - "%s: no current partition control found", - fn_name); - return LDB_ERR_CONSTRAINT_VIOLATION; - } - - partition = talloc_get_type(partition_ctrl->data, - struct dsdb_control_current_partition); - if (!partition) { - ldb_debug_set(module->ldb, LDB_DEBUG_FATAL, - "%s: current partition control contains invalid data", - fn_name); - return LDB_ERR_CONSTRAINT_VIOLATION; - } - - if (partition->version != DSDB_CONTROL_CURRENT_PARTITION_VERSION) { - ldb_debug_set(module->ldb, LDB_DEBUG_FATAL, - "%s: current partition control contains invalid version [%u != %u]\n", - fn_name, partition->version, DSDB_CONTROL_CURRENT_PARTITION_VERSION); - return LDB_ERR_CONSTRAINT_VIOLATION; - } - - return fn(module, req, schema, partition); + return fn(module, req, schema); } static int replmd_add_originating(struct ldb_module *module, struct ldb_request *req, - const struct dsdb_schema *schema, - const struct dsdb_control_current_partition *partition) + const struct dsdb_schema *schema) { enum ndr_err_code ndr_err; struct ldb_request *down_req; struct ldb_message *msg; - uint32_t instance_type; - struct ldb_dn *new_dn; - const char *rdn_name; - const char *rdn_name_upper; - const struct ldb_val *rdn_value = NULL; const struct dsdb_attribute *rdn_attr = NULL; struct GUID guid; struct ldb_val guid_value; @@ -321,12 +288,6 @@ static int replmd_add_originating(struct ldb_module *module, return LDB_ERR_UNWILLING_TO_PERFORM; } - if (ldb_msg_find_element(req->op.add.message, "instanceType")) { - ldb_debug_set(module->ldb, LDB_DEBUG_ERROR, - "replmd_add_originating: it's not allowed to add an object with instanceType\n"); - return LDB_ERR_UNWILLING_TO_PERFORM; - } - /* Get a sequence number from the backend */ ret = ldb_sequence_number(module->ldb, LDB_SEQ_NEXT, &seq_num); if (ret != LDB_SUCCESS) { @@ -368,32 +329,9 @@ static int replmd_add_originating(struct ldb_module *module, return LDB_ERR_OPERATIONS_ERROR; } - /* - * get details of the rdn name - */ - rdn_name = ldb_dn_get_rdn_name(msg->dn); - if (!rdn_name) { - talloc_free(down_req); - ldb_oom(module->ldb); - return LDB_ERR_OPERATIONS_ERROR; - } - rdn_attr = dsdb_attribute_by_lDAPDisplayName(schema, rdn_name); - if (!rdn_attr) { - talloc_free(down_req); - return LDB_ERR_OPERATIONS_ERROR; - } - rdn_value = ldb_dn_get_rdn_val(msg->dn); - if (!rdn_value) { - talloc_free(down_req); - ldb_oom(module->ldb); - return LDB_ERR_OPERATIONS_ERROR; - } - /* * remove autogenerated attributes */ - ldb_msg_remove_attr(msg, rdn_name); - ldb_msg_remove_attr(msg, "name"); ldb_msg_remove_attr(msg, "whenCreated"); ldb_msg_remove_attr(msg, "whenChanged"); ldb_msg_remove_attr(msg, "uSNCreated"); @@ -401,69 +339,14 @@ static int replmd_add_originating(struct ldb_module *module, ldb_msg_remove_attr(msg, "replPropertyMetaData"); /* - * TODO: construct a new DN out of: - * - the parent DN - * - the upper case of rdn_attr->LDAPDisplayName - * - rdn_value - */ - new_dn = ldb_dn_copy(msg, msg->dn); - if (!new_dn) { - talloc_free(down_req); - ldb_oom(module->ldb); - return LDB_ERR_OPERATIONS_ERROR; - } - rdn_name_upper = strupper_talloc(msg, rdn_attr->lDAPDisplayName); - if (!rdn_name_upper) { - talloc_free(down_req); - ldb_oom(module->ldb); - return LDB_ERR_OPERATIONS_ERROR; - } - ret = ldb_dn_set_component(new_dn, 0, rdn_name_upper, *rdn_value); - if (ret != LDB_SUCCESS) { - talloc_free(down_req); - ldb_oom(module->ldb); - return LDB_ERR_OPERATIONS_ERROR; - } - msg->dn = new_dn; - - /* - * TODO: calculate correct instance type - */ - instance_type = INSTANCE_TYPE_WRITE; - if (ldb_dn_compare(partition->dn, msg->dn) == 0) { - instance_type |= INSTANCE_TYPE_IS_NC_HEAD; - if (ldb_dn_compare(msg->dn, samdb_base_dn(module->ldb)) != 0) { - instance_type |= INSTANCE_TYPE_NC_ABOVE; - } - } - - /* * readd replicated attributes */ - ret = ldb_msg_add_value(msg, rdn_attr->lDAPDisplayName, rdn_value, NULL); - if (ret != LDB_SUCCESS) { - talloc_free(down_req); - ldb_oom(module->ldb); - return LDB_ERR_OPERATIONS_ERROR; - } - ret = ldb_msg_add_value(msg, "name", rdn_value, NULL); - if (ret != LDB_SUCCESS) { - talloc_free(down_req); - ldb_oom(module->ldb); - return LDB_ERR_OPERATIONS_ERROR; - } ret = ldb_msg_add_string(msg, "whenCreated", time_str); if (ret != LDB_SUCCESS) { talloc_free(down_req); ldb_oom(module->ldb); return LDB_ERR_OPERATIONS_ERROR; } - ret = ldb_msg_add_fmt(msg, "instanceType", "%u", instance_type); - if (ret != LDB_SUCCESS) { - talloc_free(down_req); - ldb_oom(module->ldb); - return LDB_ERR_OPERATIONS_ERROR; - } /* build the replication meta_data */ ZERO_STRUCT(nmd); @@ -598,8 +481,7 @@ static int replmd_add(struct ldb_module *module, struct ldb_request *req) static int replmd_modify_originating(struct ldb_module *module, struct ldb_request *req, - const struct dsdb_schema *schema, - const struct dsdb_control_current_partition *partition) + const struct dsdb_schema *schema) { struct ldb_request *down_req; struct ldb_message *msg; @@ -806,10 +688,16 @@ static int replmd_replicated_apply_add(struct replmd_replicated_request *ar) return ldb_next_request(ar->module, ar->sub.change_req); #else ret = ldb_next_request(ar->module, ar->sub.change_req); - if (ret != LDB_SUCCESS) return replmd_replicated_request_error(ar, ret); + if (ret != LDB_SUCCESS) { + ldb_asprintf_errstring(ar->module->ldb, "Failed to add replicated object %s: %s", ldb_dn_get_linearized(ar->sub.change_req->op.add.message->dn), + ldb_errstring(ar->module->ldb)); + return replmd_replicated_request_error(ar, ret); + } - ar->sub.change_ret = ldb_wait(ar->sub.search_req->handle, LDB_WAIT_ALL); + ar->sub.change_ret = ldb_wait(ar->sub.change_req->handle, LDB_WAIT_ALL); if (ar->sub.change_ret != LDB_SUCCESS) { + ldb_asprintf_errstring(ar->module->ldb, "Failed while waiting on add replicated object %s: %s", ldb_dn_get_linearized(ar->sub.change_req->op.add.message->dn), + ldb_errstring(ar->module->ldb)); return replmd_replicated_request_error(ar, ar->sub.change_ret); } @@ -1053,7 +941,7 @@ static int replmd_replicated_apply_merge(struct replmd_replicated_request *ar) ret = ldb_next_request(ar->module, ar->sub.change_req); if (ret != LDB_SUCCESS) return replmd_replicated_request_error(ar, ret); - ar->sub.change_ret = ldb_wait(ar->sub.search_req->handle, LDB_WAIT_ALL); + ar->sub.change_ret = ldb_wait(ar->sub.change_req->handle, LDB_WAIT_ALL); if (ar->sub.change_ret != LDB_SUCCESS) { return replmd_replicated_request_error(ar, ar->sub.change_ret); } @@ -1137,7 +1025,7 @@ static int replmd_replicated_apply_search(struct replmd_replicated_request *ar) if (ret != LDB_SUCCESS) return replmd_replicated_request_error(ar, ret); ar->sub.search_ret = ldb_wait(ar->sub.search_req->handle, LDB_WAIT_ALL); - if (ar->sub.search_ret != LDB_SUCCESS) { + if (ar->sub.search_ret != LDB_SUCCESS && ar->sub.search_ret != LDB_ERR_NO_SUCH_OBJECT) { return replmd_replicated_request_error(ar, ar->sub.search_ret); } if (ar->sub.search_msg) { diff --git a/source4/torture/libnet/libnet_BecomeDC.c b/source4/torture/libnet/libnet_BecomeDC.c index 10625b25de..932498a517 100644 --- a/source4/torture/libnet/libnet_BecomeDC.c +++ b/source4/torture/libnet/libnet_BecomeDC.c @@ -60,7 +60,9 @@ struct test_become_dc_state { const char *configdn_ldb; const char *schemadn_ldb; const char *secrets_ldb; + const char *templates_ldb; const char *secrets_keytab; + const char *dns_keytab; } path; }; @@ -195,25 +197,13 @@ static NTSTATUS test_become_dc_prepare_db(void *private_data, "subobj.SCHEMADN = \"%s\";\n" "subobj.SCHEMADN_LDB = \"%s\";\n" "subobj.HOSTNAME = \"%s\";\n" - "subobj.DNSNAME = \"%s\";\n" + "subobj.REALM = \"%s\";\n" + "subobj.DOMAIN = \"%s\";\n" "subobj.DEFAULTSITE = \"%s\";\n" "\n" - "modules_list = new Array(\"rootdse\",\n" - " \"kludge_acl\",\n" - " \"paged_results\",\n" - " \"server_sort\",\n" - " \"extended_dn\",\n" - " \"asq\",\n" - " \"samldb\",\n" - " \"operational\",\n" - " \"objectclass\",\n" - " \"rdn_name\",\n" - " \"show_deleted\",\n" - " \"partition\");\n" - "subobj.MODULES_LIST = join(\",\", modules_list);\n" - "subobj.DOMAINDN_MOD = \"pdc_fsmo,password_hash,repl_meta_data\";\n" - "subobj.CONFIGDN_MOD = \"naming_fsmo,repl_meta_data\";\n" - "subobj.SCHEMADN_MOD = \"schema_fsmo,repl_meta_data\";\n" + "subobj.DOMAINDN_MOD2 = \",repl_meta_data\";\n" + "subobj.CONFIGDN_MOD2 = \",repl_meta_data\";\n" + "subobj.SCHEMADN_MOD2 = \",repl_meta_data\";\n" "\n" "subobj.KRBTGTPASS = \"_NOT_USED_\";\n" "subobj.MACHINEPASS = \"%s\";\n" @@ -222,7 +212,9 @@ static NTSTATUS test_become_dc_prepare_db(void *private_data, "var paths = provision_default_paths(subobj);\n" "paths.samdb = \"%s\";\n" "paths.secrets = \"%s\";\n" + "paths.templates = \"%s\";\n" "paths.keytab = \"%s\";\n" + "paths.dns_keytab = \"%s\";\n" "\n" "var system_session = system_session();\n" "\n" @@ -238,12 +230,15 @@ static NTSTATUS test_become_dc_prepare_db(void *private_data, p->forest->schema_dn_str, /* subobj.SCHEMADN */ s->path.schemadn_ldb, /* subobj.SCHEMADN_LDB */ p->dest_dsa->netbios_name, /* subobj.HOSTNAME */ - p->dest_dsa->dns_name, /* subobj.DNSNAME */ + torture_join_dom_dns_name(s->tj),/* subobj.REALM */ + torture_join_dom_netbios_name(s->tj),/* subobj.DOMAIN */ p->dest_dsa->site_name, /* subobj.DEFAULTSITE */ cli_credentials_get_password(s->machine_account),/* subobj.MACHINEPASS */ s->path.samdb_ldb, /* paths.samdb */ + s->path.templates_ldb, /* paths.templates */ s->path.secrets_ldb, /* paths.secrets */ - s->path.secrets_keytab); /* paths.keytab */ + s->path.secrets_keytab, /* paths.keytab */ + s->path.dns_keytab); /* paths.dns_keytab */ NT_STATUS_HAVE_NO_MEMORY(ejs); ret = test_run_ejs(ejs); @@ -854,8 +849,12 @@ bool torture_net_become_dc(struct torture_context *torture) if (!s->path.schemadn_ldb) return false; s->path.secrets_ldb = talloc_asprintf(s, "%s_secrets.ldb", s->netbios_name); if (!s->path.secrets_ldb) return false; + s->path.templates_ldb = talloc_asprintf(s, "%s_templates.ldb", s->netbios_name); + if (!s->path.templates_ldb) return false; s->path.secrets_keytab = talloc_asprintf(s, "%s_secrets.keytab", s->netbios_name); if (!s->path.secrets_keytab) return false; + s->path.dns_keytab = talloc_asprintf(s, "%s_dns.keytab", s->netbios_name); + if (!s->path.dns_keytab) return false; /* Join domain as a member server. */ s->tj = torture_join_domain(torture, s->netbios_name, |