From 1fde679daec85e2d9c24a05566a8bae18a6ee0fb Mon Sep 17 00:00:00 2001
From: Andrew Bartlett <abartlet@samba.org>
Date: Wed, 14 Jun 2006 23:50:58 +0000
Subject: r16238: Use a baseDN for the auth_sam searches, to allow continued
 function with partitions.

Also fix some debug messages.

Andrew Bartlett
(This used to be commit a2441ae99a6c3b4bf40f5369477a9bc0f3019c34)
---
 source4/auth/auth_sam.c | 13 ++++++++-----
 source4/auth/sam.c      |  5 +++--
 2 files changed, 11 insertions(+), 7 deletions(-)

diff --git a/source4/auth/auth_sam.c b/source4/auth/auth_sam.c
index dbf79bd34d..96d8a0d40a 100644
--- a/source4/auth/auth_sam.c
+++ b/source4/auth/auth_sam.c
@@ -45,6 +45,7 @@ static NTSTATUS authsam_search_account(TALLOC_CTX *mem_ctx, struct ldb_context *
 	struct ldb_message **msgs_tmp;
 	struct ldb_message **msgs;
 	struct ldb_message **msgs_domain_ref;
+	const struct ldb_dn *partitions_basedn = ldb_dn_string_compose(mem_ctx, samdb_base_dn(mem_ctx), "CN=Partitions,CN=Configuration");
 
 	int ret;
 	int ret_domain;
@@ -54,7 +55,7 @@ static NTSTATUS authsam_search_account(TALLOC_CTX *mem_ctx, struct ldb_context *
 	if (domain_name) {
 		char *escaped_domain = ldb_binary_encode_string(mem_ctx, domain_name);
 		/* find the domain's DN */
-		ret_domain = gendb_search(sam_ctx, mem_ctx, NULL, &msgs_domain_ref, domain_ref_attrs,
+		ret_domain = gendb_search(sam_ctx, mem_ctx, partitions_basedn, &msgs_domain_ref, domain_ref_attrs,
 					  "(&(&(|(&(dnsRoot=%s)(nETBIOSName=*))(nETBIOSName=%s))(objectclass=crossRef))(ncName=*))", 
 					  escaped_domain, escaped_domain);
 		if (ret_domain == -1) {
@@ -74,6 +75,8 @@ static NTSTATUS authsam_search_account(TALLOC_CTX *mem_ctx, struct ldb_context *
 		}
 
 		domain_dn = samdb_result_dn(mem_ctx, msgs_domain_ref[0], "nCName", NULL);
+	} else {
+		domain_dn = samdb_base_dn(mem_ctx);
 	}
 
 	/* pull the user attributes */
@@ -85,8 +88,8 @@ static NTSTATUS authsam_search_account(TALLOC_CTX *mem_ctx, struct ldb_context *
 	}
 
 	if (ret == 0) {
-		DEBUG(3,("sam_search_user: Couldn't find user [%s] in samdb.\n", 
-			 account_name));
+		DEBUG(3,("sam_search_user: Couldn't find user [%s\\%s] in samdb, under %s\n", 
+			 domain_name, account_name, ldb_dn_linearize(mem_ctx, domain_dn)));
 		return NT_STATUS_NO_SUCH_USER;
 	}
 
@@ -104,7 +107,7 @@ static NTSTATUS authsam_search_account(TALLOC_CTX *mem_ctx, struct ldb_context *
 		}
 
 		/* find the domain's DN */
-		ret = gendb_search(sam_ctx, mem_ctx, NULL, &msgs_tmp, NULL,
+		ret = gendb_search(sam_ctx, mem_ctx, samdb_base_dn(mem_ctx), &msgs_tmp, NULL,
 				   "(&(objectSid=%s)(objectclass=domain))", 
 				   ldap_encode_ndr_dom_sid(mem_ctx, domain_sid));
 		if (ret == -1) {
@@ -123,7 +126,7 @@ static NTSTATUS authsam_search_account(TALLOC_CTX *mem_ctx, struct ldb_context *
 			return NT_STATUS_INTERNAL_DB_CORRUPTION;
 		}
 
-		ret_domain = gendb_search(sam_ctx, mem_ctx, NULL, &msgs_domain_ref, domain_ref_attrs,
+		ret_domain = gendb_search(sam_ctx, mem_ctx, partitions_basedn, &msgs_domain_ref, domain_ref_attrs,
 					  "(nCName=%s)", ldb_dn_linearize(msgs_tmp, msgs_tmp[0]->dn));
 
 		if (ret_domain == -1) {
diff --git a/source4/auth/sam.c b/source4/auth/sam.c
index 0e9fa5c02e..e7f70aa370 100644
--- a/source4/auth/sam.c
+++ b/source4/auth/sam.c
@@ -206,7 +206,7 @@ _PUBLIC_ NTSTATUS authsam_make_server_info(TALLOC_CTX *mem_ctx, struct ldb_conte
 	TALLOC_CTX *tmp_ctx = talloc_new(mem_ctx);
 
 	group_ret = gendb_search(sam_ctx,
-				 tmp_ctx, NULL, &group_msgs, group_attrs,
+				 tmp_ctx, samdb_base_dn(tmp_ctx), &group_msgs, group_attrs,
 				 "(&(member=%s)(sAMAccountType=*))", 
 				 ldb_dn_linearize(tmp_ctx, msg->dn));
 	if (group_ret == -1) {
@@ -321,6 +321,7 @@ _PUBLIC_ NTSTATUS sam_get_results_principal(struct ldb_context *sam_ctx,
 	NTSTATUS nt_status;
 	TALLOC_CTX *tmp_ctx = talloc_new(mem_ctx);
 	int ret;
+	const struct ldb_dn *partitions_basedn = ldb_dn_string_compose(mem_ctx, samdb_base_dn(mem_ctx), "CN=Partitions,CN=Configuration");
 
 	if (!tmp_ctx) {
 		return NT_STATUS_NO_MEMORY;
@@ -333,7 +334,7 @@ _PUBLIC_ NTSTATUS sam_get_results_principal(struct ldb_context *sam_ctx,
 	}
 	
 	/* grab domain info from the reference */
-	ret = gendb_search(sam_ctx, tmp_ctx, NULL, msgs_domain_ref, domain_ref_attrs,
+	ret = gendb_search(sam_ctx, tmp_ctx, partitions_basedn, msgs_domain_ref, domain_ref_attrs,
 			   "(ncName=%s)", ldb_dn_linearize(tmp_ctx, domain_dn));
 
 	if (ret != 1) {
-- 
cgit