From 61aaf82b6280292ad29439b15ab3bcde065a4c45 Mon Sep 17 00:00:00 2001 From: Simo Sorce Date: Fri, 26 Aug 2005 16:12:25 +0000 Subject: r9654: introduce the samdb_search_dn call (This used to be commit 333ebb40d55c60465564b894d5028b364e99ee00) --- source4/dsdb/samdb/samdb.c | 22 ++++++++++++++++++++++ source4/libnet/libnet_samsync_ldb.c | 8 +++----- source4/rpc_server/lsa/dcesrv_lsa.c | 22 +++++++--------------- source4/rpc_server/samr/dcesrv_samr.c | 7 ++----- source4/rpc_server/samr/samr_password.c | 14 ++++++-------- 5 files changed, 40 insertions(+), 33 deletions(-) diff --git a/source4/dsdb/samdb/samdb.c b/source4/dsdb/samdb/samdb.c index 9cb9a93446..aed47d1ed2 100644 --- a/source4/dsdb/samdb/samdb.c +++ b/source4/dsdb/samdb/samdb.c @@ -127,6 +127,28 @@ const char *samdb_search_string(struct ldb_context *sam_ldb, return str; } +struct ldb_dn *samdb_search_dn(struct ldb_context *sam_ldb, + TALLOC_CTX *mem_ctx, + const struct ldb_dn *basedn, + const char *format, ...) _PRINTF_ATTRIBUTE(4,5) +{ + va_list ap; + struct ldb_dn *ret; + struct ldb_message **res = NULL; + int count; + + va_start(ap, format); + count = gendb_search_v(sam_ldb, mem_ctx, basedn, &res, NULL, format, ap); + va_end(ap); + + if (count != 1) return NULL; + + ret = talloc_steal(mem_ctx, res[0]->dn); + talloc_free(res); + + return ret; +} + /* search the sam for a dom_sid attribute in exactly 1 record */ diff --git a/source4/libnet/libnet_samsync_ldb.c b/source4/libnet/libnet_samsync_ldb.c index f595880e8e..837170afac 100644 --- a/source4/libnet/libnet_samsync_ldb.c +++ b/source4/libnet/libnet_samsync_ldb.c @@ -58,11 +58,9 @@ static NTSTATUS samsync_ldb_add_foreignSecurityPrincipal(TALLOC_CTX *mem_ctx, { const char *sidstr = dom_sid_string(mem_ctx, sid); /* We assume that ForeignSecurityPrincipals are under the BASEDN of the main domain */ - struct ldb_dn *basedn = ldb_dn_explode(mem_ctx, - samdb_search_string(state->sam_ldb, mem_ctx, - state->base_dn[SAM_DATABASE_DOMAIN], - "dn", "(&(objectClass=container)" - "(cn=ForeignSecurityPrincipals))")); + struct ldb_dn *basedn = samdb_search_dn(state->sam_ldb, mem_ctx, + state->base_dn[SAM_DATABASE_DOMAIN], + "(&(objectClass=container)(cn=ForeignSecurityPrincipals))"); struct ldb_message *msg; int ret; diff --git a/source4/rpc_server/lsa/dcesrv_lsa.c b/source4/rpc_server/lsa/dcesrv_lsa.c index bac25fcc24..c81eb99a0e 100644 --- a/source4/rpc_server/lsa/dcesrv_lsa.c +++ b/source4/rpc_server/lsa/dcesrv_lsa.c @@ -261,18 +261,15 @@ static NTSTATUS lsa_get_policy_state(struct dcesrv_call_state *dce_call, TALLOC_ /* work out the builtin_dn - useful for so many calls its worth fetching here */ - state->builtin_dn = ldb_dn_explode(state, - samdb_search_string(state->sam_ldb, mem_ctx, NULL, - "dn", "objectClass=builtinDomain")); + state->builtin_dn = samdb_search_dn(state->sam_ldb, mem_ctx, NULL, "objectClass=builtinDomain"); if (!state->builtin_dn) { return NT_STATUS_NO_SUCH_DOMAIN; } /* work out the system_dn - useful for so many calls its worth fetching here */ - state->system_dn = ldb_dn_explode(state, - samdb_search_string(state->sam_ldb, mem_ctx, state->domain_dn, - "dn", "(&(objectClass=container)(cn=System))")); + state->system_dn = samdb_search_dn(state->sam_ldb, mem_ctx, + state->domain_dn, "(&(objectClass=container)(cn=System))"); if (!state->system_dn) { return NT_STATUS_NO_SUCH_DOMAIN; } @@ -1304,13 +1301,9 @@ static NTSTATUS lsa_OpenAccount(struct dcesrv_call_state *dce_call, TALLOC_CTX * } /* check it really exists */ - astate->account_dn = - ldb_dn_explode(mem_ctx, - samdb_search_string(state->sam_ldb, astate, - NULL, "dn", - "(&(objectSid=%s)(objectClass=group))", - ldap_encode_ndr_dom_sid(mem_ctx, - astate->account_sid))); + astate->account_dn = samdb_search_string(state->sam_ldb, astate, + NULL, "(&(objectSid=%s)(objectClass=group))", + ldap_encode_ndr_dom_sid(mem_ctx, astate->account_sid)); if (astate->account_dn == NULL) { talloc_free(astate); return NT_STATUS_NO_SUCH_USER; @@ -1466,8 +1459,7 @@ static NTSTATUS lsa_AddRemoveAccountRights(struct dcesrv_call_state *dce_call, return NT_STATUS_NO_MEMORY; } - dn = samdb_search_string(state->sam_ldb, mem_ctx, NULL, "dn", - "objectSid=%s", sidstr); + dn = samdb_search_dn(state->sam_ldb, mem_ctx, NULL, "objectSid=%s", sidstr); if (dn == NULL) { return NT_STATUS_NO_SUCH_USER; } diff --git a/source4/rpc_server/samr/dcesrv_samr.c b/source4/rpc_server/samr/dcesrv_samr.c index ff15eb43bb..aeea3a120c 100644 --- a/source4/rpc_server/samr/dcesrv_samr.c +++ b/source4/rpc_server/samr/dcesrv_samr.c @@ -2117,11 +2117,8 @@ static NTSTATUS samr_AddAliasMember(struct dcesrv_call_state *dce_call, TALLOC_C * cn=For...,cn=Builtin,dc={BASEDN}. -- vl */ - basedn = ldb_dn_explode(mem_ctx, - samdb_search_string(d_state->sam_ctx, - mem_ctx, NULL, "dn", - "(&(objectClass=container)" - "(cn=ForeignSecurityPrincipals))")); + basedn = samdb_search_dn(d_state->sam_ctx, mem_ctx, NULL, + "(&(objectClass=container)(cn=ForeignSecurityPrincipals))"); if (basedn == NULL) { DEBUG(0, ("Failed to find DN for " diff --git a/source4/rpc_server/samr/samr_password.c b/source4/rpc_server/samr/samr_password.c index c862763101..ab99b69458 100644 --- a/source4/rpc_server/samr/samr_password.c +++ b/source4/rpc_server/samr/samr_password.c @@ -210,10 +210,9 @@ NTSTATUS samr_OemChangePasswordUser2(struct dcesrv_call_state *dce_call, TALLOC_ return NT_STATUS_NO_SUCH_USER; } - domain_dn = ldb_dn_explode(mem_ctx, - samdb_search_string(sam_ctx, mem_ctx, NULL, "dn", - "(objectSid=%s)", - ldap_encode_ndr_dom_sid(mem_ctx, domain_sid))); + domain_dn = samdb_search_dn(sam_ctx, mem_ctx, NULL, + "(objectSid=%s)", + ldap_encode_ndr_dom_sid(mem_ctx, domain_sid)); if (!domain_dn) { return NT_STATUS_INTERNAL_DB_CORRUPTION; } @@ -361,10 +360,9 @@ NTSTATUS samr_ChangePasswordUser3(struct dcesrv_call_state *dce_call, goto failed; } - domain_dn = ldb_dn_explode(mem_ctx, - samdb_search_string(sam_ctx, mem_ctx, NULL, "dn", - "(objectSid=%s)", - ldap_encode_ndr_dom_sid(mem_ctx, domain_sid))); + domain_dn = samdb_search_dn(sam_ctx, mem_ctx, NULL, + "(objectSid=%s)", + ldap_encode_ndr_dom_sid(mem_ctx, domain_sid)); if (!domain_dn) { status = NT_STATUS_INTERNAL_DB_CORRUPTION; goto failed; -- cgit