From 89278a1469fe8f6c6080d6cb6b81de504802470d Mon Sep 17 00:00:00 2001
From: Stefan Metzmacher <metze@samba.org>
Date: Fri, 19 Jan 2007 15:14:45 +0000
Subject: r20906: allow LDAP simple binds using the following syntaxes in the
 DN field:

CN=Administrator,CN=Users,DC=w2k3,DC=vmnet1,DC=vm,DC=base
Administrator@W2K3
W2K3\Administrator
w2k3.vmnet1.vm.base/Users/Administrator

w2k3 also allows this (and maybe more...?)

metze
(This used to be commit 40c27ef88df9021e9ef2a6c43aabab709ac9662f)
---
 source4/dsdb/samdb/cracknames.c | 41 ++++++++++++++++++++++++++++++++++-------
 source4/ldap_server/ldap_bind.c |  2 +-
 2 files changed, 35 insertions(+), 8 deletions(-)

diff --git a/source4/dsdb/samdb/cracknames.c b/source4/dsdb/samdb/cracknames.c
index 28c9890db5..02644c78f1 100644
--- a/source4/dsdb/samdb/cracknames.c
+++ b/source4/dsdb/samdb/cracknames.c
@@ -996,9 +996,10 @@ NTSTATUS crack_service_principal_name(struct ldb_context *sam_ctx,
 	
 }
 
-NTSTATUS crack_dn_to_nt4_name(TALLOC_CTX *mem_ctx, 
-			      const char *dn, 
-			      const char **nt4_domain, const char **nt4_account)
+NTSTATUS crack_name_to_nt4_name(TALLOC_CTX *mem_ctx, 
+				uint32_t format_offered,
+				const char *name, 
+				const char **nt4_domain, const char **nt4_account)
 {
 	WERROR werr;
 	struct drsuapi_DsNameInfo1 info1;
@@ -1006,7 +1007,7 @@ NTSTATUS crack_dn_to_nt4_name(TALLOC_CTX *mem_ctx,
 	char *p;
 
 	/* Handle anonymous bind */
-	if (!dn || !*dn) {
+	if (!name || !*name) {
 		*nt4_domain = "";
 		*nt4_account = "";
 		return NT_STATUS_OK;
@@ -1018,9 +1019,9 @@ NTSTATUS crack_dn_to_nt4_name(TALLOC_CTX *mem_ctx,
 	}
 
 	werr = DsCrackNameOneName(ldb, mem_ctx, 0,
-				  DRSUAPI_DS_NAME_FORMAT_FQDN_1779, 
+				  format_offered, 
 				  DRSUAPI_DS_NAME_FORMAT_NT4_ACCOUNT,
-				  dn,
+				  name,
 				  &info1);
 	if (!W_ERROR_IS_OK(werr)) {
 		return werror_to_ntstatus(werr);
@@ -1054,5 +1055,31 @@ NTSTATUS crack_dn_to_nt4_name(TALLOC_CTX *mem_ctx,
 	}
 
 	return NT_STATUS_OK;
-	
+}
+
+NTSTATUS crack_auto_name_to_nt4_name(TALLOC_CTX *mem_ctx,
+				     const char *name,
+				     const char **nt4_domain,
+				     const char **nt4_account)
+{
+	uint32_t format_offered = DRSUAPI_DS_NAME_FORMAT_UKNOWN;
+
+	/* Handle anonymous bind */
+	if (!name || !*name) {
+		*nt4_domain = "";
+		*nt4_account = "";
+		return NT_STATUS_OK;
+	}
+
+	if (strchr_m(name, '=')) {
+		format_offered = DRSUAPI_DS_NAME_FORMAT_FQDN_1779;
+	} else if (strchr_m(name, '@')) {
+		format_offered = DRSUAPI_DS_NAME_FORMAT_USER_PRINCIPAL;
+	} else if (strchr_m(name, '\\')) {
+		format_offered = DRSUAPI_DS_NAME_FORMAT_NT4_ACCOUNT;
+	} else if (strchr_m(name, '/')) {
+		format_offered = DRSUAPI_DS_NAME_FORMAT_CANONICAL;
+	}
+
+	return crack_name_to_nt4_name(mem_ctx, format_offered, name, nt4_domain, nt4_account);
 }
diff --git a/source4/ldap_server/ldap_bind.c b/source4/ldap_server/ldap_bind.c
index f88d08e822..3d5df58e21 100644
--- a/source4/ldap_server/ldap_bind.c
+++ b/source4/ldap_server/ldap_bind.c
@@ -45,7 +45,7 @@ static NTSTATUS ldapsrv_BindSimple(struct ldapsrv_call *call)
 
 	DEBUG(10, ("BindSimple dn: %s\n",req->dn));
 
-	status = crack_dn_to_nt4_name(call, req->dn, &nt4_domain, &nt4_account);
+	status = crack_auto_name_to_nt4_name(call, req->dn, &nt4_domain, &nt4_account);
 	if (NT_STATUS_IS_OK(status)) {
 		status = authenticate_username_pw(call,
 						  call->conn->connection->event.ctx,
-- 
cgit