From 94a609189314ae888ee9783fd1933054d359f712 Mon Sep 17 00:00:00 2001
From: Andrew Bartlett <abartlet@samba.org>
Date: Sat, 5 Jul 2003 05:19:28 +0000
Subject: Allow modification of an existing entry.

We still have a lot of work to do to allow this in quite the same way as we
have in the TDB, but it certainly is getting closer.

Andrew Bartlett
(This used to be commit b9ef4e138843e3a9d1157e197de0964daf29f0dd)
---
 source3/sam/idmap_ldap.c | 51 ++++++++++++++++++++++++++++++++++--------------
 1 file changed, 36 insertions(+), 15 deletions(-)

diff --git a/source3/sam/idmap_ldap.c b/source3/sam/idmap_ldap.c
index 2dccaf04f7..56a289d8aa 100644
--- a/source3/sam/idmap_ldap.c
+++ b/source3/sam/idmap_ldap.c
@@ -397,6 +397,8 @@ static NTSTATUS ldap_set_mapping_internals(const DOM_SID *sid, unid_t id,
 	int rc = -1;
 	int ldap_op;
 	fstring sid_string;
+	char **values;
+	int i;
 
 	sid_to_string( sid_string, sid );
 
@@ -422,9 +424,23 @@ static NTSTATUS ldap_set_mapping_internals(const DOM_SID *sid, unid_t id,
 
 	snprintf(id_str, sizeof(id_str), "%u", ((id_type & ID_USERID) ? id.uid : id.gid));	
 	
-	smbldap_set_mod( &mods, LDAP_MOD_ADD, 
-			 "objectClass", LDAP_OBJ_IDMAP_ENTRY );
-	
+	values = ldap_get_values(ldap_state.smbldap_state->ldap_struct, entry, "objectClass");
+	if (values) {
+		BOOL found_idmap = False;
+		for (i=0; values[i]; i++) {
+			if (StrCaseCmp(values[i], LDAP_OBJ_IDMAP_ENTRY) == 0) {
+				found_idmap = True;
+				break;
+			}
+		}
+		if (!found_idmap)
+			smbldap_set_mod( &mods, LDAP_MOD_ADD, 
+					 "objectClass", LDAP_OBJ_IDMAP_ENTRY );
+	} else {
+		smbldap_set_mod( &mods, LDAP_MOD_ADD, 
+				 "objectClass", LDAP_OBJ_IDMAP_ENTRY );
+	}
+
 	smbldap_make_mod( ldap_state.smbldap_state->ldap_struct, 
 			  entry, &mods, type, id_str );
 
@@ -433,20 +449,25 @@ static NTSTATUS ldap_set_mapping_internals(const DOM_SID *sid, unid_t id,
 			  get_attr_key2string(sidmap_attr_list, LDAP_ATTR_SID), 
 			  sid_string );
 
-	switch(ldap_op)
-	{
-	case LDAP_MOD_ADD: 
-		smbldap_set_mod( &mods, LDAP_MOD_ADD, 
-				 "objectClass", LDAP_OBJ_SID_ENTRY );
-		rc = smbldap_add(ldap_state.smbldap_state, dn, mods);
-		break;
-	case LDAP_MOD_REPLACE: 
-		rc = smbldap_modify(ldap_state.smbldap_state, dn, mods);
-		break;
+	/* There may well be nothing at all to do */
+	if (mods) {
+		switch(ldap_op)
+		{
+		case LDAP_MOD_ADD: 
+			smbldap_set_mod( &mods, LDAP_MOD_ADD, 
+					 "objectClass", LDAP_OBJ_SID_ENTRY );
+			rc = smbldap_add(ldap_state.smbldap_state, dn, mods);
+			break;
+		case LDAP_MOD_REPLACE: 
+			rc = smbldap_modify(ldap_state.smbldap_state, dn, mods);
+			break;
+		}
+		
+		ldap_mods_free( mods, True );	
+	} else {
+		rc = LDAP_SUCCESS;
 	}
 
-	ldap_mods_free( mods, True );	
-
 	if (rc != LDAP_SUCCESS) {
 		char *ld_error = NULL;
 		ldap_get_option(ldap_state.smbldap_state->ldap_struct, LDAP_OPT_ERROR_STRING,
-- 
cgit