From 9819d280d69e5870d61a177923912eae0c573709 Mon Sep 17 00:00:00 2001
From: Andrew Tridgell <tridge@samba.org>
Date: Wed, 30 Dec 2009 20:04:17 +1100
Subject: s4-dsdb: added dsdb_tombstone_lifetime()

---
 source4/dsdb/common/util.c     | 26 +++++++++++++++++
 source4/dsdb/kcc/kcc_deleted.c | 64 ++++++++++++++++++++++++++++++++++++++++++
 2 files changed, 90 insertions(+)
 create mode 100644 source4/dsdb/kcc/kcc_deleted.c

diff --git a/source4/dsdb/common/util.c b/source4/dsdb/common/util.c
index 25d915d0bc..ea216ec67b 100644
--- a/source4/dsdb/common/util.c
+++ b/source4/dsdb/common/util.c
@@ -3024,3 +3024,29 @@ int dsdb_get_deleted_objects_dn(struct ldb_context *ldb,
 	talloc_free(nc_root);
 	return ret;
 }
+
+/*
+  return the tombstoneLifetime, in days
+ */
+int dsdb_tombstone_lifetime(struct ldb_context *ldb, uint32_t *lifetime)
+{
+	struct ldb_dn *dn;
+	dn = samdb_config_dn(ldb);
+	if (!dn) {
+		return LDB_ERR_NO_SUCH_OBJECT;
+	}
+	dn = ldb_dn_copy(ldb, dn);
+	if (!dn) {
+		return LDB_ERR_OPERATIONS_ERROR;
+	}
+	/* see MS-ADTS section 7.1.1.2.4.1.1. There doesn't appear to
+	 be a wellknown GUID for this */
+	if (!ldb_dn_add_child_fmt(dn, "CN=Directory Service,CN=Windows NT")) {
+		talloc_free(dn);
+		return LDB_ERR_OPERATIONS_ERROR;
+	}
+
+	*lifetime = samdb_search_uint(ldb, dn, 180, dn, "tombstoneLifetime", "objectClass=nTDSService");
+	talloc_free(dn);
+	return LDB_SUCCESS;
+}
diff --git a/source4/dsdb/kcc/kcc_deleted.c b/source4/dsdb/kcc/kcc_deleted.c
new file mode 100644
index 0000000000..44f3070261
--- /dev/null
+++ b/source4/dsdb/kcc/kcc_deleted.c
@@ -0,0 +1,64 @@
+/*
+   Unix SMB/CIFS implementation.
+
+   handle removal of deleted objects
+
+   Copyright (C) 2009 Andrew Tridgell
+
+   This program is free software; you can redistribute it and/or modify
+   it under the terms of the GNU General Public License as published by
+   the Free Software Foundation; either version 3 of the License, or
+   (at your option) any later version.
+
+   This program is distributed in the hope that it will be useful,
+   but WITHOUT ANY WARRANTY; without even the implied warranty of
+   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+   GNU General Public License for more details.
+
+   You should have received a copy of the GNU General Public License
+   along with this program.  If not, see <http://www.gnu.org/licenses/>.
+
+*/
+
+#include "includes.h"
+#include "lib/events/events.h"
+#include "dsdb/samdb/samdb.h"
+#include "auth/auth.h"
+#include "smbd/service.h"
+#include "lib/messaging/irpc.h"
+#include "dsdb/kcc/kcc_connection.h"
+#include "dsdb/kcc/kcc_service.h"
+#include "lib/ldb/include/ldb_errors.h"
+#include "../lib/util/dlinklist.h"
+#include "librpc/gen_ndr/ndr_misc.h"
+#include "librpc/gen_ndr/ndr_drsuapi.h"
+#include "librpc/gen_ndr/ndr_drsblobs.h"
+#include "param/param.h"
+
+
+/*
+  check to see if any deleted objects need scavenging
+ */
+NTSTATUS kccsrv_check_deleted(struct kccsrv_service *s, TALLOC_CTX *mem_ctx)
+{
+	struct kccsrv_partition *part;
+	int ret;
+
+	time_t t = time(NULL);
+	if (t - s->last_deleted_check < lp_parm_int(task->lp_ctx, NULL, "kccsrv",
+						    "check_deleted_interval", 600)) {
+		return NT_STATUS_OK;
+	}
+	s->last_deleted_check = t;
+
+	for (part=s->partitions; part; part=part->next) {
+		struct ldb_dn *do_dn;
+		struct ldb_result *res;
+
+		ret = dsdb_get_deleted_objects_dn(s->samdb, mem_ctx, part->dn, &do_dn);
+		ret = ldb_search(s->samdb, mem_ctx, &res, do_dn, LDB_SCOPE_SUBTREE,
+				 attrs, "isDeleted=TRUE");
+	}
+
+
+}
-- 
cgit