From 9aa07e72c88c9e4f52546597610019c8596ea4cc Mon Sep 17 00:00:00 2001 From: Andrew Tridgell Date: Tue, 28 Sep 2010 10:40:18 -0700 Subject: s4-drs: use drs_ObjectIdentifier_*() calls in getncchanges this allows for replication by GUID or SID --- source4/rpc_server/drsuapi/getncchanges.c | 30 ++++++++++++++++-------------- 1 file changed, 16 insertions(+), 14 deletions(-) diff --git a/source4/rpc_server/drsuapi/getncchanges.c b/source4/rpc_server/drsuapi/getncchanges.c index 36d74f4b57..8e2bf8e8b2 100644 --- a/source4/rpc_server/drsuapi/getncchanges.c +++ b/source4/rpc_server/drsuapi/getncchanges.c @@ -612,13 +612,13 @@ static WERROR getncchanges_rid_alloc(struct drsuapi_bind_state *b_state, return WERR_DS_DRA_INTERNAL_ERROR; } - req_dn = ldb_dn_new(mem_ctx, ldb, req8->naming_context->dn); + req_dn = drs_ObjectIdentifier_to_dn(mem_ctx, ldb, req8->naming_context); if (!req_dn || !ldb_dn_validate(req_dn) || ldb_dn_compare(req_dn, rid_manager_dn) != 0) { /* that isn't the RID Manager DN */ DEBUG(0,(__location__ ": RID Alloc request for wrong DN %s\n", - req8->naming_context->dn)); + drs_ObjectIdentifier_to_string(mem_ctx, req8->naming_context))); ctr6->extended_ret = DRSUAPI_EXOP_ERR_MISMATCH; return WERR_OK; } @@ -805,7 +805,8 @@ static WERROR getncchanges_repl_secret(struct drsuapi_bind_state *b_state, const struct dom_sid **never_reveal_sids, **reveal_sids, **token_sids; WERROR werr; - DEBUG(3,(__location__ ": DRSUAPI_EXOP_REPL_SECRET extended op on %s\n", ncRoot->dn)); + DEBUG(3,(__location__ ": DRSUAPI_EXOP_REPL_SECRET extended op on %s\n", + drs_ObjectIdentifier_to_string(mem_ctx, ncRoot))); /* * we need to work out if we will allow this RODC to @@ -821,7 +822,7 @@ static WERROR getncchanges_repl_secret(struct drsuapi_bind_state *b_state, return WERR_DS_DRA_SOURCE_DISABLED; } - obj_dn = ldb_dn_new(mem_ctx, b_state->sam_ctx_system, ncRoot->dn); + obj_dn = drs_ObjectIdentifier_to_dn(mem_ctx, b_state->sam_ctx_system, ncRoot); if (!ldb_dn_validate(obj_dn)) goto failed; rodc_dn = ldb_dn_new_fmt(mem_ctx, b_state->sam_ctx_system, "", @@ -892,20 +893,20 @@ static WERROR getncchanges_repl_secret(struct drsuapi_bind_state *b_state, /* default deny */ denied: DEBUG(2,(__location__ ": Denied RODC secret replication for %s by RODC %s\n", - ncRoot->dn, ldb_dn_get_linearized(rodc_res->msgs[0]->dn))); + ldb_dn_get_linearized(obj_dn), ldb_dn_get_linearized(rodc_res->msgs[0]->dn))); ctr6->extended_ret = DRSUAPI_EXOP_ERR_NONE; return WERR_DS_DRA_ACCESS_DENIED; allowed: DEBUG(2,(__location__ ": Allowed RODC secret replication for %s by RODC %s\n", - ncRoot->dn, ldb_dn_get_linearized(rodc_res->msgs[0]->dn))); + ldb_dn_get_linearized(obj_dn), ldb_dn_get_linearized(rodc_res->msgs[0]->dn))); ctr6->extended_ret = DRSUAPI_EXOP_ERR_SUCCESS; req8->highwatermark.highest_usn = 0; return WERR_OK; failed: DEBUG(2,(__location__ ": Failed RODC secret replication for %s by RODC %s\n", - ncRoot->dn, dom_sid_string(mem_ctx, user_sid))); + ldb_dn_get_linearized(obj_dn), dom_sid_string(mem_ctx, user_sid))); ctr6->extended_ret = DRSUAPI_EXOP_ERR_NONE; return WERR_DS_DRA_BAD_DN; } @@ -932,12 +933,12 @@ static WERROR getncchanges_change_master(struct drsuapi_bind_state *b_state, - verify that we are the current master */ - req_dn = ldb_dn_new(mem_ctx, ldb, req8->naming_context->dn); + req_dn = drs_ObjectIdentifier_to_dn(mem_ctx, ldb, req8->naming_context); if (!req_dn || !ldb_dn_validate(req_dn)) { /* that is not a valid dn */ DEBUG(0,(__location__ ": FSMO role transfer request for invalid DN %s\n", - req8->naming_context->dn)); + drs_ObjectIdentifier_to_string(mem_ctx, req8->naming_context))); ctr6->extended_ret = DRSUAPI_EXOP_ERR_MISMATCH; return WERR_OK; } @@ -961,7 +962,7 @@ static WERROR getncchanges_change_master(struct drsuapi_bind_state *b_state, /* change the current master */ msg = ldb_msg_new(ldb); W_ERROR_HAVE_NO_MEMORY(msg); - msg->dn = ldb_dn_new(msg, ldb, req8->naming_context->dn); + msg->dn = drs_ObjectIdentifier_to_dn(msg, ldb, req8->naming_context); W_ERROR_HAVE_NO_MEMORY(msg->dn); ret = dsdb_find_dn_by_guid(ldb, msg, &req8->destination_dsa_guid, &ntds_dn); @@ -1148,7 +1149,7 @@ WERROR dcesrv_drsuapi_DsGetNCChanges(struct dcesrv_call_state *dce_call, TALLOC_ /* see if a previous replication has been abandoned */ if (getnc_state) { - struct ldb_dn *new_dn = ldb_dn_new(getnc_state, sam_ctx, ncRoot->dn); + struct ldb_dn *new_dn = drs_ObjectIdentifier_to_dn(getnc_state, sam_ctx, ncRoot); if (ldb_dn_compare(new_dn, getnc_state->ncRoot_dn) != 0) { DEBUG(0,(__location__ ": DsGetNCChanges 2nd replication on different DN %s %s (last_dn %s)\n", ldb_dn_get_linearized(new_dn), @@ -1165,7 +1166,7 @@ WERROR dcesrv_drsuapi_DsGetNCChanges(struct dcesrv_call_state *dce_call, TALLOC_ return WERR_NOMEM; } b_state->getncchanges_state = getnc_state; - getnc_state->ncRoot_dn = ldb_dn_new(getnc_state, sam_ctx, ncRoot->dn); + getnc_state->ncRoot_dn = drs_ObjectIdentifier_to_dn(getnc_state, sam_ctx, ncRoot); /* find out if we are to replicate Schema NC */ ret = ldb_dn_compare(getnc_state->ncRoot_dn, @@ -1213,7 +1214,8 @@ WERROR dcesrv_drsuapi_DsGetNCChanges(struct dcesrv_call_state *dce_call, TALLOC_ if (!ldb_dn_validate(getnc_state->ncRoot_dn) || ldb_dn_is_null(getnc_state->ncRoot_dn)) { - DEBUG(0,(__location__ ": Bad DN '%s'\n", ncRoot->dn)); + DEBUG(0,(__location__ ": Bad DN '%s'\n", + drs_ObjectIdentifier_to_string(mem_ctx, ncRoot))); return WERR_DS_DRA_INVALID_PARAMETER; } @@ -1485,7 +1487,7 @@ WERROR dcesrv_drsuapi_DsGetNCChanges(struct dcesrv_call_state *dce_call, TALLOC_ DEBUG(r->out.ctr->ctr6.more_data?4:2, ("DsGetNCChanges with uSNChanged >= %llu flags 0x%08x on %s gave %u objects (done %u/%u) %u links (done %u/%u (as %s))\n", (unsigned long long)(req8->highwatermark.highest_usn+1), - req8->replica_flags, ncRoot->dn, + req8->replica_flags, drs_ObjectIdentifier_to_string(mem_ctx, ncRoot), r->out.ctr->ctr6.object_count, i, r->out.ctr->ctr6.more_data?getnc_state->site_res->count:i, r->out.ctr->ctr6.linked_attributes_count, -- cgit