From e0cc4f0f6d3642874749c4acf0cf8a152072f628 Mon Sep 17 00:00:00 2001 From: Andrew Bartlett Date: Wed, 3 Aug 2005 19:58:58 +0000 Subject: r9015: Fix access to BUILTIN again. Andrew Bartlett (This used to be commit 2beb694226429319ff3799adbd7be50af99df02c) --- source4/rpc_server/samr/dcesrv_samr.c | 65 ++++++++++++++++++----------------- 1 file changed, 34 insertions(+), 31 deletions(-) diff --git a/source4/rpc_server/samr/dcesrv_samr.c b/source4/rpc_server/samr/dcesrv_samr.c index 57da9b79b2..1e47199d20 100644 --- a/source4/rpc_server/samr/dcesrv_samr.c +++ b/source4/rpc_server/samr/dcesrv_samr.c @@ -271,14 +271,14 @@ static NTSTATUS samr_EnumDomains(struct dcesrv_call_state *dce_call, TALLOC_CTX int ret; array->entries[i].idx = start_i + i; /* try and find the domain */ - ret = gendb_search(c_state->sam_ctx, mem_ctx, NULL, &ref_msgs, ref_attrs, + ret = gendb_search(c_state->sam_ctx, mem_ctx, NULL, + &ref_msgs, ref_attrs, "(&(objectClass=crossRef)(ncName=%s))", - dom_msgs[0]->dn); + dom_msgs[i]->dn); if (ret == 1) { array->entries[i].name.string = samdb_result_string(ref_msgs[0], "nETBIOSName", NULL); } else { - /* Builtin? If we can't find the reference, punt */ - array->entries[i].name.string = samdb_result_string(dom_msgs[0], "cn", NULL); + array->entries[i].name.string = samdb_result_string(dom_msgs[i], "cn", NULL); } } @@ -300,7 +300,7 @@ static NTSTATUS samr_OpenDomain(struct dcesrv_call_state *dce_call, TALLOC_CTX * const char *domain_name; struct samr_connect_state *c_state; struct samr_domain_state *d_state; - const char * const dom_attrs[] = { NULL}; + const char * const dom_attrs[] = { "cn", NULL}; const char * const ref_attrs[] = { "nETBIOSName", NULL}; struct ldb_message **dom_msgs; struct ldb_message **ref_msgs; @@ -318,23 +318,36 @@ static NTSTATUS samr_OpenDomain(struct dcesrv_call_state *dce_call, TALLOC_CTX * ret = gendb_search(c_state->sam_ctx, mem_ctx, NULL, &dom_msgs, dom_attrs, - "(&(objectSid=%s)(objectclass=domain))", + "(&(objectSid=%s)(&(objectclass=domain)(!(objectClass=builtinDomain))))", ldap_encode_ndr_dom_sid(mem_ctx, r->in.sid)); - if (ret != 1) { - return NT_STATUS_NO_SUCH_DOMAIN; - } - - ret = gendb_search(c_state->sam_ctx, - mem_ctx, NULL, &ref_msgs, ref_attrs, - "(&(&(nETBIOSName=*)(objectclass=crossRef))(ncName=%s))", - dom_msgs[0]->dn); - if (ret != 1) { - return NT_STATUS_NO_SUCH_DOMAIN; - } + if (ret == -1) { + return NT_STATUS_INTERNAL_DB_CORRUPTION; + } else if (ret == 0) { + ret = gendb_search(c_state->sam_ctx, + mem_ctx, NULL, &dom_msgs, dom_attrs, + "(&(objectSid=%s)(objectClass=builtinDomain))", + ldap_encode_ndr_dom_sid(mem_ctx, r->in.sid)); + if (ret != 1) { + return NT_STATUS_NO_SUCH_DOMAIN; + } - domain_name = ldb_msg_find_string(ref_msgs[0], "nETBIOSName", NULL); - if (domain_name == NULL) { - return NT_STATUS_NO_SUCH_DOMAIN; + domain_name = ldb_msg_find_string(dom_msgs[0], "cn", NULL); + if (domain_name == NULL) { + return NT_STATUS_NO_SUCH_DOMAIN; + } + } else { + ret = gendb_search(c_state->sam_ctx, + mem_ctx, NULL, &ref_msgs, ref_attrs, + "(&(&(nETBIOSName=*)(objectclass=crossRef))(ncName=%s))", + dom_msgs[0]->dn); + if (ret != 1) { + return NT_STATUS_NO_SUCH_DOMAIN; + } + + domain_name = ldb_msg_find_string(ref_msgs[0], "nETBIOSName", NULL); + if (domain_name == NULL) { + return NT_STATUS_NO_SUCH_DOMAIN; + } } d_state = talloc(c_state, struct samr_domain_state); @@ -406,10 +419,8 @@ static NTSTATUS samr_info_DomInfo2(struct samr_domain_state *state, TALLOC_CTX * struct samr_DomInfo2 *info) { const char * const dom_attrs[] = { "comment", NULL }; - const char * const ref_attrs[] = { "nETBIOSName", NULL }; int ret; struct ldb_message **dom_msgs; - struct ldb_message **ref_msgs; const char *domain_name; ret = gendb_search_dn(state->sam_ctx, mem_ctx, @@ -418,15 +429,7 @@ static NTSTATUS samr_info_DomInfo2(struct samr_domain_state *state, TALLOC_CTX * return NT_STATUS_INTERNAL_DB_CORRUPTION; } - ret = gendb_search(state->sam_ctx, - mem_ctx, NULL, &ref_msgs, ref_attrs, - "(&(&(nETBIOSName=*)(objectclass=crossRef))(ncName=%s))", - dom_msgs[0]->dn); - if (ret != 1) { - return NT_STATUS_NO_SUCH_DOMAIN; - } - - domain_name = ldb_msg_find_string(ref_msgs[0], "nETBIOSName", NULL); + domain_name = state->domain_name; /* where is this supposed to come from? is it settable? */ info->force_logoff_time = 0x8000000000000000LL; -- cgit