From b65f1a097754d32dd8b156e719d4a4f328bf4fbc Mon Sep 17 00:00:00 2001 From: Andrew Bartlett Date: Tue, 16 Dec 2008 08:40:49 +0100 Subject: s4:samldb: improve error strings When things go wrong with LDB, this routine seems to be particularly sensitive to it. This extra debugging should help the next poor soul who breaks LDB. Signed-off-by: Stefan Metzmacher --- source4/dsdb/samdb/ldb_modules/samldb.c | 14 ++++++++------ 1 file changed, 8 insertions(+), 6 deletions(-) (limited to 'source4/dsdb/samdb/ldb_modules/samldb.c') diff --git a/source4/dsdb/samdb/ldb_modules/samldb.c b/source4/dsdb/samdb/ldb_modules/samldb.c index 95a16b5527..627e15ab93 100644 --- a/source4/dsdb/samdb/ldb_modules/samldb.c +++ b/source4/dsdb/samdb/ldb_modules/samldb.c @@ -346,13 +346,14 @@ static int samldb_get_parent_domain_callback(struct ldb_request *req, } nextRid = ldb_msg_find_attr_as_string(ares->message, - "nextRid", NULL); + "nextRid", NULL); if (nextRid == NULL) { ldb_asprintf_errstring(ac->module->ldb, - "attribute nextRid not found in %s\n", - ldb_dn_get_linearized(ares->message->dn)); + "while looking for domain above %s attribute nextRid not found in %s\n", + ldb_dn_get_linearized(ac->req->op.add.message->dn), + ldb_dn_get_linearized(ares->message->dn)); ret = LDB_ERR_OPERATIONS_ERROR; - break;; + break; } ac->next_rid = strtol(nextRid, NULL, 0); @@ -369,6 +370,7 @@ static int samldb_get_parent_domain_callback(struct ldb_request *req, talloc_free(ares); ret = LDB_SUCCESS; + ldb_reset_err_string(ac->module->ldb); break; case LDB_REPLY_REFERRAL: @@ -1067,8 +1069,8 @@ static int samldb_foreign_notice_sid_callback(struct ldb_request *req, "nextRid", NULL); if (nextRid == NULL) { ldb_asprintf_errstring(ac->module->ldb, - "attribute nextRid not found in %s\n", - ldb_dn_get_linearized(ares->message->dn)); + "while looking for forign sid %s attribute nextRid not found in %s\n", + dom_sid_string(ares, ac->sid), ldb_dn_get_linearized(ares->message->dn)); ret = LDB_ERR_OPERATIONS_ERROR; break; } -- cgit From 1107021f3aa4ad1a3995a018d11aed485aa39c38 Mon Sep 17 00:00:00 2001 From: Andrew Bartlett Date: Tue, 16 Dec 2008 08:41:22 +0100 Subject: s4:samldb: make use of dom_sid_split_rid() Signed-off-by: Stefan Metzmacher --- source4/dsdb/samdb/ldb_modules/samldb.c | 7 +++---- 1 file changed, 3 insertions(+), 4 deletions(-) (limited to 'source4/dsdb/samdb/ldb_modules/samldb.c') diff --git a/source4/dsdb/samdb/ldb_modules/samldb.c b/source4/dsdb/samdb/ldb_modules/samldb.c index 627e15ab93..7ecc41d2c3 100644 --- a/source4/dsdb/samdb/ldb_modules/samldb.c +++ b/source4/dsdb/samdb/ldb_modules/samldb.c @@ -1120,6 +1120,7 @@ static int samldb_foreign_notice_sid(struct samldb_ctx *ac) { static const char * const attrs[3] = { "nextRid", "name", NULL }; struct ldb_request *req; + NTSTATUS status; char *filter; int ret; @@ -1127,12 +1128,10 @@ static int samldb_foreign_notice_sid(struct samldb_ctx *ac) return LDB_ERR_OPERATIONS_ERROR; } - ac->domain_sid = dom_sid_dup(ac, ac->sid); - if (!ac->domain_sid) { + status = dom_sid_split_rid(ac, ac->sid, &ac->domain_sid, NULL); + if (!NT_STATUS_IS_OK(status)) { return LDB_ERR_OPERATIONS_ERROR; } - /* get the domain component part of the provided SID */ - ac->domain_sid->num_auths--; filter = talloc_asprintf(ac, "(&(objectSid=%s)(objectclass=domain))", ldap_encode_ndr_dom_sid(ac, ac->domain_sid)); -- cgit