From 6e720ecd259742d274d6281088c5052070c955e6 Mon Sep 17 00:00:00 2001 From: Matthias Dieter Wallnöfer Date: Mon, 13 Sep 2010 22:41:06 +0200 Subject: s4:SID handling - always encode the SID using "ldap_encode_ndr_dom_sid" for LDAP filters This makes also lookups through special backends as "samba3sam" work. --- source4/dsdb/samdb/ldb_modules/samldb.c | 16 ++++++++-------- 1 file changed, 8 insertions(+), 8 deletions(-) (limited to 'source4/dsdb/samdb/ldb_modules') diff --git a/source4/dsdb/samdb/ldb_modules/samldb.c b/source4/dsdb/samdb/ldb_modules/samldb.c index acf796f20f..dca6ece9ee 100644 --- a/source4/dsdb/samdb/ldb_modules/samldb.c +++ b/source4/dsdb/samdb/ldb_modules/samldb.c @@ -276,8 +276,8 @@ static int samldb_check_primaryGroupID(struct samldb_ctx *ac) return ldb_operr(ldb); } - prim_group_dn = samdb_search_dn(ldb, ac, NULL, "(objectSID=%s)", - dom_sid_string(ac, sid)); + prim_group_dn = samdb_search_dn(ldb, ac, NULL, "(objectSid=%s)", + ldap_encode_ndr_dom_sid(ac, sid)); if (prim_group_dn == NULL) { ldb_asprintf_errstring(ldb, "Failed to find primary group with RID %u!", @@ -929,8 +929,8 @@ static int samldb_prim_group_change(struct samldb_ctx *ac) return ldb_operr(ldb); } - prev_prim_group_dn = samdb_search_dn(ldb, ac, NULL, "(objectSID=%s)", - dom_sid_string(ac, sid)); + prev_prim_group_dn = samdb_search_dn(ldb, ac, NULL, "(objectSid=%s)", + ldap_encode_ndr_dom_sid(ac, sid)); if (prev_prim_group_dn == NULL) { return ldb_operr(ldb); } @@ -948,8 +948,8 @@ static int samldb_prim_group_change(struct samldb_ctx *ac) return ldb_operr(ldb); } - new_prim_group_dn = samdb_search_dn(ldb, ac, NULL, "(objectSID=%s)", - dom_sid_string(ac, sid)); + new_prim_group_dn = samdb_search_dn(ldb, ac, NULL, "(objectSid=%s)", + ldap_encode_ndr_dom_sid(ac, sid)); if (new_prim_group_dn == NULL) { /* Here we know if the specified new primary group candidate is * valid or not. */ @@ -1041,8 +1041,8 @@ static int samldb_member_check(struct samldb_ctx *ac) return ldb_operr(ldb); } - group_dn = samdb_search_dn(ldb, ac, NULL, "(objectSID=%s)", - dom_sid_string(ac, sid)); + group_dn = samdb_search_dn(ldb, ac, NULL, "(objectSid=%s)", + ldap_encode_ndr_dom_sid(ac, sid)); if (group_dn == NULL) { return ldb_operr(ldb); } -- cgit