From 856e309b14491849ec65d37fc23e03dd07063e21 Mon Sep 17 00:00:00 2001
From: Matthias Dieter Wallnöfer <mdw@samba.org>
Date: Tue, 16 Nov 2010 13:17:32 +0100
Subject: s4:descriptor LDB module - also "get_default_ag" should make use of
 "dsdb_find_nc_root"

---
 source4/dsdb/samdb/ldb_modules/descriptor.c | 24 ++++++++++++------------
 1 file changed, 12 insertions(+), 12 deletions(-)

(limited to 'source4/dsdb')

diff --git a/source4/dsdb/samdb/ldb_modules/descriptor.c b/source4/dsdb/samdb/ldb_modules/descriptor.c
index d973e86a5b..baf00adee1 100644
--- a/source4/dsdb/samdb/ldb_modules/descriptor.c
+++ b/source4/dsdb/samdb/ldb_modules/descriptor.c
@@ -66,19 +66,21 @@ struct dom_sid *get_default_ag(TALLOC_CTX *mem_ctx,
 			       struct ldb_context *ldb)
 {
 	TALLOC_CTX *tmp_ctx = talloc_new(mem_ctx);
-	struct ldb_dn *default_base_dn = ldb_get_default_basedn(ldb);
-	struct ldb_dn *schema_base_dn = ldb_get_schema_basedn(ldb);
-	struct ldb_dn *config_base_dn = ldb_get_config_basedn(ldb);
 	const struct dom_sid *domain_sid = samdb_domain_sid(ldb);
 	struct dom_sid *da_sid = dom_sid_add_rid(tmp_ctx, domain_sid, DOMAIN_RID_ADMINS);
 	struct dom_sid *ea_sid = dom_sid_add_rid(tmp_ctx, domain_sid, DOMAIN_RID_ENTERPRISE_ADMINS);
 	struct dom_sid *sa_sid = dom_sid_add_rid(tmp_ctx, domain_sid, DOMAIN_RID_SCHEMA_ADMINS);
 	struct dom_sid *dag_sid;
+	struct ldb_dn *nc_root;
+	int ret;
 
-	/* FIXME: this has to be fixed regarding the forest DN (root DN) and
-	 * the domain DN (default DN) - they aren't always the same. */
+	ret = dsdb_find_nc_root(ldb, tmp_ctx, dn, &nc_root);
+	if (ret != LDB_SUCCESS) {
+		talloc_free(tmp_ctx);
+		return NULL;
+	}
 
-	if (ldb_dn_compare_base(schema_base_dn, dn) == 0){
+	if (ldb_dn_compare(nc_root, ldb_get_schema_basedn(ldb)) == 0) {
 		if (security_token_has_sid(token, sa_sid))
 			dag_sid = dom_sid_dup(mem_ctx, sa_sid);
 		else if (security_token_has_sid(token, ea_sid))
@@ -87,25 +89,23 @@ struct dom_sid *get_default_ag(TALLOC_CTX *mem_ctx,
 			dag_sid = dom_sid_dup(mem_ctx, da_sid);
 		else
 			dag_sid = NULL;
-	}
-	else if (ldb_dn_compare_base(config_base_dn, dn) == 0){
+	} else if (ldb_dn_compare(nc_root, ldb_get_config_basedn(ldb)) == 0) {
 		if (security_token_has_sid(token, ea_sid))
 			dag_sid = dom_sid_dup(mem_ctx, ea_sid);
 		else if (security_token_has_sid(token, da_sid))
 			dag_sid = dom_sid_dup(mem_ctx, da_sid);
 		else
 			dag_sid = NULL;
-	}
-	else if (ldb_dn_compare_base(default_base_dn, dn) == 0){
+	} else if (ldb_dn_compare(nc_root, ldb_get_default_basedn(ldb)) == 0) {
 		if (security_token_has_sid(token, da_sid))
 			dag_sid = dom_sid_dup(mem_ctx, da_sid);
 		else if (security_token_has_sid(token, ea_sid))
 				dag_sid = dom_sid_dup(mem_ctx, ea_sid);
 		else
 			dag_sid = NULL;
-	}
-	else
+	} else {
 		dag_sid = NULL;
+	}
 
 	talloc_free(tmp_ctx);
 	return dag_sid;
-- 
cgit