From 3f2ca10d2d86f0cd64822f9e5f95633f41263237 Mon Sep 17 00:00:00 2001
From: Andrew Bartlett <abartlet@samba.org>
Date: Tue, 13 Nov 2007 22:38:55 +0100
Subject: r25940: Rework the samldb and templates handling.

Templates just don't belong in the sam.ldb, as they don't obey any of
the other rules.  This moves them to a seperate templates.ldb.

In samldb, this patch reworks the duplicate SID and Name detection
code, to use ldb_search_exp_fmt() rather than gendb_search.  This
returns far more useful errors, which we now handle and report better.

The call to samdb_search_for_parent_domain() has been moved in samldb,
to allow both the account and SID uniqueness checks to be in the same
domain.  This function also returns better errors.

dcesrv_drsuapi.c is updated for the new prototype of
samdb_search_for_parent_domain()

Andrew Bartlett
(This used to be commit f1ab90c88c782c693b41795d70368650806543b5)
---
 source4/rpc_server/drsuapi/dcesrv_drsuapi.c | 16 ++++++++++------
 1 file changed, 10 insertions(+), 6 deletions(-)

(limited to 'source4/rpc_server/drsuapi')

diff --git a/source4/rpc_server/drsuapi/dcesrv_drsuapi.c b/source4/rpc_server/drsuapi/dcesrv_drsuapi.c
index d8b361ca27..21c4d36e9b 100644
--- a/source4/rpc_server/drsuapi/dcesrv_drsuapi.c
+++ b/source4/rpc_server/drsuapi/dcesrv_drsuapi.c
@@ -570,6 +570,7 @@ static WERROR dcesrv_drsuapi_DsGetDomainControllerInfo_1(struct drsuapi_bind_sta
 			ret = ldb_search_exp_fmt(b_state->sam_ctx, mem_ctx, &res_account, ref_dn, 
 						 LDB_SCOPE_BASE, attrs_account_1, "objectClass=computer");
 			if (ret == LDB_SUCCESS && res_account->count == 1) {
+				const char *errstr;
 				ctr1->array[i].dns_name
 					= ldb_msg_find_attr_as_string(res_account->msgs[0], "dNSHostName", NULL);
 				ctr1->array[i].netbios_name
@@ -578,10 +579,11 @@ static WERROR dcesrv_drsuapi_DsGetDomainControllerInfo_1(struct drsuapi_bind_sta
 					= ldb_dn_get_linearized(res_account->msgs[0]->dn);
 
 				/* Determine if this is the PDC */
-				domain_dn = samdb_search_for_parent_domain(b_state->sam_ctx, 
-									   mem_ctx, res_account->msgs[0]->dn);
+				ret = samdb_search_for_parent_domain(b_state->sam_ctx, 
+								     mem_ctx, res_account->msgs[0]->dn,
+								     &domain_dn, &errstr);
 				
-				if (domain_dn) {
+				if (ret == LDB_SUCCESS) {
 					ret = ldb_search_exp_fmt(b_state->sam_ctx, mem_ctx, &res_domain, domain_dn, 
 								 LDB_SCOPE_BASE, attrs_none, "fSMORoleOwner=%s",
 								 ldb_dn_get_linearized(ntds_dn));
@@ -664,6 +666,7 @@ static WERROR dcesrv_drsuapi_DsGetDomainControllerInfo_1(struct drsuapi_bind_sta
 			ret = ldb_search_exp_fmt(b_state->sam_ctx, mem_ctx, &res_account, ref_dn, 
 						 LDB_SCOPE_BASE, attrs_account_2, "objectClass=computer");
 			if (ret == LDB_SUCCESS && res_account->count == 1) {
+				const char *errstr;
 				ctr2->array[i].dns_name
 					= ldb_msg_find_attr_as_string(res_account->msgs[0], "dNSHostName", NULL);
 				ctr2->array[i].netbios_name
@@ -673,10 +676,11 @@ static WERROR dcesrv_drsuapi_DsGetDomainControllerInfo_1(struct drsuapi_bind_sta
 					= samdb_result_guid(res_account->msgs[0], "objectGUID");
 
 				/* Determine if this is the PDC */
-				domain_dn = samdb_search_for_parent_domain(b_state->sam_ctx, 
-									   mem_ctx, res_account->msgs[0]->dn);
+				ret = samdb_search_for_parent_domain(b_state->sam_ctx, 
+								     mem_ctx, res_account->msgs[0]->dn,
+								     &domain_dn, &errstr);
 				
-				if (domain_dn) {
+				if (ret == LDB_SUCCESS) {
 					ret = ldb_search_exp_fmt(b_state->sam_ctx, mem_ctx, &res_domain, domain_dn, 
 								 LDB_SCOPE_BASE, attrs_none, "fSMORoleOwner=%s",
 								 ldb_dn_get_linearized(ntds_dn));
-- 
cgit