From da1970c0ff4cd3556102e9357b2e0cf65728c8d6 Mon Sep 17 00:00:00 2001 From: Simo Sorce Date: Fri, 19 Feb 2010 18:09:48 -0500 Subject: s4:lsa open trusted domain also with dns name When searching for a trusted domain object to open, search also the DNS Name attributes for a match. W2K8R2 uses the DNS domain if available. --- source4/rpc_server/lsa/dcesrv_lsa.c | 10 +++++++--- 1 file changed, 7 insertions(+), 3 deletions(-) (limited to 'source4/rpc_server') diff --git a/source4/rpc_server/lsa/dcesrv_lsa.c b/source4/rpc_server/lsa/dcesrv_lsa.c index c129612bd7..45fe08eaf0 100644 --- a/source4/rpc_server/lsa/dcesrv_lsa.c +++ b/source4/rpc_server/lsa/dcesrv_lsa.c @@ -1261,7 +1261,7 @@ static NTSTATUS dcesrv_lsa_OpenTrustedDomainByName(struct dcesrv_call_state *dce const char *attrs[] = { NULL }; - + char *td_name; int ret; DCESRV_PULL_HANDLE(policy_handle, r->in.handle, LSA_HANDLE_POLICY); @@ -1279,10 +1279,12 @@ static NTSTATUS dcesrv_lsa_OpenTrustedDomainByName(struct dcesrv_call_state *dce trusted_domain_state->policy = policy_state; /* search for the trusted_domain record */ + td_name = ldb_binary_encode_string(mem_ctx, r->in.name.string); ret = gendb_search(trusted_domain_state->policy->sam_ldb, mem_ctx, policy_state->system_dn, &msgs, attrs, - "(&(flatname=%s)(objectclass=trustedDomain))", - ldb_binary_encode_string(mem_ctx, r->in.name.string)); + "(&(|(flatname=%s)(cn=%s)(trustPartner=%s))" + "(objectclass=trustedDomain))", + td_name, td_name, td_name); if (ret == 0) { return NT_STATUS_OBJECT_NAME_NOT_FOUND; } @@ -1293,6 +1295,8 @@ static NTSTATUS dcesrv_lsa_OpenTrustedDomainByName(struct dcesrv_call_state *dce return NT_STATUS_INTERNAL_DB_CORRUPTION; } + /* TODO: perform access checks */ + trusted_domain_state->trusted_domain_dn = talloc_reference(trusted_domain_state, msgs[0]->dn); handle = dcesrv_handle_new(dce_call->context, LSA_HANDLE_TRUSTED_DOMAIN); -- cgit