summaryrefslogtreecommitdiff
path: root/src
diff options
context:
space:
mode:
Diffstat (limited to 'src')
-rw-r--r--src/providers/ad/ad_domain_info.c350
-rw-r--r--src/providers/ad/ad_domain_info.h41
-rw-r--r--src/providers/ad/ad_init.c2
-rw-r--r--src/providers/ad/ad_subdomains.c235
4 files changed, 414 insertions, 214 deletions
diff --git a/src/providers/ad/ad_domain_info.c b/src/providers/ad/ad_domain_info.c
new file mode 100644
index 00000000..b0c8652c
--- /dev/null
+++ b/src/providers/ad/ad_domain_info.c
@@ -0,0 +1,350 @@
+/*
+ SSSD
+
+ AD Domain Info Module
+
+ Authors:
+ Sumit Bose <sbose@redhat.com>
+
+ Copyright (C) 2013 Red Hat
+
+ This program is free software; you can redistribute it and/or modify
+ it under the terms of the GNU General Public License as published by
+ the Free Software Foundation; either version 3 of the License, or
+ (at your option) any later version.
+
+ This program is distributed in the hope that it will be useful,
+ but WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ GNU General Public License for more details.
+
+ You should have received a copy of the GNU General Public License
+ along with this program. If not, see <http://www.gnu.org/licenses/>.
+*/
+
+#include <errno.h>
+#include <tevent.h>
+#include <ctype.h>
+#include <ndr.h>
+#include <ndr/ndr_nbt.h>
+
+#include "providers/ldap/sdap.h"
+#include "providers/ldap/sdap_async.h"
+#include "providers/ldap/sdap_idmap.h"
+#include "util/util.h"
+
+#define AD_AT_OBJECT_SID "objectSID"
+#define AD_AT_DNS_DOMAIN "DnsDomain"
+#define AD_AT_NT_VERSION "NtVer"
+#define AD_AT_NETLOGON "netlogon"
+
+#define MASTER_DOMAIN_SID_FILTER "objectclass=domain"
+
+struct ad_master_domain_state {
+ struct tevent_context *ev;
+ struct sdap_id_conn_ctx *conn;
+ struct sdap_id_op *id_op;
+ struct sdap_id_ctx *id_ctx;
+ struct sdap_options *opts;
+
+ const char *dom_name;
+ int base_iter;
+
+ char *flat;
+ char *sid;
+};
+
+static errno_t ad_master_domain_next(struct tevent_req *req);
+static void ad_master_domain_next_done(struct tevent_req *subreq);
+static void ad_master_domain_netlogon_done(struct tevent_req *req);
+
+struct tevent_req *
+ad_master_domain_send(TALLOC_CTX *mem_ctx,
+ struct tevent_context *ev,
+ struct sdap_id_conn_ctx *conn,
+ struct sdap_id_op *op,
+ const char *dom_name)
+{
+ errno_t ret;
+ struct tevent_req *req;
+ struct ad_master_domain_state *state;
+
+ req = tevent_req_create(mem_ctx, &state, struct ad_master_domain_state);
+ if (!req) return NULL;
+
+ state->ev = ev;
+ state->id_op = op;
+ state->conn = conn;
+ state->id_ctx = conn->id_ctx;
+ state->opts = conn->id_ctx->opts;
+ state->dom_name = dom_name;
+
+ ret = ad_master_domain_next(req);
+ if (ret != EOK && ret != EAGAIN) {
+ goto immediate;
+ }
+
+ return req;
+
+immediate:
+ if (ret != EOK) {
+ tevent_req_error(req, ret);
+ } else {
+ tevent_req_done(req);
+ }
+ tevent_req_post(req, ev);
+ return req;
+}
+
+static errno_t
+ad_master_domain_next(struct tevent_req *req)
+{
+ struct tevent_req *subreq;
+ struct sdap_search_base *base;
+ const char *master_sid_attrs[] = {AD_AT_OBJECT_SID, NULL};
+
+ struct ad_master_domain_state *state =
+ tevent_req_data(req, struct ad_master_domain_state);
+
+ base = state->opts->sdom->search_bases[state->base_iter];
+ if (base == NULL) {
+ return EOK;
+ }
+
+ subreq = sdap_get_generic_send(state, state->ev,
+ state->id_ctx->opts,
+ sdap_id_op_handle(state->id_op),
+ base->basedn, LDAP_SCOPE_BASE,
+ MASTER_DOMAIN_SID_FILTER, master_sid_attrs,
+ NULL, 0,
+ dp_opt_get_int(state->opts->basic,
+ SDAP_SEARCH_TIMEOUT),
+ false);
+ if (subreq == NULL) {
+ DEBUG(SSSDBG_OP_FAILURE, ("sdap_get_generic_send failed.\n"));
+ return ENOMEM;
+ }
+ tevent_req_set_callback(subreq, ad_master_domain_next_done, req);
+
+ return EAGAIN;
+}
+
+static void
+ad_master_domain_next_done(struct tevent_req *subreq)
+{
+ errno_t ret;
+ size_t reply_count;
+ struct sysdb_attrs **reply = NULL;
+ struct ldb_message_element *el;
+ char *sid_str;
+ enum idmap_error_code err;
+ static const char *attrs[] = {AD_AT_NETLOGON, NULL};
+ char *filter;
+ char *ntver;
+
+ struct tevent_req *req = tevent_req_callback_data(subreq,
+ struct tevent_req);
+ struct ad_master_domain_state *state =
+ tevent_req_data(req, struct ad_master_domain_state);
+
+ ret = sdap_get_generic_recv(subreq, state, &reply_count, &reply);
+ talloc_zfree(subreq);
+ if (ret != EOK) {
+ DEBUG(SSSDBG_OP_FAILURE, ("sdap_get_generic_send request failed.\n"));
+ goto done;
+ }
+
+ if (reply_count == 0) {
+ state->base_iter++;
+ ret = ad_master_domain_next(req);
+ if (ret == EAGAIN) {
+ /* Async request will get us back here again */
+ return;
+ } else if (ret != EOK) {
+ goto done;
+ }
+
+ /* EOK */
+ tevent_req_done(req);
+ return;
+ } else if (reply_count == 1) {
+ ret = sysdb_attrs_get_el(reply[0], AD_AT_OBJECT_SID, &el);
+ if (ret != EOK || el->num_values != 1) {
+ DEBUG(SSSDBG_OP_FAILURE, ("sdap_attrs_get_el failed.\n"));
+ goto done;
+ }
+
+ err = sss_idmap_bin_sid_to_sid(state->opts->idmap_ctx->map,
+ el->values[0].data,
+ el->values[0].length,
+ &sid_str);
+ if (err != IDMAP_SUCCESS) {
+ DEBUG(SSSDBG_MINOR_FAILURE,
+ ("Could not convert SID: [%s].\n", idmap_error_string(err)));
+ ret = EFAULT;
+ goto done;
+ }
+
+ state->sid = talloc_steal(state, sid_str);
+ } else {
+ DEBUG(SSSDBG_OP_FAILURE,
+ ("More than one result for domain SID found.\n"));
+ ret = EINVAL;
+ goto done;
+ }
+
+ DEBUG(SSSDBG_TRACE_FUNC, ("Found SID [%s].\n", state->sid));
+
+ ntver = sss_ldap_encode_ndr_uint32(state, NETLOGON_NT_VERSION_5EX |
+ NETLOGON_NT_VERSION_WITH_CLOSEST_SITE);
+ if (ntver == NULL) {
+ DEBUG(SSSDBG_OP_FAILURE, ("sss_ldap_encode_ndr_uint32 failed.\n"));
+ ret = ENOMEM;
+ goto done;
+ }
+
+ filter = talloc_asprintf(state, "(&(%s=%s)(%s=%s))",
+ AD_AT_DNS_DOMAIN, state->dom_name,
+ AD_AT_NT_VERSION, ntver);
+ if (filter == NULL) {
+ DEBUG(SSSDBG_OP_FAILURE, ("talloc_asprintf failed.\n"));
+ ret = ENOMEM;
+ goto done;
+ }
+
+ subreq = sdap_get_generic_send(state, state->ev,
+ state->id_ctx->opts,
+ sdap_id_op_handle(state->id_op),
+ "", LDAP_SCOPE_BASE, filter, attrs, NULL, 0,
+ dp_opt_get_int(state->opts->basic,
+ SDAP_SEARCH_TIMEOUT),
+ false);
+ if (subreq == NULL) {
+ DEBUG(SSSDBG_OP_FAILURE, ("sdap_get_generic_send failed.\n"));
+ ret = ENOMEM;
+ goto done;
+ }
+
+ tevent_req_set_callback(subreq, ad_master_domain_netlogon_done, req);
+ return;
+
+done:
+ tevent_req_error(req, ret);
+}
+
+static void
+ad_master_domain_netlogon_done(struct tevent_req *subreq)
+{
+ int ret;
+ size_t reply_count;
+ struct sysdb_attrs **reply = NULL;
+ struct ldb_message_element *el;
+ DATA_BLOB blob;
+ enum ndr_err_code ndr_err;
+ struct ndr_pull *ndr_pull = NULL;
+ struct netlogon_samlogon_response response;
+
+ struct tevent_req *req = tevent_req_callback_data(subreq,
+ struct tevent_req);
+ struct ad_master_domain_state *state =
+ tevent_req_data(req, struct ad_master_domain_state);
+
+ ret = sdap_get_generic_recv(subreq, state, &reply_count, &reply);
+ talloc_zfree(subreq);
+ if (ret != EOK) {
+ DEBUG(SSSDBG_OP_FAILURE, ("sdap_get_generic_send request failed.\n"));
+ goto done;
+ }
+
+ if (reply_count == 0) {
+ DEBUG(SSSDBG_TRACE_FUNC, ("No netlogon data available.\n"));
+ ret = ENOENT;
+ goto done;
+ } else if (reply_count > 1) {
+ DEBUG(SSSDBG_OP_FAILURE,
+ ("More than one netlogon info returned.\n"));
+ ret = EINVAL;
+ goto done;
+ }
+
+ ret = sysdb_attrs_get_el(reply[0], AD_AT_NETLOGON, &el);
+ if (ret != EOK) {
+ DEBUG(SSSDBG_OP_FAILURE, ("sysdb_attrs_get_el() failed\n"));
+ goto done;
+ }
+
+ if (el->num_values == 0) {
+ DEBUG(SSSDBG_OP_FAILURE, ("netlogon has no value\n"));
+ ret = ENOENT;
+ goto done;
+ } else if (el->num_values > 1) {
+ DEBUG(SSSDBG_OP_FAILURE, ("More than one netlogon value?\n"));
+ ret = EIO;
+ goto done;
+ }
+
+ blob.data = el->values[0].data;
+ blob.length = el->values[0].length;
+
+ ndr_pull = ndr_pull_init_blob(&blob, state);
+ if (ndr_pull == NULL) {
+ DEBUG(SSSDBG_OP_FAILURE, ("ndr_pull_init_blob() failed.\n"));
+ ret = ENOMEM;
+ goto done;
+ }
+
+ ndr_err = ndr_pull_netlogon_samlogon_response(ndr_pull, NDR_SCALARS,
+ &response);
+ if (!NDR_ERR_CODE_IS_SUCCESS(ndr_err)) {
+ DEBUG(SSSDBG_OP_FAILURE, ("ndr_pull_netlogon_samlogon_response() "
+ "failed [%d]\n", ndr_err));
+ ret = EBADMSG;
+ goto done;
+ }
+
+ if (!(response.ntver & NETLOGON_NT_VERSION_5EX)) {
+ DEBUG(SSSDBG_OP_FAILURE, ("Wrong version returned [%x]\n",
+ response.ntver));
+ ret = EBADMSG;
+ goto done;
+ }
+
+ if (response.data.nt5_ex.domain_name != NULL &&
+ *response.data.nt5_ex.domain_name != '\0') {
+ state->flat = talloc_strdup(state, response.data.nt5_ex.domain_name);
+ if (state->flat == NULL) {
+ DEBUG(SSSDBG_OP_FAILURE, ("talloc_strdup failed.\n"));
+ ret = ENOMEM;
+ goto done;
+ }
+ }
+
+ DEBUG(SSSDBG_TRACE_FUNC, ("Found flat name [%s].\n", state->flat));
+ tevent_req_done(req);
+ return;
+
+done:
+ tevent_req_error(req, ret);
+}
+
+errno_t
+ad_master_domain_recv(struct tevent_req *req,
+ TALLOC_CTX *mem_ctx,
+ char **_flat,
+ char **_id)
+{
+ struct ad_master_domain_state *state = tevent_req_data(req,
+ struct ad_master_domain_state);
+
+ TEVENT_REQ_RETURN_ON_ERROR(req);
+
+ if (_flat) {
+ *_flat = talloc_steal(mem_ctx, state->flat);
+ }
+
+ if (_id) {
+ *_id = talloc_steal(mem_ctx, state->sid);
+ }
+
+ return EOK;
+}
diff --git a/src/providers/ad/ad_domain_info.h b/src/providers/ad/ad_domain_info.h
new file mode 100644
index 00000000..d2170639
--- /dev/null
+++ b/src/providers/ad/ad_domain_info.h
@@ -0,0 +1,41 @@
+/*
+ SSSD
+
+ AD Master Domain Module
+
+ Authors:
+ Sumit Bose <sbose@redhat.com>
+
+ Copyright (C) 2013 Red Hat
+
+ This program is free software; you can redistribute it and/or modify
+ it under the terms of the GNU General Public License as published by
+ the Free Software Foundation; either version 3 of the License, or
+ (at your option) any later version.
+
+ This program is distributed in the hope that it will be useful,
+ but WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ GNU General Public License for more details.
+
+ You should have received a copy of the GNU General Public License
+ along with this program. If not, see <http://www.gnu.org/licenses/>.
+*/
+
+#ifndef _AD_MASTER_DOMAIN_H_
+#define _AD_MASTER_DOMAIN_H_
+
+struct tevent_req *
+ad_master_domain_send(TALLOC_CTX *mem_ctx,
+ struct tevent_context *ev,
+ struct sdap_id_conn_ctx *conn,
+ struct sdap_id_op *op,
+ const char *dom_name);
+
+errno_t
+ad_master_domain_recv(struct tevent_req *req,
+ TALLOC_CTX *mem_ctx,
+ char **_flat,
+ char **_id);
+
+#endif /* _AD_MASTER_DOMAIN_H_ */
diff --git a/src/providers/ad/ad_init.c b/src/providers/ad/ad_init.c
index f181afe6..99288195 100644
--- a/src/providers/ad/ad_init.c
+++ b/src/providers/ad/ad_init.c
@@ -40,6 +40,7 @@
#include "providers/ad/ad_srv.h"
#include "providers/dp_dyndns.h"
#include "providers/ad/ad_subdomains.h"
+#include "providers/ad/ad_domain_info.h"
struct ad_options *ad_options = NULL;
@@ -214,7 +215,6 @@ sssm_ad_id_init(struct be_ctx *bectx,
&ad_ctx->sdap_id_ctx->opts->idmap_ctx);
if (ret != EOK) goto done;
-
ret = setup_tls_config(ad_ctx->sdap_id_ctx->opts->basic);
if (ret != EOK) {
DEBUG(SSSDBG_CRIT_FAILURE,
diff --git a/src/providers/ad/ad_subdomains.c b/src/providers/ad/ad_subdomains.c
index 87685088..f15a0138 100644
--- a/src/providers/ad/ad_subdomains.c
+++ b/src/providers/ad/ad_subdomains.c
@@ -24,6 +24,7 @@
#include "providers/ldap/sdap_async.h"
#include "providers/ad/ad_subdomains.h"
+#include "providers/ad/ad_domain_info.h"
#include "util/util_sss_idmap.h"
#include <ctype.h>
#include <ndr.h>
@@ -264,9 +265,7 @@ done:
}
static void ad_subdomains_get_conn_done(struct tevent_req *req);
-static errno_t ad_subdomains_get_master_sid(struct ad_subdomains_req_ctx *ctx);
-static void ad_subdomains_get_master_sid_done(struct tevent_req *req);
-static void ad_subdomains_get_netlogon_done(struct tevent_req *req);
+static void ad_subdomains_master_dom_done(struct tevent_req *req);
static errno_t ad_subdomains_get_slave(struct ad_subdomains_req_ctx *ctx);
static void ad_subdomains_retrieve(struct ad_subdomains_ctx *ctx,
@@ -341,236 +340,46 @@ static void ad_subdomains_get_conn_done(struct tevent_req *req)
goto fail;
}
- ret = ad_subdomains_get_master_sid(ctx);
- if (ret == EAGAIN) {
- return;
- } else if (ret != EOK) {
- goto fail;
- }
-
- DEBUG(SSSDBG_OP_FAILURE, ("No search base available.\n"));
- ret = EINVAL;
-
-fail:
- be_req_terminate(ctx->be_req, dp_error, ret, NULL);
-}
-
-static errno_t ad_subdomains_get_master_sid(struct ad_subdomains_req_ctx *ctx)
-{
- struct tevent_req *req;
- struct sdap_search_base *base;
- const char *master_sid_attrs[] = {AD_AT_OBJECT_SID, NULL};
-
-
- base = ctx->sd_ctx->sdom->search_bases[ctx->base_iter];
- if (base == NULL) {
- return EOK;
- }
-
- req = sdap_get_generic_send(ctx, ctx->sd_ctx->be_ctx->ev,
- ctx->sd_ctx->sdap_id_ctx->opts,
- sdap_id_op_handle(ctx->sdap_op),
- base->basedn, LDAP_SCOPE_BASE,
- MASTER_DOMAIN_SID_FILTER, master_sid_attrs,
- NULL, 0,
- dp_opt_get_int(ctx->sd_ctx->sdap_id_ctx->opts->basic,
- SDAP_SEARCH_TIMEOUT),
- false);
-
- if (req == NULL) {
- DEBUG(SSSDBG_OP_FAILURE, ("sdap_get_generic_send failed.\n"));
- return ENOMEM;
- }
-
- tevent_req_set_callback(req, ad_subdomains_get_master_sid_done, ctx);
-
- return EAGAIN;
-}
-
-static void ad_subdomains_get_master_sid_done(struct tevent_req *req)
-{
- int ret;
- size_t reply_count;
- struct sysdb_attrs **reply = NULL;
- struct ad_subdomains_req_ctx *ctx;
- struct ldb_message_element *el;
- char *sid_str;
- enum idmap_error_code err;
- static const char *attrs[] = {AD_AT_NETLOGON, NULL};
- char *filter;
- char *ntver;
-
- ctx = tevent_req_callback_data(req, struct ad_subdomains_req_ctx);
-
- ret = sdap_get_generic_recv(req, ctx, &reply_count, &reply);
- talloc_zfree(req);
- if (ret != EOK) {
- DEBUG(SSSDBG_OP_FAILURE, ("sdap_get_generic_send request failed.\n"));
- goto done;
- }
-
- if (reply_count == 0) {
- ctx->base_iter++;
- ret = ad_subdomains_get_master_sid(ctx);
- if (ret == EAGAIN) {
- return;
- } else if (ret != EOK) {
- goto done;
- }
- } else if (reply_count == 1) {
- ret = sysdb_attrs_get_el(reply[0], AD_AT_OBJECT_SID, &el);
- if (ret != EOK || el->num_values != 1) {
- DEBUG(SSSDBG_OP_FAILURE, ("sdap_attrs_get_el failed.\n"));
- goto done;
- }
-
- err = sss_idmap_bin_sid_to_sid(ctx->sd_ctx->idmap_ctx,
- el->values[0].data,
- el->values[0].length,
- &sid_str);
- if (err != IDMAP_SUCCESS) {
- DEBUG(SSSDBG_MINOR_FAILURE,
- ("Could not convert SID: [%s].\n", idmap_error_string(err)));
- ret = EFAULT;
- goto done;
- }
-
- ctx->master_sid = talloc_steal(ctx, sid_str);
- } else {
- DEBUG(SSSDBG_OP_FAILURE,
- ("More than one result for domain SID found.\n"));
- ret = EINVAL;
- goto done;
- }
-
- DEBUG(SSSDBG_TRACE_FUNC, ("Found SID [%s].\n", ctx->master_sid));
-
- ntver = sss_ldap_encode_ndr_uint32(ctx, NETLOGON_NT_VERSION_5EX |
- NETLOGON_NT_VERSION_WITH_CLOSEST_SITE);
- if (ntver == NULL) {
- DEBUG(SSSDBG_OP_FAILURE, ("sss_ldap_encode_ndr_uint32 failed.\n"));
- ret = ENOMEM;
- goto done;
- }
-
- filter = talloc_asprintf(ctx, "(&(%s=%s)(%s=%s))",
- AD_AT_DNS_DOMAIN, ctx->sd_ctx->domain_name,
- AD_AT_NT_VERSION, ntver);
- if (filter == NULL) {
- DEBUG(SSSDBG_OP_FAILURE, ("talloc_asprintf failed.\n"));
- ret = ENOMEM;
- goto done;
- }
-
- req = sdap_get_generic_send(ctx, ctx->sd_ctx->be_ctx->ev,
- ctx->sd_ctx->sdap_id_ctx->opts,
- sdap_id_op_handle(ctx->sdap_op),
- "", LDAP_SCOPE_BASE, filter, attrs, NULL, 0,
- dp_opt_get_int(ctx->sd_ctx->sdap_id_ctx->opts->basic,
- SDAP_SEARCH_TIMEOUT),
- false);
+ req = ad_master_domain_send(ctx, ctx->sd_ctx->be_ctx->ev,
+ ctx->sd_ctx->ldap_ctx,
+ ctx->sdap_op,
+ ctx->sd_ctx->domain_name);
if (req == NULL) {
- DEBUG(SSSDBG_OP_FAILURE, ("sdap_get_generic_send failed.\n"));
+ DEBUG(SSSDBG_OP_FAILURE, ("ad_master_domain_send failed.\n"));
ret = ENOMEM;
- goto done;
+ goto fail;
}
-
- tevent_req_set_callback(req, ad_subdomains_get_netlogon_done, ctx);
+ tevent_req_set_callback(req, ad_subdomains_master_dom_done, ctx);
return;
-done:
- be_req_terminate(ctx->be_req, DP_ERR_FATAL, ret, NULL);
+fail:
+ be_req_terminate(ctx->be_req, dp_error, ret, NULL);
}
-static void ad_subdomains_get_netlogon_done(struct tevent_req *req)
+static void ad_subdomains_master_dom_done(struct tevent_req *req)
{
- int ret;
- size_t reply_count;
- struct sysdb_attrs **reply = NULL;
struct ad_subdomains_req_ctx *ctx;
- struct ldb_message_element *el;
- DATA_BLOB blob;
- enum ndr_err_code ndr_err;
- struct ndr_pull *ndr_pull = NULL;
- struct netlogon_samlogon_response response;
- int dp_error = DP_ERR_FATAL;
+ errno_t ret;
ctx = tevent_req_callback_data(req, struct ad_subdomains_req_ctx);
- ret = sdap_get_generic_recv(req, ctx, &reply_count, &reply);
+ ret = ad_master_domain_recv(req, ctx,
+ &ctx->flat_name, &ctx->master_sid);
talloc_zfree(req);
if (ret != EOK) {
- DEBUG(SSSDBG_OP_FAILURE, ("sdap_get_generic_send request failed.\n"));
- goto done;
- }
-
- if (reply_count == 0) {
- DEBUG(SSSDBG_TRACE_FUNC, ("No netlogon data available.\n"));
- ret = ENOENT;
- goto done;
- } else if (reply_count > 1) {
- DEBUG(SSSDBG_OP_FAILURE,
- ("More than one netlogon info returned.\n"));
- ret = EINVAL;
- goto done;
- }
-
- ret = sysdb_attrs_get_el(reply[0], AD_AT_NETLOGON, &el);
- if (ret != EOK) {
- DEBUG(SSSDBG_OP_FAILURE, ("sysdb_attrs_get_el() failed\n"));
- goto done;
- }
-
- if (el->num_values == 0) {
- DEBUG(SSSDBG_OP_FAILURE, ("netlogon has no value\n"));
- ret = ENOENT;
- goto done;
- } else if (el->num_values > 1) {
- DEBUG(SSSDBG_OP_FAILURE, ("More than one netlogon value?\n"));
- ret = EIO;
- goto done;
- }
-
- blob.data = el->values[0].data;
- blob.length = el->values[0].length;
-
- ndr_pull = ndr_pull_init_blob(&blob, ctx);
- if (ndr_pull == NULL) {
- DEBUG(SSSDBG_OP_FAILURE, ("ndr_pull_init_blob() failed.\n"));
- ret = ENOMEM;
+ DEBUG(SSSDBG_OP_FAILURE, ("Cannot retrieve master domain info\n"));
goto done;
}
- ndr_err = ndr_pull_netlogon_samlogon_response(ndr_pull, NDR_SCALARS,
- &response);
- if (!NDR_ERR_CODE_IS_SUCCESS(ndr_err)) {
- DEBUG(SSSDBG_OP_FAILURE, ("ndr_pull_netlogon_samlogon_response() "
- "failed [%d]\n", ndr_err));
- ret = EBADMSG;
- goto done;
- }
-
- if (!(response.ntver & NETLOGON_NT_VERSION_5EX)) {
- DEBUG(SSSDBG_OP_FAILURE, ("Wrong version returned [%x]\n",
- response.ntver));
- ret = EBADMSG;
- goto done;
- }
-
- if (response.data.nt5_ex.domain_name != NULL &&
- *response.data.nt5_ex.domain_name != '\0') {
- ctx->flat_name = talloc_strdup(ctx, response.data.nt5_ex.domain_name);
- if (ctx->flat_name == NULL) {
- DEBUG(SSSDBG_OP_FAILURE, ("talloc_strdup failed.\n"));
- ret = ENOMEM;
- goto done;
- }
- }
-
DEBUG(SSSDBG_TRACE_FUNC, ("Found flat name [%s].\n", ctx->flat_name));
+ DEBUG(SSSDBG_TRACE_FUNC, ("Found master SID [%s].\n", ctx->master_sid));
ret = sysdb_master_domain_add_info(ctx->sd_ctx->be_ctx->domain,
ctx->flat_name, ctx->master_sid);
+ if (ret != EOK) {
+ DEBUG(SSSDBG_OP_FAILURE, ("Cannot save master domain info\n"));
+ goto done;
+ }
ret = ad_subdomains_get_slave(ctx);
if (ret == EAGAIN) {
@@ -580,7 +389,7 @@ static void ad_subdomains_get_netlogon_done(struct tevent_req *req)
}
done:
- be_req_terminate(ctx->be_req, dp_error, ret, NULL);
+ be_req_terminate(ctx->be_req, DP_ERR_FATAL, ret, NULL);
}
static void ad_subdomains_get_slave_domain_done(struct tevent_req *req);