diff options
-rw-r--r-- | src/db/sysdb.h | 7 | ||||
-rw-r--r-- | src/db/sysdb_gpo.c | 58 |
2 files changed, 63 insertions, 2 deletions
diff --git a/src/db/sysdb.h b/src/db/sysdb.h index addf13196..3cef1e66b 100644 --- a/src/db/sysdb.h +++ b/src/db/sysdb.h @@ -870,7 +870,8 @@ errno_t sysdb_search_object_by_sid(TALLOC_CTX *mem_ctx, #define SYSDB_GPO_CONTAINER "cn=gpos,cn=ad,cn=custom" #define SYSDB_GPO_OC "gpo" -#define SYSDB_GPO_FILTER "(&(objectClass="SYSDB_GPO_OC")("SYSDB_GPO_GUID_ATTR"=%s))" +#define SYSDB_GPO_FILTER "(objectClass="SYSDB_GPO_OC")" +#define SYSDB_GPO_GUID_FILTER "(&(objectClass="SYSDB_GPO_OC")("SYSDB_GPO_GUID_ATTR"=%s))" #define SYSDB_GPO_GUID_ATTR "gpoGUID" #define SYSDB_GPO_VERSION_ATTR "gpoVersion" #define SYSDB_GPO_TIMEOUT_ATTR "gpoPolicyFileTimeout" @@ -896,4 +897,8 @@ errno_t sysdb_gpo_get_gpo_by_guid(TALLOC_CTX *mem_ctx, const char *gpo_guid, struct ldb_result **_result); +errno_t sysdb_gpo_get_gpos(TALLOC_CTX *mem_ctx, + struct sss_domain_info *domain, + struct ldb_result **_result); + #endif /* __SYS_DB_H__ */ diff --git a/src/db/sysdb_gpo.c b/src/db/sysdb_gpo.c index 228f131ac..7dd31d81a 100644 --- a/src/db/sysdb_gpo.c +++ b/src/db/sysdb_gpo.c @@ -265,7 +265,7 @@ sysdb_gpo_get_gpo_by_guid(TALLOC_CTX *mem_ctx, } lret = ldb_search(domain->sysdb->ldb, tmp_ctx, &res, base_dn, - LDB_SCOPE_SUBTREE, attrs, SYSDB_GPO_FILTER, gpo_guid); + LDB_SCOPE_SUBTREE, attrs, SYSDB_GPO_GUID_FILTER, gpo_guid); if (lret) { DEBUG(SSSDBG_MINOR_FAILURE, "Could not locate GPO: [%s]\n", @@ -296,3 +296,59 @@ done: talloc_free(tmp_ctx); return ret; } + +errno_t +sysdb_gpo_get_gpos(TALLOC_CTX *mem_ctx, + struct sss_domain_info *domain, + struct ldb_result **_result) +{ + errno_t ret; + int lret; + struct ldb_dn *base_dn; + TALLOC_CTX *tmp_ctx; + struct ldb_result *res; + + const char *attrs[] = SYSDB_GPO_ATTRS; + + tmp_ctx = talloc_new(NULL); + if (!tmp_ctx) return ENOMEM; + + DEBUG(SSSDBG_TRACE_FUNC, SYSDB_TMPL_GPO_BASE"\n", domain->name); + + base_dn = ldb_dn_new_fmt(tmp_ctx, domain->sysdb->ldb, + SYSDB_TMPL_GPO_BASE, + domain->name); + if (!base_dn) { + ret = ENOMEM; + goto done; + } + + lret = ldb_search(domain->sysdb->ldb, tmp_ctx, &res, base_dn, + LDB_SCOPE_SUBTREE, attrs, SYSDB_GPO_FILTER); + if (lret) { + DEBUG(SSSDBG_MINOR_FAILURE, + "Could not locate GPOs: [%s]\n", + ldb_strerror(lret)); + ret = sysdb_error_to_errno(lret); + goto done; + } + + if (res->count == 0) { + ret = ENOENT; + goto done; + } + + *_result = talloc_steal(mem_ctx, res); + ret = EOK; + +done: + + if (ret == ENOENT) { + DEBUG(SSSDBG_TRACE_ALL, "No GPO entries.\n"); + } else if (ret) { + DEBUG(SSSDBG_OP_FAILURE, "Error: %d (%s)\n", ret, strerror(ret)); + } + + talloc_free(tmp_ctx); + return ret; +} |