2 files changed, 20 insertions, 24 deletions

diff --git a/server/db/sysdb.h b/server/db/sysdb.h
index 35a17dddf..aa1aaf4cd 100644
--- a/server/db/sysdb.h
+++ b/server/db/sysdb.h
@@ -65,6 +65,10 @@
 
 #define SYSDB_CACHEDPWD "cachedPassword"
 
+#define SYSDB_ORIG_DN "originalDN"
+#define SYSDB_UUID "uniqueID"
+#define SYSDB_UPN "UserPrincipalName"
+
 #define SYSDB_NEXTID_FILTER "("SYSDB_NEXTID"=*)"
 
 #define SYSDB_UC "objectclass="SYSDB_USER_CLASS
@@ -139,6 +143,8 @@ struct sysdb_attrs {
 
 /* sysdb_attrs helper functions */
 struct sysdb_attrs *sysdb_new_attrs(TALLOC_CTX *memctx);
+
+/* values are copied in the structure, allocated on "attrs" */
 int sysdb_attrs_add_val(struct sysdb_attrs *attrs,
                         const char *name, const struct ldb_val *val);
 int sysdb_attrs_add_string(struct sysdb_attrs *attrs,
@@ -269,6 +275,7 @@ struct tevent_req *sysdb_search_entry_send(TALLOC_CTX *mem_ctx,
                                            struct tevent_context *ev,
                                            struct sysdb_handle *handle,
                                            struct ldb_dn *base_dn,
+                                           int scope,
                                            const char *filter,
                                            const char **attrs);
 int sysdb_search_entry_recv(struct tevent_req *req,
diff --git a/server/db/sysdb_ops.c b/server/db/sysdb_ops.c
index 785ce15e0..24d90b129 100644
--- a/server/db/sysdb_ops.c
+++ b/server/db/sysdb_ops.c
@@ -297,6 +297,7 @@ struct tevent_req *sysdb_search_entry_send(TALLOC_CTX *mem_ctx,
                                            struct tevent_context *ev,
                                            struct sysdb_handle *handle,
                                            struct ldb_dn *base_dn,
+                                           int scope,
                                            const char *filter,
                                            const char **attrs)
 {
@@ -314,8 +315,8 @@ struct tevent_req *sysdb_search_entry_send(TALLOC_CTX *mem_ctx,
     state->ldbreply = NULL;
 
     ret = ldb_build_search_req(&ldbreq, handle->ctx->ldb, state,
-                               base_dn, LDB_SCOPE_SUBTREE,
-                               filter, attrs, NULL, NULL, NULL, NULL);
+                               base_dn, scope, filter, attrs,
+                               NULL, NULL, NULL, NULL);
     if (ret != LDB_SUCCESS) {
         DEBUG(1, ("Failed to build search request: %s(%d)[%s]\n",
                   ldb_strerror(ret), ret, ldb_errstring(handle->ctx->ldb)));
@@ -423,7 +424,6 @@ struct tevent_req *sysdb_search_user_by_name_send(TALLOC_CTX *mem_ctx,
     struct sysdb_search_user_state *state;
     static const char *attrs[] = { SYSDB_NAME, SYSDB_UIDNUM, NULL };
     struct ldb_dn *base_dn;
-    char *filter;
     int ret;
 
     req = tevent_req_create(mem_ctx, &state, struct sysdb_search_user_state);
@@ -433,17 +433,12 @@ struct tevent_req *sysdb_search_user_by_name_send(TALLOC_CTX *mem_ctx,
     state->handle = handle;
     state->msg = NULL;
 
-    base_dn = ldb_dn_new_fmt(state, handle->ctx->ldb,
-                             SYSDB_TMPL_USER_BASE, domain->name);
+    base_dn = sysdb_user_dn(handle->ctx, state, domain->name, name);
     if (!base_dn)
         ERROR_OUT(ret, ENOMEM, fail);
 
-    filter = talloc_asprintf(state, SYSDB_PWNAM_FILTER, name);
-    if (!filter)
-        ERROR_OUT(ret, ENOMEM, fail);
-
-    subreq = sysdb_search_entry_send(state, ev, handle,
-                                     base_dn, filter, attrs);
+    subreq = sysdb_search_entry_send(state, ev, handle, base_dn,
+                                     LDB_SCOPE_BASE, NULL, attrs);
     if (!subreq) {
         ERROR_OUT(ret, ENOMEM, fail);
     }
@@ -486,8 +481,8 @@ struct tevent_req *sysdb_search_user_by_uid_send(TALLOC_CTX *mem_ctx,
     if (!filter)
         ERROR_OUT(ret, ENOMEM, fail);
 
-    subreq = sysdb_search_entry_send(state, ev, handle,
-                                     base_dn, filter, attrs);
+    subreq = sysdb_search_entry_send(state, ev, handle, base_dn,
+                                     LDB_SCOPE_ONELEVEL, filter, attrs);
     if (!subreq) {
         ERROR_OUT(ret, ENOMEM, fail);
     }
@@ -640,7 +635,6 @@ struct tevent_req *sysdb_search_group_by_name_send(TALLOC_CTX *mem_ctx,
     struct sysdb_search_group_state *state;
     static const char *attrs[] = { SYSDB_NAME, SYSDB_GIDNUM, NULL };
     struct ldb_dn *base_dn;
-    char *filter;
     int ret;
 
     req = tevent_req_create(mem_ctx, &state, struct sysdb_search_group_state);
@@ -650,17 +644,12 @@ struct tevent_req *sysdb_search_group_by_name_send(TALLOC_CTX *mem_ctx,
     state->handle = handle;
     state->msg = NULL;
 
-    base_dn = ldb_dn_new_fmt(state, handle->ctx->ldb,
-                             SYSDB_TMPL_GROUP_BASE, domain->name);
+    base_dn = sysdb_group_dn(handle->ctx, state, domain->name, name);
     if (!base_dn)
         ERROR_OUT(ret, ENOMEM, fail);
 
-    filter = talloc_asprintf(state, SYSDB_GRNAM_FILTER, name);
-    if (!filter)
-        ERROR_OUT(ret, ENOMEM, fail);
-
-    subreq = sysdb_search_entry_send(state, ev, handle,
-                                     base_dn, filter, attrs);
+    subreq = sysdb_search_entry_send(state, ev, handle, base_dn,
+                                     LDB_SCOPE_BASE, NULL, attrs);
     if (!subreq) {
         ERROR_OUT(ret, ENOMEM, fail);
     }
@@ -703,8 +692,8 @@ struct tevent_req *sysdb_search_group_by_gid_send(TALLOC_CTX *mem_ctx,
     if (!filter)
         ERROR_OUT(ret, ENOMEM, fail);
 
-    subreq = sysdb_search_entry_send(state, ev, handle,
-                                     base_dn, filter, attrs);
+    subreq = sysdb_search_entry_send(state, ev, handle, base_dn,
+                                     LDB_SCOPE_ONELEVEL, filter, attrs);
     if (!subreq) {
         ERROR_OUT(ret, ENOMEM, fail);
     }