diff options
| author | Kamen Mazdrashki <kamenim@samba.org> | 2015-01-12 04:46:38 +0200 |
|---|---|---|
| committer | Andrew Bartlett <abartlet@samba.org> | 2015-02-03 05:02:12 +0100 |
| commit | b37f7e619048593e267271f1b30af3f915fc422b (patch) | |
| tree | a2c0c40719c46807125f7e12fa1ea6f01476e891 /source4/dsdb | |
| parent | c9b0945199080b72ad454d49b310be0b66410124 (diff) | |
| download | samba-b37f7e619048593e267271f1b30af3f915fc422b.tar.gz samba-b37f7e619048593e267271f1b30af3f915fc422b.tar.xz samba-b37f7e619048593e267271f1b30af3f915fc422b.zip | |
s4-dsdb: Common helper for setting "sAMAccountType" on User objects
Change-Id: I4480e7d1ed0c754e960028e0be9a90ee56935e94
Signed-off-by: Kamen Mazdrashki <kamenim@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>
Diffstat (limited to 'source4/dsdb')
| -rw-r--r-- | source4/dsdb/common/util.c | 36 | ||||
| -rw-r--r-- | source4/dsdb/samdb/ldb_modules/samldb.c | 14 | ||||
| -rw-r--r-- | source4/dsdb/samdb/ldb_modules/tombstone_reanimate.c | 13 |
3 files changed, 43 insertions, 20 deletions
diff --git a/source4/dsdb/common/util.c b/source4/dsdb/common/util.c index 35d7b65b37..821ea56d68 100644 --- a/source4/dsdb/common/util.c +++ b/source4/dsdb/common/util.c @@ -4886,3 +4886,39 @@ int dsdb_user_obj_set_defaults(struct ldb_context *ldb, struct ldb_message *usr_ return LDB_SUCCESS; } + +/** + * Sets 'sAMAccountType on user object based on userAccountControl + * @param ldb Current ldb_context + * @param usr_obj ldb_message representing User object + * @param user_account_control Value for userAccountControl flags + * @param account_type_p Optional pointer to account_type to return + * @return LDB_SUCCESS or LDB_ERR* code on failure + */ +int dsdb_user_obj_set_account_type(struct ldb_context *ldb, struct ldb_message *usr_obj, + uint32_t user_account_control, uint32_t *account_type_p) +{ + int ret; + uint32_t account_type; + struct ldb_message_element *el; + + account_type = ds_uf2atype(user_account_control); + if (account_type == 0) { + ldb_set_errstring(ldb, "dsdb: Unrecognized account type!"); + return LDB_ERR_UNWILLING_TO_PERFORM; + } + ret = samdb_msg_add_uint(ldb, usr_obj, usr_obj, + "sAMAccountType", + account_type); + if (ret != LDB_SUCCESS) { + return ret; + } + el = ldb_msg_find_element(usr_obj, "sAMAccountType"); + el->flags = LDB_FLAG_MOD_REPLACE; + + if (account_type_p) { + *account_type_p = account_type; + } + + return LDB_SUCCESS; +} diff --git a/source4/dsdb/samdb/ldb_modules/samldb.c b/source4/dsdb/samdb/ldb_modules/samldb.c index 4681decdc1..8f61721464 100644 --- a/source4/dsdb/samdb/ldb_modules/samldb.c +++ b/source4/dsdb/samdb/ldb_modules/samldb.c @@ -1018,7 +1018,7 @@ static int samldb_objectclass_trigger(struct samldb_ctx *ac) el = ldb_msg_find_element(ac->msg, "userAccountControl"); if (el != NULL) { - uint32_t user_account_control, account_type; + uint32_t user_account_control; /* Step 1.3: "userAccountControl" -> "sAMAccountType" mapping */ user_account_control = ldb_msg_find_attr_as_uint(ac->msg, "userAccountControl", @@ -1061,19 +1061,11 @@ static int samldb_objectclass_trigger(struct samldb_ctx *ac) return LDB_ERR_OBJECT_CLASS_VIOLATION; } - account_type = ds_uf2atype(user_account_control); - if (account_type == 0) { - ldb_set_errstring(ldb, "samldb: Unrecognized account type!"); - return LDB_ERR_UNWILLING_TO_PERFORM; - } - ret = samdb_msg_add_uint(ldb, ac->msg, ac->msg, - "sAMAccountType", - account_type); + /* add "sAMAccountType" attribute */ + ret = dsdb_user_obj_set_account_type(ldb, ac->msg, user_account_control, NULL); if (ret != LDB_SUCCESS) { return ret; } - el2 = ldb_msg_find_element(ac->msg, "sAMAccountType"); - el2->flags = LDB_FLAG_MOD_REPLACE; /* "isCriticalSystemObject" might be set */ if (user_account_control & diff --git a/source4/dsdb/samdb/ldb_modules/tombstone_reanimate.c b/source4/dsdb/samdb/ldb_modules/tombstone_reanimate.c index 298567eafb..bbcad631cb 100644 --- a/source4/dsdb/samdb/ldb_modules/tombstone_reanimate.c +++ b/source4/dsdb/samdb/ldb_modules/tombstone_reanimate.c @@ -249,23 +249,18 @@ static int _tr_restore_attributes(struct ldb_context *ldb, struct ldb_message *c "operatorCount", "0"); if (ret != LDB_SUCCESS) return ret; - /* restore "sAMAccountType" */ + /* "userAccountControl" must exists on deleted object */ user_account_control = ldb_msg_find_attr_as_uint(cur_msg, "userAccountControl", (uint32_t)-1); if (user_account_control == (uint32_t)-1) { return ldb_error(ldb, LDB_ERR_OPERATIONS_ERROR, "reanimate: No 'userAccountControl' attribute found!"); } - account_type = ds_uf2atype(user_account_control); - if (account_type == 0) { - ldb_set_errstring(ldb, "reanimate: Unrecognized account type!"); - return LDB_ERR_UNWILLING_TO_PERFORM; - } - ret = samdb_msg_add_uint(ldb, new_msg, new_msg, "sAMAccountType", account_type); + + /* restore "sAMAccountType" */ + ret = dsdb_user_obj_set_account_type(ldb, new_msg, user_account_control, NULL); if (ret != LDB_SUCCESS) { return ret; } - el = ldb_msg_find_element(new_msg, "sAMAccountType"); - el->flags = LDB_FLAG_MOD_REPLACE; /* "userAccountControl" -> "primaryGroupID" mapping */ if (!ldb_msg_find_element(new_msg, "primaryGroupID")) { |