r3788: give new accounts and groups a objectGUID

metze
(This used to be commit 4839ea156fea95743127753c194fbc23ccf732fd)

1 files changed, 27 insertions, 16 deletions

diff --git a/source4/rpc_server/samr/dcesrv_samr.c b/source4/rpc_server/samr/dcesrv_samr.c
index 6aec38a4fb..6d67c974fd 100644
--- a/source4/rpc_server/samr/dcesrv_samr.c
+++ b/source4/rpc_server/samr/dcesrv_samr.c
@@ -418,7 +418,8 @@ static NTSTATUS samr_CreateDomainGroup(struct dcesrv_call_state *dce_call, TALLO
 	const char *name;
 	struct ldb_message msg;
 	uint32_t rid;
-	const char *groupname, *sidstr;
+	const char *groupname, *sidstr, *guidstr;
+	struct GUID guid;
 	time_t now = time(NULL);
 	struct dcesrv_handle *g_handle;
 	int ret;
@@ -469,26 +470,27 @@ static NTSTATUS samr_CreateDomainGroup(struct dcesrv_call_state *dce_call, TALLO
 		return NT_STATUS_NO_MEMORY;
 	}
 
+	/* a new GUID */
+	guid = GUID_random();
+	guidstr = GUID_string(mem_ctx, &guid);
+	if (!guidstr) {
+		return NT_STATUS_NO_MEMORY;
+	}
+
 	/* add core elements to the ldb_message for the user */
 	msg.dn = talloc_asprintf(mem_ctx, "CN=%s,CN=Users,%s", groupname,
 				 d_state->domain_dn);
 	if (!msg.dn) {
 		return NT_STATUS_NO_MEMORY;
 	}
-	samdb_msg_add_string(d_state->sam_ctx, mem_ctx, &msg,
-			     "name", groupname);
-	samdb_msg_add_string(d_state->sam_ctx, mem_ctx, &msg,
-			     "cn", groupname);
-	samdb_msg_add_string(d_state->sam_ctx, mem_ctx, &msg,
-			     "sAMAccountName", groupname);
-	samdb_msg_add_string(d_state->sam_ctx, mem_ctx, &msg,
-			     "objectClass", "group");
-	samdb_msg_add_string(d_state->sam_ctx, mem_ctx, &msg,
-			     "objectSid", sidstr);
-	samdb_msg_set_ldaptime(d_state->sam_ctx, mem_ctx, &msg,
-			       "whenCreated", now);
-	samdb_msg_set_ldaptime(d_state->sam_ctx, mem_ctx, &msg,
-			       "whenChanged", now);
+	samdb_msg_add_string(d_state->sam_ctx, mem_ctx, &msg, "name", groupname);
+	samdb_msg_add_string(d_state->sam_ctx, mem_ctx, &msg, "cn", groupname);
+	samdb_msg_add_string(d_state->sam_ctx, mem_ctx, &msg, "sAMAccountName", groupname);
+	samdb_msg_add_string(d_state->sam_ctx, mem_ctx, &msg, "objectClass", "group");
+	samdb_msg_add_string(d_state->sam_ctx, mem_ctx, &msg, "objectSid", sidstr);
+	samdb_msg_add_string(d_state->sam_ctx, mem_ctx, &msg, "objectGUID", guidstr);
+	samdb_msg_set_ldaptime(d_state->sam_ctx, mem_ctx, &msg, "whenCreated", now);
+	samdb_msg_set_ldaptime(d_state->sam_ctx, mem_ctx, &msg, "whenChanged", now);
 			     
 	/* create the group */
 	ret = samdb_add(d_state->sam_ctx, mem_ctx, &msg);
@@ -552,7 +554,8 @@ static NTSTATUS samr_CreateUser2(struct dcesrv_call_state *dce_call, TALLOC_CTX
 	const char *name;
 	struct ldb_message msg;
 	uint32_t rid;
-	const char *account_name, *sidstr;
+	const char *account_name, *sidstr, *guidstr;
+	struct GUID guid;
 	time_t now = time(NULL);
 	struct dcesrv_handle *u_handle;
 	int ret;
@@ -648,6 +651,13 @@ static NTSTATUS samr_CreateUser2(struct dcesrv_call_state *dce_call, TALLOC_CTX
 		return NT_STATUS_NO_MEMORY;
 	}
 
+	/* a new GUID */
+	guid = GUID_random();
+	guidstr = GUID_string(mem_ctx, &guid);
+	if (!guidstr) {
+		return NT_STATUS_NO_MEMORY;
+	}
+
 	/* add core elements to the ldb_message for the user */
 	msg.dn = talloc_asprintf(mem_ctx, "CN=%s,CN=%s,%s", account_name, container, d_state->domain_dn);
 	if (!msg.dn) {
@@ -661,6 +671,7 @@ static NTSTATUS samr_CreateUser2(struct dcesrv_call_state *dce_call, TALLOC_CTX
 		samdb_msg_add_string(d_state->sam_ctx, mem_ctx, &msg, "objectClass", additional_class);
 	}
 	samdb_msg_add_string(d_state->sam_ctx, mem_ctx, &msg, "objectSid", sidstr);
+	samdb_msg_add_string(d_state->sam_ctx, mem_ctx, &msg, "objectGUID", guidstr);
 	samdb_msg_set_ldaptime(d_state->sam_ctx, mem_ctx, &msg, "whenCreated", now);
 	samdb_msg_set_ldaptime(d_state->sam_ctx, mem_ctx, &msg, "whenChanged", now);