diff options
author | Andrew Bartlett <abartlet@samba.org> | 2005-12-30 08:36:25 +0000 |
---|---|---|
committer | Gerald (Jerry) Carter <jerry@samba.org> | 2007-10-10 13:49:01 -0500 |
commit | 1c027f35d70b0719ba671034e897834b4bed9c4f (patch) | |
tree | 9db018f51c590ce53d701cf8211c4d1229ebbc3d | |
parent | 7ad708924b2ffa7447135a767084b881590b0a64 (diff) | |
download | samba-1c027f35d70b0719ba671034e897834b4bed9c4f.tar.gz samba-1c027f35d70b0719ba671034e897834b4bed9c4f.tar.xz samba-1c027f35d70b0719ba671034e897834b4bed9c4f.zip |
r12598: Make the 'objectClass' part of the templating process actually work.
We need to add to the multivalued objectClass, not ignore it because
the user has already specified a value.
Also rename the template again.
This was caught by more stringent tests in the unicodePwd module, but
breaks MMC. A later commit will sort the objectClass.
Andrew Bartlett
(This used to be commit 0aaff059ba76c7eee86f37bfd74735c1c365d55f)
-rw-r--r-- | source4/dsdb/samdb/ldb_modules/samldb.c | 43 | ||||
-rw-r--r-- | source4/setup/provision_templates.ldif | 6 | ||||
-rw-r--r-- | source4/setup/provision_users.ldif | 10 |
3 files changed, 30 insertions, 29 deletions
diff --git a/source4/dsdb/samdb/ldb_modules/samldb.c b/source4/dsdb/samdb/ldb_modules/samldb.c index cc4465b17db..84ffcdd1bee 100644 --- a/source4/dsdb/samdb/ldb_modules/samldb.c +++ b/source4/dsdb/samdb/ldb_modules/samldb.c @@ -305,22 +305,31 @@ static int samldb_copy_template(struct ldb_module *module, struct ldb_message *m continue; } for (j = 0; j < el->num_values; j++) { - if (strcasecmp(el->name, "objectClass") == 0 && - (strcasecmp((char *)el->values[j].data, "Template") == 0 || - strcasecmp((char *)el->values[j].data, "userTemplate") == 0 || - strcasecmp((char *)el->values[j].data, "groupTemplate") == 0 || - strcasecmp((char *)el->values[j].data, "foreignSecurityPrincipalTemplate") == 0 || - strcasecmp((char *)el->values[j].data, "aliasTemplate") == 0 || - strcasecmp((char *)el->values[j].data, "trustedDomainTemplate") == 0 || - strcasecmp((char *)el->values[j].data, "secretTemplate") == 0)) { - continue; - } - if ( ! samldb_find_or_add_attribute(module, msg, el->name, - NULL, - (char *)el->values[j].data)) { - ldb_debug(module->ldb, LDB_DEBUG_FATAL, "Attribute adding failed...\n"); - talloc_free(res); - return -1; + if (strcasecmp(el->name, "objectClass") == 0) { + if (strcasecmp((char *)el->values[j].data, "Template") == 0 || + strcasecmp((char *)el->values[j].data, "userTemplate") == 0 || + strcasecmp((char *)el->values[j].data, "groupTemplate") == 0 || + strcasecmp((char *)el->values[j].data, "foreignSecurityPrincipalTemplate") == 0 || + strcasecmp((char *)el->values[j].data, "aliasTemplate") == 0 || + strcasecmp((char *)el->values[j].data, "trustedDomainTemplate") == 0 || + strcasecmp((char *)el->values[j].data, "secretTemplate") == 0) { + continue; + } + if ( ! samldb_find_or_add_attribute(module, msg, el->name, + (char *)el->values[j].data, + (char *)el->values[j].data)) { + ldb_debug(module->ldb, LDB_DEBUG_FATAL, "Attribute adding failed...\n"); + talloc_free(res); + return -1; + } + } else { + if ( ! samldb_find_or_add_attribute(module, msg, el->name, + NULL, + (char *)el->values[j].data)) { + ldb_debug(module->ldb, LDB_DEBUG_FATAL, "Attribute adding failed...\n"); + talloc_free(res); + return -1; + } } } } @@ -407,7 +416,7 @@ static struct ldb_message *samldb_fill_user_or_computer_object(struct ldb_module } if (samldb_find_attribute(msg, "objectclass", "computer") != NULL) { - if (samldb_copy_template(module, msg2, "(&(CN=TemplateServer)(objectclass=userTemplate))") != 0) { + if (samldb_copy_template(module, msg2, "(&(CN=TemplateComputer)(objectclass=userTemplate))") != 0) { ldb_debug(module->ldb, LDB_DEBUG_WARNING, "samldb_fill_user_or_computer_object: Error copying computer template!\n"); return NULL; } diff --git a/source4/setup/provision_templates.ldif b/source4/setup/provision_templates.ldif index 6305b498f4e..7b0fe1994c7 100644 --- a/source4/setup/provision_templates.ldif +++ b/source4/setup/provision_templates.ldif @@ -38,11 +38,13 @@ logonCount: 0 sAMAccountType: 0x30000000 objectCategory: CN=Person,CN=Schema,CN=Configuration,${BASEDN} -dn: CN=TemplateServer,CN=Templates,${BASEDN} +dn: CN=TemplateComputer,CN=Templates,${BASEDN} objectClass: top +objectClass: person +objectClass: organizationalPerson objectClass: Template objectClass: userTemplate -cn: TemplateServer +cn: TemplateComputer instanceType: 4 userAccountControl: 0x1002 badPwdCount: 0 diff --git a/source4/setup/provision_users.ldif b/source4/setup/provision_users.ldif index 5ec29869d81..c0029232689 100644 --- a/source4/setup/provision_users.ldif +++ b/source4/setup/provision_users.ldif @@ -1,7 +1,4 @@ dn: CN=Administrator,CN=Users,${BASEDN} -objectClass: top -objectClass: person -objectClass: organizationalPerson objectClass: user cn: Administrator description: Built-in account for administering the computer/domain @@ -22,9 +19,6 @@ unicodePwd: ${ADMINPASS} unixName: ${ROOT} dn: CN=Guest,CN=Users,${BASEDN} -objectClass: top -objectClass: person -objectClass: organizationalPerson objectClass: user cn: Guest description: Built-in account for guest access to the computer/domain @@ -83,10 +77,6 @@ privilege: SeRemoteInteractiveLogonRight dn: CN=${NETBIOSNAME},OU=Domain Controllers,${BASEDN} -objectClass: top -objectClass: person -objectClass: organizationalPerson -objectClass: user objectClass: computer cn: ${NETBIOSNAME} uSNCreated: 1 |