summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorAndrew Bartlett <abartlet@samba.org>2005-12-30 08:36:25 +0000
committerGerald (Jerry) Carter <jerry@samba.org>2007-10-10 13:49:01 -0500
commit1c027f35d70b0719ba671034e897834b4bed9c4f (patch)
tree9db018f51c590ce53d701cf8211c4d1229ebbc3d
parent7ad708924b2ffa7447135a767084b881590b0a64 (diff)
downloadsamba-1c027f35d70b0719ba671034e897834b4bed9c4f.tar.gz
samba-1c027f35d70b0719ba671034e897834b4bed9c4f.tar.xz
samba-1c027f35d70b0719ba671034e897834b4bed9c4f.zip
r12598: Make the 'objectClass' part of the templating process actually work.
We need to add to the multivalued objectClass, not ignore it because the user has already specified a value. Also rename the template again. This was caught by more stringent tests in the unicodePwd module, but breaks MMC. A later commit will sort the objectClass. Andrew Bartlett (This used to be commit 0aaff059ba76c7eee86f37bfd74735c1c365d55f)
-rw-r--r--source4/dsdb/samdb/ldb_modules/samldb.c43
-rw-r--r--source4/setup/provision_templates.ldif6
-rw-r--r--source4/setup/provision_users.ldif10
3 files changed, 30 insertions, 29 deletions
diff --git a/source4/dsdb/samdb/ldb_modules/samldb.c b/source4/dsdb/samdb/ldb_modules/samldb.c
index cc4465b17db..84ffcdd1bee 100644
--- a/source4/dsdb/samdb/ldb_modules/samldb.c
+++ b/source4/dsdb/samdb/ldb_modules/samldb.c
@@ -305,22 +305,31 @@ static int samldb_copy_template(struct ldb_module *module, struct ldb_message *m
continue;
}
for (j = 0; j < el->num_values; j++) {
- if (strcasecmp(el->name, "objectClass") == 0 &&
- (strcasecmp((char *)el->values[j].data, "Template") == 0 ||
- strcasecmp((char *)el->values[j].data, "userTemplate") == 0 ||
- strcasecmp((char *)el->values[j].data, "groupTemplate") == 0 ||
- strcasecmp((char *)el->values[j].data, "foreignSecurityPrincipalTemplate") == 0 ||
- strcasecmp((char *)el->values[j].data, "aliasTemplate") == 0 ||
- strcasecmp((char *)el->values[j].data, "trustedDomainTemplate") == 0 ||
- strcasecmp((char *)el->values[j].data, "secretTemplate") == 0)) {
- continue;
- }
- if ( ! samldb_find_or_add_attribute(module, msg, el->name,
- NULL,
- (char *)el->values[j].data)) {
- ldb_debug(module->ldb, LDB_DEBUG_FATAL, "Attribute adding failed...\n");
- talloc_free(res);
- return -1;
+ if (strcasecmp(el->name, "objectClass") == 0) {
+ if (strcasecmp((char *)el->values[j].data, "Template") == 0 ||
+ strcasecmp((char *)el->values[j].data, "userTemplate") == 0 ||
+ strcasecmp((char *)el->values[j].data, "groupTemplate") == 0 ||
+ strcasecmp((char *)el->values[j].data, "foreignSecurityPrincipalTemplate") == 0 ||
+ strcasecmp((char *)el->values[j].data, "aliasTemplate") == 0 ||
+ strcasecmp((char *)el->values[j].data, "trustedDomainTemplate") == 0 ||
+ strcasecmp((char *)el->values[j].data, "secretTemplate") == 0) {
+ continue;
+ }
+ if ( ! samldb_find_or_add_attribute(module, msg, el->name,
+ (char *)el->values[j].data,
+ (char *)el->values[j].data)) {
+ ldb_debug(module->ldb, LDB_DEBUG_FATAL, "Attribute adding failed...\n");
+ talloc_free(res);
+ return -1;
+ }
+ } else {
+ if ( ! samldb_find_or_add_attribute(module, msg, el->name,
+ NULL,
+ (char *)el->values[j].data)) {
+ ldb_debug(module->ldb, LDB_DEBUG_FATAL, "Attribute adding failed...\n");
+ talloc_free(res);
+ return -1;
+ }
}
}
}
@@ -407,7 +416,7 @@ static struct ldb_message *samldb_fill_user_or_computer_object(struct ldb_module
}
if (samldb_find_attribute(msg, "objectclass", "computer") != NULL) {
- if (samldb_copy_template(module, msg2, "(&(CN=TemplateServer)(objectclass=userTemplate))") != 0) {
+ if (samldb_copy_template(module, msg2, "(&(CN=TemplateComputer)(objectclass=userTemplate))") != 0) {
ldb_debug(module->ldb, LDB_DEBUG_WARNING, "samldb_fill_user_or_computer_object: Error copying computer template!\n");
return NULL;
}
diff --git a/source4/setup/provision_templates.ldif b/source4/setup/provision_templates.ldif
index 6305b498f4e..7b0fe1994c7 100644
--- a/source4/setup/provision_templates.ldif
+++ b/source4/setup/provision_templates.ldif
@@ -38,11 +38,13 @@ logonCount: 0
sAMAccountType: 0x30000000
objectCategory: CN=Person,CN=Schema,CN=Configuration,${BASEDN}
-dn: CN=TemplateServer,CN=Templates,${BASEDN}
+dn: CN=TemplateComputer,CN=Templates,${BASEDN}
objectClass: top
+objectClass: person
+objectClass: organizationalPerson
objectClass: Template
objectClass: userTemplate
-cn: TemplateServer
+cn: TemplateComputer
instanceType: 4
userAccountControl: 0x1002
badPwdCount: 0
diff --git a/source4/setup/provision_users.ldif b/source4/setup/provision_users.ldif
index 5ec29869d81..c0029232689 100644
--- a/source4/setup/provision_users.ldif
+++ b/source4/setup/provision_users.ldif
@@ -1,7 +1,4 @@
dn: CN=Administrator,CN=Users,${BASEDN}
-objectClass: top
-objectClass: person
-objectClass: organizationalPerson
objectClass: user
cn: Administrator
description: Built-in account for administering the computer/domain
@@ -22,9 +19,6 @@ unicodePwd: ${ADMINPASS}
unixName: ${ROOT}
dn: CN=Guest,CN=Users,${BASEDN}
-objectClass: top
-objectClass: person
-objectClass: organizationalPerson
objectClass: user
cn: Guest
description: Built-in account for guest access to the computer/domain
@@ -83,10 +77,6 @@ privilege: SeRemoteInteractiveLogonRight
dn: CN=${NETBIOSNAME},OU=Domain Controllers,${BASEDN}
-objectClass: top
-objectClass: person
-objectClass: organizationalPerson
-objectClass: user
objectClass: computer
cn: ${NETBIOSNAME}
uSNCreated: 1