s4-dsdb: return an error if samAccountName is not specified when creating a user.

Makes sure samAccountName has been specified before adding a
user. This happened while I was trying to add a user with the
posixAccount objectclass. I forgot to specify the user objectClass,
and samba segfaulted. It now returns LDB_ERR_CONSTRAINT_VIOLATION.

Signed-off-by: Andrew Bartlett <abartlet@samba.org>

diff --git a/source4/dsdb/samdb/ldb_modules/password_hash.c b/source4/dsdb/samdb/ldb_modules/password_hash.c
index 4d4f500e87571591ffc7b827d89079bdc8308f0d..df4a3442987c9c9c0cbf356032573713929d3457 100644 (file)
--- a/source4/dsdb/samdb/ldb_modules/password_hash.c
+++ b/source4/dsdb/samdb/ldb_modules/password_hash.c
@@ -1487,6 +1487,13 @@ static int setup_io(struct ph_context *ac,
 
        io->n.lm_hash                   = samdb_result_hash(io->ac, new_msg, "dBCSPwd");
 
+       if(io->u.sAMAccountName == NULL)
+       {
+               ldb_asprintf_errstring(ldb, "samAccountName is missing on %s for attempted password set/change",
+                       ldb_dn_get_linearized(new_msg->dn));
+               return(LDB_ERR_CONSTRAINT_VIOLATION);
+       }
+
        return LDB_SUCCESS;
 }