* Construct an hdb_entry from a directory entry.
*/
static krb5_error_code samba_kdc_message2entry(krb5_context context,
- struct samba_kdc_db_context *kdc_db_ctx,
- TALLOC_CTX *mem_ctx, krb5_const_principal principal,
- enum samba_kdc_ent_type ent_type,
- struct ldb_dn *realm_dn,
- struct ldb_message *msg,
- hdb_entry_ex *entry_ex)
+ struct samba_kdc_db_context *kdc_db_ctx,
+ TALLOC_CTX *mem_ctx, krb5_const_principal principal,
+ enum samba_kdc_ent_type ent_type,
+ unsigned flags,
+ struct ldb_dn *realm_dn,
+ struct ldb_message *msg,
+ hdb_entry_ex *entry_ex)
{
struct loadparm_context *lp_ctx = kdc_db_ctx->lp_ctx;
uint32_t userAccountControl;
}
}
- {
+ if (flags & HDB_F_ADMIN_DATA) {
/* These (created_by, modified_by) parts of the entry are not relevant for Samba4's use
* of the Heimdal KDC. They are stored in a the traditional
* DB for audit purposes, and still form part of the structure
}
ret = samba_kdc_message2entry(context, kdc_db_ctx, mem_ctx,
- principal, SAMBA_KDC_ENT_TYPE_CLIENT,
- realm_dn, msg, entry_ex);
+ principal, SAMBA_KDC_ENT_TYPE_CLIENT,
+ flags,
+ realm_dn, msg, entry_ex);
return ret;
}
principal = alloc_principal;
ret = samba_kdc_message2entry(context, kdc_db_ctx, mem_ctx,
- principal, SAMBA_KDC_ENT_TYPE_KRBTGT,
- realm_dn, msg, entry_ex);
+ principal, SAMBA_KDC_ENT_TYPE_KRBTGT,
+ flags, realm_dn, msg, entry_ex);
if (ret != 0) {
krb5_warnx(context, "samba_kdc_fetch: self krbtgt message2entry failed");
}
}
ret = samba_kdc_message2entry(context, kdc_db_ctx, mem_ctx,
- principal, SAMBA_KDC_ENT_TYPE_SERVER,
- realm_dn, msg, entry_ex);
+ principal, SAMBA_KDC_ENT_TYPE_SERVER,
+ flags,
+ realm_dn, msg, entry_ex);
if (ret != 0) {
krb5_warnx(context, "samba_kdc_fetch: message2entry failed");
}
if (priv->index < priv->count) {
ret = samba_kdc_message2entry(context, kdc_db_ctx, mem_ctx,
- NULL, SAMBA_KDC_ENT_TYPE_ANY,
- priv->realm_dn, priv->msgs[priv->index++], entry);
+ NULL, SAMBA_KDC_ENT_TYPE_ANY,
+ HDB_F_ADMIN_DATA|HDB_F_GET_ANY,
+ priv->realm_dn, priv->msgs[priv->index++], entry);
} else {
ret = HDB_ERR_NOENTRY;
}