s4-dsdb: added NO_GLOBAL_CATALOG control

this control is used to ask samdb to not return searches with a basedn
in partial repica partitions, which is needed to support the
difference between a search on the 3268 GC ldap port and the non-GC
389 port

diff --git a/source4/dsdb/common/util.c b/source4/dsdb/common/util.c
index f5443ea59d2d8b6657caa4a376dc454d3ac50133..cf28f1dd01238e9a08e2dd88cecbf519eb9a2492 100644 (file)
--- a/source4/dsdb/common/util.c
+++ b/source4/dsdb/common/util.c
@@ -2752,7 +2752,7 @@ WERROR dsdb_savereps(struct ldb_context *sam_ctx, TALLOC_CTX *mem_ctx, struct ld
                el->values[i] = v;
        }
 
-       if (ldb_modify(sam_ctx, msg) != LDB_SUCCESS) {
+       if (dsdb_modify(sam_ctx, msg, 0) != LDB_SUCCESS) {
                DEBUG(0,("Failed to store %s - %s\n", attr, ldb_errstring(sam_ctx)));
                goto failed;
        }
@@ -3658,6 +3658,15 @@ int dsdb_request_add_controls(struct ldb_request *req, uint32_t dsdb_flags)
                }
        }
 
+       if (dsdb_flags & DSDB_SEARCH_NO_GLOBAL_CATALOG) {
+               ret = ldb_request_add_control(req,
+                                             DSDB_CONTROL_NO_GLOBAL_CATALOG,
+                                             false, NULL);
+               if (ret != LDB_SUCCESS) {
+                       return ret;
+               }
+       }
+
        if (dsdb_flags & DSDB_SEARCH_SHOW_DELETED) {
                ret = ldb_request_add_control(req, LDB_CONTROL_SHOW_DELETED_OID, true, NULL);
                if (ret != LDB_SUCCESS) {

diff --git a/source4/dsdb/common/util.h b/source4/dsdb/common/util.h
index 0140f2956e6a892130c93a7791fea968a5ac777c..75ef49e1c33749fc034afb3c66dc5b4f60bbd58c 100644 (file)
--- a/source4/dsdb/common/util.h
+++ b/source4/dsdb/common/util.h
@@ -36,6 +36,7 @@
 #define DSDB_SEARCH_SHOW_RECYCLED            0x0400
 #define DSDB_PROVISION                       0x0800
 #define DSDB_BYPASS_PASSWORD_HASH            0x1000
+#define DSDB_SEARCH_NO_GLOBAL_CATALOG        0x2000
 
 bool is_attr_in_list(const char * const * attrs, const char *attr);
 

diff --git a/source4/dsdb/samdb/samdb.h b/source4/dsdb/samdb/samdb.h
index 8fb7b644ad96e5421aacf79ad52430543582f4f4..f60f34b2aec9ad0932dd0830aa2a5d40e1bbbea0 100644 (file)
--- a/source4/dsdb/samdb/samdb.h
+++ b/source4/dsdb/samdb/samdb.h
@@ -82,6 +82,9 @@ struct dsdb_control_password_change_status {
 
 #define DSDB_CONTROL_PASSWORD_CHANGE_OID "1.3.6.1.4.1.7165.4.3.10"
 
+/* passed when we want to get the behaviour of the non-global catalog port */
+#define DSDB_CONTROL_NO_GLOBAL_CATALOG "1.3.6.1.4.1.7165.4.3.17"
+
 struct dsdb_control_password_change {
        const struct samr_Password *old_nt_pwd_hash;
        const struct samr_Password *old_lm_pwd_hash;

diff --git a/source4/setup/schema_samba4.ldif b/source4/setup/schema_samba4.ldif
index 1102fcd8d4ef024dbc937c06b8bc6b6c8f7a5461..aa3426dbf8e0bd55133f7ba66bf85fd8ad685c73 100644 (file)
--- a/source4/setup/schema_samba4.ldif
+++ b/source4/setup/schema_samba4.ldif
@@ -191,6 +191,7 @@
 #Allocated: DSDB_CONTROL_CHANGEREPLMETADATA_OID 1.3.6.1.4.1.7165.4.3.14
 #Allocated: (not used anymore) DSDB_CONTROL_SEARCH_APPLY_ACCESS 1.3.6.1.4.1.7165.4.3.15
 #Allocated: LDB_CONTROL_PROVISION_OID 1.3.6.1.4.1.7165.4.3.16
+#Allocated: DSDB_CONTROL_NO_GLOBAL_CATALOG 1.3.6.1.4.1.7165.4.3.17
 
 # Extended 1.3.6.1.4.1.7165.4.4.x
 #Allocated: DSDB_EXTENDED_REPLICATED_OBJECTS_OID 1.3.6.1.4.1.7165.4.4.1