s4:dsdb Allow the setting an override on the schema

The change here is to try and convert a per the previous rules, but if
we don't know a particular OID as a attributeID, then store it as an
OID (for example).  This allows known values to be converted as
before, but still copes with unknown values.

Andrew Bartlett

Signed-off-by: Kamen Mazdrashki <kamenim@samba.org>

diff --git a/source4/dsdb/schema/schema.h b/source4/dsdb/schema/schema.h
index 9762a2ba988665702a46d3a8c2dc0b52b39bcaf4..0cbc21868fcfa13000810ebb1020ae2524c2ce2f 100644 (file)
--- a/source4/dsdb/schema/schema.h
+++ b/source4/dsdb/schema/schema.h
@@ -221,6 +221,9 @@ struct dsdb_schema {
        bool refresh_in_progress;
        /* an 'opaque' sequence number that the reload function may also wish to use */
        uint64_t reload_seq_number;
+
+       /* Should the syntax handlers in this case handle all incoming OIDs automatically, assigning them as an OID if no text name is known? */
+       bool relax_OID_conversions;
 };
 
 enum dsdb_attr_list_query {

diff --git a/source4/dsdb/schema/schema_syntax.c b/source4/dsdb/schema/schema_syntax.c
index 51c1b29f355b5ab49c9ce2ba64fe3131c0936a2a..193d62dfcca3bcf11e7275c8cfb142abb80e0071 100644 (file)
--- a/source4/dsdb/schema/schema_syntax.c
+++ b/source4/dsdb/schema/schema_syntax.c
@@ -1211,6 +1211,8 @@ static WERROR dsdb_syntax_OID_drsuapi_to_ldb(struct ldb_context *ldb,
                                             TALLOC_CTX *mem_ctx,
                                             struct ldb_message_element *out)
 {
+       WERROR werr;
+
        switch (attr->attributeID_id) {
        case DRSUAPI_ATTRIBUTE_objectClass:
        case DRSUAPI_ATTRIBUTE_subClassOf:
@@ -1218,23 +1220,35 @@ static WERROR dsdb_syntax_OID_drsuapi_to_ldb(struct ldb_context *ldb,
        case DRSUAPI_ATTRIBUTE_systemAuxiliaryClass:
        case DRSUAPI_ATTRIBUTE_systemPossSuperiors:
        case DRSUAPI_ATTRIBUTE_possSuperiors:
-               return _dsdb_syntax_OID_obj_drsuapi_to_ldb(ldb, schema, attr, in, mem_ctx, out);
+               werr = _dsdb_syntax_OID_obj_drsuapi_to_ldb(ldb, schema, attr, in, mem_ctx, out);
+               break;
        case DRSUAPI_ATTRIBUTE_systemMustContain:
        case DRSUAPI_ATTRIBUTE_systemMayContain:        
        case DRSUAPI_ATTRIBUTE_mustContain:
        case DRSUAPI_ATTRIBUTE_rDNAttId:
        case DRSUAPI_ATTRIBUTE_transportAddressAttribute:
        case DRSUAPI_ATTRIBUTE_mayContain:
-               return _dsdb_syntax_OID_attr_drsuapi_to_ldb(ldb, schema, attr, in, mem_ctx, out);
+               werr = _dsdb_syntax_OID_attr_drsuapi_to_ldb(ldb, schema, attr, in, mem_ctx, out);
+               break;
        case DRSUAPI_ATTRIBUTE_governsID:
        case DRSUAPI_ATTRIBUTE_attributeID:
        case DRSUAPI_ATTRIBUTE_attributeSyntax:
+               werr = _dsdb_syntax_OID_oid_drsuapi_to_ldb(ldb, schema, attr, in, mem_ctx, out);
+               break;
+       default:
+               DEBUG(0,(__location__ ": Unknown handling for attributeID_id for %s\n",
+                        attr->lDAPDisplayName));
+               return _dsdb_syntax_auto_OID_drsuapi_to_ldb(ldb, schema, attr, in, mem_ctx, out);
+       }
+
+       /* When we are doing the vampire of a schema, we don't want
+        * the inablity to reference an OID to get in the way.
+        * Otherwise, we won't get the new schema with which to
+        * understand this */
+       if (!W_ERROR_IS_OK(werr) && schema->relax_OID_conversions) {
                return _dsdb_syntax_OID_oid_drsuapi_to_ldb(ldb, schema, attr, in, mem_ctx, out);
        }
-
-       DEBUG(0,(__location__ ": Unknown handling for attributeID_id for %s\n",
-                attr->lDAPDisplayName));
-       return _dsdb_syntax_auto_OID_drsuapi_to_ldb(ldb, schema, attr, in, mem_ctx, out);
+       return werr;
 }
 
 static WERROR dsdb_syntax_OID_ldb_to_drsuapi(struct ldb_context *ldb, 

diff --git a/source4/libnet/libnet_vampire.c b/source4/libnet/libnet_vampire.c
index 8a9ba12141b93454475c58340b9a1492b23c42fc..f7c2d66fc6a296d437b7f8006b4fb93e8e020174 100644 (file)
--- a/source4/libnet/libnet_vampire.c
+++ b/source4/libnet/libnet_vampire.c
@@ -60,6 +60,7 @@ struct libnet_vampire_cb_state {
        const char *realm;
        struct cli_credentials *machine_account;
        struct dsdb_schema *self_made_schema;
+       struct dsdb_schema *provision_schema;
        const struct dsdb_schema *schema;
 
        struct ldb_context *ldb;
@@ -139,6 +140,7 @@ NTSTATUS libnet_vampire_cb_prepare_db(void *private_data,
 
        s->ldb = talloc_steal(s, result.samdb);
        s->lp_ctx = talloc_steal(s, result.lp_ctx);
+       s->provision_schema = dsdb_get_schema(s->ldb, s);
 
        /* wrap the entire vapire operation in a transaction.  This
           isn't just cosmetic - we use this to ensure that linked
@@ -249,6 +251,8 @@ static NTSTATUS libnet_vampire_cb_apply_schema(struct libnet_vampire_cb_state *s
        NT_STATUS_HAVE_NO_MEMORY(tmp_dns_name);
        s_dsa->other_info->dns_name = tmp_dns_name;
 
+       s->provision_schema->relax_OID_conversions = true;
+
        /* Now convert the schema elements again, using the schema we just imported */
        status = dsdb_extended_replicated_objects_convert(s->ldb,
                                                          c->partition->nc.dn,