dsdb: Allow dsdb_find_dn_by_guid to show deleted DNs

This helps us in the KCC as we need to return the deleted DN for the GUID
in DsReplicaGetInfo calls (tested for deleted servers against Windows 2008R2).

Andrew Bartlett

Reviewed-by: Stefan Metzmacher <metze@samba.org>

diff --git a/source4/dsdb/common/util.c b/source4/dsdb/common/util.c
index 8e407768ffaeb89cdc51fd0471664e7566a6ed56..7a243c3d3769bae622de43ce1385b00a0cd56788 100644 (file)
--- a/source4/dsdb/common/util.c
+++ b/source4/dsdb/common/util.c
@@ -2458,7 +2458,9 @@ struct ldb_dn *samdb_domain_to_dn(struct ldb_context *ldb, TALLOC_CTX *mem_ctx,
  */
 int dsdb_find_dn_by_guid(struct ldb_context *ldb, 
                         TALLOC_CTX *mem_ctx,
-                        const struct GUID *guid, struct ldb_dn **dn)
+                        const struct GUID *guid,
+                        uint32_t dsdb_flags,
+                        struct ldb_dn **dn)
 {
        int ret;
        struct ldb_result *res;
@@ -2472,7 +2474,7 @@ int dsdb_find_dn_by_guid(struct ldb_context *ldb,
        ret = dsdb_search(ldb, mem_ctx, &res, NULL, LDB_SCOPE_SUBTREE, attrs,
                          DSDB_SEARCH_SEARCH_ALL_PARTITIONS |
                          DSDB_SEARCH_SHOW_EXTENDED_DN |
-                         DSDB_SEARCH_ONE_ONLY,
+                         DSDB_SEARCH_ONE_ONLY | dsdb_flags,
                          "objectGUID=%s", guid_str);
        talloc_free(guid_str);
        if (ret != LDB_SUCCESS) {

diff --git a/source4/dsdb/kcc/kcc_connection.c b/source4/dsdb/kcc/kcc_connection.c
index ea6383342c46651dc26cb282a20437a5e8d4553c..f85ed13f5532df079d41bfb3f9bb5541d9ca1d16 100644 (file)
--- a/source4/dsdb/kcc/kcc_connection.c
+++ b/source4/dsdb/kcc/kcc_connection.c
@@ -70,7 +70,7 @@ static int kccsrv_add_connection(struct kccsrv_service *s,
                ret = LDB_ERR_INVALID_DN_SYNTAX;
                goto done;
        }
-       ret = dsdb_find_dn_by_guid(s->samdb, tmp_ctx, &conn->dsa_guid, &server_dn);
+       ret = dsdb_find_dn_by_guid(s->samdb, tmp_ctx, &conn->dsa_guid, 0, &server_dn);
        if (ret != LDB_SUCCESS) {
                DEBUG(0, ("failed to find fromServer DN '%s'\n",
                          GUID_string(tmp_ctx, &conn->dsa_guid)));
@@ -111,7 +111,7 @@ static int kccsrv_delete_connection(struct kccsrv_service *s,
        int ret;
 
        tmp_ctx = talloc_new(s);
-       ret = dsdb_find_dn_by_guid(s->samdb, tmp_ctx, &conn->obj_guid, &dn);
+       ret = dsdb_find_dn_by_guid(s->samdb, tmp_ctx, &conn->obj_guid, 0, &dn);
        if (ret != LDB_SUCCESS) {
                DEBUG(0, ("failed to find nTDSConnection's DN: %s\n",
                          ldb_strerror(ret)));

diff --git a/source4/dsdb/kcc/kcc_drs_replica_info.c b/source4/dsdb/kcc/kcc_drs_replica_info.c
index 7aa7f5a0f4fb39a667090fbed72483a7ec8fd7ea..ac22312a0cecacc43d7ec11743da7f035bd1cecb 100644 (file)
--- a/source4/dsdb/kcc/kcc_drs_replica_info.c
+++ b/source4/dsdb/kcc/kcc_drs_replica_info.c
@@ -533,6 +533,7 @@ static WERROR fill_neighbor_from_repsFrom(TALLOC_CTX *mem_ctx,
        neigh->source_dsa_obj_guid = reps_from->source_dsa_obj_guid;
 
        ret = dsdb_find_dn_by_guid(samdb, mem_ctx, &reps_from->source_dsa_obj_guid,
+                                  DSDB_SEARCH_SHOW_RECYCLED,
                                   &source_dsa_dn);
 
        if (ret != LDB_SUCCESS) {
@@ -544,13 +545,15 @@ static WERROR fill_neighbor_from_repsFrom(TALLOC_CTX *mem_ctx,
        neigh->source_dsa_obj_dn = ldb_dn_get_linearized(source_dsa_dn);
        neigh->naming_context_dn = ldb_dn_get_linearized(nc_dn);
 
-       if (dsdb_find_guid_by_dn(samdb, nc_dn, &neigh->naming_context_obj_guid)
+       if (dsdb_find_guid_by_dn(samdb, nc_dn,
+                                &neigh->naming_context_obj_guid)
                        != LDB_SUCCESS) {
                return WERR_DS_DRA_INTERNAL_ERROR;
        }
 
        if (!GUID_all_zero(&reps_from->transport_guid)) {
                ret = dsdb_find_dn_by_guid(samdb, mem_ctx, &reps_from->transport_guid,
+                                          DSDB_SEARCH_SHOW_RECYCLED,
                                           &transport_obj_dn);
                if (ret != LDB_SUCCESS) {
                        return WERR_DS_DRA_INTERNAL_ERROR;
@@ -668,7 +671,10 @@ static WERROR fill_neighbor_from_repsTo(TALLOC_CTX *mem_ctx,
        neigh->last_attempt = reps_to->last_attempt;
        neigh->source_dsa_obj_guid = reps_to->source_dsa_obj_guid;
 
-       ret = dsdb_find_dn_by_guid(samdb, mem_ctx, &reps_to->source_dsa_obj_guid, &source_dsa_dn);
+       ret = dsdb_find_dn_by_guid(samdb, mem_ctx,
+                                  &reps_to->source_dsa_obj_guid,
+                                  DSDB_SEARCH_SHOW_RECYCLED,
+                                  &source_dsa_dn);
        if (ret != LDB_SUCCESS) {
                DEBUG(0,(__location__ ": Failed to find DN for neighbor GUID %s\n",
                         GUID_string(mem_ctx, &reps_to->source_dsa_obj_guid)));

diff --git a/source4/dsdb/repl/drepl_partitions.c b/source4/dsdb/repl/drepl_partitions.c
index 2a16a4502f280347c1f154c5e38287c519ed37fc..4c5dde27f7738d6a7a6338e7008503661ccab73b 100644 (file)
--- a/source4/dsdb/repl/drepl_partitions.c
+++ b/source4/dsdb/repl/drepl_partitions.c
@@ -172,7 +172,7 @@ NTSTATUS dreplsrv_get_target_principal(struct dreplsrv_service *s,
        tmp_ctx = talloc_new(mem_ctx);
 
        /* we need to find their hostname */
-       ret = dsdb_find_dn_by_guid(s->samdb, tmp_ctx, &rft->source_dsa_obj_guid, &ntds_dn);
+       ret = dsdb_find_dn_by_guid(s->samdb, tmp_ctx, &rft->source_dsa_obj_guid, 0, &ntds_dn);
        if (ret != LDB_SUCCESS) {
                talloc_free(tmp_ctx);
                /* its OK for their NTDSDSA DN not to be in our database */

diff --git a/source4/rpc_server/drsuapi/getncchanges.c b/source4/rpc_server/drsuapi/getncchanges.c
index 219ddbc9f37690616839478bcd6a042ddbb7b3d4..5ee87cbfbfaba5845b8ed01ee46c2ebfd9a8cf99 100644 (file)
--- a/source4/rpc_server/drsuapi/getncchanges.c
+++ b/source4/rpc_server/drsuapi/getncchanges.c
@@ -452,7 +452,7 @@ static WERROR get_nc_changes_add_la(TALLOC_CTX *mem_ctx,
                                sa->lDAPDisplayName, ldb_dn_get_linearized(msg->dn)));
                        return ntstatus_to_werror(status);
                }
-               ret = dsdb_find_dn_by_guid(sam_ctx, mem_ctx, &guid, &tdn);
+               ret = dsdb_find_dn_by_guid(sam_ctx, mem_ctx, &guid, 0, &tdn);
                if (ret == LDB_ERR_NO_SUCH_OBJECT) {
                        DEBUG(2, (" Search of guid %s returned 0 objects, skipping it !\n",
                                                GUID_string(mem_ctx, &guid)));
@@ -1151,7 +1151,7 @@ static WERROR getncchanges_change_master(struct drsuapi_bind_state *b_state,
        W_ERROR_HAVE_NO_MEMORY(msg->dn);
 
        /* TODO: make sure ntds_dn is a valid nTDSDSA object */
-       ret = dsdb_find_dn_by_guid(ldb, msg, &req10->destination_dsa_guid, &ntds_dn);
+       ret = dsdb_find_dn_by_guid(ldb, msg, &req10->destination_dsa_guid, 0, &ntds_dn);
        if (ret != LDB_SUCCESS) {
                DEBUG(0, (__location__ ": Unable to find NTDS object for guid %s - %s\n",
                          GUID_string(mem_ctx, &req10->destination_dsa_guid), ldb_errstring(ldb)));