s4:dsdb/rootdse: expand extended dn values with the AS_SYSTEM control

Otherwise we can't find the GUID of the 'serverName' attribute
as ANONYMOUS.

This results in

  root@ub1204-161:~# ldbsearch -U% -H ldap://172.31.9.161 -b '' -s base --extended-dn serverName
  search error - LDAP error 1 LDAP_OPERATIONS_ERROR -  <00002020: operations error at ../source4/dsdb/samdb/ldb_modules/rootdse.c:567> <>

While it works as system:

  root@ub1204-161:~# ldbsearch -U% -H /var/lib/samba/private/sam.ldb -b '' -s base --extended-dn serverName
  # record 1
  dn:
  serverName: <GUID=348c35e1-04e3-4988-a32c-32478d584551>;CN=UB1204-161,CN=Serve
   rs,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=s4xdom,DC=base

  # returned 1 records
  # 1 entries
  # 0 referrals

Bug: https://bugzilla.samba.org/show_bug.cgi?id=10949

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Guenther Deschner <gd@samba.org>
(cherry picked from commit a6ecef4532e4529a819219cd814e2979c2df0797)

diff --git a/source4/dsdb/samdb/ldb_modules/rootdse.c b/source4/dsdb/samdb/ldb_modules/rootdse.c
index 167201ec60a1378473b5c4bbc8a42d499bebd65b..9122a6734d874176b3dac19ce67a1f3f458afb50 100644 (file)
--- a/source4/dsdb/samdb/ldb_modules/rootdse.c
+++ b/source4/dsdb/samdb/ldb_modules/rootdse.c
@@ -131,10 +131,8 @@ static int expand_dn_in_message(struct ldb_module *module, struct ldb_message *m
                        return ret;
                }
 
-
-               ret = ldb_request_add_control(req2,
-                                       LDB_CONTROL_EXTENDED_DN_OID,
-                                       edn_control->critical, edn);
+               ret = dsdb_request_add_controls(req2, DSDB_FLAG_AS_SYSTEM |
+                                               DSDB_SEARCH_SHOW_EXTENDED_DN);
                if (ret != LDB_SUCCESS) {
                        talloc_free(tmp_ctx);
                        return ldb_error(ldb, ret, "Failed to add control");