drs-cracknames: When cracking NT4 names we should just look at netbios for the match

[metze/samba/wip.git] / source4 / dsdb / samdb / cracknames.c

diff --git a/source4/dsdb/samdb/cracknames.c b/source4/dsdb/samdb/cracknames.c
index c366019c56cf09ceb24a10b0dfee14bd22c63356..628546e959eb0deb063192d6546f98e19e886215 100644 (file)
--- a/source4/dsdb/samdb/cracknames.c
+++ b/source4/dsdb/samdb/cracknames.c
@@ -394,10 +394,10 @@ static WERROR get_format_functional_filtering_param(struct ldb_context *sam_ctx,
 
                account = name;
                s = strchr(account, '/');
+               talloc_free(domain_res);
                while(s) {
                        s[0] = '\0';
                        s++;
-                       talloc_free(domain_res);
 
                        ldb_ret = ldb_search(sam_ctx, mem_ctx, &domain_res,
                                                tmp_dn,
@@ -410,18 +410,20 @@ static WERROR get_format_functional_filtering_param(struct ldb_context *sam_ctx,
                                info1->status = DRSUAPI_DS_NAME_STATUS_RESOLVE_ERROR;
                                return WERR_OK;
                        }
+                       talloc_free(tmp_dn);
                        switch (domain_res->count) {
                        case 1:
                                break;
                        case 0:
+                               talloc_free(domain_res);
                                info1->status = DRSUAPI_DS_NAME_STATUS_NOT_FOUND;
                                return WERR_OK;
                        default:
+                               talloc_free(domain_res);
                                info1->status = DRSUAPI_DS_NAME_STATUS_NOT_UNIQUE;
                                return WERR_OK;
                        }
 
-                       talloc_free(tmp_dn);
                        tmp_dn = talloc_steal(mem_ctx, domain_res->msgs[0]->dn);
                        talloc_free(domain_res);
                        search_dn = tmp_dn;
@@ -486,7 +488,10 @@ WERROR DsCrackNameOneName(struct ldb_context *sam_ctx, TALLOC_CTX *mem_ctx,
                        if (!W_ERROR_IS_OK(werr)) {
                                return werr;
                        }
-                       if (info1->status != DRSUAPI_DS_NAME_STATUS_NOT_FOUND) {
+                       if (info1->status != DRSUAPI_DS_NAME_STATUS_NOT_FOUND &&
+                           (formats[i] != DRSUAPI_DS_NAME_FORMAT_CANONICAL ||
+                            info1->status != DRSUAPI_DS_NAME_STATUS_RESOLVE_ERROR))
+                       {
                                return werr;
                        }
                }
@@ -572,8 +577,7 @@ WERROR DsCrackNameOneName(struct ldb_context *sam_ctx, TALLOC_CTX *mem_ctx,
                }
 
                domain_filter = talloc_asprintf(mem_ctx, 
-                                               "(&(objectClass=crossRef)(|(dnsRoot=%s)(netbiosName=%s))(systemFlags:%s:=%u))",
-                                               ldb_binary_encode_string(mem_ctx, domain),
+                                               "(&(objectClass=crossRef)(netbiosName=%s)(systemFlags:%s:=%u))",
                                                ldb_binary_encode_string(mem_ctx, domain),
                                                LDB_OID_COMPARATOR_AND,
                                                SYSTEM_FLAG_CR_NTDS_DOMAIN);
@@ -943,7 +947,7 @@ static WERROR DsCrackNameOneFilter(struct ldb_context *sam_ctx, TALLOC_CTX *mem_
                        real_search_dn = NULL;
                }
                if (format_desired == DRSUAPI_DS_NAME_FORMAT_GUID){
-                        dsdb_flags = dsdb_flags| DSDB_SEARCH_SHOW_DELETED;
+                        dsdb_flags |= DSDB_SEARCH_SHOW_RECYCLED;
                }
 
                /* search with the 'phantom root' flag */
@@ -1029,6 +1033,7 @@ static WERROR DsCrackNameOneFilter(struct ldb_context *sam_ctx, TALLOC_CTX *mem_
                                return WERR_OK;
                        }
                }
+               /* FALL TROUGH */
                default:
                        info1->status = DRSUAPI_DS_NAME_STATUS_NOT_UNIQUE;
                        return WERR_OK;
@@ -1067,9 +1072,16 @@ static WERROR DsCrackNameOneFilter(struct ldb_context *sam_ctx, TALLOC_CTX *mem_
 
                const struct dom_sid *sid = samdb_result_dom_sid(mem_ctx, result, "objectSid");
                const char *_acc = "", *_dom = "";
+               if (sid == NULL) {
+                       info1->status = DRSUAPI_DS_NAME_STATUS_NO_MAPPING;
+                       return WERR_OK;
+               }
 
-               if (samdb_find_attribute(sam_ctx, result, "objectClass", "domain")) {
-
+               if (samdb_find_attribute(sam_ctx, result, "objectClass",
+                                        "domain")) {
+                       /* This can also find a DomainDNSZones entry,
+                        * but it won't have the SID we just
+                        * checked.  */
                        ldb_ret = ldb_search(sam_ctx, mem_ctx, &domain_res,
                                                     partitions_basedn,
                                                     LDB_SCOPE_ONELEVEL,
@@ -1472,7 +1484,7 @@ WERROR dcesrv_drsuapi_CrackNamesByNameFormat(struct ldb_context *sam_ctx, TALLOC
        uint32_t i, count;
        WERROR status;
 
-       *ctr1 = talloc(mem_ctx, struct drsuapi_DsNameCtr1);
+       *ctr1 = talloc_zero(mem_ctx, struct drsuapi_DsNameCtr1);
        W_ERROR_HAVE_NO_MEMORY(*ctr1);
 
        count = req1->count;