*/
#include "includes.h"
+#include <talloc.h>
#include "ldap_server/ldap_server.h"
#include "../lib/util/dlinklist.h"
#include "auth/credentials/credentials.h"
#include "auth/common_auth.h"
#include "param/param.h"
#include "samba/service_stream.h"
+#include "dsdb/gmsa/util.h"
#include "dsdb/samdb/samdb.h"
#include <ldb_errors.h>
#include <ldb_module.h>
bool attributesonly;
struct ldb_control **controls;
size_t count; /* For notification only */
+ const struct gmsa_update **updates;
};
static int ldap_server_search_callback(struct ldb_request *req, struct ldb_reply *ares)
ent->attributes[j].num_values = msg->elements[j].num_values;
ent->attributes[j].values = msg->elements[j].values;
}
+
+ {
+ const struct ldb_control
+ *ctrl = ldb_controls_get_control(
+ ares->controls,
+ DSDB_CONTROL_GMSA_UPDATE_OID);
+
+ if (ctrl != NULL) {
+ const struct gmsa_update **updates = NULL;
+ const size_t len = talloc_array_length(
+ ctx->updates);
+
+ updates = talloc_realloc(
+ ctx,
+ ctx->updates,
+ const struct gmsa_update *,
+ len + 1);
+ if (updates != NULL) {
+ updates[len] = talloc_steal(updates,
+ ctrl->data);
+ ctx->updates = updates;
+ }
+ }
+ }
+
queue_reply:
status = ldapsrv_queue_reply(call, ent_r);
if (NT_STATUS_EQUAL(status, NT_STATUS_FILE_TOO_LARGE)) {
ldb_ret = ldb_wait(lreq->handle, LDB_WAIT_ALL);
if (ldb_ret == LDB_SUCCESS) {
+ size_t n;
+ const size_t len = talloc_array_length(callback_ctx->updates);
+
+ for (n = 0; n < len; ++n) {
+ int ret;
+
+ ret = dsdb_update_gmsa_entry_keys(
+ samdb, local_ctx, callback_ctx->updates[n]);
+ if (ret) {
+ /* Ignore the error. */
+ DBG_WARNING("Failed to update keys for Group "
+ "Managed Service Account: %s\n",
+ ldb_strerror(ret));
+ }
+ }
+
if (call->notification.busy) {
/* Move/Add it to the end */
DLIST_DEMOTE(call->conn->pending_calls, call);