git.samba.org / metze / samba / wip.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: aa17a2c)
drs-cracknames: When cracking NT4 names we should just look at netbios for the match
authorMatthieu Patou <mat@matws.net>
Sun, 30 Jun 2013 09:03:02 +0000 (02:03 -0700)
committerMatthieu Patou <mat@matws.net>
Wed, 7 Aug 2013 04:22:05 +0000 (21:22 -0700)
Looking at dnsRoot will yield a result for domain.tld\username when it
shouldn't work.

Signed-off-by: Matthieu Patou <mat@matws.net>
Reviewed-by: Andrew Bartlett <abarlett@samba.org>
source4/dsdb/samdb/cracknames.c patch | blob | history

diff --git a/source4/dsdb/samdb/cracknames.c b/source4/dsdb/samdb/cracknames.c
index 388b6c7cec0e174bbfe4b64e4c95e3dd14c00a56..628546e959eb0deb063192d6546f98e19e886215 100644 (file)
--- a/source4/dsdb/samdb/cracknames.c
+++ b/source4/dsdb/samdb/cracknames.c
@@ -577,8 +577,7 @@ WERROR DsCrackNameOneName(struct ldb_context *sam_ctx, TALLOC_CTX *mem_ctx,
                }
 
                domain_filter = talloc_asprintf(mem_ctx, 
-                                               "(&(objectClass=crossRef)(|(dnsRoot=%s)(netbiosName=%s))(systemFlags:%s:=%u))",
-                                               ldb_binary_encode_string(mem_ctx, domain),
+                                               "(&(objectClass=crossRef)(netbiosName=%s)(systemFlags:%s:=%u))",
                                                ldb_binary_encode_string(mem_ctx, domain),
                                                LDB_OID_COMPARATOR_AND,
                                                SYSTEM_FLAG_CR_NTDS_DOMAIN);
Work in progress branches