2 ldb database library - ildap backend
4 Copyright (C) Andrew Tridgell 2005
5 Copyright (C) Simo Sorce 2006
7 ** NOTE! The following LGPL license applies to the ldb
8 ** library. This does NOT imply that all of Samba is released
11 This library is free software; you can redistribute it and/or
12 modify it under the terms of the GNU Lesser General Public
13 License as published by the Free Software Foundation; either
14 version 2 of the License, or (at your option) any later version.
16 This library is distributed in the hope that it will be useful,
17 but WITHOUT ANY WARRANTY; without even the implied warranty of
18 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
19 Lesser General Public License for more details.
21 You should have received a copy of the GNU Lesser General Public
22 License along with this library; if not, write to the Free Software
23 Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
29 * Component: ldb ildap backend
31 * Description: This is a ldb backend for the internal ldap
32 * client library in Samba4. By using this backend we are
33 * independent of a system ldap library
35 * Author: Andrew Tridgell
39 * - description: make the module use asyncronous calls
46 #include "ldb/include/includes.h"
48 #include "lib/events/events.h"
49 #include "libcli/ldap/ldap.h"
50 #include "libcli/ldap/ldap_client.h"
51 #include "auth/auth.h"
52 #include "auth/credentials/credentials.h"
55 struct ldap_connection
*ldap
;
56 struct ldb_module
*module
;
60 struct ildb_private
*ildb
;
61 struct ldb_handle
*handle
;
62 struct ldap_request
*req
;
64 int (*callback
)(struct ldb_context
*, void *, struct ldb_reply
*);
68 convert a ldb_message structure to a list of ldap_mod structures
69 ready for ildap_add() or ildap_modify()
71 static struct ldap_mod
**ildb_msg_to_mods(void *mem_ctx
, int *num_mods
,
72 const struct ldb_message
*msg
, int use_flags
)
74 struct ldap_mod
**mods
;
78 /* allocate maximum number of elements needed */
79 mods
= talloc_array(mem_ctx
, struct ldap_mod
*, msg
->num_elements
+1);
86 for (i
= 0; i
< msg
->num_elements
; i
++) {
87 const struct ldb_message_element
*el
= &msg
->elements
[i
];
89 mods
[n
] = talloc(mods
, struct ldap_mod
);
95 mods
[n
]->attrib
= *el
;
97 switch (el
->flags
& LDB_FLAG_MOD_MASK
) {
98 case LDB_FLAG_MOD_ADD
:
99 mods
[n
]->type
= LDAP_MODIFY_ADD
;
101 case LDB_FLAG_MOD_DELETE
:
102 mods
[n
]->type
= LDAP_MODIFY_DELETE
;
104 case LDB_FLAG_MOD_REPLACE
:
105 mods
[n
]->type
= LDAP_MODIFY_REPLACE
;
122 map an ildap NTSTATUS to a ldb error code
124 static int ildb_map_error(struct ildb_private
*ildb
, NTSTATUS status
)
126 TALLOC_CTX
*mem_ctx
= talloc_new(ildb
);
127 if (NT_STATUS_IS_OK(status
)) {
131 ldb_oom(ildb
->module
->ldb
);
132 return LDB_ERR_OPERATIONS_ERROR
;
134 ldb_set_errstring(ildb
->module
->ldb
, ldap_errstr(ildb
->ldap
, mem_ctx
, status
));
135 talloc_free(mem_ctx
);
136 if (NT_STATUS_IS_LDAP(status
)) {
137 return NT_STATUS_LDAP_CODE(status
);
139 return LDB_ERR_OPERATIONS_ERROR
;
142 static void ildb_request_timeout(struct event_context
*ev
, struct timed_event
*te
,
143 struct timeval t
, void *private_data
)
145 struct ildb_context
*ac
= talloc_get_type(private_data
, struct ildb_context
);
146 struct ldb_handle
*handle
= ac
->handle
;
148 if (ac
->req
->state
== LDAP_REQUEST_PENDING
) {
149 DLIST_REMOVE(ac
->req
->conn
->pending
, ac
->req
);
152 handle
->status
= LDB_ERR_TIME_LIMIT_EXCEEDED
;
157 static void ildb_callback(struct ldap_request
*req
)
159 struct ildb_context
*ac
= talloc_get_type(req
->async
.private_data
, struct ildb_context
);
160 struct ldb_handle
*handle
= ac
->handle
;
161 struct ildb_private
*ildb
= ac
->ildb
;
165 handle
->status
= LDB_SUCCESS
;
167 if (!NT_STATUS_IS_OK(req
->status
)) {
168 handle
->status
= ildb_map_error(ildb
, req
->status
);
172 if (req
->num_replies
< 1) {
173 handle
->status
= LDB_ERR_OPERATIONS_ERROR
;
179 case LDAP_TAG_ModifyRequest
:
180 if (req
->replies
[0]->type
!= LDAP_TAG_ModifyResponse
) {
181 handle
->status
= LDB_ERR_PROTOCOL_ERROR
;
184 status
= ldap_check_response(req
->conn
, &req
->replies
[0]->r
.GeneralResult
);
185 handle
->status
= ildb_map_error(ildb
, status
);
186 if (ac
->callback
&& handle
->status
== LDB_SUCCESS
) {
187 /* FIXME: build a corresponding ares to pass on */
188 handle
->status
= ac
->callback(ac
->ildb
->module
->ldb
, ac
->context
, NULL
);
190 handle
->state
= LDB_ASYNC_DONE
;
193 case LDAP_TAG_AddRequest
:
194 if (req
->replies
[0]->type
!= LDAP_TAG_AddResponse
) {
195 handle
->status
= LDB_ERR_PROTOCOL_ERROR
;
198 status
= ldap_check_response(req
->conn
, &req
->replies
[0]->r
.GeneralResult
);
199 handle
->status
= ildb_map_error(ildb
, status
);
200 if (ac
->callback
&& handle
->status
== LDB_SUCCESS
) {
201 /* FIXME: build a corresponding ares to pass on */
202 handle
->status
= ac
->callback(ac
->ildb
->module
->ldb
, ac
->context
, NULL
);
204 handle
->state
= LDB_ASYNC_DONE
;
207 case LDAP_TAG_DelRequest
:
208 if (req
->replies
[0]->type
!= LDAP_TAG_DelResponse
) {
209 handle
->status
= LDB_ERR_PROTOCOL_ERROR
;
212 status
= ldap_check_response(req
->conn
, &req
->replies
[0]->r
.GeneralResult
);
213 handle
->status
= ildb_map_error(ildb
, status
);
214 if (ac
->callback
&& handle
->status
== LDB_SUCCESS
) {
215 /* FIXME: build a corresponding ares to pass on */
216 handle
->status
= ac
->callback(ac
->ildb
->module
->ldb
, ac
->context
, NULL
);
218 handle
->state
= LDB_ASYNC_DONE
;
221 case LDAP_TAG_ModifyDNRequest
:
222 if (req
->replies
[0]->type
!= LDAP_TAG_ModifyDNResponse
) {
223 handle
->status
= LDB_ERR_PROTOCOL_ERROR
;
226 status
= ldap_check_response(req
->conn
, &req
->replies
[0]->r
.GeneralResult
);
227 handle
->status
= ildb_map_error(ildb
, status
);
228 if (ac
->callback
&& handle
->status
== LDB_SUCCESS
) {
229 /* FIXME: build a corresponding ares to pass on */
230 handle
->status
= ac
->callback(ac
->ildb
->module
->ldb
, ac
->context
, NULL
);
232 handle
->state
= LDB_ASYNC_DONE
;
235 case LDAP_TAG_SearchRequest
:
236 /* loop over all messages */
237 for (i
= 0; i
< req
->num_replies
; i
++) {
238 struct ldap_SearchResEntry
*search
;
239 struct ldb_reply
*ares
= NULL
;
240 struct ldap_message
*msg
;
243 ares
= talloc_zero(ac
, struct ldb_reply
);
245 handle
->status
= LDB_ERR_OPERATIONS_ERROR
;
249 msg
= req
->replies
[i
];
252 case LDAP_TAG_SearchResultDone
:
254 status
= ldap_check_response(req
->conn
, &msg
->r
.GeneralResult
);
255 if (!NT_STATUS_IS_OK(status
)) {
256 handle
->status
= ildb_map_error(ildb
, status
);
260 ares
->controls
= talloc_move(ares
, &msg
->controls
);
261 if (msg
->r
.SearchResultDone
.resultcode
) {
262 if (msg
->r
.SearchResultDone
.errormessage
) {
263 ldb_set_errstring(ac
->ildb
->module
->ldb
, msg
->r
.SearchResultDone
.errormessage
);
267 handle
->status
= msg
->r
.SearchResultDone
.resultcode
;
268 handle
->state
= LDB_ASYNC_DONE
;
269 ares
->type
= LDB_REPLY_DONE
;
272 case LDAP_TAG_SearchResultEntry
:
275 ares
->message
= ldb_msg_new(ares
);
276 if (!ares
->message
) {
277 handle
->status
= LDB_ERR_OPERATIONS_ERROR
;
281 search
= &(msg
->r
.SearchResultEntry
);
283 ares
->message
->dn
= ldb_dn_new(ares
->message
, ac
->ildb
->module
->ldb
, search
->dn
);
284 if ( ! ldb_dn_validate(ares
->message
->dn
)) {
285 handle
->status
= LDB_ERR_OPERATIONS_ERROR
;
288 ares
->message
->num_elements
= search
->num_attributes
;
289 ares
->message
->elements
= talloc_move(ares
->message
,
290 &search
->attributes
);
292 handle
->status
= LDB_SUCCESS
;
293 handle
->state
= LDB_ASYNC_PENDING
;
294 ares
->type
= LDB_REPLY_ENTRY
;
297 case LDAP_TAG_SearchResultReference
:
299 ares
->referral
= talloc_strdup(ares
, msg
->r
.SearchResultReference
.referral
);
301 handle
->status
= LDB_SUCCESS
;
302 handle
->state
= LDB_ASYNC_PENDING
;
303 ares
->type
= LDB_REPLY_REFERRAL
;
307 /* TAG not handled, fail ! */
308 handle
->status
= LDB_ERR_PROTOCOL_ERROR
;
312 ret
= ac
->callback(ac
->ildb
->module
->ldb
, ac
->context
, ares
);
314 handle
->status
= ret
;
318 talloc_free(req
->replies
);
320 req
->num_replies
= 0;
325 handle
->status
= LDB_ERR_PROTOCOL_ERROR
;
330 static struct ildb_context
*init_ildb_handle(struct ildb_private
*ildb
,
331 struct ldb_request
*req
)
333 struct ildb_context
*ildb_ac
;
334 struct ldb_handle
*h
;
336 h
= talloc_zero(req
, struct ldb_handle
);
338 ldb_set_errstring(ildb
->module
->ldb
, "Out of Memory");
342 h
->module
= ildb
->module
;
344 ildb_ac
= talloc(h
, struct ildb_context
);
345 if (ildb_ac
== NULL
) {
346 ldb_set_errstring(ildb
->module
->ldb
, "Out of Memory");
351 h
->private_data
= ildb_ac
;
353 h
->state
= LDB_ASYNC_INIT
;
354 h
->status
= LDB_SUCCESS
;
356 ildb_ac
->ildb
= ildb
;
358 ildb_ac
->context
= req
->context
;
359 ildb_ac
->callback
= req
->callback
;
365 static int ildb_request_send(struct ildb_private
*ildb
, struct ldap_message
*msg
, struct ldb_request
*r
)
367 struct ildb_context
*ildb_ac
= init_ildb_handle(ildb
, r
);
368 struct ldap_request
*req
;
371 return LDB_ERR_OPERATIONS_ERROR
;
374 req
= ldap_request_send(ildb
->ldap
, msg
);
376 ldb_set_errstring(ildb
->module
->ldb
, "async send request failed");
377 return LDB_ERR_OPERATIONS_ERROR
;
379 ildb_ac
->req
= talloc_steal(ildb_ac
, req
);
382 ldb_set_errstring(ildb
->module
->ldb
, "connection to remote LDAP server dropped?");
383 return LDB_ERR_OPERATIONS_ERROR
;
386 talloc_free(req
->time_event
);
387 req
->time_event
= NULL
;
389 req
->time_event
= event_add_timed(req
->conn
->event
.event_ctx
, ildb_ac
,
390 timeval_current_ofs(r
->timeout
, 0),
391 ildb_request_timeout
, ildb_ac
);
394 req
->async
.fn
= ildb_callback
;
395 req
->async
.private_data
= ildb_ac
;
400 static int ildb_request_noop(struct ildb_private
*ildb
, struct ldb_request
*req
)
402 struct ildb_context
*ildb_ac
= init_ildb_handle(ildb
, req
);
403 int ret
= LDB_SUCCESS
;
406 return LDB_ERR_OPERATIONS_ERROR
;
409 if (ildb_ac
->callback
) {
410 ret
= ildb_ac
->callback(ildb
->module
->ldb
, ildb_ac
->context
, NULL
);
412 ildb_ac
->handle
->state
= LDB_ASYNC_DONE
;
417 search for matching records using an asynchronous function
419 static int ildb_search(struct ldb_module
*module
, struct ldb_request
*req
)
421 struct ildb_private
*ildb
= talloc_get_type(module
->private_data
, struct ildb_private
);
422 struct ldap_message
*msg
;
427 if (!req
->callback
|| !req
->context
) {
428 ldb_set_errstring(module
->ldb
, "Async interface called with NULL callback function or NULL context");
429 return LDB_ERR_OPERATIONS_ERROR
;
432 if (req
->op
.search
.tree
== NULL
) {
433 ldb_set_errstring(module
->ldb
, "Invalid expression parse tree");
434 return LDB_ERR_OPERATIONS_ERROR
;
437 msg
= new_ldap_message(req
);
439 ldb_set_errstring(module
->ldb
, "Out of Memory");
440 return LDB_ERR_OPERATIONS_ERROR
;
443 msg
->type
= LDAP_TAG_SearchRequest
;
445 if (req
->op
.search
.base
== NULL
) {
446 msg
->r
.SearchRequest
.basedn
= talloc_strdup(msg
, "");
448 msg
->r
.SearchRequest
.basedn
= ldb_dn_alloc_linearized(msg
, req
->op
.search
.base
);
450 if (msg
->r
.SearchRequest
.basedn
== NULL
) {
451 ldb_set_errstring(module
->ldb
, "Unable to determine baseDN");
453 return LDB_ERR_OPERATIONS_ERROR
;
456 if (req
->op
.search
.scope
== LDB_SCOPE_DEFAULT
) {
457 msg
->r
.SearchRequest
.scope
= LDB_SCOPE_SUBTREE
;
459 msg
->r
.SearchRequest
.scope
= req
->op
.search
.scope
;
462 msg
->r
.SearchRequest
.deref
= LDAP_DEREFERENCE_NEVER
;
463 msg
->r
.SearchRequest
.timelimit
= 0;
464 msg
->r
.SearchRequest
.sizelimit
= 0;
465 msg
->r
.SearchRequest
.attributesonly
= 0;
466 msg
->r
.SearchRequest
.tree
= discard_const(req
->op
.search
.tree
);
468 for (n
= 0; req
->op
.search
.attrs
&& req
->op
.search
.attrs
[n
]; n
++) /* noop */ ;
469 msg
->r
.SearchRequest
.num_attributes
= n
;
470 msg
->r
.SearchRequest
.attributes
= discard_const(req
->op
.search
.attrs
);
471 msg
->controls
= req
->controls
;
473 return ildb_request_send(ildb
, msg
, req
);
479 static int ildb_add(struct ldb_module
*module
, struct ldb_request
*req
)
481 struct ildb_private
*ildb
= talloc_get_type(module
->private_data
, struct ildb_private
);
482 struct ldap_message
*msg
;
483 struct ldap_mod
**mods
;
488 /* ignore ltdb specials */
489 if (ldb_dn_is_special(req
->op
.add
.message
->dn
)) {
490 return ildb_request_noop(ildb
, req
);
493 msg
= new_ldap_message(req
);
495 return LDB_ERR_OPERATIONS_ERROR
;
498 msg
->type
= LDAP_TAG_AddRequest
;
500 msg
->r
.AddRequest
.dn
= ldb_dn_alloc_linearized(msg
, req
->op
.add
.message
->dn
);
501 if (msg
->r
.AddRequest
.dn
== NULL
) {
503 return LDB_ERR_INVALID_DN_SYNTAX
;
506 mods
= ildb_msg_to_mods(msg
, &n
, req
->op
.add
.message
, 0);
509 return LDB_ERR_OPERATIONS_ERROR
;
512 msg
->r
.AddRequest
.num_attributes
= n
;
513 msg
->r
.AddRequest
.attributes
= talloc_array(msg
, struct ldb_message_element
, n
);
514 if (msg
->r
.AddRequest
.attributes
== NULL
) {
516 return LDB_ERR_OPERATIONS_ERROR
;
519 for (i
= 0; i
< n
; i
++) {
520 msg
->r
.AddRequest
.attributes
[i
] = mods
[i
]->attrib
;
523 return ildb_request_send(ildb
, msg
, req
);
529 static int ildb_modify(struct ldb_module
*module
, struct ldb_request
*req
)
531 struct ildb_private
*ildb
= talloc_get_type(module
->private_data
, struct ildb_private
);
532 struct ldap_message
*msg
;
533 struct ldap_mod
**mods
;
538 /* ignore ltdb specials */
539 if (ldb_dn_is_special(req
->op
.mod
.message
->dn
)) {
540 return ildb_request_noop(ildb
, req
);
543 msg
= new_ldap_message(req
);
545 return LDB_ERR_OPERATIONS_ERROR
;
548 msg
->type
= LDAP_TAG_ModifyRequest
;
550 msg
->r
.ModifyRequest
.dn
= ldb_dn_alloc_linearized(msg
, req
->op
.mod
.message
->dn
);
551 if (msg
->r
.ModifyRequest
.dn
== NULL
) {
553 return LDB_ERR_INVALID_DN_SYNTAX
;
556 mods
= ildb_msg_to_mods(msg
, &n
, req
->op
.mod
.message
, 1);
559 return LDB_ERR_OPERATIONS_ERROR
;
562 msg
->r
.ModifyRequest
.num_mods
= n
;
563 msg
->r
.ModifyRequest
.mods
= talloc_array(msg
, struct ldap_mod
, n
);
564 if (msg
->r
.ModifyRequest
.mods
== NULL
) {
566 return LDB_ERR_OPERATIONS_ERROR
;
569 for (i
= 0; i
< n
; i
++) {
570 msg
->r
.ModifyRequest
.mods
[i
] = *mods
[i
];
573 return ildb_request_send(ildb
, msg
, req
);
579 static int ildb_delete(struct ldb_module
*module
, struct ldb_request
*req
)
581 struct ildb_private
*ildb
= talloc_get_type(module
->private_data
, struct ildb_private
);
582 struct ldap_message
*msg
;
586 /* ignore ltdb specials */
587 if (ldb_dn_is_special(req
->op
.del
.dn
)) {
588 return ildb_request_noop(ildb
, req
);
591 msg
= new_ldap_message(req
);
593 return LDB_ERR_OPERATIONS_ERROR
;
596 msg
->type
= LDAP_TAG_DelRequest
;
598 msg
->r
.DelRequest
.dn
= ldb_dn_alloc_linearized(msg
, req
->op
.del
.dn
);
599 if (msg
->r
.DelRequest
.dn
== NULL
) {
601 return LDB_ERR_INVALID_DN_SYNTAX
;
604 return ildb_request_send(ildb
, msg
, req
);
610 static int ildb_rename(struct ldb_module
*module
, struct ldb_request
*req
)
612 struct ildb_private
*ildb
= talloc_get_type(module
->private_data
, struct ildb_private
);
613 struct ldap_message
*msg
;
617 /* ignore ltdb specials */
618 if (ldb_dn_is_special(req
->op
.rename
.olddn
) || ldb_dn_is_special(req
->op
.rename
.newdn
)) {
619 return ildb_request_noop(ildb
, req
);
622 msg
= new_ldap_message(req
);
624 return LDB_ERR_OPERATIONS_ERROR
;
627 msg
->type
= LDAP_TAG_ModifyDNRequest
;
628 msg
->r
.ModifyDNRequest
.dn
= ldb_dn_alloc_linearized(msg
, req
->op
.rename
.olddn
);
629 if (msg
->r
.ModifyDNRequest
.dn
== NULL
) {
631 return LDB_ERR_INVALID_DN_SYNTAX
;
634 msg
->r
.ModifyDNRequest
.newrdn
=
635 talloc_asprintf(msg
, "%s=%s",
636 ldb_dn_get_rdn_name(req
->op
.rename
.newdn
),
637 ldb_dn_escape_value(msg
, *ldb_dn_get_rdn_val(req
->op
.rename
.newdn
)));
638 if (msg
->r
.ModifyDNRequest
.newrdn
== NULL
) {
640 return LDB_ERR_OPERATIONS_ERROR
;
643 msg
->r
.ModifyDNRequest
.newsuperior
=
644 ldb_dn_alloc_linearized(msg
, ldb_dn_get_parent(msg
, req
->op
.rename
.newdn
));
645 if (msg
->r
.ModifyDNRequest
.newsuperior
== NULL
) {
647 return LDB_ERR_INVALID_DN_SYNTAX
;
650 msg
->r
.ModifyDNRequest
.deleteolddn
= True
;
652 return ildb_request_send(ildb
, msg
, req
);
655 static int ildb_start_trans(struct ldb_module
*module
)
657 /* TODO implement a local locking mechanism here */
662 static int ildb_end_trans(struct ldb_module
*module
)
664 /* TODO implement a local transaction mechanism here */
669 static int ildb_del_trans(struct ldb_module
*module
)
671 /* TODO implement a local locking mechanism here */
676 static int ildb_request(struct ldb_module
*module
, struct ldb_request
*req
)
678 return LDB_ERR_OPERATIONS_ERROR
;
681 static int ildb_wait(struct ldb_handle
*handle
, enum ldb_wait_type type
)
683 struct ildb_context
*ac
= talloc_get_type(handle
->private_data
, struct ildb_context
);
685 if (handle
->state
== LDB_ASYNC_DONE
) {
686 return handle
->status
;
690 return LDB_ERR_OPERATIONS_ERROR
;
693 handle
->state
= LDB_ASYNC_INIT
;
697 if (event_loop_once(ac
->req
->conn
->event
.event_ctx
) != 0) {
698 return LDB_ERR_OTHER
;
702 while (handle
->status
== LDB_SUCCESS
&& handle
->state
!= LDB_ASYNC_DONE
) {
703 if (event_loop_once(ac
->req
->conn
->event
.event_ctx
) != 0) {
704 return LDB_ERR_OTHER
;
709 return LDB_ERR_OPERATIONS_ERROR
;
712 return handle
->status
;
715 static const struct ldb_module_ops ildb_ops
= {
717 .search
= ildb_search
,
719 .modify
= ildb_modify
,
721 .rename
= ildb_rename
,
722 .request
= ildb_request
,
723 .start_transaction
= ildb_start_trans
,
724 .end_transaction
= ildb_end_trans
,
725 .del_transaction
= ildb_del_trans
,
730 connect to the database
732 static int ildb_connect(struct ldb_context
*ldb
, const char *url
,
733 unsigned int flags
, const char *options
[],
734 struct ldb_module
**_module
)
736 struct ldb_module
*module
;
737 struct ildb_private
*ildb
;
739 struct cli_credentials
*creds
;
741 module
= talloc(ldb
, struct ldb_module
);
746 talloc_set_name_const(module
, "ldb_ildap backend");
748 module
->prev
= module
->next
= NULL
;
749 module
->private_data
= NULL
;
750 module
->ops
= &ildb_ops
;
752 ildb
= talloc(module
, struct ildb_private
);
757 module
->private_data
= ildb
;
758 ildb
->module
= module
;
759 ildb
->ldap
= ldap4_new_connection(ildb
, ldb_get_opaque(ldb
, "EventContext"));
765 if (flags
& LDB_FLG_RECONNECT
) {
766 ldap_set_reconn_params(ildb
->ldap
, 10);
769 status
= ldap_connect(ildb
->ldap
, url
);
770 if (!NT_STATUS_IS_OK(status
)) {
771 ldb_debug(ldb
, LDB_DEBUG_ERROR
, "Failed to connect to ldap URL '%s' - %s\n",
772 url
, ldap_errstr(ildb
->ldap
, module
, status
));
776 /* caller can optionally setup credentials using the opaque token 'credentials' */
777 creds
= talloc_get_type(ldb_get_opaque(ldb
, "credentials"), struct cli_credentials
);
779 struct auth_session_info
*session_info
= talloc_get_type(ldb_get_opaque(ldb
, "sessionInfo"), struct auth_session_info
);
781 creds
= session_info
->credentials
;
785 if (creds
!= NULL
&& cli_credentials_authentication_requested(creds
)) {
786 const char *bind_dn
= cli_credentials_get_bind_dn(creds
);
788 const char *password
= cli_credentials_get_password(creds
);
789 status
= ldap_bind_simple(ildb
->ldap
, bind_dn
, password
);
790 if (!NT_STATUS_IS_OK(status
)) {
791 ldb_debug(ldb
, LDB_DEBUG_ERROR
, "Failed to bind - %s\n",
792 ldap_errstr(ildb
->ldap
, module
, status
));
796 status
= ldap_bind_sasl(ildb
->ldap
, creds
);
797 if (!NT_STATUS_IS_OK(status
)) {
798 ldb_debug(ldb
, LDB_DEBUG_ERROR
, "Failed to bind - %s\n",
799 ldap_errstr(ildb
->ldap
, module
, status
));
813 int ldb_ildap_init(void)
815 return ldb_register_backend("ldap", ildb_connect
) +
816 ldb_register_backend("ldapi", ildb_connect
) +
817 ldb_register_backend("ldaps", ildb_connect
);