source/libads/ads_ldap.c

   1 /*
   2    Unix SMB/CIFS implementation.
   3
   4    Winbind ADS backend functions
   5
   6    Copyright (C) Andrew Tridgell 2001
   7    Copyright (C) Andrew Bartlett 2002
   8
   9    This program is free software; you can redistribute it and/or modify
  10    it under the terms of the GNU General Public License as published by
  11    the Free Software Foundation; either version 2 of the License, or
  12    (at your option) any later version.
  13
  14    This program is distributed in the hope that it will be useful,
  15    but WITHOUT ANY WARRANTY; without even the implied warranty of
  16    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
  17    GNU General Public License for more details.
  18
  19    You should have received a copy of the GNU General Public License
  20    along with this program; if not, write to the Free Software
  21    Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
  22 */
  23
  24 #include "includes.h"
  25 #ifdef HAVE_LDAP
  26
  27 /* convert a sid to a DN */
  28
  29 ADS_STATUS ads_sid_to_dn(ADS_STRUCT *ads,
  30                          TALLOC_CTX *mem_ctx,
  31                          const DOM_SID *sid,
  32                          char **dn)
  33 {
  34         ADS_STATUS rc;
  35         LDAPMessage *msg = NULL;
  36         LDAPMessage *entry = NULL;
  37         char *ldap_exp;
  38         char *sidstr = NULL;
  39         int count;
  40         char *dn2 = NULL;
  41
  42         const char *attr[] = {
  43                 "dn",
  44                 NULL
  45         };
  46
  47         if (!(sidstr = sid_binstring(sid))) {
  48                 DEBUG(1,("ads_sid_to_dn: sid_binstring failed!\n"));
  49                 rc = ADS_ERROR_NT(NT_STATUS_NO_MEMORY);
  50                 goto done;
  51         }
  52
  53         if(!(ldap_exp = talloc_asprintf(mem_ctx, "(objectSid=%s)", sidstr))) {
  54                 DEBUG(1,("ads_sid_to_dn: talloc_asprintf failed!\n"));
  55                 rc = ADS_ERROR_NT(NT_STATUS_NO_MEMORY);
  56                 goto done;
  57         }
  58
  59         rc = ads_search_retry(ads, (void **)&msg, ldap_exp, attr);
  60
  61         if (!ADS_ERR_OK(rc)) {
  62                 DEBUG(1,("ads_sid_to_dn ads_search: %s\n", ads_errstr(rc)));
  63                 goto done;
  64         }
  65
  66         if ((count = ads_count_replies(ads, msg)) != 1) {
  67                 fstring sid_string;
  68                 DEBUG(1,("ads_sid_to_dn (sid=%s): Not found (count=%d)\n",
  69                          sid_to_string(sid_string, sid), count));
  70                 rc = ADS_ERROR_NT(NT_STATUS_UNSUCCESSFUL);
  71                 goto done;
  72         }
  73
  74         entry = ads_first_entry(ads, msg);
  75
  76         dn2 = ads_get_dn(ads, entry);
  77
  78         if (!dn2) {
  79                 rc = ADS_ERROR_NT(NT_STATUS_NO_MEMORY);
  80                 goto done;
  81         }
  82
  83         *dn = talloc_strdup(mem_ctx, dn2);
  84
  85         if (!*dn) {
  86                 ads_memfree(ads, dn2);
  87                 rc = ADS_ERROR_NT(NT_STATUS_NO_MEMORY);
  88                 goto done;
  89         }
  90
  91         rc = ADS_ERROR_NT(NT_STATUS_OK);
  92
  93         DEBUG(3,("ads sid_to_dn mapped %s\n", dn2));
  94
  95         SAFE_FREE(dn2);
  96 done:
  97         if (msg) ads_msgfree(ads, msg);
  98         if (dn2) ads_memfree(ads, dn2);
  99
 100         SAFE_FREE(sidstr);
 101
 102         return rc;
 103 }
 104
 105 #endif