| commit | 2e200a381f58ac3a86dd7497ef9d633a1aea55b5 | |
| author | Steven Danneman <steven.danneman@isilon.com> | |
| Sat, 15 Nov 2008 21:07:15 +0000 (15 13:07 -0800) | ||
| committer | Karolin Seeger <kseeger@samba.org> | |
| Wed, 19 Nov 2008 08:31:12 +0000 (19 09:31 +0100) | ||
| tree | b917dbd58263b8e3c630fedf0eb9b02b7577e79f | treesnapshot (tar.gz zip) |
| parent | 49ed121e50f14623b99751ab2956b6e125cf4335 | commitdiff |
Fix extended DN parse error when AD object does not have a SID.
Some AD objects, like Exchange Public Folders, can be members of Security
Groups but do not have a SID attribute. This patch adds more granular return
errors to ads_get_sid_from_extended_dn(). Callers can now determine if a parse
error occured because of bad input, or the DN was valid but contained no SID.
I updated all callers to ignore SIDless objects when appropriate.
Also did some cleanup to the out paths of lookup_usergroups_memberof()
(cherry picked from commit c9b3bbdc3c36580dcb18a99ac58ae143b1926d8e)
Some AD objects, like Exchange Public Folders, can be members of Security
Groups but do not have a SID attribute. This patch adds more granular return
errors to ads_get_sid_from_extended_dn(). Callers can now determine if a parse
error occured because of bad input, or the DN was valid but contained no SID.
I updated all callers to ignore SIDless objects when appropriate.
Also did some cleanup to the out paths of lookup_usergroups_memberof()
(cherry picked from commit c9b3bbdc3c36580dcb18a99ac58ae143b1926d8e)
| source/include/proto.h | diffblobblamehistory | |
| source/libads/ldap.c | diffblobblamehistory | |
| source/winbindd/winbindd_ads.c | diffblobblamehistory |