From 53f3d0c944e0d5a32eeaa4a7ff1b719d675c2861 Mon Sep 17 00:00:00 2001 From: Gerald Carter Date: Mon, 17 Jun 2002 16:54:19 +0000 Subject: [PATCH] only retrieve necessary attributes from directory --- source/passdb/pdb_ldap.c | 41 +++++++++++++++++++++++++++++++++++++++-- 1 file changed, 39 insertions(+), 2 deletions(-) diff --git a/source/passdb/pdb_ldap.c b/source/passdb/pdb_ldap.c index a214d51d14b..c24d96653b6 100644 --- a/source/passdb/pdb_ldap.c +++ b/source/passdb/pdb_ldap.c @@ -69,6 +69,43 @@ static struct ldap_enum_info global_ldap_ent; extern pstring samlogon_user; extern BOOL sam_logon_in_ssb; +/* + * attributes needed from sambaAccount + * + * objectclass ( 1.3.6.1.4.1.7165.2.2.3 NAME 'sambaAccount' SUP top AUXILIARY + * DESC 'Samba Auxilary Account' + * MUST ( uid $ rid ) + * MAY ( cn $ lmPassword $ ntPassword $ pwdLastSet $ logonTime $ + * logoffTime $ kickoffTime $ pwdCanChange $ pwdMustChange $ acctFlags $ + * displayName $ smbHome $ homeDrive $ scriptPath $ profilePath $ + * description $ userWorkstations $ primaryGroupID $ domain )) + */ + +char* attribs[] = { + "uid", + "rid", + "cn", + "lmPassword", + "ntPassword", + "pwdLastSet", + "logonTime", + "logoffTime", + "kickoffTime", + "pwdCanChange", + "pwdMustChange", + "acctFlags", + "displayName", + "smbHome", + "homeDrive", + "scriptPath", + "profilePath", + "description", + "userWorkstations", + "primaryGroupID", + "domain", + NULL +}; + /******************************************************************* open a connection to the ldap server. @@ -224,7 +261,7 @@ static int ldap_search_one_user (LDAP * ldap_struct, const char *filter, LDAPMes DEBUG(2, ("ldap_search_one_user: searching for:[%s]\n", filter)); - rc = ldap_search_s(ldap_struct, lp_ldap_suffix (), scope, (char*)filter, NULL, 0, result); + rc = ldap_search_s(ldap_struct, lp_ldap_suffix (), scope, (char*)filter, attribs, 0, result); if (rc != LDAP_SUCCESS) { DEBUG(0,("ldap_search_one_user: Problem during the LDAP search: %s\n", @@ -730,7 +767,7 @@ BOOL pdb_setsampwent(BOOL update) all_string_sub(filter, "%u", "*", sizeof(pstring)); rc = ldap_search_s(global_ldap_ent.ldap_struct, lp_ldap_suffix(), - LDAP_SCOPE_SUBTREE, filter, NULL, 0, + LDAP_SCOPE_SUBTREE, filter, attribs, 0, &global_ldap_ent.result); if (rc != LDAP_SUCCESS) -- 2.11.4.GIT