| blob | ea7e8a0d4a4ce96b2e821d589c06a621621599aa |
1 /*
2 ldb database library
4 Copyright (C) Simo Sorce 2004-2008
5 Copyright (C) Andrew Bartlett <abartlet@samba.org> 2005-2013
6 Copyright (C) Andrew Tridgell 2005-2009
7 Copyright (C) Stefan Metzmacher <metze@samba.org> 2007
8 Copyright (C) Matthieu Patou <mat@samba.org> 2010-2011
10 This program is free software; you can redistribute it and/or modify
11 it under the terms of the GNU General Public License as published by
12 the Free Software Foundation; either version 3 of the License, or
13 (at your option) any later version.
15 This program is distributed in the hope that it will be useful,
16 but WITHOUT ANY WARRANTY; without even the implied warranty of
17 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
18 GNU General Public License for more details.
20 You should have received a copy of the GNU General Public License
21 along with this program. If not, see <http://www.gnu.org/licenses/>.
22 */
24 /*
25 * Name: ldb
26 *
27 * Component: ldb repl_meta_data module
28 *
29 * Description: - add a unique objectGUID onto every new record,
30 * - handle whenCreated, whenChanged timestamps
31 * - handle uSNCreated, uSNChanged numbers
32 * - handle replPropertyMetaData attribute
33 *
34 * Author: Simo Sorce
35 * Author: Stefan Metzmacher
36 */
55 #undef strcasecmp
57 #undef DBGC_CLASS
58 #define DBGC_CLASS DBGC_DRS_REPL
60 /* the RMD_VERSION for linked attributes starts from 1 */
61 #define RMD_VERSION_INITIAL 1
63 /*
64 * It's 29/12/9999 at 23:59:59 UTC as specified in MS-ADTS 7.1.1.4.2
65 * Deleted Objects Container
66 */
85 };
87 /*
88 * groups link attributes together by source-object and attribute-ID,
89 * to improve processing efficiency (i.e. for 'member' attribute, which
90 * could have 100s or 1000s of links).
91 * Note this grouping is best effort - the same source object could still
92 * correspond to several la_groups (a lot depends on the order DRS sends
93 * the links in). The groups currently don't span replication chunks (which
94 * caps the size to ~1500 links by default).
95 */
99 };
105 };
114 /* the controls we pass down */
117 /*
118 * Backlinks for the replmd_add() case (we want to create
119 * backlinks after creating the user, but before the end of
120 * the ADD request)
121 */
124 /* details for the mode where we apply a bunch of inbound replication meessages */
138 };
140 /*
141 * the result of replmd_process_linked_attribute(): either there was no change
142 * (update was ignored), a new link was added (either inactive or active), or
143 * an existing link was modified (active/inactive status may have changed).
144 */
146 LINK_CHANGE_NONE,
147 LINK_CHANGE_ADDED,
148 LINK_CHANGE_MODIFIED,
152 static int replmd_delete_internals(struct ldb_module *module, struct ldb_request *req, bool re_delete);
183 };
191 };
194 {
200 /*
201 * only lookup the recycle-bin state once per replication, then cache
202 * the result. This can save us 1000s of DB searches
203 */
208 }
212 }
215 }
221 {
228 }
230 }
239 }
241 }
247 }
249 }
254 }
256 }
261 }
267 }
268 }
281 };
283 /* Attributes looked for when updating or deleting, to check for a urgent replication needed */
288 NULL
289 };
294 {
300 }
306 }
307 }
308 }
310 }
313 {
316 }
318 }
322 /*
323 initialise the module
324 allocate the private structure and build the list
325 of partition DNs for use by replmd_notify()
326 */
328 {
337 }
340 SAMBA_SORTED_LINKS_FEATURE,
345 }
350 }
352 /*
353 cleanup our per-transaction contexts
354 */
356 {
361 }
372 };
374 /*
375 a ldb_modify request operating on modules below the
376 current module
377 */
381 {
392 }
395 message,
396 NULL,
397 res,
398 ldb_modify_default_callback,
399 parent);
404 }
410 }
412 /* Run the new request */
417 }
421 }
426 {
436 }
441 }
446 }
451 schema,
452 oc_element,
453 DSDB_SCHEMA_ALL);
457 }
463 }
467 }
469 /*
470 process a backlinks we accumulated during a transaction, adding and
471 deleting the backlinks from the target objects
472 */
473 static int replmd_process_backlink(struct ldb_module *module, struct la_backlink *bl, struct ldb_request *parent)
474 {
491 }
493 /*
494 - find DN of target
495 - find DN of source
496 - construct ldb_message
497 - either an add or a delete
498 */
500 frame,
503 attrs,
504 parent);
512 }
519 }
523 }
530 }
538 /* Filter down to the attributes we want in the backlink */
541 }
551 }
559 }
560 }
562 /* construct a ldb_message for adding/deleting the backlink */
569 }
574 }
577 /* a backlink should never be single valued. Unfortunately the
578 exchange schema has a attribute
579 msExchBridgeheadedLocalConnectorsDNBL which is single
580 valued and a backlink. We need to cope with that by
581 ignoring the single value flag */
586 /* we allow LDB_ERR_NO_SUCH_ATTRIBUTE as success to
587 cope with possible corruption where the backlink has
588 already been removed */
602 }
605 }
607 /*
608 add a backlink to the list of backlinks to add/delete in the prepare
609 commit
611 forward_dn is stolen onto the defereed context
612 */
621 {
629 }
633 /*
634 * windows 2003 has a broken schema where the
635 * definition of msDS-IsDomainFor is missing (which is
636 * supposed to be the backlink of the
637 * msDS-HasDomainNCs attribute
638 */
640 }
652 }
654 /*
655 add a backlink to the list of backlinks to add/delete in the prepare
656 commit
657 */
665 {
672 /*
673 * windows 2003 has a broken schema where the
674 * definition of msDS-IsDomainFor is missing (which is
675 * supposed to be the backlink of the
676 * msDS-HasDomainNCs attribute
677 */
679 }
690 }
693 /*
694 * Callback for most write operations in this module:
695 *
696 * notify the repl task that a object has changed. The notifies are
697 * gathered up in the replmd_private structure then written to the
698 * @REPLCHANGED object in each partition during the prepare_commit
699 */
701 {
718 /*
719 * Remove the current partition control from what we pass up
720 * the chain if it hasn't been requested manually.
721 */
723 partition_ctrl);
724 }
736 }
739 /*
740 * Set at DBG_NOTICE as once these start to happe, they
741 * will happen a lot until resolved, due to repeated
742 * replication. The caller will probably print the
743 * ldb error string anyway.
744 */
750 ac,
751 LDB_CHANGETYPE_ADD,
752 msg);
758 s);
762 }
768 }
772 /*
773 * process our backlink list after an replmd_add(),
774 * creating and deleting backlinks as necessary (this
775 * code is sync). The other cases are handled inline
776 * with the modify.
777 */
783 }
784 }
785 }
791 }
801 }
802 }
810 }
816 }
818 }
824 }
825 }
828 }
829 }
835 }
838 /* free the partition control container here, for the
839 * common path. Other cases will have it cleaned up
840 * eventually with the ares */
844 }
845 }
848 /*
849 * update a @REPLCHANGED record in each partition if there have been
850 * any writes of replicated data in the partition
851 */
853 {
868 }
876 DSDB_EXTENDED_SCHEMA_UPDATE_NOW_OID,
877 ext_res,
878 DSDB_FLAG_NEXT_MODULE,
879 parent);
882 }
884 }
888 }
891 }
894 /*
895 created a replmd_replicated_request context
896 */
899 {
910 }
922 }
924 /* get our invocationId */
931 }
935 }
937 /*
938 add a time element to a record
939 */
941 {
948 }
953 }
958 }
961 /* always set as replace. This works because on add ops, the flag
962 is ignored */
966 }
968 /*
969 add a uint64_t element to a record
970 */
973 {
979 }
984 }
987 /* always set as replace. This works because on add ops, the flag
988 is ignored */
992 }
996 {
997 /*
998 * This assignment seems inoccous, but it is critical for the
999 * system, as we need to do the comparisons as a unsigned
1000 * quantity, not signed (enums are signed integers)
1001 */
1007 }
1009 /*
1010 * See above regarding this being an unsigned comparison.
1011 * Otherwise when the high bit is set on non-standard
1012 * attributes, they would end up first, before objectClass
1013 * (0).
1014 */
1016 }
1021 {
1027 }
1029 /* the objectClass attribute is value 0x00000000, so must be first */
1035 }
1038 }
1043 {
1044 /* Note this is O(n^2) for the almost-sorted case, which this is */
1046 replmd_replPropertyMetaData1_attid_sort);
1048 }
1053 {
1057 /*
1058 * TODO: make this faster by caching the dsdb_attribute pointer
1059 * on the ldb_messag_element
1060 */
1065 /*
1066 * If the elements do not have valid attribute names in the schema
1067 * (which we would prefer to think can't happen), we need to sort them
1068 * somehow. The current strategy is to put them at the end, sorted by
1069 * attribute name.
1070 */
1073 }
1076 }
1079 }
1082 }
1084 }
1088 {
1089 LDB_TYPESAFE_QSORT(msg->elements, msg->num_elements, schema, replmd_ldb_message_element_attid_sort);
1090 }
1092 static int replmd_build_la_val(TALLOC_CTX *mem_ctx, struct ldb_val *v, struct dsdb_dn *dsdb_dn,
1106 /*
1107 fix up linked attributes in replmd_add.
1108 This involves setting up the right meta-data in extended DN
1109 components, and creating backlinks to the object
1110 */
1115 NTTIME now,
1119 {
1124 /* We will take a reference to the schema in replmd_add_backlink */
1133 "Attribute %s is single valued but "
1138 }
1140 /*
1141 * At the successful end of these functions el->values is
1142 * overwritten with new_values. However get_parsed_dns()
1143 * points p->v at the supplied el and it effectively gets used
1144 * as a working area by replmd_build_la_val(). So we must
1145 * duplicate it because our caller only called
1146 * ldb_msg_copy_shallow().
1147 */
1156 }
1163 }
1169 }
1176 }
1186 }
1191 parent);
1195 }
1198 }
1203 }
1208 {
1211 /* Calculate an extended DN for any linked attributes */
1215 }
1219 }
1226 }
1227 }
1230 }
1232 /*
1233 intercept add requests
1234 */
1236 {
1244 DATA_BLOB guid_blob_stack;
1251 /*
1252 * The use of a time_t here seems odd, but as the NTTIME
1253 * elements are actually declared as NTTIME_1sec in the IDL,
1254 * getting a higher resolution timestamp is not required.
1255 */
1257 NTTIME now;
1271 /* check if there's a show relax control (used by provision to say 'I know what I'm doing') */
1275 }
1277 /* do not manipulate our control entries */
1280 }
1298 }
1299 /* we remove this attribute as it can be a string and
1300 * will not be treated correctly and then we will re-add
1301 * it later on in the good format */
1303 }
1305 /* a new GUID */
1310 /* This can't fail */
1314 }
1319 }
1323 /* Get a sequence number from the backend */
1328 }
1330 /* we have to copy the message as the caller might have it as a const */
1336 }
1338 /* generated times */
1345 }
1348 }
1350 /*
1351 * remove autogenerated attributes
1352 */
1359 /*
1360 * readd replicated attributes
1361 */
1367 }
1369 /* build the replication meta_data */
1380 }
1390 i++;
1392 }
1401 }
1403 if ((sa->systemFlags & DS_FLAG_ATTR_NOT_REPLICATED) || (sa->systemFlags & DS_FLAG_ATTR_IS_CONSTRUCTED)) {
1404 /* if the attribute is not replicated (0x00000001)
1405 * or constructed (0x00000004) it has no metadata
1406 */
1407 i++;
1409 }
1414 guid_blob,
1419 }
1420 }
1422 /*
1423 * Prepare the context for the backlinks and
1424 * create metadata for the forward links. The
1425 * backlinks are created in
1426 * replmd_op_callback() after the successful
1427 * ADD of the object.
1428 */
1432 extended_dn,
1437 }
1438 /* linked attributes are not stored in
1439 replPropertyMetaData in FL above w2k */
1440 i++;
1442 }
1454 }
1458 /*
1459 * Set the originating_change_time to 29/12/9999 at 23:59:59
1460 * as specified in MS-ADTS 7.1.1.4.2 Deleted Objects Container
1461 */
1465 }
1468 }
1472 ni++;
1475 i++;
1477 }
1482 i++;
1484 }
1487 }
1489 /* fix meta data count */
1492 /*
1493 * sort meta data array
1494 */
1500 }
1502 /* generated NDR encoded values */
1510 }
1512 /*
1513 * add the autogenerated values
1514 */
1520 }
1526 }
1532 }
1538 }
1544 }
1546 /*
1547 * sort the attributes by attid before storing the object
1548 */
1551 /*
1552 * Assert that we do have an objectClass
1553 */
1561 }
1563 REPL_URGENT_ON_CREATE);
1567 msg,
1570 req);
1576 }
1578 /* current partition control is needed by "replmd_op_callback" */
1581 DSDB_CONTROL_CURRENT_PARTITION_OID,
1586 }
1587 }
1594 }
1595 }
1597 /* mark the relax control done */
1600 }
1601 /* go on with the call chain */
1603 }
1606 /*
1607 * update the replPropertyMetaData for one element
1608 */
1617 NTTIME now,
1621 {
1631 /* allow this to make it possible for dbcheck
1632 to remove bad attributes */
1634 }
1639 }
1643 if ((a->systemFlags & DS_FLAG_ATTR_NOT_REPLICATED) || (a->systemFlags & DS_FLAG_ATTR_IS_CONSTRUCTED)) {
1645 }
1647 /*
1648 * if the attribute's value haven't changed, and this isn't
1649 * just a delete of everything then return LDB_SUCCESS Unless
1650 * we have the provision control or if the attribute is
1651 * interSiteTopologyGenerator as this page explain:
1652 * http://support.microsoft.com/kb/224815 this attribute is
1653 * periodically written by the DC responsible for the intersite
1654 * generation in a given site
1655 *
1656 * Unchanged could be deleting or replacing an already-gone
1657 * thing with an unconstrained delete/empty replace or a
1658 * replace with the same value, but not an add with the same
1659 * value because that could be about adding a duplicate (which
1660 * is for someone else to error out on).
1661 */
1665 }
1671 }
1674 /*
1675 * We intentionally skip the version bump when attempting to
1676 * vanish links.
1677 *
1678 * The control is set by dbcheck and expunge-tombstones which
1679 * both attempt to be non-replicating. Otherwise, making an
1680 * alteration to the replication state would trigger a
1681 * broadcast of all expunged objects.
1682 */
1684 }
1689 }
1694 /*
1695 * allow this to make it possible for dbcheck
1696 * to rebuild broken metadata
1697 */
1699 }
1700 }
1703 /*
1704 * First check if we find it under the msDS-IntID,
1705 * then check if we find it under the OID and
1706 * prefixMap ID.
1707 *
1708 * This allows the administrator to simply re-write
1709 * the attributes and so restore replication, which is
1710 * likely what they will try to do.
1711 */
1714 }
1718 }
1719 }
1722 /* linked attributes are not stored in
1723 replPropertyMetaData in FL above w2k, but we do
1724 raise the seqnum for the object */
1728 }
1730 }
1733 /* we need to add a new one */
1739 }
1742 }
1744 /* Get a new sequence number from the backend. We only do this
1745 * if we have a change that requires a new
1746 * replPropertyMetaData element
1747 */
1752 }
1753 }
1766 }
1770 /*
1771 * Set the originating_change_time to 29/12/9999 at 23:59:59
1772 * as specified in MS-ADTS 7.1.1.4.2 Deleted Objects Container
1773 */
1777 }
1780 }
1786 /* Force version to 0 to be overridden later via replication */
1788 }
1791 }
1793 /*
1794 * Bump the replPropertyMetaData version on an attribute, and if it
1795 * has changed (or forced by leaving rdn_old NULL), update the value
1796 * in the entry.
1797 *
1798 * This is important, as calling a modify operation may not change the
1799 * version number if the values appear unchanged, but a rename between
1800 * parents bumps this value.
1801 *
1802 */
1809 NTTIME now,
1812 {
1818 rdn_name;
1824 };
1830 };
1836 }
1837 }
1845 }
1848 {
1856 }
1857 }
1859 }
1861 /*
1862 * update the replPropertyMetaData object each time we modify an
1863 * object. This is needed for DRS replication, as the merge on the
1864 * client is based on this object
1865 */
1873 {
1878 NTTIME now;
1897 }
1903 }
1911 }
1916 }
1920 /* this happens during an initial vampire while
1921 updating the schema */
1924 }
1932 }
1935 }
1937 /* if isDeleted is present and is TRUE, then we consider we are deleting,
1938 * otherwise we consider we are updating */
1945 }
1948 /* In this case the change_replmetadata control was supplied */
1949 /* We check that it's the only attribute that is provided
1950 * (it's a rare case so it's better to keep the code simpler)
1951 * We also check that the highest local_usn is bigger or the same as
1952 * uSNChanged. */
1960 }
1962 DEBUG(0,(__location__ ": changereplmetada control can't be called when deleting an object\n"));
1964 }
1970 }
1977 }
1980 DSDB_FLAG_NEXT_MODULE |
1981 DSDB_SEARCH_SHOW_RECYCLED |
1982 DSDB_SEARCH_SHOW_EXTENDED_DN |
1983 DSDB_SEARCH_SHOW_DN_IN_STORAGE_FORMAT |
1988 }
1995 /*
1996 * The test here now allows for a new
1997 * replPropertyMetaData with no change, if was
1998 * just dbcheck re-sorting the values.
1999 */
2005 }
2006 }
2009 /* search for the existing replPropertyMetaDataBlob. We need
2010 * to use REVEAL and ask for DNs in storage format to support
2011 * the check for values being the same in
2012 * replmd_update_rpmd_element()
2013 */
2015 DSDB_FLAG_NEXT_MODULE |
2016 DSDB_SEARCH_SHOW_RECYCLED |
2017 DSDB_SEARCH_SHOW_EXTENDED_DN |
2018 DSDB_SEARCH_SHOW_DN_IN_STORAGE_FORMAT |
2022 }
2029 }
2037 }
2043 }
2052 our_invocation_id,
2054 is_forced_rodc,
2055 req);
2058 }
2062 }
2065 i++;
2067 }
2072 i++;
2074 }
2077 }
2078 }
2080 /*
2081 * Assert that we have an objectClass attribute - this is major
2082 * corruption if we don't have this!
2083 */
2086 /*
2087 * Now check if this objectClass means we need to do urgent replication
2088 */
2090 situation)) {
2092 }
2098 }
2100 /*
2101 * replmd_update_rpmd_element has done an update if the
2102 * seq_num is set
2103 */
2108 /*if we are RODC and this is a DRSR update then its ok*/
2117 }
2123 }
2124 }
2130 }
2136 }
2144 }
2151 }
2155 }
2158 }
2161 {
2166 }
2168 }
2170 /*
2171 get a series of message element values as an array of DNs and GUIDs
2172 the result is sorted by GUID
2173 */
2177 {
2185 }
2191 }
2195 NTSTATUS status;
2204 }
2211 /* we got a DN without a GUID - go find the GUID */
2219 dn_str);
2224 }
2226 }
2230 }
2233 }
2238 }
2239 }
2240 /* keep a pointer to the original ldb_val */
2242 }
2245 }
2247 }
2249 /*
2250 * Get a series of trusted message element values. The result is sorted by
2251 * GUID, even though the GUIDs might not be known. That works because we trust
2252 * the database to give us the elements like that if the
2253 * replmd_private->sorted_links flag is set.
2254 *
2255 * We also ensure that the links are in the Functional Level 2003
2256 * linked attributes format.
2257 */
2265 {
2270 }
2273 /* We need to sort the list. This is the slow old path we want
2274 to avoid.
2275 */
2277 parent);
2280 }
2286 }
2287 }
2289 /*
2290 * This upgrades links to FL2003 style, and sorts the result
2291 * if that was needed.
2292 *
2293 * TODO: Add a database feature that asserts we have no FL2000
2294 * style links to avoid this check or add a feature that
2295 * uses a similar check to find sorted/unsorted links
2296 * for an on-the-fly upgrade.
2297 */
2301 el,
2302 ldap_oid);
2305 }
2308 }
2310 /*
2311 Return LDB_SUCCESS if a parsed_dn list contains no duplicate values,
2312 otherwise an error code. For compatibility the error code differs depending
2313 on whether or not the attribute is "member".
2315 As always, the parsed_dn list is assumed to be sorted.
2316 */
2320 {
2328 "Linked attribute %s has "
2335 }
2336 }
2337 }
2339 }
2341 /*
2342 build a new extended DN, including all meta data fields
2344 RMD_FLAGS = DSDB_RMD_FLAG_* bits
2345 RMD_ADDTIME = originating_add_time
2346 RMD_INVOCID = originating_invocation_id
2347 RMD_CHANGETIME = originating_change_time
2348 RMD_ORIGINATING_USN = originating_usn
2349 RMD_LOCAL_USN = local_usn
2350 RMD_VERSION = version
2351 */
2356 {
2360 }
2362 static int replmd_update_la_val(TALLOC_CTX *mem_ctx, struct ldb_val *v, struct dsdb_dn *dsdb_dn,
2367 /*
2368 check if any links need upgrading from w2k format
2369 */
2374 {
2378 NTSTATUS status;
2383 ldap_oid);
2386 }
2387 }
2392 /*
2393 * We optimistically assume they are all the same; if
2394 * the first one is fixed, they are all fixed.
2395 *
2396 * If the first one was *not* fixed and we find a
2397 * later one that is, that is an occasion to shout
2398 * with DEBUG(0).
2399 */
2402 }
2406 }
2412 }
2413 }
2416 /* it's an old one that needs upgrading */
2422 }
2423 }
2425 /*
2426 * This sort() is critical for the operation of
2427 * get_parsed_dns_trusted_fallback() because callers of this function
2428 * expect a sorted list, and FL2000 style links are not
2429 * sorted. In particular, as well as the upgrade case,
2430 * get_parsed_dns_trusted_fallback() is called from
2431 * replmd_delete_remove_link() even in FL2000 mode
2432 *
2433 * We do not normally pay the cost of the qsort() due to the
2434 * early return in the RMD_VERSION found case.
2435 */
2438 }
2440 /*
2441 Sets the value for a linked attribute, including all meta data fields
2443 see replmd_build_la_val for value names
2444 */
2449 {
2457 NTSTATUS status;
2466 }
2472 }
2478 }
2484 }
2489 }
2495 /* get the ADDTIME from the original */
2499 }
2502 }
2507 }
2509 /* use our invocation id */
2513 /* changetime is the current time */
2517 /* update the USN */
2532 }
2536 }
2538 /**
2539 * Updates the value for a linked attribute, including all meta data fields
2540 */
2541 static int replmd_update_la_val(TALLOC_CTX *mem_ctx, struct ldb_val *v, struct dsdb_dn *dsdb_dn,
2545 {
2548 NTSTATUS status;
2550 /*
2551 * We're updating the linked attribute locally, so increase the version
2552 * by 1 so that other DCs will see the change when it gets replicated out
2553 */
2559 }
2563 }
2565 /*
2566 handle adding a linked attribute
2567 */
2578 {
2588 NTTIME now;
2591 /* get the DNs to be added, fully parsed.
2592 *
2593 * We need full parsing because they came off the wire and we don't
2594 * trust them, besides which we need their details to know where to put
2595 * them.
2596 */
2602 }
2604 /* get the existing DNs, lazily parsed */
2608 parent);
2613 }
2622 }
2630 }
2632 /*
2633 * For each new value, find where it would go in the list. If there is
2634 * a matching GUID there, we update the existing value; otherwise we
2635 * put it in place.
2636 */
2652 }
2659 NTSTATUS status;
2665 }
2670 }
2672 /*
2673 * Only "<GUID=...><SID=...>" is allowed.
2674 *
2675 * We get the GUID to just to find the old
2676 * value and the SID in order to add it
2677 * to the found value.
2678 */
2684 }
2690 }
2695 /* this is what we expect */
2699 "i[%u] SID NOT MISSING... Attribute %s already "
2712 }
2719 "NO SID PROVIDED... Attribute %s already "
2726 }
2733 }
2740 }
2747 }
2749 /*
2750 * We just replace the existing value...
2751 */
2755 }
2758 /*
2759 * We are trying to add one that exists, which is only
2760 * allowed if it was previously deleted.
2761 *
2762 * When we do undelete a link we change it in place.
2763 * It will be copied across into the right spot in due
2764 * course.
2765 */
2772 "Attribute %s already "
2778 /* error codes for 'member' need to be
2779 special cased */
2784 }
2785 }
2796 }
2800 msg_dn,
2803 schema_attr,
2804 parent);
2808 }
2810 }
2811 /*
2812 * Here we don't have an exact match.
2813 *
2814 * If next is NULL, this one goes beyond the end of the
2815 * existing list, so we need to add all of those ones first.
2816 *
2817 * If next is not NULL, we need to add all the ones before
2818 * next.
2819 */
2823 /* next should have been parsed, but let's make sure */
2830 }
2831 }
2833 }
2835 /* put all the old ones before next on the list */
2838 num_values++;
2839 }
2845 parent);
2849 }
2850 /* Make the new linked attribute ldb_val. */
2857 }
2858 num_values++;
2862 }
2863 }
2864 /* copy the rest of the old ones (if any) */
2867 num_values++;
2868 }
2873 }
2879 /* we now tell the backend to replace all existing values
2880 with the one we have constructed */
2884 }
2887 /*
2888 handle deleting all active linked attributes
2889 */
2900 {
2910 NTTIME now;
2915 /* there is nothing to delete... */
2917 /* and we're deleting nothing, so that's OK */
2919 }
2921 }
2926 }
2933 }
2938 parent);
2943 }
2949 }
2951 /* we empty out el->values here to avoid damage if we return early. */
2955 /*
2956 * If vanish links is set, we are actually removing members of
2957 * old_el->values; otherwise we are just marking them deleted.
2958 *
2959 * There is a special case when no values are given: we remove them
2960 * all. When we have the vanish_links control we just have to remove
2961 * the backlinks and change our element to replace the existing values
2962 * with the empty list.
2963 */
2973 }
2974 }
2978 parent);
2982 }
2985 }
2990 }
3000 }
3001 }
3007 }
3008 }
3017 NULL,
3025 }
3038 }
3039 }
3049 "attribute %s to %s, because "
3052 }
3053 }
3055 /* remove the backlink */
3057 replmd_private,
3059 msg_dn,
3062 parent);
3066 }
3068 /* We flag the deletion and tidy it up later. */
3071 }
3087 }
3088 }
3098 }
3103 parent);
3107 }
3108 }
3119 }
3123 }
3125 j++;
3126 }
3129 }
3131 }
3138 /* we now tell the backend to replace all existing values
3139 with the one we have constructed */
3143 }
3145 /*
3146 handle replacing a linked attribute
3147 */
3158 {
3169 NTTIME now;
3173 /*
3174 * The replace operation is unlike the replace and delete cases in that
3175 * we need to look at every existing link to see whether it is being
3176 * retained or deleted. In other words, we can't avoid parsing the GUIDs.
3177 *
3178 * As we are trying to combine two sorted lists, the algorithm we use
3179 * is akin to the merge phase of a merge sort. We interleave the two
3180 * lists, doing different things depending on which side the current
3181 * item came from.
3182 *
3183 * There are three main cases, with some sub-cases.
3184 *
3185 * - a DN is in the old list but not the new one. It needs to be
3186 * marked as deleted (but left in the list).
3187 * - maybe it is already deleted, and we have less to do.
3188 *
3189 * - a DN is in both lists. The old data gets replaced by the new,
3190 * and the list doesn't grow. The old link may have been marked as
3191 * deleted, in which case we undelete it.
3192 *
3193 * - a DN is in the new list only. We add it in the right place.
3194 */
3201 /* There is nothing to do! */
3203 }
3205 /*
3206 * At the successful end of these functions el->values is
3207 * overwritten with new_values. However get_parsed_dns()
3208 * points p->v at the supplied el and it effectively gets used
3209 * as a working area by replmd_build_la_val(). So we must
3210 * duplicate it because our caller only called
3211 * ldb_msg_copy_shallow().
3212 */
3221 }
3227 }
3233 }
3240 }
3247 }
3254 }
3266 /* the new list is empty, read the old list */
3271 /* the old list is empty, read new list */
3277 }
3280 /*
3281 * An old ones that come before the next replacement
3282 * (if any). We mark it as deleted and add it to the
3283 * final list.
3284 */
3296 }
3300 msg_dn,
3302 schema_attr,
3303 parent);
3307 }
3308 }
3310 old_i++;
3312 /*
3313 * We are overwriting one. If it was previously
3314 * deleted, we need to add a backlink.
3315 *
3316 * Note that if any RMD_FLAGs in an extended new DN
3317 * will be ignored.
3318 */
3330 }
3336 msg_dn,
3338 schema_attr,
3339 parent);
3343 }
3344 }
3347 old_i++;
3348 new_i++;
3350 /*
3351 * Replacements that don't match an existing one. We
3352 * just add them to the final list.
3353 */
3362 }
3365 msg_dn,
3367 schema_attr,
3368 parent);
3372 }
3374 new_i++;
3375 }
3376 }
3379 }
3387 }
3390 /*
3391 handle linked attributes in modify requests
3392 */
3399 {
3407 /*
3408 * Nothing special is required for modifying or vanishing links
3409 * in fl2000 since they are just strings in a multi-valued
3410 * attribute.
3411 */
3413 DSDB_CONTROL_REPLMD_VANISH_LINKS);
3416 }
3418 }
3420 /*
3421 * TODO:
3422 *
3423 * We should restrict this to the intersection of the list of
3424 * linked attributes in the schema and the list of attributes
3425 * being modified.
3426 *
3427 * This will help performance a little, as otherwise we have
3428 * to allocate the entire object value-by-value.
3429 */
3431 DSDB_FLAG_NEXT_MODULE |
3432 DSDB_SEARCH_SHOW_RECYCLED |
3433 DSDB_SEARCH_REVEAL_INTERNALS |
3434 DSDB_SEARCH_SHOW_DN_IN_STORAGE_FORMAT,
3435 parent);
3438 }
3453 }
3456 }
3461 DSDB_CONTROL_REPLMD_VANISH_LINKS);
3465 }
3467 DSDB_CONTROL_DBCHECK);
3470 }
3472 /* Odd is for the target. Illegal to modify */
3476 }
3484 parent);
3491 parent);
3498 parent);
3505 }
3508 }
3514 /* Return codes as found on Windows 2012r2 */
3519 }
3522 }
3526 }
3530 }
3534 /* TODO: this relies a bit too heavily on the exact
3535 behaviour of ldb_msg_find_element and
3536 ldb_msg_remove_element */
3540 i--;
3541 }
3542 }
3546 }
3552 {
3558 WERROR werr;
3571 server_dn);
3572 }
3573 }
3577 }
3580 domain,
3585 }
3588 }
3592 {
3610 /* do not manipulate our control entries */
3613 }
3616 DSDB_CONTROL_SEC_DESC_PROPAGATION_OID);
3620 }
3625 }
3628 }
3633 DSDB_CONTROL_DBCHECK_FIX_DUPLICATE_LINKS);
3640 }
3644 }
3649 }
3655 }
3659 }
3663 }
3666 DSDB_CONTROL_DBCHECK_FIX_LINK_DN_NAME);
3673 }
3677 }
3681 }
3685 }
3689 }
3694 }
3699 }
3705 }
3709 }
3713 }
3715 /*
3716 * If we are run from dbcheck and we are not updating
3717 * a link (as these would need to be sorted and so
3718 * can't go via such a simple update, then do not
3719 * trigger replicated updates and a new USN from this
3720 * change, it wasn't a real change, just a new
3721 * (correct) string DN
3722 */
3726 }
3735 }
3740 }
3744 /* we have to copy the message as the caller might have it as a const */
3750 }
3753 DSDB_CONTROL_DBCHECK_FIX_LINK_DN_SID);
3760 }
3765 }
3770 }
3777 }
3782 }
3788 }
3803 }
3808 }
3810 handle_linked_attribs:
3816 }
3818 /* TODO:
3819 * - replace the old object with the newly constructed one
3820 */
3825 msg,
3828 req);
3833 }
3835 /* current partition control is needed by "replmd_op_callback" */
3838 DSDB_CONTROL_CURRENT_PARTITION_OID,
3843 }
3844 }
3846 /* If we are in functional level 2000, then
3847 * replmd_modify_handle_linked_attribs will have done
3848 * nothing */
3854 }
3855 }
3859 /* we only change whenChanged and uSNChanged if the seq_num
3860 has changed */
3867 }
3874 }
3875 }
3877 /* go on with the call chain */
3879 }
3883 /*
3884 handle a rename request
3886 On a rename we need to do an extra ldb_modify which sets the
3887 whenChanged and uSNChanged attributes. We do this in a callback after the success.
3888 */
3890 {
3897 /* do not manipulate our control entries */
3900 }
3903 DSDB_CONTROL_DBCHECK_FIX_LINK_DN_NAME);
3906 }
3915 }
3927 }
3929 /* go on with the call chain */
3931 }
3933 /* After the rename is completed, update the whenchanged etc */
3935 {
3958 }
3965 LDB_ERR_OPERATIONS_ERROR);
3966 }
3968 /* TODO:
3969 * - replace the old object with the newly constructed one
3970 */
3976 }
3987 }
3989 /* normalize the rdn attribute name */
3995 }
4003 }
4009 }
4014 }
4016 /*
4017 * here we let replmd_update_rpmd() only search for
4018 * the existing "replPropertyMetaData" and rdn_name attributes.
4019 *
4020 * We do not want the existing "name" attribute as
4021 * the "name" attribute needs to get the version
4022 * updated on rename even if the rdn value hasn't changed.
4023 *
4024 * This is the diff of the meta data, for a moved user
4025 * on a w2k8r2 server:
4026 *
4027 * # record 1
4028 * -dn: CN=sdf df,CN=Users,DC=bla,DC=base
4029 * +dn: CN=sdf df,OU=TestOU,DC=bla,DC=base
4030 * replPropertyMetaData: NDR: struct replPropertyMetaDataBlob
4031 * version : 0x00000001 (1)
4032 * reserved : 0x00000000 (0)
4033 * @@ -66,11 +66,11 @@ replPropertyMetaData: NDR: struct re
4034 * local_usn : 0x00000000000037a5 (14245)
4035 * array: struct replPropertyMetaData1
4036 * attid : DRSUAPI_ATTID_name (0x90001)
4037 * - version : 0x00000001 (1)
4038 * - originating_change_time : Wed Feb 9 17:20:49 2011 CET
4039 * + version : 0x00000002 (2)
4040 * + originating_change_time : Wed Apr 6 15:21:01 2011 CEST
4041 * originating_invocation_id: 0d36ca05-5507-4e62-aca3-354bab0d39e1
4042 * - originating_usn : 0x00000000000037a5 (14245)
4043 * - local_usn : 0x00000000000037a5 (14245)
4044 * + originating_usn : 0x0000000000003834 (14388)
4045 * + local_usn : 0x0000000000003834 (14388)
4046 * array: struct replPropertyMetaData1
4047 * attid : DRSUAPI_ATTID_userAccountControl (0x90008)
4048 * version : 0x00000004 (4)
4049 */
4063 }
4068 }
4075 }
4079 msg,
4082 req);
4087 }
4089 /* current partition control is needed by "replmd_op_callback" */
4092 DSDB_CONTROL_CURRENT_PARTITION_OID,
4097 }
4098 }
4107 }
4114 }
4116 /* go on with the call chain - do the modify after the rename */
4118 }
4120 /*
4121 * remove links from objects that point at this object when an object
4122 * is deleted. We remove it from the NEXT module per MS-DRSR 5.160
4123 * RemoveObj which states that link removal due to the object being
4124 * deleted is NOT an originating update - they just go away!
4125 *
4126 */
4136 {
4159 }
4165 }
4167 /* remove the link */
4173 }
4180 }
4189 }
4193 DSDB_FLAG_NEXT_MODULE |
4194 DSDB_SEARCH_SHOW_EXTENDED_DN |
4195 DSDB_SEARCH_SHOW_RECYCLED,
4196 parent);
4206 }
4211 }
4225 }
4227 /*
4228 * This call 'upgrades' the links in link_dns, but we
4229 * do not commit the result back into the database, so
4230 * this is safe to call in FL2000 or on databases that
4231 * have been run at that level in the past.
4232 */
4234 tmp_ctx,
4237 parent);
4241 }
4251 }
4262 }
4264 /*
4265 * If we find a backlink to ourself, we will delete
4266 * the forward link before we get to process that
4267 * properly, so just let the caller process this via
4268 * the forward link.
4269 *
4270 * We do this once we are sure we have the forward
4271 * link (to ourself) in case something is very wrong
4272 * and they are out of sync.
4273 */
4276 }
4278 /* This needs to get the Binary DN, by first searching */
4286 /*
4287 * Ensure that we tell the modification to vanish any linked
4288 * attributes (not simply mark them as isDeleted = TRUE)
4289 */
4296 }
4297 }
4300 }
4303 /*
4304 handle update of replication meta data for deletion of objects
4306 This also handles the mapping of delete to a rename operation
4307 to allow deletes to be replicated.
4309 It also handles the incoming deleted objects, to ensure they are
4310 fully deleted here. In that case re_delete is true, and we do not
4311 use this as a signal to change the deleted state, just reinforce it.
4313 */
4314 static int replmd_delete_internals(struct ldb_module *module, struct ldb_request *req, bool re_delete)
4315 {
4329 /*
4330 * This list MUST be kept in case-insensitive sorted order,
4331 * as we use it in a binary search with ldb_attr_cmp().
4332 *
4333 * We get this hard-coded list from
4334 * MS-ADTS section 3.1.1.5.5.1.1 "Tombstone Requirements".
4335 */
4377 /*
4378 * DO NOT JUST APPEND TO THIS LIST.
4379 *
4380 * In case you missed the note at the top, this list is kept
4381 * in case-insensitive sorted order. In the unlikely event you
4382 * need to add an attribute, please add it in the RIGHT PLACE.
4383 */
4384 };
4386 DSDB_SECRET_ATTRIBUTES,
4388 NULL
4389 };
4393 };
4402 }
4404 /*
4405 * We have to allow dbcheck to remove an object that
4406 * is beyond repair, and to do so totally. This could
4407 * mean we we can get a partial object from the other
4408 * DC, causing havoc, so dbcheck suggests
4409 * re-replication first. dbcheck sets both DBCHECK
4410 * and RELAX in this situation.
4411 */
4414 /* really, really remove it */
4416 }
4422 }
4428 }
4432 /* we need the complete msg off disk, so we can work out which
4433 attributes need to be removed */
4435 DSDB_FLAG_NEXT_MODULE |
4436 DSDB_SEARCH_SHOW_RECYCLED |
4437 DSDB_SEARCH_REVEAL_INTERNALS |
4447 }
4454 /* This supports us noticing an incoming isDeleted and acting on it */
4458 }
4461 /*
4462 * We have to prevent objects being deleted, even if
4463 * the administrator really wants them gone, as
4464 * without the tombstone, we can get a partial object
4465 * from the other DC, causing havoc.
4466 *
4467 * The only other valid case is when the 180 day
4468 * timeout has expired, when relax is specified.
4469 */
4471 /* it is already deleted - really remove it this time */
4474 }
4480 }
4487 }
4494 }
4498 /* consider the SYSTEM_FLAG_DISALLOW_MOVE_ON_DELETE flag */
4499 disallow_move_on_delete =
4503 /* work out where we will be renaming this object to */
4509 /*
4510 * We should not move objects if we can't find the
4511 * deleted objects DN. Not moving (or otherwise
4512 * harming) the Deleted Objects DN itself is handled
4513 * in the caller.
4514 */
4521 }
4523 /* this is probably an attempted delete on a partition
4524 * that doesn't allow delete operations, such as the
4525 * schema partition */
4532 }
4539 }
4540 }
4542 /* get the objects GUID from the search we just did */
4549 ldb,
4550 new_dn,
4552 guid);
4557 }
4566 }
4569 /*
4570 * No matter what has happened with other renames etc, try again to
4571 * get this to be under the deleted DN. See MS-DRSR 5.160 RemoveObj
4572 */
4582 }
4593 }
4594 }
4596 /*
4597 now we need to modify the object in the following ways:
4599 - add isDeleted=TRUE
4600 - update rDN and name, with new rDN
4601 - remove linked attributes
4602 - remove objectCategory and sAMAccountType
4603 - remove attribs not on the preserved list
4604 - preserved if in above list, or is rDN
4605 - remove all linked attribs from this object
4606 - remove all links from other objects to this object
4607 (note we use the backlinks to do this, so we won't find one-way
4608 links that still point to this object, or deactivated two-way
4609 links, i.e. 'member' after the user has been removed from the
4610 group)
4611 - add lastKnownParent
4612 - update replPropertyMetaData?
4614 see MS-ADTS "Tombstone Requirements" section 3.1.1.5.5.1.1
4615 */
4622 /* we need the storage form of the parent GUID */
4625 DSDB_FLAG_NEXT_MODULE |
4626 DSDB_SEARCH_SHOW_DN_IN_STORAGE_FORMAT |
4627 DSDB_SEARCH_REVEAL_INTERNALS|
4631 "repmd_delete: Failed to %s %s, "
4639 }
4641 /*
4642 * Now we can use the DB version,
4643 * it will have the extended DN info in it
4644 */
4647 parent_dn,
4652 }
4655 parent_dn_str);
4658 ": Failed to add lastKnownParent "
4663 }
4669 }
4676 ": Failed to add msDS-LastKnownRDN "
4681 }
4687 }
4689 }
4690 }
4697 /*
4698 * MS-ADTS 3.1.1.5.5.1.1 Tombstone Requirements
4699 * describes what must be removed from a tombstone
4700 * object
4701 *
4702 * MS-ADTS 3.1.1.5.5.1.3 Recycled-Object Requirements
4703 * describes what must be removed from a recycled
4704 * object
4705 *
4706 */
4708 /*
4709 * we also mark it as recycled, meaning this object can't be
4710 * recovered (we are stripping its attributes).
4711 * This is done only if we have this schema object of course ...
4712 * This behavior is identical to the one of Windows 2008R2 which
4713 * always set the isRecycled attribute, even if the recycle-bin is
4714 * not activated and what ever the forest level is.
4715 */
4726 }
4728 }
4732 /* work out which of the old attributes we will be removing */
4742 __location__
4743 ": Attribute %s "
4744 "not found in schema "
4745 "when deleting %s. "
4748 old_dn_str);
4751 }
4753 /* don't remove the rDN */
4755 }
4759 /*
4760 * we have a backlink in this object
4761 * that needs to be removed. We're not
4762 * allowed to remove it directly
4763 * however, so we instead setup a
4764 * modify to delete the corresponding
4765 * forward link
4766 */
4768 replmd_private,
4776 __location__
4777 ": Failed to remove backlink of "
4780 old_dn_str,
4784 }
4787 /*
4788 * now we continue, which means we
4789 * won't remove this backlink
4790 * directly
4791 */
4793 }
4795 /*
4796 * Otherwise vanish the link, we are
4797 * out of sync and the controlling
4798 * object does not have the source
4799 * link any more
4800 */
4808 }
4812 ldb_attr_cmp,
4813 attr);
4814 /*
4815 * If we are preserving, do not do the
4816 * ldb_msg_add_empty() below, continue
4817 * to the next element
4818 */
4821 }
4823 /*
4824 * Ensure that we tell the modification to vanish any linked
4825 * attributes (not simply mark them as isDeleted = TRUE)
4826 */
4828 }
4834 }
4835 }
4840 /*
4841 * MS-ADTS 3.1.1.5.5.1.2 Deleted-Object Requirements
4842 * describes what must be removed from a deleted
4843 * object
4844 */
4851 }
4858 }
4864 }
4869 /* work out what the new rdn value is, for updating the
4870 rDN and name fields */
4875 }
4881 }
4888 }
4897 }
4899 }
4900 }
4902 /*
4903 * TODO: Per MS-DRSR 5.160 RemoveObj we should remove links directly, not as an originating update!
4904 *
4905 */
4907 /*
4908 * No matter what has happned with other renames, try again to
4909 * get this to be under the deleted DN.
4910 */
4912 /* now rename onto the new DN */
4921 }
4923 }
4928 /*
4929 * This should not fail, so be quite verbose in the
4930 * error handling if it fails
4931 */
4935 "after successful rename to %s. "
4947 }
4949 tmp_ctx,
4950 LDB_CHANGETYPE_MODIFY,
4951 msg);
4956 s);
4958 "replmd_delete: Failed to modify"
4965 }
4970 }
4973 {
4975 }
4979 {
4981 }
4983 static int replmd_replicated_request_werror(struct replmd_replicated_request *ar, WERROR status)
4984 {
4986 /* TODO: do some error mapping */
4988 /* Let the caller know the full WERROR */
4992 }
4998 {
5005 }
5006 }
5008 }
5011 /*
5012 return true if an update is newer than an existing entry
5013 see section 5.11 of MS-ADTS
5014 */
5019 NTTIME current_change_time,
5020 NTTIME update_change_time)
5021 {
5024 }
5027 }
5029 }
5033 {
5040 }
5045 {
5048 /*
5049 * If the new replPropertyMetaData entry for this attribute is
5050 * not provided (this happens in the case where we look for
5051 * ATTID_name, but the name was not changed), then the local
5052 * state is clearly still current, as the remote
5053 * server didn't send it due to being older the high watermark
5054 * USN we sent.
5055 */
5058 }
5061 /*
5062 * if we compare equal then do an
5063 * update. This is used when a client
5064 * asks for a FULL_SYNC, and can be
5065 * used to recover a corrupt
5066 * replica.
5067 *
5068 * This call is a bit tricky, what we
5069 * are doing it turning the 'is_newer'
5070 * call into a 'not is older' by
5071 * swapping cur_m and new_m, and negating the
5072 * outcome.
5073 */
5075 cur_m);
5078 new_m);
5079 }
5081 }
5084 /*
5085 form a DN for a deleted (DEL:) or conflict (CNF:) DN
5086 */
5094 {
5108 }
5110 /*
5111 * TODO: Per MS-ADTS 3.1.1.5.5 Delete Operation
5112 * we should truncate this value to ensure the RDN is not more than 255 chars.
5113 *
5114 * However we MS-ADTS 3.1.1.5.1.2 Naming Constraints indicates that:
5115 *
5116 * "Naming constraints are not enforced for replicated
5117 * updates." so this is safe and we don't have to work out not
5118 * splitting a UTF8 char right now.
5119 */
5122 /*
5123 * sizeof(guid_str.buf) will always be longer than
5124 * strlen(guid_str.buf) but we allocate using this and
5125 * waste the trailing bytes to avoid scaring folks
5126 * with memcpy() using strlen() below
5127 */
5129 deleted_child_rdn_val.data
5139 }
5148 /*
5149 * talloc won't allocate more than 256MB so we can't
5150 * overflow but just to be sure
5151 */
5154 }
5163 /* Now set the value into the RDN, without parsing it */
5165 dn,
5167 rdn_name,
5168 deleted_child_rdn_val);
5171 }
5174 /*
5175 form a conflict DN
5176 */
5181 {
5191 }
5196 }
5201 rdn_name,
5202 rdn_val,
5206 }
5208 }
5210 /*
5211 form a deleted DN
5212 */
5219 {
5223 rdn_name,
5224 rdn_value,
5225 guid);
5226 }
5229 /*
5230 perform a modify operation which sets the rDN and name attributes to
5231 their current values. This has the effect of changing these
5232 attributes to have been last updated by the current DC. This is
5233 needed to ensure that renames performed as part of conflict
5234 resolution are propagated to other DCs
5235 */
5238 {
5248 }
5254 }
5256 /* normalize the rdn attribute name */
5260 }
5266 }
5270 }
5273 }
5275 /*
5276 * We have to mark this as a replicated update otherwise
5277 * schema_data may reject a rename in the schema partition
5278 */
5282 req);
5288 }
5294 failed:
5299 }
5302 /*
5303 callback for conflict DN handling where we have renamed the incoming
5304 record. After renaming it, we need to ensure the change of name and
5305 rDN for the incoming record is seen as an originating update by this DC.
5307 This also handles updating lastKnownParent for entries sent to lostAndFound
5308 */
5310 {
5317 /* call the normal callback for everything except success */
5319 }
5330 }
5332 /* perform a modify of the rDN and name of the record */
5337 }
5344 }
5349 ldb_dn_get_extended_linearized(msg, ar->objs->objects[ar->index_current].last_known_parent, 1));
5354 }
5363 }
5365 }
5368 }
5372 /*
5373 * A helper for replmd_op_possible_conflict_callback() and
5374 * replmd_replicated_handle_rename()
5375 */
5381 {
5396 ldb,
5397 "Failed to determine if we are an RODC when attempting "
5401 }
5404 /*
5405 * We are on an RODC, or were a GC for this
5406 * partition, so we have to fail this until
5407 * someone who owns the partition sorts it
5408 * out
5409 */
5411 ldb,
5412 "Conflict adding object '%s' from incoming replication "
5414 " - We must fail the operation until a master for this "
5418 }
5420 /*
5421 * first we need the replPropertyMetaData attribute from the
5422 * old record
5423 */
5425 attrs,
5426 DSDB_FLAG_NEXT_MODULE |
5427 DSDB_SEARCH_SHOW_DELETED |
5434 }
5440 ": Unable to find replPropertyMetaData for conflicting "
5444 }
5454 }
5458 /*
5459 * we decide which is newer based on the RPMD on the name
5460 * attribute. See [MS-DRSR] ResolveNameConflict.
5461 *
5462 * We expect omd_name to be present, as this is from a local
5463 * search, but while rmd_name should have been given to us by
5464 * the remote server, if it is missing we just prefer the
5465 * local name in
5466 * replmd_replPropertyMetaData1_new_should_be_taken()
5467 */
5469 DRSUAPI_ATTID_name);
5471 DRSUAPI_ATTID_name);
5474 ": Failed to find name attribute in "
5478 }
5480 /*
5481 * Should we preserve the current record, and so rename the
5482 * incoming record to be a conflict?
5483 */
5487 DSDB_REPL_FLAG_PRIORITISE_INCOMING),
5491 }
5494 /*
5495 callback for replmd_replicated_apply_add()
5496 This copes with the creation of conflict records in the case where
5497 the DN exists, but with a different objectGUID
5498 */
5499 static int replmd_op_possible_conflict_callback(struct ldb_request *req, struct ldb_reply *ares, int (*callback)(struct ldb_request *req, struct ldb_reply *ares))
5500 {
5510 /* call the normal callback for success */
5513 }
5515 /*
5516 * we have a conflict, and need to decide if we will keep the
5517 * new record or the old record
5518 */
5523 /* For failures other than conflicts, fail the whole operation here */
5525 ldb_asprintf_errstring(ldb_module_get_ctx(ar->module), "Failed to locally apply remote add of %s: %s",
5530 LDB_ERR_OPERATIONS_ERROR);
5531 }
5538 }
5549 }
5557 }
5562 /* re-submit the request, but with the new DN */
5566 /* we are renaming the existing record */
5575 }
5584 }
5597 }
5599 /*
5600 * now we need to ensure that the rename is seen as an
5601 * originating update. We do that with a modify.
5602 */
5606 }
5608 DEBUG(2,(__location__ ": With conflicting record renamed, re-apply replicated creation of '%s'\n",
5610 }
5614 req,
5615 msg,
5617 ar,
5618 callback,
5619 req);
5622 }
5625 /* current partition control needed by "repmd_op_callback" */
5627 DSDB_CONTROL_CURRENT_PARTITION_OID,
5631 }
5634 /* this tells the partition module to make it a
5635 partial replica if creating an NC */
5637 DSDB_CONTROL_PARTIAL_REPLICA,
5641 }
5642 }
5644 /*
5645 * Finally we re-run the add, otherwise the new record won't
5646 * exist, as we are here because of that exact failure!
5647 */
5649 failed:
5651 /* on failure make the caller get the error. This means
5652 * replication will stop with an error, but there is not much
5653 * else we can do.
5654 */
5657 }
5659 ret);
5660 }
5662 /*
5663 callback for replmd_replicated_apply_add()
5664 This copes with the creation of conflict records in the case where
5665 the DN exists, but with a different objectGUID
5666 */
5668 {
5673 /* This is like a conflict DN, where we put the object in LostAndFound
5674 see MS-DRSR 4.1.10.6.10 FindBestParentObject */
5676 }
5679 }
5681 /*
5682 this is called when a new object comes in over DRS
5683 */
5685 {
5696 NTTIME now;
5712 }
5719 }
5721 ret = ldb_msg_add_string(msg, "whenChanged", ar->objs->objects[ar->index_current].when_changed);
5724 }
5729 }
5734 }
5736 /* remove any message elements that have zero values */
5746 }
5751 i--;
5753 }
5754 }
5760 LDB_CHANGETYPE_ADD,
5761 msg);
5764 s));
5771 }
5775 /*
5776 * the meta data array is already sorted by the caller, except
5777 * for the RDN, which needs to be added.
5778 */
5786 ldb_asprintf_errstring(ldb, "%s: error during DRS repl ADD: %s", __func__, ldb_errstring(ldb));
5788 }
5792 ldb_asprintf_errstring(ldb, "%s: error during DRS repl ADD: %s", __func__, ldb_errstring(ldb));
5794 }
5798 }
5804 }
5808 }
5813 /*
5814 * Ensure any local ACL inheritance is applied from
5815 * the parent object.
5816 *
5817 * This is needed because descriptor is above
5818 * repl_meta_data in the module stack, so this will
5819 * not be triggered 'naturally' by the flow of
5820 * operations.
5821 */
5831 }
5832 }
5837 ldb,
5838 ar,
5839 msg,
5841 ar,
5842 replmd_op_add_callback,
5847 /* current partition control needed by "repmd_op_callback" */
5849 DSDB_CONTROL_CURRENT_PARTITION_OID,
5854 /* this tells the partition module to make it a
5855 partial replica if creating an NC */
5857 DSDB_CONTROL_PARTIAL_REPLICA,
5860 }
5863 }
5867 {
5874 LDB_ERR_OPERATIONS_ERROR);
5875 }
5877 /*
5878 * The error NO_SUCH_OBJECT is not expected, unless the search
5879 * base is the partition DN, and that case doesn't happen here
5880 * because then we wouldn't get a parent_guid_value in any
5881 * case.
5882 */
5886 }
5890 {
5898 /* Per MS-DRSR 4.1.10.6.10
5899 * FindBestParentObject we need to move this
5900 * new object under a deleted object to
5901 * lost-and-found */
5907 "No suitable NC root found for %s. "
5908 "We need to move this object because parent object %s "
5915 "Unable to find NC root for %s: %s. "
5916 "We need to move this object because parent object %s "
5922 }
5925 nc_root,
5926 DS_GUID_LOSTANDFOUND_CONTAINER,
5930 "Unable to find LostAndFound Container for %s "
5931 "in partition %s: %s. "
5932 "We need to move this object because parent object %s "
5938 }
5943 parent_dn
5946 }
5954 }
5955 }
5959 }
5961 }
5963 /* we ignore referrals */
5980 }
5982 /*
5983 * This error code is really important, as it
5984 * is the flag back to the callers to retry
5985 * this with DRSUAPI_DRS_GET_ANC, and so get
5986 * the parent objects before the child
5987 * objects
5988 */
5991 }
5997 }
6000 }
6001 }
6005 }
6007 /*
6008 * Look for the parent object, so we put the new object in the right
6009 * place This is akin to NameObject in MS-DRSR - this routine and the
6010 * callbacks find the right parent name, and correct name for this
6011 * object
6012 */
6015 {
6031 }
6032 }
6041 ldb,
6042 ar,
6044 LDB_SCOPE_SUBTREE,
6045 filter,
6046 attrs,
6047 NULL,
6048 ar,
6049 replmd_replicated_apply_search_for_parent_callback,
6054 DSDB_SEARCH_SHOW_RECYCLED|
6055 DSDB_SEARCH_SHOW_DELETED|
6056 DSDB_SEARCH_SHOW_EXTENDED_DN);
6059 }
6062 }
6064 /*
6065 handle renames that come in over DRS replication
6066 */
6071 {
6090 }
6094 ldb_asprintf_errstring(ldb_module_get_ctx(ar->module), "Failed to locally apply remote rename from %s to %s: %s",
6099 }
6108 }
6123 }
6136 }
6142 }
6144 /* we are renaming the existing record */
6151 }
6160 }
6173 }
6175 /*
6176 * now we need to ensure that the rename is seen as an
6177 * originating update. We do that with a modify.
6178 */
6182 }
6184 DEBUG(2,(__location__ ": With conflicting record renamed, re-apply replicated rename '%s' -> '%s'\n",
6188 /*
6189 * With the other record out of the way, do the rename we had
6190 * at the top again
6191 */
6200 }
6204 failed:
6205 /*
6206 * On failure make the caller get the error
6207 * This means replication will stop with an error,
6208 * but there is not much else we can do. In the
6209 * LDB_ERR_ENTRY_ALREADY_EXISTS case this is exactly what is
6210 * needed.
6211 */
6214 }
6218 }
6222 {
6246 NTSTATUS nt_status;
6251 NTTIME now;
6264 /* find existing meta data */
6272 }
6276 }
6277 }
6288 s,
6296 rmd)));
6305 }
6312 /*
6313 * Fill in the remote_parent_guid with the GUID or an all-zero
6314 * GUID.
6315 */
6320 }
6322 /*
6323 * To ensure we follow a complex rename chain around, we have
6324 * to confirm that the DN is the same (mostly to confirm the
6325 * RDN) and the parentGUID is the same.
6326 *
6327 * This ensures we keep things under the correct parent, which
6328 * replmd_replicated_handle_rename() will do.
6329 */
6335 /*
6336 * handle renames, even just by case that come in over
6337 * DRS. Changes in the parent DN don't hit us here,
6338 * because the search for a parent will clean up those
6339 * components.
6340 *
6341 * We also have already filtered out the case where
6342 * the peer has an older name to what we have (see
6343 * replmd_replicated_apply_search_callback())
6344 */
6347 /*
6348 * This looks strange, but we must set this after any
6349 * rename, otherwise the SD propegation will not
6350 * happen (which might matter if we have a new parent)
6351 *
6352 * The additional case of calling
6353 * replmd_op_name_modify_callback (below) is
6354 * controlled by renamed_to_conflict.
6355 */
6357 }
6366 }
6369 /*
6370 * Set the callback to one that will fix up the name
6371 * metadata on the new conflict DN
6372 */
6374 }
6384 /* first copy the old meta data */
6387 ni++;
6388 }
6391 /* now merge in the new meta data */
6400 }
6407 /* replace the entry */
6413 }
6414 }
6425 }
6428 }
6435 }
6437 /* we don't want to apply this change so remove the attribute */
6439 removed_attrs++;
6443 }
6452 }
6453 }
6464 }
6465 ni++;
6466 }
6468 /*
6469 * finally correct the size of the meta_data array
6470 */
6481 ldb_asprintf_errstring(ldb, "%s: error during DRS repl merge: %s", __func__, ldb_errstring(ldb));
6483 }
6484 }
6485 /*
6486 * sort the new meta data array
6487 */
6490 ldb_asprintf_errstring(ldb, "%s: error during DRS repl merge: %s", __func__, ldb_errstring(ldb));
6492 }
6494 /*
6495 * Work out if this object is deleted, so we can prune any extra attributes. See MS-DRSR 4.1.10.6.9
6496 * UpdateObject.
6497 *
6498 * This also controls SD propagation below
6499 */
6504 }
6508 /*
6509 * check if some replicated attributes left, otherwise skip the ldb_modify() call
6510 */
6516 }
6522 /*
6523 * This is an new name for this object, so we must
6524 * inherit from the parent
6525 *
6526 * This is needed because descriptor is above
6527 * repl_meta_data in the module stack, so this will
6528 * not be triggered 'naturally' by the flow of
6529 * operations.
6530 */
6540 }
6541 }
6544 /*
6545 * This is an existing object, so there is no need to
6546 * inherit from the parent, but we must inherit any
6547 * incoming changes to our child objects.
6548 *
6549 * This is needed because descriptor is above
6550 * repl_meta_data in the module stack, so this will
6551 * not be triggered 'naturally' by the flow of
6552 * operations.
6553 */
6563 }
6564 }
6566 /* create the meta data value */
6572 }
6574 /*
6575 * when we know that we'll modify the record, add the whenChanged, uSNChanged
6576 * and replPopertyMetaData attributes
6577 */
6578 ret = ldb_msg_add_string(msg, "whenChanged", ar->objs->objects[ar->index_current].when_changed);
6581 }
6585 }
6589 }
6593 /* we want to replace the old values */
6602 }
6603 }
6604 }
6610 LDB_CHANGETYPE_MODIFY,
6611 msg);
6615 s));
6624 }
6627 ldb,
6628 ar,
6629 msg,
6631 ar,
6632 callback,
6637 /* current partition control needed by "repmd_op_callback" */
6639 DSDB_CONTROL_CURRENT_PARTITION_OID,
6644 }
6648 {
6655 LDB_ERR_OPERATIONS_ERROR);
6656 }
6661 }
6669 /* we ignore referrals */
6673 {
6685 /*
6686 * This is the ADD case, find the appropriate parent,
6687 * as this object doesn't exist locally:
6688 */
6693 }
6696 }
6698 /*
6699 * Otherwise, in the MERGE case, work out if we are
6700 * attempting a rename, and if so find the parent the
6701 * newly renamed object wants to belong under (which
6702 * may not be the parent in it's attached string DN
6703 */
6708 /* find existing meta data */
6717 }
6721 }
6722 }
6730 "as local object has an all-zero parentGUID attribute, "
6734 }
6736 /*
6737 * now we need to check for double renames. We could have a
6738 * local rename pending which our replication partner hasn't
6739 * received yet. We choose which one wins by looking at the
6740 * attribute stamps on the two objects, the newer one wins.
6741 *
6742 * This also simply applies the correct algorithms for
6743 * determining if a change was made to name at all, or
6744 * if the object has just been renamed under the same
6745 * parent.
6746 */
6750 DEBUG(0,(__location__ ": Failed to find name attribute in local LDB replPropertyMetaData for %s\n",
6753 }
6755 /*
6756 * if there is no name attribute given then we have to assume the
6757 * object we've received has the older name
6758 */
6766 /* Merge on the existing object, with rename */
6781 /*
6782 * Merge on the existing object, force no
6783 * rename (code below just to explain why in
6784 * the DEBUG() logs)
6785 */
6799 }
6808 }
6809 /*
6810 * This assignment ensures that the strcmp()
6811 * and GUID_equal() calls in
6812 * replmd_replicated_apply_merge() avoids the
6813 * rename call
6814 */
6820 }
6823 }
6824 }
6825 }
6829 }
6831 /**
6832 * Returns true if we can group together processing this link attribute,
6833 * i.e. it has the same source-object and attribute ID as other links
6834 * already in the group
6835 */
6838 {
6844 }
6846 /**
6847 * Creates a new la_entry to store replication info for a single
6848 * linked attribute.
6849 */
6854 {
6859 }
6863 }
6869 }
6873 /*
6874 * we need to steal the non-scalars so they stay
6875 * around until the end of the transaction
6876 */
6881 }
6883 /**
6884 * Stores the linked attributes received in the replication chunk - these get
6885 * applied at the end of the transaction. We also check that each linked
6886 * attribute is valid, i.e. source and target objects are known.
6887 */
6889 {
6905 /* save away the linked attributes for the end of the transaction */
6910 /* create an entry to store the received link attribute info */
6917 }
6919 /*
6920 * check if we're still dealing with the same source object
6921 * as the last link
6922 */
6928 /* get a new mem_ctx to lookup the source object */
6934 }
6936 /* verify the link source exists */
6941 /*
6942 * When we fail to find the source object, the error
6943 * code we pass back here is really important. It flags
6944 * back to the callers to retry this request with
6945 * DRSUAPI_DRS_GET_ANC. This case should never happen
6946 * if we're replicating from a Samba DC, but it is
6947 * needed to talk to a Windows DC
6948 */
6952 err);
6954 }
6955 }
6961 }
6963 /* group the links together by source-object for efficiency */
6970 }
6972 }
6975 }
6979 }
6984 {
6998 /*
6999 * Now that we've applied all the objects, check the new linked
7000 * attributes and store them (we apply them in .prepare_commit)
7001 */
7006 }
7008 /* done applying objects, move on to the next stage */
7010 }
7023 ldb,
7024 ar,
7026 LDB_SCOPE_SUBTREE,
7027 filter,
7028 attrs,
7029 NULL,
7030 ar,
7031 replmd_replicated_apply_search_callback,
7035 /*
7036 * We set DSDB_SEARCH_SHOW_EXTENDED_DN to get the GUID on the
7037 * DN. This in turn helps our operational module find the
7038 * record by GUID, not DN lookup which is more error prone if
7039 * DN indexing changes. We prefer to keep chasing GUIDs
7040 * around if possible, even within a transaction.
7041 *
7042 * The aim here is to keep replication moving and allow a
7043 * reindex later.
7044 */
7050 }
7053 }
7055 /*
7056 * Returns true if we need to do extra processing to handle deleted object
7057 * changes received via replication
7058 */
7061 {
7067 /* not a deleted object, so don't set isDeleted */
7069 }
7075 /*
7076 * if the Deleted Object container lookup failed, then just apply
7077 * isDeleted (note that it doesn't exist for the Schema partition)
7078 */
7081 }
7083 /*
7084 * the Deleted Objects container has isDeleted set but is not entirely
7085 * a deleted object, so DON'T re-apply isDeleted to it
7086 */
7089 }
7092 }
7094 /*
7095 * This is essentially a wrapper for replmd_replicated_apply_next()
7096 *
7097 * This is needed to ensure that both codepaths call this handler.
7098 */
7100 {
7112 /* nothing to do */
7115 }
7117 /*
7118 * Do a delete here again, so that if there is
7119 * anything local that conflicts with this
7120 * object being deleted, it is removed. This
7121 * includes links. See MS-DRSR 4.1.10.6.9
7122 * UpdateObject.
7123 *
7124 * If the object is already deleted, and there
7125 * is no more work required, it doesn't do
7126 * anything.
7127 */
7129 /* This has been updated to point to the DN we eventually did the modify on */
7135 }
7142 }
7144 /* Build a delete request, which hopefully will artually turn into nothing */
7147 NULL,
7148 res,
7149 ldb_modify_default_callback,
7155 }
7157 /*
7158 * This is the guts of the call, call back
7159 * into our delete code, but setting the
7160 * re_delete flag so we delete anything that
7161 * shouldn't be there on a deleted or recycled
7162 * object
7163 */
7167 }
7172 }
7176 }
7180 {
7188 LDB_ERR_OPERATIONS_ERROR);
7189 }
7193 }
7198 LDB_ERR_OPERATIONS_ERROR);
7199 }
7204 }
7207 {
7226 NTTIME now;
7240 /* this happens for a REPL_OBJ call where we are
7241 creating the target object by replicating it. The
7242 subdomain join code does this for the partition DN
7243 */
7246 }
7253 }
7255 /*
7256 * first create the new replUpToDateVector
7257 */
7265 }
7269 }
7270 }
7272 /*
7273 * the new uptodateness vector will at least
7274 * contain 1 entry, one for the source_dsa
7275 *
7276 * plus optional values from our old vector and the one from the source_dsa
7277 */
7283 if (!nuv.ctr.ctr2.cursors) return replmd_replicated_request_werror(ar, WERR_NOT_ENOUGH_MEMORY);
7285 /* first copy the old vector */
7288 ni++;
7289 }
7291 /* merge in the source_dsa vector is available */
7298 }
7304 }
7310 }
7312 }
7316 /* if it's not there yet, add it */
7318 ni++;
7319 }
7321 /*
7322 * finally correct the size of the cursors array
7323 */
7326 /*
7327 * sort the cursors
7328 */
7331 /*
7332 * create the change ldb_message
7333 */
7343 }
7347 }
7350 /*
7351 * now create the new repsFrom value from the given repsFromTo1 structure
7352 */
7360 /*
7361 * first see if we already have a repsFrom value for the current source dsa
7362 * if so we'll later replace this value
7363 */
7377 }
7381 }
7383 /*
7384 * we compare the source dsa objectGUID not the invocation_id
7385 * because we want only one repsFrom value per source dsa
7386 * and when the invocation_id of the source dsa has changed we don't need
7387 * the old repsFrom with the old invocation_id
7388 */
7393 }
7398 }
7400 /*
7401 * copy over all old values to the new ldb_message
7402 */
7406 }
7408 /*
7409 * if we haven't found an old repsFrom value for the current source dsa
7410 * we'll add a new value
7411 */
7419 }
7421 /* we now fill the value which is already attached to ldb_message */
7428 }
7430 /*
7431 * the ldb_message_element for the attribute, has all the old values and the new one
7432 * so we'll replace the whole attribute with all values
7433 */
7438 LDB_CHANGETYPE_MODIFY,
7439 msg);
7442 }
7444 /* prepare the ldb_modify() request */
7446 ldb,
7447 ar,
7448 msg,
7450 ar,
7451 replmd_replicated_uptodate_modify_callback,
7457 }
7461 {
7468 LDB_ERR_OPERATIONS_ERROR);
7469 }
7474 }
7482 /* we ignore referrals */
7489 }
7490 }
7494 }
7498 {
7508 NULL
7509 };
7514 /*
7515 * Let the caller know that we did an originating updates
7516 */
7520 ldb,
7521 ar,
7523 LDB_SCOPE_BASE,
7525 attrs,
7526 NULL,
7527 ar,
7528 replmd_replicated_uptodate_search_callback,
7534 }
7538 static int replmd_extended_replicated_objects(struct ldb_module *module, struct ldb_request *req)
7539 {
7552 ldb_debug(ldb, LDB_DEBUG_FATAL, "replmd_extended_replicated_objects: invalid extended data\n");
7554 }
7557 ldb_debug(ldb, LDB_DEBUG_FATAL, "replmd_extended_replicated_objects: extended data invalid version [%u != %u]\n",
7560 }
7566 /* Set the flags to have the replmd_op_callback run over the full set of objects */
7575 }
7583 }
7588 }
7590 /* If this change contained linked attributes in the body
7591 * (rather than in the links section) we need to update
7592 * backlinks in linked_attributes */
7596 }
7602 }
7604 /**
7605 * Checks how to handle an missing target - either we need to fail the
7606 * replication and retry with GET_TGT, ignore the link and continue, or try to
7607 * add a partial link to an unknown target.
7608 */
7618 {
7622 /*
7623 * we may not be able to resolve link targets properly when
7624 * dealing with subsets of objects, e.g. the source is a
7625 * critical object and the target isn't
7626 *
7627 * TODO:
7628 * When we implement Trusted Domains we need to consider
7629 * whether they get treated as an incomplete replica here or not
7630 */
7633 /*
7634 * Ignore the link. We don't increase the highwater-mark in
7635 * the object subset cases, so subsequent replications should
7636 * resolve any missing links
7637 */
7643 }
7646 mem_ctx,
7647 source_dn,
7648 target_dn);
7650 /*
7651 * We allow the join.py code to point out that all
7652 * replication is completed, so failing now would just
7653 * trigger errors, rather than trigger a GET_TGT
7654 */
7657 DSDB_FULL_JOIN_REPLICATION_COMPLETED_OPAQUE_NAME),
7661 /*
7662 * if the target is already be up-to-date there's no point in
7663 * retrying. This could be due to bad timing, or if a target
7664 * on a one-way link was deleted. We ignore the link rather
7665 * than failing the replication cycle completely
7666 */
7675 }
7677 /* otherwise fail the replication and retry with GET_TGT */
7679 missing_str,
7684 }
7686 /*
7687 * The target of the cross-partition link is missing. Continue
7688 * and try to at least add the forward-link. This isn't great,
7689 * but a partial link can be fixed by dbcheck, so it's better
7690 * than dropping the link completely.
7691 */
7696 /*
7697 * Only log this when we're actually committing the objects.
7698 * This avoids spurious logs, i.e. if we're just verifying the
7699 * received link during a join.
7700 */
7704 }
7707 }
7709 /**
7710 * Checks that the target object for a linked attribute exists.
7711 * @param guid returns the target object's GUID (is returned)if it exists)
7712 * @param ignore_link set to true if the linked attribute should be ignored
7713 * (i.e. the target doesn't exist, but that it's OK to skip the link)
7714 */
7722 {
7728 NTSTATUS ntstatus;
7738 /*
7739 * This strange behaviour (allowing a NULL/missing
7740 * GUID) originally comes from:
7741 *
7742 * commit e3054ce0fe0f8f62d2f5b2a77893e7a1479128bd
7743 * Author: Andrew Tridgell <tridge@samba.org>
7744 * Date: Mon Dec 21 21:21:55 2009 +1100
7745 *
7746 * s4-drs: cope better with NULL GUIDS from DRS
7747 *
7748 * It is valid to get a NULL GUID over DRS for a deleted forward link. We
7749 * need to match by DN if possible when seeing if we should update an
7750 * existing link.
7751 *
7752 * Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
7753 */
7756 DSDB_FLAG_NEXT_MODULE |
7757 DSDB_SEARCH_SHOW_RECYCLED |
7758 DSDB_SEARCH_SEARCH_ALL_PARTITIONS |
7759 DSDB_SEARCH_SHOW_DN_IN_STORAGE_FORMAT,
7760 NULL);
7762 ldb_asprintf_errstring(ldb, "Failed to find GUID in linked attribute 0x%x blob for %s from %s",
7771 attrs,
7772 DSDB_FLAG_NEXT_MODULE |
7773 DSDB_SEARCH_SHOW_RECYCLED |
7774 DSDB_SEARCH_SEARCH_ALL_PARTITIONS |
7775 DSDB_SEARCH_SHOW_DN_IN_STORAGE_FORMAT,
7776 NULL,
7779 }
7787 }
7791 /*
7792 * target object is unknown. Check whether to ignore the link,
7793 * fail the replication, or add a partial link
7794 */
7809 /* Get the object's state (i.e. Not Deleted, Tombstone, etc) */
7813 /*
7814 * Check for deleted objects as per MS-DRSR 4.1.10.6.14
7815 * ProcessLinkValue(). Link updates should not be sent for
7816 * recycled and tombstone objects (deleting the links should
7817 * happen when we delete the object). This probably means our
7818 * copy of the target object isn't up to date.
7819 */
7822 /*
7823 * target object is deleted. Check whether to ignore the
7824 * link, fail the replication, or add a partial link
7825 */
7831 }
7832 }
7836 }
7838 /**
7839 * Extracts the key details about the source object for a
7840 * linked-attribute entry.
7841 * This returns the following details:
7842 * @param ret_attr the schema details for the linked attribute
7843 * @param source_msg the search result for the source object
7844 */
7850 {
7859 /*
7860 linked_attributes[0]:
7861 &objs->linked_attributes[i]: struct drsuapi_DsReplicaLinkedAttribute
7862 identifier : *
7863 identifier: struct drsuapi_DsReplicaObjectIdentifier
7864 __ndr_size : 0x0000003a (58)
7865 __ndr_size_sid : 0x00000000 (0)
7866 guid : 8e95b6a9-13dd-4158-89db-3220a5be5cc7
7867 sid : S-0-0
7868 __ndr_size_dn : 0x00000000 (0)
7869 dn : ''
7870 attid : DRSUAPI_ATTID_member (0x1F)
7871 value: struct drsuapi_DsAttributeValue
7872 __ndr_size : 0x0000007e (126)
7873 blob : *
7874 blob : DATA_BLOB length=126
7875 flags : 0x00000001 (1)
7876 1: DRSUAPI_DS_LINKED_ATTRIBUTE_FLAG_ACTIVE
7877 originating_add_time : Wed Sep 2 22:20:01 2009 EST
7878 meta_data: struct drsuapi_DsReplicaMetaData
7879 version : 0x00000015 (21)
7880 originating_change_time : Wed Sep 2 23:39:07 2009 EST
7881 originating_invocation_id: 794640f3-18cf-40ee-a211-a93992b67a64
7882 originating_usn : 0x000000000001e19c (123292)
7884 (for cases where the link is to a normal DN)
7885 &target: struct drsuapi_DsReplicaObjectIdentifier3
7886 __ndr_size : 0x0000007e (126)
7887 __ndr_size_sid : 0x0000001c (28)
7888 guid : 7639e594-db75-4086-b0d4-67890ae46031
7889 sid : S-1-5-21-2848215498-2472035911-1947525656-19924
7890 __ndr_size_dn : 0x00000022 (34)
7891 dn : 'CN=UOne,OU=TestOU,DC=vsofs8,DC=com'
7892 */
7894 /* find the attribute being modified */
7903 }
7905 /*
7906 * All attributes listed here must be dealt with in some way
7907 * by replmd_process_linked_attribute() otherwise in the case
7908 * of isDeleted: FALSE the modify will fail with:
7909 *
7910 * Failed to apply linked attribute change 'attribute 'isDeleted':
7911 * invalid modify flags on
7912 * 'CN=g1_1527570609273,CN=Users,DC=samba,DC=example,DC=com':
7913 * 0x0'
7914 *
7915 * This is because isDeleted is a Boolean, so FALSE is a
7916 * legitimate value (set by Samba's deletetest.py)
7917 */
7923 /*
7924 * get the existing message from the db for the object with
7925 * this GUID, returning attribute being modified. We will then
7926 * use this msg as the basis for a modify call
7927 */
7929 DSDB_FLAG_NEXT_MODULE |
7930 DSDB_SEARCH_SEARCH_ALL_PARTITIONS |
7931 DSDB_SEARCH_SHOW_RECYCLED |
7932 DSDB_SEARCH_SHOW_DN_IN_STORAGE_FORMAT |
7933 DSDB_SEARCH_REVEAL_INTERNALS,
7934 NULL,
7938 }
7943 }
7949 }
7951 /**
7952 * Verifies the target object is known for a linked attribute
7953 */
7959 {
7965 WERROR status;
7970 /* the value blob for the attribute holds the target object DN */
7979 }
7981 /*
7982 * We can skip the target object checks if we're only syncing critical
7983 * objects, or we know the target is up-to-date. If either case, we
7984 * still continue even if the target doesn't exist
7985 */
7991 }
7993 /*
7994 * When we fail to find the target object, the error code we pass
7995 * back here is really important. It flags back to the callers to
7996 * retry this request with DRSUAPI_DRS_GET_TGT
7997 */
8000 }
8003 }
8005 /**
8006 * Finds the current active Parsed-DN value for a single-valued linked
8007 * attribute, if one exists.
8008 * @param ret_pdn assigned the active Parsed-DN, or NULL if none was found
8009 * @returns LDB_SUCCESS (regardless of whether a match was found), unless
8010 * an error occurred
8011 */
8018 {
8025 /* nothing to do for multi-valued linked attributes */
8027 }
8033 /* skip any inactive links */
8036 }
8038 /* we've found an active value for this attribute */
8046 }
8049 }
8051 /* no active link found */
8053 }
8055 /**
8056 * @returns true if the replication linked attribute info is newer than we
8057 * already have in our DB
8058 * @param pdn the existing linked attribute info in our DB
8059 * @param la the new linked attribute info received during replication
8060 */
8063 {
8064 /* see if this update is newer than what we have already */
8071 /* no existing info so update is newer */
8073 }
8081 version,
8083 change_time,
8085 }
8087 /**
8088 * Marks an existing linked attribute value as deleted in the DB
8089 * @param pdn the parsed-DN of the target-value to delete
8090 */
8102 {
8105 NTTIME now;
8115 }
8117 /* if the existing link is active, remove its backlink */
8120 /*
8121 * NOTE WELL: After this we will never (at runtime) be
8122 * able to find this forward link (for instant
8123 * removal) if/when the link target is deleted.
8124 *
8125 * We have dbcheck rules to cover this and cope otherwise
8126 * by filtering at runtime (i.e. in the extended_dn module).
8127 */
8133 }
8134 }
8136 /* mark the existing value as deleted */
8141 }
8143 /**
8144 * Checks for a conflict in single-valued link attributes, and tries to
8145 * resolve the problem if possible.
8146 *
8147 * Single-valued links should only ever have one active value. If we already
8148 * have an active link value, and during replication we receive an active link
8149 * value for a different target DN, then we need to resolve this inconsistency
8150 * and determine which value should be active. If the received info is better/
8151 * newer than the existing link attribute, then we need to set our existing
8152 * link as deleted. If the received info is worse/older, then we should continue
8153 * to add it, but set it as an inactive link.
8154 *
8155 * Note that this is a corner-case that is unlikely to happen (but if it does
8156 * happen, we don't want it to break replication completely).
8157 *
8158 * @param pdn_being_modified the parsed DN corresponding to the received link
8159 * target (note this is NULL if the link does not already exist in our DB)
8160 * @param pdn_list all the source object's Parsed-DNs for this attribute, i.e.
8161 * any existing active or inactive values for the attribute in our DB.
8162 * @param dsdb_dn the target DN for the received link attribute
8163 * @param add_as_inactive gets set to true if the received link is worse than
8164 * the existing link - it should still be added, but as an inactive link.
8165 */
8179 {
8184 /*
8185 * check if there's a conflict for single-valued links, i.e. an active
8186 * linked attribute already exists, but it has a different target value
8187 */
8194 }
8196 /*
8197 * If no active value exists (or the received info is for the currently
8198 * active value), then no conflict exists
8199 */
8202 }
8207 /* Work out how to resolve the conflict based on which info is better */
8215 /*
8216 * Delete our existing active link. The received info will then
8217 * be added (through normal link processing) as the active value
8218 */
8227 }
8233 /*
8234 * we want to keep our existing active link and add the
8235 * received link as inactive
8236 */
8238 }
8241 }
8243 /**
8244 * Processes one linked attribute received via replication.
8245 * @param src_dn the DN of the source object for the link
8246 * @param attr schema info for the linked attribute
8247 * @param la_entry the linked attribute info received via DRS
8248 * @param element_ctx mem context for msg->element[] (when adding a new value
8249 * we need to realloc old_el->values)
8250 * @param old_el the corresponding msg->element[] for the linked attribute
8251 * @param pdn_list a (binary-searchable) parsed DN array for the existing link
8252 * values in the msg. E.g. for a group, this is the existing members.
8253 * @param change what got modified: either nothing, an existing link value was
8254 * modified, or a new link value was added.
8255 * @returns LDB_SUCCESS if OK, an error otherwise
8256 */
8268 {
8282 WERROR status;
8286 /* the value blob for the attribute holds the target object DN */
8295 }
8302 }
8304 /*
8305 * there are some cases where the target object doesn't exist, but it's
8306 * OK to ignore the linked attribute
8307 */
8310 }
8312 /* see if this link already exists */
8322 }
8329 }
8331 /* get a seq_num for this change */
8335 }
8337 /*
8338 * check for single-valued link conflicts, i.e. an active linked
8339 * attribute already exists, but it has a different target value
8340 */
8346 seq_num,
8350 }
8351 }
8357 /* remove the existing backlink */
8359 schema,
8360 src_dn,
8362 parent);
8365 }
8366 }
8375 /*
8376 * We know where the new one needs to be, from the *next
8377 * pointer into pdn_list.
8378 */
8387 }
8388 }
8392 }
8393 }
8400 }
8405 }
8412 }
8414 /* set the link attribute's value to the info that was received */
8423 }
8427 /* Set the new link as inactive/deleted to avoid conflicts */
8431 val_to_update);
8435 }
8439 /* if the new link is active, then add the new backlink */
8441 schema,
8442 src_dn,
8444 parent);
8447 }
8448 }
8453 }
8458 }
8461 {
8464 }
8467 }
8470 /*
8471 we hook into the transaction operations to allow us to
8472 perform the linked attribute updates at the end of the whole
8473 transaction. This allows a forward linked attribute to be created
8474 before the object is created. During a vampire, w2k8 sends us linked
8475 attributes before the objects they are part of.
8476 */
8478 {
8479 /* create our private structure for this transaction */
8484 /* free any leftover mod_usn records from cancelled
8485 transactions */
8490 }
8495 }
8497 /**
8498 * Processes a group of linked attributes that apply to the same source-object
8499 * and attribute-ID (and were received in the same replication chunk).
8500 */
8504 {
8516 replmd_link_changed change_type;
8524 }
8526 /*
8527 * get the attribute being modified and the search result for the
8528 * source object
8529 */
8535 }
8537 /*
8538 * Check for deleted objects per MS-DRSR 4.1.10.6.14
8539 * ProcessLinkValue, because link updates are not applied to
8540 * recycled and tombstone objects. We don't have to delete
8541 * any existing link, that should have happened when the
8542 * object deletion was replicated or initiated.
8543 *
8544 * This needs isDeleted and isRecycled to be included as
8545 * attributes in the search and so in msg if set.
8546 */
8552 }
8554 /*
8555 * Now that we know the deletion_state, remove the extra
8556 * attributes added for that purpose. We need to do this
8557 * otherwise in the case of isDeleted: FALSE the modify will
8558 * fail with:
8559 *
8560 * Failed to apply linked attribute change 'attribute 'isDeleted':
8561 * invalid modify flags on
8562 * 'CN=g1_1527570609273,CN=Users,DC=samba,DC=example,DC=com':
8563 * 0x0'
8564 *
8565 * This is because isDeleted is a Boolean, so FALSE is a
8566 * legitimate value (set by Samba's deletetest.py)
8567 */
8571 /* get the msg->element[] for the link attribute being processed */
8579 }
8582 }
8584 /*
8585 * go through and process the link target value(s) for this particular
8586 * source object and attribute. For optimization, the same msg is used
8587 * across multiple calls to replmd_process_linked_attribute().
8588 * Note that we should not add or remove any msg attributes inside the
8589 * loop (we should only add/modify *values* for the attribute being
8590 * processed). Otherwise msg->elements is realloc'd and old_el/pdn_list
8591 * pointers will be invalidated
8592 */
8597 /*
8598 * parse the existing links (this can be costly for a large
8599 * group, so we try to minimize the times we do it)
8600 */
8603 replmd_private,
8607 NULL);
8611 }
8612 }
8614 replmd_private,
8621 }
8623 /*
8624 * Adding a link reallocs memory, and so invalidates all the
8625 * pointers in pdn_list. Reparse the PDNs on the next loop
8626 */
8629 }
8632 num_changes++;
8633 }
8639 }
8640 }
8642 /*
8643 * it's possible we're already up-to-date and so don't need to modify
8644 * the object at all (e.g. doing a 'drs replicate --full-sync')
8645 */
8649 }
8651 /*
8652 * Note that adding the whenChanged/etc attributes below will realloc
8653 * msg->elements, invalidating the existing element/parsed-DN pointers
8654 */
8658 /* update whenChanged/uSNChanged as the object has changed */
8664 }
8670 }
8676 }
8678 /* apply the link changes to the source object */
8682 "Failed to apply linked attribute change "
8689 }
8693 }
8695 /*
8696 on prepare commit we loop over our queued la_context structures and
8697 apply each of them
8698 */
8700 {
8708 }
8710 /*
8711 * Walk the list of linked attributes from DRS replication.
8712 *
8713 * We walk backwards, to do the first entry first, as we
8714 * added the entries with DLIST_ADD() which puts them at the
8715 * start of the list
8716 *
8717 * Links are grouped together so we process links for the same
8718 * source object in one go.
8719 */
8727 la_group);
8731 }
8732 }
8736 /* possibly change @REPLCHANGED */
8740 }
8743 }
8746 {
8752 }
8766 };
8769 {
8772 }