sin/samba-mirror
1
0
Fork 0
mirror of https://github.com/samba-team/samba.git synced 2025-03-01 04:58:35 +03:00
Code

s4-drsuapi: Give an error that matches windows on destination_dsa_guid lookup failure

Browse Source 
BUG: https://bugzilla.samba.org/show_bug.cgi?id=10635

Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>

Autobuild-User(master): Stefan Metzmacher <metze@samba.org>
Autobuild-Date(master): Tue Jan 31 13:43:54 UTC 2023 on atb-devel-224
This commit is contained in:
Andrew Bartlett 2023-01-25 15:24:57 +13:00 committed by Stefan Metzmacher
parent 1838f349c9
commit 0f2978bbc0
2 changed files with 12 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
selftest/knownfail.d/getncchanges
View File

@ -4,5 +4,3 @@ samba4.drs.getncchanges.python\(promoted_dc\).getncchanges.DrsReplicaSyncIntegri
samba4.drs.getncchanges.python\(promoted_dc\).getncchanges.DrsReplicaSyncIntegrityTestCase.test_repl_get_tgt_chain\(promoted_dc\)
samba4.drs.getncchanges.python\(promoted_dc\).getncchanges.DrsReplicaSyncIntegrityTestCase.test_repl_get_tgt_and_anc\(promoted_dc\)
samba4.drs.getncchanges.python\(promoted_dc\).getncchanges.DrsReplicaSyncIntegrityTestCase.test_repl_get_tgt_multivalued_links\(promoted_dc\)
# New tests for GetNCChanges with a GUID and a bad DN, like Azure AD Cloud Sync
^samba4.drs.getnc_exop.python\(.*\).getnc_exop.DrsReplicaSyncTestCase.test_DummyDN_valid_GUID_REPL_SECRET

14
source4/rpc_server/drsuapi/getncchanges.c
View File

@ -1201,6 +1201,7 @@ static WERROR getncchanges_repl_secret(struct drsuapi_bind_state *b_state,
const char *obj_attrs[] = { "tokenGroups", "objectSid", "UserAccountControl", "msDS-KrbTgtLinkBL", NULL };
struct ldb_result *rodc_res = NULL, *obj_res = NULL;
WERROR werr;
struct GUID_txt_buf guid_buf;
DEBUG(3,(__location__ ": DRSUAPI_EXOP_REPL_SECRET extended op on %s\n",
drs_ObjectIdentifier_to_debug_string(mem_ctx, ncRoot)));
@ -1231,7 +1232,7 @@ static WERROR getncchanges_repl_secret(struct drsuapi_bind_state *b_state,
ntds_attrs,
&ntds_msg);
if (ret != LDB_SUCCESS) {
goto failed;
goto dest_dsa_error;
}
ntds_dn = ntds_msg->dn;
@ -1245,7 +1246,7 @@ static WERROR getncchanges_repl_secret(struct drsuapi_bind_state *b_state,
"serverReference", machine_dn);
if (ret != LDB_SUCCESS) {
goto failed;
goto dest_dsa_error;
}
/*
@ -1346,6 +1347,15 @@ failed:
ldb_dn_get_linearized(obj_dn), dom_sid_string(mem_ctx, user_sid)));
ctr6->extended_ret = DRSUAPI_EXOP_ERR_NONE;
return WERR_DS_DRA_BAD_DN;
dest_dsa_error:
DBG_WARNING("Failed secret replication for %s by RODC %s as dest_dsa_guid %s is invalid\n",
ldb_dn_get_linearized(obj_dn),
dom_sid_string(mem_ctx, user_sid),
GUID_buf_string(&req10->destination_dsa_guid,
&guid_buf));
ctr6->extended_ret = DRSUAPI_EXOP_ERR_NONE;
return WERR_DS_DRA_DB_ERROR;
}
/*