diff --git a/source4/rpc_server/backupkey/dcesrv_backupkey.c b/source4/rpc_server/backupkey/dcesrv_backupkey.c index 5d182ea4211..0eda3ce7018 100644 --- a/source4/rpc_server/backupkey/dcesrv_backupkey.c +++ b/source4/rpc_server/backupkey/dcesrv_backupkey.c @@ -62,8 +62,7 @@ static NTSTATUS set_lsa_secret(TALLOC_CTX *mem_ctx, TALLOC_CTX *frame = talloc_stackframe(); struct ldb_message *msg; struct ldb_result *res; - struct ldb_dn *domain_dn; - struct ldb_dn *system_dn; + struct ldb_dn *system_dn = NULL; struct ldb_val val; int ret; char *name2; @@ -73,12 +72,6 @@ static NTSTATUS set_lsa_secret(TALLOC_CTX *mem_ctx, NULL }; - domain_dn = ldb_get_default_basedn(ldb); - if (!domain_dn) { - talloc_free(frame); - return NT_STATUS_INTERNAL_ERROR; - } - msg = ldb_msg_new(frame); if (msg == NULL) { talloc_free(frame); @@ -95,12 +88,17 @@ static NTSTATUS set_lsa_secret(TALLOC_CTX *mem_ctx, * * taillor the function to the particular needs of backup protocol */ - system_dn = samdb_search_dn(ldb, msg, domain_dn, "(&(objectClass=container)(cn=System))"); + system_dn = ldb_dn_copy(frame, ldb_get_default_basedn(ldb)); if (system_dn == NULL) { talloc_free(frame); return NT_STATUS_NO_MEMORY; } + if (!ldb_dn_add_child_fmt(system_dn, "CN=System")) { + talloc_free(frame); + return NT_STATUS_NO_MEMORY; + } + name2 = talloc_asprintf(msg, "%s Secret", name); if (name2 == NULL) { talloc_free(frame); @@ -186,8 +184,7 @@ static NTSTATUS get_lsa_secret(TALLOC_CTX *mem_ctx, { TALLOC_CTX *tmp_mem; struct ldb_result *res; - struct ldb_dn *domain_dn; - struct ldb_dn *system_dn; + struct ldb_dn *system_dn = NULL; const struct ldb_val *val; uint8_t *data; const char *attrs[] = { @@ -199,22 +196,22 @@ static NTSTATUS get_lsa_secret(TALLOC_CTX *mem_ctx, lsa_secret->data = NULL; lsa_secret->length = 0; - domain_dn = ldb_get_default_basedn(ldb); - if (!domain_dn) { - return NT_STATUS_INTERNAL_ERROR; - } - tmp_mem = talloc_new(mem_ctx); if (tmp_mem == NULL) { return NT_STATUS_NO_MEMORY; } - system_dn = samdb_search_dn(ldb, tmp_mem, domain_dn, "(&(objectClass=container)(cn=System))"); + system_dn = ldb_dn_copy(tmp_mem, ldb_get_default_basedn(ldb)); if (system_dn == NULL) { talloc_free(tmp_mem); return NT_STATUS_NO_MEMORY; } + if (!ldb_dn_add_child_fmt(system_dn, "CN=System")) { + talloc_free(tmp_mem); + return NT_STATUS_NO_MEMORY; + } + ret = ldb_search(ldb, mem_ctx, &res, system_dn, LDB_SCOPE_SUBTREE, attrs, "(&(cn=%s Secret)(objectclass=secret))", ldb_binary_encode_string(tmp_mem, name)); diff --git a/source4/rpc_server/lsa/lsa_init.c b/source4/rpc_server/lsa/lsa_init.c index 689634b9706..62aa638f4f5 100644 --- a/source4/rpc_server/lsa/lsa_init.c +++ b/source4/rpc_server/lsa/lsa_init.c @@ -146,10 +146,13 @@ NTSTATUS dcesrv_lsa_get_policy_state(struct dcesrv_call_state *dce_call, /* work out the system_dn - useful for so many calls its worth fetching here */ - state->system_dn = samdb_search_dn(state->sam_ldb, state, - state->domain_dn, "(&(objectClass=container)(cn=System))"); - if (!state->system_dn) { - return NT_STATUS_NO_SUCH_DOMAIN; + state->system_dn = ldb_dn_copy(state, state->domain_dn); + if (state->system_dn == NULL) { + return NT_STATUS_NO_MEMORY; + } + + if (!ldb_dn_add_child_fmt(state->system_dn, "CN=System")) { + return NT_STATUS_NO_MEMORY; } state->builtin_sid = dom_sid_parse_talloc(state, SID_BUILTIN); diff --git a/source4/rpc_server/netlogon/dcerpc_netlogon.c b/source4/rpc_server/netlogon/dcerpc_netlogon.c index dc2167f08b2..bb1a08be9db 100644 --- a/source4/rpc_server/netlogon/dcerpc_netlogon.c +++ b/source4/rpc_server/netlogon/dcerpc_netlogon.c @@ -3941,11 +3941,13 @@ static WERROR fill_trusted_domains_array(TALLOC_CTX *mem_ctx, return WERR_INVALID_FLAGS; } - system_dn = samdb_search_dn(sam_ctx, mem_ctx, - ldb_get_default_basedn(sam_ctx), - "(&(objectClass=container)(cn=System))"); - if (!system_dn) { - return WERR_GEN_FAILURE; + system_dn = ldb_dn_copy(mem_ctx, ldb_get_default_basedn(sam_ctx)); + if (system_dn == NULL) { + return WERR_NOT_ENOUGH_MEMORY; + } + + if (!ldb_dn_add_child_fmt(system_dn, "CN=System")) { + return WERR_NOT_ENOUGH_MEMORY; } ret = gendb_search(sam_ctx, mem_ctx, system_dn,