Get MungedDial actually working with full TS strings in it for pdb_ldap.

I know this isn't pretty, but neither was our assumption that all strings
from the directory fit inside a pstring.  There was no way this worked
before will all versions of usrmgr (for example, the only version of
mine that has the TS Confic button).
(This used to be commit d275c0e384db08c2a6efc28e52844f676ff71fb6)

source3/include/smbldap.h

@@ -120,7 +120,10 @@ void smbldap_make_mod(LDAP *ldap_struct, LDAPMessage *existing,
 		      LDAPMod ***mods,
 		      const char *attribute, const char *newval);
 BOOL smbldap_get_single_attribute (LDAP * ldap_struct, LDAPMessage * entry,
-				   const char *attribute, pstring value);
+				   const char *attribute, char *value,
+				   int max_len);
+BOOL smbldap_get_single_pstring (LDAP * ldap_struct, LDAPMessage * entry,
+				 const char *attribute, pstring value);
 
 /**
  * Struct to keep the state for all the ldap stuff 

source3/lib/smbldap.c

@@ -290,7 +290,8 @@ static BOOL fetch_ldap_pw(char **dn, char** pw)
 ******************************************************************/
 
  BOOL smbldap_get_single_attribute (LDAP * ldap_struct, LDAPMessage * entry,
-				   const char *attribute, pstring value)
+				    const char *attribute, char *value,
+				    int max_len)
 {
 	char **values;
 	
@@ -305,7 +306,7 @@ static BOOL fetch_ldap_pw(char **dn, char** pw)
 		return False;
 	}
 	
-	if (convert_string(CH_UTF8, CH_UNIX,values[0], -1, value, sizeof(pstring)) == (size_t)-1) {
+	if (convert_string(CH_UTF8, CH_UNIX,values[0], -1, value, max_len) == (size_t)-1) {
 		DEBUG(1, ("smbldap_get_single_attribute: string conversion of [%s] = [%s] failed!\n", 
 			  attribute, values[0]));
 		ldap_value_free(values);
@@ -319,6 +320,14 @@ static BOOL fetch_ldap_pw(char **dn, char** pw)
 	return True;
 }
 
+ BOOL smbldap_get_single_pstring (LDAP * ldap_struct, LDAPMessage * entry,
+				  const char *attribute, pstring value)
+{
+	return smbldap_get_single_attribute(ldap_struct, entry,
+					    attribute, value, 
+					    sizeof(pstring));
+}
+
 /************************************************************************
  Routine to manage the LDAPMod structure array
  manage memory used by the array, by each struct, and values
@@ -415,11 +424,11 @@ static BOOL fetch_ldap_pw(char **dn, char** pw)
 		      LDAPMod ***mods,
 		      const char *attribute, const char *newval)
 {
-	pstring oldval;
+	char oldval[2048]; /* current largest allowed value is mungeddial */
 	BOOL existed;
 
 	if (existing != NULL) {
-		existed = smbldap_get_single_attribute(ldap_struct, existing, attribute, oldval);
+		existed = smbldap_get_single_attribute(ldap_struct, existing, attribute, oldval, sizeof(oldval));
 	} else {
 		existed = False;
 		*oldval = '\0';

source3/passdb/pdb_ldap.c

@@ -368,13 +368,13 @@ static BOOL get_unix_attributes (struct ldapsam_privates *ldap_state,
 	}
 	ldap_value_free(ldap_values);
 
-	if ( !smbldap_get_single_attribute(ldap_state->smbldap_state->ldap_struct, entry, 
+	if ( !smbldap_get_single_pstring(ldap_state->smbldap_state->ldap_struct, entry, 
 		get_userattr_key2string(ldap_state->schema_ver, LDAP_ATTR_UNIX_HOME), homedir) ) 
 	{
 		return False;
 	}
 	
-	if ( !smbldap_get_single_attribute(ldap_state->smbldap_state->ldap_struct, entry, 
+	if ( !smbldap_get_single_pstring(ldap_state->smbldap_state->ldap_struct, entry, 
 		get_userattr_key2string(ldap_state->schema_ver, LDAP_ATTR_GIDNUMBER), temp) )
 	{
 		return False;
@@ -454,7 +454,7 @@ static BOOL init_sam_from_ldap (struct ldapsam_privates *ldap_state,
 		return False;
 	}
 	
-	if (!smbldap_get_single_attribute(ldap_state->smbldap_state->ldap_struct, entry, "uid", username)) {
+	if (!smbldap_get_single_pstring(ldap_state->smbldap_state->ldap_struct, entry, "uid", username)) {
 		DEBUG(1, ("init_sam_from_ldap: No uid attribute found for this user!\n"));
 		return False;
 	}
@@ -473,25 +473,25 @@ static BOOL init_sam_from_ldap (struct ldapsam_privates *ldap_state,
 	/* deal with different attributes between the schema first */
 	
 	if ( ldap_state->schema_ver == SCHEMAVER_SAMBASAMACCOUNT ) {
-		if (smbldap_get_single_attribute(ldap_state->smbldap_state->ldap_struct, entry, 
+		if (smbldap_get_single_pstring(ldap_state->smbldap_state->ldap_struct, entry, 
 				get_userattr_key2string(ldap_state->schema_ver, LDAP_ATTR_USER_SID), temp)) {
 			pdb_set_user_sid_from_string(sampass, temp, PDB_SET);
 		}
 		
-		if (smbldap_get_single_attribute(ldap_state->smbldap_state->ldap_struct, entry, 
+		if (smbldap_get_single_pstring(ldap_state->smbldap_state->ldap_struct, entry, 
 				get_userattr_key2string(ldap_state->schema_ver, LDAP_ATTR_PRIMARY_GROUP_SID), temp)) {
 			pdb_set_group_sid_from_string(sampass, temp, PDB_SET);			
 		} else {
 			pdb_set_group_sid_from_rid(sampass, DOMAIN_GROUP_RID_USERS, PDB_DEFAULT);
 		}
 	} else {
-		if (smbldap_get_single_attribute(ldap_state->smbldap_state->ldap_struct, entry,
+		if (smbldap_get_single_pstring(ldap_state->smbldap_state->ldap_struct, entry,
 				get_userattr_key2string(ldap_state->schema_ver, LDAP_ATTR_USER_RID), temp)) {
 			user_rid = (uint32)atol(temp);
 			pdb_set_user_sid_from_rid(sampass, user_rid, PDB_SET);
 		}
 		
-		if (!smbldap_get_single_attribute(ldap_state->smbldap_state->ldap_struct, entry, 
+		if (!smbldap_get_single_pstring(ldap_state->smbldap_state->ldap_struct, entry, 
 				get_userattr_key2string(ldap_state->schema_ver, LDAP_ATTR_PRIMARY_GROUP_RID), temp)) {
 			pdb_set_group_sid_from_rid(sampass, DOMAIN_GROUP_RID_USERS, PDB_DEFAULT);
 		} else {
@@ -539,7 +539,7 @@ static BOOL init_sam_from_ldap (struct ldapsam_privates *ldap_state,
 	}
 #endif
 
-	if (!smbldap_get_single_attribute(ldap_state->smbldap_state->ldap_struct, entry, 
+	if (!smbldap_get_single_pstring(ldap_state->smbldap_state->ldap_struct, entry, 
 			get_userattr_key2string(ldap_state->schema_ver, LDAP_ATTR_PWD_LAST_SET), temp)) {
 		/* leave as default */
 	} else {
@@ -547,7 +547,7 @@ static BOOL init_sam_from_ldap (struct ldapsam_privates *ldap_state,
 		pdb_set_pass_last_set_time(sampass, pass_last_set_time, PDB_SET);
 	}
 
-	if (!smbldap_get_single_attribute(ldap_state->smbldap_state->ldap_struct, entry, 
+	if (!smbldap_get_single_pstring(ldap_state->smbldap_state->ldap_struct, entry, 
 			get_userattr_key2string(ldap_state->schema_ver, LDAP_ATTR_LOGON_TIME), temp)) {
 		/* leave as default */
 	} else {
@@ -555,7 +555,7 @@ static BOOL init_sam_from_ldap (struct ldapsam_privates *ldap_state,
 		pdb_set_logon_time(sampass, logon_time, PDB_SET);
 	}
 
-	if (!smbldap_get_single_attribute(ldap_state->smbldap_state->ldap_struct, entry, 
+	if (!smbldap_get_single_pstring(ldap_state->smbldap_state->ldap_struct, entry, 
 			get_userattr_key2string(ldap_state->schema_ver, LDAP_ATTR_LOGOFF_TIME), temp)) {
 		/* leave as default */
 	} else {
@@ -563,7 +563,7 @@ static BOOL init_sam_from_ldap (struct ldapsam_privates *ldap_state,
 		pdb_set_logoff_time(sampass, logoff_time, PDB_SET);
 	}
 
-	if (!smbldap_get_single_attribute(ldap_state->smbldap_state->ldap_struct, entry, 
+	if (!smbldap_get_single_pstring(ldap_state->smbldap_state->ldap_struct, entry, 
 			get_userattr_key2string(ldap_state->schema_ver, LDAP_ATTR_KICKOFF_TIME), temp)) {
 		/* leave as default */
 	} else {
@@ -571,7 +571,7 @@ static BOOL init_sam_from_ldap (struct ldapsam_privates *ldap_state,
 		pdb_set_kickoff_time(sampass, kickoff_time, PDB_SET);
 	}
 
-	if (!smbldap_get_single_attribute(ldap_state->smbldap_state->ldap_struct, entry, 
+	if (!smbldap_get_single_pstring(ldap_state->smbldap_state->ldap_struct, entry, 
 			get_userattr_key2string(ldap_state->schema_ver, LDAP_ATTR_PWD_CAN_CHANGE), temp)) {
 		/* leave as default */
 	} else {
@@ -579,7 +579,7 @@ static BOOL init_sam_from_ldap (struct ldapsam_privates *ldap_state,
 		pdb_set_pass_can_change_time(sampass, pass_can_change_time, PDB_SET);
 	}
 
-	if (!smbldap_get_single_attribute(ldap_state->smbldap_state->ldap_struct, entry, 
+	if (!smbldap_get_single_pstring(ldap_state->smbldap_state->ldap_struct, entry, 
 			get_userattr_key2string(ldap_state->schema_ver, LDAP_ATTR_PWD_MUST_CHANGE), temp)) {	
 		/* leave as default */
 	} else {
@@ -593,9 +593,9 @@ static BOOL init_sam_from_ldap (struct ldapsam_privates *ldap_state,
 	 * that fits your needs; using cn then displayName rather than 'userFullName'
 	 */
 
-	if (!smbldap_get_single_attribute(ldap_state->smbldap_state->ldap_struct, entry,
+	if (!smbldap_get_single_pstring(ldap_state->smbldap_state->ldap_struct, entry,
 			get_userattr_key2string(ldap_state->schema_ver, LDAP_ATTR_DISPLAY_NAME), fullname)) {
-		if (!smbldap_get_single_attribute(ldap_state->smbldap_state->ldap_struct, entry,
+		if (!smbldap_get_single_pstring(ldap_state->smbldap_state->ldap_struct, entry,
 				get_userattr_key2string(ldap_state->schema_ver, LDAP_ATTR_CN), fullname)) {
 			/* leave as default */
 		} else {
@@ -605,7 +605,7 @@ static BOOL init_sam_from_ldap (struct ldapsam_privates *ldap_state,
 		pdb_set_fullname(sampass, fullname, PDB_SET);
 	}
 
-	if (!smbldap_get_single_attribute(ldap_state->smbldap_state->ldap_struct, entry, 
+	if (!smbldap_get_single_pstring(ldap_state->smbldap_state->ldap_struct, entry, 
 			get_userattr_key2string(ldap_state->schema_ver, LDAP_ATTR_HOME_DRIVE), dir_drive)) 
 	{
 		pdb_set_dir_drive( sampass, 
@@ -615,7 +615,7 @@ static BOOL init_sam_from_ldap (struct ldapsam_privates *ldap_state,
 		pdb_set_dir_drive(sampass, dir_drive, PDB_SET);
 	}
 
-	if (!smbldap_get_single_attribute(ldap_state->smbldap_state->ldap_struct, entry,
+	if (!smbldap_get_single_pstring(ldap_state->smbldap_state->ldap_struct, entry,
 			get_userattr_key2string(ldap_state->schema_ver, LDAP_ATTR_HOME_PATH), homedir)) 
 	{
 		pdb_set_homedir( sampass, 
@@ -625,7 +625,7 @@ static BOOL init_sam_from_ldap (struct ldapsam_privates *ldap_state,
 		pdb_set_homedir(sampass, homedir, PDB_SET);
 	}
 
-	if (!smbldap_get_single_attribute(ldap_state->smbldap_state->ldap_struct, entry,
+	if (!smbldap_get_single_pstring(ldap_state->smbldap_state->ldap_struct, entry,
 			get_userattr_key2string(ldap_state->schema_ver, LDAP_ATTR_LOGON_SCRIPT), logon_script)) 
 	{
 		pdb_set_logon_script( sampass, 
@@ -635,7 +635,7 @@ static BOOL init_sam_from_ldap (struct ldapsam_privates *ldap_state,
 		pdb_set_logon_script(sampass, logon_script, PDB_SET);
 	}
 
-	if (!smbldap_get_single_attribute(ldap_state->smbldap_state->ldap_struct, entry,
+	if (!smbldap_get_single_pstring(ldap_state->smbldap_state->ldap_struct, entry,
 			get_userattr_key2string(ldap_state->schema_ver, LDAP_ATTR_PROFILE_PATH), profile_path)) 
 	{
 		pdb_set_profile_path( sampass, 
@@ -645,7 +645,7 @@ static BOOL init_sam_from_ldap (struct ldapsam_privates *ldap_state,
 		pdb_set_profile_path(sampass, profile_path, PDB_SET);
 	}
 
-	if (!smbldap_get_single_attribute(ldap_state->smbldap_state->ldap_struct, entry, 
+	if (!smbldap_get_single_pstring(ldap_state->smbldap_state->ldap_struct, entry, 
 		get_userattr_key2string(ldap_state->schema_ver, LDAP_ATTR_DESC), acct_desc)) 
 	{
 		/* leave as default */
@@ -653,7 +653,7 @@ static BOOL init_sam_from_ldap (struct ldapsam_privates *ldap_state,
 		pdb_set_acct_desc(sampass, acct_desc, PDB_SET);
 	}
 
-	if (!smbldap_get_single_attribute(ldap_state->smbldap_state->ldap_struct, entry, 
+	if (!smbldap_get_single_pstring(ldap_state->smbldap_state->ldap_struct, entry, 
 		get_userattr_key2string(ldap_state->schema_ver, LDAP_ATTR_USER_WKS), workstations)) {
 		/* leave as default */;
 	} else {
@@ -661,7 +661,7 @@ static BOOL init_sam_from_ldap (struct ldapsam_privates *ldap_state,
 	}
 
 	if (!smbldap_get_single_attribute(ldap_state->smbldap_state->ldap_struct, entry, 
-		get_userattr_key2string(ldap_state->schema_ver, LDAP_ATTR_MUNGED_DIAL), munged_dial)) {
+		get_userattr_key2string(ldap_state->schema_ver, LDAP_ATTR_MUNGED_DIAL), munged_dial, sizeof(munged_dial))) {
 		/* leave as default */;
 	} else {
 		pdb_set_munged_dial(sampass, munged_dial, PDB_SET);
@@ -673,7 +673,7 @@ static BOOL init_sam_from_ldap (struct ldapsam_privates *ldap_state,
 	hours_len = 21;
 	memset(hours, 0xff, hours_len);
 
-	if (!smbldap_get_single_attribute (ldap_state->smbldap_state->ldap_struct, entry, 
+	if (!smbldap_get_single_pstring (ldap_state->smbldap_state->ldap_struct, entry, 
 		get_userattr_key2string(ldap_state->schema_ver, LDAP_ATTR_LMPW), temp)) {
 		/* leave as default */
 	} else {
@@ -684,7 +684,7 @@ static BOOL init_sam_from_ldap (struct ldapsam_privates *ldap_state,
 		ZERO_STRUCT(smblmpwd);
 	}
 
-	if (!smbldap_get_single_attribute (ldap_state->smbldap_state->ldap_struct, entry,
+	if (!smbldap_get_single_pstring (ldap_state->smbldap_state->ldap_struct, entry,
 		get_userattr_key2string(ldap_state->schema_ver, LDAP_ATTR_NTPW), temp)) {
 		/* leave as default */
 	} else {
@@ -695,7 +695,7 @@ static BOOL init_sam_from_ldap (struct ldapsam_privates *ldap_state,
 		ZERO_STRUCT(smbntpwd);
 	}
 
-	if (!smbldap_get_single_attribute (ldap_state->smbldap_state->ldap_struct, entry,
+	if (!smbldap_get_single_pstring (ldap_state->smbldap_state->ldap_struct, entry,
 			get_userattr_key2string(ldap_state->schema_ver, LDAP_ATTR_ACB_INFO), temp)) {
 		acct_ctrl |= ACB_NORMAL;
 	} else {
@@ -712,7 +712,7 @@ static BOOL init_sam_from_ldap (struct ldapsam_privates *ldap_state,
 
 /*	pdb_set_munged_dial(sampass, munged_dial, PDB_SET); */
 	
-	if (!smbldap_get_single_attribute(ldap_state->smbldap_state->ldap_struct, entry,
+	if (!smbldap_get_single_pstring(ldap_state->smbldap_state->ldap_struct, entry,
 			get_userattr_key2string(ldap_state->schema_ver, LDAP_ATTR_BAD_PASSWORD_COUNT), temp)) {
 			/* leave as default */
 	} else {
@@ -720,7 +720,7 @@ static BOOL init_sam_from_ldap (struct ldapsam_privates *ldap_state,
 		pdb_set_bad_password_count(sampass, bad_password_count, PDB_SET);
 	}
 
-	if (!smbldap_get_single_attribute(ldap_state->smbldap_state->ldap_struct, entry,
+	if (!smbldap_get_single_pstring(ldap_state->smbldap_state->ldap_struct, entry,
 			get_userattr_key2string(ldap_state->schema_ver, LDAP_ATTR_LOGON_COUNT), temp)) {
 			/* leave as default */
 	} else {
@@ -1686,7 +1686,7 @@ static BOOL init_group_from_ldap(struct ldapsam_privates *ldap_state,
 		return False;
 	}
 
-	if (!smbldap_get_single_attribute(ldap_state->smbldap_state->ldap_struct, entry, 
+	if (!smbldap_get_single_pstring(ldap_state->smbldap_state->ldap_struct, entry, 
 			get_attr_key2string(groupmap_attr_list, LDAP_ATTR_GIDNUMBER), temp)) {
 		DEBUG(0, ("init_group_from_ldap: Mandatory attribute %s not found\n", 
 			get_attr_key2string( groupmap_attr_list, LDAP_ATTR_GIDNUMBER)));
@@ -1696,7 +1696,7 @@ static BOOL init_group_from_ldap(struct ldapsam_privates *ldap_state,
 
 	map->gid = (gid_t)atol(temp);
 
-	if (!smbldap_get_single_attribute(ldap_state->smbldap_state->ldap_struct, entry, 
+	if (!smbldap_get_single_pstring(ldap_state->smbldap_state->ldap_struct, entry, 
 			get_attr_key2string( groupmap_attr_list, LDAP_ATTR_GROUP_SID), temp)) {
 		DEBUG(0, ("init_group_from_ldap: Mandatory attribute %s not found\n",
 			get_attr_key2string( groupmap_attr_list, LDAP_ATTR_GROUP_SID)));
@@ -1708,7 +1708,7 @@ static BOOL init_group_from_ldap(struct ldapsam_privates *ldap_state,
 		return False;
 	}
 
-	if (!smbldap_get_single_attribute(ldap_state->smbldap_state->ldap_struct, entry, 
+	if (!smbldap_get_single_pstring(ldap_state->smbldap_state->ldap_struct, entry, 
 			get_attr_key2string( groupmap_attr_list, LDAP_ATTR_GROUP_TYPE), temp)) {
 		DEBUG(0, ("init_group_from_ldap: Mandatory attribute %s not found\n",
 			get_attr_key2string( groupmap_attr_list, LDAP_ATTR_GROUP_TYPE)));
@@ -1722,10 +1722,10 @@ static BOOL init_group_from_ldap(struct ldapsam_privates *ldap_state,
 		return False;
 	}
 
-	if (!smbldap_get_single_attribute(ldap_state->smbldap_state->ldap_struct, entry, 
+	if (!smbldap_get_single_pstring(ldap_state->smbldap_state->ldap_struct, entry, 
 			get_attr_key2string( groupmap_attr_list, LDAP_ATTR_DISPLAY_NAME), temp)) {
 		temp[0] = '\0';
-		if (!smbldap_get_single_attribute(ldap_state->smbldap_state->ldap_struct, entry, 
+		if (!smbldap_get_single_pstring(ldap_state->smbldap_state->ldap_struct, entry, 
 			get_attr_key2string( groupmap_attr_list, LDAP_ATTR_CN), temp)) 
 		{
 			DEBUG(0, ("init_group_from_ldap: Attributes cn not found either \
@@ -1735,7 +1735,7 @@ for gidNumber(%lu)\n",(unsigned long)map->gid));
 	}
 	fstrcpy(map->nt_name, temp);
 
-	if (!smbldap_get_single_attribute(ldap_state->smbldap_state->ldap_struct, entry, 
+	if (!smbldap_get_single_pstring(ldap_state->smbldap_state->ldap_struct, entry, 
 			get_attr_key2string( groupmap_attr_list, LDAP_ATTR_DESC), temp)) {
 		temp[0] = '\0';
 	}
@@ -2372,7 +2372,7 @@ and will risk BDCs having inconsistant SIDs\n"));
 		return NT_STATUS_UNSUCCESSFUL;
 	}
 
-	if (smbldap_get_single_attribute(ldap_state->smbldap_state->ldap_struct, entry, 
+	if (smbldap_get_single_pstring(ldap_state->smbldap_state->ldap_struct, entry, 
 				 get_userattr_key2string(ldap_state->schema_ver, LDAP_ATTR_USER_SID), 
 				 domain_sid_string)) {
 		BOOL found_sid;
@@ -2395,7 +2395,7 @@ and will risk BDCs having inconsistant SIDs\n"));
 		sid_copy(&ldap_state->domain_sid, &ldap_domain_sid);
 	}
 
-	if (smbldap_get_single_attribute(ldap_state->smbldap_state->ldap_struct, entry, 
+	if (smbldap_get_single_pstring(ldap_state->smbldap_state->ldap_struct, entry, 
 				 get_userattr_key2string(ldap_state->schema_ver, LDAP_ATTR_ALGORITHMIC_RID_BASE), 
 				 alg_rid_base_string)) {
 		alg_rid_base = (uint32)atol(alg_rid_base_string);

source3/sam/idmap_ldap.c

@@ -204,7 +204,7 @@ static NTSTATUS ldap_next_rid(struct ldap_idmap_state *state, uint32 *rid,
 		   algorithmic_rid_base.  The other two are to avoid stomping on the
 		   different sets of algorithmic RIDs */
 		
-		if (smbldap_get_single_attribute(state->smbldap_state->ldap_struct, entry,
+		if (smbldap_get_single_pstring(state->smbldap_state->ldap_struct, entry,
 					 get_attr_key2string(dominfo_attr_list, LDAP_ATTR_ALGORITHMIC_RID_BASE),
 					 algorithmic_rid_base_string)) {
 			
@@ -224,7 +224,7 @@ static NTSTATUS ldap_next_rid(struct ldap_idmap_state *state, uint32 *rid,
 		if (alg_rid_base > BASE_RID) {
 			/* we have a non-default 'algorithmic rid base', so we have 'low' rids that we 
 			   can allocate to new users */
-			if (smbldap_get_single_attribute(state->smbldap_state->ldap_struct, entry,
+			if (smbldap_get_single_pstring(state->smbldap_state->ldap_struct, entry,
 						 get_attr_key2string(dominfo_attr_list, LDAP_ATTR_NEXT_RID),
 						 old_rid_string)) {
 				*rid = (uint32)atol(old_rid_string);
@@ -250,14 +250,14 @@ static NTSTATUS ldap_next_rid(struct ldap_idmap_state *state, uint32 *rid,
 		if (!next_rid) { /* not got one already */
 			switch (rid_type) {
 			case USER_RID_TYPE:
-				if (smbldap_get_single_attribute(state->smbldap_state->ldap_struct, entry,
+				if (smbldap_get_single_pstring(state->smbldap_state->ldap_struct, entry,
 							 get_attr_key2string(dominfo_attr_list, LDAP_ATTR_NEXT_USERRID),
 							 old_rid_string)) {
 					*rid = (uint32)atol(old_rid_string);					
 				}
 				break;
 			case GROUP_RID_TYPE:
-				if (smbldap_get_single_attribute(state->smbldap_state->ldap_struct, entry, 
+				if (smbldap_get_single_pstring(state->smbldap_state->ldap_struct, entry, 
 							 get_attr_key2string(dominfo_attr_list, LDAP_ATTR_NEXT_GROUPRID),
 							 old_rid_string)) {
 					*rid = (uint32)atol(old_rid_string);
@@ -297,7 +297,7 @@ static NTSTATUS ldap_next_rid(struct ldap_idmap_state *state, uint32 *rid,
 			pstring domain_sid_string;
 			int error = 0;
 
-			if (!smbldap_get_single_attribute(state->smbldap_state->ldap_struct, domain_result,
+			if (!smbldap_get_single_pstring(state->smbldap_state->ldap_struct, domain_result,
 					get_attr_key2string(dominfo_attr_list, LDAP_ATTR_DOM_SID),
 					domain_sid_string)) {
 				ldap_mods_free(mods, True);
@@ -420,7 +420,7 @@ static NTSTATUS ldap_allocate_id(unid_t *id, int id_type)
 	}
 	entry = ldap_first_entry(ldap_state.smbldap_state->ldap_struct, result);
 
-	if (!smbldap_get_single_attribute(ldap_state.smbldap_state->ldap_struct, entry, type, id_str)) {
+	if (!smbldap_get_single_pstring(ldap_state.smbldap_state->ldap_struct, entry, type, id_str)) {
 		DEBUG(0,("ldap_allocate_id: %s attribute not found\n",
 			 type));
 		goto out;
@@ -528,7 +528,7 @@ static NTSTATUS ldap_get_sid_from_id(DOM_SID *sid, unid_t id, int id_type)
 	
 	entry = ldap_first_entry(ldap_state.smbldap_state->ldap_struct, result);
 	
-	if ( !smbldap_get_single_attribute(ldap_state.smbldap_state->ldap_struct, entry, LDAP_ATTRIBUTE_SID, sid_str) )
+	if ( !smbldap_get_single_pstring(ldap_state.smbldap_state->ldap_struct, entry, LDAP_ATTRIBUTE_SID, sid_str) )
 		goto out;
 	   
 	if (!string_to_sid(sid, sid_str))
@@ -642,7 +642,7 @@ static NTSTATUS ldap_get_id_from_sid(unid_t *id, int *id_type, const DOM_SID *si
 
 	DEBUG(10, ("Found mapping entry at dn=%s, looking for %s\n", dn, type));
 		
-	if ( smbldap_get_single_attribute(ldap_state.smbldap_state->ldap_struct, entry, type, id_str) ) {
+	if ( smbldap_get_single_pstring(ldap_state.smbldap_state->ldap_struct, entry, type, id_str) ) {
 		if ( (*id_type & ID_USERID) )
 			id->uid = strtoul(id_str, NULL, 10);
 		else