diff --git a/source3/libads/ldap.c b/source3/libads/ldap.c index df45be5f8a5..19a37c71a37 100644 --- a/source3/libads/ldap.c +++ b/source3/libads/ldap.c @@ -3856,39 +3856,36 @@ ADS_STATUS ads_check_ou_dn(TALLOC_CTX *mem_ctx, ADS_STRUCT *ads, const char **account_ou) { - struct ldb_dn *name_dn = NULL; - const char *name = NULL; - char *ou_string = NULL; - struct ldb_context *ldb = ldb_init(mem_ctx, NULL); + char **exploded_dn; + const char *name; + char *ou_string; - name_dn = ldb_dn_new(mem_ctx, ldb, *account_ou); - if (name_dn && ldb_dn_validate(name_dn)) { - talloc_free(ldb); + exploded_dn = ldap_explode_dn(*account_ou, 0); + if (exploded_dn) { + ldap_value_free(exploded_dn); return ADS_SUCCESS; } ou_string = ads_ou_string(ads, *account_ou); if (!ou_string) { - talloc_free(ldb); return ADS_ERROR_LDAP(LDAP_INVALID_DN_SYNTAX); } - name_dn = ldb_dn_new_fmt(mem_ctx, ldb, "%s,%s", ou_string, - ads->config.bind_path); + name = talloc_asprintf(mem_ctx, "%s,%s", ou_string, + ads->config.bind_path); SAFE_FREE(ou_string); - if (!name_dn || !ldb_dn_validate(name_dn)) { - talloc_free(ldb); - return ADS_ERROR_LDAP(LDAP_INVALID_DN_SYNTAX); - } - - *account_ou = talloc_strdup(mem_ctx, name); - if (!*account_ou) { - talloc_free(ldb); + if (!name) { return ADS_ERROR_LDAP(LDAP_NO_MEMORY); } - talloc_free(ldb); + exploded_dn = ldap_explode_dn(name, 0); + if (!exploded_dn) { + return ADS_ERROR_LDAP(LDAP_INVALID_DN_SYNTAX); + } + ldap_value_free(exploded_dn); + + *account_ou = name; return ADS_SUCCESS; }