From bd16da4182021c7fb48be32f5f131aa2e1713f49 Mon Sep 17 00:00:00 2001 From: Andrew Bartlett Date: Wed, 24 Oct 2012 16:41:52 +1100 Subject: [PATCH 2/2] dsdb-cracknames: Return DRSUAPI_DS_NAME_STATUS_NO_MAPPING when there is no SID If there is no SID for an object being mapped, then there is no NT4 name. We need to return DRSUAPI_DS_NAME_STATUS_NO_MAPPING rather than error out with anything other than WERR_OK as the return value. Andrew Bartlett --- source4/dsdb/samdb/cracknames.c | 10 +++++++--- 1 file changed, 7 insertions(+), 3 deletions(-) diff --git a/source4/dsdb/samdb/cracknames.c b/source4/dsdb/samdb/cracknames.c index 6ad8026..8b52aa3 100644 --- a/source4/dsdb/samdb/cracknames.c +++ b/source4/dsdb/samdb/cracknames.c @@ -1067,9 +1067,13 @@ static WERROR DsCrackNameOneFilter(struct ldb_context *sam_ctx, TALLOC_CTX *mem_ const struct dom_sid *sid = samdb_result_dom_sid(mem_ctx, result, "objectSid"); const char *_acc = "", *_dom = ""; - - if (samdb_find_attribute(sam_ctx, result, "objectClass", "domain")) { - + if (sid == NULL) { + info1->status = DRSUAPI_DS_NAME_STATUS_NO_MAPPING; + return WERR_OK; + } else if (samdb_find_attribute(sam_ctx, result, "objectClass", "domain")) { + /* This can also find a DomainDNSZones entry, + * but it won't have the SID we just + * checked. */ ldb_ret = ldb_search(sam_ctx, mem_ctx, &domain_res, partitions_basedn, LDB_SCOPE_ONELEVEL, -- 1.7.11.7