diff options
| author | Andreas Schneider <asn@samba.org> | 2014-09-24 09:22:03 +0200 |
|---|---|---|
| committer | Günther Deschner <gd@samba.org> | 2014-09-26 05:55:34 +0200 |
| commit | 4eaa4ccbdf279f1ff6d8218b36d92aeea0114cd8 (patch) | |
| tree | c00d3b99105523088e152ca415acd33b7e0e4e47 | |
| parent | 83c62bd3f5945bbe295cbfbd153736d4c709b3a6 (diff) | |
| download | samba-4eaa4ccbdf279f1ff6d8218b36d92aeea0114cd8.tar.gz | |
s3-libads: Add a function to retrieve the SPNs of a computer account.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=9984
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Guenther Deschner <gd@samba.org>
| -rw-r--r-- | source3/libads/ads_proto.h | 6 | ||||
| -rw-r--r-- | source3/libads/ldap.c | 60 |
2 files changed, 66 insertions, 0 deletions
diff --git a/source3/libads/ads_proto.h b/source3/libads/ads_proto.h index 17a84d15833..6a2280734df 100644 --- a/source3/libads/ads_proto.h +++ b/source3/libads/ads_proto.h @@ -87,6 +87,12 @@ ADS_STATUS ads_add_strlist(TALLOC_CTX *ctx, ADS_MODLIST *mods, const char *name, const char **vals); uint32 ads_get_kvno(ADS_STRUCT *ads, const char *account_name); uint32_t ads_get_machine_kvno(ADS_STRUCT *ads, const char *machine_name); + +ADS_STATUS ads_get_service_principal_names(TALLOC_CTX *mem_ctx, + ADS_STRUCT *ads, + const char *machine_name, + char ***spn_array, + size_t *num_spns); ADS_STATUS ads_clear_service_principal_names(ADS_STRUCT *ads, const char *machine_name); ADS_STATUS ads_add_service_principal_name(ADS_STRUCT *ads, const char *machine_name, const char *my_fqdn, const char *spn); diff --git a/source3/libads/ldap.c b/source3/libads/ldap.c index 8fed8fd86d3..c683e2c530a 100644 --- a/source3/libads/ldap.c +++ b/source3/libads/ldap.c @@ -1915,6 +1915,66 @@ ADS_STATUS ads_clear_service_principal_names(ADS_STRUCT *ads, const char *machin } /** + * @brief This gets the service principal names of an existing computer account. + * + * @param[in] mem_ctx The memory context to use to allocate the spn array. + * + * @param[in] ads The ADS context to use. + * + * @param[in] machine_name The NetBIOS name of the computer, which is used to + * identify the computer account. + * + * @param[in] spn_array A pointer to store the array for SPNs. + * + * @param[in] num_spns The number of principals stored in the array. + * + * @return 0 on success, or a ADS error if a failure occured. + */ +ADS_STATUS ads_get_service_principal_names(TALLOC_CTX *mem_ctx, + ADS_STRUCT *ads, + const char *machine_name, + char ***spn_array, + size_t *num_spns) +{ + ADS_STATUS status; + LDAPMessage *res = NULL; + char *dn; + int count; + + status = ads_find_machine_acct(ads, + &res, + machine_name); + if (!ADS_ERR_OK(status)) { + DEBUG(1,("Host Account for %s not found... skipping operation.\n", + machine_name)); + return status; + } + + count = ads_count_replies(ads, res); + if (count != 1) { + status = ADS_ERROR(LDAP_NO_SUCH_OBJECT); + goto done; + } + + dn = ads_get_dn(ads, mem_ctx, res); + if (dn == NULL) { + status = ADS_ERROR_LDAP(LDAP_NO_MEMORY); + goto done; + } + + *spn_array = ads_pull_strings(ads, + mem_ctx, + res, + "servicePrincipalName", + num_spns); + +done: + ads_msgfree(ads, res); + + return status; +} + +/** * This adds a service principal name to an existing computer account * (found by hostname) in AD. * @param ads An initialized ADS_STRUCT |