From: Andrew Bartlett <abartlet@samba.org>
Date: Thu, 27 Jul 2023 04:44:10 +0000 (+1200)
Subject: dsdb: Use samdb_get_system_container_dn() to get Password Settings Container
X-Git-Tag: samba-4.17.11~73
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=30c14e87e2b66dd2ec4f09097394e5179c50411f;p=thirdparty%2Fsamba.git

dsdb: Use samdb_get_system_container_dn() to get Password Settings Container

By doing this we use the common samdb_get_system_container_dn() routine and we
avoid doing a linerize and parse step on the main DN, instead using the
already stored parse of the DN.  This is more hygenic.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=9959

Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
(cherry picked from commit 3669caa97f76d3e893ac6a1ab88341057929ee6a)
---

diff --git a/source4/dsdb/samdb/ldb_modules/operational.c b/source4/dsdb/samdb/ldb_modules/operational.c
index 2b3cd2d7954..214079c0917 100644
--- a/source4/dsdb/samdb/ldb_modules/operational.c
+++ b/source4/dsdb/samdb/ldb_modules/operational.c
@@ -998,19 +998,20 @@ static int get_pso_count(struct ldb_module *module, TALLOC_CTX *mem_ctx,
 {
 	static const char * const attrs[] = { NULL };
 	int ret;
-	struct ldb_dn *domain_dn = NULL;
 	struct ldb_dn *psc_dn = NULL;
 	struct ldb_result *res = NULL;
 	struct ldb_context *ldb = ldb_module_get_ctx(module);
+	bool psc_ok;
 
 	*pso_count = 0;
-	domain_dn = ldb_get_default_basedn(ldb);
-	psc_dn = ldb_dn_new_fmt(mem_ctx, ldb,
-			        "CN=Password Settings Container,CN=System,%s",
-				ldb_dn_get_linearized(domain_dn));
+	psc_dn = samdb_system_container_dn(ldb, mem_ctx);
 	if (psc_dn == NULL) {
 		return ldb_oom(ldb);
 	}
+	psc_ok = ldb_dn_add_child_fmt(psc_dn, "CN=Password Settings Container");
+	if (psc_ok == false) {
+		return ldb_oom(ldb);
+	}
 
 	/* get the number of PSO children */
 	ret = dsdb_module_search(module, mem_ctx, &res, psc_dn,
@@ -1077,8 +1078,8 @@ static int pso_search_by_sids(struct ldb_module *module, TALLOC_CTX *mem_ctx,
 	int i;
 	struct ldb_context *ldb = ldb_module_get_ctx(module);
 	char *sid_filter = NULL;
-	struct ldb_dn *domain_dn = NULL;
 	struct ldb_dn *psc_dn = NULL;
+	bool psc_ok;
 	const char *attrs[] = {
 		"msDS-PasswordSettingsPrecedence",
 		"objectGUID",
@@ -1104,13 +1105,14 @@ static int pso_search_by_sids(struct ldb_module *module, TALLOC_CTX *mem_ctx,
 	}
 
 	/* only PSOs located in the Password Settings Container are valid */
-	domain_dn = ldb_get_default_basedn(ldb);
-	psc_dn = ldb_dn_new_fmt(mem_ctx, ldb,
-			        "CN=Password Settings Container,CN=System,%s",
-				ldb_dn_get_linearized(domain_dn));
+	psc_dn = samdb_system_container_dn(ldb, mem_ctx);
 	if (psc_dn == NULL) {
 		return ldb_oom(ldb);
 	}
+	psc_ok = ldb_dn_add_child_fmt(psc_dn, "CN=Password Settings Container");
+	if (psc_ok == false) {
+		return ldb_oom(ldb);
+	}
 
 	ret = dsdb_module_search(module, mem_ctx, result, psc_dn,
 				 LDB_SCOPE_ONELEVEL, attrs,