From 53c20e1096d8aa4879ddf22df3cc3651eb73f8f7 Mon Sep 17 00:00:00 2001
From: Andrew Bartlett <abartlet@samba.org>
Date: Thu, 15 Nov 2018 12:48:15 +1300
Subject: [PATCH] s4-samr: Use dom_sid_split_rid() to get the RID in
 dcesrv_samr_EnumDomainUsers

Signed-off-by: Andrew Bartlett <abartlet@samba.org>

Reviewed-by: Gary Lockyer <gary@catalyst.net.nz>
---
 source4/rpc_server/samr/dcesrv_samr.c | 32 ++++++++++++++++++++++-----
 1 file changed, 27 insertions(+), 5 deletions(-)

diff --git a/source4/rpc_server/samr/dcesrv_samr.c b/source4/rpc_server/samr/dcesrv_samr.c
index 3a5b0146ba7..53e2347fef6 100644
--- a/source4/rpc_server/samr/dcesrv_samr.c
+++ b/source4/rpc_server/samr/dcesrv_samr.c
@@ -1623,10 +1623,12 @@ static NTSTATUS dcesrv_samr_EnumDomainUsers(struct dcesrv_call_state *dce_call,
 		return NT_STATUS_NO_MEMORY;
 	}
 	for (i = 0; i < results; i++) {
-		struct dom_sid *sid;
+		struct dom_sid *objectsid;
+		uint32_t rid;
 		struct ldb_result *rec;
 		const uint32_t idx = *r->in.resume_handle + i;
 		int ret;
+		NTSTATUS status;
 		const char *name = NULL;
 
 		resume_handle++;
@@ -1657,8 +1659,10 @@ static NTSTATUS dcesrv_samr_EnumDomainUsers(struct dcesrv_call_state *dce_call,
 			clear_guid_cache(cache);
 			return NT_STATUS_INTERNAL_DB_CORRUPTION;
 		}
-		sid = samdb_result_dom_sid(mem_ctx, rec->msgs[0], "objectSID");
-		if (sid == NULL) {
+		objectsid = samdb_result_dom_sid(mem_ctx,
+						 rec->msgs[0],
+						 "objectSID");
+		if (objectsid == NULL) {
 			char *guid_str =
 			    GUID_string(mem_ctx, &cache->entries[idx]);
 			DBG_WARNING("objectSID for GUID [%s] not found\n",
@@ -1670,8 +1674,26 @@ static NTSTATUS dcesrv_samr_EnumDomainUsers(struct dcesrv_call_state *dce_call,
 		      r->in.acct_flags) == 0)) {
 			continue;
 		}
-		entries[count].idx = samdb_result_rid_from_sid(
-		    mem_ctx, rec->msgs[0], "objectSid", 0);
+		status = dom_sid_split_rid(NULL,
+					   objectsid,
+					   NULL,
+					   &rid);
+		if (!NT_STATUS_IS_OK(status)) {
+			struct dom_sid_buf sid_buf;
+			char *sid_str =
+				dom_sid_str_buf(objectsid,
+						&sid_buf);
+			struct GUID_txt_buf guid_buf;
+			char *guid_str =
+				GUID_buf_string(&cache->entries[idx],
+						&guid_buf);
+			DBG_WARNING("objectSID [%s] for GUID [%s] invalid\n",
+				    sid_str,
+				    guid_str);
+			continue;
+		}
+
+		entries[count].idx = rid;
 		name = ldb_msg_find_attr_as_string(
 		    rec->msgs[0], "sAMAccountName", "");
 		entries[count].name.string = talloc_strdup(entries, name);
-- 
2.47.2