dsdb: Refuse to return an all-zero invocationID

This could cause an all-zero GUID to be entered into the replPropertyMetaData, which will then fail to be replicated to other DCs. Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org> (cherry picked from commit 4022d8632cc092f4f43fae69cc3cfb58d0d000dd)
author: Andrew Bartlett <abartlet@samba.org> 2013-09-17 15:20:48 -0700
committer: Karolin Seeger <kseeger@samba.org> 2013-09-27 09:28:56 +0200
commit: 66f843ec1fb6551de961d54c3d0364ef51a66432 (patch)
tree: 4de8623565b8e871e88b15c91c43674c6a96c1f3
parent: 815867367d2c1a75aef236ff1d9f1169b22828dd (diff)
download: samba-66f843ec1fb6551de961d54c3d0364ef51a66432.tar.gz
1 files changed, 8 insertions, 0 deletions
diff --git a/source4/dsdb/common/util.c b/source4/dsdb/common/util.c
index 55bd73e424..904ca1dcc9 100644
--- a/source4/dsdb/common/util.c
+++ b/source4/dsdb/common/util.c
@@ -1326,6 +1326,14 @@ const struct GUID *samdb_ntds_invocation_id(struct ldb_context *ldb)
 	}
 
 	*invocation_id = samdb_result_guid(res->msgs[0], "invocationId");
+	if (GUID_all_zero(invocation_id)) {
+		if (ldb_msg_find_ldb_val(res->msgs[0], "invocationId")) {
+			DEBUG(0, ("Failed to find our own NTDS Settings invocationId in the ldb!\n"));	
+		} else {
+			DEBUG(0, ("Failed to find parse own NTDS Settings invocationId from the ldb!\n"));
+		}
+		goto failed;
+	}
 
 	/* cache the domain_sid in the ldb */
 	if (ldb_set_opaque(ldb, "cache.invocation_id", invocation_id) != LDB_SUCCESS) {
author	Andrew Bartlett <abartlet@samba.org>	2013-09-17 15:20:48 -0700
committer	Karolin Seeger <kseeger@samba.org>	2013-09-27 09:28:56 +0200
commit	66f843ec1fb6551de961d54c3d0364ef51a66432 (patch)
tree	4de8623565b8e871e88b15c91c43674c6a96c1f3
parent	815867367d2c1a75aef236ff1d9f1169b22828dd (diff)
download	samba-66f843ec1fb6551de961d54c3d0364ef51a66432.tar.gz