providers/ldap/sdap_async_groups_ad.c

97ae45d61d921f07e812620e0156aee02b7b83a7Stephen Gallagher/*
97ae45d61d921f07e812620e0156aee02b7b83a7Stephen Gallagher    SSSD
97ae45d61d921f07e812620e0156aee02b7b83a7Stephen Gallagher
97ae45d61d921f07e812620e0156aee02b7b83a7Stephen Gallagher    Authors:
97ae45d61d921f07e812620e0156aee02b7b83a7Stephen Gallagher        Stephen Gallagher <sgallagh@redhat.com>
97ae45d61d921f07e812620e0156aee02b7b83a7Stephen Gallagher
97ae45d61d921f07e812620e0156aee02b7b83a7Stephen Gallagher    Copyright (C) 2012 Red Hat
97ae45d61d921f07e812620e0156aee02b7b83a7Stephen Gallagher
97ae45d61d921f07e812620e0156aee02b7b83a7Stephen Gallagher    This program is free software; you can redistribute it and/or modify
97ae45d61d921f07e812620e0156aee02b7b83a7Stephen Gallagher    it under the terms of the GNU General Public License as published by
97ae45d61d921f07e812620e0156aee02b7b83a7Stephen Gallagher    the Free Software Foundation; either version 3 of the License, or
97ae45d61d921f07e812620e0156aee02b7b83a7Stephen Gallagher    (at your option) any later version.
97ae45d61d921f07e812620e0156aee02b7b83a7Stephen Gallagher
97ae45d61d921f07e812620e0156aee02b7b83a7Stephen Gallagher    This program is distributed in the hope that it will be useful,
97ae45d61d921f07e812620e0156aee02b7b83a7Stephen Gallagher    but WITHOUT ANY WARRANTY; without even the implied warranty of
97ae45d61d921f07e812620e0156aee02b7b83a7Stephen Gallagher    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
97ae45d61d921f07e812620e0156aee02b7b83a7Stephen Gallagher    GNU General Public License for more details.
97ae45d61d921f07e812620e0156aee02b7b83a7Stephen Gallagher
97ae45d61d921f07e812620e0156aee02b7b83a7Stephen Gallagher    You should have received a copy of the GNU General Public License
97ae45d61d921f07e812620e0156aee02b7b83a7Stephen Gallagher    along with this program.  If not, see <http://www.gnu.org/licenses/>.
97ae45d61d921f07e812620e0156aee02b7b83a7Stephen Gallagher*/
97ae45d61d921f07e812620e0156aee02b7b83a7Stephen Gallagher
97ae45d61d921f07e812620e0156aee02b7b83a7Stephen Gallagher#include "util/util.h"
97ae45d61d921f07e812620e0156aee02b7b83a7Stephen Gallagher#include "providers/ldap/sdap_async.h"
97ae45d61d921f07e812620e0156aee02b7b83a7Stephen Gallagher#include "providers/ldap/ldap_common.h"
97ae45d61d921f07e812620e0156aee02b7b83a7Stephen Gallagher
97ae45d61d921f07e812620e0156aee02b7b83a7Stephen Gallagherstruct sdap_ad_match_rule_state {
97ae45d61d921f07e812620e0156aee02b7b83a7Stephen Gallagher    struct tevent_context *ev;
97ae45d61d921f07e812620e0156aee02b7b83a7Stephen Gallagher    struct sdap_handle *sh;
97ae45d61d921f07e812620e0156aee02b7b83a7Stephen Gallagher    const char **attrs;
97ae45d61d921f07e812620e0156aee02b7b83a7Stephen Gallagher
97ae45d61d921f07e812620e0156aee02b7b83a7Stephen Gallagher    struct sdap_options *opts;
97ae45d61d921f07e812620e0156aee02b7b83a7Stephen Gallagher    const char *base_filter;
97ae45d61d921f07e812620e0156aee02b7b83a7Stephen Gallagher    char *filter;
97ae45d61d921f07e812620e0156aee02b7b83a7Stephen Gallagher    int timeout;
97ae45d61d921f07e812620e0156aee02b7b83a7Stephen Gallagher
97ae45d61d921f07e812620e0156aee02b7b83a7Stephen Gallagher    size_t base_iter;
97ae45d61d921f07e812620e0156aee02b7b83a7Stephen Gallagher    struct sdap_search_base **search_bases;
97ae45d61d921f07e812620e0156aee02b7b83a7Stephen Gallagher
97ae45d61d921f07e812620e0156aee02b7b83a7Stephen Gallagher    size_t count;
97ae45d61d921f07e812620e0156aee02b7b83a7Stephen Gallagher    struct sysdb_attrs **users;
97ae45d61d921f07e812620e0156aee02b7b83a7Stephen Gallagher};
97ae45d61d921f07e812620e0156aee02b7b83a7Stephen Gallagher
97ae45d61d921f07e812620e0156aee02b7b83a7Stephen Gallagherstatic errno_t
97ae45d61d921f07e812620e0156aee02b7b83a7Stephen Gallaghersdap_get_ad_match_rule_members_next_base(struct tevent_req *req);
97ae45d61d921f07e812620e0156aee02b7b83a7Stephen Gallagherstatic void
97ae45d61d921f07e812620e0156aee02b7b83a7Stephen Gallaghersdap_get_ad_match_rule_members_step(struct tevent_req *subreq);
97ae45d61d921f07e812620e0156aee02b7b83a7Stephen Gallagher
97ae45d61d921f07e812620e0156aee02b7b83a7Stephen Gallagherstruct tevent_req *
97ae45d61d921f07e812620e0156aee02b7b83a7Stephen Gallaghersdap_get_ad_match_rule_members_send(TALLOC_CTX *mem_ctx,
97ae45d61d921f07e812620e0156aee02b7b83a7Stephen Gallagher                                    struct tevent_context *ev,
97ae45d61d921f07e812620e0156aee02b7b83a7Stephen Gallagher                                    struct sdap_options *opts,
97ae45d61d921f07e812620e0156aee02b7b83a7Stephen Gallagher                                    struct sdap_handle *sh,
97ae45d61d921f07e812620e0156aee02b7b83a7Stephen Gallagher                                    struct sysdb_attrs *group,
97ae45d61d921f07e812620e0156aee02b7b83a7Stephen Gallagher                                    int timeout)
97ae45d61d921f07e812620e0156aee02b7b83a7Stephen Gallagher{
97ae45d61d921f07e812620e0156aee02b7b83a7Stephen Gallagher    errno_t ret;
97ae45d61d921f07e812620e0156aee02b7b83a7Stephen Gallagher    struct tevent_req *req;
97ae45d61d921f07e812620e0156aee02b7b83a7Stephen Gallagher    struct sdap_ad_match_rule_state *state;
97ae45d61d921f07e812620e0156aee02b7b83a7Stephen Gallagher    const char *group_dn;
97ae45d61d921f07e812620e0156aee02b7b83a7Stephen Gallagher    char *sanitized_group_dn;
97ae45d61d921f07e812620e0156aee02b7b83a7Stephen Gallagher
97ae45d61d921f07e812620e0156aee02b7b83a7Stephen Gallagher    req = tevent_req_create(mem_ctx, &state, struct sdap_ad_match_rule_state);
97ae45d61d921f07e812620e0156aee02b7b83a7Stephen Gallagher    if (!req) return NULL;
97ae45d61d921f07e812620e0156aee02b7b83a7Stephen Gallagher
97ae45d61d921f07e812620e0156aee02b7b83a7Stephen Gallagher    state->ev = ev;
97ae45d61d921f07e812620e0156aee02b7b83a7Stephen Gallagher    state->opts = opts;
97ae45d61d921f07e812620e0156aee02b7b83a7Stephen Gallagher    state->sh = sh;
97ae45d61d921f07e812620e0156aee02b7b83a7Stephen Gallagher    state->timeout = timeout;
97ae45d61d921f07e812620e0156aee02b7b83a7Stephen Gallagher    state->count = 0;
97ae45d61d921f07e812620e0156aee02b7b83a7Stephen Gallagher    state->base_iter = 0;
749cfb5d3270b5daf389d51a0dbd3fd2aec6e05dJakub Hrozek    state->search_bases = opts->sdom->user_search_bases;
97ae45d61d921f07e812620e0156aee02b7b83a7Stephen Gallagher
97ae45d61d921f07e812620e0156aee02b7b83a7Stephen Gallagher    /* Request all of the user attributes that we know about. */
4dd38025efda88f123eac672f87d3cda12f050c8Jakub Hrozek    ret = build_attrs_from_map(state, opts->user_map, opts->user_map_cnt,
97ae45d61d921f07e812620e0156aee02b7b83a7Stephen Gallagher                               NULL, &state->attrs, NULL);
97ae45d61d921f07e812620e0156aee02b7b83a7Stephen Gallagher    if (ret != EOK) {
97ae45d61d921f07e812620e0156aee02b7b83a7Stephen Gallagher        DEBUG(SSSDBG_MINOR_FAILURE,
a3c8390d19593b1e5277d95bfb4ab206d4785150Nikolai Kondrashov              "Could not build attribute map: [%s]\n",
a3c8390d19593b1e5277d95bfb4ab206d4785150Nikolai Kondrashov               strerror(ret));
97ae45d61d921f07e812620e0156aee02b7b83a7Stephen Gallagher        goto immediate;
97ae45d61d921f07e812620e0156aee02b7b83a7Stephen Gallagher    }
97ae45d61d921f07e812620e0156aee02b7b83a7Stephen Gallagher
97ae45d61d921f07e812620e0156aee02b7b83a7Stephen Gallagher    /* Get the DN of the group */
97ae45d61d921f07e812620e0156aee02b7b83a7Stephen Gallagher    ret = sysdb_attrs_get_string(group, SYSDB_ORIG_DN, &group_dn);
97ae45d61d921f07e812620e0156aee02b7b83a7Stephen Gallagher    if (ret != EOK) {
97ae45d61d921f07e812620e0156aee02b7b83a7Stephen Gallagher        DEBUG(SSSDBG_MINOR_FAILURE,
a3c8390d19593b1e5277d95bfb4ab206d4785150Nikolai Kondrashov              "Could not retrieve originalDN for group: %s\n",
a3c8390d19593b1e5277d95bfb4ab206d4785150Nikolai Kondrashov               strerror(ret));
97ae45d61d921f07e812620e0156aee02b7b83a7Stephen Gallagher        goto immediate;
97ae45d61d921f07e812620e0156aee02b7b83a7Stephen Gallagher    }
97ae45d61d921f07e812620e0156aee02b7b83a7Stephen Gallagher
97ae45d61d921f07e812620e0156aee02b7b83a7Stephen Gallagher    /* Sanitize it in case we have special characters in DN */
97ae45d61d921f07e812620e0156aee02b7b83a7Stephen Gallagher    ret = sss_filter_sanitize(state, group_dn, &sanitized_group_dn);
97ae45d61d921f07e812620e0156aee02b7b83a7Stephen Gallagher    if (ret != EOK) {
97ae45d61d921f07e812620e0156aee02b7b83a7Stephen Gallagher        DEBUG(SSSDBG_MINOR_FAILURE,
a3c8390d19593b1e5277d95bfb4ab206d4785150Nikolai Kondrashov              "Could not sanitize group DN: %s\n",
a3c8390d19593b1e5277d95bfb4ab206d4785150Nikolai Kondrashov               strerror(ret));
97ae45d61d921f07e812620e0156aee02b7b83a7Stephen Gallagher        goto immediate;
97ae45d61d921f07e812620e0156aee02b7b83a7Stephen Gallagher    }
97ae45d61d921f07e812620e0156aee02b7b83a7Stephen Gallagher
97ae45d61d921f07e812620e0156aee02b7b83a7Stephen Gallagher    /* Craft a special filter according to
97ae45d61d921f07e812620e0156aee02b7b83a7Stephen Gallagher     * http://msdn.microsoft.com/en-us/library/windows/desktop/aa746475%28v=vs.85%29.aspx
97ae45d61d921f07e812620e0156aee02b7b83a7Stephen Gallagher     */
97ae45d61d921f07e812620e0156aee02b7b83a7Stephen Gallagher    state->base_filter =
97ae45d61d921f07e812620e0156aee02b7b83a7Stephen Gallagher            talloc_asprintf(state,
97ae45d61d921f07e812620e0156aee02b7b83a7Stephen Gallagher                            "(&(%s:%s:=%s)(objectClass=%s))",
97ae45d61d921f07e812620e0156aee02b7b83a7Stephen Gallagher                            state->opts->user_map[SDAP_AT_USER_MEMBEROF].name,
97ae45d61d921f07e812620e0156aee02b7b83a7Stephen Gallagher                            SDAP_MATCHING_RULE_IN_CHAIN,
97ae45d61d921f07e812620e0156aee02b7b83a7Stephen Gallagher                            sanitized_group_dn,
97ae45d61d921f07e812620e0156aee02b7b83a7Stephen Gallagher                            state->opts->user_map[SDAP_OC_USER].name);
97ae45d61d921f07e812620e0156aee02b7b83a7Stephen Gallagher    talloc_zfree(sanitized_group_dn);
97ae45d61d921f07e812620e0156aee02b7b83a7Stephen Gallagher    if (!state->base_filter) {
97ae45d61d921f07e812620e0156aee02b7b83a7Stephen Gallagher        ret = ENOMEM;
97ae45d61d921f07e812620e0156aee02b7b83a7Stephen Gallagher        goto immediate;
97ae45d61d921f07e812620e0156aee02b7b83a7Stephen Gallagher    }
97ae45d61d921f07e812620e0156aee02b7b83a7Stephen Gallagher
97ae45d61d921f07e812620e0156aee02b7b83a7Stephen Gallagher    /* Start the loop through the search bases to get all of the users */
97ae45d61d921f07e812620e0156aee02b7b83a7Stephen Gallagher    ret = sdap_get_ad_match_rule_members_next_base(req);
97ae45d61d921f07e812620e0156aee02b7b83a7Stephen Gallagher    if (ret != EOK) {
97ae45d61d921f07e812620e0156aee02b7b83a7Stephen Gallagher        DEBUG(SSSDBG_MINOR_FAILURE,
a3c8390d19593b1e5277d95bfb4ab206d4785150Nikolai Kondrashov              "sdap_get_ad_match_rule_members_next_base failed: [%s]\n",
a3c8390d19593b1e5277d95bfb4ab206d4785150Nikolai Kondrashov               strerror(ret));
97ae45d61d921f07e812620e0156aee02b7b83a7Stephen Gallagher        goto immediate;
97ae45d61d921f07e812620e0156aee02b7b83a7Stephen Gallagher    }
97ae45d61d921f07e812620e0156aee02b7b83a7Stephen Gallagher
97ae45d61d921f07e812620e0156aee02b7b83a7Stephen Gallagher    return req;
97ae45d61d921f07e812620e0156aee02b7b83a7Stephen Gallagher
97ae45d61d921f07e812620e0156aee02b7b83a7Stephen Gallagherimmediate:
97ae45d61d921f07e812620e0156aee02b7b83a7Stephen Gallagher    tevent_req_error(req, ret);
97ae45d61d921f07e812620e0156aee02b7b83a7Stephen Gallagher    tevent_req_post(req, ev);
97ae45d61d921f07e812620e0156aee02b7b83a7Stephen Gallagher    return req;
97ae45d61d921f07e812620e0156aee02b7b83a7Stephen Gallagher}
97ae45d61d921f07e812620e0156aee02b7b83a7Stephen Gallagher
97ae45d61d921f07e812620e0156aee02b7b83a7Stephen Gallagherstatic errno_t
97ae45d61d921f07e812620e0156aee02b7b83a7Stephen Gallaghersdap_get_ad_match_rule_members_next_base(struct tevent_req *req)
97ae45d61d921f07e812620e0156aee02b7b83a7Stephen Gallagher{
97ae45d61d921f07e812620e0156aee02b7b83a7Stephen Gallagher    struct tevent_req *subreq;
97ae45d61d921f07e812620e0156aee02b7b83a7Stephen Gallagher    struct sdap_ad_match_rule_state *state;
97ae45d61d921f07e812620e0156aee02b7b83a7Stephen Gallagher
97ae45d61d921f07e812620e0156aee02b7b83a7Stephen Gallagher    state = tevent_req_data(req, struct sdap_ad_match_rule_state);
97ae45d61d921f07e812620e0156aee02b7b83a7Stephen Gallagher
97ae45d61d921f07e812620e0156aee02b7b83a7Stephen Gallagher    talloc_zfree(state->filter);
92ec40e6aa25f75903ffdb166a8ec56b67bfd77dPavel Březina    state->filter = sdap_combine_filters(state, state->base_filter,
97ae45d61d921f07e812620e0156aee02b7b83a7Stephen Gallagher                        state->search_bases[state->base_iter]->filter);
97ae45d61d921f07e812620e0156aee02b7b83a7Stephen Gallagher    if (!state->filter) {
97ae45d61d921f07e812620e0156aee02b7b83a7Stephen Gallagher        return ENOMEM;
97ae45d61d921f07e812620e0156aee02b7b83a7Stephen Gallagher    }
97ae45d61d921f07e812620e0156aee02b7b83a7Stephen Gallagher
97ae45d61d921f07e812620e0156aee02b7b83a7Stephen Gallagher    DEBUG(SSSDBG_TRACE_FUNC,
a3c8390d19593b1e5277d95bfb4ab206d4785150Nikolai Kondrashov          "Searching for users with base [%s]\n",
a3c8390d19593b1e5277d95bfb4ab206d4785150Nikolai Kondrashov           state->search_bases[state->base_iter]->basedn);
97ae45d61d921f07e812620e0156aee02b7b83a7Stephen Gallagher
97ae45d61d921f07e812620e0156aee02b7b83a7Stephen Gallagher    subreq = sdap_get_generic_send(
97ae45d61d921f07e812620e0156aee02b7b83a7Stephen Gallagher            state, state->ev, state->opts, state->sh,
97ae45d61d921f07e812620e0156aee02b7b83a7Stephen Gallagher            state->search_bases[state->base_iter]->basedn,
97ae45d61d921f07e812620e0156aee02b7b83a7Stephen Gallagher            state->search_bases[state->base_iter]->scope,
97ae45d61d921f07e812620e0156aee02b7b83a7Stephen Gallagher            state->filter, state->attrs,
4dd38025efda88f123eac672f87d3cda12f050c8Jakub Hrozek            state->opts->user_map, state->opts->user_map_cnt,
97ae45d61d921f07e812620e0156aee02b7b83a7Stephen Gallagher            state->timeout, true);
97ae45d61d921f07e812620e0156aee02b7b83a7Stephen Gallagher    if (!subreq) {
97ae45d61d921f07e812620e0156aee02b7b83a7Stephen Gallagher        return ENOMEM;
97ae45d61d921f07e812620e0156aee02b7b83a7Stephen Gallagher    }
97ae45d61d921f07e812620e0156aee02b7b83a7Stephen Gallagher
97ae45d61d921f07e812620e0156aee02b7b83a7Stephen Gallagher    tevent_req_set_callback(subreq, sdap_get_ad_match_rule_members_step, req);
97ae45d61d921f07e812620e0156aee02b7b83a7Stephen Gallagher
97ae45d61d921f07e812620e0156aee02b7b83a7Stephen Gallagher    return EOK;
97ae45d61d921f07e812620e0156aee02b7b83a7Stephen Gallagher}
97ae45d61d921f07e812620e0156aee02b7b83a7Stephen Gallagher
97ae45d61d921f07e812620e0156aee02b7b83a7Stephen Gallagherstatic void
97ae45d61d921f07e812620e0156aee02b7b83a7Stephen Gallaghersdap_get_ad_match_rule_members_step(struct tevent_req *subreq)
97ae45d61d921f07e812620e0156aee02b7b83a7Stephen Gallagher{
97ae45d61d921f07e812620e0156aee02b7b83a7Stephen Gallagher    errno_t ret;
97ae45d61d921f07e812620e0156aee02b7b83a7Stephen Gallagher    struct tevent_req *req =
97ae45d61d921f07e812620e0156aee02b7b83a7Stephen Gallagher            tevent_req_callback_data(subreq, struct tevent_req);
97ae45d61d921f07e812620e0156aee02b7b83a7Stephen Gallagher    struct sdap_ad_match_rule_state *state =
97ae45d61d921f07e812620e0156aee02b7b83a7Stephen Gallagher            tevent_req_data(req, struct sdap_ad_match_rule_state);
97ae45d61d921f07e812620e0156aee02b7b83a7Stephen Gallagher    size_t count, i;
97ae45d61d921f07e812620e0156aee02b7b83a7Stephen Gallagher    struct sysdb_attrs **users;
97ae45d61d921f07e812620e0156aee02b7b83a7Stephen Gallagher
97ae45d61d921f07e812620e0156aee02b7b83a7Stephen Gallagher    ret = sdap_get_generic_recv(subreq, state, &count, &users);
97ae45d61d921f07e812620e0156aee02b7b83a7Stephen Gallagher    talloc_zfree(subreq);
97ae45d61d921f07e812620e0156aee02b7b83a7Stephen Gallagher    if (ret != EOK) {
97ae45d61d921f07e812620e0156aee02b7b83a7Stephen Gallagher        DEBUG(SSSDBG_MINOR_FAILURE,
a3c8390d19593b1e5277d95bfb4ab206d4785150Nikolai Kondrashov              "LDAP search failed: [%s]\n", sss_strerror(ret));
97ae45d61d921f07e812620e0156aee02b7b83a7Stephen Gallagher        tevent_req_error(req, ret);
97ae45d61d921f07e812620e0156aee02b7b83a7Stephen Gallagher        return;
97ae45d61d921f07e812620e0156aee02b7b83a7Stephen Gallagher    }
97ae45d61d921f07e812620e0156aee02b7b83a7Stephen Gallagher
97ae45d61d921f07e812620e0156aee02b7b83a7Stephen Gallagher    DEBUG(SSSDBG_TRACE_LIBS,
a3c8390d19593b1e5277d95bfb4ab206d4785150Nikolai Kondrashov          "Search for users returned %zu results\n", count);
97ae45d61d921f07e812620e0156aee02b7b83a7Stephen Gallagher
97ae45d61d921f07e812620e0156aee02b7b83a7Stephen Gallagher    /* Add this batch of users to the list */
97ae45d61d921f07e812620e0156aee02b7b83a7Stephen Gallagher    if (count > 0) {
97ae45d61d921f07e812620e0156aee02b7b83a7Stephen Gallagher        state->users = talloc_realloc(state, state->users,
97ae45d61d921f07e812620e0156aee02b7b83a7Stephen Gallagher                                      struct sysdb_attrs *,
97ae45d61d921f07e812620e0156aee02b7b83a7Stephen Gallagher                                      state->count + count + 1);
97ae45d61d921f07e812620e0156aee02b7b83a7Stephen Gallagher        if (!state->users) {
97ae45d61d921f07e812620e0156aee02b7b83a7Stephen Gallagher            tevent_req_error(req, ENOMEM);
97ae45d61d921f07e812620e0156aee02b7b83a7Stephen Gallagher            return;
97ae45d61d921f07e812620e0156aee02b7b83a7Stephen Gallagher        }
97ae45d61d921f07e812620e0156aee02b7b83a7Stephen Gallagher
97ae45d61d921f07e812620e0156aee02b7b83a7Stephen Gallagher        /* Copy the new users into the list */
97ae45d61d921f07e812620e0156aee02b7b83a7Stephen Gallagher        for (i = 0; i < count; i++) {
97ae45d61d921f07e812620e0156aee02b7b83a7Stephen Gallagher            state->users[state->count + i] =
97ae45d61d921f07e812620e0156aee02b7b83a7Stephen Gallagher                    talloc_steal(state->users, users[i]);
97ae45d61d921f07e812620e0156aee02b7b83a7Stephen Gallagher        }
97ae45d61d921f07e812620e0156aee02b7b83a7Stephen Gallagher
97ae45d61d921f07e812620e0156aee02b7b83a7Stephen Gallagher        state->count += count;
97ae45d61d921f07e812620e0156aee02b7b83a7Stephen Gallagher        state->users[state->count] = NULL;
97ae45d61d921f07e812620e0156aee02b7b83a7Stephen Gallagher    }
97ae45d61d921f07e812620e0156aee02b7b83a7Stephen Gallagher
97ae45d61d921f07e812620e0156aee02b7b83a7Stephen Gallagher    /* Continue checking other search bases */
97ae45d61d921f07e812620e0156aee02b7b83a7Stephen Gallagher    state->base_iter++;
97ae45d61d921f07e812620e0156aee02b7b83a7Stephen Gallagher    if (state->search_bases[state->base_iter]) {
97ae45d61d921f07e812620e0156aee02b7b83a7Stephen Gallagher        /* There are more search bases to try */
97ae45d61d921f07e812620e0156aee02b7b83a7Stephen Gallagher        ret = sdap_get_ad_match_rule_members_next_base(req);
97ae45d61d921f07e812620e0156aee02b7b83a7Stephen Gallagher        if (ret != EOK) {
97ae45d61d921f07e812620e0156aee02b7b83a7Stephen Gallagher            tevent_req_error(req, ret);
97ae45d61d921f07e812620e0156aee02b7b83a7Stephen Gallagher        }
97ae45d61d921f07e812620e0156aee02b7b83a7Stephen Gallagher        return;
97ae45d61d921f07e812620e0156aee02b7b83a7Stephen Gallagher    }
97ae45d61d921f07e812620e0156aee02b7b83a7Stephen Gallagher
97ae45d61d921f07e812620e0156aee02b7b83a7Stephen Gallagher    /* No more search bases. We're done here. */
97ae45d61d921f07e812620e0156aee02b7b83a7Stephen Gallagher    if (state->count == 0) {
97ae45d61d921f07e812620e0156aee02b7b83a7Stephen Gallagher        DEBUG(SSSDBG_TRACE_LIBS,
a3c8390d19593b1e5277d95bfb4ab206d4785150Nikolai Kondrashov              "No users matched in any search base\n");
97ae45d61d921f07e812620e0156aee02b7b83a7Stephen Gallagher        tevent_req_error(req, ENOENT);
97ae45d61d921f07e812620e0156aee02b7b83a7Stephen Gallagher        return;
97ae45d61d921f07e812620e0156aee02b7b83a7Stephen Gallagher    }
97ae45d61d921f07e812620e0156aee02b7b83a7Stephen Gallagher
97ae45d61d921f07e812620e0156aee02b7b83a7Stephen Gallagher    tevent_req_done(req);
97ae45d61d921f07e812620e0156aee02b7b83a7Stephen Gallagher}
97ae45d61d921f07e812620e0156aee02b7b83a7Stephen Gallagher
97ae45d61d921f07e812620e0156aee02b7b83a7Stephen Gallaghererrno_t
97ae45d61d921f07e812620e0156aee02b7b83a7Stephen Gallaghersdap_get_ad_match_rule_members_recv(struct tevent_req *req,
97ae45d61d921f07e812620e0156aee02b7b83a7Stephen Gallagher                                    TALLOC_CTX *mem_ctx,
97ae45d61d921f07e812620e0156aee02b7b83a7Stephen Gallagher                                    size_t *num_users,
97ae45d61d921f07e812620e0156aee02b7b83a7Stephen Gallagher                                    struct sysdb_attrs ***users)
97ae45d61d921f07e812620e0156aee02b7b83a7Stephen Gallagher{
97ae45d61d921f07e812620e0156aee02b7b83a7Stephen Gallagher    struct sdap_ad_match_rule_state *state =
97ae45d61d921f07e812620e0156aee02b7b83a7Stephen Gallagher            tevent_req_data(req, struct sdap_ad_match_rule_state);
97ae45d61d921f07e812620e0156aee02b7b83a7Stephen Gallagher
97ae45d61d921f07e812620e0156aee02b7b83a7Stephen Gallagher    TEVENT_REQ_RETURN_ON_ERROR(req);
97ae45d61d921f07e812620e0156aee02b7b83a7Stephen Gallagher
97ae45d61d921f07e812620e0156aee02b7b83a7Stephen Gallagher    *num_users = state->count;
97ae45d61d921f07e812620e0156aee02b7b83a7Stephen Gallagher    *users = talloc_steal(mem_ctx, state->users);
97ae45d61d921f07e812620e0156aee02b7b83a7Stephen Gallagher    return EOK;
97ae45d61d921f07e812620e0156aee02b7b83a7Stephen Gallagher}