archive
/
windows-server-2003
mirror of https://github.com/selfrender/Windows-Server-2003
2
0
Fork 0
Code Issues Projects Releases Wiki Activity
Leaked source code of windows server 2003
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
3 Commits
1 Branch
0 Tags
1.5 GiB
Tree: 827363a95b
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from '827363a95b'
${ noResults }
windows-server-2003/net/diagnostics/netdiag/ldaptest.c

727 lines
20 KiB
Raw Normal View History

commiting as it is
4 years ago
  1. //++
  2. //
  3. // Copyright (C) Microsoft Corporation, 1987 - 1999
  4. //
  5. // Module Name:
  6. //
  7. // ldaptest.c
  8. //
  9. // Abstract:
  10. //
  11. // Queries into network drivers
  12. //
  13. // Author:
  14. //
  15. // Anilth - 4-20-1998
  16. //
  17. // Environment:
  18. //
  19. // User mode only.
  20. // Contains NT-specific code.
  21. //
  22. // Revision History:
  23. //
  24. //--
  26. #include "precomp.h"
  27. #include "malloc.h"
  29. BOOL TestLdapOnDc(IN PTESTED_DC TestedDc, NETDIAG_PARAMS* pParams, NETDIAG_RESULT* pResults);
  30. DWORD TestSpnOnDC(IN PTESTED_DC pDcInfo, NETDIAG_RESULT* pResults);
  32. HRESULT LDAPTest( NETDIAG_PARAMS* pParams, NETDIAG_RESULT* pResults)
  33. {
  34. HRESULT hr = S_OK;
  36. BOOL RetVal = TRUE;
  37. PTESTED_DOMAIN TestedDomain = pParams->pDomain;
  38. PTESTED_DC TestedDc = NULL;
  39. PLIST_ENTRY ListEntry;
  40. BOOLEAN OneLdapFailed = FALSE;
  41. BOOLEAN OneLdapWorked = FALSE;
  42. BOOL fSpnTested = FALSE;
  43. BOOL fSpnPassed = FALSE;
  45. NET_API_STATUS NetStatus;
  47. //if the machine is a member machine or DC, LDAP Test will get called.
  48. //Otherwise, the test will be skipped
  49. pResults->LDAP.fPerformed = TRUE;
  51. // assume link entry is initialized to 0000
  52. if(pResults->LDAP.lmsgOutput.Flink == NULL)
  53. InitializeListHead(&pResults->LDAP.lmsgOutput);
  55. PrintStatusMessage(pParams, 4, IDS_LDAP_STATUS_MSG, TestedDomain->PrintableDomainName);
  57. //
  58. // If a DC hasn't been discovered yet,
  59. // find one.
  60. //
  62. if ( TestedDomain->DcInfo == NULL )
  63. {
  64. LPTSTR pszDcType;
  66. if ( TestedDomain->fTriedToFindDcInfo )
  67. {
  68. CHK_HR_CONTEXT(pResults->LDAP, S_FALSE, IDS_LDAP_NODC);
  69. }
  71. pszDcType = LoadAndAllocString(IDS_DCTYPE_DC);
  72. NetStatus = DoDsGetDcName( pParams,
  73. pResults,
  74. &pResults->LDAP.lmsgOutput,
  75. TestedDomain,
  76. DS_DIRECTORY_SERVICE_PREFERRED,
  77. "DC",
  78. FALSE,
  79. &TestedDomain->DcInfo );
  80. Free(pszDcType);
  82. TestedDomain->fTriedToFindDcInfo = TRUE;
  84. if ( NetStatus != NO_ERROR )
  85. {
  86. CHK_HR_CONTEXT(pResults->LDAP, hr = HRESULT_FROM_WIN32(NetStatus), IDS_LDAP_NODC);
  87. }
  88. }
  92. //
  93. // Ensure the DC is running the Ds.
  94. //
  96. if ( (TestedDomain->DcInfo->Flags & DS_DS_FLAG) == 0 )
  97. {
  98. AddIMessageToList(&pResults->LDAP.lmsgOutput, Nd_Quiet, 0, IDS_LDAP_NOTRUNNINGDS,
  99. TestedDomain->DcInfo->DomainControllerName);
  100. }
  102. //
  103. // Test ldap on all of the found DCs in the domain.
  104. //
  106. for ( ListEntry = TestedDomain->TestedDcs.Flink ;
  107. ListEntry != &TestedDomain->TestedDcs ;
  108. ListEntry = ListEntry->Flink ) {
  111. //
  112. // Loop through the list of DCs in this domain
  113. //
  115. TestedDc = CONTAINING_RECORD( ListEntry, TESTED_DC, Next );
  117. //
  118. // Only run test on DCs that might support LDAP.
  119. //
  121. if ( TestedDc->Flags & DC_IS_NT5 )
  122. {
  123. if ( !TestLdapOnDc( TestedDc, pParams, pResults ) )
  124. OneLdapFailed = TRUE;
  125. else
  126. OneLdapWorked = TRUE;
  128. //test the SPN registration if this is a DC on the primary domain
  129. if (TestedDomain->fPrimaryDomain)
  130. {
  131. fSpnTested = TRUE;
  132. if (TestSpnOnDC(TestedDc, pResults))
  133. fSpnPassed = TRUE;
  134. }
  135. }
  136. else
  137. {
  138. AddIMessageToList(&pResults->LDAP.lmsgOutput, Nd_ReallyVerbose, 0,
  139. IDS_LDAP_NOTRUNNINGDS_SKIP, TestedDc->ComputerName);
  140. }
  142. }
  144. //
  145. // If one of the DCs failed,
  146. // and none worked.
  147. // Don't do any more tests.
  148. //
  149. if ( OneLdapFailed && !OneLdapWorked )
  150. {
  151. AddIMessageToList(&pResults->LDAP.lmsgOutput, Nd_Quiet, 0,
  152. IDS_LDAP_NOLDAPSERVERSWORK, TestedDomain->PrintableDomainName);
  154. CHK_HR_CONTEXT(pResults->LDAP, hr = E_FAIL, 0);
  155. }
  157. if ( fSpnTested && !fSpnPassed )
  158. {
  159. //IDS_LDAP_NO_SPN " [FATAL] The default SPNs are not properly registered on and DCs.\n"
  160. AddIMessageToList(&pResults->LDAP.lmsgOutput, Nd_Quiet, 0,
  161. IDS_LDAP_NO_SPN);
  162. CHK_HR_CONTEXT(pResults->LDAP, hr = E_FAIL, 0);
  163. }
  165. L_ERR:
  167. //$REVIEW (nsun) we should return S_FALSE or S_OK
  168. //so that we can go on with other tests
  169. if (!FHrOK(hr))
  170. hr = S_FALSE;
  171. return hr;
  172. }
  174. DWORD TestSpnOnDC(IN PTESTED_DC pDcInfo, NETDIAG_RESULT* pResults)
  175. {
  176. WCHAR FlatName[ MAX_PATH + 1 ];
  177. PWSTR Dot ;
  178. HANDLE hDs = NULL;
  179. ULONG NetStatus ;
  180. PDS_NAME_RESULTW Result ;
  181. LPWSTR Flat = FlatName;
  182. LDAP *ld = NULL;
  183. int rc;
  184. LDAPMessage *e, *res = NULL;
  185. WCHAR *base_dn;
  186. WCHAR *search_dn, search_ava[ MAX_PATH + 30 ];
  187. WCHAR Domain[ MAX_PATH + 1 ];
  188. CHAR szDefaultFqdnSpn[MAX_PATH + 10];
  189. CHAR szDefaultShortSpn[MAX_PATH + 10];
  190. BOOL fFqdnSpnFound = FALSE;
  191. BOOL fShortSpnFound = FALSE;
  192. BOOL fFailQuerySpn = FALSE;
  194. USES_CONVERSION;
  196. //construct the default SPN's
  197. lstrcpy(szDefaultFqdnSpn, _T("HOST/"));
  198. lstrcat(szDefaultFqdnSpn, pResults->Global.szDnsHostName);
  199. lstrcpy(szDefaultShortSpn, _T("HOST/"));
  200. lstrcat(szDefaultShortSpn, W2T(pResults->Global.swzNetBiosName));
  202. wcscpy(Domain, GetSafeStringW(pDcInfo->TestedDomain->NetbiosDomainName ?
  203. pDcInfo->TestedDomain->NetbiosDomainName :
  204. pDcInfo->TestedDomain->DnsDomainName));
  206. ld = ldap_open(W2A(pDcInfo->ComputerName), LDAP_PORT);
  207. if (ld == NULL) {
  208. DebugMessage2("ldap_init failed = %x", LdapGetLastError());
  209. fFailQuerySpn = TRUE;
  210. goto L_ERROR;
  211. }
  213. rc = ldap_bind_s(ld, NULL, NULL, LDAP_AUTH_NEGOTIATE);
  214. if (rc != LDAP_SUCCESS) {
  215. DebugMessage2("ldap_bind failed = %x", LdapGetLastError());
  216. fFailQuerySpn = TRUE;
  217. goto L_ERROR;
  219. }
  221. NetStatus = DsBindW( NULL, Domain, &hDs );
  222. if ( NetStatus != 0 )
  223. {
  224. DebugMessage3("Failed to bind to DC of domain %ws, %#x\n",
  225. Domain, NetStatus );
  226. fFailQuerySpn = TRUE;
  227. goto L_ERROR;
  228. }
  230. Dot = wcschr( Domain, L'.' );
  232. if ( Dot )
  233. {
  234. *Dot = L'\0';
  235. }
  237. wcscpy( FlatName, Domain );
  239. if ( Dot )
  240. {
  241. *Dot = L'.' ;
  242. }
  244. wcscat( FlatName, L"\\" );
  245. wcscat( FlatName, pResults->Global.swzNetBiosName );
  246. wcscat( FlatName, L"$" );
  248. NetStatus = DsCrackNamesW(
  249. hDs,
  250. 0,
  251. DS_NT4_ACCOUNT_NAME,
  252. DS_FQDN_1779_NAME,
  253. 1,
  254. &Flat,
  255. &Result );
  257. if ( NetStatus != 0)
  258. {
  259. DebugMessage3("Failed to crack name %ws into the FQDN, %#x\n",
  260. FlatName, NetStatus );
  262. DsUnBind( &hDs );
  264. fFailQuerySpn = TRUE;
  265. goto L_ERROR;
  266. }
  268. search_dn = pResults->Global.swzNetBiosName;
  270. if (0 == Result->cItems)
  271. {
  272. DsUnBind( &hDs );
  274. fFailQuerySpn = TRUE;
  275. goto L_ERROR;
  276. }
  278. if (DS_NAME_NO_ERROR != Result->rItems[0].status || NULL == Result->rItems[0].pName)
  279. {
  280. DsUnBind( &hDs );
  282. fFailQuerySpn = TRUE;
  283. goto L_ERROR;
  284. }
  286. base_dn = wcschr(Result->rItems[0].pName, L',');
  288. if (!base_dn)
  289. base_dn = Result->rItems[0].pName;
  290. else
  291. base_dn++;
  293. DsUnBind( &hDs );
  295. swprintf(search_ava, L"(sAMAccountName=%s$)", search_dn);
  297. rc = ldap_search_s(ld, W2A(base_dn), LDAP_SCOPE_SUBTREE,
  298. W2A(search_ava), NULL, 0, &res);
  300. //base_dn can no longer be used because base_dn refers to that buffer
  301. DsFreeNameResultW( Result );
  303. if (rc != LDAP_SUCCESS) {
  304. DebugMessage2("ldap_search_s failed: %s", ldap_err2string(rc));
  305. fFailQuerySpn = TRUE;
  306. goto L_ERROR;
  307. }
  309. for (e = ldap_first_entry(ld, res);
  310. e;
  311. e = ldap_next_entry(ld, e))
  312. {
  313. BerElement *b;
  314. CHAR *attr;
  316. //IDS_LDAP_REG_SPN "Registered Service Principal Names:\n"
  317. AddIMessageToList(&pResults->LDAP.lmsgOutput, Nd_ReallyVerbose, 0,
  318. IDS_LDAP_REG_SPN);
  320. for (attr = ldap_first_attribute(ld, e, &b);
  321. attr;
  322. attr = ldap_next_attribute(ld, e, b))
  323. {
  324. CHAR **values, **p;
  325. values = ldap_get_values(ld, e, attr);
  326. for (p = values; *p; p++)
  327. {
  328. if (strcmp(attr, "servicePrincipalName") == 0)
  329. {
  330. // IDS_LDAP_SPN_NAME " %s\n"
  331. AddIMessageToList(&pResults->LDAP.lmsgOutput, Nd_ReallyVerbose, 0,
  332. IDS_LDAP_SPN_NAME, *p);
  334. if (0 == _stricmp(*p, szDefaultFqdnSpn))
  335. fFqdnSpnFound = TRUE;
  336. else if (0 == _stricmp(*p, szDefaultShortSpn))
  337. fShortSpnFound = TRUE;
  338. }
  339. }
  340. ldap_value_free(values);
  341. ldap_memfree(attr);
  342. }
  344. }
  347. L_ERROR:
  348. if (res)
  349. {
  350. ldap_msgfree(res);
  351. }
  353. if (ld)
  354. {
  355. ldap_unbind(ld);
  356. }
  358. //Only report fatal error when we successfully query SPN registration
  359. //and all DCs doesn't have the default SPN's
  360. if (fFailQuerySpn)
  361. {
  362. //IDS_LDAP_SPN_FAILURE "Failed to query SPN registration from DC %ws.\n"
  363. AddIMessageToList(&pResults->LDAP.lmsgOutput, Nd_Quiet, 0,
  364. IDS_LDAP_SPN_FAILURE, pDcInfo->ComputerName);
  365. return TRUE;
  366. }
  367. else if (!fFqdnSpnFound || !fShortSpnFound)
  368. {
  369. //IDS_LDAP_SPN_MISSING " [WARNING] The default SPN registration for '%s' is missing on DC '%ws'.\n"
  370. if (!fFqdnSpnFound)
  371. AddIMessageToList(&pResults->LDAP.lmsgOutput, Nd_Quiet, 0,
  372. IDS_LDAP_SPN_MISSING, szDefaultFqdnSpn, pDcInfo->ComputerName);
  374. if (!fShortSpnFound)
  375. AddIMessageToList(&pResults->LDAP.lmsgOutput, Nd_Quiet, 0,
  376. IDS_LDAP_SPN_MISSING, szDefaultShortSpn, pDcInfo->ComputerName);
  378. return FALSE;
  379. }
  380. else
  381. return TRUE;
  382. }
  384. void LDAPGlobalPrint(IN NETDIAG_PARAMS *pParams, IN OUT NETDIAG_RESULT *pResults)
  385. {
  386. if (pParams->fVerbose || !FHrOK(pResults->LDAP.hr))
  387. {
  388. PrintNewLine(pParams, 2);
  389. PrintTestTitleResult(pParams, IDS_LDAP_LONG, IDS_LDAP_SHORT, pResults->LDAP.fPerformed,
  390. pResults->LDAP.hr, 0);
  392. if (!FHrOK(pResults->LDAP.hr))
  393. {
  394. if(pResults->LDAP.idsContext)
  395. PrintError(pParams, pResults->LDAP.idsContext, pResults->LDAP.hr);
  396. }
  398. PrintMessageList(pParams, &pResults->LDAP.lmsgOutput);
  399. }
  401. }
  403. void LDAPPerInterfacePrint(IN NETDIAG_PARAMS *pParams,
  404. IN OUT NETDIAG_RESULT *pResults,
  405. IN INTERFACE_RESULT *pIfResult)
  406. {
  407. // no perinterface information
  408. }
  410. void LDAPCleanup(IN NETDIAG_PARAMS *pParams,
  411. IN OUT NETDIAG_RESULT *pResults)
  412. {
  413. MessageListCleanUp(&pResults->LDAP.lmsgOutput);
  414. pResults->LDAP.lmsgOutput.Flink = NULL;
  415. }
  418. BOOL
  419. TestLdapOnDc(
  420. IN PTESTED_DC TestedDc,NETDIAG_PARAMS* pParams, NETDIAG_RESULT* pResults
  421. )
  422. /*++
  424. Routine Description:
  427. Ensure we can use LDAP focused at the specified DC
  429. Arguments:
  431. TestedDc - Description of DC to test
  433. Return Value:
  435. TRUE: Test suceeded.
  436. FALSE: Test failed
  438. --*/
  439. {
  440. NET_API_STATUS NetStatus;
  441. NTSTATUS Status;
  442. BOOL RetVal = TRUE;
  443. int LdapMessageId;
  444. PLDAPMessage LdapMessage = NULL;
  445. PLDAPMessage CurrentEntry;
  446. int LdapError;
  447. ULONG AuthType;
  448. LPSTR AuthTypeName;
  449. LPWSTR DcIpAddress;
  451. LDAP *LdapHandle = NULL;
  453. //
  454. // Avoid this test if the DC is already known to be down.
  455. //
  457. if ( TestedDc->Flags & DC_IS_DOWN ) {
  458. AddIMessageToList(&pResults->LDAP.lmsgOutput, Nd_ReallyVerbose, 0,
  459. IDS_LDAP_DCDOWN, TestedDc->ComputerName);
  461. goto Cleanup;
  462. }
  464. //
  465. // If there is no IP Address,
  466. // get it.
  467. //
  469. if ( !GetIpAddressForDc( TestedDc ) ) {
  470. AddIMessageToList(&pResults->LDAP.lmsgOutput, Nd_Quiet, 0,
  471. IDS_LDAP_NOIPADDR, TestedDc->ComputerName);
  472. RetVal = FALSE;
  473. goto Cleanup;
  474. }
  476. DcIpAddress = TestedDc->DcIpAddress;
  478. //
  479. // Loop trying each type of authentication.
  480. //
  482. for ( AuthType = 0; AuthType < 3; AuthType++ ) {
  483. int AuthMethod;
  484. SEC_WINNT_AUTH_IDENTITY_W NtAuthIdentity;
  485. LPSTR AuthGuru;
  487. //
  488. // Bind as appropropriate
  489. //
  491. RtlZeroMemory( &NtAuthIdentity, sizeof(NtAuthIdentity));
  492. NtAuthIdentity.Flags = SEC_WINNT_AUTH_IDENTITY_UNICODE;
  493. switch ( AuthType ) {
  494. case 0:
  495. AuthTypeName = "un-";
  496. break;
  497. case 1:
  498. AuthTypeName = "NTLM ";
  499. AuthMethod = LDAP_AUTH_NTLM;
  500. AuthGuru = NTLM_GURU;
  501. break;
  502. case 2:
  503. AuthTypeName = "Negotiate ";
  504. AuthMethod = LDAP_AUTH_NEGOTIATE;
  505. AuthGuru = KERBEROS_GURU;
  506. break;
  508. }
  510. //
  511. // Only Members and Domain controllers can use authenticated RPC.
  512. //
  514. if ( AuthType != 0 ) {
  515. if ( pResults->Global.pPrimaryDomainInfo->MachineRole == DsRole_RoleMemberWorkstation ||
  516. pResults->Global.pPrimaryDomainInfo->MachineRole == DsRole_RoleMemberServer ||
  517. pResults->Global.pPrimaryDomainInfo->MachineRole == DsRole_RoleBackupDomainController ||
  518. pResults->Global.pPrimaryDomainInfo->MachineRole == DsRole_RolePrimaryDomainController ) {
  520. //
  521. // If we're logged onto a local account,
  522. // we can't test authenticated RPC.
  523. //
  525. if ( pResults->Global.pLogonDomain == NULL ) {
  526. AddIMessageToList(&pResults->LDAP.lmsgOutput, Nd_Quiet, 0,
  527. IDS_LDAP_LOGONASLOCALUSER,
  528. pResults->Global.pLogonDomainName,
  529. pResults->Global.pLogonUser,
  530. AuthTypeName, TestedDc->ComputerName);
  531. goto Cleanup;
  532. }
  534. } else {
  535. goto Cleanup;
  536. }
  537. }
  539. AddIMessageToList(&pResults->LDAP.lmsgOutput, Nd_ReallyVerbose, 0,
  540. IDS_LDAP_DOAUTHEN,
  541. AuthTypeName, TestedDc->ComputerName);
  543. //
  544. // Cleanup from a previous iteration.
  545. //
  547. if ( LdapMessage != NULL )
  548. {
  549. ldap_msgfree( LdapMessage );
  550. LdapMessage = NULL;
  551. }
  553. if ( LdapHandle != NULL )
  554. {
  555. ldap_unbind( LdapHandle );
  556. LdapHandle = NULL;
  557. }
  559. //
  560. // Connect to the DC.
  561. //
  563. LdapHandle = ldap_openW( DcIpAddress, LDAP_PORT );
  565. if ( LdapHandle == NULL )
  566. {
  568. AddIMessageToList(&pResults->LDAP.lmsgOutput, Nd_Quiet, 0,
  569. IDS_LDAP_CANNOTOPEN,
  570. TestedDc->ComputerName, DcIpAddress );
  571. goto Cleanup;
  572. }
  574. //
  575. // Bind to the DC.
  576. //
  578. if ( AuthType != 0 ) {
  579. LdapError = ldap_bind_s( LdapHandle, NULL, (char *)&NtAuthIdentity, AuthMethod );
  581. if ( LdapError != LDAP_SUCCESS ) {
  582. AddIMessageToList(&pResults->LDAP.lmsgOutput, Nd_Quiet, 0,
  583. IDS_LDAP_CANNOTBIND,
  584. AuthTypeName, TestedDc->ComputerName, ldap_err2stringA(LdapError) );
  586. //
  587. // Try other authentication methods.
  588. //
  589. RetVal = FALSE;
  590. continue;
  591. }
  594. }
  597. //
  598. // Do a trivial search to isolate LDAP problems from authentication
  599. // problems
  600. //
  602. LdapError = ldap_search_sA(
  603. LdapHandle,
  604. NULL, // DN
  605. LDAP_SCOPE_BASE,
  606. "(objectClass=*)", // filter
  607. NULL,
  608. FALSE,
  609. &LdapMessage );
  611. if ( LdapError != LDAP_SUCCESS ) {
  612. AddIMessageToList(&pResults->LDAP.lmsgOutput, Nd_Quiet, 0,
  613. IDS_LDAP_CANNOTSEARCH,
  614. AuthTypeName, TestedDc->ComputerName, ldap_err2stringA(LdapError) );
  615. goto Cleanup;
  616. }
  618. //
  619. // How many entries were returned.
  620. //
  621. AddIMessageToList(&pResults->LDAP.lmsgOutput, Nd_ReallyVerbose, 0,
  622. IDS_LDAP_ENTRIES,
  623. ldap_count_entries( LdapHandle, LdapMessage ) );
  626. //
  627. // Print the entries.
  628. //
  630. CurrentEntry = ldap_first_entry( LdapHandle, LdapMessage );
  632. while ( CurrentEntry != NULL )
  633. {
  634. PVOID Context;
  635. char *AttrName;
  637. //
  638. // Test for error
  639. //
  640. if ( LdapHandle->ld_errno != 0 )
  641. {
  642. AddIMessageToList(&pResults->LDAP.lmsgOutput, Nd_Quiet, 0,
  643. IDS_LDAP_CANNOTFIRSTENTRY,
  644. TestedDc->ComputerName, ldap_err2stringA(LdapHandle->ld_errno) );
  645. goto Cleanup;
  646. }
  648. //
  649. // Walk through the list of returned attributes.
  650. //
  652. AttrName = ldap_first_attributeA( LdapHandle, CurrentEntry, (PVOID)&Context );
  653. while ( AttrName != NULL )
  654. {
  655. PLDAP_BERVAL *Berval;
  658. //
  659. // Test for error
  660. //
  662. if ( LdapHandle->ld_errno != 0 ) {
  663. AddIMessageToList(&pResults->LDAP.lmsgOutput, Nd_Quiet, 0,
  664. IDS_LDAP_CANNOTFIRSTATTR,
  665. TestedDc->ComputerName, ldap_err2stringA(LdapHandle->ld_errno) );
  666. goto Cleanup;
  667. }
  669. //
  670. // Grab the attribute and it's value
  671. //
  673. AddIMessageToList(&pResults->LDAP.lmsgOutput, Nd_ReallyVerbose, 0,
  674. IDS_LDAP_ATTR, AttrName );
  676. Berval = ldap_get_values_lenA( LdapHandle, CurrentEntry, AttrName );
  678. if ( Berval == NULL )
  679. {
  680. AddIMessageToList(&pResults->LDAP.lmsgOutput, Nd_Quiet, 0,
  681. IDS_LDAP_CANNOTLEN,
  682. TestedDc->ComputerName, ldap_err2stringA(LdapHandle->ld_errno) );
  683. goto Cleanup;
  684. }
  685. else
  686. {
  687. int i;
  688. for ( i=0; Berval[i] != NULL; i++ ) {
  689. AddIMessageToList(&pResults->LDAP.lmsgOutput, Nd_ReallyVerbose, 0,
  690. IDS_LDAP_VAL,
  691. Berval[i]->bv_len, Berval[i]->bv_val );
  692. }
  693. ldap_value_free_len( Berval );
  694. }
  697. //
  698. // Get the next entry
  699. //
  701. AttrName = ldap_next_attributeA( LdapHandle, CurrentEntry, (PVOID)Context );
  702. }
  705. //
  706. // Get the next entry
  707. //
  709. CurrentEntry = ldap_next_entry( LdapHandle, CurrentEntry );
  711. }
  713. }
  717. Cleanup:
  720. if ( LdapMessage != NULL ) {
  721. ldap_msgfree( LdapMessage );
  722. }
  724. return RetVal;
  725. }