2 Unix SMB/CIFS implementation.
3 Winbind Utility functions
5 Copyright (C) Gerald (Jerry) Carter 2007
7 This program is free software; you can redistribute it and/or modify
8 it under the terms of the GNU General Public License as published by
9 the Free Software Foundation; either version 3 of the License, or
10 (at your option) any later version.
12 This program is distributed in the hope that it will be useful,
13 but WITHOUT ANY WARRANTY; without even the implied warranty of
14 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
15 GNU General Public License for more details.
17 You should have received a copy of the GNU General Public License
18 along with this program. If not, see <http://www.gnu.org/licenses/>.
22 #include "../libcli/security/security.h"
23 #include "../lib/util/util_pw.h"
25 #if defined(WITH_WINBIND)
27 #include "nsswitch/libwbclient/wbclient.h"
29 struct passwd * winbind_getpwnam(const char * name)
32 struct passwd * tmp_pwd = NULL;
33 struct passwd * pwd = NULL;
35 result = wbcGetpwnam(name, &tmp_pwd);
36 if (result != WBC_ERR_SUCCESS)
39 pwd = tcopy_passwd(talloc_tos(), tmp_pwd);
41 wbcFreeMemory(tmp_pwd);
46 struct passwd * winbind_getpwsid(const struct dom_sid *sid)
49 struct passwd * tmp_pwd = NULL;
50 struct passwd * pwd = NULL;
51 struct wbcDomainSid dom_sid;
53 memcpy(&dom_sid, sid, sizeof(dom_sid));
55 result = wbcGetpwsid(&dom_sid, &tmp_pwd);
56 if (result != WBC_ERR_SUCCESS)
59 pwd = tcopy_passwd(talloc_tos(), tmp_pwd);
61 wbcFreeMemory(tmp_pwd);
66 /* Call winbindd to convert a name to a sid */
68 bool winbind_lookup_name(const char *dom_name, const char *name, struct dom_sid *sid,
69 enum lsa_SidType *name_type)
71 struct wbcDomainSid dom_sid;
75 result = wbcLookupName(dom_name, name, &dom_sid, &type);
76 if (result != WBC_ERR_SUCCESS)
79 memcpy(sid, &dom_sid, sizeof(struct dom_sid));
80 *name_type = (enum lsa_SidType)type;
85 /* Call winbindd to convert sid to name */
87 bool winbind_lookup_sid(TALLOC_CTX *mem_ctx, const struct dom_sid *sid,
88 const char **domain, const char **name,
89 enum lsa_SidType *name_type)
91 struct wbcDomainSid dom_sid;
94 char *domain_name = NULL;
95 char *account_name = NULL;
97 memcpy(&dom_sid, sid, sizeof(dom_sid));
99 result = wbcLookupSid(&dom_sid, &domain_name, &account_name, &type);
100 if (result != WBC_ERR_SUCCESS)
103 /* Copy out result */
106 *domain = talloc_strdup(mem_ctx, domain_name);
109 *name = talloc_strdup(mem_ctx, account_name);
111 *name_type = (enum lsa_SidType)type;
113 DEBUG(10, ("winbind_lookup_sid: SUCCESS: SID %s -> %s %s\n",
114 sid_string_dbg(sid), domain_name, account_name));
116 wbcFreeMemory(domain_name);
117 wbcFreeMemory(account_name);
119 if ((domain && !*domain) || (name && !*name)) {
120 DEBUG(0,("winbind_lookup_sid: talloc() failed!\n"));
128 /* Ping winbindd to see it is alive */
130 bool winbind_ping(void)
132 wbcErr result = wbcPing();
134 return (result == WBC_ERR_SUCCESS);
137 /* Call winbindd to convert SID to uid */
139 bool winbind_sid_to_uid(uid_t *puid, const struct dom_sid *sid)
141 struct wbcDomainSid dom_sid;
144 memcpy(&dom_sid, sid, sizeof(dom_sid));
146 result = wbcSidToUid(&dom_sid, puid);
148 return (result == WBC_ERR_SUCCESS);
151 /* Call winbindd to convert uid to sid */
153 bool winbind_uid_to_sid(struct dom_sid *sid, uid_t uid)
155 struct wbcDomainSid dom_sid;
158 result = wbcUidToSid(uid, &dom_sid);
159 if (result == WBC_ERR_SUCCESS) {
160 memcpy(sid, &dom_sid, sizeof(struct dom_sid));
162 sid_copy(sid, &global_sid_NULL);
165 return (result == WBC_ERR_SUCCESS);
168 /* Call winbindd to convert SID to gid */
170 bool winbind_sid_to_gid(gid_t *pgid, const struct dom_sid *sid)
172 struct wbcDomainSid dom_sid;
175 memcpy(&dom_sid, sid, sizeof(dom_sid));
177 result = wbcSidToGid(&dom_sid, pgid);
179 return (result == WBC_ERR_SUCCESS);
182 /* Call winbindd to convert gid to sid */
184 bool winbind_gid_to_sid(struct dom_sid *sid, gid_t gid)
186 struct wbcDomainSid dom_sid;
189 result = wbcGidToSid(gid, &dom_sid);
190 if (result == WBC_ERR_SUCCESS) {
191 memcpy(sid, &dom_sid, sizeof(struct dom_sid));
193 sid_copy(sid, &global_sid_NULL);
196 return (result == WBC_ERR_SUCCESS);
199 /* Check for a trusted domain */
201 wbcErr wb_is_trusted_domain(const char *domain)
204 struct wbcDomainInfo *info = NULL;
206 result = wbcDomainInfo(domain, &info);
208 if (WBC_ERROR_IS_OK(result)) {
215 /* Lookup a set of rids in a given domain */
217 bool winbind_lookup_rids(TALLOC_CTX *mem_ctx,
218 const struct dom_sid *domain_sid,
219 int num_rids, uint32 *rids,
220 const char **domain_name,
221 const char ***names, enum lsa_SidType **types)
223 const char *dom_name = NULL;
224 const char **namelist = NULL;
225 enum wbcSidType *name_types = NULL;
226 struct wbcDomainSid dom_sid;
230 memcpy(&dom_sid, domain_sid, sizeof(struct wbcDomainSid));
232 ret = wbcLookupRids(&dom_sid, num_rids, rids,
233 &dom_name, &namelist, &name_types);
234 if (ret != WBC_ERR_SUCCESS) {
238 *domain_name = talloc_strdup(mem_ctx, dom_name);
239 *names = TALLOC_ARRAY(mem_ctx, const char*, num_rids);
240 *types = TALLOC_ARRAY(mem_ctx, enum lsa_SidType, num_rids);
242 for(i=0; i<num_rids; i++) {
243 (*names)[i] = talloc_strdup(*names, namelist[i]);
244 (*types)[i] = (enum lsa_SidType)name_types[i];
247 wbcFreeMemory(CONST_DISCARD(char*, dom_name));
248 wbcFreeMemory(namelist);
249 wbcFreeMemory(name_types);
254 /* Ask Winbind to allocate a new uid for us */
256 bool winbind_allocate_uid(uid_t *uid)
260 ret = wbcAllocateUid(uid);
262 return (ret == WBC_ERR_SUCCESS);
265 /* Ask Winbind to allocate a new gid for us */
267 bool winbind_allocate_gid(gid_t *gid)
271 ret = wbcAllocateGid(gid);
273 return (ret == WBC_ERR_SUCCESS);
276 bool winbind_get_groups(TALLOC_CTX * mem_ctx, const char *account, uint32_t *num_groups, gid_t **_groups)
280 gid_t *group_list = NULL;
282 ret = wbcGetGroups(account, &ngroups, &group_list);
283 if (ret != WBC_ERR_SUCCESS)
286 *_groups = TALLOC_ARRAY(mem_ctx, gid_t, ngroups);
287 if (*_groups == NULL) {
288 wbcFreeMemory(group_list);
292 memcpy(*_groups, group_list, ngroups* sizeof(gid_t));
293 *num_groups = ngroups;
295 wbcFreeMemory(group_list);
299 bool winbind_get_sid_aliases(TALLOC_CTX *mem_ctx,
300 const struct dom_sid *dom_sid,
301 const struct dom_sid *members,
303 uint32_t **pp_alias_rids,
304 size_t *p_num_alias_rids)
307 struct wbcDomainSid domain_sid;
308 struct wbcDomainSid *sid_list = NULL;
313 memcpy(&domain_sid, dom_sid, sizeof(*dom_sid));
315 sid_list = TALLOC_ARRAY(mem_ctx, struct wbcDomainSid, num_members);
317 for (i=0; i < num_members; i++) {
318 memcpy(&sid_list[i], &members[i], sizeof(sid_list[i]));
321 ret = wbcGetSidAliases(&domain_sid,
326 if (ret != WBC_ERR_SUCCESS) {
330 *pp_alias_rids = TALLOC_ARRAY(mem_ctx, uint32_t, num_rids);
331 if (*pp_alias_rids == NULL) {
336 memcpy(*pp_alias_rids, rids, sizeof(uint32_t) * num_rids);
338 *p_num_alias_rids = num_rids;
344 #else /* WITH_WINBIND */
346 struct passwd * winbind_getpwnam(const char * name)
351 struct passwd * winbind_getpwsid(const struct dom_sid *sid)
356 bool winbind_lookup_name(const char *dom_name, const char *name, struct dom_sid *sid,
357 enum lsa_SidType *name_type)
362 /* Call winbindd to convert sid to name */
364 bool winbind_lookup_sid(TALLOC_CTX *mem_ctx, const struct dom_sid *sid,
365 const char **domain, const char **name,
366 enum lsa_SidType *name_type)
371 /* Ping winbindd to see it is alive */
373 bool winbind_ping(void)
378 /* Call winbindd to convert SID to uid */
380 bool winbind_sid_to_uid(uid_t *puid, const struct dom_sid *sid)
385 /* Call winbindd to convert uid to sid */
387 bool winbind_uid_to_sid(struct dom_sid *sid, uid_t uid)
392 /* Call winbindd to convert SID to gid */
394 bool winbind_sid_to_gid(gid_t *pgid, const struct dom_sid *sid)
399 /* Call winbindd to convert gid to sid */
401 bool winbind_gid_to_sid(struct dom_sid *sid, gid_t gid)
406 /* Check for a trusted domain */
408 wbcErr wb_is_trusted_domain(const char *domain)
410 return WBC_ERR_UNKNOWN_FAILURE;
413 /* Lookup a set of rids in a given domain */
415 bool winbind_lookup_rids(TALLOC_CTX *mem_ctx,
416 const struct dom_sid *domain_sid,
417 int num_rids, uint32 *rids,
418 const char **domain_name,
419 const char ***names, enum lsa_SidType **types)
424 /* Ask Winbind to allocate a new uid for us */
426 bool winbind_allocate_uid(uid_t *uid)
431 /* Ask Winbind to allocate a new gid for us */
433 bool winbind_allocate_gid(gid_t *gid)
438 bool winbind_get_groups(TALLOC_CTX *mem_ctx, const char *account, uint32_t *num_groups, gid_t **_groups)
443 bool winbind_get_sid_aliases(TALLOC_CTX *mem_ctx,
444 const struct dom_sid *dom_sid,
445 const struct dom_sid *members,
447 uint32_t **pp_alias_rids,
448 size_t *p_num_alias_rids)
453 #endif /* WITH_WINBIND */