return NT_STATUS_NOT_IMPLEMENTED;
}
-/****************************************************************************
- Create an auth_usersupplied_data structure after appropriate mapping.
-****************************************************************************/
-static NTSTATUS map_user_info_cracknames(struct ldb_context *sam_ctx,
- TALLOC_CTX *mem_ctx,
- const char *default_domain,
- const struct auth_usersupplied_info *user_info,
- struct auth_usersupplied_info **user_info_mapped)
-{
- char *domain;
- char *account_name;
- TALLOC_CTX *tmp_ctx = talloc_new(mem_ctx);
- WERROR werr;
- struct drsuapi_DsNameInfo1 info1;
-
- DEBUG(5,("map_user_info_cracknames: Mapping user [%s]\\[%s] from workstation [%s]\n",
- user_info->client.domain_name, user_info->client.account_name, user_info->workstation_name));
-
- account_name = talloc_strdup(tmp_ctx, user_info->client.account_name);
- if (!account_name) {
- talloc_free(tmp_ctx);
- return NT_STATUS_NO_MEMORY;
- }
-
- /* use cracknames to work out what domain is being
- asked for */
- if (strchr_m(user_info->client.account_name, '@') != NULL) {
- werr = DsCrackNameOneName(sam_ctx, tmp_ctx, 0,
- DRSUAPI_DS_NAME_FORMAT_USER_PRINCIPAL,
- DRSUAPI_DS_NAME_FORMAT_NT4_ACCOUNT,
- user_info->client.account_name,
- &info1);
- if (!W_ERROR_IS_OK(werr)) {
- DEBUG(2,("map_user_info: Failed cracknames of account '%s'\n",
- user_info->client.account_name));
- talloc_free(tmp_ctx);
- return werror_to_ntstatus(werr);
- }
- switch (info1.status) {
- case DRSUAPI_DS_NAME_STATUS_OK:
- break;
- case DRSUAPI_DS_NAME_STATUS_NOT_FOUND:
- DEBUG(2,("map_user_info: Cracknames of account '%s' -> NOT_FOUND\n",
- user_info->client.account_name));
- talloc_free(tmp_ctx);
- return NT_STATUS_NO_SUCH_USER;
- case DRSUAPI_DS_NAME_STATUS_DOMAIN_ONLY:
- DEBUG(2,("map_user_info: Cracknames of account '%s' -> DOMAIN_ONLY\n",
- user_info->client.account_name));
- talloc_free(tmp_ctx);
- return NT_STATUS_NO_SUCH_USER;
- case DRSUAPI_DS_NAME_STATUS_NOT_UNIQUE:
- DEBUG(2,("map_user_info: Cracknames of account '%s' -> NOT_UNIQUE\n",
- user_info->client.account_name));
- talloc_free(tmp_ctx);
- return NT_STATUS_NO_SUCH_USER;
- case DRSUAPI_DS_NAME_STATUS_RESOLVE_ERROR:
- DEBUG(2,("map_user_info: Cracknames of account '%s' -> RESOLVE_ERROR\n",
- user_info->client.account_name));
- talloc_free(tmp_ctx);
- return NT_STATUS_NO_SUCH_USER;
- default:
- DEBUG(2,("map_user_info: Cracknames of account '%s' -> unknown error %u\n",
- user_info->client.account_name, info1.status));
- talloc_free(tmp_ctx);
- return NT_STATUS_NO_SUCH_USER;
- }
- /* info1.result_name is in DOMAIN\username
- * form, which we need to split up into the
- * user_info_mapped structure
- */
- domain = talloc_strdup(tmp_ctx, info1.result_name);
- if (domain == NULL) {
- talloc_free(tmp_ctx);
- return NT_STATUS_NO_MEMORY;
- }
- account_name = strchr_m(domain, '\\');
- if (account_name == NULL) {
- DEBUG(2,("map_user_info: Cracknames of account '%s' gave invalid result '%s'\n",
- user_info->client.account_name, info1.result_name));
- talloc_free(tmp_ctx);
- return NT_STATUS_NO_SUCH_USER;
- }
- *account_name = 0;
- account_name = talloc_strdup(tmp_ctx, account_name+1);
- if (account_name == NULL) {
- talloc_free(tmp_ctx);
- return NT_STATUS_NO_MEMORY;
- }
- } else {
- const char *domain_name = default_domain;
- if (user_info->client.domain_name && *user_info->client.domain_name) {
- domain_name = user_info->client.domain_name;
- }
- domain_name = talloc_asprintf(tmp_ctx, "%s\\", domain_name);
- if (domain_name == NULL) {
- talloc_free(tmp_ctx);
- return NT_STATUS_NO_MEMORY;
- }
- werr = DsCrackNameOneName(sam_ctx, mem_ctx, 0,
- DRSUAPI_DS_NAME_FORMAT_NT4_ACCOUNT,
- DRSUAPI_DS_NAME_FORMAT_NT4_ACCOUNT,
- domain_name,
- &info1);
- if (!W_ERROR_IS_OK(werr)) {
- DEBUG(2,("map_user_info: Failed cracknames of domain '%s'\n",
- domain_name));
- talloc_free(tmp_ctx);
- return werror_to_ntstatus(werr);
- }
-
- /* we use the account_name as-is, but get the
- * domain name from cracknames if possible */
- account_name = talloc_strdup(mem_ctx, user_info->client.account_name);
- if (account_name == NULL) {
- talloc_free(tmp_ctx);
- return NT_STATUS_NO_MEMORY;
- }
-
- switch (info1.status) {
- case DRSUAPI_DS_NAME_STATUS_OK:
- case DRSUAPI_DS_NAME_STATUS_DOMAIN_ONLY:
- domain = talloc_strdup(tmp_ctx, info1.result_name);
- if (domain == NULL) {
- talloc_free(tmp_ctx);
- return NT_STATUS_NO_MEMORY;
- }
- if (domain[strlen_m(domain)-1] == '\\') {
- domain[strlen_m(domain)-1] = 0;
- }
- break;
- case DRSUAPI_DS_NAME_STATUS_NOT_FOUND:
- /* the domain is unknown - use the
- default domain */
- domain = talloc_strdup(tmp_ctx, default_domain);
- break;
- case DRSUAPI_DS_NAME_STATUS_NOT_UNIQUE:
- DEBUG(2,("map_user_info: Cracknames of domain '%s' -> NOT_UNIQUE\n",
- domain_name));
- talloc_free(tmp_ctx);
- return NT_STATUS_NO_SUCH_USER;
- case DRSUAPI_DS_NAME_STATUS_RESOLVE_ERROR:
- DEBUG(2,("map_user_info: Cracknames of domain '%s' -> RESOLVE_ERROR\n",
- domain_name));
- talloc_free(tmp_ctx);
- return NT_STATUS_NO_SUCH_USER;
- default:
- DEBUG(2,("map_user_info: Cracknames of account '%s' -> unknown error %u\n",
- domain_name, info1.status));
- talloc_free(tmp_ctx);
- return NT_STATUS_NO_SUCH_USER;
- }
- /* domain and account_name are filled in above */
- }
-
- *user_info_mapped = talloc_zero(mem_ctx, struct auth_usersupplied_info);
- if (!*user_info_mapped) {
- talloc_free(tmp_ctx);
- return NT_STATUS_NO_MEMORY;
- }
- if (!talloc_reference(*user_info_mapped, user_info)) {
- talloc_free(tmp_ctx);
- return NT_STATUS_NO_MEMORY;
- }
- **user_info_mapped = *user_info;
- (*user_info_mapped)->mapped_state = true;
- (*user_info_mapped)->mapped.domain_name = talloc_strdup(*user_info_mapped, domain);
- (*user_info_mapped)->mapped.account_name = talloc_strdup(*user_info_mapped, account_name);
- talloc_free(tmp_ctx);
- if (!(*user_info_mapped)->mapped.domain_name
- || !(*user_info_mapped)->mapped.account_name) {
- return NT_STATUS_NO_MEMORY;
- }
-
- return NT_STATUS_OK;
-}
-
-
-/****************************************************************************
- Create an auth_usersupplied_data structure after appropriate mapping.
-****************************************************************************/
-NTSTATUS map_user_info(struct ldb_context *sam_ctx,
- TALLOC_CTX *mem_ctx,
- bool is_ad_dc,
- const char *default_domain,
- const struct auth_usersupplied_info *user_info,
- struct auth_usersupplied_info **user_info_mapped)
-{
- char *domain;
- char *account_name;
- char *d;
- TALLOC_CTX *tmp_ctx;
-
- if (is_ad_dc) {
- /* if possible, use cracknames to parse the
- domain/account */
- return map_user_info_cracknames(sam_ctx, mem_ctx, default_domain, user_info, user_info_mapped);
- }
-
- DEBUG(0,("map_user_info: Mapping user [%s]\\[%s] from workstation [%s] default_domain=%s\n",
- user_info->client.domain_name, user_info->client.account_name, user_info->workstation_name,
- default_domain));
-
- tmp_ctx = talloc_new(mem_ctx);
-
- account_name = talloc_strdup(tmp_ctx, user_info->client.account_name);
- if (!account_name) {
- talloc_free(tmp_ctx);
- return NT_STATUS_NO_MEMORY;
- }
-
- /* don't allow "" as a domain, fixes a Win9X bug where it
- doesn't supply a domain for logon script 'net use'
- commands. */
-
- /* Split user@realm names into user and realm components.
- * This is TODO to fix with proper userprincipalname
- * support */
- if (user_info->client.domain_name && *user_info->client.domain_name) {
- domain = talloc_strdup(tmp_ctx, user_info->client.domain_name);
- } else if (strchr_m(user_info->client.account_name, '@')) {
- d = strchr_m(account_name, '@');
- if (!d) {
- talloc_free(tmp_ctx);
- return NT_STATUS_INTERNAL_ERROR;
- }
- d[0] = '\0';
- d++;
- domain = d;
- } else {
- domain = talloc_strdup(tmp_ctx, default_domain);
- }
-
- if (domain == NULL) {
- talloc_free(tmp_ctx);
- return NT_STATUS_NO_MEMORY;
- }
- *user_info_mapped = talloc_zero(mem_ctx, struct auth_usersupplied_info);
- if (!*user_info_mapped) {
- talloc_free(tmp_ctx);
- return NT_STATUS_NO_MEMORY;
- }
- if (!talloc_reference(*user_info_mapped, user_info)) {
- talloc_free(tmp_ctx);
- return NT_STATUS_NO_MEMORY;
- }
- **user_info_mapped = *user_info;
- (*user_info_mapped)->mapped_state = true;
- (*user_info_mapped)->mapped.domain_name = talloc_strdup(*user_info_mapped, domain);
- (*user_info_mapped)->mapped.account_name = talloc_strdup(*user_info_mapped, account_name);
- talloc_free(tmp_ctx);
- if (!(*user_info_mapped)->mapped.domain_name
- || !(*user_info_mapped)->mapped.account_name) {
- return NT_STATUS_NO_MEMORY;
- }
-
- return NT_STATUS_OK;
-}
-
/****************************************************************************
Create an auth_usersupplied_data structure after appropriate mapping.
****************************************************************************/