}
}
- nt_pw = pdb_get_nt_passwd(sampass);
- lm_pw = pdb_get_lanman_passwd(sampass);
-
auth_flags = user_info->auth_flags;
- if (nt_pw == NULL) {
+ if (IS_SAM_DEFAULT(sampass, PDB_NTPASSWD)) {
DEBUG(3,("sam_password_ok: NO NT password stored for user %s.\n",
pdb_get_username(sampass)));
/* No return, we want to check the LM hash below in this case */
}
if (auth_flags & AUTH_FLAG_NTLMv2_RESP) {
+ nt_pw = pdb_get_nt_passwd(sampass);
/* We have the NT MD4 hash challenge available - see if we can
use it (ie. does it exist in the smbpasswd file).
*/
return NT_STATUS_WRONG_PASSWORD;
}
} else if (auth_flags & AUTH_FLAG_NTLM_RESP) {
- if (lp_ntlm_auth()) {
+ if (lp_ntlm_auth()) {
+ nt_pw = pdb_get_nt_passwd(sampass);
/* We have the NT MD4 hash challenge available - see if we can
use it (ie. does it exist in the smbpasswd file).
*/
}
}
- if (lm_pw == NULL) {
+ if (IS_SAM_DEFAULT(sampass, PDB_LMPASSWD)) {
DEBUG(3,("sam_password_ok: NO LanMan password set for user %s (and no NT password supplied)\n",pdb_get_username(sampass)));
auth_flags &= (~AUTH_FLAG_LM_RESP);
}
if (auth_flags & AUTH_FLAG_LM_RESP) {
-
+ lm_pw = pdb_get_lanman_passwd(sampass);
+
if (user_info->lm_resp.length != 24) {
DEBUG(2,("sam_password_ok: invalid LanMan password length (%d) for user %s\n",
user_info->nt_resp.length, pdb_get_username(sampass)));
{
return NT_STATUS_OK;
} else {
- if (lp_ntlm_auth()) {
+ if (lp_ntlm_auth() && (!IS_SAM_DEFAULT(sampass, PDB_NTPASSWD))) {
+ nt_pw = pdb_get_nt_passwd(sampass);
/* Apparently NT accepts NT responses in the LM field
- I think this is related to Win9X pass-though authentication
*/
Attempt a NetBIOS session request, falling back to *SMBSERVER if needed.
****************************************************************************/
-BOOL attempt_netbios_session_request(struct cli_state *cli, char *srchost, char *desthost,
+BOOL attempt_netbios_session_request(struct cli_state *cli, const char *srchost, const char *desthost,
struct in_addr *pdest_ip)
{
struct nmb_name calling, called;
return NT_STATUS_OK;
}
-static NTSTATUS lsapsam_getgrsid(struct pdb_methods *methods, GROUP_MAP *map,
+static NTSTATUS ldapsam_getgrsid(struct pdb_methods *methods, GROUP_MAP *map,
DOM_SID sid, BOOL with_priv)
{
return get_group_map_from_sid(sid, map, with_priv) ?
NT_STATUS_OK : NT_STATUS_UNSUCCESSFUL;
}
-static NTSTATUS lsapsam_getgrgid(struct pdb_methods *methods, GROUP_MAP *map,
+static NTSTATUS ldapsam_getgrgid(struct pdb_methods *methods, GROUP_MAP *map,
gid_t gid, BOOL with_priv)
{
return get_group_map_from_gid(gid, map, with_priv) ?
NT_STATUS_OK : NT_STATUS_UNSUCCESSFUL;
}
-static NTSTATUS lsapsam_getgrnam(struct pdb_methods *methods, GROUP_MAP *map,
+static NTSTATUS ldapsam_getgrnam(struct pdb_methods *methods, GROUP_MAP *map,
char *name, BOOL with_priv)
{
return get_group_map_from_ntname(name, map, with_priv) ?
NT_STATUS_OK : NT_STATUS_UNSUCCESSFUL;
}
-static NTSTATUS lsapsam_add_group_mapping_entry(struct pdb_methods *methods,
+static NTSTATUS ldapsam_add_group_mapping_entry(struct pdb_methods *methods,
GROUP_MAP *map)
{
return add_mapping_entry(map, TDB_INSERT) ?
NT_STATUS_OK : NT_STATUS_UNSUCCESSFUL;
}
-static NTSTATUS lsapsam_update_group_mapping_entry(struct pdb_methods *methods,
+static NTSTATUS ldapsam_update_group_mapping_entry(struct pdb_methods *methods,
GROUP_MAP *map)
{
return add_mapping_entry(map, TDB_REPLACE) ?
NT_STATUS_OK : NT_STATUS_UNSUCCESSFUL;
}
-static NTSTATUS lsapsam_delete_group_mapping_entry(struct pdb_methods *methods,
+static NTSTATUS ldapsam_delete_group_mapping_entry(struct pdb_methods *methods,
DOM_SID sid)
{
return group_map_remove(sid) ?
NT_STATUS_OK : NT_STATUS_UNSUCCESSFUL;
}
-static NTSTATUS lsapsam_enum_group_mapping(struct pdb_methods *methods,
+static NTSTATUS ldapsam_enum_group_mapping(struct pdb_methods *methods,
enum SID_NAME_USE sid_name_use,
GROUP_MAP **rmap, int *num_entries,
BOOL unix_only, BOOL with_priv)
(*pdb_method)->add_sam_account = ldapsam_add_sam_account;
(*pdb_method)->update_sam_account = ldapsam_update_sam_account;
(*pdb_method)->delete_sam_account = ldapsam_delete_sam_account;
- (*pdb_method)->getgrsid = lsapsam_getgrsid;
- (*pdb_method)->getgrgid = lsapsam_getgrgid;
- (*pdb_method)->getgrnam = lsapsam_getgrnam;
- (*pdb_method)->add_group_mapping_entry = lsapsam_add_group_mapping_entry;
- (*pdb_method)->update_group_mapping_entry = lsapsam_update_group_mapping_entry;
- (*pdb_method)->delete_group_mapping_entry = lsapsam_delete_group_mapping_entry;
- (*pdb_method)->enum_group_mapping = lsapsam_enum_group_mapping;
+ (*pdb_method)->getgrsid = ldapsam_getgrsid;
+ (*pdb_method)->getgrgid = ldapsam_getgrgid;
+ (*pdb_method)->getgrnam = ldapsam_getgrnam;
+ (*pdb_method)->add_group_mapping_entry = ldapsam_add_group_mapping_entry;
+ (*pdb_method)->update_group_mapping_entry = ldapsam_update_group_mapping_entry;
+ (*pdb_method)->delete_group_mapping_entry = ldapsam_delete_group_mapping_entry;
+ (*pdb_method)->enum_group_mapping = ldapsam_enum_group_mapping;
/* TODO: Setup private data and free */
}
static NTSTATUS smbpasswd_getgrsid(struct pdb_methods *methods, GROUP_MAP *map,
- DOM_SID sid, BOOL with_priv)
+ DOM_SID sid, BOOL with_priv)
{
- return NT_STATUS_NOT_IMPLEMENTED;
+ return get_group_map_from_sid(sid, map, with_priv) ?
+ NT_STATUS_OK : NT_STATUS_UNSUCCESSFUL;
}
static NTSTATUS smbpasswd_getgrgid(struct pdb_methods *methods, GROUP_MAP *map,
- gid_t gid, BOOL with_priv)
+ gid_t gid, BOOL with_priv)
{
- return NT_STATUS_NOT_IMPLEMENTED;
+ return get_group_map_from_gid(gid, map, with_priv) ?
+ NT_STATUS_OK : NT_STATUS_UNSUCCESSFUL;
}
static NTSTATUS smbpasswd_getgrnam(struct pdb_methods *methods, GROUP_MAP *map,
- char *name, BOOL with_priv)
+ char *name, BOOL with_priv)
{
- return NT_STATUS_NOT_IMPLEMENTED;
+ return get_group_map_from_ntname(name, map, with_priv) ?
+ NT_STATUS_OK : NT_STATUS_UNSUCCESSFUL;
}
static NTSTATUS smbpasswd_add_group_mapping_entry(struct pdb_methods *methods,
- GROUP_MAP *map)
+ GROUP_MAP *map)
{
- return NT_STATUS_NOT_IMPLEMENTED;
+ return add_mapping_entry(map, TDB_INSERT) ?
+ NT_STATUS_OK : NT_STATUS_UNSUCCESSFUL;
}
static NTSTATUS smbpasswd_update_group_mapping_entry(struct pdb_methods *methods,
- GROUP_MAP *map)
+ GROUP_MAP *map)
{
- return NT_STATUS_NOT_IMPLEMENTED;
+ return add_mapping_entry(map, TDB_REPLACE) ?
+ NT_STATUS_OK : NT_STATUS_UNSUCCESSFUL;
}
static NTSTATUS smbpasswd_delete_group_mapping_entry(struct pdb_methods *methods,
- DOM_SID sid)
+ DOM_SID sid)
{
- return NT_STATUS_NOT_IMPLEMENTED;
+ return group_map_remove(sid) ?
+ NT_STATUS_OK : NT_STATUS_UNSUCCESSFUL;
}
static NTSTATUS smbpasswd_enum_group_mapping(struct pdb_methods *methods,
- enum SID_NAME_USE sid_name_use,
- GROUP_MAP **rmap, int *num_entries,
- BOOL unix_only, BOOL with_priv)
+ enum SID_NAME_USE sid_name_use,
+ GROUP_MAP **rmap, int *num_entries,
+ BOOL unix_only, BOOL with_priv)
{
- return NT_STATUS_NOT_IMPLEMENTED;
+ return enum_group_mapping(sid_name_use, rmap, num_entries, unix_only,
+ with_priv) ?
+ NT_STATUS_OK : NT_STATUS_UNSUCCESSFUL;
}
static void free_private_data(void **vp)
Lock the trust password entry.
************************************************************************/
-BOOL secrets_lock_trust_account_password(char *domain, BOOL dolock)
+BOOL secrets_lock_trust_account_password(const char *domain, BOOL dolock)
{
if (!tdb)
return False;
Routine to get account password to trusted domain
************************************************************************/
-BOOL secrets_fetch_trusted_domain_password(char *domain, char** pwd,
+BOOL secrets_fetch_trusted_domain_password(const char *domain, char** pwd,
DOM_SID *sid, time_t *pass_last_set_time)
{
struct trusted_dom_pass *pass;
/************************************************************************
Routine to set the trust account password for a domain.
************************************************************************/
-BOOL secrets_store_trust_account_password(char *domain, uint8 new_pwd[16])
+
+BOOL secrets_store_trust_account_password(const char *domain, uint8 new_pwd[16])
{
struct machine_acct_pass pass;
* @return true if succeeded
**/
-BOOL secrets_store_trusted_domain_password(char* domain, smb_ucs2_t *uni_dom_name,
+BOOL secrets_store_trusted_domain_password(const char* domain, smb_ucs2_t *uni_dom_name,
size_t uni_name_len, char* pwd,
DOM_SID sid)
{
Routine to set the plaintext machine account password for a realm
the password is assumed to be a null terminated ascii string
************************************************************************/
-BOOL secrets_store_machine_password(char *pass)
+
+BOOL secrets_store_machine_password(const char *pass)
{
char *key;
BOOL ret;
/************************************************************************
Routine to delete the password for trusted domain
************************************************************************/
+
BOOL trusted_domain_password_delete(const char *domain)
{
return secrets_delete(trustdom_keystr(domain));
Unlock a named mutex.
*******************************************************************************/
-void secrets_named_mutex_release(char *name)
+void secrets_named_mutex_release(const char *name)
{
tdb_unlock_bystring(tdb, name);
DEBUG(10,("secrets_named_mutex: released mutex for %s\n", name ));
}
if (!pdb_enum_group_mapping(SID_NAME_DOM_GRP, &map, (int *)&group_entries, ENUM_ONLY_MAPPED, MAPPING_WITHOUT_PRIV)) {
+ DEBUG(1, ("load_group_domain_entries: pdb_enum_group_mapping() failed!\n"));
return NT_STATUS_NO_MEMORY;
}
grp_array=(DISP_GROUP_INFO *)talloc(mem_ctx, info->disp_info.num_group_account*sizeof(DISP_GROUP_INFO));
if (group_entries!=0 && grp_array==NULL) {
+ DEBUG(1, ("load_group_domain_entries: talloc() failed for grp_array!\n"));
SAFE_FREE(map);
return NT_STATUS_NO_MEMORY;
}
local_flags |= LOCAL_INTERDOM_ACCOUNT;
break;
case 'j':
- d_printf("See 'net rpc join' for this functionality\n");
+ d_printf("See 'net join' for this functionality\n");
exit(1);
break;
case 'n':