This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
- the Free Software Foundation; either version 2 of the License, or
+ the Free Software Foundation; either version 3 of the License, or
(at your option) any later version.
This program is distributed in the hope that it will be useful,
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
- along with this program; if not, write to the Free Software
- Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
+ along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
#ifndef _PASSDB_H
#define ACCT_FULL_NAME 0x00000002
#define ACCT_RID 0x00000004
#define ACCT_PRIMARY_GID 0x00000008
-#define ACCT_ADMIN_DESC 0x00000010
-#define ACCT_DESCRIPTION 0x00000020
+#define ACCT_DESCRIPTION 0x00000010
+#define ACCT_COMMENT 0x00000020
#define ACCT_HOME_DIR 0x00000040
#define ACCT_HOME_DRIVE 0x00000080
#define ACCT_LOGON_SCRIPT 0x00000100
PDB_UNIXHOMEDIR,
PDB_ACCTDESC,
PDB_WORKSTATIONS,
- PDB_UNKNOWNSTR,
+ PDB_COMMENT,
PDB_MUNGEDDIAL,
PDB_HOURS,
PDB_FIELDS_PRESENT,
/* cache for bad password lockout data, to be used on replicated SAMs */
typedef struct logon_cache_struct {
time_t entry_timestamp;
- uint16 acct_ctrl;
+ uint32 acct_ctrl;
uint16 bad_password_count;
time_t bad_password_time;
} LOGIN_CACHE;
const char *domain; /* Windows Domain name */
const char *nt_username; /* Windows username string */
const char *full_name; /* user's full name string */
- const char *unix_home_dir; /* UNIX home directory string */
const char *home_dir; /* home directory string */
const char *dir_drive; /* home directory drive string */
const char *logon_script; /* logon script string */
const char *profile_path; /* profile path string */
const char *acct_desc; /* user description string */
const char *workstations; /* login from workstations string */
- const char *unknown_str; /* don't know what this is, yet. */
+ const char *comment;
const char *munged_dial; /* munged path name and dial-back tel number */
- DOM_SID user_sid; /* Primary User SID */
- DOM_SID group_sid; /* Primary Group SID */
+ DOM_SID user_sid;
+ DOM_SID *group_sid;
DATA_BLOB lm_pw; /* .data is Null if no password */
DATA_BLOB nt_pw; /* .data is Null if no password */
DATA_BLOB nt_pw_his; /* nt hashed password history .data is Null if not available */
char* plaintext_pw; /* is Null if not available */
- uint16 acct_ctrl; /* account info (ACB_xxxx bit-mask) */
+ uint32 acct_ctrl; /* account info (ACB_xxxx bit-mask) */
uint32 fields_present; /* 0x00ff ffff */
uint16 logon_divs; /* 168 - number of hours in a week */
uint32 unknown_6; /* 0x0000 04ec */
/* a tag for who added the private methods */
+
const struct pdb_methods *backend_private_methods;
void *backend_private_data;
void (*backend_private_data_free_fn)(void **);
+
+ /* maintain a copy of the user's struct passwd */
+ struct passwd *unix_pw;
};
struct acct_info {
struct samr_displayentry {
uint32 idx;
uint32 rid;
- uint16 acct_flags;
+ uint32 acct_flags;
const char *account_name;
const char *fullname;
const char *description;
struct samr_displayentry *cache;
uint32 num_entries;
ssize_t cache_size;
- BOOL search_ended;
+ bool search_ended;
void *private_data;
- BOOL (*next_entry)(struct pdb_search *search,
+ bool (*next_entry)(struct pdb_search *search,
struct samr_displayentry *entry);
void (*search_end)(struct pdb_search *search);
};
* There's no point in allocating arrays in
* samr_lookup_rids twice. It was done in the srv_samr_nt.c code as well as in
* the pdb module. Remove the latter, this might happen more often. VL.
+ * changed to version 14 to move lookup_rids and lookup_names to return
+ * enum lsa_SidType rather than uint32.
+ * Changed to 16 for access to the trusted domain passwords (obnox).
*/
-#define PASSDB_INTERFACE_VERSION 12
+#define PASSDB_INTERFACE_VERSION 16
struct pdb_methods
{
const char *name; /* What name got this module */
- NTSTATUS (*setsampwent)(struct pdb_methods *, BOOL update, uint16 acb_mask);
+ NTSTATUS (*setsampwent)(struct pdb_methods *, bool update, uint32 acb_mask);
void (*endsampwent)(struct pdb_methods *);
NTSTATUS (*rename_sam_account)(struct pdb_methods *, struct samu *oldname, const char *newname);
- NTSTATUS (*update_login_attempts)(struct pdb_methods *methods, struct samu *sam_acct, BOOL success);
+ NTSTATUS (*update_login_attempts)(struct pdb_methods *methods, struct samu *sam_acct, bool success);
NTSTATUS (*getgrsid)(struct pdb_methods *methods, GROUP_MAP *map, DOM_SID sid);
DOM_SID sid);
NTSTATUS (*enum_group_mapping)(struct pdb_methods *methods,
- enum SID_NAME_USE sid_name_use,
+ const DOM_SID *sid, enum lsa_SidType sid_name_use,
GROUP_MAP **pp_rmap, size_t *p_num_entries,
- BOOL unix_only);
+ bool unix_only);
NTSTATUS (*enum_group_members)(struct pdb_methods *methods,
TALLOC_CTX *mem_ctx,
TALLOC_CTX *mem_ctx,
uint32 group_rid, uint32 member_rid);
- NTSTATUS (*find_alias)(struct pdb_methods *methods,
- const char *name, DOM_SID *sid);
-
NTSTATUS (*create_alias)(struct pdb_methods *methods,
const char *name, uint32 *rid);
int num_rids,
uint32 *rids,
const char **pp_names,
- uint32 *attrs);
+ enum lsa_SidType *attrs);
NTSTATUS (*lookup_names)(struct pdb_methods *methods,
const DOM_SID *domain_sid,
int num_names,
const char **pp_names,
uint32 *rids,
- uint32 *attrs);
+ enum lsa_SidType *attrs);
NTSTATUS (*get_account_policy)(struct pdb_methods *methods,
int policy_index, uint32 *value);
NTSTATUS (*get_seq_num)(struct pdb_methods *methods, time_t *seq_num);
- BOOL (*search_users)(struct pdb_methods *methods,
+ bool (*search_users)(struct pdb_methods *methods,
struct pdb_search *search,
- uint16 acct_flags);
- BOOL (*search_groups)(struct pdb_methods *methods,
+ uint32 acct_flags);
+ bool (*search_groups)(struct pdb_methods *methods,
struct pdb_search *search);
- BOOL (*search_aliases)(struct pdb_methods *methods,
+ bool (*search_aliases)(struct pdb_methods *methods,
struct pdb_search *search,
const DOM_SID *sid);
- BOOL (*uid_to_rid)(struct pdb_methods *methods, uid_t uid,
+ bool (*uid_to_rid)(struct pdb_methods *methods, uid_t uid,
uint32 *rid);
- BOOL (*gid_to_sid)(struct pdb_methods *methods, gid_t gid,
+ bool (*uid_to_sid)(struct pdb_methods *methods, uid_t uid,
DOM_SID *sid);
- BOOL (*sid_to_id)(struct pdb_methods *methods, const DOM_SID *sid,
- union unid_t *id, enum SID_NAME_USE *type);
-
- BOOL (*rid_algorithm)(struct pdb_methods *methods);
- BOOL (*new_rid)(struct pdb_methods *methods, uint32 *rid);
+ bool (*gid_to_sid)(struct pdb_methods *methods, gid_t gid,
+ DOM_SID *sid);
+ bool (*sid_to_id)(struct pdb_methods *methods, const DOM_SID *sid,
+ union unid_t *id, enum lsa_SidType *type);
+
+ bool (*rid_algorithm)(struct pdb_methods *methods);
+ bool (*new_rid)(struct pdb_methods *methods, uint32 *rid);
+
+
+ bool (*get_trusteddom_pw)(struct pdb_methods *methods,
+ const char *domain, char** pwd,
+ DOM_SID *sid, time_t *pass_last_set_time);
+ bool (*set_trusteddom_pw)(struct pdb_methods *methods,
+ const char* domain, const char* pwd,
+ const DOM_SID *sid);
+ bool (*del_trusteddom_pw)(struct pdb_methods *methods,
+ const char *domain);
+ NTSTATUS (*enum_trusteddoms)(struct pdb_methods *methods,
+ TALLOC_CTX *mem_ctx, uint32 *num_domains,
+ struct trustdom_info ***domains);
void *private_data; /* Private data of some kind */