Return the sid and the type of the unix group.
****************************************************************************/
-static BOOL get_group_map_from_sid(DOM_SID sid, GROUP_MAP *map)
+static BOOL get_group_map_from_sid(const DOM_SID *sid, GROUP_MAP *map)
{
TDB_DATA kbuf, dbuf;
pstring key;
/* the key is the SID, retrieving is direct */
- sid_to_string(string_sid, &sid);
+ sid_to_string(string_sid, sid);
slprintf(key, sizeof(key), "%s%s", GROUP_PREFIX, string_sid);
kbuf.dptr = key;
return False;
}
- sid_copy(&map->sid, &sid);
+ sid_copy(&map->sid, sid);
return True;
}
return NT_STATUS_ACCESS_DENIED;
}
- if (!get_group_map_from_sid(*alias, &map))
+ if (!get_group_map_from_sid(alias, &map))
return NT_STATUS_NO_SUCH_ALIAS;
if ( (map.sid_name_use != SID_NAME_ALIAS) &&
return NT_STATUS_ACCESS_DENIED;
}
- if (!get_group_map_from_sid(*alias, &map))
+ if (!get_group_map_from_sid(alias, &map))
return NT_STATUS_NO_SUCH_ALIAS;
if ( (map.sid_name_use != SID_NAME_ALIAS) &&
/* get a domain group from it's SID */
-BOOL get_domain_group_from_sid(DOM_SID sid, GROUP_MAP *map)
+BOOL get_domain_group_from_sid(const DOM_SID *sid, GROUP_MAP *map)
{
struct group *grp;
BOOL ret;
if ( !ret ) {
uint32 rid;
- sid_peek_rid( &sid, &rid );
+ sid_peek_rid( sid, &rid );
if ( rid == DOMAIN_GROUP_RID_USERS ) {
fstrcpy( map->nt_name, "None" );
fstrcpy( map->comment, "Ordinary Users" );
- sid_copy( &map->sid, &sid );
+ sid_copy( &map->sid, sid );
map->sid_name_use = SID_NAME_DOM_GRP;
return True;
NTSTATUS pdb_default_getgrsid(struct pdb_methods *methods, GROUP_MAP *map,
- DOM_SID sid)
+ const DOM_SID *sid)
{
return get_group_map_from_sid(sid, map) ?
NT_STATUS_OK : NT_STATUS_UNSUCCESSFUL;
{
GROUP_MAP map;
- if (!pdb_getgrsid(&map, *sid))
+ if (!pdb_getgrsid(&map, sid))
return NT_STATUS_NO_SUCH_ALIAS;
if ((map.sid_name_use != SID_NAME_ALIAS) &&
{
GROUP_MAP map;
- if (!pdb_getgrsid(&map, *sid))
+ if (!pdb_getgrsid(&map, sid))
return NT_STATUS_NO_SUCH_ALIAS;
fstrcpy(map.nt_name, info->acct_name);
BOOL res;
become_root();
- res = get_domain_group_from_sid(*sid, &map);
+ res = get_domain_group_from_sid(sid, &map);
unbecome_root();
if (!res)
{
GROUP_MAP map;
- if (!get_domain_group_from_sid(*sid, &map))
+ if (!get_domain_group_from_sid(sid, &map))
return False;
fstrcpy(map.nt_name, info->acct_name);
* enum SID_NAME_USE rather than uint32.
*/
-#define PASSDB_INTERFACE_VERSION 14
+#define PASSDB_INTERFACE_VERSION 15
struct pdb_methods
{
NTSTATUS (*update_login_attempts)(struct pdb_methods *methods, struct samu *sam_acct, BOOL success);
- NTSTATUS (*getgrsid)(struct pdb_methods *methods, GROUP_MAP *map, DOM_SID sid);
+ NTSTATUS (*getgrsid)(struct pdb_methods *methods, GROUP_MAP *map,
+ const DOM_SID *sid);
NTSTATUS (*getgrgid)(struct pdb_methods *methods, GROUP_MAP *map, gid_t gid);
if ((sid_check_is_in_builtin(psid) ||
sid_check_is_in_wellknown_domain(psid))) {
- if (pdb_getgrsid(&map, *psid)) {
+ if (pdb_getgrsid(&map, psid)) {
*pgid = map.gid;
goto done;
}
return pdb->update_login_attempts(pdb, sam_acct, success);
}
-BOOL pdb_getgrsid(GROUP_MAP *map, DOM_SID sid)
+BOOL pdb_getgrsid(GROUP_MAP *map, const DOM_SID *sid)
{
struct pdb_methods *pdb = pdb_get_methods();
return NT_STATUS_IS_OK(pdb->getgrsid(pdb, map, sid));
sid_compose(&group_sid, get_global_sam_sid(), rid);
- if (!get_domain_group_from_sid(group_sid, &map)) {
+ if (!get_domain_group_from_sid(&group_sid, &map)) {
DEBUG(10, ("Could not find group for rid %d\n", rid));
return NT_STATUS_NO_SUCH_GROUP;
}
sid_compose(&group_sid, get_global_sam_sid(), group_rid);
sid_compose(&member_sid, get_global_sam_sid(), member_rid);
- if (!get_domain_group_from_sid(group_sid, &map) ||
+ if (!get_domain_group_from_sid(&group_sid, &map) ||
(map.gid == (gid_t)-1) ||
((grp = getgrgid(map.gid)) == NULL)) {
return NT_STATUS_NO_SUCH_GROUP;
sid_compose(&group_sid, get_global_sam_sid(), group_rid);
sid_compose(&member_sid, get_global_sam_sid(), member_rid);
- if (!get_domain_group_from_sid(group_sid, &map) ||
+ if (!get_domain_group_from_sid(&group_sid, &map) ||
(map.gid == (gid_t)-1) ||
((grp = getgrgid(map.gid)) == NULL)) {
return NT_STATUS_NO_SUCH_GROUP;
if (sid_peek_check_rid(&global_sid_Builtin, sid, &rid)) {
/* Here we only have aliases */
GROUP_MAP map;
- if (!NT_STATUS_IS_OK(methods->getgrsid(methods, &map, *sid))) {
+ if (!NT_STATUS_IS_OK(methods->getgrsid(methods, &map, sid))) {
DEBUG(10, ("Could not find map for sid %s\n",
sid_string_static(sid)));
goto done;
}
TALLOC_FREE(sam_account);
- ret = pdb_getgrsid(&map, sid);
+ ret = pdb_getgrsid(&map, &sid);
unbecome_root();
/* END BECOME_ROOT BLOCK */
*********************************************************************/
static NTSTATUS ldapsam_getgrsid(struct pdb_methods *methods, GROUP_MAP *map,
- DOM_SID sid)
+ const DOM_SID *sid)
{
pstring filter;
pstr_sprintf(filter, "(&(objectClass=%s)(%s=%s))",
LDAP_OBJ_GROUPMAP,
get_attr_key2string(groupmap_attr_list, LDAP_ATTR_GROUP_SID),
- sid_string_static(&sid));
+ sid_string_static(sid));
return ldapsam_getgroup(methods, filter, map);
}
if ( !nt_token_check_domain_rid( p->pipe_user.nt_user_token, DOMAIN_GROUP_RID_ADMINS ) )
return NT_STATUS_ACCESS_DENIED;
- if (!pdb_getgrsid(&map, info->sid))
+ if (!pdb_getgrsid(&map, &info->sid))
return NT_STATUS_NO_SUCH_GROUP;
return pdb_update_group_mapping_entry(&map);
}
become_root();
- ret = get_domain_group_from_sid(group_sid, &map);
+ ret = get_domain_group_from_sid(&group_sid, &map);
unbecome_root();
if (!ret)
return NT_STATUS_INVALID_HANDLE;
}
become_root();
- result = get_domain_group_from_sid(group_sid, &map);
+ result = get_domain_group_from_sid(&group_sid, &map);
unbecome_root();
if (!result)
return NT_STATUS_NO_SUCH_GROUP;
/* check if that group really exists */
become_root();
- ret = get_domain_group_from_sid(info->sid, &map);
+ ret = get_domain_group_from_sid(&info->sid, &map);
unbecome_root();
if (!ret)
return NT_STATUS_NO_SUCH_GROUP;
}
/* Get the current mapping from the database */
- if(!pdb_getgrsid(&map, sid)) {
+ if(!pdb_getgrsid(&map, &sid)) {
d_fprintf(stderr, "Failure to local group SID in the database\n");
return -1;
}
}
/* Get the current mapping from the database */
- if(!pdb_getgrsid(&map, sid)) {
+ if(!pdb_getgrsid(&map, &sid)) {
d_fprintf(stderr, "Failure to local group SID in the database\n");
return -1;
}
DOM_SID sid;
have_map = ( (strncmp(ntgroup, "S-", 2) == 0) &&
string_to_sid(&sid, ntgroup) &&
- pdb_getgrsid(&map, sid) );
+ pdb_getgrsid(&map, &sid) );
}
if (!have_map) {
group_sid = *pdb_get_group_sid(sam_account);
- if (!pdb_getgrsid(&map, group_sid)) {
+ if (!pdb_getgrsid(&map, &group_sid)) {
DEBUG(0, ("Primary group of %s has no mapping!\n",
pdb_get_username(sam_account)));
} else {
sid_append_rid(&group_sid, rid);
sid_to_string(sid_string, &group_sid);
- if (pdb_getgrsid(&map, group_sid)) {
+ if (pdb_getgrsid(&map, &group_sid)) {
if ( map.gid != -1 )
grp = getgrgid(map.gid);
insert = False;
sid_copy(&group_sid, get_global_sam_sid());
sid_append_rid(&group_sid, rid);
- if (!get_domain_group_from_sid(group_sid, &map)) {
+ if (!get_domain_group_from_sid(&group_sid, &map)) {
DEBUG(0, ("Could not find global group %d\n", rid));
return NT_STATUS_NO_SUCH_GROUP;
}
fstring comment;
struct group *grp = NULL;
DOM_SID alias_sid;
- fstring sid_string;
GROUP_MAP map;
BOOL insert = True;
/* Find out whether the group is already mapped */
sid_copy(&alias_sid, &dom_sid);
sid_append_rid(&alias_sid, rid);
- sid_to_string(sid_string, &alias_sid);
- if (pdb_getgrsid(&map, alias_sid)) {
+ if (pdb_getgrsid(&map, &alias_sid)) {
grp = getgrgid(map.gid);
insert = False;
}
return -1;
}
- if (!pdb_getgrsid(&map, sid)) {
+ if (!pdb_getgrsid(&map, &sid)) {
d_fprintf(stderr, "Could not load group %s\n", argv[0]);
return -1;
}
sid_compose(&gsid, get_global_sam_sid(), DOMAIN_GROUP_RID_USERS);
- if (!pdb_getgrsid(&gmap, gsid)) {
+ if (!pdb_getgrsid(&gmap, &gsid)) {
LDAPMod **mods = NULL;
char *dn;
char *uname;
sid_compose(&gsid, get_global_sam_sid(), DOMAIN_GROUP_RID_ADMINS);
- if (!pdb_getgrsid(&gmap, gsid)) {
+ if (!pdb_getgrsid(&gmap, &gsid)) {
LDAPMod **mods = NULL;
char *dn;
char *uname;