2 Unix SMB/CIFS implementation.
3 Password and authentication handling
4 Copyright (C) Andrew Bartlett 2002
5 Copyright (C) Jelmer Vernooij 2002
7 This program is free software; you can redistribute it and/or modify
8 it under the terms of the GNU General Public License as published by
9 the Free Software Foundation; either version 2 of the License, or
10 (at your option) any later version.
12 This program is distributed in the hope that it will be useful,
13 but WITHOUT ANY WARRANTY; without even the implied warranty of
14 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
15 GNU General Public License for more details.
17 You should have received a copy of the GNU General Public License
18 along with this program; if not, write to the Free Software
19 Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
25 #define DBGC_CLASS DBGC_PASSDB
27 static struct pdb_init_function_entry *backends = NULL;
29 static void lazy_initialize_passdb(void)
31 static BOOL initialized = False;
32 if(initialized)return;
37 static struct pdb_init_function_entry *pdb_find_backend_entry(const char *name);
39 /*******************************************************************
40 Clean up uninitialised passwords. The only way to tell
41 that these values are not 'real' is that they do not
42 have a valid last set time. Instead, the value is fixed at 0.
43 Therefore we use that as the key for 'is this a valid password'.
44 However, it is perfectly valid to have a 'default' last change
45 time, such LDAP with a missing attribute would produce.
46 ********************************************************************/
48 static void pdb_force_pw_initialization(SAM_ACCOUNT *pass)
50 const char *lm_pwd, *nt_pwd;
52 /* only reset a password if the last set time has been
53 explicitly been set to zero. A default last set time
56 if ( (pdb_get_init_flags(pass, PDB_PASSLASTSET) != PDB_DEFAULT)
57 && (pdb_get_pass_last_set_time(pass) == 0) )
60 if (pdb_get_init_flags(pass, PDB_LMPASSWD) != PDB_DEFAULT)
62 lm_pwd = pdb_get_lanman_passwd(pass);
64 pdb_set_lanman_passwd(pass, NULL, PDB_CHANGED);
66 if (pdb_get_init_flags(pass, PDB_NTPASSWD) != PDB_DEFAULT)
68 nt_pwd = pdb_get_nt_passwd(pass);
70 pdb_set_nt_passwd(pass, NULL, PDB_CHANGED);
77 NTSTATUS smb_register_passdb(int version, const char *name, pdb_init_function init)
79 struct pdb_init_function_entry *entry = backends;
81 if(version != PASSDB_INTERFACE_VERSION) {
82 DEBUG(0,("Can't register passdb backend!\n"
83 "You tried to register a passdb module with PASSDB_INTERFACE_VERSION %d, "
84 "while this version of samba uses version %d\n",
85 version,PASSDB_INTERFACE_VERSION));
86 return NT_STATUS_OBJECT_TYPE_MISMATCH;
90 return NT_STATUS_INVALID_PARAMETER;
93 DEBUG(5,("Attempting to register passdb backend %s\n", name));
95 /* Check for duplicates */
96 if (pdb_find_backend_entry(name)) {
97 DEBUG(0,("There already is a passdb backend registered with the name %s!\n", name));
98 return NT_STATUS_OBJECT_NAME_COLLISION;
101 entry = smb_xmalloc(sizeof(struct pdb_init_function_entry));
102 entry->name = smb_xstrdup(name);
105 DLIST_ADD(backends, entry);
106 DEBUG(5,("Successfully added passdb backend '%s'\n", name));
110 static struct pdb_init_function_entry *pdb_find_backend_entry(const char *name)
112 struct pdb_init_function_entry *entry = backends;
115 if (strcmp(entry->name, name)==0) return entry;
122 static NTSTATUS context_setsampwent(struct pdb_context *context, BOOL update)
124 NTSTATUS ret = NT_STATUS_UNSUCCESSFUL;
127 DEBUG(0, ("invalid pdb_context specified!\n"));
131 context->pwent_methods = context->pdb_methods;
133 if (!context->pwent_methods) {
134 /* No passdbs at all */
138 while (NT_STATUS_IS_ERR(ret = context->pwent_methods->setsampwent(context->pwent_methods, update))) {
139 context->pwent_methods = context->pwent_methods->next;
140 if (context->pwent_methods == NULL)
141 return NT_STATUS_UNSUCCESSFUL;
146 static void context_endsampwent(struct pdb_context *context)
149 DEBUG(0, ("invalid pdb_context specified!\n"));
153 if (context->pwent_methods && context->pwent_methods->endsampwent)
154 context->pwent_methods->endsampwent(context->pwent_methods);
156 /* So we won't get strange data when calling getsampwent now */
157 context->pwent_methods = NULL;
160 static NTSTATUS context_getsampwent(struct pdb_context *context, SAM_ACCOUNT *user)
162 NTSTATUS ret = NT_STATUS_UNSUCCESSFUL;
164 if ((!context) || (!context->pwent_methods)) {
165 DEBUG(0, ("invalid pdb_context specified!\n"));
168 /* Loop until we find something useful */
169 while (NT_STATUS_IS_ERR(ret = context->pwent_methods->getsampwent(context->pwent_methods, user))) {
171 context->pwent_methods->endsampwent(context->pwent_methods);
173 context->pwent_methods = context->pwent_methods->next;
175 /* All methods are checked now. There are no more entries */
176 if (context->pwent_methods == NULL)
179 context->pwent_methods->setsampwent(context->pwent_methods, False);
181 user->methods = context->pwent_methods;
182 pdb_force_pw_initialization(user);
186 static NTSTATUS context_getsampwnam(struct pdb_context *context, SAM_ACCOUNT *sam_acct, const char *username)
188 NTSTATUS ret = NT_STATUS_UNSUCCESSFUL;
190 struct pdb_methods *curmethods;
192 DEBUG(0, ("invalid pdb_context specified!\n"));
195 curmethods = context->pdb_methods;
197 if (NT_STATUS_IS_OK(ret = curmethods->getsampwnam(curmethods, sam_acct, username))) {
198 pdb_force_pw_initialization(sam_acct);
199 sam_acct->methods = curmethods;
202 curmethods = curmethods->next;
208 static NTSTATUS context_getsampwsid(struct pdb_context *context, SAM_ACCOUNT *sam_acct, const DOM_SID *sid)
210 NTSTATUS ret = NT_STATUS_UNSUCCESSFUL;
212 struct pdb_methods *curmethods;
214 DEBUG(0, ("invalid pdb_context specified!\n"));
218 curmethods = context->pdb_methods;
221 if (NT_STATUS_IS_OK(ret = curmethods->getsampwsid(curmethods, sam_acct, sid))) {
222 pdb_force_pw_initialization(sam_acct);
223 sam_acct->methods = curmethods;
226 curmethods = curmethods->next;
232 static NTSTATUS context_add_sam_account(struct pdb_context *context, SAM_ACCOUNT *sam_acct)
234 NTSTATUS ret = NT_STATUS_UNSUCCESSFUL;
235 const char *lm_pw, *nt_pw;
238 if ((!context) || (!context->pdb_methods)) {
239 DEBUG(0, ("invalid pdb_context specified!\n"));
243 /* disable acccounts with no passwords (that has not
244 been allowed by the ACB_PWNOTREQ bit */
246 lm_pw = pdb_get_lanman_passwd( sam_acct );
247 nt_pw = pdb_get_nt_passwd( sam_acct );
248 acb_flags = pdb_get_acct_ctrl( sam_acct );
249 if ( !lm_pw && !nt_pw && !(acb_flags&ACB_PWNOTREQ) ) {
250 acb_flags |= ACB_DISABLED;
251 pdb_set_acct_ctrl( sam_acct, acb_flags, PDB_CHANGED );
254 /** @todo This is where a 're-read on add' should be done */
255 /* We now add a new account to the first database listed.
258 return context->pdb_methods->add_sam_account(context->pdb_methods, sam_acct);
261 static NTSTATUS context_update_sam_account(struct pdb_context *context, SAM_ACCOUNT *sam_acct)
263 NTSTATUS ret = NT_STATUS_UNSUCCESSFUL;
264 const char *lm_pw, *nt_pw;
268 DEBUG(0, ("invalid pdb_context specified!\n"));
272 if (!sam_acct || !sam_acct->methods){
273 DEBUG(0, ("invalid sam_acct specified\n"));
277 /* disable acccounts with no passwords (that has not
278 been allowed by the ACB_PWNOTREQ bit */
280 lm_pw = pdb_get_lanman_passwd( sam_acct );
281 nt_pw = pdb_get_nt_passwd( sam_acct );
282 acb_flags = pdb_get_acct_ctrl( sam_acct );
283 if ( !lm_pw && !nt_pw && !(acb_flags&ACB_PWNOTREQ) ) {
284 acb_flags |= ACB_DISABLED;
285 pdb_set_acct_ctrl( sam_acct, acb_flags, PDB_CHANGED );
288 /** @todo This is where a 're-read on update' should be done */
290 return sam_acct->methods->update_sam_account(sam_acct->methods, sam_acct);
293 static NTSTATUS context_delete_sam_account(struct pdb_context *context, SAM_ACCOUNT *sam_acct)
295 NTSTATUS ret = NT_STATUS_UNSUCCESSFUL;
297 struct pdb_methods *pdb_selected;
299 DEBUG(0, ("invalid pdb_context specified!\n"));
303 if (!sam_acct->methods){
304 pdb_selected = context->pdb_methods;
305 /* There's no passdb backend specified for this account.
306 * Try to delete it in every passdb available
307 * Needed to delete accounts in smbpasswd that are not
310 while (pdb_selected){
311 if (NT_STATUS_IS_OK(ret = pdb_selected->delete_sam_account(pdb_selected, sam_acct))) {
314 pdb_selected = pdb_selected->next;
319 if (!sam_acct->methods->delete_sam_account){
320 DEBUG(0,("invalid sam_acct->methods->delete_sam_account\n"));
324 return sam_acct->methods->delete_sam_account(sam_acct->methods, sam_acct);
327 static NTSTATUS context_getgrsid(struct pdb_context *context,
328 GROUP_MAP *map, DOM_SID sid)
330 NTSTATUS ret = NT_STATUS_UNSUCCESSFUL;
332 struct pdb_methods *curmethods;
334 DEBUG(0, ("invalid pdb_context specified!\n"));
337 curmethods = context->pdb_methods;
339 ret = curmethods->getgrsid(curmethods, map, sid);
340 if (NT_STATUS_IS_OK(ret)) {
341 map->methods = curmethods;
344 curmethods = curmethods->next;
350 static NTSTATUS context_getgrgid(struct pdb_context *context,
351 GROUP_MAP *map, gid_t gid)
353 NTSTATUS ret = NT_STATUS_UNSUCCESSFUL;
355 struct pdb_methods *curmethods;
357 DEBUG(0, ("invalid pdb_context specified!\n"));
360 curmethods = context->pdb_methods;
362 ret = curmethods->getgrgid(curmethods, map, gid);
363 if (NT_STATUS_IS_OK(ret)) {
364 map->methods = curmethods;
367 curmethods = curmethods->next;
373 static NTSTATUS context_getgrnam(struct pdb_context *context,
374 GROUP_MAP *map, const char *name)
376 NTSTATUS ret = NT_STATUS_UNSUCCESSFUL;
378 struct pdb_methods *curmethods;
380 DEBUG(0, ("invalid pdb_context specified!\n"));
383 curmethods = context->pdb_methods;
385 ret = curmethods->getgrnam(curmethods, map, name);
386 if (NT_STATUS_IS_OK(ret)) {
387 map->methods = curmethods;
390 curmethods = curmethods->next;
396 static NTSTATUS context_add_group_mapping_entry(struct pdb_context *context,
399 NTSTATUS ret = NT_STATUS_UNSUCCESSFUL;
401 if ((!context) || (!context->pdb_methods)) {
402 DEBUG(0, ("invalid pdb_context specified!\n"));
406 return context->pdb_methods->add_group_mapping_entry(context->pdb_methods,
410 static NTSTATUS context_update_group_mapping_entry(struct pdb_context *context,
413 NTSTATUS ret = NT_STATUS_UNSUCCESSFUL;
415 if ((!context) || (!context->pdb_methods)) {
416 DEBUG(0, ("invalid pdb_context specified!\n"));
421 pdb_methods->update_group_mapping_entry(context->pdb_methods, map);
424 static NTSTATUS context_delete_group_mapping_entry(struct pdb_context *context,
427 NTSTATUS ret = NT_STATUS_UNSUCCESSFUL;
429 if ((!context) || (!context->pdb_methods)) {
430 DEBUG(0, ("invalid pdb_context specified!\n"));
435 pdb_methods->delete_group_mapping_entry(context->pdb_methods, sid);
438 static NTSTATUS context_enum_group_mapping(struct pdb_context *context,
439 enum SID_NAME_USE sid_name_use,
440 GROUP_MAP **rmap, int *num_entries,
443 NTSTATUS ret = NT_STATUS_UNSUCCESSFUL;
445 if ((!context) || (!context->pdb_methods)) {
446 DEBUG(0, ("invalid pdb_context specified!\n"));
450 return context->pdb_methods->enum_group_mapping(context->pdb_methods,
452 num_entries, unix_only);
455 static NTSTATUS context_find_alias(struct pdb_context *context,
456 const char *name, DOM_SID *sid)
458 NTSTATUS ret = NT_STATUS_UNSUCCESSFUL;
460 if ((!context) || (!context->pdb_methods)) {
461 DEBUG(0, ("invalid pdb_context specified!\n"));
465 return context->pdb_methods->find_alias(context->pdb_methods,
469 static NTSTATUS context_create_alias(struct pdb_context *context,
470 const char *name, uint32 *rid)
472 NTSTATUS ret = NT_STATUS_UNSUCCESSFUL;
474 if ((!context) || (!context->pdb_methods)) {
475 DEBUG(0, ("invalid pdb_context specified!\n"));
479 return context->pdb_methods->create_alias(context->pdb_methods,
483 static NTSTATUS context_delete_alias(struct pdb_context *context,
486 NTSTATUS ret = NT_STATUS_UNSUCCESSFUL;
488 if ((!context) || (!context->pdb_methods)) {
489 DEBUG(0, ("invalid pdb_context specified!\n"));
493 return context->pdb_methods->delete_alias(context->pdb_methods, sid);
496 static NTSTATUS context_enum_aliases(struct pdb_context *context,
498 uint32 start_idx, uint32 max_entries,
500 struct acct_info **info)
502 NTSTATUS ret = NT_STATUS_UNSUCCESSFUL;
504 if ((!context) || (!context->pdb_methods)) {
505 DEBUG(0, ("invalid pdb_context specified!\n"));
509 return context->pdb_methods->enum_aliases(context->pdb_methods,
510 sid, start_idx, max_entries,
514 static NTSTATUS context_get_aliasinfo(struct pdb_context *context,
516 struct acct_info *info)
518 NTSTATUS ret = NT_STATUS_UNSUCCESSFUL;
520 if ((!context) || (!context->pdb_methods)) {
521 DEBUG(0, ("invalid pdb_context specified!\n"));
525 return context->pdb_methods->get_aliasinfo(context->pdb_methods,
529 static NTSTATUS context_set_aliasinfo(struct pdb_context *context,
531 struct acct_info *info)
533 NTSTATUS ret = NT_STATUS_UNSUCCESSFUL;
535 if ((!context) || (!context->pdb_methods)) {
536 DEBUG(0, ("invalid pdb_context specified!\n"));
540 return context->pdb_methods->set_aliasinfo(context->pdb_methods,
544 static NTSTATUS context_add_aliasmem(struct pdb_context *context,
545 const DOM_SID *alias,
546 const DOM_SID *member)
548 NTSTATUS ret = NT_STATUS_UNSUCCESSFUL;
550 if ((!context) || (!context->pdb_methods)) {
551 DEBUG(0, ("invalid pdb_context specified!\n"));
555 return context->pdb_methods->add_aliasmem(context->pdb_methods,
559 static NTSTATUS context_del_aliasmem(struct pdb_context *context,
560 const DOM_SID *alias,
561 const DOM_SID *member)
563 NTSTATUS ret = NT_STATUS_UNSUCCESSFUL;
565 if ((!context) || (!context->pdb_methods)) {
566 DEBUG(0, ("invalid pdb_context specified!\n"));
570 return context->pdb_methods->del_aliasmem(context->pdb_methods,
574 static NTSTATUS context_enum_aliasmem(struct pdb_context *context,
575 const DOM_SID *alias, DOM_SID **members,
578 NTSTATUS ret = NT_STATUS_UNSUCCESSFUL;
580 if ((!context) || (!context->pdb_methods)) {
581 DEBUG(0, ("invalid pdb_context specified!\n"));
585 return context->pdb_methods->enum_aliasmem(context->pdb_methods,
586 alias, members, num);
589 static NTSTATUS context_enum_alias_memberships(struct pdb_context *context,
590 const DOM_SID *members,
592 DOM_SID **aliases, int *num)
594 NTSTATUS ret = NT_STATUS_UNSUCCESSFUL;
596 if ((!context) || (!context->pdb_methods)) {
597 DEBUG(0, ("invalid pdb_context specified!\n"));
601 return context->pdb_methods->
602 enum_alias_memberships(context->pdb_methods, members,
603 num_members, aliases, num);
606 /******************************************************************
607 Free and cleanup a pdb context, any associated data and anything
608 that the attached modules might have associated.
609 *******************************************************************/
611 static void free_pdb_context(struct pdb_context **context)
613 struct pdb_methods *pdb_selected = (*context)->pdb_methods;
615 while (pdb_selected){
616 if(pdb_selected->free_private_data)
617 pdb_selected->free_private_data(&(pdb_selected->private_data));
618 pdb_selected = pdb_selected->next;
621 talloc_destroy((*context)->mem_ctx);
625 /******************************************************************
626 Make a pdb_methods from scratch
627 *******************************************************************/
629 static NTSTATUS make_pdb_methods_name(struct pdb_methods **methods, struct pdb_context *context, const char *selected)
631 char *module_name = smb_xstrdup(selected);
632 char *module_location = NULL, *p;
633 struct pdb_init_function_entry *entry;
634 NTSTATUS nt_status = NT_STATUS_UNSUCCESSFUL;
636 lazy_initialize_passdb();
638 p = strchr(module_name, ':');
642 module_location = p+1;
643 trim_char(module_location, ' ', ' ');
646 trim_char(module_name, ' ', ' ');
649 DEBUG(5,("Attempting to find an passdb backend to match %s (%s)\n", selected, module_name));
651 entry = pdb_find_backend_entry(module_name);
653 /* Try to find a module that contains this module */
655 DEBUG(2,("No builtin backend found, trying to load plugin\n"));
656 if(NT_STATUS_IS_OK(smb_probe_module("pdb", module_name)) && !(entry = pdb_find_backend_entry(module_name))) {
657 DEBUG(0,("Plugin is available, but doesn't register passdb backend %s\n", module_name));
658 SAFE_FREE(module_name);
659 return NT_STATUS_UNSUCCESSFUL;
663 /* No such backend found */
665 DEBUG(0,("No builtin nor plugin backend for %s found\n", module_name));
666 SAFE_FREE(module_name);
667 return NT_STATUS_INVALID_PARAMETER;
670 DEBUG(5,("Found pdb backend %s\n", module_name));
671 nt_status = entry->init(context, methods, module_location);
672 if (NT_STATUS_IS_OK(nt_status)) {
673 DEBUG(5,("pdb backend %s has a valid init\n", selected));
675 DEBUG(0,("pdb backend %s did not correctly init (error was %s)\n", selected, nt_errstr(nt_status)));
677 SAFE_FREE(module_name);
681 /******************************************************************
682 Make a pdb_context from scratch.
683 *******************************************************************/
685 static NTSTATUS make_pdb_context(struct pdb_context **context)
689 mem_ctx = talloc_init("pdb_context internal allocation context");
692 DEBUG(0, ("make_pdb_context: talloc init failed!\n"));
693 return NT_STATUS_NO_MEMORY;
696 *context = talloc(mem_ctx, sizeof(**context));
698 DEBUG(0, ("make_pdb_context: talloc failed!\n"));
699 return NT_STATUS_NO_MEMORY;
702 ZERO_STRUCTP(*context);
704 (*context)->mem_ctx = mem_ctx;
706 (*context)->pdb_setsampwent = context_setsampwent;
707 (*context)->pdb_endsampwent = context_endsampwent;
708 (*context)->pdb_getsampwent = context_getsampwent;
709 (*context)->pdb_getsampwnam = context_getsampwnam;
710 (*context)->pdb_getsampwsid = context_getsampwsid;
711 (*context)->pdb_add_sam_account = context_add_sam_account;
712 (*context)->pdb_update_sam_account = context_update_sam_account;
713 (*context)->pdb_delete_sam_account = context_delete_sam_account;
714 (*context)->pdb_getgrsid = context_getgrsid;
715 (*context)->pdb_getgrgid = context_getgrgid;
716 (*context)->pdb_getgrnam = context_getgrnam;
717 (*context)->pdb_add_group_mapping_entry = context_add_group_mapping_entry;
718 (*context)->pdb_update_group_mapping_entry = context_update_group_mapping_entry;
719 (*context)->pdb_delete_group_mapping_entry = context_delete_group_mapping_entry;
720 (*context)->pdb_enum_group_mapping = context_enum_group_mapping;
722 (*context)->pdb_find_alias = context_find_alias;
723 (*context)->pdb_create_alias = context_create_alias;
724 (*context)->pdb_delete_alias = context_delete_alias;
725 (*context)->pdb_enum_aliases = context_enum_aliases;
726 (*context)->pdb_get_aliasinfo = context_get_aliasinfo;
727 (*context)->pdb_set_aliasinfo = context_set_aliasinfo;
728 (*context)->pdb_add_aliasmem = context_add_aliasmem;
729 (*context)->pdb_del_aliasmem = context_del_aliasmem;
730 (*context)->pdb_enum_aliasmem = context_enum_aliasmem;
731 (*context)->pdb_enum_alias_memberships = context_enum_alias_memberships;
733 (*context)->free_fn = free_pdb_context;
739 /******************************************************************
740 Make a pdb_context, given an array of strings
741 *******************************************************************/
743 NTSTATUS make_pdb_context_list(struct pdb_context **context, const char **selected)
746 struct pdb_methods *curmethods, *tmpmethods;
747 NTSTATUS nt_status = NT_STATUS_UNSUCCESSFUL;
748 BOOL have_guest = False;
750 if (!NT_STATUS_IS_OK(nt_status = make_pdb_context(context))) {
755 DEBUG(0, ("ERROR: empty passdb backend list!\n"));
760 if (strcmp(selected[i], "guest") == 0) {
763 /* Try to initialise pdb */
764 DEBUG(5,("Trying to load: %s\n", selected[i]));
765 if (!NT_STATUS_IS_OK(nt_status = make_pdb_methods_name(&curmethods, *context, selected[i]))) {
766 DEBUG(1, ("Loading %s failed!\n", selected[i]));
767 free_pdb_context(context);
770 curmethods->parent = *context;
771 DLIST_ADD_END((*context)->pdb_methods, curmethods, tmpmethods);
778 if ( (lp_guestaccount() == NULL) ||
779 (*lp_guestaccount() == '\0') ) {
780 /* We explicitly don't want guest access. No idea what
781 else that breaks, but be it that way. */
785 if (!NT_STATUS_IS_OK(nt_status = make_pdb_methods_name(&curmethods,
788 DEBUG(1, ("Loading guest module failed!\n"));
789 free_pdb_context(context);
793 curmethods->parent = *context;
794 DLIST_ADD_END((*context)->pdb_methods, curmethods, tmpmethods);
799 /******************************************************************
800 Make a pdb_context, given a text string.
801 *******************************************************************/
803 NTSTATUS make_pdb_context_string(struct pdb_context **context, const char *selected)
806 char **newsel = str_list_make(selected, NULL);
807 ret = make_pdb_context_list(context, (const char **)newsel);
808 str_list_free(&newsel);
812 /******************************************************************
813 Return an already initialised pdb_context, to facilitate backward
814 compatibility (see functions below).
815 *******************************************************************/
817 static struct pdb_context *pdb_get_static_context(BOOL reload)
819 static struct pdb_context *pdb_context = NULL;
821 if ((pdb_context) && (reload)) {
822 pdb_context->free_fn(&pdb_context);
823 if (!NT_STATUS_IS_OK(make_pdb_context_list(&pdb_context, lp_passdb_backend()))) {
829 if (!NT_STATUS_IS_OK(make_pdb_context_list(&pdb_context, lp_passdb_backend()))) {
837 /******************************************************************
838 Backward compatibility functions for the original passdb interface
839 *******************************************************************/
841 BOOL pdb_setsampwent(BOOL update)
843 struct pdb_context *pdb_context = pdb_get_static_context(False);
849 return NT_STATUS_IS_OK(pdb_context->pdb_setsampwent(pdb_context, update));
852 void pdb_endsampwent(void)
854 struct pdb_context *pdb_context = pdb_get_static_context(False);
860 pdb_context->pdb_endsampwent(pdb_context);
863 BOOL pdb_getsampwent(SAM_ACCOUNT *user)
865 struct pdb_context *pdb_context = pdb_get_static_context(False);
871 return NT_STATUS_IS_OK(pdb_context->pdb_getsampwent(pdb_context, user));
874 static SAM_ACCOUNT *sam_account_cache = NULL;
876 BOOL pdb_getsampwnam(SAM_ACCOUNT *sam_acct, const char *username)
878 struct pdb_context *pdb_context = pdb_get_static_context(False);
884 if (!NT_STATUS_IS_OK(pdb_context->pdb_getsampwnam(pdb_context,
885 sam_acct, username)))
888 if (sam_account_cache != NULL) {
889 pdb_free_sam(&sam_account_cache);
890 sam_account_cache = NULL;
893 pdb_copy_sam_account(sam_acct, &sam_account_cache);
897 BOOL pdb_getsampwsid(SAM_ACCOUNT *sam_acct, const DOM_SID *sid)
899 struct pdb_context *pdb_context = pdb_get_static_context(False);
905 if ((sam_account_cache != NULL) &&
906 (sid_equal(sid, pdb_get_user_sid(sam_account_cache))))
907 return pdb_copy_sam_account(sam_account_cache, &sam_acct);
909 return NT_STATUS_IS_OK(pdb_context->pdb_getsampwsid(pdb_context, sam_acct, sid));
912 BOOL pdb_add_sam_account(SAM_ACCOUNT *sam_acct)
914 struct pdb_context *pdb_context = pdb_get_static_context(False);
920 return NT_STATUS_IS_OK(pdb_context->pdb_add_sam_account(pdb_context, sam_acct));
923 BOOL pdb_update_sam_account(SAM_ACCOUNT *sam_acct)
925 struct pdb_context *pdb_context = pdb_get_static_context(False);
931 if (sam_account_cache != NULL) {
932 pdb_free_sam(&sam_account_cache);
933 sam_account_cache = NULL;
936 return NT_STATUS_IS_OK(pdb_context->pdb_update_sam_account(pdb_context, sam_acct));
939 BOOL pdb_delete_sam_account(SAM_ACCOUNT *sam_acct)
941 struct pdb_context *pdb_context = pdb_get_static_context(False);
947 if (sam_account_cache != NULL) {
948 pdb_free_sam(&sam_account_cache);
949 sam_account_cache = NULL;
952 return NT_STATUS_IS_OK(pdb_context->pdb_delete_sam_account(pdb_context, sam_acct));
955 BOOL pdb_getgrsid(GROUP_MAP *map, DOM_SID sid)
957 struct pdb_context *pdb_context = pdb_get_static_context(False);
963 return NT_STATUS_IS_OK(pdb_context->
964 pdb_getgrsid(pdb_context, map, sid));
967 BOOL pdb_getgrgid(GROUP_MAP *map, gid_t gid)
969 struct pdb_context *pdb_context = pdb_get_static_context(False);
975 return NT_STATUS_IS_OK(pdb_context->
976 pdb_getgrgid(pdb_context, map, gid));
979 BOOL pdb_getgrnam(GROUP_MAP *map, const char *name)
981 struct pdb_context *pdb_context = pdb_get_static_context(False);
987 return NT_STATUS_IS_OK(pdb_context->
988 pdb_getgrnam(pdb_context, map, name));
991 BOOL pdb_add_group_mapping_entry(GROUP_MAP *map)
993 struct pdb_context *pdb_context = pdb_get_static_context(False);
999 return NT_STATUS_IS_OK(pdb_context->
1000 pdb_add_group_mapping_entry(pdb_context, map));
1003 BOOL pdb_update_group_mapping_entry(GROUP_MAP *map)
1005 struct pdb_context *pdb_context = pdb_get_static_context(False);
1011 return NT_STATUS_IS_OK(pdb_context->
1012 pdb_update_group_mapping_entry(pdb_context, map));
1015 BOOL pdb_delete_group_mapping_entry(DOM_SID sid)
1017 struct pdb_context *pdb_context = pdb_get_static_context(False);
1023 return NT_STATUS_IS_OK(pdb_context->
1024 pdb_delete_group_mapping_entry(pdb_context, sid));
1027 BOOL pdb_enum_group_mapping(enum SID_NAME_USE sid_name_use, GROUP_MAP **rmap,
1028 int *num_entries, BOOL unix_only)
1030 struct pdb_context *pdb_context = pdb_get_static_context(False);
1036 return NT_STATUS_IS_OK(pdb_context->
1037 pdb_enum_group_mapping(pdb_context, sid_name_use,
1038 rmap, num_entries, unix_only));
1041 BOOL pdb_find_alias(const char *name, DOM_SID *sid)
1043 struct pdb_context *pdb_context = pdb_get_static_context(False);
1049 return NT_STATUS_IS_OK(pdb_context->pdb_find_alias(pdb_context,
1053 NTSTATUS pdb_create_alias(const char *name, uint32 *rid)
1055 struct pdb_context *pdb_context = pdb_get_static_context(False);
1058 return NT_STATUS_NOT_IMPLEMENTED;
1061 return pdb_context->pdb_create_alias(pdb_context, name, rid);
1064 BOOL pdb_delete_alias(const DOM_SID *sid)
1066 struct pdb_context *pdb_context = pdb_get_static_context(False);
1072 return NT_STATUS_IS_OK(pdb_context->pdb_delete_alias(pdb_context,
1077 BOOL pdb_enum_aliases(const DOM_SID *sid, uint32 start_idx, uint32 max_entries,
1078 uint32 *num_aliases, struct acct_info **info)
1080 struct pdb_context *pdb_context = pdb_get_static_context(False);
1086 return NT_STATUS_IS_OK(pdb_context->pdb_enum_aliases(pdb_context, sid,
1093 BOOL pdb_get_aliasinfo(const DOM_SID *sid, struct acct_info *info)
1095 struct pdb_context *pdb_context = pdb_get_static_context(False);
1101 return NT_STATUS_IS_OK(pdb_context->pdb_get_aliasinfo(pdb_context, sid,
1105 BOOL pdb_set_aliasinfo(const DOM_SID *sid, struct acct_info *info)
1107 struct pdb_context *pdb_context = pdb_get_static_context(False);
1113 return NT_STATUS_IS_OK(pdb_context->pdb_set_aliasinfo(pdb_context, sid,
1117 BOOL pdb_add_aliasmem(const DOM_SID *alias, const DOM_SID *member)
1119 struct pdb_context *pdb_context = pdb_get_static_context(False);
1125 return NT_STATUS_IS_OK(pdb_context->
1126 pdb_add_aliasmem(pdb_context, alias, member));
1129 BOOL pdb_del_aliasmem(const DOM_SID *alias, const DOM_SID *member)
1131 struct pdb_context *pdb_context = pdb_get_static_context(False);
1137 return NT_STATUS_IS_OK(pdb_context->
1138 pdb_del_aliasmem(pdb_context, alias, member));
1141 BOOL pdb_enum_aliasmem(const DOM_SID *alias,
1142 DOM_SID **members, int *num_members)
1144 struct pdb_context *pdb_context = pdb_get_static_context(False);
1150 return NT_STATUS_IS_OK(pdb_context->
1151 pdb_enum_aliasmem(pdb_context, alias,
1152 members, num_members));
1155 BOOL pdb_enum_alias_memberships(const DOM_SID *members, int num_members,
1156 DOM_SID **aliases, int *num)
1158 struct pdb_context *pdb_context = pdb_get_static_context(False);
1164 return NT_STATUS_IS_OK(pdb_context->
1165 pdb_enum_alias_memberships(pdb_context, members,
1170 /***************************************************************
1171 Initialize the static context (at smbd startup etc).
1173 If uninitialised, context will auto-init on first use.
1174 ***************************************************************/
1176 BOOL initialize_password_db(BOOL reload)
1178 return (pdb_get_static_context(reload) != NULL);
1182 /***************************************************************************
1183 Default implementations of some functions.
1184 ****************************************************************************/
1186 static NTSTATUS pdb_default_getsampwnam (struct pdb_methods *methods, SAM_ACCOUNT *user, const char *sname)
1188 return NT_STATUS_NO_SUCH_USER;
1191 static NTSTATUS pdb_default_getsampwsid(struct pdb_methods *my_methods, SAM_ACCOUNT * user, const DOM_SID *sid)
1193 return NT_STATUS_NO_SUCH_USER;
1196 static NTSTATUS pdb_default_add_sam_account (struct pdb_methods *methods, SAM_ACCOUNT *newpwd)
1198 DEBUG(0,("this backend (%s) should not be listed as the first passdb backend! You can't add users to it.\n", methods->name));
1199 return NT_STATUS_NOT_IMPLEMENTED;
1202 static NTSTATUS pdb_default_update_sam_account (struct pdb_methods *methods, SAM_ACCOUNT *newpwd)
1204 return NT_STATUS_NOT_IMPLEMENTED;
1207 static NTSTATUS pdb_default_delete_sam_account (struct pdb_methods *methods, SAM_ACCOUNT *pwd)
1209 return NT_STATUS_NOT_IMPLEMENTED;
1212 static NTSTATUS pdb_default_setsampwent(struct pdb_methods *methods, BOOL update)
1214 return NT_STATUS_NOT_IMPLEMENTED;
1217 static NTSTATUS pdb_default_getsampwent(struct pdb_methods *methods, SAM_ACCOUNT *user)
1219 return NT_STATUS_NOT_IMPLEMENTED;
1222 static void pdb_default_endsampwent(struct pdb_methods *methods)
1224 return; /* NT_STATUS_NOT_IMPLEMENTED; */
1227 NTSTATUS make_pdb_methods(TALLOC_CTX *mem_ctx, PDB_METHODS **methods)
1229 *methods = talloc(mem_ctx, sizeof(struct pdb_methods));
1232 return NT_STATUS_NO_MEMORY;
1235 ZERO_STRUCTP(*methods);
1237 (*methods)->setsampwent = pdb_default_setsampwent;
1238 (*methods)->endsampwent = pdb_default_endsampwent;
1239 (*methods)->getsampwent = pdb_default_getsampwent;
1240 (*methods)->getsampwnam = pdb_default_getsampwnam;
1241 (*methods)->getsampwsid = pdb_default_getsampwsid;
1242 (*methods)->add_sam_account = pdb_default_add_sam_account;
1243 (*methods)->update_sam_account = pdb_default_update_sam_account;
1244 (*methods)->delete_sam_account = pdb_default_delete_sam_account;
1246 (*methods)->getgrsid = pdb_default_getgrsid;
1247 (*methods)->getgrgid = pdb_default_getgrgid;
1248 (*methods)->getgrnam = pdb_default_getgrnam;
1249 (*methods)->add_group_mapping_entry = pdb_default_add_group_mapping_entry;
1250 (*methods)->update_group_mapping_entry = pdb_default_update_group_mapping_entry;
1251 (*methods)->delete_group_mapping_entry = pdb_default_delete_group_mapping_entry;
1252 (*methods)->enum_group_mapping = pdb_default_enum_group_mapping;
1253 (*methods)->find_alias = pdb_default_find_alias;
1254 (*methods)->create_alias = pdb_default_create_alias;
1255 (*methods)->delete_alias = pdb_default_delete_alias;
1256 (*methods)->enum_aliases = pdb_default_enum_aliases;
1257 (*methods)->get_aliasinfo = pdb_default_get_aliasinfo;
1258 (*methods)->set_aliasinfo = pdb_default_set_aliasinfo;
1259 (*methods)->add_aliasmem = pdb_default_add_aliasmem;
1260 (*methods)->del_aliasmem = pdb_default_del_aliasmem;
1261 (*methods)->enum_aliasmem = pdb_default_enum_aliasmem;
1262 (*methods)->enum_alias_memberships = pdb_default_alias_memberships;
1264 return NT_STATUS_OK;