2 Unix SMB/Netbios implementation.
4 LDAP protocol helper functions for SAMBA
5 Copyright (C) Jean François Micouleau 1998
7 This program is free software; you can redistribute it and/or modify
8 it under the terms of the GNU General Public License as published by
9 the Free Software Foundation; either version 2 of the License, or
10 (at your option) any later version.
12 This program is distributed in the hope that it will be useful,
13 but WITHOUT ANY WARRANTY; without even the implied warranty of
14 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
15 GNU General Public License for more details.
17 You should have received a copy of the GNU General Public License
18 along with this program; if not, write to the Free Software
19 Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
33 /*******************************************************************
34 open a connection to the ldap serve.
35 ******************************************************************/
36 static BOOL ldap_open_connection(LDAP **ldap_struct)
38 if ( (*ldap_struct = ldap_open(lp_ldap_server(),lp_ldap_port()) ) == NULL)
40 DEBUG( 0, ( "The LDAP server is not responding !\n" ) );
43 DEBUG(2,("ldap_open_connection: connection opened\n"));
48 /*******************************************************************
49 connect anonymously to the ldap server.
51 ******************************************************************/
52 static BOOL ldap_connect_anonymous(LDAP *ldap_struct)
54 if ( ldap_simple_bind_s(ldap_struct,lp_ldap_root(),lp_ldap_rootpasswd()) ! = LDAP_SUCCESS)
56 DEBUG( 0, ( "Couldn't bind to the LDAP server !\n" ) );
63 /*******************************************************************
64 connect to the ldap server under system privileg.
65 ******************************************************************/
66 static BOOL ldap_connect_system(LDAP *ldap_struct)
68 if ( ldap_simple_bind_s(ldap_struct,lp_ldap_root(),lp_ldap_rootpasswd()) ! = LDAP_SUCCESS)
70 DEBUG( 0, ( "Couldn't bind to the LDAP server!\n" ) );
73 DEBUG(2,("ldap_connect_system: succesful connection to the LDAP server\n"));
77 /*******************************************************************
78 connect to the ldap server under a particular user.
79 ******************************************************************/
80 static BOOL ldap_connect_user(LDAP *ldap_struct, char *user, char *password)
82 if ( ldap_simple_bind_s(ldap_struct,lp_ldap_root(),lp_ldap_rootpasswd()) ! = LDAP_SUCCESS)
84 DEBUG( 0, ( "Couldn't bind to the LDAP server !\n" ) );
87 DEBUG(2,("ldap_connect_user: succesful connection to the LDAP server\n"));
91 /*******************************************************************
92 run the search by name.
93 ******************************************************************/
94 static BOOL ldap_search_one_user(LDAP *ldap_struct, char *filter, LDAPMessage **result)
96 int scope = LDAP_SCOPE_ONELEVEL;
99 DEBUG(2,("ldap_search_one_user: searching for:[%s]\n", filter));
101 rc = ldap_search_s(ldap_struct, lp_ldap_suffix(), scope, filter, NULL, 0, result);
103 if (rc ! = LDAP_SUCCESS )
105 DEBUG( 0, ( "Problem during the LDAP search\n" ) );
111 /*******************************************************************
112 run the search by name.
113 ******************************************************************/
114 static BOOL ldap_search_one_user_by_name(LDAP *ldap_struct, char *user, LDAPMessage **result)
118 in the filter expression, replace %u with the real name
119 so in ldap filter, %u MUST exist :-)
121 pstrcpy(filter,lp_ldap_filter());
122 pstring_sub(filter,"%u",user);
124 if ( !ldap_search_one_user(ldap_struct, filter, result) )
131 /*******************************************************************
132 run the search by uid.
133 ******************************************************************/
134 static BOOL ldap_search_one_user_by_uid(LDAP *ldap_struct, int uid, LDAPMessage **result)
138 slprintf(filter, sizeof(pstring)-1, "uidAccount = %d", uid);
140 if ( !ldap_search_one_user(ldap_struct, filter, result) )
147 /*******************************************************************
148 search an attribute and return the first value found.
149 ******************************************************************/
150 static void get_single_attribute(LDAP *ldap_struct, LDAPMessage *entry, char *attribute, char *value)
154 if ( (valeurs = ldap_get_values(ldap_struct, entry, attribute)) ! = NULL)
156 pstrcpy(value, valeurs[0]);
157 ldap_value_free(valeurs);
158 DEBUG(3,("get_single_attribute: [%s] = [%s]\n", attribute, value));
166 /*******************************************************************
167 check if the returned entry is a sambaAccount objectclass.
168 ******************************************************************/
169 static BOOL ldap_check_user(LDAP *ldap_struct, LDAPMessage *entry)
171 BOOL sambaAccount = False;
175 DEBUG(2,("ldap_check_user: "));
176 valeur = ldap_get_values(ldap_struct, entry, "objectclass");
179 for (i = 0;valeur[i]! = NULL;i++)
181 if (!strcmp(valeur[i],"sambaAccount")) sambaAccount = True;
184 DEBUG(2,("%s\n",sambaAccount?"yes":"no"));
185 ldap_value_free(valeur);
186 return (sambaAccount);
189 /*******************************************************************
190 check if the returned entry is a sambaTrust objectclass.
191 ******************************************************************/
192 static BOOL ldap_check_trust(LDAP *ldap_struct, LDAPMessage *entry)
194 BOOL sambaTrust = False;
198 DEBUG(2,("ldap_check_trust: "));
199 valeur = ldap_get_values(ldap_struct, entry, "objectclass");
202 for (i = 0;valeur[i]! = NULL;i++)
204 if (!strcmp(valeur[i],"sambaTrust")) sambaTrust = True;
207 DEBUG(2,("%s\n",sambaTrust?"yes":"no"));
208 ldap_value_free(valeur);
212 /*******************************************************************
213 retrieve the user's info and contruct a smb_passwd structure.
214 ******************************************************************/
215 static void ldap_get_smb_passwd(LDAP *ldap_struct,LDAPMessage *entry,
216 struct smb_passwd *user)
218 static pstring user_name;
219 static pstring user_pass;
221 static unsigned char smblmpwd[16];
222 static unsigned char smbntpwd[16];
226 memset((char *)smblmpwd, '\0', sizeof(smblmpwd));
227 memset((char *)smbntpwd, '\0', sizeof(smbntpwd));
229 get_single_attribute(ldap_struct, entry, "cn", user_name);
230 DEBUG(2,("ldap_get_smb_passwd: user: %s\n",user_name));
232 #ifdef LDAP_PLAINTEXT_PASSWORD
233 get_single_attribute(ldap_struct, entry, "userPassword", temp);
234 nt_lm_owf_gen(temp, user->smb_nt_passwd, user->smb_passwd);
235 memset((char *)temp, '\0', sizeof(temp)); /* destroy local copy of the password */
237 get_single_attribute(ldap_struct, entry, "unicodePwd", temp);
238 pdb_gethexpwd(temp, smbntpwd);
239 memset((char *)temp, '\0', sizeof(temp)); /* destroy local copy of the password */
241 get_single_attribute(ldap_struct, entry, "dBCSPwd", temp);
242 pdb_gethexpwd(temp, smblmpwd);
243 memset((char *)temp, '\0', sizeof(temp)); /* destroy local copy of the password */
246 get_single_attribute(ldap_struct, entry, "userAccountControl", temp);
247 user->acct_ctrl = pdb_decode_acct_ctrl(temp);
249 get_single_attribute(ldap_struct, entry, "pwdLastSet", temp);
250 user->pass_last_set_time = (time_t)strtol(temp, NULL, 16);
252 get_single_attribute(ldap_struct, entry, "rid", temp);
254 /* the smb (unix) ids are not stored: they are created */
255 user->smb_userid = pdb_user_rid_to_uid (atoi(temp));
257 if (user->acct_ctrl & (ACB_DOMTRUST|ACB_WSTRUST|ACB_SVRTRUST) )
259 DEBUG(0,("Inconsistency in the LDAP database\n"));
261 if (user->acct_ctrl & ACB_NORMAL)
263 user->smb_name = user_name;
264 user->smb_passwd = smblmpwd;
265 user->smb_nt_passwd = smbntpwd;
269 /*******************************************************************
270 retrieve the user's info and contruct a sam_passwd structure.
272 calls ldap_get_smb_passwd function first, though, to save code duplication.
274 ******************************************************************/
275 static void ldap_get_sam_passwd(LDAP *ldap_struct, LDAPMessage *entry,
276 struct sam_passwd *user)
278 static pstring user_name;
279 static pstring fullname;
280 static pstring home_dir;
281 static pstring dir_drive;
282 static pstring logon_script;
283 static pstring profile_path;
284 static pstring acct_desc;
285 static pstring workstations;
287 static struct smb_passwd pw_buf;
291 ldap_get_smb_passwd(ldap_struct, entry, &pw_buf);
293 user->pass_last_set_time = pw_buf.pass_last_set_time;
295 get_single_attribute(ldap_struct, entry, "logonTime", temp);
296 user->pass_last_set_time = (time_t)strtol(temp, NULL, 16);
298 get_single_attribute(ldap_struct, entry, "logoffTime", temp);
299 user->pass_last_set_time = (time_t)strtol(temp, NULL, 16);
301 get_single_attribute(ldap_struct, entry, "kickoffTime", temp);
302 user->pass_last_set_time = (time_t)strtol(temp, NULL, 16);
304 get_single_attribute(ldap_struct, entry, "pwdLastSet", temp);
305 user->pass_last_set_time = (time_t)strtol(temp, NULL, 16);
307 get_single_attribute(ldap_struct, entry, "pwdCanChange", temp);
308 user->pass_last_set_time = (time_t)strtol(temp, NULL, 16);
310 get_single_attribute(ldap_struct, entry, "pwdMustChange", temp);
311 user->pass_last_set_time = (time_t)strtol(temp, NULL, 16);
313 user->smb_name = pw_buf.smb_name;
315 DEBUG(2,("ldap_get_sam_passwd: user: %s\n", user_name));
317 get_single_attribute(ldap_struct, entry, "userFullName", fullname);
318 user->full_name = fullname;
320 get_single_attribute(ldap_struct, entry, "homeDirectory", home_dir);
321 user->home_dir = home_dir;
323 get_single_attribute(ldap_struct, entry, "homeDrive", dir_drive);
324 user->dir_drive = dir_drive;
326 get_single_attribute(ldap_struct, entry, "scriptPath", logon_script);
327 user->logon_script = logon_script;
329 get_single_attribute(ldap_struct, entry, "profilePath", profile_path);
330 user->profile_path = profile_path;
332 get_single_attribute(ldap_struct, entry, "comment", acct_desc);
333 user->acct_desc = acct_desc;
335 get_single_attribute(ldap_struct, entry, "userWorkstations", workstations);
336 user->workstations = workstations;
338 user->unknown_str = NULL; /* don't know, yet! */
339 user->munged_dial = NULL; /* "munged" dial-back telephone number */
341 get_single_attribute(ldap_struct, entry, "rid", temp);
342 user->user_rid = atoi(temp);
344 get_single_attribute(ldap_struct, entry, "primaryGroupID", temp);
345 user->group_rid = atoi(temp);
347 /* the smb (unix) ids are not stored: they are created */
348 user->smb_userid = pw_buf.smb_userid;
349 user->smb_grpid = group_rid_to_uid(user->group_rid);
351 user->acct_ctrl = pw_buf.acct_ctrl;
353 user->unknown_3 = 0xffffff; /* don't know */
354 user->logon_divs = 168; /* hours per week */
355 user->hours_len = 21; /* 21 times 8 bits = 168 */
356 memset(user->hours, 0xff, user->hours_len); /* available at all hours */
357 user->unknown_5 = 0x00000000; /* don't know */
358 user->unknown_6 = 0x000004ec; /* don't know */
360 if (user->acct_ctrl & (ACB_DOMTRUST|ACB_WSTRUST|ACB_SVRTRUST) )
362 DEBUG(0,("Inconsistency in the LDAP database\n"));
365 if (!(user->acct_ctrl & ACB_NORMAL))
367 DEBUG(0,("User's acct_ctrl bits not set to ACT_NORMAL in LDAP database\n"));
372 /************************************************************************
373 Routine to manage the LDAPMod structure array
374 manage memory used by the array, by each struct, and values
376 ************************************************************************/
377 static void make_a_mod(LDAPMod ***modlist,int modop, char *attribute, char *value)
379 LDAPMod **mods, **tmods;
387 tmods = (LDAPMod **)malloc( sizeof(LDAPMod *) );
390 DEBUG(0,("make_a_mod: out of memory!\n"));
397 for ( i = 0; mods[ i ] ! = NULL; ++i )
399 if ( mods[ i ]->mod_op == modop &&
400 !strcasecmp( mods[ i ]->mod_type, attribute ) )
408 tmods = (LDAPMod **)Realloc( mods, (i+2) * sizeof( LDAPMod * ) );
411 DEBUG(0,("make_a_mod: out of memory!\n"));
415 mods[i] = (LDAPMod *)malloc( sizeof( LDAPMod ) );
418 DEBUG(0,("make_a_mod: out of memory!\n"));
421 mods[i]->mod_op = modop;
422 mods[i]->mod_values = NULL;
423 mods[i]->mod_type = strdup( attribute );
432 if ( mods[ i ]->mod_values ! = NULL )
434 for ( ; mods[ i ]->mod_values[ j ] ! = NULL; j++ );
436 tmval = (char **)Realloc(mods[ i ]->mod_values,
437 (j+2) * sizeof( char * ));
440 DEBUG(0, "make_a_mod: Memory allocation failure!\n");
443 mods[ i ]->mod_values = tmval;
444 mods[ i ]->mod_values[ j ] = strdup(value);
445 mods[ i ]->mod_values[ j + 1 ] = NULL;
450 /************************************************************************
451 Add or modify an entry. Only the smb struct values
453 *************************************************************************/
454 static BOOL modadd_ldappwd_entry(struct smb_passwd *newpwd, int flag)
457 /* assume the struct is correct and filled
458 that's the job of passdb.c to check */
459 int scope = LDAP_SCOPE_ONELEVEL;
476 smb_name = newpwd->smb_name;
478 if (!ldap_open_connection(&ldap_struct)) /* open a connection to the server */
483 if (!ldap_connect_system(ldap_struct)) /* connect as system account */
485 ldap_unbind(ldap_struct);
489 if (smb_name[strlen(smb_name)-1] == '$' )
491 smb_name[strlen(smb_name)-1] = '\0';
495 slprintf(filter, sizeof(filter)-1,
496 "(&(cn = %s)(|(objectclass = sambaTrust)(objectclass = sambaAccount)))",
499 rc = ldap_search_s(ldap_struct, lp_ldap_suffix(), scope, filter, NULL, 0, &result);
505 if (ldap_count_entries(ldap_struct, result) ! = 0)
507 DEBUG(0,("User already in the base, with samba properties\n"));
508 ldap_unbind(ldap_struct);
511 ldap_state = LDAP_MOD_ADD;
516 if (ldap_count_entries(ldap_struct, result) ! = 1)
518 DEBUG(0,("No user to modify !\n"));
519 ldap_unbind(ldap_struct);
522 ldap_state = LDAP_MOD_REPLACE;
527 DEBUG(0,("How did you come here? \n"));
528 ldap_unbind(ldap_struct);
533 slprintf(dn, sizeof(dn)-1, "cn = %s, %s",smb_name, lp_ldap_suffix() );
535 if (newpwd->smb_passwd ! = NULL)
538 for( i = 0; i < 16; i++)
540 slprintf(&temp[2*i], sizeof(temp) - 1, "%02X", newpwd->smb_passwd[i]);
546 if (newpwd->acct_ctrl & ACB_PWNOTREQ)
548 slprintf(temp, sizeof(temp) - 1, "NO PASSWORDXXXXXXXXXXXXXXXXXXXXX");
552 slprintf(temp, sizeof(temp) - 1, "XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX");
555 slprintf(lmhash, sizeof(lmhash)-1, "%s", temp);
557 if (newpwd->smb_nt_passwd ! = NULL)
560 for( i = 0; i < 16; i++)
562 slprintf(&temp[2*i], sizeof(temp) - 1, "%02X", newpwd->smb_nt_passwd[i]);
568 if (newpwd->acct_ctrl & ACB_PWNOTREQ)
570 slprintf(temp, sizeof(temp) - 1, "NO PASSWORDXXXXXXXXXXXXXXXXXXXXX");
574 slprintf(temp, sizeof(temp) - 1, "XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX");
577 slprintf(nthash, sizeof(nthash)-1, "%s", temp);
579 slprintf(rid, sizeof(rid)-1, "%d", uid_to_user_rid(newpwd->smb_userid) );
580 slprintf(lst, sizeof(lst)-1, "%08X", newpwd->pass_last_set_time);
586 make_a_mod(&mods, ldap_state, "objectclass", "sambaTrust");
587 make_a_mod(&mods, ldap_state, "netbiosTrustName", smb_name);
588 make_a_mod(&mods, ldap_state, "trustPassword", nthash);
592 make_a_mod(&mods, ldap_state, "objectclass", "sambaAccount");
593 make_a_mod(&mods, ldap_state, "dBCSPwd", lmhash);
594 make_a_mod(&mods, ldap_state, "uid", smb_name);
595 make_a_mod(&mods, ldap_state, "unicodePwd", nthash);
598 make_a_mod(&mods, ldap_state, "cn", smb_name);
600 make_a_mod(&mods, ldap_state, "rid", rid);
601 make_a_mod(&mods, ldap_state, "pwdLastSet", lst);
602 make_a_mod(&mods, ldap_state, "userAccountControl",
603 smbpasswd_encode_acb_info(newpwd->acct_ctrl));
609 ldap_add_s(ldap_struct, dn, mods);
610 DEBUG(2,("modadd_ldappwd_entry: added: cn = %s in the LDAP database\n",smb_name));
615 ldap_modify_s(ldap_struct, dn, mods);
616 DEBUG(2,("modadd_ldappwd_entry: changed: cn = %s in the LDAP database_n",smb_name));
621 DEBUG(2,("modadd_ldappwd_entry: How did you come here? \n"));
622 ldap_unbind(ldap_struct);
628 ldap_mods_free(mods, 1);
630 ldap_unbind(ldap_struct);
635 /************************************************************************
636 Add or modify an entry. everything except the smb struct
638 *************************************************************************/
639 static BOOL modadd_ldap21pwd_entry(struct sam_passwd *newpwd, int flag)
642 /* assume the struct is correct and filled
643 that's the job of passdb.c to check */
644 int scope = LDAP_SCOPE_ONELEVEL;
661 smb_name = newpwd->smb_name;
663 if (!ldap_open_connection(&ldap_struct)) /* open a connection to the server */
668 if (!ldap_connect_system(ldap_struct)) /* connect as system account */
670 ldap_unbind(ldap_struct);
674 if (smb_name[strlen(smb_name)-1] == '$' )
676 smb_name[strlen(smb_name)-1] = '\0';
680 slprintf(filter, sizeof(filter)-1,
681 "(&(cn = %s)(|(objectclass = sambaTrust)(objectclass = sambaAccount)))",
684 rc = ldap_search_s(ldap_struct, lp_ldap_suffix(), scope, filter, NULL, 0, &result);
690 if (ldap_count_entries(ldap_struct, result) ! = 1)
692 DEBUG(2,("User already in the base, with samba properties\n"));
693 ldap_unbind(ldap_struct);
696 ldap_state = LDAP_MOD_ADD;
702 if (ldap_count_entries(ldap_struct, result) ! = 1)
704 DEBUG(2,("No user to modify !\n"));
705 ldap_unbind(ldap_struct);
708 ldap_state = LDAP_MOD_REPLACE;
714 DEBUG(2,("How did you come here? \n"));
715 ldap_unbind(ldap_struct);
720 slprintf(dn, sizeof(dn)-1, "cn = %s, %s",smb_name, lp_ldap_suffix() );
731 make_a_mod(&mods, ldap_state, "cn", smb_name);
733 make_a_mod(&mods, ldap_state, "rid", rid);
734 make_a_mod(&mods, ldap_state, "pwdLastSet", lst);
735 make_a_mod(&mods, ldap_state, "userAccountControl",
736 smbpasswd_encode_acct_ctrl(newpwd->acct_ctrl));
738 ldap_modify_s(ldap_struct, dn, mods);
740 ldap_mods_free(mods, 1);
742 ldap_unbind(ldap_struct);
747 /************************************************************************
748 Routine to add an entry to the ldap passwd file.
750 do not call this function directly. use passdb.c instead.
752 *************************************************************************/
753 static BOOL add_ldappwd_entry(struct smb_passwd *newpwd)
755 return (modadd_ldappwd_entry(newpwd, ADD_USER) );
758 /************************************************************************
759 Routine to search the ldap passwd file for an entry matching the username.
760 and then modify its password entry. We can't use the startldappwent()/
761 getldappwent()/endldappwent() interfaces here as we depend on looking
762 in the actual file to decide how much room we have to write data.
763 override = False, normal
764 override = True, override XXXXXXXX'd out password or NO PASS
766 do not call this function directly. use passdb.c instead.
768 ************************************************************************/
769 static BOOL mod_ldappwd_entry(struct smb_passwd *pwd, BOOL override)
771 return (modadd_ldappwd_entry(pwd, MODIFY_USER) );
774 /************************************************************************
775 Routine to add an entry to the ldap passwd file.
777 do not call this function directly. use passdb.c instead.
779 *************************************************************************/
780 static BOOL add_ldap21pwd_entry(struct sam_passwd *newpwd)
782 return( modadd_ldappwd_entry(newpwd, ADD_USER)?
783 modadd_ldap21pwd_entry(newpwd, ADD_USER):False);
786 /************************************************************************
787 Routine to search the ldap passwd file for an entry matching the username.
788 and then modify its password entry. We can't use the startldappwent()/
789 getldappwent()/endldappwent() interfaces here as we depend on looking
790 in the actual file to decide how much room we have to write data.
791 override = False, normal
792 override = True, override XXXXXXXX'd out password or NO PASS
794 do not call this function directly. use passdb.c instead.
796 ************************************************************************/
797 static BOOL mod_ldap21pwd_entry(struct sam_passwd *pwd, BOOL override)
799 return( modadd_ldappwd_entry(pwd, MODIFY_USER)?
800 modadd_ldap21pwd_entry(pwd, MODIFY_USER):False);
803 struct ldap_enum_info
810 static struct ldap_enum_info ldap_ent;
812 /***************************************************************
813 Start to enumerate the ldap passwd list. Returns a void pointer
814 to ensure no modification outside this module.
816 do not call this function directly. use passdb.c instead.
818 ****************************************************************/
819 static void *startldappwent(BOOL update)
821 int scope = LDAP_SCOPE_ONELEVEL;
826 if (!ldap_open_connection(&ldap_ent.ldap_struct)) /* open a connection to the server */
831 if (!ldap_connect_system(ldap_ent.ldap_struct)) /* connect as system account */
836 /* when the class is known the search is much faster */
841 pstrcpy(filter, "objectclass = sambaAccount");
846 pstrcpy(filter, "objectclass = sambaTrust");
851 pstrcpy(filter, "(|(objectclass = sambaTrust)(objectclass = sambaAccount))");
856 rc = ldap_search_s(ldap_ent.ldap_struct, lp_ldap_suffix(), scope, filter, NULL, 0, &ldap_ent.result);
858 DEBUG(2,("%d entries in the base!\n", ldap_count_entries(ldap_ent.ldap_struct, ldap_ent.result) ));
860 ldap_ent.entry = ldap_first_entry(ldap_ent.ldap_struct, ldap_ent.result);
865 /*************************************************************************
866 Routine to return the next entry in the ldap passwd list.
868 do not call this function directly. use passdb.c instead.
870 *************************************************************************/
871 static struct smb_passwd *getldappwent(void *vp)
873 static struct smb_passwd user;
874 struct ldap_enum_info *ldap_vp = (struct ldap_enum_info *)vp;
876 ldap_vp->entry = ldap_next_entry(ldap_vp->ldap_struct, ldap_vp->entry);
878 if (ldap_vp->entry ! = NULL)
880 ldap_get_smb_passwd(ldap_vp->ldap_struct, ldap_vp->entry, &user);
886 /*************************************************************************
887 Routine to return the next entry in the ldap passwd list.
889 do not call this function directly. use passdb.c instead.
891 *************************************************************************/
892 static struct sam_passwd *getldap21pwent(void *vp)
894 static struct sam_passwd user;
895 struct ldap_enum_info *ldap_vp = (struct ldap_enum_info *)vp;
897 ldap_vp->entry = ldap_next_entry(ldap_vp->ldap_struct, ldap_vp->entry);
899 if (ldap_vp->entry ! = NULL)
901 ldap_get_sam_passwd(ldap_vp->ldap_struct, ldap_vp->entry, &user);
907 /***************************************************************
908 End enumeration of the ldap passwd list.
910 do not call this function directly. use passdb.c instead.
912 ****************************************************************/
913 static void endldappwent(void *vp)
915 struct ldap_enum_info *ldap_vp = (struct ldap_enum_info *)vp;
916 ldap_msgfree(ldap_vp->result);
917 ldap_unbind(ldap_vp->ldap_struct);
920 /*************************************************************************
921 Return the current position in the ldap passwd list as an SMB_BIG_UINT.
922 This must be treated as an opaque token.
924 do not call this function directly. use passdb.c instead.
926 *************************************************************************/
927 static SMB_BIG_UINT getldappwpos(void *vp)
929 return (SMB_BIG_UINT)0;
932 /*************************************************************************
933 Set the current position in the ldap passwd list from SMB_BIG_UINT.
934 This must be treated as an opaque token.
936 do not call this function directly. use passdb.c instead.
938 *************************************************************************/
939 static BOOL setldappwpos(void *vp, SMB_BIG_UINT tok)
945 * Ldap derived functions.
948 static struct smb_passwd *getldappwnam(char *name)
950 return pdb_sam_to_smb(iterate_getsam21pwnam(name));
953 static struct smb_passwd *getldappwuid(uid_t smb_userid)
955 return pdb_sam_to_smb(iterate_getsam21pwuid(smb_userid));
958 static struct smb_passwd *getldappwrid(uint32 user_rid)
960 return pdb_sam_to_smb(iterate_getsam21pwuid(pdb_user_rid_to_uid(user_rid)));
963 static struct smb_passwd *getldappwent(void *vp)
965 return pdb_sam_to_smb(getldap21pwent(vp));
968 static BOOL add_ldappwd_entry(struct smb_passwd *newpwd)
970 return add_ldap21pwd_entry(pdb_smb_to_sam(newpwd));
973 static BOOL mod_ldappwd_entry(struct smb_passwd* pwd, BOOL override)
975 return mod_ldap21pwd_entry(pdb_smb_to_sam(pwd), override);
978 static BOOL del_ldappwd_entry(const char *name)
980 return False; /* Dummy... */
983 static struct sam_disp_info *getldapdispnam(char *name)
985 return pdb_sam_to_dispinfo(getldap21pwnam(name));
988 static struct sam_disp_info *getldapdisprid(uint32 rid)
990 return pdb_sam_to_dispinfo(getldap21pwrid(rid));
993 static struct sam_disp_info *getldapdispent(void *vp)
995 return pdb_sam_to_dispinfo(getldap21pwent(vp));
998 static struct sam_passwd *getldap21pwuid(uid_t uid)
1000 return pdb_smb_to_sam(iterate_getsam21pwuid(pdb_uid_to_user_rid(uid)));
1003 static struct passdb_ops ldap_ops =
1017 iterate_getsam21pwnam, /* From passdb.c */
1018 iterate_getsam21pwuid, /* From passdb.c */
1019 iterate_getsam21pwrid, /* From passdb.c */
1020 add_ldap21pwd_entry,
1021 mod_ldap21pwd_entry,
1027 struct passdb_ops *ldap_initialize_password_db(void)
1033 void dummy_function(void);
1034 void dummy_function(void) { } /* stop some compilers complaining */