#include "includes.h"
#include "version.h"
#include "dynconfig.h"
+#include "pstring.h"
#include "system/time.h"
#include "system/iconv.h"
#include "system/network.h"
*/
typedef struct
{
+ int server_role;
+
char **smb_ports;
char *dos_charset;
char *unix_charset;
char *szPasswdChat;
char *szLogFile;
char *szConfigFile;
- char *szSMBPasswdFile;
char *szSAM_URL;
char *szSPOOLSS_URL;
+ char *szWINS_CONFIG_URL;
char *szWINS_URL;
char *szPrivateDir;
char **jsInclude;
char **server_services;
char *ntptr_providor;
char *szWinbindSeparator;
+ BOOL bWinbindSealedPipes;
char *swat_directory;
BOOL tls_enabled;
char *tls_keyfile;
int dgram_port;
int cldap_port;
int krb5_port;
+ int kpasswd_port;
int web_port;
char *socket_options;
BOOL bWINSsupport;
BOOL bLocalMaster;
BOOL bPreferredMaster;
- BOOL bDomainMaster;
- BOOL bDomainLogons;
BOOL bEncryptPasswords;
BOOL bNullPasswords;
BOOL bObeyPamRestrictions;
static int iNumServices = 0;
static int iServiceIndex = 0;
static BOOL bInGlobalSection = True;
-static int server_role;
static int default_server_announce;
#define NUMPARAMETERS (sizeof(parm_table) / sizeof(struct parm_struct))
static BOOL handle_include(const char *pszParmValue, char **ptr);
static BOOL handle_copy(const char *pszParmValue, char **ptr);
-static void set_server_role(void);
static void set_default_server_announce_type(void);
static const struct enum_list enum_protocol[] = {
static const struct enum_list enum_security[] = {
{SEC_SHARE, "SHARE"},
{SEC_USER, "USER"},
- {SEC_SERVER, "SERVER"},
- {SEC_DOMAIN, "DOMAIN"},
-#ifdef HAVE_ADS
- {SEC_ADS, "ADS"},
-#endif
{-1, NULL}
};
{-1, NULL}
};
+static const struct enum_list enum_server_role[] = {
+ {ROLE_STANDALONE, "standalone"},
+ {ROLE_DOMAIN_MEMBER, "member server"},
+ {ROLE_DOMAIN_BDC, "bdc"},
+ {ROLE_DOMAIN_PDC, "pdc"},
+ {-1, NULL}
+};
+
/* Note: We do not initialise the defaults union - it is not allowed in ANSI C
*
static struct parm_struct parm_table[] = {
{"Base Options", P_SEP, P_SEPARATOR},
+ {"server role", P_ENUM, P_GLOBAL, &Globals.server_role, NULL, enum_server_role, FLAG_BASIC},
+
{"dos charset", P_STRING, P_GLOBAL, &Globals.dos_charset, NULL, NULL, FLAG_ADVANCED | FLAG_DEVELOPER},
{"unix charset", P_STRING, P_GLOBAL, &Globals.unix_charset, NULL, NULL, FLAG_ADVANCED | FLAG_DEVELOPER},
{"ncalrpc dir", P_STRING, P_GLOBAL, &Globals.ncalrpc_dir, NULL, NULL, FLAG_ADVANCED | FLAG_DEVELOPER},
{"null passwords", P_BOOL, P_GLOBAL, &Globals.bNullPasswords, NULL, NULL, FLAG_ADVANCED | FLAG_DEVELOPER},
{"obey pam restrictions", P_BOOL, P_GLOBAL, &Globals.bObeyPamRestrictions, NULL, NULL, FLAG_ADVANCED | FLAG_DEVELOPER},
{"password server", P_LIST, P_GLOBAL, &Globals.szPasswordServers, NULL, NULL, FLAG_ADVANCED | FLAG_WIZARD | FLAG_DEVELOPER},
- {"smb passwd file", P_STRING, P_GLOBAL, &Globals.szSMBPasswdFile, NULL, NULL, FLAG_ADVANCED | FLAG_DEVELOPER},
{"sam database", P_STRING, P_GLOBAL, &Globals.szSAM_URL, NULL, NULL, FLAG_ADVANCED | FLAG_DEVELOPER},
{"spoolss database", P_STRING, P_GLOBAL, &Globals.szSPOOLSS_URL, NULL, NULL, FLAG_ADVANCED | FLAG_DEVELOPER},
+ {"wins config database", P_STRING, P_GLOBAL, &Globals.szWINS_CONFIG_URL, NULL, NULL, FLAG_ADVANCED | FLAG_DEVELOPER},
{"wins database", P_STRING, P_GLOBAL, &Globals.szWINS_URL, NULL, NULL, FLAG_ADVANCED | FLAG_DEVELOPER},
{"private dir", P_STRING, P_GLOBAL, &Globals.szPrivateDir, NULL, NULL, FLAG_ADVANCED | FLAG_DEVELOPER},
-
{"passwd chat", P_STRING, P_GLOBAL, &Globals.szPasswdChat, NULL, NULL, FLAG_ADVANCED | FLAG_DEVELOPER},
{"password level", P_INTEGER, P_GLOBAL, &Globals.pwordlevel, NULL, NULL, FLAG_ADVANCED | FLAG_DEVELOPER},
{"lanman auth", P_BOOL, P_GLOBAL, &Globals.bLanmanAuth, NULL, NULL, FLAG_ADVANCED | FLAG_DEVELOPER},
{"dgram port", P_INTEGER, P_GLOBAL, &Globals.dgram_port, NULL, NULL, FLAG_ADVANCED | FLAG_DEVELOPER},
{"cldap port", P_INTEGER, P_GLOBAL, &Globals.cldap_port, NULL, NULL, FLAG_ADVANCED | FLAG_DEVELOPER},
{"krb5 port", P_INTEGER, P_GLOBAL, &Globals.krb5_port, NULL, NULL, FLAG_ADVANCED | FLAG_DEVELOPER},
+ {"kpasswd port", P_INTEGER, P_GLOBAL, &Globals.kpasswd_port, NULL, NULL, FLAG_ADVANCED | FLAG_DEVELOPER},
{"web port", P_INTEGER, P_GLOBAL, &Globals.web_port, NULL, NULL, FLAG_ADVANCED | FLAG_DEVELOPER},
{"tls enabled", P_BOOL, P_GLOBAL, &Globals.tls_enabled, NULL, NULL, FLAG_ADVANCED | FLAG_DEVELOPER},
{"tls keyfile", P_STRING, P_GLOBAL, &Globals.tls_keyfile, NULL, NULL, FLAG_ADVANCED | FLAG_DEVELOPER},
{"Logon Options", P_SEP, P_SEPARATOR},
- {"domain logons", P_BOOL, P_GLOBAL, &Globals.bDomainLogons, NULL, NULL, FLAG_ADVANCED | FLAG_DEVELOPER},
{"Browse Options", P_SEP, P_SEPARATOR},
{"preferred master", P_ENUM, P_GLOBAL, &Globals.bPreferredMaster, NULL, enum_bool_auto, FLAG_BASIC | FLAG_ADVANCED | FLAG_DEVELOPER},
{"prefered master", P_ENUM, P_GLOBAL, &Globals.bPreferredMaster, NULL, enum_bool_auto, FLAG_HIDE},
{"local master", P_BOOL, P_GLOBAL, &Globals.bLocalMaster, NULL, NULL, FLAG_BASIC | FLAG_ADVANCED | FLAG_DEVELOPER},
- {"domain master", P_ENUM, P_GLOBAL, &Globals.bDomainMaster, NULL, enum_bool_auto, FLAG_BASIC | FLAG_ADVANCED | FLAG_DEVELOPER},
{"browseable", P_BOOL, P_LOCAL, &sDefault.bBrowseable, NULL, NULL, FLAG_BASIC | FLAG_ADVANCED | FLAG_SHARE | FLAG_PRINT | FLAG_DEVELOPER},
{"browsable", P_BOOL, P_LOCAL, &sDefault.bBrowseable, NULL, NULL, FLAG_HIDE},
{"msdfs root", P_BOOL, P_LOCAL, &sDefault.bMSDfsRoot, NULL, NULL, FLAG_SHARE},
{"host msdfs", P_BOOL, P_GLOBAL, &Globals.bHostMSDfs, NULL, NULL, FLAG_ADVANCED | FLAG_DEVELOPER},
{"winbind separator", P_STRING, P_GLOBAL, &Globals.szWinbindSeparator, NULL, NULL, FLAG_ADVANCED | FLAG_DEVELOPER },
+ {"winbind sealed pipes", P_BOOL, P_GLOBAL, &Globals.bWinbindSealedPipes, NULL, NULL, FLAG_ADVANCED | FLAG_DEVELOPER },
{NULL, P_BOOL, P_NONE, NULL, NULL, NULL, 0}
};
do_parameter("config file", dyn_CONFIGFILE, NULL);
+ do_parameter("server role", "standalone", NULL);
+
/* options that can be set on the command line must be initialised via
the slower do_parameter() to ensure that FLAG_CMDLINE is obeyed */
#ifdef TCP_NODELAY
do_parameter("max connections", "-1", NULL);
do_parameter("dcerpc endpoint servers", "epmapper srvsvc wkssvc rpcecho samr netlogon lsarpc spoolss drsuapi winreg dssetup", NULL);
- do_parameter("server services", "smb rpc nbt ldap cldap web kdc", NULL);
+ do_parameter("server services", "smb rpc nbt wrepl ldap cldap web kdc", NULL);
do_parameter("ntptr providor", "simple_ldb", NULL);
do_parameter("auth methods", "anonymous sam_ignoredomain", NULL);
- do_parameter("smb passwd file", dyn_SMB_PASSWD_FILE, NULL);
do_parameter("private dir", dyn_PRIVATE_DIR, NULL);
do_parameter("sam database", "sam.ldb", NULL);
do_parameter("spoolss database", "spoolss.ldb", NULL);
+ do_parameter("wins config database", "wins_config.ldb", NULL);
do_parameter("wins database", "wins.ldb", NULL);
do_parameter("registry:HKEY_LOCAL_MACHINE", "hklm.ldb", NULL);
do_parameter("PreferredMaster", "Auto", NULL);
do_parameter("LocalMaster", "True", NULL);
- do_parameter("DomainMaster", "Auto", NULL); /* depending on bDomainLogons */
- do_parameter("DomainLogons", "False", NULL);
+
do_parameter("WINSsupport", "False", NULL);
do_parameter("winbind separator", "\\", NULL);
+ do_parameter("winbind sealed pipes", "True", NULL);
do_parameter("client signing", "Yes", NULL);
do_parameter("server signing", "auto", NULL);
do_parameter("dgram port", "138", NULL);
do_parameter("cldap port", "389", NULL);
do_parameter("krb5 port", "88", NULL);
+ do_parameter("kpasswd port", "464", NULL);
do_parameter("web port", "901", NULL);
do_parameter("swat directory", dyn_SWATDIR, NULL);
do_parameter("nt status support", "True", NULL);
- do_parameter("max wins ttl", "432000", NULL);
+ do_parameter("max wins ttl", "518400", NULL); /* 6 days */
do_parameter("min wins ttl", "10", NULL);
do_parameter("tls enabled", "True", NULL);
#define FN_LOCAL_INTEGER(fn_name,val) \
int fn_name(int i) {return(LP_SNUM_OK(i)? ServicePtrs[(i)]->val : sDefault.val);}
+FN_GLOBAL_INTEGER(lp_server_role, &Globals.server_role)
FN_GLOBAL_LIST(lp_smb_ports, &Globals.smb_ports)
FN_GLOBAL_INTEGER(lp_nbt_port, &Globals.nbt_port)
FN_GLOBAL_INTEGER(lp_dgram_port, &Globals.dgram_port)
FN_GLOBAL_INTEGER(lp_cldap_port, &Globals.cldap_port)
FN_GLOBAL_INTEGER(lp_krb5_port, &Globals.krb5_port)
+FN_GLOBAL_INTEGER(lp_kpasswd_port, &Globals.kpasswd_port)
FN_GLOBAL_INTEGER(lp_web_port, &Globals.web_port)
FN_GLOBAL_STRING(lp_dos_charset, &Globals.dos_charset)
FN_GLOBAL_STRING(lp_swat_directory, &Globals.swat_directory)
FN_GLOBAL_STRING(lp_display_charset, &Globals.display_charset)
FN_GLOBAL_STRING(lp_logfile, &Globals.szLogFile)
FN_GLOBAL_STRING(lp_configfile, &Globals.szConfigFile)
-FN_GLOBAL_STRING(lp_smb_passwd_file, &Globals.szSMBPasswdFile)
FN_GLOBAL_STRING(lp_sam_url, &Globals.szSAM_URL)
FN_GLOBAL_STRING(lp_spoolss_url, &Globals.szSPOOLSS_URL)
+FN_GLOBAL_STRING(lp_wins_config_url, &Globals.szWINS_CONFIG_URL)
FN_GLOBAL_STRING(lp_wins_url, &Globals.szWINS_URL)
FN_GLOBAL_CONST_STRING(lp_winbind_separator, &Globals.szWinbindSeparator)
+FN_GLOBAL_BOOL(lp_winbind_sealed_pipes, &Globals.bWinbindSealedPipes)
FN_GLOBAL_STRING(lp_private_dir, &Globals.szPrivateDir)
FN_GLOBAL_STRING(lp_serverstring, &Globals.szServerString)
FN_GLOBAL_STRING(lp_lockdir, &Globals.szLockDir)
FN_GLOBAL_BOOL(lp_disable_netbios, &Globals.bDisableNetbios)
FN_GLOBAL_BOOL(lp_wins_support, &Globals.bWINSsupport)
FN_GLOBAL_BOOL(lp_local_master, &Globals.bLocalMaster)
-FN_GLOBAL_BOOL(lp_domain_logons, &Globals.bDomainLogons)
FN_GLOBAL_BOOL(lp_readraw, &Globals.bReadRaw)
FN_GLOBAL_BOOL(lp_large_readwrite, &Globals.bLargeReadwrite)
FN_GLOBAL_BOOL(lp_writeraw, &Globals.bWriteRaw)
pdata = pdata->next;
}
if (not_added) {
- paramo = smb_xmalloc_p(struct param_opt);
+ paramo = malloc_p(struct param_opt);
+ if (!paramo)
+ smb_panic("OOM");
paramo->key = strdup(data->key);
paramo->value = strdup(data->value);
DLIST_ADD(pserviceDest->param_opt, paramo);
}
}
- paramo = smb_xmalloc_p(struct param_opt);
+ paramo = malloc_p(struct param_opt);
+ if (!paramo)
+ smb_panic("OOM");
paramo->key = strdup(name);
paramo->value = strdup(pszParmValue);
paramo->flags = flags;
}
}
-/*******************************************************************
- Set the server type we will announce as via nmbd.
-********************************************************************/
-
-static void set_server_role(void)
-{
- server_role = ROLE_STANDALONE;
-
- switch (lp_security()) {
- case SEC_SHARE:
- if (lp_domain_logons())
- DEBUG(0, ("Server's Role (logon server) conflicts with share-level security\n"));
- break;
- case SEC_SERVER:
- case SEC_DOMAIN:
- case SEC_ADS:
- if (lp_domain_logons()) {
- if (Globals.bDomainMaster) /* auto or yes */
- server_role = ROLE_DOMAIN_PDC;
- else
- server_role = ROLE_DOMAIN_BDC;
- break;
- }
- server_role = ROLE_DOMAIN_MEMBER;
- break;
- case SEC_USER:
- if (lp_domain_logons()) {
-
- if (Globals.bDomainMaster) /* auto or yes */
- server_role = ROLE_DOMAIN_PDC;
- else
- server_role = ROLE_DOMAIN_BDC;
- }
- break;
- default:
- DEBUG(0, ("Server's Role undefined due to unknown security mode\n"));
- break;
- }
-
- DEBUG(10, ("set_server_role: role = "));
-
- switch(server_role) {
- case ROLE_STANDALONE:
- DEBUGADD(10, ("ROLE_STANDALONE\n"));
- break;
- case ROLE_DOMAIN_MEMBER:
- DEBUGADD(10, ("ROLE_DOMAIN_MEMBER\n"));
- break;
- case ROLE_DOMAIN_BDC:
- DEBUGADD(10, ("ROLE_DOMAIN_BDC\n"));
- break;
- case ROLE_DOMAIN_PDC:
- DEBUGADD(10, ("ROLE_DOMAIN_PDC\n"));
- break;
- }
-}
-
/***************************************************************************
Load the services array from the services file. Return True on success,
False on failure.
lp_add_hidden("IPC$", "IPC");
lp_add_hidden("ADMIN$", "DISK");
- set_server_role();
set_default_server_announce_type();
bLoaded = True;
- if (Globals.bWINSsupport) {
+ if (!Globals.szWINSservers && Globals.bWINSsupport) {
lp_do_parameter(-1, "wins server", "127.0.0.1");
}
}
/***********************************************************
- returns role of Samba server
+ If we are PDC then prefer us as DMB
************************************************************/
-int lp_server_role(void)
+BOOL lp_domain_master(void)
{
- return server_role;
+ return (lp_server_role() == ROLE_DOMAIN_PDC);
}
/***********************************************************
If we are PDC then prefer us as DMB
************************************************************/
-BOOL lp_domain_master(void)
+BOOL lp_domain_logons(void)
{
- if (Globals.bDomainMaster == Auto)
- return (lp_server_role() == ROLE_DOMAIN_PDC);
-
- return Globals.bDomainMaster;
+ return (lp_server_role() == ROLE_DOMAIN_PDC) || (lp_server_role() == ROLE_DOMAIN_BDC);
}
/***********************************************************
BOOL lp_preferred_master(void)
{
- if (Globals.bPreferredMaster == Auto)
- return (lp_local_master() && lp_domain_master());
-
- return Globals.bPreferredMaster;
+ return (lp_local_master() && lp_domain_master());
}
/*******************************************************************