*/
#include "includes.h"
+#include "tldap.h"
+#include "tldap_util.h"
+#include "../libds/common/flags.h"
+#include "secrets.h"
struct pdb_ads_state {
struct sockaddr_un socket_address;
static NTSTATUS pdb_ads_getsampwsid(struct pdb_methods *m,
struct samu *sam_acct,
- const DOM_SID *sid);
+ const struct dom_sid *sid);
static bool pdb_ads_gid_to_sid(struct pdb_methods *m, gid_t gid,
- DOM_SID *sid);
+ struct dom_sid *sid);
static bool pdb_ads_dnblob2sid(struct pdb_ads_state *state, DATA_BLOB *dnblob,
struct dom_sid *psid);
static NTSTATUS pdb_ads_sid2dn(struct pdb_ads_state *state,
pdb_set_pass_last_set_time(sam, tmp_time, PDB_SET);
}
if (pdb_ads_pull_time(entry, "accountExpires", &tmp_time)) {
- pdb_set_pass_last_set_time(sam, tmp_time, PDB_SET);
+ pdb_set_kickoff_time(sam, tmp_time, PDB_SET);
}
str = tldap_talloc_single_attribute(entry, "displayName",
DEBUG(10, ("Could not pull userAccountControl\n"));
goto fail;
}
- pdb_set_acct_ctrl(sam, ads_uf2acb(n), PDB_SET);
+ pdb_set_acct_ctrl(sam, ds_uf2acb(n), PDB_SET);
if (tldap_get_single_valueblob(entry, "unicodePwd", &blob)) {
if (blob.length != NT_HASH_LEN) {
ret &= tldap_make_mod_fmt(
existing, mem_ctx, pnum_mods, pmods, "userAccountControl",
- "%d", ads_acb2uf(pdb_get_acct_ctrl(sam)));
+ "%d", ds_acb2uf(pdb_get_acct_ctrl(sam)));
ret &= tldap_make_mod_fmt(
existing, mem_ctx, pnum_mods, pmods, "homeDirectory",
&users, "%s", filter);
if (rc != TLDAP_SUCCESS) {
DEBUG(10, ("ldap_search failed %s\n",
- tldap_errstr(debug_ctx(), state->ld, rc)));
+ tldap_errstr(talloc_tos(), state->ld, rc)));
TALLOC_FREE(result);
return NT_STATUS_LDAP(rc);
}
static NTSTATUS pdb_ads_getsampwsid(struct pdb_methods *m,
struct samu *sam_acct,
- const DOM_SID *sid)
+ const struct dom_sid *sid)
{
struct pdb_ads_state *state = talloc_get_type_abort(
m->private_data, struct pdb_ads_state);
rc = tldap_add(ld, dn, num_mods, mods, NULL, 0, NULL, 0);
if (rc != TLDAP_SUCCESS) {
DEBUG(10, ("ldap_add failed %s\n",
- tldap_errstr(debug_ctx(), ld, rc)));
+ tldap_errstr(talloc_tos(), ld, rc)));
TALLOC_FREE(dn);
return NT_STATUS_LDAP(rc);
}
name);
if (rc != TLDAP_SUCCESS) {
DEBUG(10, ("Could not find just created user %s: %s\n",
- name, tldap_errstr(debug_ctx(), state->ld, rc)));
+ name, tldap_errstr(talloc_tos(), state->ld, rc)));
TALLOC_FREE(dn);
return NT_STATUS_LDAP(rc);
}
TALLOC_FREE(dn);
if (rc != TLDAP_SUCCESS) {
DEBUG(10, ("ldap_delete for %s failed: %s\n", dn,
- tldap_errstr(debug_ctx(), ld, rc)));
+ tldap_errstr(talloc_tos(), ld, rc)));
return NT_STATUS_LDAP(rc);
}
return NT_STATUS_OK;
TALLOC_FREE(mods);
if (rc != TLDAP_SUCCESS) {
DEBUG(10, ("ldap_modify for %s failed: %s\n", priv->dn,
- tldap_errstr(debug_ctx(), ld, rc)));
+ tldap_errstr(talloc_tos(), ld, rc)));
return NT_STATUS_LDAP(rc);
}
&group, "%s", filter);
if (rc != TLDAP_SUCCESS) {
DEBUG(10, ("ldap_search failed %s\n",
- tldap_errstr(debug_ctx(), state->ld, rc)));
+ tldap_errstr(talloc_tos(), state->ld, rc)));
return NT_STATUS_LDAP(rc);
}
if (talloc_array_length(group) != 1) {
}
static NTSTATUS pdb_ads_getgrsid(struct pdb_methods *m, GROUP_MAP *map,
- DOM_SID sid)
+ struct dom_sid sid)
{
char *filter;
NTSTATUS status;
rc = tldap_add(ld, dn, num_mods, mods, NULL, 0, NULL, 0);
if (rc != TLDAP_SUCCESS) {
DEBUG(10, ("ldap_add failed %s\n",
- tldap_errstr(debug_ctx(), state->ld, rc)));
+ tldap_errstr(talloc_tos(), state->ld, rc)));
TALLOC_FREE(frame);
return NT_STATUS_LDAP(rc);
}
"(&(objectclass=group)(samaccountname=%s))", name);
if (rc != TLDAP_SUCCESS) {
DEBUG(10, ("Could not find just created alias %s: %s\n",
- name, tldap_errstr(debug_ctx(), state->ld, rc)));
+ name, tldap_errstr(talloc_tos(), state->ld, rc)));
TALLOC_FREE(frame);
return NT_STATUS_LDAP(rc);
}
TALLOC_FREE(sidstr);
if (rc != TLDAP_SUCCESS) {
DEBUG(10, ("ldap_search failed %s\n",
- tldap_errstr(debug_ctx(), state->ld, rc)));
+ tldap_errstr(talloc_tos(), state->ld, rc)));
return NT_STATUS_LDAP(rc);
}
TALLOC_FREE(msg);
if (rc != TLDAP_SUCCESS) {
DEBUG(10, ("ldap_delete failed: %s\n",
- tldap_errstr(debug_ctx(), state->ld, rc)));
+ tldap_errstr(talloc_tos(), state->ld, rc)));
return NT_STATUS_LDAP(rc);
}
}
static NTSTATUS pdb_ads_delete_group_mapping_entry(struct pdb_methods *m,
- DOM_SID sid)
+ struct dom_sid sid)
{
return NT_STATUS_NOT_IMPLEMENTED;
}
static NTSTATUS pdb_ads_enum_group_mapping(struct pdb_methods *m,
- const DOM_SID *sid,
+ const struct dom_sid *sid,
enum lsa_SidType sid_name_use,
GROUP_MAP **pp_rmap,
size_t *p_num_entries,
static NTSTATUS pdb_ads_enum_group_members(struct pdb_methods *m,
TALLOC_CTX *mem_ctx,
- const DOM_SID *group,
+ const struct dom_sid *group,
uint32 **pmembers,
size_t *pnum_members)
{
TALLOC_FREE(sidstr);
if (rc != TLDAP_SUCCESS) {
DEBUG(10, ("ldap_search failed %s\n",
- tldap_errstr(debug_ctx(), state->ld, rc)));
+ tldap_errstr(talloc_tos(), state->ld, rc)));
return NT_STATUS_LDAP(rc);
}
switch talloc_array_length(msg) {
static NTSTATUS pdb_ads_enum_group_memberships(struct pdb_methods *m,
TALLOC_CTX *mem_ctx,
struct samu *user,
- DOM_SID **pp_sids,
+ struct dom_sid **pp_sids,
gid_t **pp_gids,
size_t *p_num_groups)
{
priv->dn, GTYPE_SECURITY_GLOBAL_GROUP);
if (rc != TLDAP_SUCCESS) {
DEBUG(10, ("ldap_search failed %s\n",
- tldap_errstr(debug_ctx(), state->ld, rc)));
+ tldap_errstr(talloc_tos(), state->ld, rc)));
return NT_STATUS_LDAP(rc);
}
TALLOC_FREE(frame);
if (rc != TLDAP_SUCCESS) {
DEBUG(10, ("ldap_modify failed: %s\n",
- tldap_errstr(debug_ctx(), state->ld, rc)));
+ tldap_errstr(talloc_tos(), state->ld, rc)));
if (rc == TLDAP_TYPE_OR_VALUE_EXISTS) {
return NT_STATUS_MEMBER_IN_GROUP;
}
rc = tldap_add(ld, dn, num_mods, mods, NULL, 0, NULL, 0);
if (rc != TLDAP_SUCCESS) {
DEBUG(10, ("ldap_add failed %s\n",
- tldap_errstr(debug_ctx(), state->ld, rc)));
+ tldap_errstr(talloc_tos(), state->ld, rc)));
TALLOC_FREE(frame);
return NT_STATUS_LDAP(rc);
}
"(&(objectclass=group)(samaccountname=%s))", name);
if (rc != TLDAP_SUCCESS) {
DEBUG(10, ("Could not find just created alias %s: %s\n",
- name, tldap_errstr(debug_ctx(), state->ld, rc)));
+ name, tldap_errstr(talloc_tos(), state->ld, rc)));
TALLOC_FREE(frame);
return NT_STATUS_LDAP(rc);
}
}
static NTSTATUS pdb_ads_delete_alias(struct pdb_methods *m,
- const DOM_SID *sid)
+ const struct dom_sid *sid)
{
struct pdb_ads_state *state = talloc_get_type_abort(
m->private_data, struct pdb_ads_state);
struct tldap_context *ld;
struct tldap_message **alias;
- char *sidstr, *dn;
+ char *sidstr, *dn = NULL;
int rc;
ld = pdb_ads_ld(state);
TALLOC_FREE(sidstr);
if (rc != TLDAP_SUCCESS) {
DEBUG(10, ("ldap_search failed: %s\n",
- tldap_errstr(debug_ctx(), state->ld, rc)));
- TALLOC_FREE(dn);
+ tldap_errstr(talloc_tos(), state->ld, rc)));
return NT_STATUS_LDAP(rc);
}
if (talloc_array_length(alias) != 1) {
rc = tldap_delete(ld, dn, NULL, 0, NULL, 0);
if (rc != TLDAP_SUCCESS) {
DEBUG(10, ("ldap_delete failed: %s\n",
- tldap_errstr(debug_ctx(), state->ld, rc)));
- TALLOC_FREE(dn);
+ tldap_errstr(talloc_tos(), state->ld, rc)));
return NT_STATUS_LDAP(rc);
}
}
static NTSTATUS pdb_ads_set_aliasinfo(struct pdb_methods *m,
- const DOM_SID *sid,
+ const struct dom_sid *sid,
struct acct_info *info)
{
struct pdb_ads_state *state = talloc_get_type_abort(
TALLOC_FREE(sidstr);
if (rc != TLDAP_SUCCESS) {
DEBUG(10, ("ldap_search failed %s\n",
- tldap_errstr(debug_ctx(), state->ld, rc)));
+ tldap_errstr(talloc_tos(), state->ld, rc)));
return NT_STATUS_LDAP(rc);
}
switch talloc_array_length(msg) {
TALLOC_FREE(msg);
if (rc != TLDAP_SUCCESS) {
DEBUG(10, ("ldap_modify failed: %s\n",
- tldap_errstr(debug_ctx(), state->ld, rc)));
+ tldap_errstr(talloc_tos(), state->ld, rc)));
return NT_STATUS_LDAP(rc);
}
return NT_STATUS_OK;
TALLOC_FREE(sidstr);
if (rc != TLDAP_SUCCESS) {
DEBUG(10, ("ldap_search failed %s\n",
- tldap_errstr(debug_ctx(), state->ld, rc)));
+ tldap_errstr(talloc_tos(), state->ld, rc)));
return NT_STATUS_LDAP(rc);
}
}
static NTSTATUS pdb_ads_mod_aliasmem(struct pdb_methods *m,
- const DOM_SID *alias,
- const DOM_SID *member,
+ const struct dom_sid *alias,
+ const struct dom_sid *member,
int mod_op)
{
struct pdb_ads_state *state = talloc_get_type_abort(
TALLOC_FREE(frame);
if (rc != TLDAP_SUCCESS) {
DEBUG(10, ("ldap_modify failed: %s\n",
- tldap_errstr(debug_ctx(), state->ld, rc)));
+ tldap_errstr(talloc_tos(), state->ld, rc)));
if (rc == TLDAP_TYPE_OR_VALUE_EXISTS) {
return NT_STATUS_MEMBER_IN_ALIAS;
}
}
static NTSTATUS pdb_ads_add_aliasmem(struct pdb_methods *m,
- const DOM_SID *alias,
- const DOM_SID *member)
+ const struct dom_sid *alias,
+ const struct dom_sid *member)
{
return pdb_ads_mod_aliasmem(m, alias, member, TLDAP_MOD_ADD);
}
static NTSTATUS pdb_ads_del_aliasmem(struct pdb_methods *m,
- const DOM_SID *alias,
- const DOM_SID *member)
+ const struct dom_sid *alias,
+ const struct dom_sid *member)
{
return pdb_ads_mod_aliasmem(m, alias, member, TLDAP_MOD_DELETE);
}
}
static NTSTATUS pdb_ads_enum_aliasmem(struct pdb_methods *m,
- const DOM_SID *alias,
+ const struct dom_sid *alias,
TALLOC_CTX *mem_ctx,
- DOM_SID **pmembers,
+ struct dom_sid **pmembers,
size_t *pnum_members)
{
struct pdb_ads_state *state = talloc_get_type_abort(
TALLOC_FREE(sidstr);
if (rc != TLDAP_SUCCESS) {
DEBUG(10, ("ldap_search failed %s\n",
- tldap_errstr(debug_ctx(), state->ld, rc)));
+ tldap_errstr(talloc_tos(), state->ld, rc)));
return NT_STATUS_LDAP(rc);
}
switch talloc_array_length(msg) {
static NTSTATUS pdb_ads_enum_alias_memberships(struct pdb_methods *m,
TALLOC_CTX *mem_ctx,
- const DOM_SID *domain_sid,
- const DOM_SID *members,
+ const struct dom_sid *domain_sid,
+ const struct dom_sid *members,
size_t num_members,
uint32_t **palias_rids,
size_t *pnum_alias_rids)
struct pdb_ads_state *state = talloc_get_type_abort(
m->private_data, struct pdb_ads_state);
const char *attrs[1] = { "objectSid" };
- struct tldap_message **msg;
+ struct tldap_message **msg = NULL;
uint32_t *alias_rids = NULL;
size_t num_alias_rids = 0;
int i, rc, count;
TALLOC_FREE(filter);
if (rc != TLDAP_SUCCESS) {
DEBUG(10, ("tldap_search failed %s\n",
- tldap_errstr(debug_ctx(), state->ld, rc)));
+ tldap_errstr(talloc_tos(), state->ld, rc)));
return NT_STATUS_LDAP(rc);
}
}
static NTSTATUS pdb_ads_lookup_rids(struct pdb_methods *m,
- const DOM_SID *domain_sid,
+ const struct dom_sid *domain_sid,
int num_rids,
uint32 *rids,
const char **names,
TALLOC_FREE(sidstr);
if (rc != TLDAP_SUCCESS) {
DEBUG(10, ("ldap_search failed %s\n",
- tldap_errstr(debug_ctx(), state->ld, rc)));
+ tldap_errstr(talloc_tos(), state->ld, rc)));
continue;
}
DEBUG(10, ("no samAccountType"));
continue;
}
- lsa_attrs[i] = ads_atype_map(attr);
+ lsa_attrs[i] = ds_atype_map(attr);
num_mapped += 1;
}
}
static NTSTATUS pdb_ads_lookup_names(struct pdb_methods *m,
- const DOM_SID *domain_sid,
+ const struct dom_sid *domain_sid,
int num_names,
const char **pp_names,
uint32 *rids,
}
static NTSTATUS pdb_ads_get_account_policy(struct pdb_methods *m,
- int policy_index, uint32 *value)
+ enum pdb_policy_type type,
+ uint32_t *value)
{
- return account_policy_get(policy_index, value)
+ return account_policy_get(type, value)
? NT_STATUS_OK : NT_STATUS_UNSUCCESSFUL;
}
static NTSTATUS pdb_ads_set_account_policy(struct pdb_methods *m,
- int policy_index, uint32 value)
+ enum pdb_policy_type type,
+ uint32_t value)
{
- return account_policy_set(policy_index, value)
+ return account_policy_set(type, value)
? NT_STATUS_OK : NT_STATUS_UNSUCCESSFUL;
}
"%s", filter);
if (rc != TLDAP_SUCCESS) {
DEBUG(10, ("ldap_search_ext_s failed: %s\n",
- tldap_errstr(debug_ctx(), state->ld, rc)));
+ tldap_errstr(talloc_tos(), state->ld, rc)));
return false;
}
static bool pdb_ads_search_aliases(struct pdb_methods *m,
struct pdb_search *search,
- const DOM_SID *sid)
+ const struct dom_sid *sid)
{
struct pdb_ads_search_state *sstate;
char *filter;
return true;
}
-static bool pdb_ads_uid_to_rid(struct pdb_methods *m, uid_t uid,
- uint32 *rid)
-{
- return false;
-}
-
static bool pdb_ads_uid_to_sid(struct pdb_methods *m, uid_t uid,
- DOM_SID *sid)
+ struct dom_sid *sid)
{
struct pdb_ads_state *state = talloc_get_type_abort(
m->private_data, struct pdb_ads_state);
}
static bool pdb_ads_gid_to_sid(struct pdb_methods *m, gid_t gid,
- DOM_SID *sid)
+ struct dom_sid *sid)
{
struct pdb_ads_state *state = talloc_get_type_abort(
m->private_data, struct pdb_ads_state);
return true;
}
-static bool pdb_ads_sid_to_id(struct pdb_methods *m, const DOM_SID *sid,
+static bool pdb_ads_sid_to_id(struct pdb_methods *m, const struct dom_sid *sid,
union unid_t *id, enum lsa_SidType *type)
{
struct pdb_ads_state *state = talloc_get_type_abort(
static bool pdb_ads_get_trusteddom_pw(struct pdb_methods *m,
const char *domain, char** pwd,
- DOM_SID *sid,
+ struct dom_sid *sid,
time_t *pass_last_set_time)
{
return false;
static bool pdb_ads_set_trusteddom_pw(struct pdb_methods *m,
const char* domain, const char* pwd,
- const DOM_SID *sid)
+ const struct dom_sid *sid)
{
return false;
}
uint32 *num_domains,
struct trustdom_info ***domains)
{
- return NT_STATUS_NOT_IMPLEMENTED;
+ *num_domains = 0;
+ *domains = NULL;
+ return NT_STATUS_OK;
}
static void pdb_ads_init_methods(struct pdb_methods *m)
m->search_users = pdb_ads_search_users;
m->search_groups = pdb_ads_search_groups;
m->search_aliases = pdb_ads_search_aliases;
- m->uid_to_rid = pdb_ads_uid_to_rid;
m->uid_to_sid = pdb_ads_uid_to_sid;
m->gid_to_sid = pdb_ads_gid_to_sid;
m->sid_to_id = pdb_ads_sid_to_id;
rc = tldap_fetch_rootdse(ld);
if (rc != TLDAP_SUCCESS) {
DEBUG(10, ("Could not retrieve rootdse: %s\n",
- tldap_errstr(debug_ctx(), state->ld, rc)));
+ tldap_errstr(talloc_tos(), state->ld, rc)));
status = NT_STATUS_LDAP(rc);
goto done;
}
talloc_tos(), &domain, "(objectclass=*)");
if (rc != TLDAP_SUCCESS) {
DEBUG(10, ("Could not retrieve domain: %s\n",
- tldap_errstr(debug_ctx(), state->ld, rc)));
+ tldap_errstr(talloc_tos(), state->ld, rc)));
status = NT_STATUS_LDAP(rc);
goto done;
}
talloc_tos(), &ncname, "(ncname=%s)", state->domaindn);
if (rc != TLDAP_SUCCESS) {
DEBUG(10, ("Could not retrieve ncname: %s\n",
- tldap_errstr(debug_ctx(), state->ld, rc)));
+ tldap_errstr(talloc_tos(), state->ld, rc)));
status = NT_STATUS_LDAP(rc);
goto done;
}