DEBUG(2,("Retrieving alias [%s]\n", group->name));
if(ldap_get_attribute("rid", temp)) {
- group->rid = atoi(temp);
+ group->rid = strtol(temp, NULL, 16);
} else {
DEBUG(0, ("Missing rid\n"));
return NULL;
ldap_make_mod(mods, LDAP_MOD_ADD, "objectClass", "sambaAlias");
ldap_make_mod(mods, LDAP_MOD_ADD, "cn", group->name);
- slprintf(temp, sizeof(temp)-1, "%d", (gid_t)(-1));
- ldap_make_mod(mods, LDAP_MOD_ADD, "gidNumber", temp);
-
- slprintf(temp, sizeof(temp)-1, "%d", group->rid);
+ slprintf(temp, sizeof(temp)-1, "%x", group->rid);
ldap_make_mod(mods, LDAP_MOD_ADD, "rid", temp);
}
}
+/************************************************************************
+ Create a alias member entry
+ ************************************************************************/
+
+static BOOL ldapalias_memmods(DOM_SID *user_sid, LDAPMod ***mods,
+ int operation)
+{
+ pstring member;
+ pstring sid_str;
+ fstring name;
+ uint8 type;
+
+ if (lookup_sid(user_sid, name, &type))
+ return (False);
+ sid_to_string(sid_str, user_sid);
+
+ slprintf(member, sizeof(member)-1, "%s,%s,%d", name, sid_str, type);
+
+ *mods = NULL;
+ ldap_make_mod(mods, operation, "member", member);
+ return True;
+}
+
+
/***************************************************************
Begin/end smbgrp enumeration.
****************************************************************/
if (lp_server_role() == ROLE_DOMAIN_NONE)
return NULL;
- if (!ldap_open_connection(False))
+ if (!ldap_connect())
return NULL;
ldap_search_for("objectClass=sambaAlias");
static void ldapalias_enumclose(void *vp)
{
- ldap_close_connection();
+ ldap_disconnect();
}
fstring filter;
LOCAL_GRP *ret;
- if(!ldap_open_connection(False))
+ if(!ldap_connect())
return (False);
slprintf(filter, sizeof(filter)-1,
ret = ldapalias_getgrp(&localgrp, members, num_membs);
- ldap_close_connection();
+ ldap_disconnect();
return ret;
}
fstring filter;
LOCAL_GRP *ret;
- if(!ldap_open_connection(False))
+ if(!ldap_connect())
return (False);
slprintf(filter, sizeof(filter)-1,
ldap_search_for(filter);
ret = ldapalias_getgrp(&localgrp, members, num_membs);
- ldap_close_connection();
+ ldap_disconnect();
return ret;
}
fstring filter;
LOCAL_GRP *ret;
- if(!ldap_open_connection(False))
+ if(!ldap_connect())
return (False);
slprintf(filter, sizeof(filter)-1,
- "(&(rid=%d)(objectClass=sambaAlias))", grp_rid);
+ "(&(rid=%x)(objectClass=sambaAlias))", grp_rid);
ldap_search_for(filter);
ret = ldapalias_getgrp(&localgrp, members, num_membs);
- ldap_close_connection();
+ ldap_disconnect();
return ret;
}
return ldapalias_getgrp(&localgrp, members, num_membs);
}
+
+/*************************************************************************
+ Add/modify/delete aliases.
+ *************************************************************************/
+
static BOOL ldapalias_addgrp(LOCAL_GRP *group)
{
LDAPMod **mods;
+ if (!ldap_allocaterid(&group->rid))
+ {
+ DEBUG(0,("RID generation failed\n"));
+ return (False);
+ }
+
ldapalias_grpmods(group, &mods, LDAP_MOD_ADD);
return ldap_makemods("cn", group->name, mods, True);
}
return ldap_makemods("cn", group->name, mods, False);
}
+static BOOL ldapalias_delgrp(uint32 grp_rid)
+{
+ fstring filter;
+ char *dn;
+ int err;
+
+ if (!ldap_connect())
+ return (False);
+
+ slprintf(filter, sizeof(filter)-1,
+ "(&(rid=%x)(objectClass=sambaAlias))", grp_rid);
+ ldap_search_for(filter);
+
+ if (!ldap_entry || !(dn = ldap_get_dn(ldap_struct, ldap_entry)))
+ {
+ ldap_disconnect();
+ return (False);
+ }
+
+ err = ldap_delete_s(ldap_struct, dn);
+ free(dn);
+ ldap_disconnect();
+
+ if (err != LDAP_SUCCESS)
+ {
+ DEBUG(0, ("delete: %s\n", ldap_err2string(err)));
+ return (False);
+ }
+
+ return True;
+}
+
+
+/*************************************************************************
+ Add users to/remove users from aliases.
+ *************************************************************************/
+
+static BOOL ldapalias_addmem(uint32 grp_rid, DOM_SID *user_sid)
+{
+ LDAPMod **mods;
+ fstring rid_str;
+
+ slprintf(rid_str, sizeof(rid_str)-1, "%x", grp_rid);
+
+ if(!ldapalias_memmods(user_sid, &mods, LDAP_MOD_ADD))
+ return (False);
+
+ return ldap_makemods("rid", rid_str, mods, False);
+}
+
+static BOOL ldapalias_delmem(uint32 grp_rid, DOM_SID *user_sid)
+{
+ LDAPMod **mods;
+ fstring rid_str;
+
+ slprintf(rid_str, sizeof(rid_str)-1, "%x", grp_rid);
+
+ if(!ldapalias_memmods(user_sid, &mods, LDAP_MOD_DELETE))
+ return (False);
+
+ return ldap_makemods("rid", rid_str, mods, False);
+}
+
+
+/*************************************************************************
+ Return aliases that a user is in.
+ *************************************************************************/
+
static BOOL ldapalias_getusergroups(const char *name, LOCAL_GRP **groups,
int *num_grps)
{
fstring filter;
int i;
+ if(!ldap_connect())
+ return (False);
+
slprintf(filter, sizeof(pstring)-1,
"(&(member=%s,*)(objectclass=sambaAlias))", name);
ldap_search_for(filter);
if(!i) {
*groups = NULL;
+ ldap_disconnect();
return (True);
}
i--;
} while(ldapalias_getgrp(&grouplist[i], NULL, NULL) && (i > 0));
+ ldap_disconnect();
return (True);
}
ldapalias_addgrp,
ldapalias_modgrp,
+ ldapalias_delgrp,
+
+ ldapalias_addmem,
+ ldapalias_delmem,
ldapalias_getusergroups
};
DEBUG(0, ("Missing cn\n"));
return NULL; }
- DEBUG(2,("Retrieving alias [%s]\n", group->name));
+ DEBUG(2,("Retrieving builtin alias [%s]\n", group->name));
if(ldap_get_attribute("rid", temp)) {
- group->rid = atoi(temp);
+ group->rid = strtol(temp, NULL, 16);
} else {
DEBUG(0, ("Missing rid\n"));
return NULL;
ldap_make_mod(mods, LDAP_MOD_ADD, "objectClass", "sambaBuiltin");
ldap_make_mod(mods, LDAP_MOD_ADD, "cn", group->name);
- slprintf(temp, sizeof(temp)-1, "%d", (gid_t)(-1));
- ldap_make_mod(mods, LDAP_MOD_ADD, "gidNumber", temp);
-
- slprintf(temp, sizeof(temp)-1, "%d", group->rid);
+ slprintf(temp, sizeof(temp)-1, "%x", group->rid);
ldap_make_mod(mods, LDAP_MOD_ADD, "rid", temp);
}
}
+/************************************************************************
+ Create a builtin alias member entry
+ ************************************************************************/
+
+static BOOL ldapbuiltin_memmods(DOM_SID *user_sid, LDAPMod ***mods,
+ int operation)
+{
+ pstring member;
+ pstring sid_str;
+ fstring name;
+ uint8 type;
+
+ if (lookup_sid(user_sid, name, &type))
+ return (False);
+ sid_to_string(sid_str, user_sid);
+
+ slprintf(member, sizeof(member)-1, "%s,%s,%d", name, sid_str, type);
+
+ *mods = NULL;
+ ldap_make_mod(mods, operation, "member", member);
+ return True;
+}
+
+
/***************************************************************
Begin/end smbgrp enumeration.
****************************************************************/
if (lp_server_role() == ROLE_DOMAIN_NONE)
return NULL;
- if (!ldap_open_connection(False))
+ if (!ldap_connect())
return NULL;
ldap_search_for("objectClass=sambaBuiltin");
static void ldapbuiltin_enumclose(void *vp)
{
- ldap_close_connection();
+ ldap_disconnect();
}
fstring filter;
LOCAL_GRP *ret;
- if(!ldap_open_connection(False))
+ if(!ldap_connect())
return (False);
slprintf(filter, sizeof(filter)-1,
ret = ldapbuiltin_getgrp(&localgrp, members, num_membs);
- ldap_close_connection();
+ ldap_disconnect();
return ret;
}
fstring filter;
LOCAL_GRP *ret;
- if(!ldap_open_connection(False))
+ if(!ldap_connect())
return (False);
slprintf(filter, sizeof(filter)-1,
ldap_search_for(filter);
ret = ldapbuiltin_getgrp(&localgrp, members, num_membs);
- ldap_close_connection();
+ ldap_disconnect();
return ret;
}
fstring filter;
LOCAL_GRP *ret;
- if(!ldap_open_connection(False))
+ if(!ldap_connect())
return (False);
slprintf(filter, sizeof(filter)-1,
- "(&(rid=%d)(objectClass=sambaBuiltin))", grp_rid);
+ "(&(rid=%x)(objectClass=sambaBuiltin))", grp_rid);
ldap_search_for(filter);
ret = ldapbuiltin_getgrp(&localgrp, members, num_membs);
- ldap_close_connection();
+ ldap_disconnect();
return ret;
}
return ldapbuiltin_getgrp(&localgrp, members, num_membs);
}
+
+/*************************************************************************
+ Add/modify/delete builtin aliases.
+ *************************************************************************/
+
static BOOL ldapbuiltin_addgrp(LOCAL_GRP *group)
{
LDAPMod **mods;
+ if (!ldap_allocaterid(&group->rid))
+ {
+ DEBUG(0,("RID generation failed\n"));
+ return (False);
+ }
+
ldapbuiltin_grpmods(group, &mods, LDAP_MOD_ADD);
return ldap_makemods("cn", group->name, mods, True);
}
return ldap_makemods("cn", group->name, mods, False);
}
+static BOOL ldapbuiltin_delgrp(uint32 grp_rid)
+{
+ fstring filter;
+ char *dn;
+ int err;
+
+ if (!ldap_connect())
+ return (False);
+
+ slprintf(filter, sizeof(filter)-1,
+ "(&(rid=%x)(objectClass=sambaBuiltin))", grp_rid);
+ ldap_search_for(filter);
+
+ if (!ldap_entry || !(dn = ldap_get_dn(ldap_struct, ldap_entry)))
+ {
+ ldap_disconnect();
+ return (False);
+ }
+
+ err = ldap_delete_s(ldap_struct, dn);
+ free(dn);
+ ldap_disconnect();
+
+ if (err != LDAP_SUCCESS)
+ {
+ DEBUG(0, ("delete: %s\n", ldap_err2string(err)));
+ return (False);
+ }
+
+ return True;
+}
+
+
+/*************************************************************************
+ Add users to/remove users from aliases.
+ *************************************************************************/
+
+static BOOL ldapbuiltin_addmem(uint32 grp_rid, DOM_SID *user_sid)
+{
+ LDAPMod **mods;
+ fstring rid_str;
+
+ slprintf(rid_str, sizeof(rid_str)-1, "%x", grp_rid);
+
+ if(!ldapbuiltin_memmods(user_sid, &mods, LDAP_MOD_ADD))
+ return (False);
+
+ return ldap_makemods("rid", rid_str, mods, False);
+}
+
+static BOOL ldapbuiltin_delmem(uint32 grp_rid, DOM_SID *user_sid)
+{
+ LDAPMod **mods;
+ fstring rid_str;
+
+ slprintf(rid_str, sizeof(rid_str)-1, "%x", grp_rid);
+
+ if(!ldapbuiltin_memmods(user_sid, &mods, LDAP_MOD_DELETE))
+ return (False);
+
+ return ldap_makemods("rid", rid_str, mods, False);
+}
+
+
+/*************************************************************************
+ Return builtin aliases that a user is in.
+ *************************************************************************/
+
static BOOL ldapbuiltin_getusergroups(const char *name,
LOCAL_GRP **groups, int *num_grps)
{
fstring filter;
int i;
+ if(!ldap_connect())
+ return (False);
+
slprintf(filter, sizeof(pstring)-1,
"(&(member=%s,*)(objectclass=sambaBuiltin))", name);
ldap_search_for(filter);
if(!i) {
*groups = NULL;
+ ldap_disconnect();
return (True);
}
i--;
} while(ldapbuiltin_getgrp(&grouplist[i], NULL, NULL) && (i > 0));
+ ldap_disconnect();
return (True);
}
ldapbuiltin_addgrp,
ldapbuiltin_modgrp,
+ ldapbuiltin_delgrp,
+
+ ldapbuiltin_addmem,
+ ldapbuiltin_delmem,
ldapbuiltin_getusergroups
};
#include <ldap.h>
extern int DEBUGLEVEL;
+extern DOM_SID global_sam_sid;
/* Internal state */
extern LDAP *ldap_struct;
fstring temp;
char **values;
DOMAIN_GRP_MEMBER *memblist;
+ char *value, *sep;
int i;
if(!ldap_entry)
DEBUG(2,("Retrieving group [%s]\n", group->name));
if(ldap_get_attribute("rid", temp)) {
- group->rid = atoi(temp);
+ group->rid = strtol(temp, NULL, 16);
} else {
DEBUG(0, ("Missing rid\n"));
return NULL;
return group;
}
- if(values = ldap_get_values(ldap_struct, ldap_entry, "uidMember")) {
-
- DEBUG(0, ("Need to return NT names here\n"));
+ if(values = ldap_get_values(ldap_struct, ldap_entry, "member")) {
*num_membs = i = ldap_count_values(values);
*members = memblist = malloc(i * sizeof(DOMAIN_GRP_MEMBER));
do {
- fstrcpy(memblist[--i].name, values[i]);
+ value = values[--i];
+
+ if(!(sep = strchr(value, ','))) {
+ DEBUG(0, ("Malformed group member\n"));
+ return NULL;
+ }
+ *(sep++) = 0;
+ fstrcpy(memblist[i].name, value);
+
+ if(!(value = strchr(sep, ','))) {
+ DEBUG(0, ("Malformed group member\n"));
+ return NULL;
+ }
+ memblist[i].rid = strtol(sep, &value, 16);
+
+ if((memblist[i].sid_use = atoi(value+1))
+ >= SID_NAME_UNKNOWN)
+ DEBUG(0, ("Invalid SID use in group"));
+
memblist[i].attr = 0x7;
+
} while(i > 0);
ldap_value_free(values);
ldap_make_mod(mods, LDAP_MOD_ADD, "objectClass", "sambaGroup");
ldap_make_mod(mods, LDAP_MOD_ADD, "cn", group->name);
- slprintf(temp, sizeof(temp)-1, "%d", (gid_t)(-1));
- ldap_make_mod(mods, LDAP_MOD_ADD, "gidNumber", temp);
-
- slprintf(temp, sizeof(temp)-1, "%d", group->rid);
+ slprintf(temp, sizeof(temp)-1, "%x", group->rid);
ldap_make_mod(mods, LDAP_MOD_ADD, "rid", temp);
}
}
+/************************************************************************
+ Create a group member entry
+ ************************************************************************/
+
+static BOOL ldapgroup_memmods(uint32 user_rid, LDAPMod ***mods, int operation)
+{
+ pstring member;
+ fstring name;
+ DOM_SID sid;
+ uint8 type;
+
+ sid_copy(&sid, &global_sam_sid);
+ sid_append_rid(&sid, user_rid);
+ if (lookup_sid(&sid, name, &type))
+ return (False);
+
+ slprintf(member, sizeof(member)-1, "%s,%x,%d", name, user_rid, type);
+
+ *mods = NULL;
+ ldap_make_mod(mods, operation, "member", member);
+ return True;
+}
+
+
/***************************************************************
Begin/end domain group enumeration.
****************************************************************/
server_role == ROLE_DOMAIN_MEMBER)
return NULL;
- if (!ldap_open_connection(False))
+ if (!ldap_connect())
return NULL;
ldap_search_for("objectclass=sambaGroup");
static void ldapgroup_enumclose(void *vp)
{
- ldap_close_connection();
+ ldap_disconnect();
}
fstring filter;
DOMAIN_GRP *ret;
- if(!ldap_open_connection(False))
+ if(!ldap_connect())
return (False);
slprintf(filter, sizeof(filter)-1,
ret = ldapgroup_getgrp(&domgrp, members, num_membs);
- ldap_close_connection();
+ ldap_disconnect();
return ret;
}
fstring filter;
DOMAIN_GRP *ret;
- if(!ldap_open_connection(False))
+ if(!ldap_connect())
return (False);
slprintf(filter, sizeof(filter)-1,
ret = ldapgroup_getgrp(&domgrp, members, num_membs);
- ldap_close_connection();
+ ldap_disconnect();
return ret;
}
fstring filter;
DOMAIN_GRP *ret;
- if(!ldap_open_connection(False))
+ if(!ldap_connect())
return (False);
slprintf(filter, sizeof(filter)-1,
- "(&(rid=%d)(objectClass=sambaGroup))", grp_rid);
+ "(&(rid=%x)(objectClass=sambaGroup))", grp_rid);
ldap_search_for(filter);
ret = ldapgroup_getgrp(&domgrp, members, num_membs);
- ldap_close_connection();
+ ldap_disconnect();
return ret;
}
/*************************************************************************
- Add/modify domain groups.
+ Add/modify/delete domain groups.
*************************************************************************/
static BOOL ldapgroup_addgrp(DOMAIN_GRP *group)
{
LDAPMod **mods;
+ if (!ldap_allocaterid(&group->rid))
+ {
+ DEBUG(0,("RID generation failed\n"));
+ return (False);
+ }
+
ldapgroup_grpmods(group, &mods, LDAP_MOD_ADD);
return ldap_makemods("cn", group->name, mods, True);
}
return ldap_makemods("cn", group->name, mods, False);
}
+static BOOL ldapgroup_delgrp(uint32 grp_rid)
+{
+ fstring filter;
+ char *dn;
+ int err;
+
+ if (!ldap_connect())
+ return (False);
+
+ slprintf(filter, sizeof(filter)-1,
+ "(&(rid=%x)(objectClass=sambaGroup))", grp_rid);
+ ldap_search_for(filter);
+
+ if (!ldap_entry || !(dn = ldap_get_dn(ldap_struct, ldap_entry)))
+ {
+ ldap_disconnect();
+ return (False);
+ }
+
+ err = ldap_delete_s(ldap_struct, dn);
+ free(dn);
+ ldap_disconnect();
+
+ if (err != LDAP_SUCCESS)
+ {
+ DEBUG(0, ("delete: %s\n", ldap_err2string(err)));
+ return (False);
+ }
+
+ return True;
+}
+
+
+/*************************************************************************
+ Add users to/remove users from groups.
+ *************************************************************************/
+
+static BOOL ldapgroup_addmem(uint32 grp_rid, uint32 user_rid)
+{
+ LDAPMod **mods;
+ fstring rid_str;
+
+ slprintf(rid_str, sizeof(rid_str)-1, "%x", grp_rid);
+
+ if(!ldapgroup_memmods(user_rid, &mods, LDAP_MOD_ADD))
+ return (False);
+
+ return ldap_makemods("rid", rid_str, mods, False);
+}
+
+static BOOL ldapgroup_delmem(uint32 grp_rid, uint32 user_rid)
+{
+ LDAPMod **mods;
+ fstring rid_str;
+
+ slprintf(rid_str, sizeof(rid_str)-1, "%x", grp_rid);
+
+ if(!ldapgroup_memmods(user_rid, &mods, LDAP_MOD_DELETE))
+ return (False);
+
+ return ldap_makemods("rid", rid_str, mods, False);
+}
+
/*************************************************************************
Return domain groups that a user is in.
fstring filter;
int i;
+ if(!ldap_connect())
+ return (False);
+
slprintf(filter, sizeof(pstring)-1,
- "(&(uidMember=%s)(objectclass=sambaGroup))", name);
+ "(&(member=%s,*)(objectclass=sambaGroup))", name);
ldap_search_for(filter);
*num_grps = i = ldap_count_entries(ldap_struct, ldap_results);
if(!i) {
*groups = NULL;
+ ldap_disconnect();
return (True);
}
i--;
} while(ldapgroup_getgrp(&grouplist[i], NULL, NULL) && (i > 0));
+ ldap_disconnect();
return (True);
}
ldapgroup_addgrp,
ldapgroup_modgrp,
+ ldapgroup_delgrp,
+
+ ldapgroup_addmem,
+ ldapgroup_delmem,
ldapgroup_getusergroups
};
/*The following definitions come from passdb/ldap.c */
-BOOL ldap_open_connection(BOOL modify);
-void ldap_close_connection(void);
+BOOL ldap_connect(void);
+void ldap_disconnect(void);
BOOL ldap_search_for(char *filter);
BOOL ldap_search_by_name(const char *user);
BOOL ldap_search_by_uid(int uid);
BOOL ldap_get_attribute(char *attribute, char *value);
struct smb_passwd *ldap_getpw(void);
+BOOL ldap_allocaterid(uint32 *rid);
struct smb_passdb_ops *ldap_initialise_password_db(void);
/*The following definitions come from passdb/nispass.c */
Open connections to the LDAP server.
******************************************************************/
-BOOL ldap_open_connection(BOOL modify)
+BOOL ldap_connect(void)
{
int err;
close connections to the LDAP server.
******************************************************************/
-void ldap_close_connection(void)
+void ldap_disconnect(void)
{
if(!ldap_struct)
return;
return NULL; }
smbpw.unix_uid = atoi(temp);
- if(ldap_get_attribute("ntuid", nt_name)) {
+ if(!ldap_get_attribute("ntuid", nt_name)) {
DEBUG(0,("Missing ntuid\n"));
return NULL; }
smbpw.nt_name = nt_name;
if(!ldap_get_attribute("rid", temp)) {
DEBUG(0,("Missing rid\n"));
return NULL; }
- smbpw.user_rid = atoi(temp);
+ smbpw.user_rid = strtol(temp, NULL, 16);
if(ldap_get_attribute("acctFlags", temp))
smbpw.acct_ctrl = pwdb_decode_acct_ctrl(temp);
else
smbpw.pass_last_set_time = (time_t)(-1);
- ldap_entry = ldap_next_entry(ldap_struct, ldap_entry);
return &smbpw;
}
ldap_make_mod(mods, LDAP_MOD_ADD, "uidNumber", temp);
ldap_make_mod(mods, LDAP_MOD_ADD, "ntuid", newpwd->nt_name);
- slprintf(temp, sizeof(temp)-1, "%d", newpwd->user_rid);
+ slprintf(temp, sizeof(temp)-1, "%x", newpwd->user_rid);
ldap_make_mod(mods, LDAP_MOD_ADD, "rid", temp);
}
*************************************************************************/
BOOL ldap_makemods(char *attribute, char *value, LDAPMod **mods, BOOL add)
{
- pstring dn;
+ pstring filter;
+ char *dn;
int entries;
int err = 0;
BOOL rc;
- slprintf(dn, sizeof(dn)-1, "%s=%s, %s", attribute, value,
- lp_ldap_suffix());
+ slprintf(filter, sizeof(filter)-1, "%s=%s", attribute, value);
- if(!ldap_open_connection(True))
+ if (!ldap_connect())
return (False);
- if(add)
- err = ldap_add_s(ldap_struct, dn, mods);
+ ldap_search_for(filter);
- if(!add || (err = LDAP_ALREADY_EXISTS))
+ if (ldap_entry)
+ {
+ dn = ldap_get_dn(ldap_struct, ldap_entry);
err = ldap_modify_s(ldap_struct, dn, mods);
+ free(dn);
+ }
+ else if (add)
+ {
+ pstrcat(filter, ", ");
+ pstrcat(filter, lp_ldap_suffix());
+ err = ldap_add_s(ldap_struct, filter, mods);
+ }
- if(err == LDAP_SUCCESS) {
- DEBUG(2,("Updated entry [%s]\n",value));
+ if (err == LDAP_SUCCESS)
+ {
+ DEBUG(2,("Updated entry [%s]\n", value));
rc = True;
} else {
DEBUG(0,("update: %s\n", ldap_err2string(err)));
rc = False;
}
- ldap_close_connection();
+ ldap_disconnect();
ldap_mods_free(mods, 1);
return rc;
}
+/************************************************************************
+ Return next available RID, starting from 1000
+ ************************************************************************/
+
+BOOL ldap_allocaterid(uint32 *rid)
+{
+ pstring newdn;
+ fstring rid_str;
+ LDAPMod **mods;
+ char *dn;
+ int err;
+
+ DEBUG(2, ("Allocating new RID\n"));
+
+ if (!ldap_connect())
+ return (False);
+
+ ldap_search_for("(&(id=root)(objectClass=sambaConfig))");
+
+ if (ldap_entry && ldap_get_attribute("nextrid", rid_str))
+ *rid = strtol(rid_str, NULL, 16);
+ else
+ *rid = 1000;
+
+ mods = NULL;
+ if(!ldap_entry)
+ {
+ ldap_make_mod(&mods, LDAP_MOD_ADD, "objectClass",
+ "sambaConfig");
+ ldap_make_mod(&mods, LDAP_MOD_ADD, "id", "root");
+ }
+
+ slprintf(rid_str, sizeof(fstring)-1, "%x", (*rid) + 1);
+ ldap_make_mod(&mods, LDAP_MOD_REPLACE, "nextrid", rid_str);
+
+ if (ldap_entry)
+ {
+ dn = ldap_get_dn(ldap_struct, ldap_entry);
+ err = ldap_modify_s(ldap_struct, dn, mods);
+ free(dn);
+ } else {
+ pstrcpy(newdn, "id=root, ");
+ pstrcat(newdn, lp_ldap_suffix());
+ ldap_add_s(ldap_struct, newdn, mods);
+ }
+
+ ldap_disconnect();
+
+ if(err != LDAP_SUCCESS)
+ {
+ DEBUG(0,("nextrid update: %s\n", ldap_err2string(err)));
+ return (False);
+ }
+
+ return (True);
+}
+
+
/***************************************************************
Begin/end account enumeration.
****************************************************************/
static void *ldap_enumfirst(BOOL update)
{
- if (!ldap_open_connection(False))
+ if (!ldap_connect())
return NULL;
ldap_search_for("objectclass=sambaAccount");
static void ldap_enumclose(void *vp)
{
- ldap_close_connection();
+ ldap_disconnect();
}
{
struct smb_passwd *ret;
- if(!ldap_open_connection(False))
+ if(!ldap_connect())
return NULL;
ldap_search_by_name(name);
ret = ldap_getpw();
- ldap_close_connection();
+ ldap_disconnect();
return ret;
}
{
struct smb_passwd *ret;
- if(!ldap_open_connection(False))
+ if(!ldap_connect())
return NULL;
ldap_search_by_uid(userid);
ret = ldap_getpw();
- ldap_close_connection();
+ ldap_disconnect();
return ret;
}
static struct smb_passwd *ldap_getcurrentpw(void *vp)
{
- return ldap_getpw();
+ struct smb_passwd *ret;
+
+ ret = ldap_getpw();
+ ldap_entry = ldap_next_entry(ldap_struct, ldap_entry);
+ return ret;
}
{
LDAPMod **mods;
+ if (!newpwd || !ldap_allocaterid(&newpwd->user_rid))
+ return (False);
+
ldap_smbpwmods(newpwd, &mods, LDAP_MOD_ADD);
return ldap_makemods("uid", newpwd->unix_name, mods, True);
}
{
LDAPMod **mods;
+ if (!pwd)
+ return (False);
+
ldap_smbpwmods(pwd, &mods, LDAP_MOD_REPLACE);
return ldap_makemods("uid", pwd->unix_name, mods, False);
}
static void *ldappassgrp_enumfirst(BOOL update)
{
- if (!ldap_open_connection(False))
+ if (!ldap_connect())
return NULL;
ldap_search_for("&(objectclass=sambaAccount)(|(group=*)(alias=*))");
static void ldappassgrp_enumclose(void *vp)
{
- ldap_close_connection();
+ ldap_disconnect();
}
{
struct smb_passwd *ret;
- if(!ldap_open_connection(False))
+ if(!ldap_connect())
return NULL;
ldap_search_by_ntname(name);
ldappassgrp_member("alias", als_rids, num_alss);
ret = ldap_getpw();
- ldap_close_connection();
+ ldap_disconnect();
return ret;
}
{
struct smb_passwd *ret;
- if(!ldap_open_connection(False))
+ if(!ldap_connect())
return NULL;
ldap_search_by_uid(userid);
ldappassgrp_member("alias", als_rids, num_alss);
ret = ldap_getpw();
- ldap_close_connection();
+ ldap_disconnect();
return ret;
}
{
struct smb_passwd *ret;
- if(!ldap_open_connection(False))
+ if(!ldap_connect())
return NULL;
ldap_search_by_rid(user_rid);
ldappassgrp_member("alias", als_rids, num_alss);
ret = ldap_getpw();
- ldap_close_connection();
+ ldap_disconnect();
return ret;
}
extern int DEBUGLEVEL;
/* Internal state */
-LDAP *ldap_struct;
-LDAPMessage *ldap_results;
-LDAPMessage *ldap_entry;
+extern LDAP *ldap_struct;
+extern LDAPMessage *ldap_results;
+extern LDAPMessage *ldap_entry;
/*******************************************************************
fstring filter;
slprintf(filter, sizeof(filter)-1,
- "(&(rid=%d)(objectclass=sambaAccount))", rid);
+ "(&(rid=%x)(objectclass=sambaAccount))", rid);
return ldap_search_for(filter);
}
sam21->unix_gid = (gid_t)(-1);
if(ldap_get_attribute("grouprid", temp))
- sam21->group_rid = atoi(temp);
+ sam21->group_rid = strtol(temp, NULL, 16);
else
sam21->group_rid = 0xFFFFFFFF;
sam21->unknown_str = NULL;
sam21->munged_dial = NULL;
+ ldap_entry = ldap_next_entry(ldap_struct, ldap_entry);
return sam21;
}
DEBUG(2,("Retrieving account [%s]\n",nt_name));
if(ldap_get_attribute("rid", temp))
- dispinfo.user_rid = atoi(temp);
+ dispinfo.user_rid = strtol(temp, NULL, 16);
else {
DEBUG(0,("Missing rid\n"));
return NULL; }
else
dispinfo.full_name = NULL;
+ ldap_entry = ldap_next_entry(ldap_struct, ldap_entry);
return &dispinfo;
}
slprintf(temp, sizeof(temp)-1, "%d", newpwd->unix_gid);
ldap_make_mod(mods, operation, "gidNumber", temp);
- slprintf(temp, sizeof(temp)-1, "%d", newpwd->group_rid);
+ slprintf(temp, sizeof(temp)-1, "%x", newpwd->group_rid);
ldap_make_mod(mods, operation, "grouprid", temp);
ldap_make_mod(mods, operation, "cn", newpwd->full_name);
static void *ldapsam_enumfirst(BOOL update)
{
- if (!ldap_open_connection(False))
+ if (!ldap_connect())
return NULL;
ldap_search_for("objectclass=sambaAccount");
static void ldapsam_enumclose(void *vp)
{
- ldap_close_connection();
+ ldap_disconnect();
}
{
struct sam_passwd *ret;
- if(!ldap_open_connection(False))
+ if(!ldap_connect())
return NULL;
ldap_search_by_ntname(name);
ret = ldapsam_getsam();
- ldap_close_connection();
+ ldap_disconnect();
return ret;
}
{
struct sam_passwd *ret;
- if(!ldap_open_connection(False))
+ if(!ldap_connect())
return NULL;
ldap_search_by_uid(userid);
ret = ldapsam_getsam();
- ldap_close_connection();
+ ldap_disconnect();
return ret;
}
{
struct sam_passwd *ret;
- if(!ldap_open_connection(False))
+ if(!ldap_connect())
return NULL;
ldap_search_by_rid(user_rid);
ret = ldapsam_getsam();
- ldap_close_connection();
+ ldap_disconnect();
return ret;
}
{
LDAPMod **mods;
+ if (!newpwd || !ldap_allocaterid(&newpwd->user_rid))
+ return (False);
+
ldapsam_sammods(newpwd, &mods, LDAP_MOD_ADD);
return ldap_makemods("uid", newpwd->unix_name, mods, True);
}
{
LDAPMod **mods;
+ if (!pwd)
+ return (False);
+
ldapsam_sammods(pwd, &mods, LDAP_MOD_REPLACE);
return ldap_makemods("uid", pwd->unix_name, mods, False);
}
{
struct sam_disp_info *ret;
- if(!ldap_open_connection(False))
+ if(!ldap_connect())
return NULL;
ldap_search_by_ntname(name);
ret = ldapsam_getdispinfo();
- ldap_close_connection();
+ ldap_disconnect();
return ret;
}
{
struct sam_disp_info *ret;
- if(!ldap_open_connection(False))
+ if(!ldap_connect())
return NULL;
ldap_search_by_rid(user_rid);
ret = ldapsam_getdispinfo();
- ldap_close_connection();
+ ldap_disconnect();
return ret;
}