#include "system/passwd.h"
#include "passdb.h"
#include "secrets.h"
+#include "messages.h"
#include "../librpc/gen_ndr/samr.h"
#include "../librpc/gen_ndr/drsblobs.h"
#include "../librpc/gen_ndr/ndr_drsblobs.h"
return NULL;
}
+const struct pdb_init_function_entry *pdb_get_backends(void)
+{
+ return backends;
+}
+
+
/*
* The event context for the passdb backend. I know this is a bad hack and yet
* another static variable, but our pdb API is a global thing per
/* we have a valid SID coming out of this call */
- status = samu_alloc_rid_unix( sam_pass, pwd );
+ status = samu_alloc_rid_unix(methods, sam_pass, pwd);
TALLOC_FREE( pwd );
pdb_set_acct_ctrl(sam_pass, acb_info, PDB_CHANGED);
- status = pdb_add_sam_account(sam_pass);
+ status = methods->add_sam_account(methods, sam_pass);
TALLOC_FREE(sam_pass);
NTSTATUS status;
fstring username;
- status = pdb_delete_sam_account(sam_acct);
+ memcache_flush(NULL, PDB_GETPWSID_CACHE);
+
+ status = methods->delete_sam_account(methods, sam_acct);
if (!NT_STATUS_IS_OK(status)) {
return status;
}
{
struct pdb_methods *pdb = pdb_get_methods();
uid_t uid = -1;
+ NTSTATUS status;
+ char *msg_data;
/* sanity check to make sure we don't delete root */
return NT_STATUS_ACCESS_DENIED;
}
- return pdb->delete_user(pdb, mem_ctx, sam_acct);
+ status = pdb->delete_user(pdb, mem_ctx, sam_acct);
+ if (!NT_STATUS_IS_OK(status)) {
+ return status;
+ }
+
+ msg_data = talloc_asprintf(mem_ctx, "USER %s",
+ pdb_get_username(sam_acct));
+ if (!msg_data) {
+ /* not fatal, and too late to rollback,
+ * just return */
+ return status;
+ }
+ message_send_all(server_messaging_context(),
+ ID_CACHE_DELETE,
+ msg_data,
+ strlen(msg_data) + 1,
+ NULL);
+
+ TALLOC_FREE(msg_data);
+ return status;
}
NTSTATUS pdb_add_sam_account(struct samu *sam_acct)
SAFE_FREE(state->groups);
}
-static bool pdb_search_grouptype(struct pdb_search *search,
+static bool pdb_search_grouptype(struct pdb_methods *methods,
+ struct pdb_search *search,
const struct dom_sid *sid, enum lsa_SidType type)
{
struct group_search *state;
return False;
}
- if (!pdb_enum_group_mapping(sid, type, &state->groups, &state->num_groups,
- True)) {
+ if (!NT_STATUS_IS_OK(methods->enum_group_mapping(methods, sid, type,
+ &state->groups, &state->num_groups,
+ True))) {
DEBUG(0, ("Could not enum groups\n"));
return False;
}
static bool pdb_default_search_groups(struct pdb_methods *methods,
struct pdb_search *search)
{
- return pdb_search_grouptype(search, get_global_sam_sid(), SID_NAME_DOM_GRP);
+ return pdb_search_grouptype(methods, search, get_global_sam_sid(), SID_NAME_DOM_GRP);
}
static bool pdb_default_search_aliases(struct pdb_methods *methods,
const struct dom_sid *sid)
{
- return pdb_search_grouptype(search, sid, SID_NAME_ALIAS);
+ return pdb_search_grouptype(methods, search, sid, SID_NAME_ALIAS);
}
static struct samr_displayentry *pdb_search_getentry(struct pdb_search *search,
return NULL;
}
+/*******************************************************************
+ secret methods
+ *******************************************************************/
+
+NTSTATUS pdb_get_secret(TALLOC_CTX *mem_ctx,
+ const char *secret_name,
+ DATA_BLOB *secret_current,
+ NTTIME *secret_current_lastchange,
+ DATA_BLOB *secret_old,
+ NTTIME *secret_old_lastchange,
+ struct security_descriptor **sd)
+{
+ struct pdb_methods *pdb = pdb_get_methods();
+ return pdb->get_secret(pdb, mem_ctx, secret_name,
+ secret_current, secret_current_lastchange,
+ secret_old, secret_old_lastchange,
+ sd);
+}
+
+NTSTATUS pdb_set_secret(const char *secret_name,
+ DATA_BLOB *secret_current,
+ DATA_BLOB *secret_old,
+ struct security_descriptor *sd)
+{
+ struct pdb_methods *pdb = pdb_get_methods();
+ return pdb->set_secret(pdb, secret_name,
+ secret_current,
+ secret_old,
+ sd);
+}
+
+NTSTATUS pdb_delete_secret(const char *secret_name)
+{
+ struct pdb_methods *pdb = pdb_get_methods();
+ return pdb->delete_secret(pdb, secret_name);
+}
+
+static NTSTATUS pdb_default_get_secret(struct pdb_methods *methods,
+ TALLOC_CTX *mem_ctx,
+ const char *secret_name,
+ DATA_BLOB *secret_current,
+ NTTIME *secret_current_lastchange,
+ DATA_BLOB *secret_old,
+ NTTIME *secret_old_lastchange,
+ struct security_descriptor **sd)
+{
+ return lsa_secret_get(mem_ctx, secret_name,
+ secret_current,
+ secret_current_lastchange,
+ secret_old,
+ secret_old_lastchange,
+ sd);
+}
+
+static NTSTATUS pdb_default_set_secret(struct pdb_methods *methods,
+ const char *secret_name,
+ DATA_BLOB *secret_current,
+ DATA_BLOB *secret_old,
+ struct security_descriptor *sd)
+{
+ return lsa_secret_set(secret_name,
+ secret_current,
+ secret_old,
+ sd);
+}
+
+static NTSTATUS pdb_default_delete_secret(struct pdb_methods *methods,
+ const char *secret_name)
+{
+ return lsa_secret_delete(secret_name);
+}
+
/*******************************************************************
Create a pdb_methods structure and initialize it with the default
operations. In this way a passdb module can simply implement
(*methods)->del_trusted_domain = pdb_default_del_trusted_domain;
(*methods)->enum_trusted_domains = pdb_default_enum_trusted_domains;
+ (*methods)->get_secret = pdb_default_get_secret;
+ (*methods)->set_secret = pdb_default_set_secret;
+ (*methods)->delete_secret = pdb_default_delete_secret;
+
return NT_STATUS_OK;
}