#include "dsdb/common/flags.h"
#include "dsdb/samdb/samdb.h"
#include "auth/auth.h"
-#include "libcli/ldap/ldap.h"
+#include "libcli/ldap/ldap_ndr.h"
+#include "lib/ldb/include/ldb.h"
#include "util/util_ldb.h"
#include "libcli/security/security.h"
#include "param/param.h"
/*
open a sidmap context - use talloc_free to close
*/
-_PUBLIC_ struct sidmap_context *sidmap_open(TALLOC_CTX *mem_ctx, struct loadparm_context *lp_ctx)
+struct sidmap_context *sidmap_open(TALLOC_CTX *mem_ctx, struct event_context *ev_ctx,
+ struct loadparm_context *lp_ctx)
{
struct sidmap_context *sidmap;
sidmap = talloc(mem_ctx, struct sidmap_context);
if (sidmap == NULL) {
return NULL;
}
- sidmap->samctx = samdb_connect(sidmap, lp_ctx, system_session(sidmap, lp_ctx));
+ sidmap->samctx = samdb_connect(sidmap, ev_ctx, lp_ctx, system_session(sidmap, lp_ctx));
if (sidmap->samctx == NULL) {
talloc_free(sidmap);
return NULL;
/*
map a sid to a unix uid
*/
-_PUBLIC_ NTSTATUS sidmap_sid_to_unixuid(struct sidmap_context *sidmap,
- struct dom_sid *sid, uid_t *uid)
+NTSTATUS sidmap_sid_to_unixuid(struct sidmap_context *sidmap,
+ const struct dom_sid *sid, uid_t *uid)
{
- const char *attrs[] = { "sAMAccountName", "uidNumber",
+ const char *attrs[] = { "sAMAccountName", "uidNumber",
"sAMAccountType", "unixName", NULL };
int ret;
const char *s;
tmp_ctx = talloc_new(sidmap);
- ret = gendb_search(sidmap->samctx, tmp_ctx, NULL, &res, attrs,
- "objectSid=%s", ldap_encode_ndr_dom_sid(tmp_ctx, sid));
+ ret = gendb_search(sidmap->samctx, tmp_ctx, NULL, &res, attrs,
+ "objectSid=%s",
+ ldap_encode_ndr_dom_sid(tmp_ctx, sid));
+
if (ret != 1) {
goto allocated_sid;
}
/* make sure its a user, not a group */
if (!is_user_account(res[0])) {
- DEBUG(0,("sid_to_unixuid: sid %s is not an account!\n",
+ DEBUG(0,("sid_to_unixuid: sid %s is not an account!\n",
dom_sid_string(tmp_ctx, sid)));
talloc_free(tmp_ctx);
return NT_STATUS_INVALID_SID;
/*
see if a sid is a group - very inefficient!
*/
-_PUBLIC_ bool sidmap_sid_is_group(struct sidmap_context *sidmap, struct dom_sid *sid)
+bool sidmap_sid_is_group(struct sidmap_context *sidmap, struct dom_sid *sid)
{
const char *attrs[] = { "sAMAccountType", NULL };
int ret;
/*
map a sid to a unix gid
*/
-_PUBLIC_ NTSTATUS sidmap_sid_to_unixgid(struct sidmap_context *sidmap,
- struct dom_sid *sid, gid_t *gid)
+NTSTATUS sidmap_sid_to_unixgid(struct sidmap_context *sidmap,
+ const struct dom_sid *sid, gid_t *gid)
{
- const char *attrs[] = { "sAMAccountName", "gidNumber",
+ const char *attrs[] = { "sAMAccountName", "gidNumber",
"unixName", "sAMAccountType", NULL };
int ret;
const char *s;
map a unix uid to a dom_sid
the returned sid is allocated in the supplied mem_ctx
*/
-_PUBLIC_ NTSTATUS sidmap_uid_to_sid(struct sidmap_context *sidmap,
+NTSTATUS sidmap_uid_to_sid(struct sidmap_context *sidmap,
TALLOC_CTX *mem_ctx,
- uid_t uid, struct dom_sid **sid)
+ const uid_t uid, struct dom_sid **sid)
{
const char *attrs[] = { "sAMAccountName", "objectSid", "sAMAccountType", NULL };
int ret, i;
map a unix gid to a dom_sid
the returned sid is allocated in the supplied mem_ctx
*/
-_PUBLIC_ NTSTATUS sidmap_gid_to_sid(struct sidmap_context *sidmap,
+NTSTATUS sidmap_gid_to_sid(struct sidmap_context *sidmap,
TALLOC_CTX *mem_ctx,
- gid_t gid, struct dom_sid **sid)
+ const gid_t gid, struct dom_sid **sid)
{
const char *attrs[] = { "sAMAccountName", "objectSid", "sAMAccountType", NULL };
int ret, i;
check if a sid is in the range of auto-allocated SIDs from our primary domain,
and if it is, then return the name and atype
*/
-_PUBLIC_ NTSTATUS sidmap_allocated_sid_lookup(struct sidmap_context *sidmap,
+NTSTATUS sidmap_allocated_sid_lookup(struct sidmap_context *sidmap,
TALLOC_CTX *mem_ctx,
const struct dom_sid *sid,
const char **name,