*/
#include "includes.h"
-#include "librpc/gen_ndr/ndr_security.h"
+#include "system/passwd.h"
+#include "ads.h"
+#include "dsdb/samdb/samdb.h"
+#include "auth/auth.h"
+#include "libcli/ldap/ldap.h"
/*
these are used for the fallback local uid/gid to sid mapping
struct sidmap_context *sidmap_open(TALLOC_CTX *mem_ctx)
{
struct sidmap_context *sidmap;
- sidmap = talloc_p(mem_ctx, struct sidmap_context);
+ sidmap = talloc(mem_ctx, struct sidmap_context);
if (sidmap == NULL) {
return NULL;
}
- sidmap->samctx = samdb_connect(sidmap);
+ sidmap->samctx = samdb_connect(sidmap, system_session(sidmap));
if (sidmap->samctx == NULL) {
talloc_free(sidmap);
return NULL;
TALLOC_CTX *mem_ctx, struct dom_sid **sid)
{
const char *attrs[] = { "objectSid", NULL };
- void *ctx = talloc(mem_ctx, 0);
- const char *sidstr;
int ret;
- struct ldb_message **res;
+ struct ldb_message **res = NULL;
- ret = samdb_search(sidmap->samctx, ctx, NULL, &res, attrs,
- "(&(objectClass=domain)(name=%s))", lp_workgroup());
+ ret = gendb_search_dn(sidmap->samctx, mem_ctx, samdb_base_dn(mem_ctx),
+ &res, attrs);
if (ret != 1) {
- talloc_free(ctx);
+ talloc_free(res);
return NT_STATUS_NO_SUCH_DOMAIN;
}
- sidstr = samdb_result_string(res[0], "objectSid", NULL);
- if (sidstr == NULL) {
- talloc_free(ctx);
- return NT_STATUS_NO_SUCH_DOMAIN;
- }
-
- *sid = dom_sid_parse_talloc(mem_ctx, sidstr);
- talloc_free(ctx);
+ *sid = samdb_result_dom_sid(mem_ctx, res[0], "objectSid");
+ talloc_free(res);
if (*sid == NULL) {
return NT_STATUS_NO_MEMORY;
}
const char *s;
void *ctx;
struct ldb_message **res;
- const char *sidstr;
struct dom_sid *domain_sid;
NTSTATUS status;
- ctx = talloc(sidmap, 0);
- sidstr = dom_sid_string(ctx, sid);
- if (sidstr == NULL) {
- talloc_free(ctx);
- return NT_STATUS_NO_MEMORY;
- }
+ ctx = talloc_new(sidmap);
- ret = samdb_search(sidmap->samctx, ctx, NULL, &res, attrs,
- "objectSid=%s", sidstr);
+ ret = gendb_search(sidmap->samctx, ctx, NULL, &res, attrs,
+ "objectSid=%s", ldap_encode_ndr_dom_sid(ctx, sid));
if (ret != 1) {
goto allocated_sid;
}
/* make sure its a user, not a group */
if (!is_user_account(res[0])) {
- DEBUG(0,("sid_to_unixuid: sid %s is not an account!\n", sidstr));
+ DEBUG(0,("sid_to_unixuid: sid %s is not an account!\n",
+ dom_sid_string(ctx, sid)));
talloc_free(ctx);
return NT_STATUS_INVALID_SID;
}
if (s != NULL) {
struct passwd *pwd = getpwnam(s);
if (!pwd) {
- DEBUG(0,("unixName %s for sid %s does not exist as a local user\n", s, sidstr));
+ DEBUG(0,("unixName %s for sid %s does not exist as a local user\n", s, dom_sid_string(ctx, sid)));
talloc_free(ctx);
return NT_STATUS_NO_SUCH_USER;
}
if (s != NULL) {
struct passwd *pwd = getpwnam(s);
if (!pwd) {
- DEBUG(0,("sAMAccountName '%s' for sid %s does not exist as a local user\n", s, sidstr));
+ DEBUG(0,("sAMAccountName '%s' for sid %s does not exist as a local user\n",
+ s, dom_sid_string(ctx, sid)));
talloc_free(ctx);
return NT_STATUS_NO_SUCH_USER;
}
DEBUG(0,("sid_to_unixuid: no unixID, unixName or sAMAccountName for sid %s\n",
- sidstr));
+ dom_sid_string(ctx, sid)));
talloc_free(ctx);
return NT_STATUS_INVALID_SID;
const char *s;
void *ctx;
struct ldb_message **res;
- const char *sidstr;
NTSTATUS status;
struct dom_sid *domain_sid;
- ctx = talloc(sidmap, 0);
- sidstr = dom_sid_string(ctx, sid);
- if (sidstr == NULL) {
- talloc_free(ctx);
- return NT_STATUS_NO_MEMORY;
- }
+ ctx = talloc_new(sidmap);
- ret = samdb_search(sidmap->samctx, ctx, NULL, &res, attrs,
- "objectSid=%s", sidstr);
+ ret = gendb_search(sidmap->samctx, ctx, NULL, &res, attrs,
+ "objectSid=%s", ldap_encode_ndr_dom_sid(ctx, sid));
if (ret != 1) {
goto allocated_sid;
}
/* make sure its not a user */
if (!is_group_account(res[0])) {
- DEBUG(0,("sid_to_unixgid: sid %s is a ATYPE_NORMAL_ACCOUNT\n", sidstr));
+ DEBUG(0,("sid_to_unixgid: sid %s is a ATYPE_NORMAL_ACCOUNT\n",
+ dom_sid_string(ctx, sid)));
talloc_free(ctx);
return NT_STATUS_INVALID_SID;
}
struct group *grp = getgrnam(s);
if (!grp) {
DEBUG(0,("unixName '%s' for sid %s does not exist as a local group\n",
- s, sidstr));
+ s, dom_sid_string(ctx, sid)));
talloc_free(ctx);
return NT_STATUS_NO_SUCH_USER;
}
if (s != NULL) {
struct group *grp = getgrnam(s);
if (!grp) {
- DEBUG(0,("sAMAccountName '%s' for sid %s does not exist as a local group\n", s, sidstr));
+ DEBUG(0,("sAMAccountName '%s' for sid %s does not exist as a local group\n", s, dom_sid_string(ctx, sid)));
talloc_free(ctx);
return NT_STATUS_NO_SUCH_USER;
}
}
DEBUG(0,("sid_to_unixgid: no unixID, unixName or sAMAccountName for sid %s\n",
- sidstr));
+ dom_sid_string(ctx, sid)));
talloc_free(ctx);
return NT_STATUS_INVALID_SID;
*/
- ctx = talloc(sidmap, 0);
+ ctx = talloc_new(sidmap);
/*
given uid
*/
- ret = samdb_search(sidmap->samctx, ctx, NULL, &res, attrs,
+ ret = gendb_search(sidmap->samctx, ctx, NULL, &res, attrs,
"unixID=%u", (unsigned int)uid);
for (i=0;i<ret;i++) {
- const char *sidstr;
-
if (!is_user_account(res[i])) continue;
- sidstr = samdb_result_string(res[i], "objectSid", NULL);
- if (sidstr == NULL) continue;
-
- *sid = dom_sid_parse_talloc(mem_ctx, sidstr);
+ *sid = samdb_result_dom_sid(mem_ctx, res[i], "objectSid");
talloc_free(ctx);
- if (*sid == NULL) {
- return NT_STATUS_NO_MEMORY;
- }
+ NT_STATUS_HAVE_NO_MEMORY(*sid);
return NT_STATUS_OK;
}
goto allocate_sid;
}
- ret = samdb_search(sidmap->samctx, ctx, NULL, &res, attrs,
+ ret = gendb_search(sidmap->samctx, ctx, NULL, &res, attrs,
"(|(unixName=%s)(sAMAccountName=%s))",
pwd->pw_name, pwd->pw_name);
for (i=0;i<ret;i++) {
- const char *sidstr;
-
if (!is_user_account(res[i])) continue;
- sidstr = samdb_result_string(res[i], "objectSid", NULL);
- if (sidstr == NULL) continue;
-
- *sid = dom_sid_parse_talloc(mem_ctx, sidstr);
+ *sid = samdb_result_dom_sid(mem_ctx, res[i], "objectSid");
talloc_free(ctx);
- if (*sid == NULL) {
- return NT_STATUS_NO_MEMORY;
- }
+ NT_STATUS_HAVE_NO_MEMORY(*sid);
return NT_STATUS_OK;
}
*/
- ctx = talloc(sidmap, 0);
+ ctx = talloc_new(sidmap);
/*
given gid
*/
- ret = samdb_search(sidmap->samctx, ctx, NULL, &res, attrs,
+ ret = gendb_search(sidmap->samctx, ctx, NULL, &res, attrs,
"unixID=%u", (unsigned int)gid);
for (i=0;i<ret;i++) {
- const char *sidstr;
-
if (!is_group_account(res[i])) continue;
- sidstr = samdb_result_string(res[i], "objectSid", NULL);
- if (sidstr == NULL) continue;
-
- *sid = dom_sid_parse_talloc(mem_ctx, sidstr);
+ *sid = samdb_result_dom_sid(mem_ctx, res[i], "objectSid");
talloc_free(ctx);
- if (*sid == NULL) {
- return NT_STATUS_NO_MEMORY;
- }
+ NT_STATUS_HAVE_NO_MEMORY(*sid);
return NT_STATUS_OK;
}
goto allocate_sid;
}
- ret = samdb_search(sidmap->samctx, ctx, NULL, &res, attrs,
+ ret = gendb_search(sidmap->samctx, ctx, NULL, &res, attrs,
"(|(unixName=%s)(sAMAccountName=%s))",
grp->gr_name, grp->gr_name);
for (i=0;i<ret;i++) {
- const char *sidstr;
-
if (!is_group_account(res[i])) continue;
- sidstr = samdb_result_string(res[i], "objectSid", NULL);
- if (sidstr == NULL) continue;
-
- *sid = dom_sid_parse_talloc(mem_ctx, sidstr);
+ *sid = samdb_result_dom_sid(mem_ctx, res[i], "objectSid");
talloc_free(ctx);
- if (*sid == NULL) {
- return NT_STATUS_NO_MEMORY;
- }
+ NT_STATUS_HAVE_NO_MEMORY(*sid);
return NT_STATUS_OK;
}
{
NTSTATUS status;
struct dom_sid *domain_sid;
- void *ctx = talloc(mem_ctx, 0);
+ void *ctx = talloc_new(mem_ctx);
uint32_t rid;
status = sidmap_primary_domain_sid(sidmap, ctx, &domain_sid);