#include "auth/auth.h"
#include "librpc/gen_ndr/ndr_security.h"
#include "lib/ldb/include/ldb.h"
-#include "lib/ldb_wrap.h"
+#include "ldb_wrap.h"
#include "param/param.h"
#include "winbind/idmap.h"
#include "libcli/security/security.h"
*/
struct idmap_context *idmap_init(TALLOC_CTX *mem_ctx,
struct tevent_context *ev_ctx,
- struct loadparm_context *lp_ctx)
+ struct loadparm_context *lp_ctx)
{
struct idmap_context *idmap_ctx;
idmap_ctx->lp_ctx = lp_ctx;
idmap_ctx->ldb_ctx = ldb_wrap_connect(mem_ctx, ev_ctx, lp_ctx,
- lp_idmap_url(lp_ctx),
+ lpcfg_idmap_url(lp_ctx),
system_session(lp_ctx),
NULL, 0);
if (idmap_ctx->ldb_ctx == NULL) {
id_type = "ID_TYPE_GID";
break;
default:
- DEBUG(1, ("unixid->type must be type gid or uid\n"));
+ DEBUG(1, ("unixid->type must be type gid or uid (got %u) for lookup with id %lu\n",
+ (unsigned)unixid->type, (unsigned long)unixid->id));
status = NT_STATUS_NONE_MAPPED;
goto failed;
}
*
* If no mapping exists, a new mapping will be created.
*
- * \todo Check if SIDs can be resolved if lp_idmap_trusted_only() == true
+ * \todo Check if SIDs can be resolved if lpcfg_idmap_trusted_only() == true
* \todo Fix backwards compatibility for Samba3
*
* \param idmap_ctx idmap context to use
goto failed;
}
- /*FIXME: if lp_idmap_trusted_only() == true, check if SID can be
+ /*FIXME: if lpcfg_idmap_trusted_only() == true, check if SID can be
* resolved here. */
ret = idmap_get_bounds(idmap_ctx, &low, &high);
*/
NTSTATUS idmap_xids_to_sids(struct idmap_context *idmap_ctx,
- TALLOC_CTX *mem_ctx, int count,
- struct id_map *id)
+ TALLOC_CTX *mem_ctx,
+ struct id_map **id)
{
- int i;
- int error_count = 0;
+ unsigned int i, error_count = 0;
NTSTATUS status;
- for (i = 0; i < count; ++i) {
+ for (i = 0; id && id[i]; i++) {
status = idmap_xid_to_sid(idmap_ctx, mem_ctx,
- &id[i].xid, &id[i].sid);
+ &id[i]->xid, &id[i]->sid);
if (NT_STATUS_EQUAL(status, NT_STATUS_RETRY)) {
status = idmap_xid_to_sid(idmap_ctx, mem_ctx,
- &id[i].xid,
- &id[i].sid);
+ &id[i]->xid,
+ &id[i]->sid);
}
if (!NT_STATUS_IS_OK(status)) {
- DEBUG(1, ("idmapping xid_to_sid failed for id[%d]\n", i));
+ DEBUG(1, ("idmapping xid_to_sid failed for id[%d]=%lu: %s\n",
+ i, (unsigned long)id[i]->xid.id, nt_errstr(status)));
error_count++;
- id[i].status = ID_UNMAPPED;
+ id[i]->status = ID_UNMAPPED;
} else {
- id[i].status = ID_MAPPED;
+ id[i]->status = ID_MAPPED;
}
}
- if (error_count == count) {
+ if (error_count == i) {
/* Mapping did not work at all. */
return NT_STATUS_NONE_MAPPED;
} else if (error_count > 0) {
*/
NTSTATUS idmap_sids_to_xids(struct idmap_context *idmap_ctx,
- TALLOC_CTX *mem_ctx, int count,
- struct id_map *id)
+ TALLOC_CTX *mem_ctx,
+ struct id_map **id)
{
- int i;
- int error_count = 0;
+ unsigned int i, error_count = 0;
NTSTATUS status;
- for (i = 0; i < count; ++i) {
+ for (i = 0; id && id[i]; i++) {
status = idmap_sid_to_xid(idmap_ctx, mem_ctx,
- id[i].sid, &id[i].xid);
+ id[i]->sid, &id[i]->xid);
if (NT_STATUS_EQUAL(status, NT_STATUS_RETRY)) {
status = idmap_sid_to_xid(idmap_ctx, mem_ctx,
- id[i].sid,
- &id[i].xid);
+ id[i]->sid,
+ &id[i]->xid);
}
if (!NT_STATUS_IS_OK(status)) {
- DEBUG(1, ("idmapping sid_to_xid failed for id[%d]\n", i));
+ char *str = dom_sid_string(mem_ctx, id[i]->sid);
+ DEBUG(1, ("idmapping sid_to_xid failed for id[%d]=%s: %s\n",
+ i, str, nt_errstr(status)));
+ talloc_free(str);
error_count++;
- id[i].status = ID_UNMAPPED;
+ id[i]->status = ID_UNMAPPED;
} else {
- id[i].status = ID_MAPPED;
+ id[i]->status = ID_MAPPED;
}
}
- if (error_count == count) {
+ if (error_count == i) {
/* Mapping did not work at all. */
return NT_STATUS_NONE_MAPPED;
} else if (error_count > 0) {