const char *grpname, *dom, *name;
uint32 rid;
- if (pdb_getgrgid(&map, grp->gr_gid)) {
+ if (NT_STATUS_IS_OK(pdb_getgrgid(&map, grp->gr_gid))) {
return NT_STATUS_GROUP_EXISTS;
}
/* if the group is NOT in the database, it CAN NOT be a domain group */
become_root();
- ret = pdb_getgrsid(map, sid);
+ ret = NT_STATUS_IS_OK(pdb_getgrsid(map, sid));
unbecome_root();
/* special case check for rid 513 */
NT_STATUS_OK : NT_STATUS_UNSUCCESSFUL;
}
-NTSTATUS pdb_default_find_alias(struct pdb_methods *methods,
- const char *name, DOM_SID *sid)
-{
- GROUP_MAP map;
-
- if (!pdb_getgrnam(&map, name))
- return NT_STATUS_NO_SUCH_ALIAS;
-
- if ((map.sid_name_use != SID_NAME_WKN_GRP) &&
- (map.sid_name_use != SID_NAME_ALIAS))
- return NT_STATUS_OBJECT_TYPE_MISMATCH;
-
- sid_copy(sid, &map.sid);
- return NT_STATUS_OK;
-}
-
NTSTATUS pdb_default_create_alias(struct pdb_methods *methods,
const char *name, uint32 *rid)
{
{
GROUP_MAP map;
- if (!pdb_getgrsid(&map, sid))
+ if (!NT_STATUS_IS_OK(pdb_getgrsid(&map, sid)))
return NT_STATUS_NO_SUCH_ALIAS;
if ((map.sid_name_use != SID_NAME_ALIAS) &&
{
GROUP_MAP map;
- if (!pdb_getgrsid(&map, sid))
+ if (!NT_STATUS_IS_OK(pdb_getgrsid(&map, sid)))
return NT_STATUS_NO_SUCH_ALIAS;
fstrcpy(map.nt_name, info->acct_name);
return NT_STATUS_OK;
}
-/**********************************************************************
- no ops for passdb backends that don't implement group mapping
- *********************************************************************/
-
-NTSTATUS pdb_nop_getgrsid(struct pdb_methods *methods, GROUP_MAP *map,
- DOM_SID sid)
-{
- return NT_STATUS_UNSUCCESSFUL;
-}
-
-NTSTATUS pdb_nop_getgrgid(struct pdb_methods *methods, GROUP_MAP *map,
- gid_t gid)
-{
- return NT_STATUS_UNSUCCESSFUL;
-}
-
-NTSTATUS pdb_nop_getgrnam(struct pdb_methods *methods, GROUP_MAP *map,
- const char *name)
-{
- return NT_STATUS_UNSUCCESSFUL;
-}
-
-NTSTATUS pdb_nop_add_group_mapping_entry(struct pdb_methods *methods,
- GROUP_MAP *map)
-{
- return NT_STATUS_UNSUCCESSFUL;
-}
-
-NTSTATUS pdb_nop_update_group_mapping_entry(struct pdb_methods *methods,
- GROUP_MAP *map)
-{
- return NT_STATUS_UNSUCCESSFUL;
-}
-
-NTSTATUS pdb_nop_delete_group_mapping_entry(struct pdb_methods *methods,
- DOM_SID sid)
-{
- return NT_STATUS_UNSUCCESSFUL;
-}
-
-NTSTATUS pdb_nop_enum_group_mapping(struct pdb_methods *methods,
- enum SID_NAME_USE sid_name_use,
- GROUP_MAP **rmap, size_t *num_entries,
- BOOL unix_only)
-{
- return NT_STATUS_UNSUCCESSFUL;
-}
-
/****************************************************************************
These need to be redirected through pdb_interface.c
****************************************************************************/
TALLOC_CTX *mem_ctx,
uint32 group_rid, uint32 member_rid);
- NTSTATUS (*find_alias)(struct pdb_methods *methods,
- const char *name, DOM_SID *sid);
-
NTSTATUS (*create_alias)(struct pdb_methods *methods,
const char *name, uint32 *rid);
GROUP_MAP map;
- if (pdb_getgrgid(&map, grp->gr_gid)) {
+ if (NT_STATUS_IS_OK(pdb_getgrgid(&map, grp->gr_gid))) {
/* The hack gets worse. Handle the case where we have
* 'force group = +unixgroup' but "unixgroup" has a
* group mapping */
if ((sid_check_is_in_builtin(psid) ||
sid_check_is_in_wellknown_domain(psid))) {
- if (pdb_getgrsid(&map, psid)) {
+ if (NT_STATUS_IS_OK(pdb_getgrsid(&map, psid))) {
*pgid = map.gid;
goto done;
}
*/
become_root();
- ret = pdb_getgrnam(&map, user);
+ ret = NT_STATUS_IS_OK(pdb_getgrnam(&map, user));
unbecome_root();
if (!ret) {
return pdb->update_login_attempts(pdb, sam_acct, success);
}
-BOOL pdb_getgrsid(GROUP_MAP *map, const DOM_SID *sid)
+NTSTATUS pdb_getgrsid(GROUP_MAP *map, const DOM_SID *sid)
{
struct pdb_methods *pdb = pdb_get_methods();
- return NT_STATUS_IS_OK(pdb->getgrsid(pdb, map, sid));
+ return pdb->getgrsid(pdb, map, sid);
}
-BOOL pdb_getgrgid(GROUP_MAP *map, gid_t gid)
+NTSTATUS pdb_getgrgid(GROUP_MAP *map, gid_t gid)
{
struct pdb_methods *pdb = pdb_get_methods();
- return NT_STATUS_IS_OK(pdb->getgrgid(pdb, map, gid));
+ return pdb->getgrgid(pdb, map, gid);
}
-BOOL pdb_getgrnam(GROUP_MAP *map, const char *name)
+NTSTATUS pdb_getgrnam(GROUP_MAP *map, const char *name)
{
struct pdb_methods *pdb = pdb_get_methods();
- return NT_STATUS_IS_OK(pdb->getgrnam(pdb, map, name));
+ return pdb->getgrnam(pdb, map, name);
}
static NTSTATUS pdb_default_create_dom_group(struct pdb_methods *methods,
return pdb->del_groupmem(pdb, mem_ctx, group_rid, member_rid);
}
-BOOL pdb_find_alias(const char *name, DOM_SID *sid)
-{
- struct pdb_methods *pdb = pdb_get_methods();
- return NT_STATUS_IS_OK(pdb->find_alias(pdb, name, sid));
-}
-
NTSTATUS pdb_create_alias(const char *name, uint32 *rid)
{
struct pdb_methods *pdb = pdb_get_methods();
}
TALLOC_FREE(sam_account);
- ret = pdb_getgrsid(&map, &sid);
+ ret = NT_STATUS_IS_OK(pdb_getgrsid(&map, &sid));
unbecome_root();
/* END BECOME_ROOT BLOCK */
(*methods)->set_unix_primary_group = pdb_default_set_unix_primary_group;
(*methods)->add_groupmem = pdb_default_add_groupmem;
(*methods)->del_groupmem = pdb_default_del_groupmem;
- (*methods)->find_alias = pdb_default_find_alias;
(*methods)->create_alias = pdb_default_create_alias;
(*methods)->delete_alias = pdb_default_delete_alias;
(*methods)->get_aliasinfo = pdb_default_get_aliasinfo;
if ( !nt_token_check_domain_rid( p->pipe_user.nt_user_token, DOMAIN_GROUP_RID_ADMINS ) )
return NT_STATUS_ACCESS_DENIED;
- if (!pdb_getgrsid(&map, &info->sid))
+ if (!NT_STATUS_IS_OK(pdb_getgrsid(&map, &info->sid)))
return NT_STATUS_NO_SUCH_GROUP;
return pdb_update_group_mapping_entry(&map);
string_to_sid(&sid, "S-1-5-32-545");
ZERO_STRUCT(map);
- if (!pdb_getgrsid(&map, &sid)) {
- d_fprintf(stderr, "(%s) pdb_getgrsid failed\n",
- __location__);
+ status = pdb_getgrsid(&map, &sid);
+ if (!NT_STATUS_IS_OK(status)) {
+ d_fprintf(stderr, "(%s) pdb_getgrsid failed: %s\n",
+ __location__, nt_errstr(status));
goto fail;
}
ZERO_STRUCT(map1);
- if (!pdb_getgrgid(&map1, map.gid)) {
- d_fprintf(stderr, "(%s) pdb_getgrgid failed\n",
- __location__);
+ status = pdb_getgrgid(&map1, map.gid);
+ if (!NT_STATUS_IS_OK(status)) {
+ d_fprintf(stderr, "(%s) pdb_getgrgid failed: %s\n",
+ __location__, nt_errstr(status));
goto fail;
}
}
ZERO_STRUCT(map1);
- if (!pdb_getgrnam(&map1, map.nt_name)) {
- d_fprintf(stderr, "(%s) pdb_getgrnam failed\n",
- __location__);
+ status = pdb_getgrnam(&map1, map.nt_name);
+ if (!NT_STATUS_IS_OK(status)) {
+ d_fprintf(stderr, "(%s) pdb_getgrnam failed: %s\n",
+ __location__, nt_errstr(status));
goto fail;
}
GROUP_MAP map, map1;
string_to_sid(&sid, "S-1-5-32-545");
- if (!pdb_getgrsid(&map, &sid)) {
- d_fprintf(stderr, "(%s) did not find S-1-5-32-545\n",
- __location__);
+ status = pdb_getgrsid(&map, &sid);
+ if (!NT_STATUS_IS_OK(status)) {
+ d_fprintf(stderr, "(%s) did not find S-1-5-32-545: "
+ "%s\n", __location__, nt_errstr(status));
goto fail;
}
CHECK_STATUS(status, NT_STATUS_UNSUCCESSFUL);
#endif
- if (pdb_getgrsid(&map1, &sid)) {
+ if (NT_STATUS_IS_OK(pdb_getgrsid(&map1, &sid))) {
d_fprintf(stderr, "(%s) getgrsid found deleted "
"entry\n", __location__);
goto fail;
}
- if (pdb_getgrgid(&map1, map.gid)) {
+ if (NT_STATUS_IS_OK(pdb_getgrgid(&map1, map.gid))) {
d_fprintf(stderr, "(%s) getgrgid found deleted "
"entry\n", __location__);
goto fail;
}
- if (pdb_getgrnam(&map1, map.nt_name)) {
+ if (NT_STATUS_IS_OK(pdb_getgrnam(&map1, map.nt_name))) {
d_fprintf(stderr, "(%s) getgrnam found deleted "
"entry\n", __location__);
goto fail;
GROUP_MAP map, map1;
string_to_sid(&sid, "S-1-5-32-544");
- if (!pdb_getgrsid(&map, &sid)) {
- d_fprintf(stderr, "(%s) did not find S-1-5-32-544\n",
- __location__);
+ status = pdb_getgrsid(&map, &sid);
+ if (!NT_STATUS_IS_OK(status)) {
+ d_fprintf(stderr, "(%s) did not find S-1-5-32-544: "
+ "%s\n", __location__, nt_errstr(status));
goto fail;
}
status = pdb_update_group_mapping_entry(&map);
CHECK_STATUS(status, NT_STATUS_OK);
- if (pdb_getgrgid(&map1, oldgid)) {
+ if (NT_STATUS_IS_OK(pdb_getgrgid(&map1, oldgid))) {
d_fprintf(stderr, "(%s) getgrgid found outdated "
"entry\n", __location__);
goto fail;
if (StrnCaseCmp( input, "S-", 2)) {
/* Perhaps its the NT group name? */
- if (!pdb_getgrnam(&map, input)) {
+ if (!NT_STATUS_IS_OK(pdb_getgrnam(&map, input))) {
printf("NT Group %s doesn't exist in mapping DB\n", input);
return False;
} else {
}
/* Get the current mapping from the database */
- if(!pdb_getgrsid(&map, &sid)) {
+ if(!NT_STATUS_IS_OK(pdb_getgrsid(&map, &sid))) {
d_fprintf(stderr, "Failure to local group SID in the database\n");
return -1;
}
{
GROUP_MAP map;
- if (pdb_getgrgid(&map, gid)) {
+ if (NT_STATUS_IS_OK(pdb_getgrgid(&map, gid))) {
d_printf("Unix group %s already mapped to SID %s\n",
unixgrp, sid_string_static(&map.sid));
return -1;
}
/* Get the current mapping from the database */
- if(!pdb_getgrsid(&map, &sid)) {
+ if(!NT_STATUS_IS_OK(pdb_getgrsid(&map, &sid))) {
d_fprintf(stderr, "Failure to local group SID in the database\n");
return -1;
}
}
}
- have_map = pdb_getgrnam(&map, ntgroup);
+ have_map = NT_STATUS_IS_OK(pdb_getgrnam(&map, ntgroup));
if (!have_map) {
DOM_SID sid;
have_map = ( (strncmp(ntgroup, "S-", 2) == 0) &&
string_to_sid(&sid, ntgroup) &&
- pdb_getgrsid(&map, &sid) );
+ NT_STATUS_IS_OK(pdb_getgrsid(&map, &sid)) );
}
if (!have_map) {
group_sid = *pdb_get_group_sid(sam_account);
- if (!pdb_getgrsid(&map, &group_sid)) {
+ if (!NT_STATUS_IS_OK(pdb_getgrsid(&map, &group_sid))) {
DEBUG(0, ("Primary group of %s has no mapping!\n",
pdb_get_username(sam_account)));
} else {
sid_append_rid(&group_sid, rid);
sid_to_string(sid_string, &group_sid);
- if (pdb_getgrsid(&map, &group_sid)) {
+ if (NT_STATUS_IS_OK(pdb_getgrsid(&map, &group_sid))) {
if ( map.gid != -1 )
grp = getgrgid(map.gid);
insert = False;
sid_copy(&alias_sid, &dom_sid);
sid_append_rid(&alias_sid, rid);
- if (pdb_getgrsid(&map, &alias_sid)) {
+ if (NT_STATUS_IS_OK(pdb_getgrsid(&map, &alias_sid))) {
grp = getgrgid(map.gid);
insert = False;
}
return -1;
}
- if (!pdb_getgrsid(&map, &sid)) {
+ if (!NT_STATUS_IS_OK(pdb_getgrsid(&map, &sid))) {
d_fprintf(stderr, "Could not load group %s\n", argv[0]);
return -1;
}
sid_compose(&gsid, get_global_sam_sid(), DOMAIN_GROUP_RID_USERS);
- if (!pdb_getgrsid(&gmap, &gsid)) {
+ if (!NT_STATUS_IS_OK(pdb_getgrsid(&gmap, &gsid))) {
LDAPMod **mods = NULL;
char *dn;
char *uname;
sid_compose(&gsid, get_global_sam_sid(), DOMAIN_GROUP_RID_ADMINS);
- if (!pdb_getgrsid(&gmap, &gsid)) {
+ if (!NT_STATUS_IS_OK(pdb_getgrsid(&gmap, &gsid))) {
LDAPMod **mods = NULL;
char *dn;
char *uname;
goto done;
}
- if (!pdb_getgrgid(&gmap, pwd->pw_gid)) {
+ if (!NT_STATUS_IS_OK(pdb_getgrgid(&gmap, pwd->pw_gid))) {
LDAPMod **mods = NULL;
char *dn;
char *uname;