source4/dsdb/samdb/ldb_modules/samba3sam.c

   1 /*
   2    ldb database library - Samba3 SAM compatibility backend
   3
   4    Copyright (C) Jelmer Vernooij 2005
   5 */
   6
   7 #include "includes.h"
   8 #include "ldb/modules/ldb_map.h"
   9 #include "ldb/include/ldb.h"
  10 #include "ldb/include/ldb_private.h"
  11 #include "librpc/gen_ndr/ndr_security.h"
  12
  13 /* FIXME:
  14  * sambaSID -> member  (dn!)
  15  * sambaSIDList -> member (dn!)
  16  * sambaDomainName -> name
  17  * sambaTrustPassword
  18  * sambaUnixIdPool
  19  * sambaIdmapEntry
  20  * sambaAccountPolicy
  21  * sambaSidEntry
  22  * sambaAcctFlags -> systemFlags ?
  23  * sambaPasswordHistory  -> ntPwdHistory*/
  24
  25 /* Not necessary:
  26  * sambaConfig
  27  * sambaShare
  28  * sambaConfigOption
  29  * sambaNextGroupRid
  30  * sambaNextUserRid
  31  * sambaAlgorithmicRidBase
  32  */
  33
  34 /* Not in Samba4:
  35  * sambaKickoffTime
  36  * sambaPwdCanChange
  37  * sambaPwdMustChange
  38  * sambaHomePath
  39  * sambaHomeDrive
  40  * sambaLogonScript
  41  * sambaProfilePath
  42  * sambaUserWorkstations
  43  * sambaMungedDial
  44  * sambaLogonHours */
  45
  46 /* In Samba4 but not in Samba3:
  47 */
  48
  49 static struct ldb_val convert_sid_rid(struct ldb_module *module, TALLOC_CTX *ctx, const struct ldb_val *val)
  50 {
  51         printf("Converting SID TO RID *\n");
  52
  53         /* FIXME */
  54
  55         return ldb_val_dup(ctx, val);
  56 }
  57
  58 static struct ldb_val convert_rid_sid(struct ldb_module *module, TALLOC_CTX *ctx, const struct ldb_val *val)
  59 {
  60         printf("Converting RID TO SID *\n");
  61
  62         /* FIXME */
  63
  64         return ldb_val_dup(ctx, val);
  65 }
  66
  67 static struct ldb_val convert_unix_id2name(struct ldb_module *module, TALLOC_CTX *ctx, const struct ldb_val *val)
  68 {
  69         printf("Converting UNIX ID to name\n");
  70
  71         /* FIXME */
  72
  73         return ldb_val_dup(ctx, val);
  74 }
  75
  76 static struct ldb_val convert_unix_name2id(struct ldb_module *module, TALLOC_CTX *ctx, const struct ldb_val *val)
  77 {
  78         printf("Converting UNIX name to ID\n");
  79
  80         /* FIXME */
  81
  82         return ldb_val_dup(ctx, val);
  83 }
  84
  85 static struct ldb_val encode_sid(struct ldb_module *module, TALLOC_CTX *ctx, const struct ldb_val *val)
  86 {
  87         struct dom_sid *sid = dom_sid_parse_talloc(ctx, (char *)val->data);
  88         struct ldb_val *out = talloc_zero(out, struct ldb_val);
  89         NTSTATUS status;
  90
  91         if (sid == NULL) {
  92                 return *out;
  93         }
  94         status = ndr_push_struct_blob(out, ctx, sid,
  95                                       (ndr_push_flags_fn_t)ndr_push_dom_sid);
  96         talloc_free(sid);
  97         if (!NT_STATUS_IS_OK(status)) {
  98                 return *out;
  99         }
 100
 101         return *out;
 102 }
 103
 104 static struct ldb_val decode_sid(struct ldb_module *module, TALLOC_CTX *ctx, const struct ldb_val *val)
 105 {
 106         struct dom_sid *sid;
 107         NTSTATUS status;
 108         struct ldb_val *out = talloc_zero(ctx, struct ldb_val);
 109
 110         sid = talloc(ctx, struct dom_sid);
 111         if (sid == NULL) {
 112                 return *out;
 113         }
 114         status = ndr_pull_struct_blob(val, sid, sid,
 115                                       (ndr_pull_flags_fn_t)ndr_pull_dom_sid);
 116         if (!NT_STATUS_IS_OK(status)) {
 117                 talloc_free(sid);
 118                 return *out;
 119         }
 120         out->data = (uint8_t *)dom_sid_string(ctx, sid);
 121         talloc_free(sid);
 122         if (out->data == NULL) {
 123                 return *out;
 124         }
 125         out->length = strlen((const char *)out->data);
 126
 127         return *out;
 128 }
 129
 130 const struct ldb_map_objectclass samba3_objectclasses[] = {
 131         { "group", "sambaGroupMapping" },
 132         { "user", "sambaSAMAccount" },
 133         { "domain", "sambaDomain" },
 134         { NULL, NULL }
 135 };
 136
 137 const struct ldb_map_attribute samba3_attributes[] =
 138 {
 139         /* sambaNextRid -> nextRid */
 140         {
 141                 .local_name = "nextRid",
 142                 .type = MAP_RENAME,
 143                 .u = {
 144                         .rename = {
 145                                 .remote_name = "sambaNextRid",
 146                         },
 147                 },
 148         },
 149
 150         /* sambaBadPasswordTime -> badPasswordtime*/
 151         {
 152                 .local_name = "badPasswordTime",
 153                 .type = MAP_RENAME,
 154                 .u = {
 155                         .rename = {
 156                                 .remote_name = "sambaBadPasswordTime",
 157                         },
 158                 },
 159         },
 160
 161         /* sambaLMPassword -> lmPwdHash*/
 162         {
 163                 .local_name = "lmPwdHash",
 164                 .type = MAP_RENAME,
 165                 .u = {
 166                         .rename = {
 167                                 .remote_name = "sambaLMPassword",
 168                         },
 169                 },
 170         },
 171
 172         /* sambaGroupType -> groupType */
 173         {
 174                 .local_name = "groupType",
 175                 .type = MAP_RENAME,
 176                 .u = {
 177                         .rename = {
 178                                 .remote_name = "sambaGroupType",
 179                         },
 180                 },
 181         },
 182
 183         /* sambaNTPassword -> ntPwdHash*/
 184         {
 185                 .local_name = "ntPwdHash",
 186                 .type = MAP_RENAME,
 187                 .u = {
 188                         .rename = {
 189                                 .remote_name = "sambaNTPassword",
 190                         },
 191                 },
 192         },
 193
 194         /* sambaPrimaryGroupSID -> primaryGroupID */
 195         {
 196                 .local_name = "primaryGroupID",
 197                 .type = MAP_CONVERT,
 198                 .u = {
 199                         .convert = {
 200                                 .remote_name = "sambaPrimaryGroupSID",
 201                                 .convert_local = convert_rid_sid,
 202                                 .convert_remote = convert_sid_rid,
 203                         },
 204                 },
 205         },
 206
 207         /* sambaBadPasswordCount -> badPwdCount */
 208         {
 209                 .local_name = "badPwdCount",
 210                 .type = MAP_RENAME,
 211                 .u = {
 212                         .rename = {
 213                                 .remote_name = "sambaBadPasswordCount",
 214                         },
 215                 },
 216         },
 217
 218         /* sambaLogonTime -> lastLogon*/
 219         {
 220                 .local_name = "lastLogon",
 221                 .type = MAP_RENAME,
 222                 .u = {
 223                         .rename = {
 224                                 .remote_name = "sambaLogonTime",
 225                         },
 226                 },
 227         },
 228
 229         /* sambaLogoffTime -> lastLogoff*/
 230         {
 231                 .local_name = "lastLogoff",
 232                 .type = MAP_RENAME,
 233                 .u = {
 234                         .rename = {
 235                                 .remote_name = "sambaLogoffTime",
 236                         },
 237                 },
 238         },
 239
 240         /* gidNumber -> unixName */
 241         {
 242                 .local_name = "unixName",
 243                 .type = MAP_CONVERT,
 244                 .u = {
 245                         .convert = {
 246                                 .remote_name = "gidNumber",
 247                         },
 248                 },
 249         },
 250
 251         /* uid -> unixName */
 252         {
 253                 .local_name = "unixName",
 254                 .type = MAP_RENAME,
 255                 .u = {
 256                         .convert = {
 257                                 .remote_name = "uid",
 258                         },
 259                 },
 260         },
 261
 262         /* displayName -> name */
 263         {
 264                 .local_name = "name",
 265                 .type = MAP_RENAME,
 266                 .u = {
 267                         .rename = {
 268                                 .remote_name = "displayName",
 269                         },
 270                 },
 271         },
 272
 273         /* cn */
 274         {
 275                 .local_name = "cn",
 276                 .type = MAP_KEEP,
 277         },
 278
 279         /* sAMAccountName -> cn */
 280         {
 281                 .local_name = "sAMAccountName",
 282                 .type = MAP_RENAME,
 283                 .u = {
 284                         .rename = {
 285                                 .remote_name = "uid",
 286                         },
 287                 },
 288         },
 289
 290         /* objectCategory */
 291         {
 292                 .local_name = "objectCategory",
 293                 .type = MAP_IGNORE,
 294         },
 295
 296         /* objectGUID */
 297         {
 298                 .local_name = "objectGUID",
 299                 .type = MAP_IGNORE,
 300         },
 301
 302         /* objectVersion */
 303         {
 304                 .local_name = "objectVersion",
 305                 .type = MAP_IGNORE,
 306         },
 307
 308         /* codePage */
 309         {
 310                 .local_name = "codePage",
 311                 .type = MAP_IGNORE,
 312         },
 313
 314         /* dNSHostName */
 315         {
 316                 .local_name = "dNSHostName",
 317                 .type = MAP_IGNORE,
 318         },
 319
 320
 321         /* dnsDomain */
 322         {
 323                 .local_name = "dnsDomain",
 324                 .type = MAP_IGNORE,
 325         },
 326
 327         /* dnsRoot */
 328         {
 329                 .local_name = "dnsRoot",
 330                 .type = MAP_IGNORE,
 331         },
 332
 333         /* countryCode */
 334         {
 335                 .local_name = "countryCode",
 336                 .type = MAP_IGNORE,
 337         },
 338
 339         /* nTMixedDomain */
 340         {
 341                 .local_name = "nTMixedDomain",
 342                 .type = MAP_IGNORE,
 343         },
 344
 345         /* operatingSystem */
 346         {
 347                 .local_name = "operatingSystem",
 348                 .type = MAP_IGNORE,
 349         },
 350
 351         /* operatingSystemVersion */
 352         {
 353                 .local_name = "operatingSystemVersion",
 354                 .type = MAP_IGNORE,
 355         },
 356
 357
 358         /* servicePrincipalName */
 359         {
 360                 .local_name = "servicePrincipalName",
 361                 .type = MAP_IGNORE,
 362         },
 363
 364         /* msDS-Behavior-Version */
 365         {
 366                 .local_name = "msDS-Behavior-Version",
 367                 .type = MAP_IGNORE,
 368         },
 369
 370         /* msDS-KeyVersionNumber */
 371         {
 372                 .local_name = "msDS-KeyVersionNumber",
 373                 .type = MAP_IGNORE,
 374         },
 375
 376         /* msDs-masteredBy */
 377         {
 378                 .local_name = "msDs-masteredBy",
 379                 .type = MAP_IGNORE,
 380         },
 381
 382         /* ou */
 383         {
 384                 .local_name = "ou",
 385                 .type = MAP_KEEP,
 386         },
 387
 388         /* dc */
 389         {
 390                 .local_name = "dc",
 391                 .type = MAP_KEEP,
 392         },
 393
 394         /* description */
 395         {
 396                 .local_name = "description",
 397                 .type = MAP_KEEP,
 398         },
 399
 400         /* sambaSID -> objectSid*/
 401         {
 402                 .local_name = "objectSid",
 403                 .type = MAP_CONVERT,
 404                 .u = {
 405                         .convert = {
 406                                 .remote_name = "sambaSID",
 407                                 .convert_local = decode_sid,
 408                                 .convert_remote = encode_sid,
 409                         },
 410                 },
 411         },
 412
 413         /* sambaPwdLastSet -> pwdLastSet */
 414         {
 415                 .local_name = "pwdLastSet",
 416                 .type = MAP_RENAME,
 417                 .u = {
 418                         .rename = {
 419                                 .remote_name = "sambaPwdLastSet",
 420                         },
 421                 },
 422         },
 423
 424         /* accountExpires */
 425         {
 426                 .local_name = "accountExpires",
 427                 .type = MAP_IGNORE,
 428         },
 429
 430         /* adminCount */
 431         {
 432                 .local_name = "adminCount",
 433                 .type = MAP_IGNORE,
 434         },
 435
 436         /* canonicalName */
 437         {
 438                 .local_name = "canonicalName",
 439                 .type = MAP_IGNORE,
 440         },
 441
 442         /* createTimestamp */
 443         {
 444                 .local_name = "createTimestamp",
 445                 .type = MAP_IGNORE,
 446         },
 447
 448         /* creationTime */
 449         {
 450                 .local_name = "creationTime",
 451                 .type = MAP_IGNORE,
 452         },
 453
 454         /* dMDLocation */
 455         {
 456                 .local_name = "dMDLocation",
 457                 .type = MAP_IGNORE,
 458         },
 459
 460         /* fSMORoleOwner */
 461         {
 462                 .local_name = "fSMORoleOwner",
 463                 .type = MAP_IGNORE,
 464         },
 465
 466         /* forceLogoff */
 467         {
 468                 .local_name = "forceLogoff",
 469                 .type = MAP_IGNORE,
 470         },
 471
 472         /* instanceType */
 473         {
 474                 .local_name = "instanceType",
 475                 .type = MAP_IGNORE,
 476         },
 477
 478         /* invocationId */
 479         {
 480                 .local_name = "invocationId",
 481                 .type = MAP_IGNORE,
 482         },
 483
 484         /* isCriticalSystemObject */
 485         {
 486                 .local_name = "isCriticalSystemObject",
 487                 .type = MAP_IGNORE,
 488         },
 489
 490         /* localPolicyFlags */
 491         {
 492                 .local_name = "localPolicyFlags",
 493                 .type = MAP_IGNORE,
 494         },
 495
 496         /* lockOutObservationWindow */
 497         {
 498                 .local_name = "lockOutObservationWindow",
 499                 .type = MAP_IGNORE,
 500         },
 501
 502         /* lockoutDuration */
 503         {
 504                 .local_name = "lockoutDuration",
 505                 .type = MAP_IGNORE,
 506         },
 507
 508         /* lockoutThreshold */
 509         {
 510                 .local_name = "lockoutThreshold",
 511                 .type = MAP_IGNORE,
 512         },
 513
 514         /* logonCount */
 515         {
 516                 .local_name = "logonCount",
 517                 .type = MAP_IGNORE,
 518         },
 519
 520         /* masteredBy */
 521         {
 522                 .local_name = "masteredBy",
 523                 .type = MAP_IGNORE,
 524         },
 525
 526         /* maxPwdAge */
 527         {
 528                 .local_name = "maxPwdAge",
 529                 .type = MAP_IGNORE,
 530         },
 531
 532         /* member */
 533         {
 534                 .local_name = "member",
 535                 .type = MAP_IGNORE,
 536         },
 537
 538         /* memberOf */
 539         {
 540                 .local_name = "memberOf",
 541                 .type = MAP_IGNORE,
 542         },
 543
 544         /* minPwdAge */
 545         {
 546                 .local_name = "minPwdAge",
 547                 .type = MAP_IGNORE,
 548         },
 549
 550         /* minPwdLength */
 551         {
 552                 .local_name = "minPwdLength",
 553                 .type = MAP_IGNORE,
 554         },
 555
 556         /* modifiedCount */
 557         {
 558                 .local_name = "modifiedCount",
 559                 .type = MAP_IGNORE,
 560         },
 561
 562         /* modifiedCountAtLastProm */
 563         {
 564                 .local_name = "modifiedCountAtLastProm",
 565                 .type = MAP_IGNORE,
 566         },
 567
 568         /* modifyTimestamp */
 569         {
 570                 .local_name = "modifyTimestamp",
 571                 .type = MAP_IGNORE,
 572         },
 573
 574         /* nCName */
 575         {
 576                 .local_name = "nCName",
 577                 .type = MAP_IGNORE,
 578         },
 579
 580         /* nETBIOSName */
 581         {
 582                 .local_name = "nETBIOSName",
 583                 .type = MAP_IGNORE,
 584         },
 585
 586         /* oEMInformation */
 587         {
 588                 .local_name = "oEMInformation",
 589                 .type = MAP_IGNORE,
 590         },
 591
 592         /* privilege */
 593         {
 594                 .local_name = "privilege",
 595                 .type = MAP_IGNORE,
 596         },
 597
 598         /* pwdHistoryLength */
 599         {
 600                 .local_name = "pwdHistoryLength",
 601                 .type = MAP_IGNORE,
 602         },
 603
 604         /* pwdProperties */
 605         {
 606                 .local_name = "pwdProperties",
 607                 .type = MAP_IGNORE,
 608         },
 609
 610         /* rIDAvailablePool */
 611         {
 612                 .local_name = "rIDAvailablePool",
 613                 .type = MAP_IGNORE,
 614         },
 615
 616         /* revision */
 617         {
 618                 .local_name = "revision",
 619                 .type = MAP_IGNORE,
 620         },
 621
 622         /* ridManagerReference */
 623         {
 624                 .local_name = "ridManagerReference",
 625                 .type = MAP_IGNORE,
 626         },
 627
 628         /* sAMAccountType */
 629         {
 630                 .local_name = "sAMAccountType",
 631                 .type = MAP_IGNORE,
 632         },
 633
 634         /* sPNMappings */
 635         {
 636                 .local_name = "sPNMappings",
 637                 .type = MAP_IGNORE,
 638         },
 639
 640         /* serverReference */
 641         {
 642                 .local_name = "serverReference",
 643                 .type = MAP_IGNORE,
 644         },
 645
 646         /* serverState */
 647         {
 648                 .local_name = "serverState",
 649                 .type = MAP_IGNORE,
 650         },
 651
 652         /* showInAdvancedViewOnly */
 653         {
 654                 .local_name = "showInAdvancedViewOnly",
 655                 .type = MAP_IGNORE,
 656         },
 657
 658         /* subRefs */
 659         {
 660                 .local_name = "subRefs",
 661                 .type = MAP_IGNORE,
 662         },
 663
 664         /* systemFlags */
 665         {
 666                 .local_name = "systemFlags",
 667                 .type = MAP_IGNORE,
 668         },
 669
 670         /* uASCompat */
 671         {
 672                 .local_name = "uASCompat",
 673                 .type = MAP_IGNORE,
 674         },
 675
 676         /* uSNChanged */
 677         {
 678                 .local_name = "uSNChanged",
 679                 .type = MAP_IGNORE,
 680         },
 681
 682         /* uSNCreated */
 683         {
 684                 .local_name = "uSNCreated",
 685                 .type = MAP_IGNORE,
 686         },
 687
 688         /* unicodePwd */
 689         {
 690                 .local_name = "unicodePwd",
 691                 .type = MAP_IGNORE,
 692         },
 693
 694         /* userAccountControl */
 695         {
 696                 .local_name = "userAccountControl",
 697                 .type = MAP_IGNORE,
 698         },
 699
 700         /* whenChanged */
 701         {
 702                 .local_name = "whenChanged",
 703                 .type = MAP_IGNORE,
 704         },
 705
 706         /* whenCreated */
 707         {
 708                 .local_name = "whenCreated",
 709                 .type = MAP_IGNORE,
 710         },
 711
 712         {
 713                 .local_name = NULL,
 714         }
 715 };
 716
 717         /* the init function */
 718 #ifdef HAVE_DLOPEN_DISABLED
 719 struct ldb_module *init_module(struct ldb_context *ldb, const char *options[])
 720 #else
 721 struct ldb_module *ldb_samba3sam_module_init(struct ldb_context *ldb, const char *options[])
 722 #endif
 723 {
 724         return ldb_map_init(ldb, samba3_attributes, samba3_objectclasses, "samba3sam");
 725 }