s3-libads: use ldap_init_fd() to initialize a ldap session if possible
[bbaumbach/samba-autobuild/.git] / source3 / passdb / pdb_ldap_schema.c
1 /*
2    Unix SMB/CIFS implementation.
3    LDAP protocol helper functions for SAMBA
4    Copyright (C) Jean Fran├žois Micouleau       1998
5    Copyright (C) Gerald Carter                  2001-2003
6    Copyright (C) Shahms King                    2001
7    Copyright (C) Andrew Bartlett                2002-2003
8    Copyright (C) Stefan (metze) Metzmacher      2002-2003
9
10    This program is free software; you can redistribute it and/or modify
11    it under the terms of the GNU General Public License as published by
12    the Free Software Foundation; either version 3 of the License, or
13    (at your option) any later version.
14
15    This program is distributed in the hope that it will be useful,
16    but WITHOUT ANY WARRANTY; without even the implied warranty of
17    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
18    GNU General Public License for more details.
19
20    You should have received a copy of the GNU General Public License
21    along with this program.  If not, see <http://www.gnu.org/licenses/>.
22
23 */
24
25 #include "includes.h"
26 #include "passdb/pdb_ldap_schema.h"
27
28 /* attributes used by Samba 3.0's sambaSamAccount */
29
30 ATTRIB_MAP_ENTRY attrib_map_v30[] = {
31         { LDAP_ATTR_UID,                "uid"                   },
32         { LDAP_ATTR_UIDNUMBER,          LDAP_ATTRIBUTE_UIDNUMBER},
33         { LDAP_ATTR_GIDNUMBER,          LDAP_ATTRIBUTE_GIDNUMBER},
34         { LDAP_ATTR_UNIX_HOME,          "homeDirectory"         },
35         { LDAP_ATTR_PWD_LAST_SET,       "sambaPwdLastSet"       },
36         { LDAP_ATTR_PWD_CAN_CHANGE,     "sambaPwdCanChange"     },
37         { LDAP_ATTR_PWD_MUST_CHANGE,    "sambaPwdMustChange"    },
38         { LDAP_ATTR_LOGON_TIME,         "sambaLogonTime"        },
39         { LDAP_ATTR_LOGOFF_TIME,        "sambaLogoffTime"       },
40         { LDAP_ATTR_KICKOFF_TIME,       "sambaKickoffTime"      },
41         { LDAP_ATTR_CN,                 "cn"                    },
42         { LDAP_ATTR_SN,                 "sn"                    },
43         { LDAP_ATTR_DISPLAY_NAME,       "displayName"           },
44         { LDAP_ATTR_HOME_DRIVE,         "sambaHomeDrive"        },
45         { LDAP_ATTR_HOME_PATH,          "sambaHomePath"         },
46         { LDAP_ATTR_LOGON_SCRIPT,       "sambaLogonScript"      },
47         { LDAP_ATTR_PROFILE_PATH,       "sambaProfilePath"      },
48         { LDAP_ATTR_DESC,               "description"           },
49         { LDAP_ATTR_USER_WKS,           "sambaUserWorkstations" },
50         { LDAP_ATTR_USER_SID,           LDAP_ATTRIBUTE_SID      },
51         { LDAP_ATTR_PRIMARY_GROUP_SID,  "sambaPrimaryGroupSID"  },
52         { LDAP_ATTR_LMPW,               "sambaLMPassword"       },
53         { LDAP_ATTR_NTPW,               "sambaNTPassword"       },
54         { LDAP_ATTR_DOMAIN,             "sambaDomainName"       },
55         { LDAP_ATTR_OBJCLASS,           "objectClass"           },
56         { LDAP_ATTR_ACB_INFO,           "sambaAcctFlags"        },
57         { LDAP_ATTR_MUNGED_DIAL,        "sambaMungedDial"       },
58         { LDAP_ATTR_BAD_PASSWORD_COUNT, "sambaBadPasswordCount" },
59         { LDAP_ATTR_BAD_PASSWORD_TIME,  "sambaBadPasswordTime"  },
60         { LDAP_ATTR_PWD_HISTORY,        "sambaPasswordHistory"  },
61         { LDAP_ATTR_MOD_TIMESTAMP,      "modifyTimestamp"       },
62         { LDAP_ATTR_LOGON_HOURS,        "sambaLogonHours"       },
63         { LDAP_ATTR_LIST_END,           NULL                    }
64 };
65
66 ATTRIB_MAP_ENTRY attrib_map_to_delete_v30[] = {
67         { LDAP_ATTR_PWD_LAST_SET,       "sambaPwdLastSet"       },
68         { LDAP_ATTR_PWD_CAN_CHANGE,     "sambaPwdCanChange"     },
69         { LDAP_ATTR_PWD_MUST_CHANGE,    "sambaPwdMustChange"    },
70         { LDAP_ATTR_LOGON_TIME,         "sambaLogonTime"        },
71         { LDAP_ATTR_LOGOFF_TIME,        "sambaLogoffTime"       },
72         { LDAP_ATTR_KICKOFF_TIME,       "sambaKickoffTime"      },
73         { LDAP_ATTR_DISPLAY_NAME,       "displayName"           },
74         { LDAP_ATTR_HOME_DRIVE,         "sambaHomeDrive"        },
75         { LDAP_ATTR_HOME_PATH,          "sambaHomePath"         },
76         { LDAP_ATTR_LOGON_SCRIPT,       "sambaLogonScript"      },
77         { LDAP_ATTR_PROFILE_PATH,       "sambaProfilePath"      },
78         { LDAP_ATTR_USER_WKS,           "sambaUserWorkstations" },
79         { LDAP_ATTR_USER_SID,           LDAP_ATTRIBUTE_SID      },
80         { LDAP_ATTR_PRIMARY_GROUP_SID,  "sambaPrimaryGroupSID"  },
81         { LDAP_ATTR_LMPW,               "sambaLMPassword"       },
82         { LDAP_ATTR_NTPW,               "sambaNTPassword"       },
83         { LDAP_ATTR_DOMAIN,             "sambaDomainName"       },
84         { LDAP_ATTR_ACB_INFO,           "sambaAcctFlags"        },
85         { LDAP_ATTR_MUNGED_DIAL,        "sambaMungedDial"       },
86         { LDAP_ATTR_BAD_PASSWORD_COUNT, "sambaBadPasswordCount" },
87         { LDAP_ATTR_BAD_PASSWORD_TIME,  "sambaBadPasswordTime"  },
88         { LDAP_ATTR_PWD_HISTORY,        "sambaPasswordHistory"  },
89         { LDAP_ATTR_LOGON_HOURS,        "sambaLogonHours"       },
90         { LDAP_ATTR_LIST_END,           NULL                    }
91 };
92
93 /* attributes used for allocating RIDs */
94
95 ATTRIB_MAP_ENTRY dominfo_attr_list[] = {
96         { LDAP_ATTR_DOMAIN,             "sambaDomainName"       },
97         { LDAP_ATTR_NEXT_RID,           "sambaNextRid"          },
98         { LDAP_ATTR_NEXT_USERRID,       "sambaNextUserRid"      },
99         { LDAP_ATTR_NEXT_GROUPRID,      "sambaNextGroupRid"     },
100         { LDAP_ATTR_DOM_SID,            LDAP_ATTRIBUTE_SID      },
101         { LDAP_ATTR_ALGORITHMIC_RID_BASE,"sambaAlgorithmicRidBase"},
102         { LDAP_ATTR_OBJCLASS,           "objectClass"           },
103         { LDAP_ATTR_LIST_END,           NULL                    },
104 };
105
106 /* Samba 3.0 group mapping attributes */
107
108 ATTRIB_MAP_ENTRY groupmap_attr_list[] = {
109         { LDAP_ATTR_GIDNUMBER,          LDAP_ATTRIBUTE_GIDNUMBER},
110         { LDAP_ATTR_GROUP_SID,          LDAP_ATTRIBUTE_SID      },
111         { LDAP_ATTR_GROUP_TYPE,         "sambaGroupType"        },
112         { LDAP_ATTR_SID_LIST,           "sambaSIDList"          },
113         { LDAP_ATTR_DESC,               "description"           },
114         { LDAP_ATTR_DISPLAY_NAME,       "displayName"           },
115         { LDAP_ATTR_CN,                 "cn"                    },
116         { LDAP_ATTR_OBJCLASS,           "objectClass"           },
117         { LDAP_ATTR_LIST_END,           NULL                    }
118 };
119
120 ATTRIB_MAP_ENTRY groupmap_attr_list_to_delete[] = {
121         { LDAP_ATTR_GROUP_SID,          LDAP_ATTRIBUTE_SID      },
122         { LDAP_ATTR_GROUP_TYPE,         "sambaGroupType"        },
123         { LDAP_ATTR_DESC,               "description"           },
124         { LDAP_ATTR_DISPLAY_NAME,       "displayName"           },
125         { LDAP_ATTR_SID_LIST,           "sambaSIDList"          },
126         { LDAP_ATTR_LIST_END,           NULL                    }
127 };
128
129 /* idmap_ldap sambaUnixIdPool */
130
131 ATTRIB_MAP_ENTRY idpool_attr_list[] = {
132         { LDAP_ATTR_UIDNUMBER,          LDAP_ATTRIBUTE_UIDNUMBER},
133         { LDAP_ATTR_GIDNUMBER,          LDAP_ATTRIBUTE_GIDNUMBER},
134         { LDAP_ATTR_OBJCLASS,           "objectClass"           },
135         { LDAP_ATTR_LIST_END,           NULL                    }
136 };
137
138 ATTRIB_MAP_ENTRY sidmap_attr_list[] = {
139         { LDAP_ATTR_SID,                LDAP_ATTRIBUTE_SID      },
140         { LDAP_ATTR_UIDNUMBER,          LDAP_ATTRIBUTE_UIDNUMBER},
141         { LDAP_ATTR_GIDNUMBER,          LDAP_ATTRIBUTE_GIDNUMBER},
142         { LDAP_ATTR_OBJCLASS,           "objectClass"           },
143         { LDAP_ATTR_LIST_END,           NULL                    }
144 };
145
146 /**********************************************************************
147  perform a simple table lookup and return the attribute name
148  **********************************************************************/
149
150  const char* get_attr_key2string( ATTRIB_MAP_ENTRY table[], int key )
151 {
152         int i = 0;
153
154         while ( table[i].attrib != LDAP_ATTR_LIST_END ) {
155                 if ( table[i].attrib == key )
156                         return table[i].name;
157                 i++;
158         }
159
160         return NULL;
161 }
162
163
164 /**********************************************************************
165  Return the list of attribute names from a mapping table
166  **********************************************************************/
167
168  const char** get_attr_list( TALLOC_CTX *mem_ctx, ATTRIB_MAP_ENTRY table[] )
169 {
170         const char **names;
171         int i = 0;
172
173         while ( table[i].attrib != LDAP_ATTR_LIST_END )
174                 i++;
175         i++;
176
177         names = talloc_array( mem_ctx, const char*, i );
178         if ( !names ) {
179                 DEBUG(0,("get_attr_list: out of memory\n"));
180                 return NULL;
181         }
182
183         i = 0;
184         while ( table[i].attrib != LDAP_ATTR_LIST_END ) {
185                 names[i] = talloc_strdup( names, table[i].name );
186                 i++;
187         }
188         names[i] = NULL;
189
190         return names;
191 }