map.priv_set.count=priv_set.count;
map.priv_set.set=priv_set.set;
- add_mapping_entry(&map, TDB_INSERT);
+ pdb_add_group_mapping_entry(&map);
return True;
}
DEBUG(10, ("get_domain_group_from_sid\n"));
/* if the group is NOT in the database, it CAN NOT be a domain group */
- if(!get_group_map_from_sid(sid, map, with_priv))
+ if(!pdb_getgrsid(map, sid, with_priv))
return False;
DEBUG(10, ("get_domain_group_from_sid: SID found in the TDB\n"));
}
/* The group is in the mapping table */
- if(get_group_map_from_sid(sid, map, with_priv)) {
+ if(pdb_getgrsid(map, sid, with_priv)) {
if (map->sid_name_use!=SID_NAME_ALIAS) {
if (with_priv)
free_privilege(&map->priv_set);
return(False);
}
- if(!get_group_map_from_sid(sid, map, with_priv))
+ if(!pdb_getgrsid(map, sid, with_priv))
return False;
if (map->sid_name_use!=SID_NAME_WKN_GRP) {
/*
* make a group map from scratch if doesn't exist.
*/
- if (!get_group_map_from_gid(gid, map, with_priv)) {
+ if (!pdb_getgrgid(map, gid, with_priv)) {
map->gid=gid;
map->sid_name_use=SID_NAME_ALIAS;
map->systemaccount=PR_ACCESS_FROM_NETWORK;
typedef struct _GROUP_MAP {
+ struct pdb_methods *methods;
gid_t gid;
DOM_SID sid;
enum SID_NAME_USE sid_name_use;
* this SAMBA will load. Increment this if *ANY* changes are made to the interface.
*/
-#define PASSDB_INTERFACE_VERSION 3
+#define PASSDB_INTERFACE_VERSION 4
/* use this inside a passdb module */
#define PDB_MODULE_VERSIONING_MAGIC \
NTSTATUS (*pdb_update_sam_account)(struct pdb_context *, SAM_ACCOUNT *sampass);
NTSTATUS (*pdb_delete_sam_account)(struct pdb_context *, SAM_ACCOUNT *username);
+
+ NTSTATUS (*pdb_getgrsid)(struct pdb_context *context, GROUP_MAP *map,
+ DOM_SID sid, BOOL with_priv);
+
+ NTSTATUS (*pdb_getgrgid)(struct pdb_context *context, GROUP_MAP *map,
+ gid_t gid, BOOL with_priv);
+
+ NTSTATUS (*pdb_getgrnam)(struct pdb_context *context, GROUP_MAP *map,
+ char *name, BOOL with_priv);
+
+ NTSTATUS (*pdb_add_group_mapping_entry)(struct pdb_context *context,
+ GROUP_MAP *map);
+ NTSTATUS (*pdb_update_group_mapping_entry)(struct pdb_context *context,
+ GROUP_MAP *map);
+
+ NTSTATUS (*pdb_delete_group_mapping_entry)(struct pdb_context *context,
+ DOM_SID sid);
+
+ NTSTATUS (*pdb_enum_group_mapping)(struct pdb_context *context,
+ enum SID_NAME_USE sid_name_use,
+ GROUP_MAP **rmap, int *num_entries,
+ BOOL unix_only, BOOL with_priv);
+
void (*free_fn)(struct pdb_context **);
TALLOC_CTX *mem_ctx;
NTSTATUS (*delete_sam_account)(struct pdb_methods *, SAM_ACCOUNT *username);
+ NTSTATUS (*getgrsid)(struct pdb_methods *methods, GROUP_MAP *map,
+ DOM_SID sid, BOOL with_priv);
+
+ NTSTATUS (*getgrgid)(struct pdb_methods *methods, GROUP_MAP *map,
+ gid_t gid, BOOL with_priv);
+
+ NTSTATUS (*getgrnam)(struct pdb_methods *methods, GROUP_MAP *map,
+ char *name, BOOL with_priv);
+
+ NTSTATUS (*add_group_mapping_entry)(struct pdb_methods *methods,
+ GROUP_MAP *map);
+
+ NTSTATUS (*update_group_mapping_entry)(struct pdb_methods *methods,
+ GROUP_MAP *map);
+
+ NTSTATUS (*delete_group_mapping_entry)(struct pdb_methods *methods,
+ DOM_SID sid);
+
+ NTSTATUS (*enum_group_mapping)(struct pdb_methods *methods,
+ enum SID_NAME_USE sid_name_use,
+ GROUP_MAP **rmap, int *num_entries,
+ BOOL unix_only, BOOL with_priv);
+
void *private_data; /* Private data of some kind */
void (*free_private_data)(void **);
}
/* call the mapping code here */
- if(get_group_map_from_gid(pwd->pw_gid, &map, MAPPING_WITHOUT_PRIV)) {
+ if(pdb_getgrgid(&map, pwd->pw_gid, MAPPING_WITHOUT_PRIV)) {
if (!pdb_set_group_sid(sam_account,&map.sid, PDB_SET)){
DEBUG(0,("Can't set Group SID!\n"));
return NT_STATUS_INVALID_PARAMETER;
pdb_free_sam(&sam_account);
- if (get_group_map_from_sid(*sid, &map, MAPPING_WITHOUT_PRIV)) {
+ if (pdb_getgrsid(&map, *sid, MAPPING_WITHOUT_PRIV)) {
if (map.gid!=-1) {
DEBUG(5,("local_lookup_sid: mapped group %s to gid %u\n", map.nt_name, (unsigned int)map.gid));
} else {
*/
/* check if it's a mapped group */
- if (get_group_map_from_ntname(user, &map, MAPPING_WITHOUT_PRIV)) {
+ if (pdb_getgrnam(&map, user, MAPPING_WITHOUT_PRIV)) {
/* yes it's a mapped group */
sid_copy(&local_sid, &map.sid);
*psid_name_use = map.sid_name_use;
* JFM, 30/11/2001
*/
- if (get_group_map_from_gid(grp->gr_gid, &map, MAPPING_WITHOUT_PRIV)){
+ if (pdb_getgrgid(&map, grp->gr_gid, MAPPING_WITHOUT_PRIV)){
return False;
}
pdb_free_sam(&sam_user);
- if (get_group_map_from_sid(*psid, &map, MAPPING_WITHOUT_PRIV)) {
+ if (pdb_getgrsid(&map, *psid, MAPPING_WITHOUT_PRIV)) {
DEBUG(3, ("local_sid_to_uid: SID '%s' is a group, not a user... \n", sid_to_string(str, psid)));
/* It's a group, not a user... */
return False;
sid_copy(psid, get_global_sam_sid());
- if (get_group_map_from_gid(gid, &map, MAPPING_WITHOUT_PRIV)) {
+ if (pdb_getgrgid(&map, gid, MAPPING_WITHOUT_PRIV)) {
sid_copy(psid, &map.sid);
}
else {
* Or in the Builtin SID too. JFM, 11/30/2001
*/
- if (get_group_map_from_sid(*psid, &map, MAPPING_WITHOUT_PRIV)) {
+ if (pdb_getgrsid(&map, *psid, MAPPING_WITHOUT_PRIV)) {
/* the SID is in the mapping table but not mapped */
if (map.gid==-1)
return sam_acct->methods->delete_sam_account(sam_acct->methods, sam_acct);
}
+static NTSTATUS context_getgrsid(struct pdb_context *context,
+ GROUP_MAP *map, DOM_SID sid, BOOL with_priv)
+{
+ NTSTATUS ret = NT_STATUS_UNSUCCESSFUL;
+
+ struct pdb_methods *curmethods;
+ if ((!context)) {
+ DEBUG(0, ("invalid pdb_context specified!\n"));
+ return ret;
+ }
+ curmethods = context->pdb_methods;
+ while (curmethods){
+ ret = curmethods->getgrsid(curmethods, map, sid, with_priv);
+ if (NT_STATUS_IS_OK(ret)) {
+ map->methods = curmethods;
+ return ret;
+ }
+ curmethods = curmethods->next;
+ }
+
+ return ret;
+}
+
+static NTSTATUS context_getgrgid(struct pdb_context *context,
+ GROUP_MAP *map, gid_t gid, BOOL with_priv)
+{
+ NTSTATUS ret = NT_STATUS_UNSUCCESSFUL;
+
+ struct pdb_methods *curmethods;
+ if ((!context)) {
+ DEBUG(0, ("invalid pdb_context specified!\n"));
+ return ret;
+ }
+ curmethods = context->pdb_methods;
+ while (curmethods){
+ ret = curmethods->getgrgid(curmethods, map, gid, with_priv);
+ if (NT_STATUS_IS_OK(ret)) {
+ map->methods = curmethods;
+ return ret;
+ }
+ curmethods = curmethods->next;
+ }
+
+ return ret;
+}
+
+static NTSTATUS context_getgrnam(struct pdb_context *context,
+ GROUP_MAP *map, char *name, BOOL with_priv)
+{
+ NTSTATUS ret = NT_STATUS_UNSUCCESSFUL;
+
+ struct pdb_methods *curmethods;
+ if ((!context)) {
+ DEBUG(0, ("invalid pdb_context specified!\n"));
+ return ret;
+ }
+ curmethods = context->pdb_methods;
+ while (curmethods){
+ ret = curmethods->getgrnam(curmethods, map, name, with_priv);
+ if (NT_STATUS_IS_OK(ret)) {
+ map->methods = curmethods;
+ return ret;
+ }
+ curmethods = curmethods->next;
+ }
+
+ return ret;
+}
+
+static NTSTATUS context_add_group_mapping_entry(struct pdb_context *context,
+ GROUP_MAP *map)
+{
+ NTSTATUS ret = NT_STATUS_UNSUCCESSFUL;
+
+ if ((!context) || (!context->pdb_methods)) {
+ DEBUG(0, ("invalid pdb_context specified!\n"));
+ return ret;
+ }
+
+ return context->pdb_methods->add_group_mapping_entry(context->pdb_methods,
+ map);
+}
+
+static NTSTATUS context_update_group_mapping_entry(struct pdb_context *context,
+ GROUP_MAP *map)
+{
+ NTSTATUS ret = NT_STATUS_UNSUCCESSFUL;
+
+ if ((!context) || (!context->pdb_methods)) {
+ DEBUG(0, ("invalid pdb_context specified!\n"));
+ return ret;
+ }
+
+ return context->
+ pdb_methods->update_group_mapping_entry(context->pdb_methods, map);
+}
+
+static NTSTATUS context_delete_group_mapping_entry(struct pdb_context *context,
+ DOM_SID sid)
+{
+ NTSTATUS ret = NT_STATUS_UNSUCCESSFUL;
+
+ if ((!context) || (!context->pdb_methods)) {
+ DEBUG(0, ("invalid pdb_context specified!\n"));
+ return ret;
+ }
+
+ return context->
+ pdb_methods->delete_group_mapping_entry(context->pdb_methods, sid);
+}
+
+static NTSTATUS context_enum_group_mapping(struct pdb_context *context,
+ enum SID_NAME_USE sid_name_use,
+ GROUP_MAP **rmap, int *num_entries,
+ BOOL unix_only, BOOL with_priv)
+{
+ NTSTATUS ret = NT_STATUS_UNSUCCESSFUL;
+
+ if ((!context) || (!context->pdb_methods)) {
+ DEBUG(0, ("invalid pdb_context specified!\n"));
+ return ret;
+ }
+
+ return context->pdb_methods->enum_group_mapping(context->pdb_methods,
+ sid_name_use, rmap,
+ num_entries, unix_only,
+ with_priv);
+}
+
/******************************************************************
Free and cleanup a pdb context, any associated data and anything
that the attached modules might have associated.
(*context)->pdb_add_sam_account = context_add_sam_account;
(*context)->pdb_update_sam_account = context_update_sam_account;
(*context)->pdb_delete_sam_account = context_delete_sam_account;
+ (*context)->pdb_getgrsid = context_getgrsid;
+ (*context)->pdb_getgrgid = context_getgrgid;
+ (*context)->pdb_getgrnam = context_getgrnam;
+ (*context)->pdb_add_group_mapping_entry = context_add_group_mapping_entry;
+ (*context)->pdb_update_group_mapping_entry = context_update_group_mapping_entry;
+ (*context)->pdb_delete_group_mapping_entry = context_delete_group_mapping_entry;
+ (*context)->pdb_enum_group_mapping = context_enum_group_mapping;
(*context)->free_fn = free_pdb_context;
return NT_STATUS_IS_OK(pdb_context->pdb_delete_sam_account(pdb_context, sam_acct));
}
+BOOL pdb_getgrsid(GROUP_MAP *map, DOM_SID sid, BOOL with_priv)
+{
+ struct pdb_context *pdb_context = pdb_get_static_context(False);
+
+ if (!pdb_context) {
+ return False;
+ }
+
+ return NT_STATUS_IS_OK(pdb_context->
+ pdb_getgrsid(pdb_context, map, sid, with_priv));
+}
+
+BOOL pdb_getgrgid(GROUP_MAP *map, gid_t gid, BOOL with_priv)
+{
+ struct pdb_context *pdb_context = pdb_get_static_context(False);
+
+ if (!pdb_context) {
+ return False;
+ }
+
+ return NT_STATUS_IS_OK(pdb_context->
+ pdb_getgrgid(pdb_context, map, gid, with_priv));
+}
+
+BOOL pdb_getgrnam(GROUP_MAP *map, char *name, BOOL with_priv)
+{
+ struct pdb_context *pdb_context = pdb_get_static_context(False);
+
+ if (!pdb_context) {
+ return False;
+ }
+
+ return NT_STATUS_IS_OK(pdb_context->
+ pdb_getgrnam(pdb_context, map, name, with_priv));
+}
+
+BOOL pdb_add_group_mapping_entry(GROUP_MAP *map)
+{
+ struct pdb_context *pdb_context = pdb_get_static_context(False);
+
+ if (!pdb_context) {
+ return False;
+ }
+
+ return NT_STATUS_IS_OK(pdb_context->
+ pdb_add_group_mapping_entry(pdb_context, map));
+}
+
+BOOL pdb_update_group_mapping_entry(GROUP_MAP *map)
+{
+ struct pdb_context *pdb_context = pdb_get_static_context(False);
+
+ if (!pdb_context) {
+ return False;
+ }
+
+ return NT_STATUS_IS_OK(pdb_context->
+ pdb_update_group_mapping_entry(pdb_context, map));
+}
+
+BOOL pdb_delete_group_mapping_entry(DOM_SID sid)
+{
+ struct pdb_context *pdb_context = pdb_get_static_context(False);
+
+ if (!pdb_context) {
+ return False;
+ }
+
+ return NT_STATUS_IS_OK(pdb_context->
+ pdb_delete_group_mapping_entry(pdb_context, sid));
+}
+
+BOOL pdb_enum_group_mapping(enum SID_NAME_USE sid_name_use, GROUP_MAP **rmap,
+ int *num_entries, BOOL unix_only, BOOL with_priv)
+{
+ struct pdb_context *pdb_context = pdb_get_static_context(False);
+
+ if (!pdb_context) {
+ return False;
+ }
+
+ return NT_STATUS_IS_OK(pdb_context->
+ pdb_enum_group_mapping(pdb_context, sid_name_use,
+ rmap, num_entries, unix_only,
+ with_priv));
+}
+
#endif /* !defined(WITH_NISPLUS_SAM) */
/***************************************************************
if (group_rid == 0) {
GROUP_MAP map;
/* call the mapping code here */
- if(get_group_map_from_gid(gid, &map, MAPPING_WITHOUT_PRIV)) {
+ if(pdb_getgrgid(&map, gid, MAPPING_WITHOUT_PRIV)) {
pdb_set_group_sid(sampass, &map.sid, PDB_SET);
}
else {
return NT_STATUS_OK;
}
+static NTSTATUS lsapsam_getgrsid(struct pdb_methods *methods, GROUP_MAP *map,
+ DOM_SID sid, BOOL with_priv)
+{
+ return get_group_map_from_sid(sid, map, with_priv) ?
+ NT_STATUS_OK : NT_STATUS_UNSUCCESSFUL;
+}
+
+static NTSTATUS lsapsam_getgrgid(struct pdb_methods *methods, GROUP_MAP *map,
+ gid_t gid, BOOL with_priv)
+{
+ return get_group_map_from_gid(gid, map, with_priv) ?
+ NT_STATUS_OK : NT_STATUS_UNSUCCESSFUL;
+}
+
+static NTSTATUS lsapsam_getgrnam(struct pdb_methods *methods, GROUP_MAP *map,
+ char *name, BOOL with_priv)
+{
+ return get_group_map_from_ntname(name, map, with_priv) ?
+ NT_STATUS_OK : NT_STATUS_UNSUCCESSFUL;
+}
+
+static NTSTATUS lsapsam_add_group_mapping_entry(struct pdb_methods *methods,
+ GROUP_MAP *map)
+{
+ return add_mapping_entry(map, TDB_INSERT) ?
+ NT_STATUS_OK : NT_STATUS_UNSUCCESSFUL;
+}
+
+static NTSTATUS lsapsam_update_group_mapping_entry(struct pdb_methods *methods,
+ GROUP_MAP *map)
+{
+ return add_mapping_entry(map, TDB_REPLACE) ?
+ NT_STATUS_OK : NT_STATUS_UNSUCCESSFUL;
+}
+
+static NTSTATUS lsapsam_delete_group_mapping_entry(struct pdb_methods *methods,
+ DOM_SID sid)
+{
+ return group_map_remove(sid) ?
+ NT_STATUS_OK : NT_STATUS_UNSUCCESSFUL;
+}
+
+static NTSTATUS lsapsam_enum_group_mapping(struct pdb_methods *methods,
+ enum SID_NAME_USE sid_name_use,
+ GROUP_MAP **rmap, int *num_entries,
+ BOOL unix_only, BOOL with_priv)
+{
+ return enum_group_mapping(sid_name_use, rmap, num_entries, unix_only,
+ with_priv) ?
+ NT_STATUS_OK : NT_STATUS_UNSUCCESSFUL;
+}
+
static void free_private_data(void **vp)
{
struct ldapsam_privates **ldap_state = (struct ldapsam_privates **)vp;
(*pdb_method)->add_sam_account = ldapsam_add_sam_account;
(*pdb_method)->update_sam_account = ldapsam_update_sam_account;
(*pdb_method)->delete_sam_account = ldapsam_delete_sam_account;
+ (*pdb_method)->getgrsid = lsapsam_getgrsid;
+ (*pdb_method)->getgrgid = lsapsam_getgrgid;
+ (*pdb_method)->getgrnam = lsapsam_getgrnam;
+ (*pdb_method)->add_group_mapping_entry = lsapsam_add_group_mapping_entry;
+ (*pdb_method)->update_group_mapping_entry = lsapsam_update_group_mapping_entry;
+ (*pdb_method)->delete_group_mapping_entry = lsapsam_delete_group_mapping_entry;
+ (*pdb_method)->enum_group_mapping = lsapsam_enum_group_mapping;
/* TODO: Setup private data and free */
rid = pdb_get_group_rid (sampass);
if (rid == 0) {
- if (get_group_map_from_gid
- (pdb_get_gid (sampass), &map,
- MAPPING_WITHOUT_PRIV)) {
+ if (pdb_getgrgid(&map, pdb_get_gid (sampass),
+ MAPPING_WITHOUT_PRIV)) {
if (!sid_peek_check_rid
(get_global_sam_sid (), &map.sid, &rid))
return False;
return NT_STATUS_UNSUCCESSFUL;
}
+static NTSTATUS smbpasswd_getgrsid(struct pdb_methods *methods, GROUP_MAP *map,
+ DOM_SID sid, BOOL with_priv)
+{
+ return NT_STATUS_NOT_IMPLEMENTED;
+}
+
+static NTSTATUS smbpasswd_getgrgid(struct pdb_methods *methods, GROUP_MAP *map,
+ gid_t gid, BOOL with_priv)
+{
+ return NT_STATUS_NOT_IMPLEMENTED;
+}
+
+static NTSTATUS smbpasswd_getgrnam(struct pdb_methods *methods, GROUP_MAP *map,
+ char *name, BOOL with_priv)
+{
+ return NT_STATUS_NOT_IMPLEMENTED;
+}
+
+static NTSTATUS smbpasswd_add_group_mapping_entry(struct pdb_methods *methods,
+ GROUP_MAP *map)
+{
+ return NT_STATUS_NOT_IMPLEMENTED;
+}
+
+static NTSTATUS smbpasswd_update_group_mapping_entry(struct pdb_methods *methods,
+ GROUP_MAP *map)
+{
+ return NT_STATUS_NOT_IMPLEMENTED;
+}
+
+static NTSTATUS smbpasswd_delete_group_mapping_entry(struct pdb_methods *methods,
+ DOM_SID sid)
+{
+ return NT_STATUS_NOT_IMPLEMENTED;
+}
+
+static NTSTATUS smbpasswd_enum_group_mapping(struct pdb_methods *methods,
+ enum SID_NAME_USE sid_name_use,
+ GROUP_MAP **rmap, int *num_entries,
+ BOOL unix_only, BOOL with_priv)
+{
+ return NT_STATUS_NOT_IMPLEMENTED;
+}
+
static void free_private_data(void **vp)
{
struct smbpasswd_privates **privates = (struct smbpasswd_privates**)vp;
(*pdb_method)->add_sam_account = smbpasswd_add_sam_account;
(*pdb_method)->update_sam_account = smbpasswd_update_sam_account;
(*pdb_method)->delete_sam_account = smbpasswd_delete_sam_account;
+ (*pdb_method)->getgrsid = smbpasswd_getgrsid;
+ (*pdb_method)->getgrgid = smbpasswd_getgrgid;
+ (*pdb_method)->getgrnam = smbpasswd_getgrnam;
+ (*pdb_method)->add_group_mapping_entry = smbpasswd_add_group_mapping_entry;
+ (*pdb_method)->update_group_mapping_entry = smbpasswd_update_group_mapping_entry;
+ (*pdb_method)->delete_group_mapping_entry = smbpasswd_delete_group_mapping_entry;
+ (*pdb_method)->enum_group_mapping = smbpasswd_enum_group_mapping;
/* Setup private data and free function */
return NT_STATUS_UNSUCCESSFUL;
}
+static NTSTATUS tdbsam_getgrsid(struct pdb_methods *methods, GROUP_MAP *map,
+ DOM_SID sid, BOOL with_priv)
+{
+ return get_group_map_from_sid(sid, map, with_priv) ?
+ NT_STATUS_OK : NT_STATUS_UNSUCCESSFUL;
+}
+
+static NTSTATUS tdbsam_getgrgid(struct pdb_methods *methods, GROUP_MAP *map,
+ gid_t gid, BOOL with_priv)
+{
+ return get_group_map_from_gid(gid, map, with_priv) ?
+ NT_STATUS_OK : NT_STATUS_UNSUCCESSFUL;
+}
+
+static NTSTATUS tdbsam_getgrnam(struct pdb_methods *methods, GROUP_MAP *map,
+ char *name, BOOL with_priv)
+{
+ return get_group_map_from_ntname(name, map, with_priv) ?
+ NT_STATUS_OK : NT_STATUS_UNSUCCESSFUL;
+}
+
+static NTSTATUS tdbsam_add_group_mapping_entry(struct pdb_methods *methods,
+ GROUP_MAP *map)
+{
+ return add_mapping_entry(map, TDB_INSERT) ?
+ NT_STATUS_OK : NT_STATUS_UNSUCCESSFUL;
+}
+
+static NTSTATUS tdbsam_update_group_mapping_entry(struct pdb_methods *methods,
+ GROUP_MAP *map)
+{
+ return add_mapping_entry(map, TDB_REPLACE) ?
+ NT_STATUS_OK : NT_STATUS_UNSUCCESSFUL;
+}
+
+static NTSTATUS tdbsam_delete_group_mapping_entry(struct pdb_methods *methods,
+ DOM_SID sid)
+{
+ return group_map_remove(sid) ?
+ NT_STATUS_OK : NT_STATUS_UNSUCCESSFUL;
+}
+
+static NTSTATUS tdbsam_enum_group_mapping(struct pdb_methods *methods,
+ enum SID_NAME_USE sid_name_use,
+ GROUP_MAP **rmap, int *num_entries,
+ BOOL unix_only, BOOL with_priv)
+{
+ return enum_group_mapping(sid_name_use, rmap, num_entries, unix_only,
+ with_priv) ?
+ NT_STATUS_OK : NT_STATUS_UNSUCCESSFUL;
+}
+
static void free_private_data(void **vp)
{
struct tdbsam_privates **tdb_state = (struct tdbsam_privates **)vp;
(*pdb_method)->add_sam_account = tdbsam_add_sam_account;
(*pdb_method)->update_sam_account = tdbsam_update_sam_account;
(*pdb_method)->delete_sam_account = tdbsam_delete_sam_account;
+ (*pdb_method)->getgrsid = tdbsam_getgrsid;
+ (*pdb_method)->getgrgid = tdbsam_getgrgid;
+ (*pdb_method)->getgrnam = tdbsam_getgrnam;
+ (*pdb_method)->add_group_mapping_entry = tdbsam_add_group_mapping_entry;
+ (*pdb_method)->update_group_mapping_entry = tdbsam_update_group_mapping_entry;
+ (*pdb_method)->delete_group_mapping_entry = tdbsam_delete_group_mapping_entry;
+ (*pdb_method)->enum_group_mapping = tdbsam_enum_group_mapping;
tdb_state = talloc_zero(pdb_context->mem_ctx, sizeof(struct tdbsam_privates));
return; /* NT_STATUS_NOT_IMPLEMENTED; */
}
+static NTSTATUS unixsam_getgrsid(struct pdb_methods *methods, GROUP_MAP *map,
+ DOM_SID sid, BOOL with_priv)
+{
+ return NT_STATUS_NOT_IMPLEMENTED;
+}
+
+static NTSTATUS unixsam_getgrgid(struct pdb_methods *methods, GROUP_MAP *map,
+ gid_t gid, BOOL with_priv)
+{
+ return NT_STATUS_NOT_IMPLEMENTED;
+}
+
+static NTSTATUS unixsam_getgrnam(struct pdb_methods *methods, GROUP_MAP *map,
+ char *name, BOOL with_priv)
+{
+ return NT_STATUS_NOT_IMPLEMENTED;
+}
+
+static NTSTATUS unixsam_add_group_mapping_entry(struct pdb_methods *methods,
+ GROUP_MAP *map)
+{
+ return NT_STATUS_NOT_IMPLEMENTED;
+}
+
+static NTSTATUS unixsam_update_group_mapping_entry(struct pdb_methods *methods,
+ GROUP_MAP *map)
+{
+ return NT_STATUS_NOT_IMPLEMENTED;
+}
+
+static NTSTATUS unixsam_delete_group_mapping_entry(struct pdb_methods *methods,
+ DOM_SID sid)
+{
+ return NT_STATUS_NOT_IMPLEMENTED;
+}
+
+static NTSTATUS unixsam_enum_group_mapping(struct pdb_methods *methods,
+ enum SID_NAME_USE sid_name_use,
+ GROUP_MAP **rmap, int *num_entries,
+ BOOL unix_only, BOOL with_priv)
+{
+ return NT_STATUS_NOT_IMPLEMENTED;
+}
+
NTSTATUS pdb_init_unixsam(PDB_CONTEXT *pdb_context, PDB_METHODS **pdb_method, const char *location)
{
NTSTATUS nt_status;
(*pdb_method)->add_sam_account = unixsam_add_sam_account;
(*pdb_method)->update_sam_account = unixsam_update_sam_account;
(*pdb_method)->delete_sam_account = unixsam_delete_sam_account;
+ (*pdb_method)->getgrsid = unixsam_getgrsid;
+ (*pdb_method)->getgrgid = unixsam_getgrgid;
+ (*pdb_method)->getgrnam = unixsam_getgrnam;
+ (*pdb_method)->add_group_mapping_entry = unixsam_add_group_mapping_entry;
+ (*pdb_method)->update_group_mapping_entry = unixsam_update_group_mapping_entry;
+ (*pdb_method)->delete_group_mapping_entry = unixsam_delete_group_mapping_entry;
+ (*pdb_method)->enum_group_mapping = unixsam_enum_group_mapping;
/* There's not very much to initialise here */
return NT_STATUS_OK;
return NT_STATUS_ACCESS_DENIED;
/* get the list of mapped groups (domain, local, builtin) */
- if(!enum_group_mapping(SID_NAME_UNKNOWN, &map, &num_entries, ENUM_ONLY_MAPPED, MAPPING_WITHOUT_PRIV))
+ if(!pdb_enum_group_mapping(SID_NAME_UNKNOWN, &map, &num_entries, ENUM_ONLY_MAPPED, MAPPING_WITHOUT_PRIV))
return NT_STATUS_OK;
if (q_u->enum_context >= num_entries)
if (!find_policy_by_hnd(p, &q_u->pol, (void **)&info))
return NT_STATUS_INVALID_HANDLE;
- if (!get_group_map_from_sid(info->sid, &map, MAPPING_WITH_PRIV))
+ if (!pdb_getgrsid(&map, info->sid, MAPPING_WITH_PRIV))
return NT_STATUS_NO_SUCH_GROUP;
DEBUG(10,("_lsa_enum_privsaccount: %d privileges\n", map.priv_set.count));
if (!find_policy_by_hnd(p, &q_u->pol, (void **)&info))
return NT_STATUS_INVALID_HANDLE;
- if (!get_group_map_from_sid(info->sid, &map, MAPPING_WITHOUT_PRIV))
+ if (!pdb_getgrsid(&map, info->sid, MAPPING_WITHOUT_PRIV))
return NT_STATUS_NO_SUCH_GROUP;
/*
if (!find_policy_by_hnd(p, &q_u->pol, (void **)&info))
return NT_STATUS_INVALID_HANDLE;
- if (!get_group_map_from_sid(info->sid, &map, MAPPING_WITH_PRIV))
+ if (!pdb_getgrsid(&map, info->sid, MAPPING_WITH_PRIV))
return NT_STATUS_NO_SUCH_GROUP;
map.systemaccount=q_u->access;
- if(!add_mapping_entry(&map, TDB_REPLACE))
+ if(!pdb_update_group_mapping_entry(&map))
return NT_STATUS_NO_SUCH_GROUP;
free_privilege(&map.priv_set);
if (!find_policy_by_hnd(p, &q_u->pol, (void **)&info))
return NT_STATUS_INVALID_HANDLE;
- if (!get_group_map_from_sid(info->sid, &map, MAPPING_WITH_PRIV))
+ if (!pdb_getgrsid(&map, info->sid, MAPPING_WITH_PRIV))
return NT_STATUS_NO_SUCH_GROUP;
set=&q_u->set;
add_privilege(&map.priv_set, *luid_attr);
}
- if(!add_mapping_entry(&map, TDB_REPLACE))
+ if(!pdb_update_group_mapping_entry(&map))
return NT_STATUS_NO_SUCH_GROUP;
free_privilege(&map.priv_set);
if (!find_policy_by_hnd(p, &q_u->pol, (void **)&info))
return NT_STATUS_INVALID_HANDLE;
- if (!get_group_map_from_sid(info->sid, &map, MAPPING_WITH_PRIV))
+ if (!pdb_getgrsid(&map, info->sid, MAPPING_WITH_PRIV))
return NT_STATUS_NO_SUCH_GROUP;
if (q_u->allrights!=0) {
remove_privilege(&map.priv_set, *luid_attr);
}
- if(!add_mapping_entry(&map, TDB_REPLACE))
+ if(!pdb_update_group_mapping_entry(&map))
return NT_STATUS_NO_SUCH_GROUP;
free_privilege(&map.priv_set);
return NT_STATUS_OK;
}
- if (!enum_group_mapping(SID_NAME_DOM_GRP, &map, (int *)&group_entries, ENUM_ONLY_MAPPED, MAPPING_WITHOUT_PRIV)) {
+ if (!pdb_enum_group_mapping(SID_NAME_DOM_GRP, &map, (int *)&group_entries, ENUM_ONLY_MAPPED, MAPPING_WITHOUT_PRIV)) {
return NT_STATUS_NO_MEMORY;
}
/* well-known aliases */
if (sid_equal(sid, &global_sid_Builtin) && !lp_hide_local_users()) {
- enum_group_mapping(SID_NAME_WKN_GRP, &map, (int *)&num_entries, ENUM_ONLY_MAPPED, MAPPING_WITHOUT_PRIV);
+ pdb_enum_group_mapping(SID_NAME_WKN_GRP, &map, (int *)&num_entries, ENUM_ONLY_MAPPED, MAPPING_WITHOUT_PRIV);
if (num_entries != 0) {
*d_grp=(DOMAIN_GRP *)talloc_zero(ctx, num_entries*sizeof(DOMAIN_GRP));
for (; (num_entries < max_entries) && (grp != NULL); grp = grp->next) {
uint32 trid;
- if(!get_group_map_from_gid(grp->gr_gid, &smap, MAPPING_WITHOUT_PRIV))
+ if(!pdb_getgrgid(&smap, grp->gr_gid, MAPPING_WITHOUT_PRIV))
continue;
if (smap.sid_name_use!=SID_NAME_ALIAS) {
*p_num_entries = 0;
- enum_group_mapping(SID_NAME_DOM_GRP, &map, (int *)&group_entries, ENUM_ONLY_MAPPED, MAPPING_WITHOUT_PRIV);
+ pdb_enum_group_mapping(SID_NAME_DOM_GRP, &map, (int *)&group_entries, ENUM_ONLY_MAPPED, MAPPING_WITHOUT_PRIV);
num_entries=group_entries-start_idx;
!sid_check_is_in_builtin(&sid))
return NT_STATUS_OBJECT_TYPE_MISMATCH;
- if (!get_group_map_from_sid(sid, &map, MAPPING_WITHOUT_PRIV))
+ if (!pdb_getgrsid(&map, sid, MAPPING_WITHOUT_PRIV))
return NT_STATUS_NO_SUCH_ALIAS;
switch (q_u->switch_level) {
if ( (grp=getgrgid(gid)) != NULL)
return NT_STATUS_ACCESS_DENIED;
- if(!group_map_remove(group_sid))
+ if(!pdb_delete_group_mapping_entry(group_sid))
return NT_STATUS_ACCESS_DENIED;
if (!close_policy_hnd(p, &q_u->group_pol))
return NT_STATUS_ACCESS_DENIED;
/* don't check if we removed it as it could be an un-mapped group */
- group_map_remove(alias_sid);
+ pdb_delete_group_mapping_entry(alias_sid);
if (!close_policy_hnd(p, &q_u->alias_pol))
return NT_STATUS_OBJECT_NAME_INVALID;
return NT_STATUS_INVALID_INFO_CLASS;
}
- if(!add_mapping_entry(&map, TDB_REPLACE)) {
+ if(!pdb_update_group_mapping_entry(&map)) {
free_privilege(&map.priv_set);
return NT_STATUS_NO_SUCH_GROUP;
}
return NT_STATUS_INVALID_INFO_CLASS;
}
- if(!add_mapping_entry(&map, TDB_REPLACE)) {
+ if(!pdb_update_group_mapping_entry(&map)) {
free_privilege(&map.priv_set);
return NT_STATUS_NO_SUCH_GROUP;
}
DEBUG(10,("get_domain_user_groups: searching domain groups [%s] is a member of\n", user_name));
/* first get the list of the domain groups */
- if (!enum_group_mapping(SID_NAME_DOM_GRP, &map, &num_entries, ENUM_ONLY_MAPPED, MAPPING_WITHOUT_PRIV))
+ if (!pdb_enum_group_mapping(SID_NAME_DOM_GRP, &map, &num_entries, ENUM_ONLY_MAPPED, MAPPING_WITHOUT_PRIV))
return False;
DEBUG(10,("get_domain_user_groups: there are %d mapped groups\n", num_entries));
return False;
/* get list of domain groups SID_DOMAIN_GRP=2 */
- if(!enum_group_mapping(SID_NAME_DOM_GRP , &group_list, &num_entries, False, False)) {
+ if(!pdb_enum_group_mapping(SID_NAME_DOM_GRP , &group_list, &num_entries, False, False)) {
DEBUG(3,("api_RNetGroupEnum:failed to get group list"));
return False;
}
pdb_update_sam_account(sam_account);
}
- if (!get_group_map_from_sid(*pdb_get_group_sid(sam_account),
- &map, False)) {
+ if (!pdb_getgrsid(&map, *pdb_get_group_sid(sam_account), False)) {
DEBUG(0, ("Primary group of %s has no mapping!\n",
pdb_get_username(sam_account)));
pdb_free_sam(&sam_account);
DOM_SID group_sid;
fstring sid_string;
GROUP_MAP map;
- int flag = TDB_INSERT;
+ BOOL insert = True;
unistr2_to_ascii(name, &delta->uni_grp_name, sizeof(name)-1);
unistr2_to_ascii(comment, &delta->uni_grp_desc, sizeof(comment)-1);
sid_append_rid(&group_sid, rid);
sid_to_string(sid_string, &group_sid);
- if (get_group_map_from_sid(group_sid, &map, False)) {
+ if (pdb_getgrsid(&map, group_sid, False)) {
grp = getgrgid(map.gid);
- flag = 0; /* Don't TDB_INSERT, mapping exists */
+ insert = False;
}
if (grp == NULL)
map.priv_set.count = 0;
map.priv_set.set = NULL;
- add_mapping_entry(&map, flag);
+ if (insert)
+ pdb_add_group_mapping_entry(&map);
+ else
+ pdb_update_group_mapping_entry(&map);
return NT_STATUS_OK;
}
DOM_SID alias_sid;
fstring sid_string;
GROUP_MAP map;
- int insert_flag = TDB_INSERT;
+ BOOL insert = True;
unistr2_to_ascii(name, &delta->uni_als_name, sizeof(name)-1);
unistr2_to_ascii(comment, &delta->uni_als_desc, sizeof(comment)-1);
sid_append_rid(&alias_sid, rid);
sid_to_string(sid_string, &alias_sid);
- if (get_group_map_from_sid(alias_sid, &map, False)) {
+ if (pdb_getgrsid(&map, alias_sid, False)) {
grp = getgrgid(map.gid);
- insert_flag = 0; /* Don't TDB_INSERT, mapping exists */
+ insert = False;
}
if (grp == NULL) {
map.priv_set.count = 0;
map.priv_set.set = NULL;
- add_mapping_entry(&map, insert_flag);
+ if (insert)
+ pdb_add_group_mapping_entry(&map);
+ else
+ pdb_update_group_mapping_entry(&map);
return NT_STATUS_OK;
}
if (StrnCaseCmp( input, "S-", 2)) {
/* Perhaps its the NT group name? */
- if (!get_group_map_from_ntname(input, &map, MAPPING_WITHOUT_PRIV)) {
+ if (!pdb_getgrnam(&map, input, MAPPING_WITHOUT_PRIV)) {
printf("NT Group %s doesn't exist in mapping DB\n", input);
return False;
} else {
}
/* Get the current mapping from the database */
- if(!get_group_map_from_sid(sid, &map, MAPPING_WITH_PRIV)) {
+ if(!pdb_getgrsid(&map, sid, MAPPING_WITH_PRIV)) {
printf("This SID does not exist in the database\n");
return -1;
}
if (privilege!=NULL)
convert_priv_from_text(&map.priv_set, privilege);
- if (!add_mapping_entry(&map, TDB_REPLACE)) {
+ if (!pdb_add_group_mapping_entry(&map)) {
printf("Count not update group database\n");
free_privilege(&map.priv_set);
return -1;
return -1;
}
- if(!group_map_remove(sid)) {
+ if(!pdb_delete_group_mapping_entry(sid)) {
printf("removing group %s from the mapping db failed!\n", group);
return -1;
}
if (!long_list)
printf("NT group (SID) -> Unix group\n");
- if (!enum_group_mapping(sid_type, &map, &entries, ENUM_ALL_MAPPED, MAPPING_WITH_PRIV))
+ if (!pdb_enum_group_mapping(sid_type, &map, &entries, ENUM_ALL_MAPPED, MAPPING_WITH_PRIV))
return -1;
for (i=0; i<entries; i++) {