Winbind client API
Copyright (C) Gerald (Jerry) Carter 2007
+ Copyright (C) Volker Lendecke 2009
This library is free software; you can redistribute it and/or
modify it under the terms of the GNU Lesser General Public
* 0.1: Initial version
* 0.2: Added wbcRemoveUidMapping()
* Added wbcRemoveGidMapping()
+ * 0.3: Added wbcGetpwsid()
+ * Added wbcGetSidAliases()
+ * 0.4: Added wbcSidTypeString()
+ * 0.5: Added wbcChangeTrustCredentials()
+ * 0.6: Made struct wbcInterfaceDetails char* members non-const
**/
#define WBCLIENT_MAJOR_VERSION 0
-#define WBCLIENT_MINOR_VERSION 2
+#define WBCLIENT_MINOR_VERSION 6
#define WBCLIENT_VENDOR_VERSION "Samba libwbclient"
struct wbcLibraryDetails {
uint16_t major_version;
**/
struct wbcInterfaceDetails {
uint32_t interface_version;
- const char *winbind_version;
+ char *winbind_version;
char winbind_separator;
- const char *netbios_name;
- const char *netbios_domain;
- const char *dns_domain;
+ char *netbios_name;
+ char *netbios_domain;
+ char *dns_domain;
};
/*
#define WBC_DOMINFO_TRUSTTYPE_IN_FOREST 0x00000002
#define WBC_DOMINFO_TRUSTTYPE_EXTERNAL 0x00000003
-
/**
* @brief Auth User Parameters
**/
**/
enum wbcPasswordChangeRejectReason {
- WBC_PWD_CHANGE_REJECT_OTHER=0,
- WBC_PWD_CHANGE_REJECT_TOO_SHORT=1,
- WBC_PWD_CHANGE_REJECT_IN_HISTORY=2,
- WBC_PWD_CHANGE_REJECT_COMPLEXITY=5
+ WBC_PWD_CHANGE_NO_ERROR=0,
+ WBC_PWD_CHANGE_PASSWORD_TOO_SHORT=1,
+ WBC_PWD_CHANGE_PWD_IN_HISTORY=2,
+ WBC_PWD_CHANGE_USERNAME_IN_PASSWORD=3,
+ WBC_PWD_CHANGE_FULLNAME_IN_PASSWORD=4,
+ WBC_PWD_CHANGE_NOT_COMPLEX=5,
+ WBC_PWD_CHANGE_MACHINE_NOT_DEFAULT=6,
+ WBC_PWD_CHANGE_FAILED_BY_FILTER=7,
+ WBC_PWD_CHANGE_PASSWORD_TOO_LONG=8
};
+/* Note: this defines exist for compatibility reasons with existing code */
+#define WBC_PWD_CHANGE_REJECT_OTHER WBC_PWD_CHANGE_NO_ERROR
+#define WBC_PWD_CHANGE_REJECT_TOO_SHORT WBC_PWD_CHANGE_PASSWORD_TOO_SHORT
+#define WBC_PWD_CHANGE_REJECT_IN_HISTORY WBC_PWD_CHANGE_PWD_IN_HISTORY
+#define WBC_PWD_CHANGE_REJECT_COMPLEXITY WBC_PWD_CHANGE_NOT_COMPLEX
+
/**
* @brief Logoff User Parameters
**/
/**
* @brief Free library allocated memory
*
- * @param *p Pointer to free
+ * @param * Pointer to free
*
* @return void
**/
* Utility functions for dealing with SIDs
*/
+/**
+ * @brief Get a string representation of the SID type
+ *
+ * @param type type of the SID
+ *
+ * @return string representation of the SID type
+ */
+const char* wbcSidTypeString(enum wbcSidType type);
+
/**
* @brief Convert a binary SID to a character string
*
/**
* @brief Convert a character string to a binary SID
*
- * @param *str Character string in the form of S-...
+ * @param *sid_string Character string in the form of S-...
* @param sid Resulting binary SID
*
* @return #wbcErr
/**
* @brief Convert a character string to a binary GUID
*
- * @param *str Character string
+ * @param *guid_string Character string
* @param guid Resulting binary GUID
*
* @return #wbcErr
/**
* @brief Convert a domain and name to SID
*
- * @param domain Domain name (possibly "")
+ * @param dom_name Domain name (possibly "")
* @param name User or group name
* @param *sid Pointer to the resolved domain SID
* @param *name_type Pointer to the SID type
* @brief Convert a SID to a domain and name
*
* @param *sid Pointer to the domain SID to be resolved
- * @param pdomain Resolved Domain name (possibly "")
- * @param pname Resolved User or group name
- * @param *pname_type Pointer to the resolved SID type
+ * @param domain Resolved Domain name (possibly "")
+ * @param name Resolved User or group name
+ * @param *name_type Pointer to the resolved SID type
*
* @return #wbcErr
**/
uint32_t *num_sids,
struct wbcDomainSid **sids);
+/*
+ * @brief Get alias membership for sids
+ **/
+wbcErr wbcGetSidAliases(const struct wbcDomainSid *dom_sid,
+ struct wbcDomainSid *sids,
+ uint32_t num_sids,
+ uint32_t **alias_rids,
+ uint32_t *num_alias_rids);
+
/**
* @brief Lists Users
**/
* @param *sid Pointer to the sid of the diresired mapping.
*
* @return #wbcErr
+ *
+ * @deprecated This method is not impemented any more and should
+ * be removed in the next major version change.
**/
wbcErr wbcSetUidMapping(uid_t uid, const struct wbcDomainSid *sid);
**/
wbcErr wbcGetpwuid(uid_t uid, struct passwd **pwd);
+/**
+ * @brief Fill in a struct passwd* for a domain user based
+ * on sid
+ *
+ * @param sid Sid to lookup
+ * @param **pwd Pointer to resulting struct passwd* from the query.
+ *
+ * @return #wbcErr
+ **/
+wbcErr wbcGetpwsid(struct wbcDomainSid * sid, struct passwd **pwd);
+
/**
* @brief Fill in a struct passwd* for a domain user based
* on username
/**
* @brief Lookup the current status of a trusted domain
*
- * @param domain Domain to query
- * @param *dinfo Pointer to returned domain_info struct
+ * @param domain The domain to query
+ *
+ * @param dinfo A pointer to store the returned domain_info struct.
*
* @return #wbcErr
**/
wbcErr wbcDomainInfo(const char *domain,
- struct wbcDomainInfo **info);
+ struct wbcDomainInfo **dinfo);
+
+/**
+ * @brief Lookup the currently contacted DCs
+ *
+ * @param domain The domain to query
+ *
+ * @param num_dcs Number of DCs currently known
+ * @param dc_names Names of the currently known DCs
+ * @param dc_ips IP addresses of the currently known DCs
+ *
+ * @return #wbcErr
+ **/
+wbcErr wbcDcInfo(const char *domain, size_t *num_dcs,
+ const char ***dc_names, const char ***dc_ips);
/**
* @brief Enumerate the domain trusts known by Winbind
struct wbcCredentialCacheInfo **info,
struct wbcAuthErrorInfo **error);
+/**
+ * @brief Save a password with winbind for doing wbcCredentialCache() later
+ *
+ * @param *user Username
+ * @param *password Password
+ *
+ * @return #wbcErr
+ **/
+wbcErr wbcCredentialSave(const char *user, const char *password);
+
/**********************************************************
* Resolve functions
**********************************************************/
/**
* @brief Trigger a verification of the trust credentials of a specific domain
*
+ * @param *domain The name of the domain.
+ * @param error Output details on WBC_ERR_AUTH_ERROR
+ *
+ * @return #wbcErr
+ **/
+wbcErr wbcCheckTrustCredentials(const char *domain,
+ struct wbcAuthErrorInfo **error);
+
+/**
+ * @brief Trigger a change of the trust credentials for a specific domain
+ *
+ * @param *domain The name of the domain.
+ * @param error Output details on WBC_ERR_AUTH_ERROR
+ *
+ * @return #wbcErr
+ **/
+wbcErr wbcChangeTrustCredentials(const char *domain,
+ struct wbcAuthErrorInfo **error);
+
+/**
+ * @brief Trigger a no-op call through the NETLOGON pipe. Low-cost
+ * version of wbcCheckTrustCredentials
+ *
* @param *domain The name of the domain, only NULL for the default domain is
* supported yet. Other values than NULL will result in
* WBC_ERR_NOT_IMPLEMENTED.
*
* @return #wbcErr
**/
-wbcErr wbcCheckTrustCredentials(const char *domain,
- struct wbcAuthErrorInfo **error);
+wbcErr wbcPingDc(const char *domain, struct wbcAuthErrorInfo **error);
/**********************************************************
* Helper functions