static struct winbindd_domain *_domain_list = NULL;
-/**
- When was the last scan of trusted domains done?
-
- 0 == not ever
-*/
-
-static time_t last_trustdom_scan;
-
struct winbindd_domain *domain_list(void)
{
/* Initialise list */
if (sid == NULL)
return False;
- if ( IS_DC )
- return sid_check_is_builtin(sid);
-
return (sid_check_is_domain(sid) || sid_check_is_builtin(sid));
}
if (sid == NULL)
return False;
- if ( IS_DC )
- return sid_check_is_in_builtin(sid);
-
return (sid_check_is_in_our_domain(sid) || sid_check_is_in_builtin(sid));
}
*q = '\0';
if (!string_to_sid(&sid, sidstr)) {
- /* Allow NULL sid for sibling domains */
- if ( strcmp(sidstr,"S-0-0") == 0) {
- sid_copy( &sid, &global_sid_NULL);
- } else {
- DEBUG(0, ("Got invalid trustdom response\n"));
- break;
- }
+ DEBUG(0, ("Got invalid trustdom response\n"));
+ break;
}
/* use the real alt_name if we have one, else pass in NULL */
(c) ask the a DC in any Win2003 trusted forests
*********************************************************************/
-void rescan_trusted_domains( void )
+void rescan_trusted_domains(struct tevent_context *ev, struct tevent_timer *te,
+ struct timeval now, void *private_data)
{
- time_t now = time(NULL);
-
- /* Check that we allow trusted domains at all */
- if (!lp_allow_trusted_domains())
- return;
-
- /* see if the time has come... */
-
- if ((now >= last_trustdom_scan) &&
- ((now-last_trustdom_scan) < WINBINDD_RESCAN_FREQ) )
- return;
+ TALLOC_FREE(te);
/* I use to clear the cache here and start over but that
caused problems in child processes that needed the
add_trusted_domains( find_our_domain() );
- last_trustdom_scan = now;
+ te = tevent_add_timer(
+ ev, NULL, timeval_current_ofs(WINBINDD_RESCAN_FREQ, 0),
+ rescan_trusted_domains, NULL);
+ /*
+ * If te == NULL, there's not much we can do here. Don't fail, the
+ * only thing we miss is new trusted domains.
+ */
return;
}
fstrcpy(domain->dcname, state->request->data.init_conn.dcname);
}
- init_dc_connection(domain);
+ if (domain->internal) {
+ domain->initialized = true;
+ } else {
+ init_dc_connection(domain);
+ }
if (!domain->initialized) {
/* If we return error here we can't do any cached authentication,
"online = %d\n", domain->name, (int)domain->online ));
}
- fstrcpy(state->response.data.domain_info.name, domain->name);
- fstrcpy(state->response.data.domain_info.alt_name, domain->alt_name);
- sid_to_fstring(state->response.data.domain_info.sid, &domain->sid);
+ fstrcpy(state->response->data.domain_info.name, domain->name);
+ fstrcpy(state->response->data.domain_info.alt_name, domain->alt_name);
+ sid_to_fstring(state->response->data.domain_info.sid, &domain->sid);
- state->response.data.domain_info.native_mode
+ state->response->data.domain_info.native_mode
= domain->native_mode;
- state->response.data.domain_info.active_directory
+ state->response->data.domain_info.active_directory
= domain->active_directory;
- state->response.data.domain_info.primary
+ state->response->data.domain_info.primary
= domain->primary;
return WINBINDD_OK;
if ( strequal(domain_name, unix_users_domain_name() ) ||
strequal(domain_name, unix_groups_domain_name() ) )
{
+ /*
+ * The "Unix User" and "Unix Group" domain our handled by
+ * passdb
+ */
return find_domain_from_name_noinit( get_global_sam_name() );
}
strequal(domain_name, get_global_sam_name()))
return find_domain_from_name_noinit(domain_name);
- /* The "Unix User" and "Unix Group" domain our handled by passdb */
return find_our_domain();
}
-/* Lookup a sid in a domain from a name */
-
-bool winbindd_lookup_sid_by_name(TALLOC_CTX *mem_ctx,
- enum winbindd_cmd orig_cmd,
- struct winbindd_domain *domain,
- const char *domain_name,
- const char *name, DOM_SID *sid,
- enum lsa_SidType *type)
-{
- NTSTATUS result;
-
- /* Lookup name */
- result = domain->methods->name_to_sid(domain, mem_ctx, orig_cmd,
- domain_name, name, sid, type);
-
- /* Return sid and type if lookup successful */
- if (!NT_STATUS_IS_OK(result)) {
- *type = SID_NAME_UNKNOWN;
- }
-
- return NT_STATUS_IS_OK(result);
-}
-
-/**
- * @brief Lookup a name in a domain from a sid.
- *
- * @param sid Security ID you want to look up.
- * @param name On success, set to the name corresponding to @p sid.
- * @param dom_name On success, set to the 'domain name' corresponding to @p sid.
- * @param type On success, contains the type of name: alias, group or
- * user.
- * @retval True if the name exists, in which case @p name and @p type
- * are set, otherwise False.
- **/
-bool winbindd_lookup_name_by_sid(TALLOC_CTX *mem_ctx,
- struct winbindd_domain *domain,
- DOM_SID *sid,
- char **dom_name,
- char **name,
- enum lsa_SidType *type)
-{
- NTSTATUS result;
-
- *dom_name = NULL;
- *name = NULL;
-
- /* Lookup name */
-
- result = domain->methods->sid_to_name(domain, mem_ctx, sid, dom_name, name, type);
-
- /* Return name and type if successful */
-
- if (NT_STATUS_IS_OK(result)) {
- return True;
- }
-
- *type = SID_NAME_UNKNOWN;
-
- return False;
-}
-
/* Free state information held for {set,get,end}{pw,gr}ent() functions */
void free_getent_state(struct getent_state *state)
if ( assume_domain(lp_workgroup())) {
fstrcpy(domain, lp_workgroup());
} else if ((p = strchr(domuser, '@')) != NULL) {
- fstrcpy(domain, "");
+ fstrcpy(domain, p + 1);
+ user[PTR_DIFF(p, domuser)] = 0;
} else {
return False;
}
NTSTATUS normalize_name_map(TALLOC_CTX *mem_ctx,
struct winbindd_domain *domain,
- char *name,
+ const char *name,
char **normalized)
{
NTSTATUS nt_status;