#include "smbldap.h"
struct ldapsam_privates {
+ struct smbldap_state *smbldap_state;
+
/* Former statics */
- LDAP *ldap_struct;
LDAPMessage *result;
LDAPMessage *entry;
int index;
- time_t last_ping;
- /* retrive-once info */
- const char *uri;
const char *domain_name;
DOM_SID domain_sid;
uint32 low_allocated_group_rid;
uint32 high_allocated_group_rid;
- char *bind_dn;
- char *bind_secret;
-
- unsigned int num_failures;
};
-#define LDAPSAM_DONT_PING_TIME 10 /* ping only all 10 seconds */
-
-static struct ldapsam_privates *static_ldap_state;
-
+#define SMBLDAP_DONT_PING_TIME 10 /* ping only all 10 seconds */
+#define SMBLDAP_NUM_RETRIES 8 /* retry only 8 times */
/**********************************************************************
get the attribute name given a user schame version
return NULL;
}
-
+
+/**********************************************************************
+ Some varients of the LDAP rebind code do not pass in the third 'arg'
+ pointer to a void*, so we try and work around it by assuming that the
+ value of the 'LDAP *' pointer is the same as the one we had passed in
+ **********************************************************************/
+
+struct smbldap_state_lookup {
+ LDAP *ld;
+ struct smbldap_state *smbldap_state;
+ struct smbldap_state_lookup *prev, *next;
+};
+
+static struct smbldap_state_lookup *smbldap_state_lookup_list;
+
+static struct smbldap_state *smbldap_find_state(LDAP *ld)
+{
+ struct smbldap_state_lookup *t;
+
+ for (t = smbldap_state_lookup_list; t; t = t->next) {
+ if (t->ld == ld) {
+ return t->smbldap_state;
+ }
+ }
+ return NULL;
+}
+
+static void smbldap_delete_state(struct smbldap_state *smbldap_state)
+{
+ struct smbldap_state_lookup *t;
+
+ for (t = smbldap_state_lookup_list; t; t = t->next) {
+ if (t->smbldap_state == smbldap_state) {
+ DLIST_REMOVE(smbldap_state_lookup_list, t);
+ SAFE_FREE(t);
+ }
+ }
+}
+
+static void smbldap_store_state(LDAP *ld, struct smbldap_state *smbldap_state)
+{
+ struct smbldap_state *tmp_ldap_state;
+ struct smbldap_state_lookup *t;
+ struct smbldap_state_lookup *tmp;
+
+ if ((tmp_ldap_state = smbldap_find_state(ld))) {
+ SMB_ASSERT(tmp_ldap_state == smbldap_state);
+ return;
+ }
+
+ t = smb_xmalloc(sizeof(*t));
+ ZERO_STRUCTP(t);
+
+ DLIST_ADD_END(smbldap_state_lookup_list, t, tmp);
+ t->ld = ld;
+ t->smbldap_state = smbldap_state;
+}
+
/*******************************************************************
open a connection to the ldap server.
******************************************************************/
-static int ldapsam_open_connection (struct ldapsam_privates *ldap_state, LDAP ** ldap_struct)
+static int smbldap_open_connection (struct smbldap_state *ldap_state)
+
{
int rc = LDAP_SUCCESS;
int version;
BOOL ldap_v3 = False;
+ LDAP **ldap_struct = &ldap_state->ldap_struct;
#ifdef HAVE_LDAP_INITIALIZE
- DEBUG(10, ("ldapsam_open_connection: %s\n", ldap_state->uri));
+ DEBUG(10, ("smbldap_open_connection: %s\n", ldap_state->uri));
if ((rc = ldap_initialize(ldap_struct, ldap_state->uri)) != LDAP_SUCCESS) {
DEBUG(0, ("ldap_initialize: %s\n", ldap_err2string(rc)));
return rc;
}
-
#else
/* Parse the string manually */
DEBUG(3,("LDAPS option set...!\n"));
#else
- DEBUG(0,("ldapsam_open_connection: Secure connection not supported by LDAP client libraries!\n"));
+ DEBUG(0,("smbldap_open_connection: Secure connection not supported by LDAP client libraries!\n"));
return LDAP_OPERATIONS_ERROR;
#endif
}
}
#endif
+ /* Store the LDAP pointer in a lookup list */
+
+ smbldap_store_state(*ldap_struct, ldap_state);
+
+ /* Upgrade to LDAPv3 if possible */
+
if (ldap_get_option(*ldap_struct, LDAP_OPT_PROTOCOL_VERSION, &version) == LDAP_OPT_SUCCESS)
{
if (version != LDAP_VERSION3)
return LDAP_OPERATIONS_ERROR;
}
#else
- DEBUG(0,("ldapsam_open_connection: StartTLS not supported by LDAP client libraries!\n"));
+ DEBUG(0,("smbldap_open_connection: StartTLS not supported by LDAP client libraries!\n"));
return LDAP_OPERATIONS_ERROR;
#endif
}
- DEBUG(2, ("ldapsam_open_connection: connection opened\n"));
+ DEBUG(2, ("smbldap_open_connection: connection opened\n"));
return rc;
}
static int rebindproc_with_state (LDAP * ld, char **whop, char **credp,
int *methodp, int freeit, void *arg)
{
- struct ldapsam_privates *ldap_state = arg;
+ struct smbldap_state *ldap_state = arg;
/** @TODO Should we be doing something to check what servers we rebind to?
Could we get a referral to a machine that we don't want to give our
ber_tag_t request,
ber_int_t msgid, void *arg)
{
- struct ldapsam_privates *ldap_state = arg;
+ struct smbldap_state *ldap_state = arg;
int rc;
DEBUG(5,("rebindproc_connect_with_state: Rebinding as \"%s\"\n",
ldap_state->bind_dn));
static int rebindproc (LDAP *ldap_struct, char **whop, char **credp,
int *method, int freeit )
{
+ struct smbldap_state *ldap_state = smbldap_find_state(ldap_struct);
+
return rebindproc_with_state(ldap_struct, whop, credp,
- method, freeit, static_ldap_state);
+ method, freeit, ldap_state);
}
# endif /*LDAP_SET_REBIND_PROC_ARGS == 2*/
static int rebindproc_connect (LDAP * ld, LDAP_CONST char *url, int request,
ber_int_t msgid)
{
+ struct smbldap_state *ldap_state = smbldap_find_state(ld);
+
return rebindproc_connect_with_state(ld, url, (ber_tag_t)request, msgid,
- static_ldap_state);
+ ldap_state);
}
# endif /*LDAP_SET_REBIND_PROC_ARGS == 2*/
#endif /*defined(LDAP_API_FEATURE_X_OPENLDAP) && (LDAP_API_VERSION > 2000)*/
/*******************************************************************
connect to the ldap server under system privilege.
******************************************************************/
-static int ldapsam_connect_system(struct ldapsam_privates *ldap_state, LDAP * ldap_struct)
+static int smbldap_connect_system(struct smbldap_state *ldap_state, LDAP * ldap_struct)
{
int rc;
char *ldap_dn;
char *ldap_secret;
- /* The rebind proc needs this *HACK*. We are not multithreaded, so
- this will work, but it's not nice. */
- static_ldap_state = ldap_state;
-
/* get the password */
if (!fetch_ldap_pw(&ldap_dn, &ldap_secret))
{
&ld_error);
DEBUG(ldap_state->num_failures ? 2 : 0,
("failed to bind to server with dn= %s Error: %s\n\t%s\n",
- ldap_dn ? ld_error : "(unknown)", ldap_err2string(rc),
- ld_error));
+ ldap_dn ? ldap_dn : "(unknown)", ldap_err2string(rc),
+ ld_error ? ld_error : "(unknown)"));
SAFE_FREE(ld_error);
ldap_state->num_failures++;
return rc;
}
/**********************************************************************
-Connect to LDAP server
+Connect to LDAP server (called before every ldap operation)
*********************************************************************/
-static int ldapsam_open(struct ldapsam_privates *ldap_state)
+static int smbldap_open(struct smbldap_state *ldap_state)
{
int rc;
SMB_ASSERT(ldap_state);
#ifndef NO_LDAP_SECURITY
if (geteuid() != 0) {
- DEBUG(0, ("ldapsam_open: cannot access LDAP when not root..\n"));
+ DEBUG(0, ("smbldap_open: cannot access LDAP when not root..\n"));
return LDAP_INSUFFICIENT_ACCESS;
}
#endif
- if ((ldap_state->ldap_struct != NULL) && ((ldap_state->last_ping + LDAPSAM_DONT_PING_TIME) < time(NULL))) {
+ if ((ldap_state->ldap_struct != NULL) && ((ldap_state->last_ping + SMBLDAP_DONT_PING_TIME) < time(NULL))) {
struct sockaddr_un addr;
socklen_t len = sizeof(addr);
int sd;
}
if (ldap_state->ldap_struct != NULL) {
- DEBUG(5,("ldapsam_open: already connected to the LDAP server\n"));
+ DEBUG(5,("smbldap_open: already connected to the LDAP server\n"));
return LDAP_SUCCESS;
}
- if ((rc = ldapsam_open_connection(ldap_state, &ldap_state->ldap_struct))) {
+ if ((rc = smbldap_open_connection(ldap_state))) {
return rc;
}
- if ((rc = ldapsam_connect_system(ldap_state, ldap_state->ldap_struct))) {
+ if ((rc = smbldap_connect_system(ldap_state, ldap_state->ldap_struct))) {
ldap_unbind_ext(ldap_state->ldap_struct, NULL, NULL);
ldap_state->ldap_struct = NULL;
return rc;
/**********************************************************************
Disconnect from LDAP server
*********************************************************************/
-static NTSTATUS ldapsam_close(struct ldapsam_privates *ldap_state)
+static NTSTATUS smbldap_close(struct smbldap_state *ldap_state)
{
if (!ldap_state)
return NT_STATUS_INVALID_PARAMETER;
ldap_unbind_ext(ldap_state->ldap_struct, NULL, NULL);
ldap_state->ldap_struct = NULL;
}
+
+ smbldap_delete_state(ldap_state);
DEBUG(5,("The connection to the LDAP server was closed\n"));
/* maybe free the results here --metze */
+
+
return NT_STATUS_OK;
}
-static int ldapsam_retry_open(struct ldapsam_privates *ldap_state, int *attempts)
+static int smbldap_retry_open(struct smbldap_state *ldap_state, int *attempts)
{
int rc;
}
(*attempts)++;
- if ((rc = ldapsam_open(ldap_state))) {
+ if ((rc = smbldap_open(ldap_state))) {
DEBUG(1,("Connection to LDAP Server failed for the %d try!\n",*attempts));
return rc;
}
/*********************************************************************
********************************************************************/
-static int ldapsam_search(struct ldapsam_privates *ldap_state,
+static int smbldap_search(struct smbldap_state *ldap_state,
const char *base, int scope, const char *filter,
char *attrs[], int attrsonly,
LDAPMessage **res)
return LDAP_NO_MEMORY;
}
- while ((rc == LDAP_SERVER_DOWN) && (attempts < 8)) {
+ while ((rc == LDAP_SERVER_DOWN) && (attempts < SMBLDAP_NUM_RETRIES)) {
- if ((rc = ldapsam_retry_open(ldap_state,&attempts)) != LDAP_SUCCESS)
+ if ((rc = smbldap_retry_open(ldap_state,&attempts)) != LDAP_SUCCESS)
continue;
rc = ldap_search_s(ldap_state->ldap_struct, base, scope,
if (rc == LDAP_SERVER_DOWN) {
DEBUG(0,("%s: LDAP server is down!\n",FUNCTION_MACRO));
- ldapsam_close(ldap_state);
+ smbldap_close(ldap_state);
}
SAFE_FREE(utf8_filter);
return rc;
}
-static int ldapsam_modify(struct ldapsam_privates *ldap_state, const char *dn, LDAPMod *attrs[])
+static int smbldap_modify(struct smbldap_state *ldap_state, const char *dn, LDAPMod *attrs[])
{
int rc = LDAP_SERVER_DOWN;
int attempts = 0;
return LDAP_NO_MEMORY;
}
- while ((rc == LDAP_SERVER_DOWN) && (attempts < 8)) {
+ while ((rc == LDAP_SERVER_DOWN) && (attempts < SMBLDAP_NUM_RETRIES)) {
- if ((rc = ldapsam_retry_open(ldap_state,&attempts)) != LDAP_SUCCESS)
+ if ((rc = smbldap_retry_open(ldap_state,&attempts)) != LDAP_SUCCESS)
continue;
rc = ldap_modify_s(ldap_state->ldap_struct, utf8_dn, attrs);
if (rc == LDAP_SERVER_DOWN) {
DEBUG(0,("%s: LDAP server is down!\n",FUNCTION_MACRO));
- ldapsam_close(ldap_state);
+ smbldap_close(ldap_state);
}
SAFE_FREE(utf8_dn);
return rc;
}
-static int ldapsam_add(struct ldapsam_privates *ldap_state, const char *dn, LDAPMod *attrs[])
+static int smbldap_add(struct smbldap_state *ldap_state, const char *dn, LDAPMod *attrs[])
{
int rc = LDAP_SERVER_DOWN;
int attempts = 0;
return LDAP_NO_MEMORY;
}
- while ((rc == LDAP_SERVER_DOWN) && (attempts < 8)) {
+ while ((rc == LDAP_SERVER_DOWN) && (attempts < SMBLDAP_NUM_RETRIES)) {
- if ((rc = ldapsam_retry_open(ldap_state,&attempts)) != LDAP_SUCCESS)
+ if ((rc = smbldap_retry_open(ldap_state,&attempts)) != LDAP_SUCCESS)
continue;
rc = ldap_add_s(ldap_state->ldap_struct, utf8_dn, attrs);
if (rc == LDAP_SERVER_DOWN) {
DEBUG(0,("%s: LDAP server is down!\n",FUNCTION_MACRO));
- ldapsam_close(ldap_state);
+ smbldap_close(ldap_state);
}
SAFE_FREE(utf8_dn);
return rc;
}
-static int ldapsam_delete(struct ldapsam_privates *ldap_state, char *dn)
+static int smbldap_delete(struct smbldap_state *ldap_state, const char *dn)
{
int rc = LDAP_SERVER_DOWN;
int attempts = 0;
return LDAP_NO_MEMORY;
}
- while ((rc == LDAP_SERVER_DOWN) && (attempts < 8)) {
+ while ((rc == LDAP_SERVER_DOWN) && (attempts < SMBLDAP_NUM_RETRIES)) {
- if ((rc = ldapsam_retry_open(ldap_state,&attempts)) != LDAP_SUCCESS)
+ if ((rc = smbldap_retry_open(ldap_state,&attempts)) != LDAP_SUCCESS)
continue;
rc = ldap_delete_s(ldap_state->ldap_struct, utf8_dn);
if (rc == LDAP_SERVER_DOWN) {
DEBUG(0,("%s: LDAP server is down!\n",FUNCTION_MACRO));
- ldapsam_close(ldap_state);
+ smbldap_close(ldap_state);
}
SAFE_FREE(utf8_dn);
return rc;
}
-static int ldapsam_extended_operation(struct ldapsam_privates *ldap_state, LDAP_CONST char *reqoid, struct berval *reqdata, LDAPControl **serverctrls, LDAPControl **clientctrls, char **retoidp, struct berval **retdatap)
+static int smbldap_extended_operation(struct smbldap_state *ldap_state,
+ LDAP_CONST char *reqoid, struct berval *reqdata,
+ LDAPControl **serverctrls, LDAPControl **clientctrls,
+ char **retoidp, struct berval **retdatap)
{
int rc = LDAP_SERVER_DOWN;
int attempts = 0;
if (!ldap_state)
return (-1);
- while ((rc == LDAP_SERVER_DOWN) && (attempts < 8)) {
+ while ((rc == LDAP_SERVER_DOWN) && (attempts < SMBLDAP_NUM_RETRIES)) {
- if ((rc = ldapsam_retry_open(ldap_state,&attempts)) != LDAP_SUCCESS)
+ if ((rc = smbldap_retry_open(ldap_state,&attempts)) != LDAP_SUCCESS)
continue;
- rc = ldap_extended_operation_s(ldap_state->ldap_struct, reqoid, reqdata, serverctrls, clientctrls, retoidp, retdatap);
+ rc = ldap_extended_operation_s(ldap_state->ldap_struct, reqoid, reqdata,
+ serverctrls, clientctrls, retoidp, retdatap);
}
if (rc == LDAP_SERVER_DOWN) {
DEBUG(0,("%s: LDAP server is down!\n",FUNCTION_MACRO));
- ldapsam_close(ldap_state);
+ smbldap_close(ldap_state);
}
return rc;
/*******************************************************************
run the search by name.
******************************************************************/
-static int ldapsam_search_suffix (struct ldapsam_privates *ldap_state, const char *filter,
+static int smbldap_search_suffix (struct smbldap_state *ldap_state, const char *filter,
char **search_attr, LDAPMessage ** result)
{
int scope = LDAP_SCOPE_SUBTREE;
int rc;
- DEBUG(2, ("ldapsam_search_suffix: searching for:[%s]\n", filter));
+ DEBUG(2, ("smbldap_search_suffix: searching for:[%s]\n", filter));
- rc = ldapsam_search(ldap_state, lp_ldap_suffix(), scope, filter, search_attr, 0, result);
+ rc = smbldap_search(ldap_state, lp_ldap_suffix(), scope, filter, search_attr, 0, result);
if (rc != LDAP_SUCCESS) {
char *ld_error = NULL;
ldap_get_option(ldap_state->ldap_struct, LDAP_OPT_ERROR_STRING,
&ld_error);
- DEBUG(0,("ldapsam_search_suffix: Problem during the LDAP search: %s (%s)\n",
+ DEBUG(0,("smbldap_search_suffix: Problem during the LDAP search: %s (%s)\n",
ld_error?ld_error:"(unknown)", ldap_err2string (rc)));
- DEBUG(3,("ldapsam_search_suffix: Query was: %s, %s\n", lp_ldap_suffix(),
+ DEBUG(3,("smbldap_search_suffix: Query was: %s, %s\n", lp_ldap_suffix(),
filter));
SAFE_FREE(ld_error);
}
snprintf( objclass_filter, sizeof(objclass_filter)-1, "(objectclass=%s)", LDAP_OBJ_SAMBASAMACCOUNT );
break;
default:
- DEBUG(0,("ldapsam_search_suffix_by_name(): Invalid schema version specified!\n"));
+ DEBUG(0,("pdb_ldapsam: get_objclass_filter(): Invalid schema version specified!\n"));
break;
}
/*******************************************************************
run the search by name.
******************************************************************/
-static int ldapsam_search_suffix_by_name (struct ldapsam_privates *ldap_state, const char *user,
- LDAPMessage ** result, char **attr)
+static int ldapsam_search_suffix_by_name (struct ldapsam_privates *ldap_state,
+ const char *user,
+ LDAPMessage ** result, char **attr)
{
pstring filter;
char *escape_user = escape_ldap_string_alloc(user);
all_string_sub(filter, "%u", escape_user, sizeof(pstring));
SAFE_FREE(escape_user);
- return ldapsam_search_suffix(ldap_state, filter, attr, result);
+ return smbldap_search_suffix(ldap_state->smbldap_state, filter, attr, result);
}
/*******************************************************************
run the search by rid.
******************************************************************/
static int ldapsam_search_suffix_by_rid (struct ldapsam_privates *ldap_state,
- uint32 rid, LDAPMessage ** result,
- char **attr)
+ uint32 rid, LDAPMessage ** result,
+ char **attr)
{
pstring filter;
int rc;
snprintf(filter, sizeof(filter)-1, "(&(rid=%i)%s)", rid,
get_objclass_filter(ldap_state->schema_ver));
- rc = ldapsam_search_suffix(ldap_state, filter, attr, result);
+ rc = smbldap_search_suffix(ldap_state->smbldap_state, filter, attr, result);
return rc;
}
run the search by SID.
******************************************************************/
static int ldapsam_search_suffix_by_sid (struct ldapsam_privates *ldap_state,
- const DOM_SID *sid, LDAPMessage ** result,
- char **attr)
+ const DOM_SID *sid, LDAPMessage ** result,
+ char **attr)
{
pstring filter;
int rc;
sid_to_string(sid_string, sid),
get_objclass_filter(ldap_state->schema_ver));
- rc = ldapsam_search_suffix(ldap_state, filter, attr, result);
+ rc = smbldap_search_suffix(ldap_state->smbldap_state, filter, attr, result);
return rc;
}
Set attribute to newval in LDAP, regardless of what value the
attribute had in LDAP before.
*********************************************************************/
-static void make_ldap_mod(LDAP *ldap_struct, LDAPMessage *existing,
+static void smbldap_make_mod(LDAP *ldap_struct, LDAPMessage *existing,
LDAPMod ***mods,
const char *attribute, const char *newval)
{
the old value, should it exist. */
if ((newval != NULL) && (strlen(newval) > 0)) {
- ldap_set_mod(mods, LDAP_MOD_ADD, attribute, newval);
+ smbldap_set_mod(mods, LDAP_MOD_ADD, attribute, newval);
}
if (values == NULL) {
deny the complete operation if somebody changed the
attribute behind our back. */
- ldap_set_mod(mods, LDAP_MOD_DELETE, attribute, values[0]);
+ smbldap_set_mod(mods, LDAP_MOD_DELETE, attribute, values[0]);
ldap_value_free(values);
}
char *name, *dn;
BerElement *ptr = NULL;
- rc = ldap_count_entries(ldap_state->ldap_struct, result);
+ rc = ldap_count_entries(ldap_state->smbldap_state->ldap_struct, result);
if (rc != 1) {
DEBUG(0, ("Entry must exist exactly once!\n"));
return NT_STATUS_UNSUCCESSFUL;
}
- entry = ldap_first_entry(ldap_state->ldap_struct, result);
- dn = ldap_get_dn(ldap_state->ldap_struct, entry);
+ entry = ldap_first_entry(ldap_state->smbldap_state->ldap_struct, result);
+ dn = ldap_get_dn(ldap_state->smbldap_state->ldap_struct, entry);
if (lp_ldap_delete_dn()) {
NTSTATUS ret = NT_STATUS_OK;
- rc = ldapsam_delete(ldap_state, dn);
+ rc = smbldap_delete(ldap_state->smbldap_state, dn);
if (rc != LDAP_SUCCESS) {
DEBUG(0, ("Could not delete object %s\n", dn));
/* Ok, delete only the SAM attributes */
- for (name = ldap_first_attribute(ldap_state->ldap_struct, entry, &ptr);
+ for (name = ldap_first_attribute(ldap_state->smbldap_state->ldap_struct, entry, &ptr);
name != NULL;
- name = ldap_next_attribute(ldap_state->ldap_struct, entry, ptr))
+ name = ldap_next_attribute(ldap_state->smbldap_state->ldap_struct, entry, ptr))
{
char **attrib;
{
if (StrCaseCmp(*attrib, name) == 0) {
DEBUG(10, ("deleting attribute %s\n", name));
- ldap_set_mod(&mods, LDAP_MOD_DELETE, name, NULL);
+ smbldap_set_mod(&mods, LDAP_MOD_DELETE, name, NULL);
}
}
ber_free(ptr, 0);
}
- ldap_set_mod(&mods, LDAP_MOD_DELETE, "objectClass", objectclass);
+ smbldap_set_mod(&mods, LDAP_MOD_DELETE, "objectClass", objectclass);
- rc = ldapsam_modify(ldap_state, dn, mods);
+ rc = smbldap_modify(ldap_state->smbldap_state, dn, mods);
ldap_mods_free(mods, True);
if (rc != LDAP_SUCCESS) {
char *ld_error = NULL;
- ldap_get_option(ldap_state->ldap_struct, LDAP_OPT_ERROR_STRING,
+ ldap_get_option(ldap_state->smbldap_state->ldap_struct, LDAP_OPT_ERROR_STRING,
&ld_error);
DEBUG(0, ("could not delete attributes for %s, error: %s (%s)\n",
attr_list = get_attr_list( dominfo_attr_list );
- rc = ldapsam_search_suffix(ldap_state, filter, attr_list , result);
+ rc = smbldap_search_suffix(ldap_state->smbldap_state, filter,
+ attr_list , result);
free_attr_list( attr_list );
if (rc != LDAP_SUCCESS) {
DOM_SID dom_sid;
uint32 rid;
- if (!get_single_attribute(ldap_state->ldap_struct, entry,
+ if (!get_single_attribute(ldap_state->smbldap_state->ldap_struct, entry,
LDAP_ATTRIBUTE_SID, sid_string))
{
return 0;
DEBUG(2, ("search_top_allocated_rid: searching for:[%s]\n", filter));
- rc = ldapsam_search_suffix(ldap_state, filter, sid_attr, &result);
+ rc = smbldap_search_suffix(ldap_state->smbldap_state, filter,
+ sid_attr, &result);
if (rc != LDAP_SUCCESS) {
DEBUG(3, ("LDAP search failed! cannot find base for NUA RIDs: %s\n", ldap_err2string(rc)));
return 0;
}
- count = ldap_count_entries(ldap_state->ldap_struct, result);
+ count = ldap_count_entries(ldap_state->smbldap_state->ldap_struct, result);
DEBUG(2, ("search_top_allocated_rid: %d entries in the base!\n", count));
if (count == 0) {
DEBUG(3, ("LDAP search returned no records, assuming no allocated RIDs present!: %s\n", ldap_err2string(rc)));
DEBUGADD(3, ("Query was: %s, %s\n", lp_ldap_suffix(), filter));
} else {
- entry = ldap_first_entry(ldap_state->ldap_struct,result);
+ entry = ldap_first_entry(ldap_state->smbldap_state->ldap_struct,result);
top_rid = entry_to_rid(ldap_state, entry, rid_type);
- while ((entry = ldap_next_entry(ldap_state->ldap_struct, entry))) {
+ while ((entry = ldap_next_entry(ldap_state->smbldap_state->ldap_struct, entry))) {
rid = entry_to_rid(ldap_state, entry, rid_type);
if (((rid & ~RID_TYPE_MASK) == rid_type) && (rid > top_rid)) {
ldap_state->domain_name, LDAP_OBJ_DOMINFO);
attr_list = get_attr_list( dominfo_attr_list );
- rc = ldapsam_search_suffix(ldap_state, filter, attr_list, &result);
+ rc = smbldap_search_suffix(ldap_state->smbldap_state, filter,
+ attr_list, &result);
free_attr_list( attr_list );
if (rc != LDAP_SUCCESS) {
return NT_STATUS_UNSUCCESSFUL;
}
- num_result = ldap_count_entries(ldap_state->ldap_struct, result);
+ num_result = ldap_count_entries(ldap_state->smbldap_state->ldap_struct, result);
if (num_result > 1) {
DEBUG (0, ("More than domain with that name exists: bailing out!\n"));
ldap_msgfree(result);
/* make the changes - the entry *must* not already have samba attributes */
- ldap_set_mod(&mods, LDAP_MOD_ADD, get_attr_key2string(dominfo_attr_list, LDAP_ATTR_DOMAIN),
+ smbldap_set_mod(&mods, LDAP_MOD_ADD, get_attr_key2string(dominfo_attr_list, LDAP_ATTR_DOMAIN),
ldap_state->domain_name);
sid_to_string(tmp, &ldap_state->domain_sid);
- ldap_set_mod(&mods, LDAP_MOD_ADD, get_attr_key2string(dominfo_attr_list, LDAP_ATTR_DOM_SID), tmp);
+ smbldap_set_mod(&mods, LDAP_MOD_ADD, get_attr_key2string(dominfo_attr_list, LDAP_ATTR_DOM_SID), tmp);
snprintf(tmp, sizeof(tmp)-1, "%i", next_allocated_user_rid);
- ldap_set_mod(&mods, LDAP_MOD_ADD, get_attr_key2string(dominfo_attr_list, LDAP_ATTR_NEXT_USERRID), tmp);
+ smbldap_set_mod(&mods, LDAP_MOD_ADD, get_attr_key2string(dominfo_attr_list, LDAP_ATTR_NEXT_USERRID), tmp);
snprintf(tmp, sizeof(tmp)-1, "%i", next_allocated_group_rid);
- ldap_set_mod(&mods, LDAP_MOD_ADD, get_attr_key2string(dominfo_attr_list, LDAP_ATTR_NEXT_GROUPRID), tmp);
+ smbldap_set_mod(&mods, LDAP_MOD_ADD, get_attr_key2string(dominfo_attr_list, LDAP_ATTR_NEXT_GROUPRID), tmp);
- ldap_set_mod(&mods, LDAP_MOD_ADD, "objectclass", LDAP_OBJ_DOMINFO);
+ smbldap_set_mod(&mods, LDAP_MOD_ADD, "objectclass", LDAP_OBJ_DOMINFO);
switch(ldap_op)
{
case LDAP_MOD_ADD:
- rc = ldapsam_add(ldap_state, dn, mods);
+ rc = smbldap_add(ldap_state->smbldap_state, dn, mods);
break;
case LDAP_MOD_REPLACE:
- rc = ldapsam_modify(ldap_state, dn, mods);
+ rc = smbldap_modify(ldap_state->smbldap_state, dn, mods);
break;
default:
DEBUG(0,("Wrong LDAP operation type: %d!\n", ldap_op));
if (rc!=LDAP_SUCCESS) {
char *ld_error = NULL;
- ldap_get_option(ldap_state->ldap_struct, LDAP_OPT_ERROR_STRING,
+ ldap_get_option(ldap_state->smbldap_state->ldap_struct, LDAP_OPT_ERROR_STRING,
&ld_error);
DEBUG(1,
("failed to %s domain dn= %s with: %s\n\t%s\n",
slprintf(filter, sizeof(filter)-1, "(%s=%s)", LDAP_ATTRIBUTE_SID, sid_to_string(sid_string, sid));
- rc = ldapsam_search_suffix(ldap_state, filter, sid_attr, &result);
+ rc = smbldap_search_suffix(ldap_state->smbldap_state,
+ filter, sid_attr, &result);
if (rc != LDAP_SUCCESS) {
char *ld_error = NULL;
- ldap_get_option(ldap_state->ldap_struct, LDAP_OPT_ERROR_STRING, &ld_error);
+ ldap_get_option(ldap_state->smbldap_state->ldap_struct, LDAP_OPT_ERROR_STRING, &ld_error);
DEBUG(2, ("Failed to check if sid %s is alredy in use: %s\n",
sid_string, ld_error));
SAFE_FREE(ld_error);
return True;
}
- if ((count = ldap_count_entries(ldap_state->ldap_struct, result)) > 0) {
+ if ((count = ldap_count_entries(ldap_state->smbldap_state->ldap_struct, result)) > 0) {
DEBUG(3, ("Sid %s already in use - trying next RID\n",
sid_string));
ldap_msgfree(result);
return ret;
}
- if (ldap_count_entries(ldap_state->ldap_struct, result) < 1) {
+ if (ldap_count_entries(ldap_state->smbldap_state->ldap_struct, result) < 1) {
DEBUG(3, ("Got no domain info entries for domain %s\n",
ldap_state->domain_name));
ldap_msgfree(result);
}
}
- if ((count = ldap_count_entries(ldap_state->ldap_struct, result)) > 1) {
+ if ((count = ldap_count_entries(ldap_state->smbldap_state->ldap_struct, result)) > 1) {
DEBUG(0, ("Got too many (%d) domain info entries for domain %s\n",
count, ldap_state->domain_name));
ldap_msgfree(result);
return ret;
}
- entry = ldap_first_entry(ldap_state->ldap_struct, result);
+ entry = ldap_first_entry(ldap_state->smbldap_state->ldap_struct, result);
if (!entry) {
ldap_msgfree(result);
return ret;
}
- if ((dn = ldap_get_dn(ldap_state->ldap_struct, entry)) == NULL) {
+ if ((dn = ldap_get_dn(ldap_state->smbldap_state->ldap_struct, entry)) == NULL) {
DEBUG(0, ("Could not get domain info DN\n"));
ldap_msgfree(result);
return ret;
switch (rid_type) {
case USER_RID_TYPE:
- if (!get_single_attribute(ldap_state->ldap_struct, entry,
+ if (!get_single_attribute(ldap_state->smbldap_state->ldap_struct, entry,
get_attr_key2string(dominfo_attr_list, LDAP_ATTR_NEXT_USERRID),
old_rid_string))
{
}
break;
case GROUP_RID_TYPE:
- if (!get_single_attribute(ldap_state->ldap_struct, entry,
+ if (!get_single_attribute(ldap_state->smbldap_state->ldap_struct, entry,
get_attr_key2string(dominfo_attr_list, LDAP_ATTR_NEXT_GROUPRID),
old_rid_string))
{
/* Try to make the modification atomically by enforcing the
old value in the delete mod. */
- make_ldap_mod(ldap_state->ldap_struct, entry, &mods,
+ smbldap_make_mod(ldap_state->smbldap_state->ldap_struct, entry, &mods,
get_attr_key2string(dominfo_attr_list, LDAP_ATTR_NEXT_USERRID),
next_rid_string);
break;
/* Try to make the modification atomically by enforcing the
old value in the delete mod. */
- make_ldap_mod(ldap_state->ldap_struct, entry, &mods,
+ smbldap_make_mod(ldap_state->smbldap_state->ldap_struct, entry, &mods,
get_attr_key2string(dominfo_attr_list, LDAP_ATTR_NEXT_GROUPRID),
next_rid_string);
break;
}
- if ((rc = ldap_modify_s(ldap_state->ldap_struct, dn, mods)) == LDAP_SUCCESS) {
+ if ((rc = ldap_modify_s(ldap_state->smbldap_state->ldap_struct, dn, mods)) == LDAP_SUCCESS) {
DOM_SID dom_sid;
DOM_SID sid;
pstring domain_sid_string;
int error = 0;
- if (!get_single_attribute(ldap_state->ldap_struct, result,
+ if (!get_single_attribute(ldap_state->smbldap_state->ldap_struct, result,
get_attr_key2string(dominfo_attr_list, LDAP_ATTR_DOM_SID),
domain_sid_string))
{
return NT_STATUS_OK;
}
- ldap_get_option(ldap_state->ldap_struct, LDAP_OPT_ERROR_STRING, &ld_error);
+ ldap_get_option(ldap_state->smbldap_state->ldap_struct, LDAP_OPT_ERROR_STRING, &ld_error);
DEBUG(2, ("Failed to modify rid: %s\n", ld_error));
SAFE_FREE(ld_error);
char **ldap_values;
char **values;
- if ((ldap_values = ldap_get_values (ldap_state->ldap_struct, entry, "objectClass")) == NULL) {
+ if ((ldap_values = ldap_get_values (ldap_state->smbldap_state->ldap_struct, entry, "objectClass")) == NULL) {
DEBUG (1, ("get_unix_attributes: no objectClass! \n"));
return False;
}
}
ldap_value_free(ldap_values);
- if ( !get_single_attribute(ldap_state->ldap_struct, entry,
+ if ( !get_single_attribute(ldap_state->smbldap_state->ldap_struct, entry,
get_userattr_key2string(ldap_state->schema_ver, LDAP_ATTR_UNIX_HOME), homedir) )
{
return False;
}
- if ( !get_single_attribute(ldap_state->ldap_struct, entry,
+ if ( !get_single_attribute(ldap_state->smbldap_state->ldap_struct, entry,
get_userattr_key2string(ldap_state->schema_ver, LDAP_ATTR_GIDNUMBER), temp) )
{
return False;
return False;
}
- if (ldap_state->ldap_struct == NULL) {
- DEBUG(0, ("init_sam_from_ldap: ldap_state->ldap_struct is NULL!\n"));
+ if (ldap_state->smbldap_state->ldap_struct == NULL) {
+ DEBUG(0, ("init_sam_from_ldap: ldap_state->smbldap_state->ldap_struct is NULL!\n"));
return False;
}
- if (!get_single_attribute(ldap_state->ldap_struct, entry, "uid", username)) {
+ if (!get_single_attribute(ldap_state->smbldap_state->ldap_struct, entry, "uid", username)) {
DEBUG(1, ("No uid attribute found for this user!\n"));
return False;
}
if ( ldap_state->schema_ver == SCHEMAVER_SAMBASAMACCOUNT )
{
- if (get_single_attribute(ldap_state->ldap_struct, entry,
+ if (get_single_attribute(ldap_state->smbldap_state->ldap_struct, entry,
get_userattr_key2string(ldap_state->schema_ver, LDAP_ATTR_USER_SID), temp))
{
pdb_set_user_sid_from_string(sampass, temp, PDB_SET);
}
- if (get_single_attribute(ldap_state->ldap_struct, entry,
+ if (get_single_attribute(ldap_state->smbldap_state->ldap_struct, entry,
get_userattr_key2string(ldap_state->schema_ver, LDAP_ATTR_PRIMARY_GROUP_SID), temp))
{
pdb_set_group_sid_from_string(sampass, temp, PDB_SET);
}
else
{
- if (get_single_attribute(ldap_state->ldap_struct, entry,
+ if (get_single_attribute(ldap_state->smbldap_state->ldap_struct, entry,
get_userattr_key2string(ldap_state->schema_ver, LDAP_ATTR_USER_RID), temp))
{
user_rid = (uint32)atol(temp);
pdb_set_user_sid_from_rid(sampass, user_rid, PDB_SET);
}
- if (!get_single_attribute(ldap_state->ldap_struct, entry,
+ if (!get_single_attribute(ldap_state->smbldap_state->ldap_struct, entry,
get_userattr_key2string(ldap_state->schema_ver, LDAP_ATTR_PRIMARY_GROUP_RID), temp))
{
pdb_set_group_sid_from_rid(sampass, DOMAIN_GROUP_RID_USERS, PDB_DEFAULT);
}
}
- if (!get_single_attribute(ldap_state->ldap_struct, entry,
+ if (!get_single_attribute(ldap_state->smbldap_state->ldap_struct, entry,
get_userattr_key2string(ldap_state->schema_ver, LDAP_ATTR_PWD_LAST_SET), temp))
{
/* leave as default */
pdb_set_pass_last_set_time(sampass, pass_last_set_time, PDB_SET);
}
- if (!get_single_attribute(ldap_state->ldap_struct, entry,
+ if (!get_single_attribute(ldap_state->smbldap_state->ldap_struct, entry,
get_userattr_key2string(ldap_state->schema_ver, LDAP_ATTR_LOGON_TIME), temp))
{
/* leave as default */
pdb_set_logon_time(sampass, logon_time, PDB_SET);
}
- if (!get_single_attribute(ldap_state->ldap_struct, entry,
+ if (!get_single_attribute(ldap_state->smbldap_state->ldap_struct, entry,
get_userattr_key2string(ldap_state->schema_ver, LDAP_ATTR_LOGOFF_TIME), temp))
{
/* leave as default */
pdb_set_logoff_time(sampass, logoff_time, PDB_SET);
}
- if (!get_single_attribute(ldap_state->ldap_struct, entry,
+ if (!get_single_attribute(ldap_state->smbldap_state->ldap_struct, entry,
get_userattr_key2string(ldap_state->schema_ver, LDAP_ATTR_KICKOFF_TIME), temp))
{
/* leave as default */
pdb_set_kickoff_time(sampass, kickoff_time, PDB_SET);
}
- if (!get_single_attribute(ldap_state->ldap_struct, entry,
+ if (!get_single_attribute(ldap_state->smbldap_state->ldap_struct, entry,
get_userattr_key2string(ldap_state->schema_ver, LDAP_ATTR_PWD_CAN_CHANGE), temp))
{
/* leave as default */
pdb_set_pass_can_change_time(sampass, pass_can_change_time, PDB_SET);
}
- if (!get_single_attribute(ldap_state->ldap_struct, entry,
+ if (!get_single_attribute(ldap_state->smbldap_state->ldap_struct, entry,
get_userattr_key2string(ldap_state->schema_ver, LDAP_ATTR_PWD_MUST_CHANGE), temp))
{
/* leave as default */
* that fits your needs; using cn then displayName rather than 'userFullName'
*/
- if (!get_single_attribute(ldap_state->ldap_struct, entry,
+ if (!get_single_attribute(ldap_state->smbldap_state->ldap_struct, entry,
get_userattr_key2string(ldap_state->schema_ver, LDAP_ATTR_DISPLAY_NAME), fullname))
{
- if (!get_single_attribute(ldap_state->ldap_struct, entry,
+ if (!get_single_attribute(ldap_state->smbldap_state->ldap_struct, entry,
get_userattr_key2string(ldap_state->schema_ver, LDAP_ATTR_CN), fullname))
{
/* leave as default */
pdb_set_fullname(sampass, fullname, PDB_SET);
}
- if (!get_single_attribute(ldap_state->ldap_struct, entry,
+ if (!get_single_attribute(ldap_state->smbldap_state->ldap_struct, entry,
get_userattr_key2string(ldap_state->schema_ver, LDAP_ATTR_HOME_DRIVE), dir_drive))
{
pdb_set_dir_drive(sampass, talloc_sub_specified(sampass->mem_ctx,
pdb_set_dir_drive(sampass, dir_drive, PDB_SET);
}
- if (!get_single_attribute(ldap_state->ldap_struct, entry,
+ if (!get_single_attribute(ldap_state->smbldap_state->ldap_struct, entry,
get_userattr_key2string(ldap_state->schema_ver, LDAP_ATTR_HOME_PATH), homedir))
{
pdb_set_homedir(sampass, talloc_sub_specified(sampass->mem_ctx,
pdb_set_homedir(sampass, homedir, PDB_SET);
}
- if (!get_single_attribute(ldap_state->ldap_struct, entry,
+ if (!get_single_attribute(ldap_state->smbldap_state->ldap_struct, entry,
get_userattr_key2string(ldap_state->schema_ver, LDAP_ATTR_LOGON_SCRIPT), logon_script))
{
pdb_set_logon_script(sampass, talloc_sub_specified(sampass->mem_ctx,
pdb_set_logon_script(sampass, logon_script, PDB_SET);
}
- if (!get_single_attribute(ldap_state->ldap_struct, entry,
+ if (!get_single_attribute(ldap_state->smbldap_state->ldap_struct, entry,
get_userattr_key2string(ldap_state->schema_ver, LDAP_ATTR_PROFILE_PATH), profile_path))
{
pdb_set_profile_path(sampass, talloc_sub_specified(sampass->mem_ctx,
pdb_set_profile_path(sampass, profile_path, PDB_SET);
}
- if (!get_single_attribute(ldap_state->ldap_struct, entry,
+ if (!get_single_attribute(ldap_state->smbldap_state->ldap_struct, entry,
get_userattr_key2string(ldap_state->schema_ver, LDAP_ATTR_DESC), acct_desc))
{
/* leave as default */
pdb_set_acct_desc(sampass, acct_desc, PDB_SET);
}
- if (!get_single_attribute(ldap_state->ldap_struct, entry,
+ if (!get_single_attribute(ldap_state->smbldap_state->ldap_struct, entry,
get_userattr_key2string(ldap_state->schema_ver, LDAP_ATTR_USER_WKS), workstations))
{
/* leave as default */;
hours_len = 21;
memset(hours, 0xff, hours_len);
- if (!get_single_attribute (ldap_state->ldap_struct, entry,
+ if (!get_single_attribute (ldap_state->smbldap_state->ldap_struct, entry,
get_userattr_key2string(ldap_state->schema_ver, LDAP_ATTR_LMPW), temp))
{
/* leave as default */
ZERO_STRUCT(smblmpwd);
}
- if (!get_single_attribute (ldap_state->ldap_struct, entry,
+ if (!get_single_attribute (ldap_state->smbldap_state->ldap_struct, entry,
get_userattr_key2string(ldap_state->schema_ver, LDAP_ATTR_NTPW), temp))
{
/* leave as default */
ZERO_STRUCT(smbntpwd);
}
- if (!get_single_attribute (ldap_state->ldap_struct, entry,
+ if (!get_single_attribute (ldap_state->smbldap_state->ldap_struct, entry,
get_userattr_key2string(ldap_state->schema_ver, LDAP_ATTR_ACB_INFO), temp))
{
acct_ctrl |= ACB_NORMAL;
* do this on a per-mod basis
*/
if (need_update(sampass, PDB_USERNAME))
- make_ldap_mod(ldap_state->ldap_struct, existing, mods,
+ smbldap_make_mod(ldap_state->smbldap_state->ldap_struct, existing, mods,
"uid", pdb_get_username(sampass));
DEBUG(2, ("Setting entry for user: %s\n", pdb_get_username(sampass)));
return False;
}
slprintf(temp, sizeof(temp) - 1, "%i", rid);
- make_ldap_mod(ldap_state->ldap_struct, existing, mods,
+ smbldap_make_mod(ldap_state->smbldap_state->ldap_struct, existing, mods,
get_userattr_key2string(ldap_state->schema_ver, LDAP_ATTR_USER_RID),
temp);
break;
case SCHEMAVER_SAMBASAMACCOUNT:
- make_ldap_mod(ldap_state->ldap_struct, existing, mods,
+ smbldap_make_mod(ldap_state->smbldap_state->ldap_struct, existing, mods,
get_userattr_key2string(ldap_state->schema_ver, LDAP_ATTR_USER_SID),
sid_to_string(sid_string, user_sid));
break;
}
slprintf(temp, sizeof(temp) - 1, "%i", rid);
- make_ldap_mod(ldap_state->ldap_struct, existing, mods,
+ smbldap_make_mod(ldap_state->smbldap_state->ldap_struct, existing, mods,
get_userattr_key2string(ldap_state->schema_ver,
LDAP_ATTR_PRIMARY_GROUP_RID), temp);
break;
case SCHEMAVER_SAMBASAMACCOUNT:
- make_ldap_mod(ldap_state->ldap_struct, existing, mods,
+ smbldap_make_mod(ldap_state->smbldap_state->ldap_struct, existing, mods,
get_userattr_key2string(ldap_state->schema_ver,
LDAP_ATTR_PRIMARY_GROUP_SID), sid_to_string(sid_string, group_sid));
break;
*/
if (need_update(sampass, PDB_FULLNAME))
- make_ldap_mod(ldap_state->ldap_struct, existing, mods,
+ smbldap_make_mod(ldap_state->smbldap_state->ldap_struct, existing, mods,
get_userattr_key2string(ldap_state->schema_ver, LDAP_ATTR_DISPLAY_NAME),
pdb_get_fullname(sampass));
if (need_update(sampass, PDB_ACCTDESC))
- make_ldap_mod(ldap_state->ldap_struct, existing, mods,
+ smbldap_make_mod(ldap_state->smbldap_state->ldap_struct, existing, mods,
get_userattr_key2string(ldap_state->schema_ver, LDAP_ATTR_DESC),
pdb_get_acct_desc(sampass));
if (need_update(sampass, PDB_WORKSTATIONS))
- make_ldap_mod(ldap_state->ldap_struct, existing, mods,
+ smbldap_make_mod(ldap_state->smbldap_state->ldap_struct, existing, mods,
get_userattr_key2string(ldap_state->schema_ver, LDAP_ATTR_USER_WKS),
pdb_get_workstations(sampass));
if (need_update(sampass, PDB_SMBHOME))
- make_ldap_mod(ldap_state->ldap_struct, existing, mods,
+ smbldap_make_mod(ldap_state->smbldap_state->ldap_struct, existing, mods,
get_userattr_key2string(ldap_state->schema_ver, LDAP_ATTR_HOME_PATH),
pdb_get_homedir(sampass));
if (need_update(sampass, PDB_DRIVE))
- make_ldap_mod(ldap_state->ldap_struct, existing, mods,
+ smbldap_make_mod(ldap_state->smbldap_state->ldap_struct, existing, mods,
get_userattr_key2string(ldap_state->schema_ver, LDAP_ATTR_HOME_DRIVE),
pdb_get_dir_drive(sampass));
if (need_update(sampass, PDB_LOGONSCRIPT))
- make_ldap_mod(ldap_state->ldap_struct, existing, mods,
+ smbldap_make_mod(ldap_state->smbldap_state->ldap_struct, existing, mods,
get_userattr_key2string(ldap_state->schema_ver, LDAP_ATTR_LOGON_SCRIPT),
pdb_get_logon_script(sampass));
if (need_update(sampass, PDB_PROFILE))
- make_ldap_mod(ldap_state->ldap_struct, existing, mods,
+ smbldap_make_mod(ldap_state->smbldap_state->ldap_struct, existing, mods,
get_userattr_key2string(ldap_state->schema_ver, LDAP_ATTR_PROFILE_PATH),
pdb_get_profile_path(sampass));
slprintf(temp, sizeof(temp) - 1, "%li", pdb_get_logon_time(sampass));
if (need_update(sampass, PDB_LOGONTIME))
- make_ldap_mod(ldap_state->ldap_struct, existing, mods,
+ smbldap_make_mod(ldap_state->smbldap_state->ldap_struct, existing, mods,
get_userattr_key2string(ldap_state->schema_ver, LDAP_ATTR_LOGON_TIME), temp);
slprintf(temp, sizeof(temp) - 1, "%li", pdb_get_logoff_time(sampass));
if (need_update(sampass, PDB_LOGOFFTIME))
- make_ldap_mod(ldap_state->ldap_struct, existing, mods,
+ smbldap_make_mod(ldap_state->smbldap_state->ldap_struct, existing, mods,
get_userattr_key2string(ldap_state->schema_ver, LDAP_ATTR_LOGOFF_TIME), temp);
slprintf (temp, sizeof (temp) - 1, "%li", pdb_get_kickoff_time(sampass));
if (need_update(sampass, PDB_KICKOFFTIME))
- make_ldap_mod(ldap_state->ldap_struct, existing, mods,
+ smbldap_make_mod(ldap_state->smbldap_state->ldap_struct, existing, mods,
get_userattr_key2string(ldap_state->schema_ver, LDAP_ATTR_KICKOFF_TIME), temp);
slprintf (temp, sizeof (temp) - 1, "%li", pdb_get_pass_can_change_time(sampass));
if (need_update(sampass, PDB_CANCHANGETIME))
- make_ldap_mod(ldap_state->ldap_struct, existing, mods,
+ smbldap_make_mod(ldap_state->smbldap_state->ldap_struct, existing, mods,
get_userattr_key2string(ldap_state->schema_ver, LDAP_ATTR_PWD_CAN_CHANGE), temp);
slprintf (temp, sizeof (temp) - 1, "%li", pdb_get_pass_must_change_time(sampass));
if (need_update(sampass, PDB_MUSTCHANGETIME))
- make_ldap_mod(ldap_state->ldap_struct, existing, mods,
+ smbldap_make_mod(ldap_state->smbldap_state->ldap_struct, existing, mods,
get_userattr_key2string(ldap_state->schema_ver, LDAP_ATTR_PWD_MUST_CHANGE), temp);
if ((pdb_get_acct_ctrl(sampass)&(ACB_WSTRUST|ACB_SVRTRUST|ACB_DOMTRUST))
pdb_get_acct_ctrl(sampass));
if (need_update(sampass, PDB_LMPASSWD))
- make_ldap_mod(ldap_state->ldap_struct, existing, mods,
+ smbldap_make_mod(ldap_state->smbldap_state->ldap_struct, existing, mods,
get_userattr_key2string(ldap_state->schema_ver, LDAP_ATTR_LMPW),
temp);
pdb_get_acct_ctrl(sampass));
if (need_update(sampass, PDB_NTPASSWD))
- make_ldap_mod(ldap_state->ldap_struct, existing, mods,
+ smbldap_make_mod(ldap_state->smbldap_state->ldap_struct, existing, mods,
get_userattr_key2string(ldap_state->schema_ver, LDAP_ATTR_NTPW),
temp);
slprintf (temp, sizeof (temp) - 1, "%li", pdb_get_pass_last_set_time(sampass));
if (need_update(sampass, PDB_PASSLASTSET))
- make_ldap_mod(ldap_state->ldap_struct, existing, mods,
+ smbldap_make_mod(ldap_state->smbldap_state->ldap_struct, existing, mods,
get_userattr_key2string(ldap_state->schema_ver, LDAP_ATTR_PWD_LAST_SET),
temp);
}
/* FIXME: Hours stuff goes in LDAP */
if (need_update(sampass, PDB_ACCTCTRL))
- make_ldap_mod(ldap_state->ldap_struct, existing, mods,
+ smbldap_make_mod(ldap_state->smbldap_state->ldap_struct, existing, mods,
get_userattr_key2string(ldap_state->schema_ver, LDAP_ATTR_ACB_INFO),
pdb_encode_acct_ctrl (pdb_get_acct_ctrl(sampass), NEW_PW_FORMAT_SPACE_PADDED_LEN));
all_string_sub(filter, "%u", "*", sizeof(pstring));
attr_list = get_userattr_list(ldap_state->schema_ver);
- rc = ldapsam_search_suffix(ldap_state, filter, attr_list, &ldap_state->result);
+ rc = smbldap_search_suffix(ldap_state->smbldap_state, filter,
+ attr_list, &ldap_state->result);
free_attr_list( attr_list );
if (rc != LDAP_SUCCESS) {
}
DEBUG(2, ("ldapsam_setsampwent: %d entries in the base!\n",
- ldap_count_entries(ldap_state->ldap_struct,
+ ldap_count_entries(ldap_state->smbldap_state->ldap_struct,
ldap_state->result)));
- ldap_state->entry = ldap_first_entry(ldap_state->ldap_struct,
+ ldap_state->entry = ldap_first_entry(ldap_state->smbldap_state->ldap_struct,
ldap_state->result);
ldap_state->index = 0;
struct ldapsam_privates *ldap_state = (struct ldapsam_privates *)my_methods->private_data;
BOOL bret = False;
- /* The rebind proc needs this *HACK*. We are not multithreaded, so
- this will work, but it's not nice. */
- static_ldap_state = ldap_state;
-
while (!bret) {
if (!ldap_state->entry)
return ret;
ldap_state->index++;
bret = init_sam_from_ldap(ldap_state, user, ldap_state->entry);
- ldap_state->entry = ldap_next_entry(ldap_state->ldap_struct,
+ ldap_state->entry = ldap_next_entry(ldap_state->smbldap_state->ldap_struct,
ldap_state->entry);
}
if ( rc != LDAP_SUCCESS )
return NT_STATUS_NO_SUCH_USER;
- count = ldap_count_entries(ldap_state->ldap_struct, result);
+ count = ldap_count_entries(ldap_state->smbldap_state->ldap_struct, result);
if (count < 1) {
DEBUG(4,
return NT_STATUS_NO_SUCH_USER;
}
- entry = ldap_first_entry(ldap_state->ldap_struct, result);
+ entry = ldap_first_entry(ldap_state->smbldap_state->ldap_struct, result);
if (entry) {
if (!init_sam_from_ldap(ldap_state, user, entry)) {
DEBUG(1,("ldapsam_getsampwnam: init_sam_from_ldap failed for user '%s'!\n", sname));
break;
}
- count = ldap_count_entries(ldap_state->ldap_struct, result);
+ count = ldap_count_entries(ldap_state->smbldap_state->ldap_struct, result);
if (count < 1)
{
return NT_STATUS_NO_SUCH_USER;
}
- entry = ldap_first_entry(ldap_state->ldap_struct, result);
+ entry = ldap_first_entry(ldap_state->smbldap_state->ldap_struct, result);
if (entry)
{
if (!init_sam_from_ldap(ldap_state, user, entry)) {
switch(ldap_op)
{
case LDAP_MOD_ADD:
- ldap_set_mod(&mods, LDAP_MOD_ADD, "objectclass", LDAP_OBJ_ACCOUNT);
- rc = ldapsam_add(ldap_state, dn, mods);
+ smbldap_set_mod(&mods, LDAP_MOD_ADD, "objectclass", LDAP_OBJ_ACCOUNT);
+ rc = smbldap_add(ldap_state->smbldap_state,
+ dn, mods);
break;
case LDAP_MOD_REPLACE:
- rc = ldapsam_modify(ldap_state, dn ,mods);
+ rc = smbldap_modify(ldap_state->smbldap_state,
+ dn ,mods);
break;
default:
DEBUG(0,("Wrong LDAP operation type: %d!\n", ldap_op));
if (rc!=LDAP_SUCCESS) {
char *ld_error = NULL;
- ldap_get_option(ldap_state->ldap_struct, LDAP_OPT_ERROR_STRING,
+ ldap_get_option(ldap_state->smbldap_state->ldap_struct, LDAP_OPT_ERROR_STRING,
&ld_error);
DEBUG(1,
("failed to %s user dn= %s with: %s\n\t%s\n",
SAFE_FREE(utf8_password);
ber_free(ber, 1);
- if ((rc = ldapsam_extended_operation(ldap_state, LDAP_EXOP_MODIFY_PASSWD,
- bv, NULL, NULL, &retoid, &retdata))!=LDAP_SUCCESS) {
+ if ((rc = smbldap_extended_operation(ldap_state->smbldap_state,
+ LDAP_EXOP_MODIFY_PASSWD,
+ bv, NULL, NULL, &retoid,
+ &retdata)) != LDAP_SUCCESS) {
DEBUG(0,("LDAP Password could not be changed for user %s: %s\n",
pdb_get_username(newpwd),ldap_err2string(rc)));
} else {
if (rc != LDAP_SUCCESS)
return NT_STATUS_UNSUCCESSFUL;
- if (ldap_count_entries(ldap_state->ldap_struct, result) == 0) {
+ if (ldap_count_entries(ldap_state->smbldap_state->ldap_struct, result) == 0) {
DEBUG(0, ("No user to modify!\n"));
ldap_msgfree(result);
return NT_STATUS_UNSUCCESSFUL;
}
- entry = ldap_first_entry(ldap_state->ldap_struct, result);
- dn = ldap_get_dn(ldap_state->ldap_struct, entry);
+ entry = ldap_first_entry(ldap_state->smbldap_state->ldap_struct, result);
+ dn = ldap_get_dn(ldap_state->smbldap_state->ldap_struct, entry);
if (!init_ldap_from_sam(ldap_state, entry, &mods, newpwd,
element_is_changed)) {
if (!NT_STATUS_IS_OK(ret)) {
char *ld_error = NULL;
- ldap_get_option(ldap_state->ldap_struct, LDAP_OPT_ERROR_STRING,
+ ldap_get_option(ldap_state->smbldap_state->ldap_struct, LDAP_OPT_ERROR_STRING,
&ld_error);
DEBUG(0,("failed to modify user with uid = %s, error: %s (%s)\n",
pdb_get_username(newpwd), ld_error?ld_error:"(unknwon)", ldap_err2string(rc)));
return NT_STATUS_UNSUCCESSFUL;
}
- if (ldap_count_entries(ldap_state->ldap_struct, result) != 0) {
+ if (ldap_count_entries(ldap_state->smbldap_state->ldap_struct, result) != 0) {
DEBUG(0,("User '%s' already in the base, with samba attributes\n",
username));
ldap_msgfree(result);
all_string_sub( filter, "%u", escape_user, sizeof(filter) );
SAFE_FREE( escape_user );
- rc = ldapsam_search_suffix(ldap_state, filter, attr_list, &result);
+ rc = smbldap_search_suffix(ldap_state->smbldap_state,
+ filter, attr_list, &result);
free_attr_list( attr_list );
if ( rc != LDAP_SUCCESS )
return NT_STATUS_UNSUCCESSFUL;
- num_result = ldap_count_entries(ldap_state->ldap_struct, result);
+ num_result = ldap_count_entries(ldap_state->smbldap_state->ldap_struct, result);
if (num_result > 1) {
DEBUG (0, ("More than one user with that uid exists: bailing out!\n"));
DEBUG(3,("User exists without samba attributes: adding them\n"));
ldap_op = LDAP_MOD_REPLACE;
- entry = ldap_first_entry (ldap_state->ldap_struct, result);
- tmp = ldap_get_dn (ldap_state->ldap_struct, entry);
+ entry = ldap_first_entry (ldap_state->smbldap_state->ldap_struct, result);
+ tmp = ldap_get_dn (ldap_state->smbldap_state->ldap_struct, entry);
slprintf (dn, sizeof (dn) - 1, "%s", tmp);
ldap_memfree (tmp);
} else {
switch ( ldap_state->schema_ver )
{
case SCHEMAVER_SAMBAACCOUNT:
- ldap_set_mod(&mods, LDAP_MOD_ADD, "objectclass", LDAP_OBJ_SAMBAACCOUNT);
+ smbldap_set_mod(&mods, LDAP_MOD_ADD, "objectclass", LDAP_OBJ_SAMBAACCOUNT);
break;
case SCHEMAVER_SAMBASAMACCOUNT:
- ldap_set_mod(&mods, LDAP_MOD_ADD, "objectclass", LDAP_OBJ_SAMBASAMACCOUNT);
+ smbldap_set_mod(&mods, LDAP_MOD_ADD, "objectclass", LDAP_OBJ_SAMBASAMACCOUNT);
break;
default:
DEBUG(0,("ldapsam_add_sam_account: invalid schema version specified\n"));
Housekeeping
*********************************************************************/
-static void free_private_data(void **vp)
+static void smbldap_free_struct(struct smbldap_state **ldap_state)
{
- struct ldapsam_privates **ldap_state = (struct ldapsam_privates **)vp;
-
- ldapsam_close(*ldap_state);
-
+ smbldap_close(*ldap_state);
+
if ((*ldap_state)->bind_secret) {
memset((*ldap_state)->bind_secret, '\0', strlen((*ldap_state)->bind_secret));
}
- ldapsam_close(*ldap_state);
-
SAFE_FREE((*ldap_state)->bind_dn);
SAFE_FREE((*ldap_state)->bind_secret);
/* No need to free any further, as it is talloc()ed */
}
+
+/**********************************************************************
+ Housekeeping
+ *********************************************************************/
+
+static void free_private_data(void **vp)
+{
+ struct ldapsam_privates **ldap_state = (struct ldapsam_privates **)vp;
+
+ smbldap_free_struct(&(*ldap_state)->smbldap_state);
+
+ *ldap_state = NULL;
+
+ /* No need to free any further, as it is talloc()ed */
+}
+
/**********************************************************************
*********************************************************************/
attr_list = get_attr_list(groupmap_attr_list);
- rc = ldapsam_search(ldap_state, lp_ldap_group_suffix (), scope,
+ rc = smbldap_search(ldap_state->smbldap_state,
+ lp_ldap_group_suffix (), scope,
filter, attr_list, 0, result);
free_attr_list( attr_list );
if (rc != LDAP_SUCCESS) {
char *ld_error = NULL;
- ldap_get_option(ldap_state->ldap_struct, LDAP_OPT_ERROR_STRING,
+ ldap_get_option(ldap_state->smbldap_state->ldap_struct, LDAP_OPT_ERROR_STRING,
&ld_error);
DEBUG(0, ("ldapsam_search_one_group: "
"Problem during the LDAP search: LDAP error: %s (%s)",
pstring temp;
if (ldap_state == NULL || map == NULL || entry == NULL ||
- ldap_state->ldap_struct == NULL)
+ ldap_state->smbldap_state->ldap_struct == NULL)
{
DEBUG(0, ("init_group_from_ldap: NULL parameters found!\n"));
return False;
}
- if (!get_single_attribute(ldap_state->ldap_struct, entry,
+ if (!get_single_attribute(ldap_state->smbldap_state->ldap_struct, entry,
get_attr_key2string(groupmap_attr_list, LDAP_ATTR_GIDNUMBER), temp))
{
DEBUG(0, ("Mandatory attribute %s not found\n",
map->gid = (gid_t)atol(temp);
- if (!get_single_attribute(ldap_state->ldap_struct, entry,
+ if (!get_single_attribute(ldap_state->smbldap_state->ldap_struct, entry,
get_attr_key2string( groupmap_attr_list, LDAP_ATTR_GROUP_SID), temp))
{
DEBUG(0, ("Mandatory attribute %s not found\n",
}
string_to_sid(&map->sid, temp);
- if (!get_single_attribute(ldap_state->ldap_struct, entry,
+ if (!get_single_attribute(ldap_state->smbldap_state->ldap_struct, entry,
get_attr_key2string( groupmap_attr_list, LDAP_ATTR_GROUP_TYPE), temp))
{
DEBUG(0, ("Mandatory attribute %s not found\n",
return False;
}
- if (!get_single_attribute(ldap_state->ldap_struct, entry,
+ if (!get_single_attribute(ldap_state->smbldap_state->ldap_struct, entry,
get_attr_key2string( groupmap_attr_list, LDAP_ATTR_DISPLAY_NAME), temp))
{
temp[0] = '\0';
- if (!get_single_attribute(ldap_state->ldap_struct, entry,
+ if (!get_single_attribute(ldap_state->smbldap_state->ldap_struct, entry,
get_attr_key2string( groupmap_attr_list, LDAP_ATTR_CN), temp))
{
DEBUG(0, ("Attributes cn not found either "
}
fstrcpy(map->nt_name, temp);
- if (!get_single_attribute(ldap_state->ldap_struct, entry,
+ if (!get_single_attribute(ldap_state->smbldap_state->ldap_struct, entry,
get_attr_key2string( groupmap_attr_list, LDAP_ATTR_DESC), temp))
{
temp[0] = '\0';
*mods = NULL;
sid_to_string(tmp, &map->sid);
- make_ldap_mod(ldap_struct, existing, mods,
+ smbldap_make_mod(ldap_struct, existing, mods,
get_attr_key2string(groupmap_attr_list, LDAP_ATTR_GROUP_SID), tmp);
snprintf(tmp, sizeof(tmp)-1, "%i", map->sid_name_use);
- make_ldap_mod(ldap_struct, existing, mods,
+ smbldap_make_mod(ldap_struct, existing, mods,
get_attr_key2string(groupmap_attr_list, LDAP_ATTR_GROUP_TYPE), tmp);
- make_ldap_mod(ldap_struct, existing, mods,
+ smbldap_make_mod(ldap_struct, existing, mods,
get_attr_key2string( groupmap_attr_list, LDAP_ATTR_DISPLAY_NAME), map->nt_name);
- make_ldap_mod(ldap_struct, existing, mods,
+ smbldap_make_mod(ldap_struct, existing, mods,
get_attr_key2string( groupmap_attr_list, LDAP_ATTR_DESC), map->comment);
return True;
return NT_STATUS_NO_SUCH_GROUP;
}
- count = ldap_count_entries(ldap_state->ldap_struct, result);
+ count = ldap_count_entries(ldap_state->smbldap_state->ldap_struct, result);
if (count < 1) {
DEBUG(4, ("Did not find group for filter %s\n", filter));
return NT_STATUS_NO_SUCH_GROUP;
}
- entry = ldap_first_entry(ldap_state->ldap_struct, result);
+ entry = ldap_first_entry(ldap_state->smbldap_state->ldap_struct, result);
if (!entry) {
ldap_msgfree(result);
return NT_STATUS_UNSUCCESSFUL;
}
- if (ldap_count_entries(ldap_state->ldap_struct, result) != 1) {
+ if (ldap_count_entries(ldap_state->smbldap_state->ldap_struct, result) != 1) {
DEBUG(2, ("Group %i must exist exactly once in LDAP\n",
map->gid));
ldap_msgfree(result);
return NT_STATUS_UNSUCCESSFUL;
}
- entry = ldap_first_entry(ldap_state->ldap_struct, result);
- tmp = ldap_get_dn(ldap_state->ldap_struct, entry);
+ entry = ldap_first_entry(ldap_state->smbldap_state->ldap_struct, result);
+ tmp = ldap_get_dn(ldap_state->smbldap_state->ldap_struct, entry);
pstrcpy(dn, tmp);
ldap_memfree(tmp);
- if (!init_ldap_from_group(ldap_state->ldap_struct,
+ if (!init_ldap_from_group(ldap_state->smbldap_state->ldap_struct,
result, &mods, map)) {
DEBUG(0, ("init_ldap_from_group failed!\n"));
ldap_mods_free(mods, True);
return NT_STATUS_UNSUCCESSFUL;
}
- ldap_set_mod(&mods, LDAP_MOD_ADD, "objectClass", LDAP_OBJ_GROUPMAP );
+ smbldap_set_mod(&mods, LDAP_MOD_ADD, "objectClass", LDAP_OBJ_GROUPMAP );
- rc = ldapsam_modify(ldap_state, dn, mods);
+ rc = smbldap_modify(ldap_state->smbldap_state, dn, mods);
ldap_mods_free(mods, True);
if (rc != LDAP_SUCCESS) {
char *ld_error = NULL;
- ldap_get_option(ldap_state->ldap_struct, LDAP_OPT_ERROR_STRING,
+ ldap_get_option(ldap_state->smbldap_state->ldap_struct, LDAP_OPT_ERROR_STRING,
&ld_error);
DEBUG(0, ("failed to add group %i error: %s (%s)\n", map->gid,
ld_error ? ld_error : "(unknown)", ldap_err2string(rc)));
return NT_STATUS_UNSUCCESSFUL;
}
- if (ldap_count_entries(ldap_state->ldap_struct, result) == 0) {
+ if (ldap_count_entries(ldap_state->smbldap_state->ldap_struct, result) == 0) {
DEBUG(0, ("No group to modify!\n"));
ldap_msgfree(result);
return NT_STATUS_UNSUCCESSFUL;
}
- entry = ldap_first_entry(ldap_state->ldap_struct, result);
- dn = ldap_get_dn(ldap_state->ldap_struct, entry);
+ entry = ldap_first_entry(ldap_state->smbldap_state->ldap_struct, result);
+ dn = ldap_get_dn(ldap_state->smbldap_state->ldap_struct, entry);
- if (!init_ldap_from_group(ldap_state->ldap_struct,
+ if (!init_ldap_from_group(ldap_state->smbldap_state->ldap_struct,
result, &mods, map)) {
DEBUG(0, ("init_ldap_from_group failed\n"));
ldap_msgfree(result);
return NT_STATUS_UNSUCCESSFUL;
}
- rc = ldapsam_modify(ldap_state, dn, mods);
+ rc = smbldap_modify(ldap_state->smbldap_state, dn, mods);
ldap_mods_free(mods, True);
if (rc != LDAP_SUCCESS) {
char *ld_error = NULL;
- ldap_get_option(ldap_state->ldap_struct, LDAP_OPT_ERROR_STRING,
+ ldap_get_option(ldap_state->smbldap_state->ldap_struct, LDAP_OPT_ERROR_STRING,
&ld_error);
DEBUG(0, ("failed to modify group %i error: %s (%s)\n", map->gid,
ld_error ? ld_error : "(unknown)", ldap_err2string(rc)));
snprintf( filter, sizeof(filter)-1, "(objectclass=%s)", LDAP_OBJ_GROUPMAP);
attr_list = get_attr_list( groupmap_attr_list );
- rc = ldapsam_search(ldap_state, lp_ldap_group_suffix(),
+ rc = smbldap_search(ldap_state->smbldap_state, lp_ldap_group_suffix(),
LDAP_SCOPE_SUBTREE, filter,
attr_list, 0, &ldap_state->result);
free_attr_list( attr_list );
}
DEBUG(2, ("ldapsam_setsampwent: %d entries in the base!\n",
- ldap_count_entries(ldap_state->ldap_struct,
+ ldap_count_entries(ldap_state->smbldap_state->ldap_struct,
ldap_state->result)));
- ldap_state->entry = ldap_first_entry(ldap_state->ldap_struct, ldap_state->result);
+ ldap_state->entry = ldap_first_entry(ldap_state->smbldap_state->ldap_struct, ldap_state->result);
ldap_state->index = 0;
return NT_STATUS_OK;
struct ldapsam_privates *ldap_state = (struct ldapsam_privates *)my_methods->private_data;
BOOL bret = False;
- /* The rebind proc needs this *HACK*. We are not multithreaded, so
- this will work, but it's not nice. */
- static_ldap_state = ldap_state;
-
while (!bret) {
if (!ldap_state->entry)
return ret;
ldap_state->index++;
bret = init_group_from_ldap(ldap_state, map, ldap_state->entry);
- ldap_state->entry = ldap_next_entry(ldap_state->ldap_struct,
+ ldap_state->entry = ldap_next_entry(ldap_state->smbldap_state->ldap_struct,
ldap_state->entry);
}
}
/**********************************************************************
+ Intitalise the 'general' ldap structures, on which ldap operations may be conducted
+ *********************************************************************/
+
+static NTSTATUS smbldap_init(TALLOC_CTX *mem_ctx, const char *location, struct smbldap_state **smbldap_state)
+{
+ *smbldap_state = talloc_zero(mem_ctx, sizeof(**smbldap_state));
+ if (!*smbldap_state) {
+ DEBUG(0, ("talloc() failed for ldapsam private_data!\n"));
+ return NT_STATUS_NO_MEMORY;
+ }
+
+ if (location) {
+ (*smbldap_state)->uri = talloc_strdup(mem_ctx, location);
+ } else {
+ (*smbldap_state)->uri = "ldap://localhost";
+ }
+ return NT_STATUS_OK;
+}
+
+/**********************************************************************
+ Intitalise the parts of the pdb_context that are common to all pdb_ldap modes
*********************************************************************/
static NTSTATUS pdb_init_ldapsam_common(PDB_CONTEXT *pdb_context, PDB_METHODS **pdb_method,
/* TODO: Setup private data and free */
- ldap_state = talloc_zero(pdb_context->mem_ctx, sizeof(struct ldapsam_privates));
-
+ ldap_state = talloc_zero(pdb_context->mem_ctx, sizeof(*ldap_state));
if (!ldap_state) {
DEBUG(0, ("talloc() failed for ldapsam private_data!\n"));
return NT_STATUS_NO_MEMORY;
}
- if (location) {
- ldap_state->uri = talloc_strdup(pdb_context->mem_ctx, location);
- } else {
- ldap_state->uri = "ldap://localhost";
- }
+ if (!NT_STATUS_IS_OK(nt_status =
+ smbldap_init(pdb_context->mem_ctx, location,
+ &ldap_state->smbldap_state)));
ldap_state->domain_name = talloc_strdup(pdb_context->mem_ctx, get_global_sam_name());
if (!ldap_state->domain_name) {
}
/**********************************************************************
+ Initialise the 'compat' mode for pdb_ldap
*********************************************************************/
static NTSTATUS pdb_init_ldapsam_compat(PDB_CONTEXT *pdb_context, PDB_METHODS **pdb_method, const char *location)
NTSTATUS nt_status;
struct ldapsam_privates *ldap_state;
- if (!NT_STATUS_IS_OK(nt_status = pdb_init_ldapsam_common(pdb_context, pdb_method, location))) {
- return nt_status;
- }
-
- (*pdb_method)->name = "ldapsam_compat";
-
- ldap_state = (*pdb_method)->private_data;
- ldap_state->schema_ver = SCHEMAVER_SAMBAACCOUNT;
-
- if (location) {
- ldap_state->uri = talloc_strdup(pdb_context->mem_ctx, location);
- } else {
#ifndef WITH_LDAP_SAMCONFIG
- ldap_state->uri = "ldap://localhost";
+ location = "ldap://localhost";
#else
+ {
int ldap_port = lp_ldap_port();
/* remap default port if not using SSL (ie clear or TLS) */
ldap_port = 389;
}
- ldap_state->uri = talloc_asprintf(pdb_context->mem_ctx, "%s://%s:%d", lp_ldap_ssl() == LDAP_SSL_ON ? "ldaps" : "ldap", lp_ldap_server(), ldap_port);
- if (!ldap_state->uri) {
+ location = talloc_asprintf(pdb_context->mem_ctx, "%s://%s:%d", lp_ldap_ssl() == LDAP_SSL_ON ? "ldaps" : "ldap", lp_ldap_server(), ldap_port);
+ if (!location) {
return NT_STATUS_NO_MEMORY;
}
+ }
#endif
+
+ if (!NT_STATUS_IS_OK(nt_status = pdb_init_ldapsam_common(pdb_context, pdb_method, location))) {
+ return nt_status;
}
+ (*pdb_method)->name = "ldapsam_compat";
+
+ ldap_state = (*pdb_method)->private_data;
+ ldap_state->schema_ver = SCHEMAVER_SAMBAACCOUNT;
+
return NT_STATUS_OK;
}
/**********************************************************************
+ Initialise the normal mode for pdb_ldap
*********************************************************************/
static NTSTATUS pdb_init_ldapsam(PDB_CONTEXT *pdb_context, PDB_METHODS **pdb_method, const char *location)
git.samba.org / kai / samba.git / blobdiff