#ifndef _SECRETS_H
#define _SECRETS_H
-/* structure for storing machine account password
- (ie. when samba server is member of a domain */
-struct machine_acct_pass {
- uint8_t hash[16];
- time_t mod_time;
-};
-
#define SECRETS_PRIMARY_DOMAIN_DN "cn=Primary Domains"
#define SECRETS_PRINCIPALS_DN "cn=Principals"
#define SECRETS_PRIMARY_DOMAIN_FILTER "(&(flatname=%s)(objectclass=primaryDomain))"
#define SECRETS_PRIMARY_REALM_FILTER "(&(realm=%s)(objectclass=primaryDomain))"
#define SECRETS_KRBTGT_SEARCH "(&((|(realm=%s)(flatname=%s))(samAccountName=krbtgt)))"
#define SECRETS_PRINCIPAL_SEARCH "(&(|(realm=%s)(flatname=%s))(servicePrincipalName=%s))"
-#define SECRETS_LDAP_FILTER "(objectclass=ldapSecret)"
+#define SECRETS_LDAP_FILTER "(&(objectclass=ldapSecret)(cn=SAMDB Credentials))"
/**
* Use a TDB to store an incrementing random seed.
* @note Not called by systems with a working /dev/urandom.
*/
struct loadparm_context;
-struct event_context;
-struct tdb_wrap *secrets_init(TALLOC_CTX *mem_ctx, struct loadparm_context *lp_ctx);
-struct ldb_context *secrets_db_connect(TALLOC_CTX *mem_ctx, struct event_context *ev_ctx, struct loadparm_context *lp_ctx);
-struct dom_sid *secrets_get_domain_sid(TALLOC_CTX *mem_ctx, struct event_context *ev_ctx, struct loadparm_context *lp_ctx, const char *domain);
+struct tevent_context;
+struct ldb_message;
+struct ldb_context;
+
+#include "librpc/gen_ndr/misc.h"
+
+bool randseed_init(TALLOC_CTX *mem_ctx, struct loadparm_context *lp_ctx);
+
+struct ldb_context *secrets_db_connect(TALLOC_CTX *mem_ctx, struct loadparm_context *lp_ctx);
+struct dom_sid *secrets_get_domain_sid(TALLOC_CTX *mem_ctx,
+ struct loadparm_context *lp_ctx,
+ const char *domain,
+ enum netr_SchannelType *sec_channel_type,
+ char **errstring);
+char *keytab_name_from_msg(TALLOC_CTX *mem_ctx, struct ldb_context *ldb, struct ldb_message *msg);
#endif /* _SECRETS_H */