NTSTATUS smbldap_init(TALLOC_CTX *mem_ctx,
struct tevent_context *tevent_ctx,
- const char *location,
- struct smbldap_state **smbldap_state);
+ const char *location,
+ bool anon,
+ const char *bind_dn,
+ const char *bind_secret,
+ struct smbldap_state **smbldap_state);
void smbldap_set_mod (LDAPMod *** modlist, int modop, const char *attribute, const char *value);
void smbldap_set_mod_blob(LDAPMod *** modlist, int modop, const char *attribute, const DATA_BLOB *newblob);
NTSTATUS smbldap_init(TALLOC_CTX *mem_ctx, struct tevent_context *tevent_ctx,
const char *location,
+ bool anon,
+ const char *bind_dn,
+ const char *bind_secret,
struct smbldap_state **smbldap_state)
{
*smbldap_state = talloc_zero(mem_ctx, struct smbldap_state);
{
NTSTATUS nt_status;
struct ldapsam_privates *ldap_state;
+ char *bind_dn = NULL;
+ char *bind_secret = NULL;
if (!NT_STATUS_IS_OK(nt_status = make_pdb_method( pdb_method ))) {
return nt_status;
return NT_STATUS_NO_MEMORY;
}
- nt_status = smbldap_init(*pdb_method, pdb_get_tevent_context(),
- location, &ldap_state->smbldap_state);
+ if (!fetch_ldap_pw(&bind_dn, &bind_secret)) {
+ DEBUG(0, ("pdb_init_ldapsam_common: Failed to retrieve LDAP password from secrets.tdb\n"));
+ return NT_STATUS_NO_MEMORY;
+ }
+ nt_status = smbldap_init(*pdb_method, pdb_get_tevent_context(),
+ location, false, bind_dn, bind_secret,
+ &ldap_state->smbldap_state);
+ memset(bind_secret, '\0', strlen(bind_secret));
+ SAFE_FREE(bind_secret);
+ SAFE_FREE(bind_dn);
if ( !NT_STATUS_IS_OK(nt_status) ) {
return nt_status;
}
#include "passdb/pdb_ldap_util.h"
#include "passdb/pdb_ldap_schema.h"
#include "lib/privileges.h"
+#include "secrets.h"
/*
* Set a user's data
struct samu *samuser;
struct passwd *pwd;
bool is_ipa = false;
+ char *bind_dn = NULL;
+ char *bind_secret = NULL;
+ NTSTATUS status;
if (c->display_usage) {
d_printf( "%s\n"
goto failed;
}
- if (!NT_STATUS_IS_OK(smbldap_init(tc, NULL, ldap_uri, &state))) {
+ if (!fetch_ldap_pw(&bind_dn, &bind_secret)) {
+ d_fprintf(stderr, _("Failed to retrieve LDAP password from secrets.tdb\n"));
+ goto failed;
+ }
+
+ status = smbldap_init(tc, NULL, ldap_uri, false, bind_dn, bind_secret, &state);
+
+ memset(bind_secret, '\0', strlen(bind_secret));
+ SAFE_FREE(bind_secret);
+ SAFE_FREE(bind_dn);
+
+ if (!NT_STATUS_IS_OK(status)) {
d_fprintf(stderr, _("Unable to connect to the LDAP server.\n"));
goto failed;
}
ctx->rw_ops->get_new_id = idmap_ldap_allocate_id_internal;
ctx->rw_ops->set_mapping = idmap_ldap_set_mapping;
+ /* get_credentials deals with setting up creds */
+
ret = smbldap_init(ctx, winbind_event_context(), ctx->url,
- &ctx->smbldap_state);
+ false, NULL, NULL, &ctx->smbldap_state);
if (!NT_STATUS_IS_OK(ret)) {
DEBUG(1, ("ERROR: smbldap_init (%s) failed!\n", ctx->url));
goto done;