+static NTSTATUS map_user_info_cracknames(struct ldb_context *sam_ctx,
+ TALLOC_CTX *mem_ctx,
+ const char *default_domain,
+ const struct auth_usersupplied_info *user_info,
+ struct auth_usersupplied_info **user_info_mapped)
+{
+ char *domain;
+ char *account_name;
+ TALLOC_CTX *tmp_ctx = talloc_new(mem_ctx);
+ WERROR werr;
+ struct drsuapi_DsNameInfo1 info1;
+
+ DEBUG(5,("map_user_info_cracknames: Mapping user [%s]\\[%s] from workstation [%s]\n",
+ user_info->client.domain_name, user_info->client.account_name, user_info->workstation_name));
+
+ account_name = talloc_strdup(tmp_ctx, user_info->client.account_name);
+ if (!account_name) {
+ talloc_free(tmp_ctx);
+ return NT_STATUS_NO_MEMORY;
+ }
+
+ /* use cracknames to work out what domain is being
+ asked for */
+ if (strchr_m(user_info->client.account_name, '@') != NULL) {
+ werr = DsCrackNameOneName(sam_ctx, tmp_ctx, 0,
+ DRSUAPI_DS_NAME_FORMAT_USER_PRINCIPAL,
+ DRSUAPI_DS_NAME_FORMAT_NT4_ACCOUNT,
+ user_info->client.account_name,
+ &info1);
+ if (!W_ERROR_IS_OK(werr)) {
+ DEBUG(2,("map_user_info: Failed cracknames of account '%s'\n",
+ user_info->client.account_name));
+ talloc_free(tmp_ctx);
+ return werror_to_ntstatus(werr);
+ }
+ switch (info1.status) {
+ case DRSUAPI_DS_NAME_STATUS_OK:
+ break;
+ case DRSUAPI_DS_NAME_STATUS_NOT_FOUND:
+ DEBUG(2,("map_user_info: Cracknames of account '%s' -> NOT_FOUND\n",
+ user_info->client.account_name));
+ talloc_free(tmp_ctx);
+ return NT_STATUS_NO_SUCH_USER;
+ case DRSUAPI_DS_NAME_STATUS_DOMAIN_ONLY:
+ DEBUG(2,("map_user_info: Cracknames of account '%s' -> DOMAIN_ONLY\n",
+ user_info->client.account_name));
+ talloc_free(tmp_ctx);
+ return NT_STATUS_NO_SUCH_USER;
+ case DRSUAPI_DS_NAME_STATUS_NOT_UNIQUE:
+ DEBUG(2,("map_user_info: Cracknames of account '%s' -> NOT_UNIQUE\n",
+ user_info->client.account_name));
+ talloc_free(tmp_ctx);
+ return NT_STATUS_NO_SUCH_USER;
+ case DRSUAPI_DS_NAME_STATUS_RESOLVE_ERROR:
+ DEBUG(2,("map_user_info: Cracknames of account '%s' -> RESOLVE_ERROR\n",
+ user_info->client.account_name));
+ talloc_free(tmp_ctx);
+ return NT_STATUS_NO_SUCH_USER;
+ default:
+ DEBUG(2,("map_user_info: Cracknames of account '%s' -> unknown error %u\n",
+ user_info->client.account_name, info1.status));
+ talloc_free(tmp_ctx);
+ return NT_STATUS_NO_SUCH_USER;
+ }
+ /* info1.result_name is in DOMAIN\username
+ * form, which we need to split up into the
+ * user_info_mapped structure
+ */
+ domain = talloc_strdup(tmp_ctx, info1.result_name);
+ if (domain == NULL) {
+ talloc_free(tmp_ctx);
+ return NT_STATUS_NO_MEMORY;
+ }
+ account_name = strchr_m(domain, '\\');
+ if (account_name == NULL) {
+ DEBUG(2,("map_user_info: Cracknames of account '%s' gave invalid result '%s'\n",
+ user_info->client.account_name, info1.result_name));
+ talloc_free(tmp_ctx);
+ return NT_STATUS_NO_SUCH_USER;
+ }
+ *account_name = 0;
+ account_name = talloc_strdup(tmp_ctx, account_name+1);
+ if (account_name == NULL) {
+ talloc_free(tmp_ctx);
+ return NT_STATUS_NO_MEMORY;
+ }
+ } else {
+ char *domain_name;
+ if (user_info->client.domain_name && *user_info->client.domain_name) {
+ domain_name = talloc_asprintf(tmp_ctx, "%s\\", user_info->client.domain_name);
+ } else {
+ domain_name = talloc_strdup(tmp_ctx, default_domain);
+ }
+ if (domain_name == NULL) {
+ talloc_free(tmp_ctx);
+ return NT_STATUS_NO_MEMORY;
+ }
+ werr = DsCrackNameOneName(sam_ctx, mem_ctx, 0,
+ DRSUAPI_DS_NAME_FORMAT_NT4_ACCOUNT,
+ DRSUAPI_DS_NAME_FORMAT_NT4_ACCOUNT,
+ domain_name,
+ &info1);
+ if (!W_ERROR_IS_OK(werr)) {
+ DEBUG(2,("map_user_info: Failed cracknames of domain '%s'\n",
+ domain_name));
+ talloc_free(tmp_ctx);
+ return werror_to_ntstatus(werr);
+ }
+
+ /* we use the account_name as-is, but get the
+ * domain name from cracknames if possible */
+ account_name = talloc_strdup(mem_ctx, user_info->client.account_name);
+ if (account_name == NULL) {
+ talloc_free(tmp_ctx);
+ return NT_STATUS_NO_MEMORY;
+ }
+
+ switch (info1.status) {
+ case DRSUAPI_DS_NAME_STATUS_OK:
+ case DRSUAPI_DS_NAME_STATUS_DOMAIN_ONLY:
+ domain = talloc_strdup(tmp_ctx, info1.result_name);
+ if (domain == NULL) {
+ talloc_free(tmp_ctx);
+ return NT_STATUS_NO_MEMORY;
+ }
+ if (domain[strlen_m(domain)-1] == '\\') {
+ domain[strlen_m(domain)-1] = 0;
+ }
+ break;
+ case DRSUAPI_DS_NAME_STATUS_NOT_FOUND:
+ /* the domain is unknown - use the
+ default domain */
+ domain = talloc_strdup(tmp_ctx, default_domain);
+ break;
+ case DRSUAPI_DS_NAME_STATUS_NOT_UNIQUE:
+ DEBUG(2,("map_user_info: Cracknames of domain '%s' -> NOT_UNIQUE\n",
+ domain_name));
+ talloc_free(tmp_ctx);
+ return NT_STATUS_NO_SUCH_USER;
+ case DRSUAPI_DS_NAME_STATUS_RESOLVE_ERROR:
+ DEBUG(2,("map_user_info: Cracknames of domain '%s' -> RESOLVE_ERROR\n",
+ domain_name));
+ talloc_free(tmp_ctx);
+ return NT_STATUS_NO_SUCH_USER;
+ default:
+ DEBUG(2,("map_user_info: Cracknames of account '%s' -> unknown error %u\n",
+ domain_name, info1.status));
+ talloc_free(tmp_ctx);
+ return NT_STATUS_NO_SUCH_USER;
+ }
+ /* domain and account_name are filled in above */
+ }
git.samba.org / kai / samba.git / commitdiff