Another patch from metze, towards his work on sam_ads.
authorAndrew Bartlett <abartlet@samba.org>
Wed, 25 Sep 2002 09:40:45 +0000 (09:40 +0000)
committerAndrew Bartlett <abartlet@samba.org>
Wed, 25 Sep 2002 09:40:45 +0000 (09:40 +0000)
See mx-ldap.sf.net for his current progress.
(This used to be commit 9c62d1312fdf0aa7b1978e8bbb56fc076ba7e9d0)

source3/include/ads.h
source3/include/sam.h
source3/libads/ads_utils.c
source3/libads/ldap.c

index 875b895e49351d2df652354f6ff05d298e69de87..0181ae535e02e4560f2c3a0a2083655a71b7211d 100644 (file)
@@ -134,6 +134,7 @@ typedef void **ADS_MODLIST;
 #define ADS_PAGE_CTL_OID "1.2.840.113556.1.4.319"
 #define ADS_NO_REFERRALS_OID "1.2.840.113556.1.4.1339"
 #define ADS_SERVER_SORT_OID "1.2.840.113556.1.4.473"
+#define ADS_PERMIT_MODIFY_OID "1.2.840.113556.1.4.1413"
 
 /* UserFlags for userAccountControl */
 #define UF_SCRIPT                              0x00000001
@@ -163,7 +164,7 @@ typedef void **ADS_MODLIST;
 
 #define UF_NOT_DELEGATED                       0x00100000
 #define UF_USE_DES_KEY_ONLY                    0x00200000
-#define UF_DONT_REQUIRE_PREAUTH                0x00400000
+#define UF_DONT_REQUIRE_PREAUTH                        0x00400000
 #define UF_UNUSED_5                            0x00800000
 
 #define UF_UNUSED_6                            0x01000000
@@ -210,11 +211,11 @@ typedef void **ADS_MODLIST;
 
 /* sAMAccountType */
 #define ATYPE_NORMAL_ACCOUNT                   0x30000000 /* 805306368 */
-#define ATYPE_WORKSTATION_TRUST                0x30000001 /* 805306369 */
-#define ATYPE_INTERDOMAIN_TRUST                0x30000002 /* 805306370 */ 
+#define ATYPE_WORKSTATION_TRUST                        0x30000001 /* 805306369 */
+#define ATYPE_INTERDOMAIN_TRUST                        0x30000002 /* 805306370 */ 
 #define ATYPE_SECURITY_GLOBAL_GROUP            0x10000000 /* 268435456 */
-#define ATYPE_DISTRIBUTION_GLOBAL_GROUP        0x10000001 /* 268435457 */
-#define ATYPE_DISTRIBUTION_UNIVERSAL_GROUP     AT_DISTRIBUTION_GLOBAL_GROUP
+#define ATYPE_DISTRIBUTION_GLOBAL_GROUP                0x10000001 /* 268435457 */
+#define ATYPE_DISTRIBUTION_UNIVERSAL_GROUP     ATYPE_DISTRIBUTION_GLOBAL_GROUP
 #define ATYPE_SECURITY_LOCAL_GROUP             0x20000000 /* 536870912 */
 #define ATYPE_DISTRIBUTION_LOCAL_GROUP         0x20000001 /* 536870913 */
 
@@ -226,7 +227,7 @@ typedef void **ADS_MODLIST;
 #define GTYPE_SECURITY_BUILTIN_LOCAL_GROUP     0x80000005      /* -2147483643 */
 #define GTYPE_SECURITY_DOMAIN_LOCAL_GROUP      0x80000004      /* -2147483644 */
 #define GTYPE_SECURITY_GLOBAL_GROUP            0x80000002      /* -2147483646 */
-#define GTYPE_DISTRIBUTION_GLOBAL_GROUP        0x00000002      /* 2 */
+#define GTYPE_DISTRIBUTION_GLOBAL_GROUP                0x00000002      /* 2 */
 #define GTYPE_DISTRIBUTION_DOMAIN_LOCAL_GROUP  0x00000004      /* 4 */
 #define GTYPE_DISTRIBUTION_UNIVERSAL_GROUP     0x00000008      /* 8 */
 
index 4d18ec61b9645fd07d7d8f58ae2273ce5c1525f8..2157a370652600210f3f54f48468e89b14ad3f44 100644 (file)
@@ -152,10 +152,10 @@ typedef struct sam_group_enum {
 
 
 /* bits for group_ctrl: to spezify if the group is global group or alias */
-#define GCB_LOCAL_GROUP        0x0001
-#define GCB_ALIAS_GROUP        GCB_LOCAL_GROUP
+#define GCB_LOCAL_GROUP                0x0001
+#define GCB_ALIAS_GROUP                (GCB_LOCAL_GROUP |GCB_BUILTIN)
 #define GCB_GLOBAL_GROUP       0x0002
-
+#define GCB_BUILTIN            0x1000
 
 typedef struct sam_context 
 {
index 1789193d7ee570e1ad207ddabdd785c6312116e7..fc8a27002114901182a0d3910c05cb9ec09b0c70 100644 (file)
@@ -46,7 +46,9 @@ uint32 ads_acb2uf(uint16 acb)
        return uf;
 }
 
-/* translated the UserFlags (userAccountControl) to ACB_CTRL Flags */
+/*
+translated the UserFlags (userAccountControl) to ACB_CTRL Flags
+*/
 uint16 ads_uf2acb(uint32 uf)
 {
        uint16 acb = 0x0000;
@@ -72,4 +74,98 @@ uint16 ads_uf2acb(uint32 uf)
        return acb;
 }
 
+/* 
+get the accountType from the UserFlags
+*/
+uint32 ads_uf2atype(uint32 uf)
+{
+       uint32 atype = 0x00000000;
+               
+       if (uf & UF_NORMAL_ACCOUNT)                     atype = ATYPE_NORMAL_ACCOUNT;
+       else if (uf & UF_TEMP_DUPLICATE_ACCOUNT)        atype = ATYPE_NORMAL_ACCOUNT;
+       else if (uf & UF_SERVER_TRUST_ACCOUNT)          atype = ATYPE_WORKSTATION_TRUST;
+       else if (uf & UF_WORKSTATION_TRUST_ACCOUNT)     atype = ATYPE_WORKSTATION_TRUST;
+       else if (uf & UF_INTERDOMAIN_TRUST_ACCOUNT)     atype = ATYPE_INTERDOMAIN_TRUST;
+
+       return atype;
+} 
+
+/* 
+translated the GROUP_CTRL Flags to GroupType (groupType) 
+*/ 
+uint32 ads_gcb2gtype(uint16 gcb)
+{
+       uint32 gtype = 0x00000000;
+
+       if (gcb & GCB_ALIAS_GROUP)      gtype |= GTYPE_SECURITY_BUILTIN_LOCAL_GROUP;
+       else if(gcb & GCB_LOCAL_GROUP)  gtype |= GTYPE_SECURITY_DOMAIN_LOCAL_GROUP;
+       if (gcb & GCB_GLOBAL_GROUP)     gtype |= GTYPE_SECURITY_GLOBAL_GROUP;
+               
+       return gtype;
+}
+
+/*
+translated the GroupType (groupType) to GROUP_CTRL Flags
+*/
+uint16 ads_gtype2gcb(uint32 gtype)
+{
+       uint16 gcb = 0x0000;
+
+       switch(gtype) {
+               case GTYPE_SECURITY_BUILTIN_LOCAL_GROUP:
+                       gcb = GCB_ALIAS_GROUP;
+                       break;
+               case GTYPE_SECURITY_DOMAIN_LOCAL_GROUP:
+                       gcb = GCB_LOCAL_GROUP;
+                       break;
+               case GTYPE_SECURITY_GLOBAL_GROUP:
+                       gcb = GCB_GLOBAL_GROUP;
+                       break;
+
+               case GTYPE_DISTRIBUTION_GLOBAL_GROUP:
+                       gcb = GCB_GLOBAL_GROUP;
+                       break;
+               case GTYPE_DISTRIBUTION_DOMAIN_LOCAL_GROUP:
+                       gcb = GCB_LOCAL_GROUP;
+                       break;
+               case GTYPE_DISTRIBUTION_UNIVERSAL_GROUP:
+                       gcb = GCB_GLOBAL_GROUP;
+                       break;
+       }
+       
+       return gcb;
+}
+
+/* 
+get the accountType from the groupType
+*/
+uint32 ads_gtype2atype(uint32 gtype)
+{
+       uint32 atype = 0x00000000;
+       
+       switch(gtype) {
+               case GTYPE_SECURITY_BUILTIN_LOCAL_GROUP:
+                       atype = ATYPE_SECURITY_LOCAL_GROUP;
+                       break;
+               case GTYPE_SECURITY_DOMAIN_LOCAL_GROUP:
+                       atype = ATYPE_SECURITY_LOCAL_GROUP;
+                       break;
+               case GTYPE_SECURITY_GLOBAL_GROUP:
+                       atype = ATYPE_SECURITY_GLOBAL_GROUP;
+                       break;
+       
+               case GTYPE_DISTRIBUTION_GLOBAL_GROUP:
+                       atype = ATYPE_DISTRIBUTION_GLOBAL_GROUP;
+                       break;
+               case GTYPE_DISTRIBUTION_DOMAIN_LOCAL_GROUP:
+                       atype = ATYPE_DISTRIBUTION_UNIVERSAL_GROUP;
+                       break;
+               case GTYPE_DISTRIBUTION_UNIVERSAL_GROUP:
+                       atype = ATYPE_DISTRIBUTION_LOCAL_GROUP;
+                       break;
+       }
+
+       return atype;
+}
+
 #endif
index 385a9bd93f90e326d4ab79d410c11485363f1009..7a0afb1a8167d29d6920b6f70f60495facdfd76f 100644 (file)
@@ -890,7 +890,7 @@ ADS_STATUS ads_gen_mod(ADS_STRUCT *ads, const char *mod_dn, ADS_MODLIST mods)
           non-existent attribute (but allowable for the object) to run
        */
        LDAPControl PermitModify = {
-               "1.2.840.113556.1.4.1413",
+               ADS_PERMIT_MODIFY_OID,
                {0, NULL},
                (char) 1};
        LDAPControl *controls[2];