#include "../librpc/gen_ndr/drsblobs.h"
#include "../librpc/gen_ndr/ndr_drsblobs.h"
#include "../librpc/gen_ndr/idmap.h"
-#include "memcache.h"
+#include "../lib/util/memcache.h"
#include "nsswitch/winbind_client.h"
#include "../libcli/security/security.h"
#include "../lib/util/util_pw.h"
#include "passdb/pdb_secrets.h"
+#include "lib/util_sid_passdb.h"
+#include "idmap_cache.h"
#undef DBGC_CLASS
#define DBGC_CLASS DBGC_PASSDB
{
struct passwd *pwd;
NTSTATUS result;
- const char *guestname = lp_guestaccount();
+ const char *guestname = lp_guest_account();
pwd = Get_Pwnam_alloc(talloc_tos(), guestname);
if (pwd == NULL) {
fstring name2;
if ((acb_info & ACB_NORMAL) && name[strlen(name)-1] != '$') {
- add_script = lp_adduser_script(tmp_ctx);
+ add_script = lp_add_user_script(tmp_ctx);
} else {
- add_script = lp_addmachine_script(tmp_ctx);
+ add_script = lp_add_machine_script(tmp_ctx);
}
if (!add_script || add_script[0] == '\0') {
return -1;
}
- del_script = lp_deluser_script(talloc_tos());
+ del_script = lp_delete_user_script(talloc_tos());
if (!del_script || !*del_script) {
return -1;
}
bool pdb_uid_to_sid(uid_t uid, struct dom_sid *sid)
{
struct pdb_methods *pdb = pdb_get_methods();
- return pdb->uid_to_sid(pdb, uid, sid);
+ bool ret;
+
+ ret = pdb->uid_to_sid(pdb, uid, sid);
+
+ if (ret == true) {
+ struct unixid id;
+ id.id = uid;
+ id.type = ID_TYPE_UID;
+ idmap_cache_set_sid2unixid(sid, &id);
+ }
+
+ return ret;
}
bool pdb_gid_to_sid(gid_t gid, struct dom_sid *sid)
{
struct pdb_methods *pdb = pdb_get_methods();
- return pdb->gid_to_sid(pdb, gid, sid);
+ bool ret;
+
+ ret = pdb->gid_to_sid(pdb, gid, sid);
+
+ if (ret == true) {
+ struct unixid id;
+ id.id = gid;
+ id.type = ID_TYPE_GID;
+ idmap_cache_set_sid2unixid(sid, &id);
+ }
+
+ return ret;
}
bool pdb_sid_to_id(const struct dom_sid *sid, struct unixid *id)
{
struct pdb_methods *pdb = pdb_get_methods();
- return pdb->sid_to_id(pdb, sid, id);
+ bool ret;
+
+ /* only ask the backend if it is responsible */
+ if (!sid_check_object_is_for_passdb(sid)) {
+ return false;
+ }
+
+ ret = pdb->sid_to_id(pdb, sid, id);
+
+ if (ret == true) {
+ idmap_cache_set_sid2unixid(sid, id);
+ }
+
+ return ret;
}
uint32_t pdb_capabilities(void)
id->id = uid;
break;
default:
- DEBUG(5, ("SID %s is our domain, but is not mapped to a user or group (got %d)\n",
+ DEBUG(5, ("SID %s belongs to our domain, and "
+ "an object exists in the database, "
+ "but it is neither a user nor a "
+ "group (got type %d).\n",
sid_string_dbg(sid), type));
ret = false;
}
} else {
- DEBUG(5, ("SID %s is or domain, but is unmapped\n",
+ DEBUG(5, ("SID %s belongs to our domain, but there is "
+ "no corresponding object in the database.\n",
sid_string_dbg(sid)));
}
goto done;
return NULL;
}
+/*****************************************************************
+ UPN suffixes
+ *****************************************************************/
+static NTSTATUS pdb_default_enum_upn_suffixes(struct pdb_methods *pdb,
+ TALLOC_CTX *mem_ctx,
+ uint32_t *num_suffixes,
+ char ***suffixes)
+{
+ return NT_STATUS_NOT_IMPLEMENTED;
+}
+
+static NTSTATUS pdb_default_set_upn_suffixes(struct pdb_methods *pdb,
+ uint32_t num_suffixes,
+ const char **suffixes)
+{
+ return NT_STATUS_NOT_IMPLEMENTED;
+}
+
+NTSTATUS pdb_enum_upn_suffixes(TALLOC_CTX *mem_ctx,
+ uint32_t *num_suffixes,
+ char ***suffixes)
+{
+ struct pdb_methods *pdb = pdb_get_methods();
+ return pdb->enum_upn_suffixes(pdb, mem_ctx, num_suffixes, suffixes);
+}
+
+NTSTATUS pdb_set_upn_suffixes(uint32_t num_suffixes,
+ const char **suffixes)
+{
+ struct pdb_methods *pdb = pdb_get_methods();
+ return pdb->set_upn_suffixes(pdb, num_suffixes, suffixes);
+}
+
+/*******************************************************************
+ idmap control methods
+ *******************************************************************/
+static bool pdb_default_is_responsible_for_our_sam(
+ struct pdb_methods *methods)
+{
+ return true;
+}
+
+static bool pdb_default_is_responsible_for_builtin(
+ struct pdb_methods *methods)
+{
+ return true;
+}
+
+static bool pdb_default_is_responsible_for_wellknown(
+ struct pdb_methods *methods)
+{
+ return false;
+}
+
+static bool pdb_default_is_responsible_for_unix_users(
+ struct pdb_methods *methods)
+{
+ return true;
+}
+
+static bool pdb_default_is_responsible_for_unix_groups(
+ struct pdb_methods *methods)
+{
+ return true;
+}
+
+static bool pdb_default_is_responsible_for_everything_else(
+ struct pdb_methods *methods)
+{
+ return false;
+}
+
+bool pdb_is_responsible_for_our_sam(void)
+{
+ struct pdb_methods *pdb = pdb_get_methods();
+ return pdb->is_responsible_for_our_sam(pdb);
+}
+
+bool pdb_is_responsible_for_builtin(void)
+{
+ struct pdb_methods *pdb = pdb_get_methods();
+ return pdb->is_responsible_for_builtin(pdb);
+}
+
+bool pdb_is_responsible_for_wellknown(void)
+{
+ struct pdb_methods *pdb = pdb_get_methods();
+ return pdb->is_responsible_for_wellknown(pdb);
+}
+
+bool pdb_is_responsible_for_unix_users(void)
+{
+ struct pdb_methods *pdb = pdb_get_methods();
+ return pdb->is_responsible_for_unix_users(pdb);
+}
+
+bool pdb_is_responsible_for_unix_groups(void)
+{
+ struct pdb_methods *pdb = pdb_get_methods();
+ return pdb->is_responsible_for_unix_groups(pdb);
+}
+
+bool pdb_is_responsible_for_everything_else(void)
+{
+ struct pdb_methods *pdb = pdb_get_methods();
+ return pdb->is_responsible_for_everything_else(pdb);
+}
+
/*******************************************************************
secret methods
*******************************************************************/
(*methods)->set_secret = pdb_default_set_secret;
(*methods)->delete_secret = pdb_default_delete_secret;
+ (*methods)->enum_upn_suffixes = pdb_default_enum_upn_suffixes;
+ (*methods)->set_upn_suffixes = pdb_default_set_upn_suffixes;
+
+ (*methods)->is_responsible_for_our_sam =
+ pdb_default_is_responsible_for_our_sam;
+ (*methods)->is_responsible_for_builtin =
+ pdb_default_is_responsible_for_builtin;
+ (*methods)->is_responsible_for_wellknown =
+ pdb_default_is_responsible_for_wellknown;
+ (*methods)->is_responsible_for_unix_users =
+ pdb_default_is_responsible_for_unix_users;
+ (*methods)->is_responsible_for_unix_groups =
+ pdb_default_is_responsible_for_unix_groups;
+ (*methods)->is_responsible_for_everything_else =
+ pdb_default_is_responsible_for_everything_else;
+
return NT_STATUS_OK;
}