Many thanks to Alexander Bokovoy <a.bokovoy@sam-solutions.net>.

Many thanks to Alexander Bokovoy <a.bokovoy@sam-solutions.net>.
This work was sponsored by Optifacio Software Services, Inc.

Andrew Bartlett

(various e-mails announcements merged into some form of commit message below:)

This patch which adds basics of universal groups support
into Samba 3. Currently, only Winbind with RPC calls supports this, ADS
support requires additional (possibly huge) work on KRB5 PAC. However,
basic infrastructure is here.

This patch adds:

1. Storing of universal groups for particular user logged into Samba
software (smbd/ two winbind-pam methods) into netlogon_unigrp.tdb as array
of uint32 supplemental group rids keyed as DOMAIN_SID/USER_RID in tdb.

2. Fetching of unversal groups for given user rid and domain sid from
netlogon_unigrp.tdb.

Since this is used in both smbd and winbindd, main code is in
source/lib/netlogon_uingrp.c. Dependencies are added to AUTH_OBJ as
UNIGRP_OBJ and WINBINDD_OBJ as UNIGRP_OBJ.

This patch has had a few versions, the final version in particular:

Many thanks to Andrew Bartlett for critics and comments, and partly
rewritten code.

New:
- updated fetching code to changed byte order macros
- moved functions to proper namespace
- optimized memory usage by reusing caller's memory context
- enhanced code to more follow Samba coding rules

Todo:
- proper universal group expiration after timeout
(This used to be commit 80c2aefbe7c1aa363dd286a47d50c5d8b4595f43)