source3/winbindd/winbindd_reconnect_ads.c

   1 /*
   2    Unix SMB/CIFS implementation.
   3
   4    Wrapper around winbindd_ads.c to centralize retry logic.
   5    Copyright (C) Christof Schmitt 2016
   6
   7    Based on winbindd_reconnect.c
   8    Copyright (C) Volker Lendecke 2005
   9
  10    This program is free software; you can redistribute it and/or modify
  11    it under the terms of the GNU General Public License as published by
  12    the Free Software Foundation; either version 3 of the License, or
  13    (at your option) any later version.
  14
  15    This program is distributed in the hope that it will be useful,
  16    but WITHOUT ANY WARRANTY; without even the implied warranty of
  17    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
  18    GNU General Public License for more details.
  19
  20    You should have received a copy of the GNU General Public License
  21    along with this program.  If not, see <http://www.gnu.org/licenses/>.
  22 */
  23
  24 #include "includes.h"
  25 #include "winbindd.h"
  26
  27 #ifdef HAVE_ADS
  28
  29 #undef DBGC_CLASS
  30 #define DBGC_CLASS DBGC_WINBIND
  31
  32 extern struct winbindd_methods ads_methods;
  33
  34 /* List all users */
  35 static NTSTATUS query_user_list(struct winbindd_domain *domain,
  36                                 TALLOC_CTX *mem_ctx,
  37                                 uint32_t *num_entries,
  38                                 struct wbint_userinfo **info)
  39 {
  40         NTSTATUS result;
  41
  42         result = ads_methods.query_user_list(domain, mem_ctx,
  43                                              num_entries, info);
  44
  45         if (reconnect_need_retry(result, domain)) {
  46                 result = ads_methods.query_user_list(domain, mem_ctx,
  47                                                      num_entries, info);
  48         }
  49
  50         return result;
  51 }
  52
  53 /* list all domain groups */
  54 static NTSTATUS enum_dom_groups(struct winbindd_domain *domain,
  55                                 TALLOC_CTX *mem_ctx,
  56                                 uint32_t *num_entries,
  57                                 struct wb_acct_info **info)
  58 {
  59         NTSTATUS result;
  60
  61         result = ads_methods.enum_dom_groups(domain, mem_ctx,
  62                                              num_entries, info);
  63
  64         if (reconnect_need_retry(result, domain)) {
  65                 result = ads_methods.enum_dom_groups(domain, mem_ctx,
  66                                                      num_entries, info);
  67         }
  68
  69         return result;
  70 }
  71
  72 /* List all domain groups */
  73 static NTSTATUS enum_local_groups(struct winbindd_domain *domain,
  74                                   TALLOC_CTX *mem_ctx,
  75                                   uint32_t *num_entries,
  76                                   struct wb_acct_info **info)
  77 {
  78         NTSTATUS result;
  79
  80         result = ads_methods.enum_local_groups(domain, mem_ctx,
  81                                                num_entries, info);
  82
  83         if (reconnect_need_retry(result, domain)) {
  84                 result = ads_methods.enum_local_groups(domain, mem_ctx,
  85                                                        num_entries, info);
  86         }
  87
  88         return result;
  89 }
  90
  91 /* convert a single name to a sid in a domain */
  92 static NTSTATUS name_to_sid(struct winbindd_domain *domain,
  93                             TALLOC_CTX *mem_ctx,
  94                             const char *domain_name,
  95                             const char *name,
  96                             uint32_t flags,
  97                             struct dom_sid *sid,
  98                             enum lsa_SidType *type)
  99 {
 100         NTSTATUS result;
 101
 102         result = ads_methods.name_to_sid(domain, mem_ctx, domain_name, name,
 103                                          flags, sid, type);
 104
 105         if (reconnect_need_retry(result, domain)) {
 106                 result = ads_methods.name_to_sid(domain, mem_ctx,
 107                                                  domain_name, name, flags,
 108                                                  sid, type);
 109         }
 110
 111         return result;
 112 }
 113
 114 /*
 115   convert a domain SID to a user or group name
 116 */
 117 static NTSTATUS sid_to_name(struct winbindd_domain *domain,
 118                             TALLOC_CTX *mem_ctx,
 119                             const struct dom_sid *sid,
 120                             char **domain_name,
 121                             char **name,
 122                             enum lsa_SidType *type)
 123 {
 124         NTSTATUS result;
 125
 126         result = ads_methods.sid_to_name(domain, mem_ctx, sid,
 127                                          domain_name, name, type);
 128
 129         if (reconnect_need_retry(result, domain))
 130                 result = ads_methods.sid_to_name(domain, mem_ctx, sid,
 131                                                  domain_name, name, type);
 132
 133         return result;
 134 }
 135
 136 static NTSTATUS rids_to_names(struct winbindd_domain *domain,
 137                               TALLOC_CTX *mem_ctx,
 138                               const struct dom_sid *sid,
 139                               uint32_t *rids,
 140                               size_t num_rids,
 141                               char **domain_name,
 142                               char ***names,
 143                               enum lsa_SidType **types)
 144 {
 145         NTSTATUS result;
 146
 147         result = ads_methods.rids_to_names(domain, mem_ctx, sid,
 148                                            rids, num_rids,
 149                                            domain_name, names, types);
 150         if (reconnect_need_retry(result, domain)) {
 151                 result = ads_methods.rids_to_names(domain, mem_ctx, sid,
 152                                                    rids, num_rids, domain_name,
 153                                                    names, types);
 154         }
 155
 156         return result;
 157 }
 158
 159 static NTSTATUS lookup_useraliases(struct winbindd_domain *domain,
 160                                    TALLOC_CTX *mem_ctx,
 161                                    uint32_t num_sids,
 162                                    const struct dom_sid *sids,
 163                                    uint32_t *num_aliases, uint32_t **alias_rids)
 164 {
 165         NTSTATUS result;
 166
 167         result = ads_methods.lookup_useraliases(domain, mem_ctx, num_sids, sids,
 168                                                 num_aliases, alias_rids);
 169
 170         if (reconnect_need_retry(result, domain)) {
 171                 result = ads_methods.lookup_useraliases(domain, mem_ctx,
 172                                                         num_sids, sids,
 173                                                         num_aliases,
 174                                                         alias_rids);
 175         }
 176
 177         return result;
 178 }
 179
 180 /* Lookup group membership given a rid.   */
 181 static NTSTATUS lookup_groupmem(struct winbindd_domain *domain,
 182                                 TALLOC_CTX *mem_ctx,
 183                                 const struct dom_sid *group_sid,
 184                                 enum lsa_SidType type,
 185                                 uint32_t *num_names,
 186                                 struct dom_sid **sid_mem, char ***names,
 187                                 uint32_t **name_types)
 188 {
 189         NTSTATUS result;
 190
 191         result = ads_methods.lookup_groupmem(domain, mem_ctx, group_sid, type,
 192                                              num_names, sid_mem, names,
 193                                              name_types);
 194
 195         if (reconnect_need_retry(result, domain)) {
 196                 result = ads_methods.lookup_groupmem(domain, mem_ctx, group_sid,
 197                                                      type, num_names, sid_mem,
 198                                                      names, name_types);
 199         }
 200
 201         return result;
 202 }
 203
 204 /* find the sequence number for a domain */
 205 static NTSTATUS sequence_number(struct winbindd_domain *domain, uint32_t *seq)
 206 {
 207         NTSTATUS result;
 208
 209         result = ads_methods.sequence_number(domain, seq);
 210
 211         if (reconnect_need_retry(result, domain)) {
 212                 result = ads_methods.sequence_number(domain, seq);
 213         }
 214
 215         return result;
 216 }
 217
 218 /* find the lockout policy of a domain */
 219 static NTSTATUS lockout_policy(struct winbindd_domain *domain,
 220                                TALLOC_CTX *mem_ctx,
 221                                struct samr_DomInfo12 *policy)
 222 {
 223         NTSTATUS result;
 224
 225         result = ads_methods.lockout_policy(domain, mem_ctx, policy);
 226
 227         if (reconnect_need_retry(result, domain)) {
 228                 result = ads_methods.lockout_policy(domain, mem_ctx, policy);
 229         }
 230
 231         return result;
 232 }
 233
 234 /* find the password policy of a domain */
 235 static NTSTATUS password_policy(struct winbindd_domain *domain,
 236                                 TALLOC_CTX *mem_ctx,
 237                                 struct samr_DomInfo1 *policy)
 238 {
 239         NTSTATUS result;
 240
 241         result = ads_methods.password_policy(domain, mem_ctx, policy);
 242
 243         if (reconnect_need_retry(result, domain)) {
 244                 result = ads_methods.password_policy(domain, mem_ctx, policy);
 245         }
 246
 247         return result;
 248 }
 249
 250 /* get a list of trusted domains */
 251 static NTSTATUS trusted_domains(struct winbindd_domain *domain,
 252                                 TALLOC_CTX *mem_ctx,
 253                                 struct netr_DomainTrustList *trusts)
 254 {
 255         NTSTATUS result;
 256
 257         result = ads_methods.trusted_domains(domain, mem_ctx, trusts);
 258
 259         if (reconnect_need_retry(result, domain)) {
 260                 result = ads_methods.trusted_domains(domain, mem_ctx, trusts);
 261         }
 262
 263         return result;
 264 }
 265
 266 /* the rpc backend methods are exposed via this structure */
 267 struct winbindd_methods reconnect_ads_methods = {
 268         true,
 269         query_user_list,
 270         enum_dom_groups,
 271         enum_local_groups,
 272         name_to_sid,
 273         sid_to_name,
 274         rids_to_names,
 275         lookup_useraliases,
 276         lookup_groupmem,
 277         sequence_number,
 278         lockout_policy,
 279         password_policy,
 280         trusted_domains,
 281 };
 282
 283 #endif