2 Unix SMB/CIFS implementation.
4 Winbind daemon for ntdom nss module
6 Copyright (C) Tim Potter 2000
8 You are free to use this interface definition in any way you see
9 fit, including without restriction, using this header in your own
10 products. You do not need to give any attribution.
15 #define CONST_DISCARD(type, ptr) ((type) ((void *) (ptr)))
19 #define CONST_ADD(type, ptr) ((type) ((const void *) (ptr)))
23 #define SAFE_FREE(x) do { if(x) {free(x); x=NULL;} } while(0)
26 #ifndef _WINBINDD_NTDOM_H
27 #define _WINBINDD_NTDOM_H
29 #define WINBINDD_SOCKET_NAME "pipe" /* Name of PF_UNIX socket */
30 #ifndef WINBINDD_SOCKET_DIR
31 #define WINBINDD_SOCKET_DIR "/tmp/.winbindd" /* Name of PF_UNIX dir */
33 #define WINBINDD_PRIV_SOCKET_SUBDIR "winbindd_privileged" /* name of subdirectory of lp_lockdir() to hold the 'privileged' pipe */
34 #define WINBINDD_DOMAIN_ENV "WINBINDD_DOMAIN" /* Environment variables */
35 #define WINBINDD_DONT_ENV "_NO_WINBINDD"
37 typedef char winbind_string[256];
38 #define winbind_strcpy(d,s) safe_strcpy((d),(s),sizeof(winbind_string));
40 /* Update this when you change the interface. */
42 #define WINBIND_INTERFACE_VERSION 11
48 WINBINDD_INTERFACE_VERSION, /* Always a well known value */
50 /* Get users and groups */
58 /* Enumerate users and groups */
67 /* PAM authenticate and password change */
70 WINBINDD_PAM_AUTH_CRAP,
71 WINBINDD_PAM_CHAUTHTOK,
73 /* List various things */
75 WINBINDD_LIST_USERS, /* List w/o rid->id mapping */
76 WINBINDD_LIST_GROUPS, /* Ditto */
77 WINBINDD_LIST_TRUSTDOM,
84 /* Lookup functions */
90 WINBINDD_ALLOCATE_RID,
91 WINBINDD_ALLOCATE_RID_AND_GID,
93 /* Miscellaneous other stuff */
95 WINBINDD_CHECK_MACHACC, /* Check machine account pw works */
96 WINBINDD_PING, /* Just tell me winbind is running */
97 WINBINDD_INFO, /* Various bit of info. Currently just tidbits */
98 WINBINDD_DOMAIN_NAME, /* The domain this winbind server is a member of (lp_workgroup()) */
100 WINBINDD_DOMAIN_INFO, /* Most of what we know from
101 struct winbindd_domain */
102 WINBINDD_GETDCNAME, /* Issue a GetDCName Request */
104 WINBINDD_SHOW_SEQUENCE, /* display sequence numbers of domains */
109 WINBINDD_WINS_BYNAME,
111 /* this is like GETGRENT but gives an empty group list */
114 WINBINDD_NETBIOS_NAME, /* The netbios name of the server */
116 /* find the location of our privileged pipe */
117 WINBINDD_PRIV_PIPE_DIR,
119 /* return a list of group sids for a user sid */
120 WINBINDD_GETUSERSIDS,
122 /* Return the domain groups a user is in */
123 WINBINDD_GETUSERDOMGROUPS,
125 /* Initialize connection in a child */
126 WINBINDD_INIT_CONNECTION,
128 /* Blocking calls that are not allowed on the main winbind pipe, only
129 * between parent and children */
130 WINBINDD_DUAL_SID2UID,
131 WINBINDD_DUAL_SID2GID,
132 WINBINDD_DUAL_IDMAPSET,
134 /* Wrapper around possibly blocking unix nss calls */
135 WINBINDD_DUAL_UID2NAME,
136 WINBINDD_DUAL_NAME2UID,
137 WINBINDD_DUAL_GID2NAME,
138 WINBINDD_DUAL_NAME2GID,
140 WINBINDD_DUAL_USERINFO,
141 WINBINDD_DUAL_GETSIDALIASES,
146 typedef struct winbindd_pw {
147 winbind_string pw_name;
148 winbind_string pw_passwd;
151 winbind_string pw_gecos;
152 winbind_string pw_dir;
153 winbind_string pw_shell;
157 typedef struct winbindd_gr {
158 winbind_string gr_name;
159 winbind_string gr_passwd;
162 int gr_mem_ofs; /* offset to group membership */
167 #define WBFLAG_PAM_INFO3_NDR 0x0001
168 #define WBFLAG_PAM_INFO3_TEXT 0x0002
169 #define WBFLAG_PAM_USER_SESSION_KEY 0x0004
170 #define WBFLAG_PAM_LMKEY 0x0008
171 #define WBFLAG_PAM_CONTACT_TRUSTDOM 0x0010
172 #define WBFLAG_QUERY_ONLY 0x0020
173 #define WBFLAG_ALLOCATE_RID 0x0040
174 #define WBFLAG_PAM_UNIX_NAME 0x0080
175 #define WBFLAG_PAM_AFS_TOKEN 0x0100
176 #define WBFLAG_PAM_NT_STATUS_SQUASH 0x0200
178 /* This is a flag that can only be sent from parent to child */
179 #define WBFLAG_IS_PRIVILEGED 0x0400
180 /* Flag to say this is a winbindd internal send - don't recurse. */
181 #define WBFLAG_RECURSE 0x0800
183 /* Winbind request structure */
185 struct winbindd_request {
187 enum winbindd_cmd cmd; /* Winbindd command to execute */
188 pid_t pid; /* pid of calling process */
189 uint32_t flags; /* flags relavant to a given request */
190 winbind_string domain_name; /* name of domain for which the request applies */
193 winbind_string winsreq; /* WINS request */
194 winbind_string username; /* getpwnam */
195 winbind_string groupname; /* getgrnam */
196 uid_t uid; /* getpwuid, uid_to_sid */
197 gid_t gid; /* getgrgid, gid_to_sid */
199 /* We deliberatedly don't split into domain/user to
200 avoid having the client know what the separator
204 winbind_string require_membership_of_sid;
205 } auth; /* pam_winbind auth module */
207 unsigned char chal[8];
208 uint32_t logon_parameters;
210 winbind_string domain;
211 winbind_string lm_resp;
212 uint16_t lm_resp_len;
213 winbind_string nt_resp;
214 uint16_t nt_resp_len;
215 winbind_string workstation;
216 winbind_string require_membership_of_sid;
220 winbind_string oldpass;
221 winbind_string newpass;
222 } chauthtok; /* pam_winbind passwd module */
223 winbind_string sid; /* lookupsid, sid_to_[ug]id */
225 winbind_string dom_name; /* lookupname */
228 uint32_t num_entries; /* getpwent, getgrent */
230 winbind_string username;
231 winbind_string groupname;
235 winbind_string dcname;
254 /* Response values */
256 enum winbindd_result {
262 /* Winbind response structure */
264 struct winbindd_response {
266 /* Header information */
268 uint32_t length; /* Length of response */
269 enum winbindd_result result; /* Result code */
271 /* Fixed length return data */
274 int interface_version; /* Try to ensure this is always in the same spot... */
276 winbind_string winsresp; /* WINS response */
278 /* getpwnam, getpwuid */
280 struct winbindd_pw pw;
282 /* getgrnam, getgrgid */
284 struct winbindd_gr gr;
286 uint32_t num_entries; /* getpwent, getgrent */
287 struct winbindd_sid {
288 winbind_string sid; /* lookupname, [ug]id_to_sid */
291 struct winbindd_name {
292 winbind_string dom_name; /* lookupsid */
296 uid_t uid; /* sid_to_uid */
297 gid_t gid; /* sid_to_gid */
298 struct winbindd_info {
299 char winbind_separator;
300 winbind_string samba_version;
302 winbind_string domain_name;
303 winbind_string netbios_name;
304 winbind_string dc_name;
308 winbind_string nt_status_string;
309 winbind_string error_string;
311 char user_session_key[16];
312 char first_8_lm_hash[8];
314 uint32_t rid; /* create user or group or allocate rid */
321 winbind_string alt_name;
324 BOOL active_directory;
326 uint32_t sequence_number;
329 winbind_string acct_name;
330 winbind_string full_name;
331 winbind_string homedir;
332 winbind_string shell;
337 /* Variable length return data */
339 void *extra_data; /* getgrnam, getgrgid, getgrent */