@$(SHELL) $(srcdir)/script/installmodules.sh $(INSTALLPERMS_BIN) $(DESTDIR) $(prefix) $(GPEXTLIBDIR) $(GPEXT_MODULES)
@$(SHELL) $(srcdir)/script/installmodules.sh $(INSTALLPERMS_BIN) $(DESTDIR) $(prefix) $(PERFCOUNTLIBDIR) $(PERFCOUNT_MODULES)
@$(SHELL) $(srcdir)/script/linkmodules.sh $(DESTDIR)$(PDBLIBDIR) ldapsam.@SHLIBEXT@ NDS_ldapsam.@SHLIBEXT@
- @$(SHELL) $(srcdir)/script/linkmodules.sh $(DESTDIR)$(PDBLIBDIR) ldapsam.@SHLIBEXT@ NDS_ldapsam_compat.@SHLIBEXT@
- @$(SHELL) $(srcdir)/script/linkmodules.sh $(DESTDIR)$(PDBLIBDIR) ldapsam.@SHLIBEXT@ ldapsam_compat.@SHLIBEXT@
@$(SHELL) $(srcdir)/script/linkmodules.sh $(DESTDIR)$(AUTHLIBDIR) rhosts.@SHLIBEXT@ hostsequiv.@SHLIBEXT@
@$(SHELL) $(srcdir)/script/linkmodules.sh $(DESTDIR)$(AUTHLIBDIR) sam.@SHLIBEXT@ sam_ignoredomain.@SHLIBEXT@
@$(SHELL) $(srcdir)/script/linkmodules.sh $(DESTDIR)$(AUTHLIBDIR) domain.@SHLIBEXT@ trustdomain.@SHLIBEXT@ ntdomain.@SHLIBEXT@
bool existed;
DATA_BLOB oldblob = data_blob_null;
- if (attribute == NULL) {
- /* This can actually happen for ldapsam_compat where we for
- * example don't have a password history */
- return;
- }
-
if (existing != NULL) {
if (op & LDAP_MOD_BVALUES) {
existed = smbldap_talloc_single_blob(talloc_tos(), ldap_struct, existing, attribute, &oldblob);
static const char* get_userattr_key2string( int schema_ver, int key )
{
switch ( schema_ver ) {
- case SCHEMAVER_SAMBAACCOUNT:
- return get_attr_key2string( attrib_map_v22, key );
-
case SCHEMAVER_SAMBASAMACCOUNT:
return get_attr_key2string( attrib_map_v30, key );
const char** get_userattr_list( TALLOC_CTX *mem_ctx, int schema_ver )
{
switch ( schema_ver ) {
- case SCHEMAVER_SAMBAACCOUNT:
- return get_attr_list( mem_ctx, attrib_map_v22 );
-
case SCHEMAVER_SAMBASAMACCOUNT:
return get_attr_list( mem_ctx, attrib_map_v30 );
default:
int schema_ver )
{
switch ( schema_ver ) {
- case SCHEMAVER_SAMBAACCOUNT:
- return get_attr_list( mem_ctx,
- attrib_map_to_delete_v22 );
-
case SCHEMAVER_SAMBASAMACCOUNT:
return get_attr_list( mem_ctx,
attrib_map_to_delete_v30 );
char *result;
switch( schema_ver ) {
- case SCHEMAVER_SAMBAACCOUNT:
- fstr_sprintf( objclass_filter, "(objectclass=%s)", LDAP_OBJ_SAMBAACCOUNT );
- break;
case SCHEMAVER_SAMBASAMACCOUNT:
fstr_sprintf( objclass_filter, "(objectclass=%s)", LDAP_OBJ_SAMBASAMACCOUNT );
break;
const struct dom_sid *user_sid = pdb_get_user_sid(sampass);
switch ( ldap_state->schema_ver ) {
- case SCHEMAVER_SAMBAACCOUNT:
- if (!sid_peek_check_rid(&ldap_state->domain_sid, user_sid, &rid)) {
- DEBUG(1, ("init_ldap_from_sam: User's SID (%s) is not for this domain (%s), cannot add to LDAP!\n",
- sid_string_dbg(user_sid),
- sid_string_dbg(
- &ldap_state->domain_sid)));
- return False;
- }
- if (asprintf(&temp, "%i", rid) < 0) {
- return false;
- }
- smbldap_make_mod(ldap_state->smbldap_state->ldap_struct, existing, mods,
- get_userattr_key2string(ldap_state->schema_ver, LDAP_ATTR_USER_RID),
- temp);
- SAFE_FREE(temp);
- break;
-
case SCHEMAVER_SAMBASAMACCOUNT:
smbldap_make_mod(ldap_state->smbldap_state->ldap_struct, existing, mods,
get_userattr_key2string(ldap_state->schema_ver, LDAP_ATTR_USER_SID),
const struct dom_sid *group_sid = pdb_get_group_sid(sampass);
switch ( ldap_state->schema_ver ) {
- case SCHEMAVER_SAMBAACCOUNT:
- if (!sid_peek_check_rid(&ldap_state->domain_sid, group_sid, &rid)) {
- DEBUG(1, ("init_ldap_from_sam: User's Primary Group SID (%s) is not for this domain (%s), cannot add to LDAP!\n",
- sid_string_dbg(group_sid),
- sid_string_dbg(
- &ldap_state->domain_sid)));
- return False;
- }
-
- if (asprintf(&temp, "%i", rid) < 0) {
- return false;
- }
- smbldap_make_mod(ldap_state->smbldap_state->ldap_struct, existing, mods,
- get_userattr_key2string(ldap_state->schema_ver,
- LDAP_ATTR_PRIMARY_GROUP_RID), temp);
- SAFE_FREE(temp);
- break;
-
case SCHEMAVER_SAMBASAMACCOUNT:
smbldap_make_mod(ldap_state->smbldap_state->ldap_struct, existing, mods,
get_userattr_key2string(ldap_state->schema_ver,
break;
}
- case SCHEMAVER_SAMBAACCOUNT:
- if (!sid_peek_check_rid(&ldap_state->domain_sid, sid, &rid)) {
- return rc;
- }
-
- attr_list = get_userattr_list(NULL,
- ldap_state->schema_ver);
- rc = ldapsam_search_suffix_by_rid(ldap_state, rid, result, attr_list );
- TALLOC_FREE( attr_list );
-
- if ( rc != LDAP_SUCCESS )
- return rc;
+ default:
+ DEBUG(0,("Invalid schema version specified\n"));
break;
}
return rc;
rc = ldapsam_delete_entry(
priv, mem_ctx, entry,
priv->schema_ver == SCHEMAVER_SAMBASAMACCOUNT ?
- LDAP_OBJ_SAMBASAMACCOUNT : LDAP_OBJ_SAMBAACCOUNT,
+ LDAP_OBJ_SAMBASAMACCOUNT : 0,
attr_list);
result = (rc == LDAP_SUCCESS) ?
goto fn_exit;
}
switch ( ldap_state->schema_ver ) {
- case SCHEMAVER_SAMBAACCOUNT:
- smbldap_set_mod(&mods, LDAP_MOD_ADD, "objectclass", LDAP_OBJ_SAMBAACCOUNT);
- break;
case SCHEMAVER_SAMBASAMACCOUNT:
smbldap_set_mod(&mods, LDAP_MOD_ADD, "objectclass", LDAP_OBJ_SAMBASAMACCOUNT);
break;
return NT_STATUS_OK;
}
-/**********************************************************************
- Initialise the 'compat' mode for pdb_ldap
- *********************************************************************/
-
-NTSTATUS pdb_init_ldapsam_compat(struct pdb_methods **pdb_method, const char *location)
-{
- NTSTATUS nt_status;
- struct ldapsam_privates *ldap_state;
- char *uri = talloc_strdup( NULL, location );
-
- trim_char( uri, '\"', '\"' );
- nt_status = pdb_init_ldapsam_common( pdb_method, uri );
- if ( uri )
- TALLOC_FREE( uri );
-
- if ( !NT_STATUS_IS_OK(nt_status) ) {
- return nt_status;
- }
-
- (*pdb_method)->name = "ldapsam_compat";
-
- ldap_state = (struct ldapsam_privates *)((*pdb_method)->private_data);
- ldap_state->schema_ver = SCHEMAVER_SAMBAACCOUNT;
-
- sid_copy(&ldap_state->domain_sid, get_global_sam_sid());
-
- return NT_STATUS_OK;
-}
-
/**********************************************************************
Initialise the normal mode for pdb_ldap
*********************************************************************/
if (!NT_STATUS_IS_OK(nt_status = smb_register_passdb(PASSDB_INTERFACE_VERSION, "ldapsam", pdb_init_ldapsam)))
return nt_status;
- if (!NT_STATUS_IS_OK(nt_status = smb_register_passdb(PASSDB_INTERFACE_VERSION, "ldapsam_compat", pdb_init_ldapsam_compat)))
- return nt_status;
-
/* Let pdb_nds register backends */
pdb_nds_init();
/* The following definitions come from passdb/pdb_ldap.c */
const char** get_userattr_list( TALLOC_CTX *mem_ctx, int schema_ver );
-NTSTATUS pdb_init_ldapsam_compat(struct pdb_methods **pdb_method, const char *location);
NTSTATUS pdb_init_ldapsam(struct pdb_methods **pdb_method, const char *location);
NTSTATUS pdb_ldap_init(void);
int ldapsam_search_suffix_by_name(struct ldapsam_privates *ldap_state,
#include "includes.h"
#include "passdb/pdb_ldap_schema.h"
-/* attributes used by Samba 2.2 */
-
-ATTRIB_MAP_ENTRY attrib_map_v22[] = {
- { LDAP_ATTR_UID, "uid" },
- { LDAP_ATTR_UIDNUMBER, LDAP_ATTRIBUTE_UIDNUMBER},
- { LDAP_ATTR_GIDNUMBER, LDAP_ATTRIBUTE_GIDNUMBER},
- { LDAP_ATTR_UNIX_HOME, "homeDirectory" },
- { LDAP_ATTR_PWD_LAST_SET, "pwdLastSet" },
- { LDAP_ATTR_PWD_CAN_CHANGE, "pwdCanChange" },
- { LDAP_ATTR_PWD_MUST_CHANGE, "pwdMustChange" },
- { LDAP_ATTR_LOGON_TIME, "logonTime" },
- { LDAP_ATTR_LOGOFF_TIME, "logoffTime" },
- { LDAP_ATTR_KICKOFF_TIME, "kickoffTime" },
- { LDAP_ATTR_CN, "cn" },
- { LDAP_ATTR_SN, "sn" },
- { LDAP_ATTR_DISPLAY_NAME, "displayName" },
- { LDAP_ATTR_HOME_PATH, "smbHome" },
- { LDAP_ATTR_HOME_DRIVE, "homeDrive" },
- { LDAP_ATTR_LOGON_SCRIPT, "scriptPath" },
- { LDAP_ATTR_PROFILE_PATH, "profilePath" },
- { LDAP_ATTR_DESC, "description" },
- { LDAP_ATTR_USER_WKS, "userWorkstations"},
- { LDAP_ATTR_USER_RID, "rid" },
- { LDAP_ATTR_PRIMARY_GROUP_RID, "primaryGroupID"},
- { LDAP_ATTR_LMPW, "lmPassword" },
- { LDAP_ATTR_NTPW, "ntPassword" },
- { LDAP_ATTR_DOMAIN, "domain" },
- { LDAP_ATTR_OBJCLASS, "objectClass" },
- { LDAP_ATTR_ACB_INFO, "acctFlags" },
- { LDAP_ATTR_MOD_TIMESTAMP, "modifyTimestamp" },
- { LDAP_ATTR_LIST_END, NULL }
-};
-
-ATTRIB_MAP_ENTRY attrib_map_to_delete_v22[] = {
- { LDAP_ATTR_PWD_LAST_SET, "pwdLastSet" },
- { LDAP_ATTR_PWD_CAN_CHANGE, "pwdCanChange" },
- { LDAP_ATTR_PWD_MUST_CHANGE, "pwdMustChange" },
- { LDAP_ATTR_LOGON_TIME, "logonTime" },
- { LDAP_ATTR_LOGOFF_TIME, "logoffTime" },
- { LDAP_ATTR_KICKOFF_TIME, "kickoffTime" },
- { LDAP_ATTR_DISPLAY_NAME, "displayName" },
- { LDAP_ATTR_HOME_PATH, "smbHome" },
- { LDAP_ATTR_HOME_DRIVE, "homeDrives" },
- { LDAP_ATTR_LOGON_SCRIPT, "scriptPath" },
- { LDAP_ATTR_PROFILE_PATH, "profilePath" },
- { LDAP_ATTR_USER_WKS, "userWorkstations"},
- { LDAP_ATTR_USER_RID, "rid" },
- { LDAP_ATTR_PRIMARY_GROUP_RID, "primaryGroupID"},
- { LDAP_ATTR_LMPW, "lmPassword" },
- { LDAP_ATTR_NTPW, "ntPassword" },
- { LDAP_ATTR_DOMAIN, "domain" },
- { LDAP_ATTR_ACB_INFO, "acctFlags" },
- { LDAP_ATTR_LIST_END, NULL }
-};
-
/* attributes used by Samba 3.0's sambaSamAccount */
ATTRIB_MAP_ENTRY attrib_map_v30[] = {
#ifndef _PASSDB_PDB_LDAP_SCHEMA_H_
#define _PASSDB_PDB_LDAP_SCHEMA_H_
-/* specify schema versions between 2.2. and 3.0 */
-
-#define SCHEMAVER_SAMBAACCOUNT 1
-#define SCHEMAVER_SAMBASAMACCOUNT 2
+/* Schema versions */
+#define SCHEMAVER_SAMBAACCOUNT 1 /* Samba 2.2 */
+#define SCHEMAVER_SAMBASAMACCOUNT 2 /* Samba 3.0 */
/* objectclass names */
#define LDAP_OBJ_SAMBASAMACCOUNT "sambaSamAccount"
-#define LDAP_OBJ_SAMBAACCOUNT "sambaAccount"
#define LDAP_OBJ_GROUPMAP "sambaGroupMapping"
#define LDAP_OBJ_DOMINFO "sambaDomain"
#define LDAP_OBJ_IDPOOL "sambaUnixIdPool"
/* structures */
-extern ATTRIB_MAP_ENTRY attrib_map_v22[];
-extern ATTRIB_MAP_ENTRY attrib_map_to_delete_v22[];
extern ATTRIB_MAP_ENTRY attrib_map_v30[];
extern ATTRIB_MAP_ENTRY attrib_map_to_delete_v30[];
extern ATTRIB_MAP_ENTRY dominfo_attr_list[];
return NT_STATUS_OK;
}
-
-/**********************************************************************
- Initialise the 'nds compat' mode for pdb_ldap
- *********************************************************************/
-
-static NTSTATUS pdb_init_NDS_ldapsam_compat(struct pdb_methods **pdb_method, const char *location)
-{
- NTSTATUS nt_status = pdb_init_ldapsam_compat(pdb_method, location);
-
- (*pdb_method)->name = "NDS_ldapsam_compat";
-
- pdb_init_NDS_ldapsam_common(pdb_method, location);
-
- return nt_status;
-}
-
-
/**********************************************************************
Initialise the 'nds' normal mode for pdb_ldap
*********************************************************************/
if (!NT_STATUS_IS_OK(nt_status = smb_register_passdb(PASSDB_INTERFACE_VERSION, "NDS_ldapsam", pdb_init_NDS_ldapsam)))
return nt_status;
- if (!NT_STATUS_IS_OK(nt_status = smb_register_passdb(PASSDB_INTERFACE_VERSION, "NDS_ldapsam_compat", pdb_init_NDS_ldapsam_compat)))
- return nt_status;
-
return NT_STATUS_OK;
}
git.samba.org / sfrench / samba-autobuild / .git / commitdiff