2 Unix SMB/Netbios implementation.
4 LDAP protocol helper functions for SAMBA
5 Copyright (C) Jean François Micouleau 1998
7 This program is free software; you can redistribute it and/or modify
8 it under the terms of the GNU General Public License as published by
9 the Free Software Foundation; either version 2 of the License, or
10 (at your option) any later version.
12 This program is distributed in the hope that it will be useful,
13 but WITHOUT ANY WARRANTY; without even the implied warranty of
14 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
15 GNU General Public License for more details.
17 You should have received a copy of the GNU General Public License
18 along with this program; if not, write to the Free Software
19 Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
33 extern int DEBUGLEVEL;
35 /*******************************************************************
36 open a connection to the ldap serve.
37 ******************************************************************/
38 static BOOL ldap_open_connection(LDAP **ldap_struct)
40 if ( (*ldap_struct = ldap_open(lp_ldap_server(),lp_ldap_port()) ) == NULL)
42 DEBUG(0,("%s: The LDAP server is not responding !\n",timestring()));
45 DEBUG(2,("ldap_open_connection: connection opened\n"));
50 /*******************************************************************
51 connect anonymously to the ldap server.
53 ******************************************************************/
54 static BOOL ldap_connect_anonymous(LDAP *ldap_struct)
56 if ( ldap_simple_bind_s(ldap_struct,lp_ldap_root(),lp_ldap_rootpasswd()) ! = LDAP_SUCCESS)
58 DEBUG(0,("%s: Couldn't bind to the LDAP server !\n", timestring() ));
65 /*******************************************************************
66 connect to the ldap server under system privileg.
67 ******************************************************************/
68 static BOOL ldap_connect_system(LDAP *ldap_struct)
70 if ( ldap_simple_bind_s(ldap_struct,lp_ldap_root(),lp_ldap_rootpasswd()) ! = LDAP_SUCCESS)
72 DEBUG(0,("%s: Couldn't bind to the LDAP server !\n", timestring() ));
75 DEBUG(2,("ldap_connect_system: succesful connection to the LDAP server\n"));
79 /*******************************************************************
80 connect to the ldap server under a particular user.
81 ******************************************************************/
82 static BOOL ldap_connect_user(LDAP *ldap_struct, char *user, char *password)
84 if ( ldap_simple_bind_s(ldap_struct,lp_ldap_root(),lp_ldap_rootpasswd()) ! = LDAP_SUCCESS)
86 DEBUG(0,("%s: Couldn't bind to the LDAP server !\n", timestring() ));
89 DEBUG(2,("ldap_connect_user: succesful connection to the LDAP server\n"));
93 /*******************************************************************
94 run the search by name.
95 ******************************************************************/
96 static BOOL ldap_search_one_user(LDAP *ldap_struct, char *filter, LDAPMessage **result)
98 int scope = LDAP_SCOPE_ONELEVEL;
101 DEBUG(2,("ldap_search_one_user: searching for:[%s]\n", filter));
103 rc = ldap_search_s(ldap_struct, lp_ldap_suffix(), scope, filter, NULL, 0, result);
105 if (rc ! = LDAP_SUCCESS )
107 DEBUG(0,("%s: Problem during the LDAP search\n",timestring()));
113 /*******************************************************************
114 run the search by name.
115 ******************************************************************/
116 static BOOL ldap_search_one_user_by_name(LDAP *ldap_struct, char *user, LDAPMessage **result)
120 in the filter expression, replace %u with the real name
121 so in ldap filter, %u MUST exist :-)
123 pstrcpy(filter,lp_ldap_filter());
124 string_sub(filter,"%u",user);
126 if ( !ldap_search_one_user(ldap_struct, filter, result) )
133 /*******************************************************************
134 run the search by uid.
135 ******************************************************************/
136 static BOOL ldap_search_one_user_by_uid(LDAP *ldap_struct, int uid, LDAPMessage **result)
140 snprintf(filter, sizeof(pstring), "uidAccount = %d", uid);
142 if ( !ldap_search_one_user(ldap_struct, filter, result) )
149 /*******************************************************************
150 search an attribute and return the first value found.
151 ******************************************************************/
152 static void get_single_attribute(LDAP *ldap_struct, LDAPMessage *entry, char *attribute, char *value)
156 if ( (valeurs = ldap_get_values(ldap_struct, entry, attribute)) ! = NULL)
158 pstrcpy(value, valeurs[0]);
159 ldap_value_free(valeurs);
160 DEBUG(3,("get_single_attribute: [%s] = [%s]\n", attribute, value));
168 /*******************************************************************
169 check if the returned entry is a sambaAccount objectclass.
170 ******************************************************************/
171 static BOOL ldap_check_user(LDAP *ldap_struct, LDAPMessage *entry)
173 BOOL sambaAccount = False;
177 DEBUG(2,("ldap_check_user: "));
178 valeur = ldap_get_values(ldap_struct, entry, "objectclass");
181 for (i = 0;valeur[i]! = NULL;i++)
183 if (!strcmp(valeur[i],"sambaAccount")) sambaAccount = True;
186 DEBUG(2,("%s\n",sambaAccount?"yes":"no"));
187 ldap_value_free(valeur);
188 return (sambaAccount);
191 /*******************************************************************
192 check if the returned entry is a sambaTrust objectclass.
193 ******************************************************************/
194 static BOOL ldap_check_trust(LDAP *ldap_struct, LDAPMessage *entry)
196 BOOL sambaTrust = False;
200 DEBUG(2,("ldap_check_trust: "));
201 valeur = ldap_get_values(ldap_struct, entry, "objectclass");
204 for (i = 0;valeur[i]! = NULL;i++)
206 if (!strcmp(valeur[i],"sambaTrust")) sambaTrust = True;
209 DEBUG(2,("%s\n",sambaTrust?"yes":"no"));
210 ldap_value_free(valeur);
214 /*******************************************************************
215 retrieve the user's info and contruct a smb_passwd structure.
216 ******************************************************************/
217 static void ldap_get_smb_passwd(LDAP *ldap_struct,LDAPMessage *entry,
218 struct smb_passwd *user)
220 static pstring user_name;
221 static pstring user_pass;
223 static unsigned char smblmpwd[16];
224 static unsigned char smbntpwd[16];
228 bzero(smblmpwd, sizeof(smblmpwd));
229 bzero(smbntpwd, sizeof(smbntpwd));
231 get_single_attribute(ldap_struct, entry, "cn", user_name);
232 DEBUG(2,("ldap_get_smb_passwd: user: %s\n",user_name));
234 #ifdef LDAP_PLAINTEXT_PASSWORD
235 get_single_attribute(ldap_struct, entry, "userPassword", temp);
236 nt_lm_owf_gen(temp, user->smb_nt_passwd, user->smb_passwd);
237 bzero(temp, sizeof(temp)); /* destroy local copy of the password */
239 get_single_attribute(ldap_struct, entry, "unicodePwd", temp);
240 pdb_gethexpwd(temp, smbntpwd);
241 bzero(temp, sizeof(temp)); /* destroy local copy of the password */
243 get_single_attribute(ldap_struct, entry, "dBCSPwd", temp);
244 pdb_gethexpwd(temp, smblmpwd);
245 bzero(temp, sizeof(temp)); /* destroy local copy of the password */
248 get_single_attribute(ldap_struct, entry, "userAccountControl", temp);
249 user->acct_ctrl = pdb_decode_acct_ctrl(temp);
251 get_single_attribute(ldap_struct, entry, "pwdLastSet", temp);
252 user->pass_last_set_time = (time_t)strtol(temp, NULL, 16);
254 get_single_attribute(ldap_struct, entry, "rid", temp);
256 /* the smb (unix) ids are not stored: they are created */
257 user->smb_userid = pdb_user_rid_to_uid (atoi(temp));
259 if (user->acct_ctrl & (ACB_DOMTRUST|ACB_WSTRUST|ACB_SVRTRUST) )
261 DEBUG(0,("Inconsistency in the LDAP database\n"));
263 if (user->acct_ctrl & ACB_NORMAL)
265 user->smb_name = user_name;
266 user->smb_passwd = smblmpwd;
267 user->smb_nt_passwd = smbntpwd;
271 /*******************************************************************
272 retrieve the user's info and contruct a sam_passwd structure.
274 calls ldap_get_smb_passwd function first, though, to save code duplication.
276 ******************************************************************/
277 static void ldap_get_sam_passwd(LDAP *ldap_struct, LDAPMessage *entry,
278 struct sam_passwd *user)
280 static pstring user_name;
281 static pstring fullname;
282 static pstring home_dir;
283 static pstring dir_drive;
284 static pstring logon_script;
285 static pstring profile_path;
286 static pstring acct_desc;
287 static pstring workstations;
289 static struct smb_passwd pw_buf;
293 ldap_get_smb_passwd(ldap_struct, entry, &pw_buf);
295 user->pass_last_set_time = pw_buf.pass_last_set_time;
297 get_single_attribute(ldap_struct, entry, "logonTime", temp);
298 user->pass_last_set_time = (time_t)strtol(temp, NULL, 16);
300 get_single_attribute(ldap_struct, entry, "logoffTime", temp);
301 user->pass_last_set_time = (time_t)strtol(temp, NULL, 16);
303 get_single_attribute(ldap_struct, entry, "kickoffTime", temp);
304 user->pass_last_set_time = (time_t)strtol(temp, NULL, 16);
306 get_single_attribute(ldap_struct, entry, "pwdLastSet", temp);
307 user->pass_last_set_time = (time_t)strtol(temp, NULL, 16);
309 get_single_attribute(ldap_struct, entry, "pwdCanChange", temp);
310 user->pass_last_set_time = (time_t)strtol(temp, NULL, 16);
312 get_single_attribute(ldap_struct, entry, "pwdMustChange", temp);
313 user->pass_last_set_time = (time_t)strtol(temp, NULL, 16);
315 user->smb_name = pw_buf.smb_name;
317 DEBUG(2,("ldap_get_sam_passwd: user: %s\n", user_name));
319 get_single_attribute(ldap_struct, entry, "userFullName", fullname);
320 user->full_name = fullname;
322 get_single_attribute(ldap_struct, entry, "homeDirectory", home_dir);
323 user->home_dir = home_dir;
325 get_single_attribute(ldap_struct, entry, "homeDrive", dir_drive);
326 user->dir_drive = dir_drive;
328 get_single_attribute(ldap_struct, entry, "scriptPath", logon_script);
329 user->logon_script = logon_script;
331 get_single_attribute(ldap_struct, entry, "profilePath", profile_path);
332 user->profile_path = profile_path;
334 get_single_attribute(ldap_struct, entry, "comment", acct_desc);
335 user->acct_desc = acct_desc;
337 get_single_attribute(ldap_struct, entry, "userWorkstations", workstations);
338 user->workstations = workstations;
340 user->unknown_str = NULL; /* don't know, yet! */
341 user->munged_dial = NULL; /* "munged" dial-back telephone number */
343 get_single_attribute(ldap_struct, entry, "rid", temp);
344 user->user_rid = atoi(temp);
346 get_single_attribute(ldap_struct, entry, "primaryGroupID", temp);
347 user->group_rid = atoi(temp);
349 /* the smb (unix) ids are not stored: they are created */
350 user->smb_userid = pw_buf.smb_userid;
351 user->smb_grpid = group_rid_to_uid(user->group_rid);
353 user->acct_ctrl = pw_buf.acct_ctrl;
355 user->unknown_3 = 0xffffff; /* don't know */
356 user->logon_divs = 168; /* hours per week */
357 user->hours_len = 21; /* 21 times 8 bits = 168 */
358 memset(user->hours, 0xff, user->hours_len); /* available at all hours */
359 user->unknown_5 = 0x00020000; /* don't know */
360 user->unknown_5 = 0x000004ec; /* don't know */
362 if (user->acct_ctrl & (ACB_DOMTRUST|ACB_WSTRUST|ACB_SVRTRUST) )
364 DEBUG(0,("Inconsistency in the LDAP database\n"));
367 if (!(user->acct_ctrl & ACB_NORMAL))
369 DEBUG(0,("User's acct_ctrl bits not set to ACT_NORMAL in LDAP database\n"));
374 /************************************************************************
375 Routine to manage the LDAPMod structure array
376 manage memory used by the array, by each struct, and values
378 ************************************************************************/
379 static void make_a_mod(LDAPMod ***modlist,int modop, char *attribute, char *value)
389 mods = (LDAPMod **)malloc( sizeof(LDAPMod *) );
393 for ( i = 0; mods[ i ] ! = NULL; ++i )
395 if ( mods[ i ]->mod_op == modop &&
396 !strcasecmp( mods[ i ]->mod_type, attribute ) )
404 mods = (LDAPMod **)realloc( mods, (i+2) * sizeof( LDAPMod * ) );
405 mods[i] = (LDAPMod *)malloc( sizeof( LDAPMod ) );
406 mods[i]->mod_op = modop;
407 mods[i]->mod_values = NULL;
408 mods[i]->mod_type = strdup( attribute );
415 if ( mods[ i ]->mod_values ! = NULL )
417 for ( ; mods[ i ]->mod_values[ j ] ! = NULL; j++ );
419 mods[ i ]->mod_values = (char **)realloc(mods[ i ]->mod_values,
420 (j+2) * sizeof( char * ));
421 mods[ i ]->mod_values[ j ] = strdup(value);
422 mods[ i ]->mod_values[ j + 1 ] = NULL;
427 /************************************************************************
428 Add or modify an entry. Only the smb struct values
430 *************************************************************************/
431 static BOOL modadd_ldappwd_entry(struct smb_passwd *newpwd, int flag)
434 /* assume the struct is correct and filled
435 that's the job of passdb.c to check */
436 int scope = LDAP_SCOPE_ONELEVEL;
453 smb_name = newpwd->smb_name;
455 if (!ldap_open_connection(&ldap_struct)) /* open a connection to the server */
460 if (!ldap_connect_system(ldap_struct)) /* connect as system account */
462 ldap_unbind(ldap_struct);
466 if (smb_name[strlen(smb_name)-1] == '$' )
468 smb_name[strlen(smb_name)-1] = '\0';
472 slprintf(filter, sizeof(filter)-1,
473 "(&(cn = %s)(|(objectclass = sambaTrust)(objectclass = sambaAccount)))",
476 rc = ldap_search_s(ldap_struct, lp_ldap_suffix(), scope, filter, NULL, 0, &result);
482 if (ldap_count_entries(ldap_struct, result) ! = 0)
484 DEBUG(0,("User already in the base, with samba properties\n"));
485 ldap_unbind(ldap_struct);
488 ldap_state = LDAP_MOD_ADD;
493 if (ldap_count_entries(ldap_struct, result) ! = 1)
495 DEBUG(0,("No user to modify !\n"));
496 ldap_unbind(ldap_struct);
499 ldap_state = LDAP_MOD_REPLACE;
504 DEBUG(0,("How did you come here? \n"));
505 ldap_unbind(ldap_struct);
510 slprintf(dn, sizeof(dn)-1, "cn = %s, %s",smb_name, lp_ldap_suffix() );
512 if (newpwd->smb_passwd ! = NULL)
515 for( i = 0; i < 16; i++)
517 slprintf(&temp[2*i], sizeof(temp) - 1, "%02X", newpwd->smb_passwd[i]);
523 if (newpwd->acct_ctrl & ACB_PWNOTREQ)
525 slprintf(temp, sizeof(temp) - 1, "NO PASSWORDXXXXXXXXXXXXXXXXXXXXX");
529 slprintf(temp, sizeof(temp) - 1, "XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX");
532 slprintf(lmhash, sizeof(lmhash)-1, "%s", temp);
534 if (newpwd->smb_nt_passwd ! = NULL)
537 for( i = 0; i < 16; i++)
539 slprintf(&temp[2*i], sizeof(temp) - 1, "%02X", newpwd->smb_nt_passwd[i]);
545 if (newpwd->acct_ctrl & ACB_PWNOTREQ)
547 slprintf(temp, sizeof(temp) - 1, "NO PASSWORDXXXXXXXXXXXXXXXXXXXXX");
551 slprintf(temp, sizeof(temp) - 1, "XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX");
554 slprintf(nthash, sizeof(nthash)-1, "%s", temp);
556 slprintf(rid, sizeof(rid)-1, "%d", uid_to_user_rid(newpwd->smb_userid) );
557 slprintf(lst, sizeof(lst)-1, "%08X", newpwd->pass_last_set_time);
563 make_a_mod(&mods, ldap_state, "objectclass", "sambaTrust");
564 make_a_mod(&mods, ldap_state, "netbiosTrustName", smb_name);
565 make_a_mod(&mods, ldap_state, "trustPassword", nthash);
569 make_a_mod(&mods, ldap_state, "objectclass", "sambaAccount");
570 make_a_mod(&mods, ldap_state, "dBCSPwd", lmhash);
571 make_a_mod(&mods, ldap_state, "uid", smb_name);
572 make_a_mod(&mods, ldap_state, "unicodePwd", nthash);
575 make_a_mod(&mods, ldap_state, "cn", smb_name);
577 make_a_mod(&mods, ldap_state, "rid", rid);
578 make_a_mod(&mods, ldap_state, "pwdLastSet", lst);
579 make_a_mod(&mods, ldap_state, "userAccountControl", pdb_encode_acct_ctrl(newpwd->acct_ctrl));
585 ldap_add_s(ldap_struct, dn, mods);
586 DEBUG(2,("modadd_ldappwd_entry: added: cn = %s in the LDAP database\n",smb_name));
591 ldap_modify_s(ldap_struct, dn, mods);
592 DEBUG(2,("modadd_ldappwd_entry: changed: cn = %s in the LDAP database_n",smb_name));
597 DEBUG(2,("modadd_ldappwd_entry: How did you come here? \n"));
598 ldap_unbind(ldap_struct);
604 ldap_mods_free(mods, 1);
606 ldap_unbind(ldap_struct);
611 /************************************************************************
612 Add or modify an entry. everything except the smb struct
614 *************************************************************************/
615 static BOOL modadd_ldap21pwd_entry(struct sam_passwd *newpwd, int flag)
618 /* assume the struct is correct and filled
619 that's the job of passdb.c to check */
620 int scope = LDAP_SCOPE_ONELEVEL;
637 smb_name = newpwd->smb_name;
639 if (!ldap_open_connection(&ldap_struct)) /* open a connection to the server */
644 if (!ldap_connect_system(ldap_struct)) /* connect as system account */
646 ldap_unbind(ldap_struct);
650 if (smb_name[strlen(smb_name)-1] == '$' )
652 smb_name[strlen(smb_name)-1] = '\0';
656 slprintf(filter, sizeof(filter)-1,
657 "(&(cn = %s)(|(objectclass = sambaTrust)(objectclass = sambaAccount)))",
660 rc = ldap_search_s(ldap_struct, lp_ldap_suffix(), scope, filter, NULL, 0, &result);
666 if (ldap_count_entries(ldap_struct, result) ! = 1)
668 DEBUG(2,("User already in the base, with samba properties\n"));
669 ldap_unbind(ldap_struct);
672 ldap_state = LDAP_MOD_ADD;
678 if (ldap_count_entries(ldap_struct, result) ! = 1)
680 DEBUG(2,("No user to modify !\n"));
681 ldap_unbind(ldap_struct);
684 ldap_state = LDAP_MOD_REPLACE;
690 DEBUG(2,("How did you come here? \n"));
691 ldap_unbind(ldap_struct);
696 slprintf(dn, sizeof(dn)-1, "cn = %s, %s",smb_name, lp_ldap_suffix() );
707 make_a_mod(&mods, ldap_state, "cn", smb_name);
709 make_a_mod(&mods, ldap_state, "rid", rid);
710 make_a_mod(&mods, ldap_state, "pwdLastSet", lst);
711 make_a_mod(&mods, ldap_state, "userAccountControl", pdb_encode_acct_ctrl(newpwd->acct_ctrl));
713 ldap_modify_s(ldap_struct, dn, mods);
715 ldap_mods_free(mods, 1);
717 ldap_unbind(ldap_struct);
722 /************************************************************************
723 Routine to add an entry to the ldap passwd file.
725 do not call this function directly. use passdb.c instead.
727 *************************************************************************/
728 static BOOL add_ldappwd_entry(struct smb_passwd *newpwd)
730 return (modadd_ldappwd_entry(newpwd, ADD_USER) );
733 /************************************************************************
734 Routine to search the ldap passwd file for an entry matching the username.
735 and then modify its password entry. We can't use the startldappwent()/
736 getldappwent()/endldappwent() interfaces here as we depend on looking
737 in the actual file to decide how much room we have to write data.
738 override = False, normal
739 override = True, override XXXXXXXX'd out password or NO PASS
741 do not call this function directly. use passdb.c instead.
743 ************************************************************************/
744 static BOOL mod_ldappwd_entry(struct smb_passwd *pwd, BOOL override)
746 return (modadd_ldappwd_entry(pwd, MODIFY_USER) );
749 /************************************************************************
750 Routine to add an entry to the ldap passwd file.
752 do not call this function directly. use passdb.c instead.
754 *************************************************************************/
755 static BOOL add_ldap21pwd_entry(struct sam_passwd *newpwd)
757 return( modadd_ldappwd_entry(newpwd, ADD_USER)?
758 modadd_ldap21pwd_entry(newpwd, ADD_USER):False);
761 /************************************************************************
762 Routine to search the ldap passwd file for an entry matching the username.
763 and then modify its password entry. We can't use the startldappwent()/
764 getldappwent()/endldappwent() interfaces here as we depend on looking
765 in the actual file to decide how much room we have to write data.
766 override = False, normal
767 override = True, override XXXXXXXX'd out password or NO PASS
769 do not call this function directly. use passdb.c instead.
771 ************************************************************************/
772 static BOOL mod_ldap21pwd_entry(struct sam_passwd *pwd, BOOL override)
774 return( modadd_ldappwd_entry(pwd, MODIFY_USER)?
775 modadd_ldap21pwd_entry(pwd, MODIFY_USER):False);
778 struct ldap_enum_info
785 static struct ldap_enum_info ldap_ent;
787 /***************************************************************
788 Start to enumerate the ldap passwd list. Returns a void pointer
789 to ensure no modification outside this module.
791 do not call this function directly. use passdb.c instead.
793 ****************************************************************/
794 static void *startldappwent(BOOL update)
796 int scope = LDAP_SCOPE_ONELEVEL;
801 if (!ldap_open_connection(&ldap_ent.ldap_struct)) /* open a connection to the server */
806 if (!ldap_connect_system(ldap_ent.ldap_struct)) /* connect as system account */
811 /* when the class is known the search is much faster */
816 pstrcpy(filter, "objectclass = sambaAccount");
821 pstrcpy(filter, "objectclass = sambaTrust");
826 pstrcpy(filter, "(|(objectclass = sambaTrust)(objectclass = sambaAccount))");
831 rc = ldap_search_s(ldap_ent.ldap_struct, lp_ldap_suffix(), scope, filter, NULL, 0, &ldap_ent.result);
833 DEBUG(2,("%d entries in the base!\n", ldap_count_entries(ldap_ent.ldap_struct, ldap_ent.result) ));
835 ldap_ent.entry = ldap_first_entry(ldap_ent.ldap_struct, ldap_ent.result);
840 /*************************************************************************
841 Routine to return the next entry in the ldap passwd list.
843 do not call this function directly. use passdb.c instead.
845 *************************************************************************/
846 static struct smb_passwd *getldappwent(void *vp)
848 static struct smb_passwd user;
849 struct ldap_enum_info *ldap_vp = (struct ldap_enum_info *)vp;
851 ldap_vp->entry = ldap_next_entry(ldap_vp->ldap_struct, ldap_vp->entry);
853 if (ldap_vp->entry ! = NULL)
855 ldap_get_smb_passwd(ldap_vp->ldap_struct, ldap_vp->entry, &user);
861 /*************************************************************************
862 Routine to return the next entry in the ldap passwd list.
864 do not call this function directly. use passdb.c instead.
866 *************************************************************************/
867 static struct sam_passwd *getldap21pwent(void *vp)
869 static struct sam_passwd user;
870 struct ldap_enum_info *ldap_vp = (struct ldap_enum_info *)vp;
872 ldap_vp->entry = ldap_next_entry(ldap_vp->ldap_struct, ldap_vp->entry);
874 if (ldap_vp->entry ! = NULL)
876 ldap_get_sam_passwd(ldap_vp->ldap_struct, ldap_vp->entry, &user);
882 /***************************************************************
883 End enumeration of the ldap passwd list.
885 do not call this function directly. use passdb.c instead.
887 ****************************************************************/
888 static void endldappwent(void *vp)
890 struct ldap_enum_info *ldap_vp = (struct ldap_enum_info *)vp;
891 ldap_msgfree(ldap_vp->result);
892 ldap_unbind(ldap_vp->ldap_struct);
895 /*************************************************************************
896 Return the current position in the ldap passwd list as an unsigned long.
897 This must be treated as an opaque token.
899 do not call this function directly. use passdb.c instead.
901 *************************************************************************/
902 static unsigned long getldappwpos(void *vp)
907 /*************************************************************************
908 Set the current position in the ldap passwd list from unsigned long.
909 This must be treated as an opaque token.
911 do not call this function directly. use passdb.c instead.
913 *************************************************************************/
914 static BOOL setldappwpos(void *vp, unsigned long tok)
920 * Ldap derived functions.
923 static struct smb_passwd *getldappwnam(char *name)
925 return pdb_sam_to_smb(iterate_getsam21pwnam(name));
928 static struct smb_passwd *getldappwuid(uid_t smb_userid)
930 return pdb_sam_to_smb(iterate_getsam21pwuid(smb_userid));
933 static struct smb_passwd *getldappwent(void *vp)
935 return pdb_sam_to_smb(getldap21pwent(vp));
938 static BOOL add_ldappwd_entry(struct smb_passwd *newpwd)
940 return add_ldap21pwd_entry(pdb_smb_to_sam(newpwd));
943 static BOOL mod_ldappwd_entry(struct smb_passwd* pwd, BOOL override)
945 return mod_ldap21pwd_entry(pdb_smb_to_sam(pwd), override);
948 static struct sam_disp_info *getldapdispnam(char *name)
950 return pdb_sam_to_dispinfo(getldap21pwnam(name));
953 static struct sam_disp_info *getldapdisprid(uint32 rid)
955 return pdb_sam_to_dispinfo(getldap21pwrid(rid));
958 static struct sam_disp_info *getldapdispent(void *vp)
960 return pdb_sam_to_dispinfo(getldap21pwent(vp));
963 static struct sam_passwd *getldap21pwuid(uid_t uid)
965 return pdb_smb_to_sam(iterate_getsam21pwuid(pdb_uid_to_user_rid(uid)));
968 static struct passdb_ops ldap_ops =
980 iterate_getsam21pwnam, /* From passdb.c */
981 iterate_getsam21pwuid, /* From passdb.c */
982 iterate_getsam21pwrid, /* From passdb.c */
990 struct passdb_ops *ldap_initialize_password_db(void)
996 void dummy_function(void) { } /* stop some compilers complaining */