summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorSimo Sorce <idra@samba.org>2006-08-12 15:22:03 +0000
committerGerald (Jerry) Carter <jerry@samba.org>2007-10-10 14:15:30 -0500
commit71041a5007abb9afc04df0d91e7c2598ba9b2d20 (patch)
treee7afa96f3cbaca1741a1522b8c425abde3835e39
parent39018ab9022d8bd2cc58a52cf4834c5ce7c5455f (diff)
downloadsamba-71041a5007abb9afc04df0d91e7c2598ba9b2d20.tar.gz
samba-71041a5007abb9afc04df0d91e7c2598ba9b2d20.tar.bz2
samba-71041a5007abb9afc04df0d91e7c2598ba9b2d20.zip
r17504: Do not use the invented unixID but use the rfc2307 uidNumber and gidNumber attributes instead
Do not change unixName right now, we don't have an attribute to use in the posixGroup class, and I think we should remove its usage altogether and look up users and groups by their uid/gid only. Simo. (This used to be commit d57b521aadf24a277152ec1ff1dac3210bd14316)
-rw-r--r--source4/dsdb/common/sidmap.c26
-rw-r--r--source4/lib/ldb/tests/schema-tests/schema.ldif3
-rw-r--r--source4/setup/provision_init.ldif3
3 files changed, 17 insertions, 15 deletions
diff --git a/source4/dsdb/common/sidmap.c b/source4/dsdb/common/sidmap.c
index 38c4ba49a9..353d5c14f1 100644
--- a/source4/dsdb/common/sidmap.c
+++ b/source4/dsdb/common/sidmap.c
@@ -126,8 +126,8 @@ static NTSTATUS sidmap_primary_domain_sid(struct sidmap_context *sidmap,
_PUBLIC_ NTSTATUS sidmap_sid_to_unixuid(struct sidmap_context *sidmap,
struct dom_sid *sid, uid_t *uid)
{
- const char *attrs[] = { "sAMAccountName", "unixID",
- "unixName", "sAMAccountType", NULL };
+ const char *attrs[] = { "sAMAccountName", "uidNumber",
+ "sAMAccountType", NULL };
int ret;
const char *s;
TALLOC_CTX *tmp_ctx;
@@ -152,7 +152,7 @@ _PUBLIC_ NTSTATUS sidmap_sid_to_unixuid(struct sidmap_context *sidmap,
}
/* first try to get the uid directly */
- s = samdb_result_string(res[0], "unixID", NULL);
+ s = samdb_result_string(res[0], "uidNumber", NULL);
if (s != NULL) {
*uid = strtoul(s, NULL, 0);
talloc_free(tmp_ctx);
@@ -208,7 +208,7 @@ allocated_sid:
}
- DEBUG(0,("sid_to_unixuid: no unixID, unixName or sAMAccountName for sid %s\n",
+ DEBUG(0,("sid_to_unixuid: no uidNumber, unixName or sAMAccountName for sid %s\n",
dom_sid_string(tmp_ctx, sid)));
talloc_free(tmp_ctx);
@@ -222,7 +222,7 @@ allocated_sid:
_PUBLIC_ NTSTATUS sidmap_sid_to_unixgid(struct sidmap_context *sidmap,
struct dom_sid *sid, gid_t *gid)
{
- const char *attrs[] = { "sAMAccountName", "unixID",
+ const char *attrs[] = { "sAMAccountName", "gidNumber",
"unixName", "sAMAccountType", NULL };
int ret;
const char *s;
@@ -248,7 +248,7 @@ _PUBLIC_ NTSTATUS sidmap_sid_to_unixgid(struct sidmap_context *sidmap,
}
/* first try to get the gid directly */
- s = samdb_result_string(res[0], "unixID", NULL);
+ s = samdb_result_string(res[0], "gidNumber", NULL);
if (s != NULL) {
*gid = strtoul(s, NULL, 0);
talloc_free(tmp_ctx);
@@ -300,7 +300,7 @@ allocated_sid:
}
}
- DEBUG(0,("sid_to_unixgid: no unixID, unixName or sAMAccountName for sid %s\n",
+ DEBUG(0,("sid_to_unixgid: no gidNumber, unixName or sAMAccountName for sid %s\n",
dom_sid_string(tmp_ctx, sid)));
talloc_free(tmp_ctx);
@@ -330,7 +330,7 @@ _PUBLIC_ NTSTATUS sidmap_uid_to_sid(struct sidmap_context *sidmap,
- check if the uid is in the dynamic uid range assigned for winbindd
use. If it is, then look in winbindd sid mapping
database (not implemented yet)
- - look for a user account in samdb that has unixID set to the
+ - look for a user account in samdb that has uidNumber set to the
given uid
- look for a user account in samdb that has unixName or
sAMAccountName set to the name given by getpwuid()
@@ -343,12 +343,12 @@ _PUBLIC_ NTSTATUS sidmap_uid_to_sid(struct sidmap_context *sidmap,
/*
- step 2: look for a user account in samdb that has unixID set to the
+ step 2: look for a user account in samdb that has uidNumber set to the
given uid
*/
ret = gendb_search(sidmap->samctx, tmp_ctx, samdb_base_dn(tmp_ctx), &res, attrs,
- "unixID=%u", (unsigned int)uid);
+ "uidNumber=%u", (unsigned int)uid);
for (i=0;i<ret;i++) {
if (!is_user_account(res[i])) continue;
@@ -428,7 +428,7 @@ _PUBLIC_ NTSTATUS sidmap_gid_to_sid(struct sidmap_context *sidmap,
- check if the gid is in the dynamic gid range assigned for winbindd
use. If it is, then look in winbindd sid mapping
database (not implemented yet)
- - look for a group account in samdb that has unixID set to the
+ - look for a group account in samdb that has gidNumber set to the
given gid
- look for a group account in samdb that has unixName or
sAMAccountName set to the name given by getgrgid()
@@ -441,12 +441,12 @@ _PUBLIC_ NTSTATUS sidmap_gid_to_sid(struct sidmap_context *sidmap,
/*
- step 2: look for a group account in samdb that has unixID set to the
+ step 2: look for a group account in samdb that has gidNumber set to the
given gid
*/
ret = gendb_search(sidmap->samctx, tmp_ctx, samdb_base_dn(tmp_ctx), &res, attrs,
- "unixID=%u", (unsigned int)gid);
+ "gidNumber=%u", (unsigned int)gid);
for (i=0;i<ret;i++) {
if (!is_group_account(res[i])) continue;
diff --git a/source4/lib/ldb/tests/schema-tests/schema.ldif b/source4/lib/ldb/tests/schema-tests/schema.ldif
index 3be31282fa..515408144a 100644
--- a/source4/lib/ldb/tests/schema-tests/schema.ldif
+++ b/source4/lib/ldb/tests/schema-tests/schema.ldif
@@ -4,7 +4,8 @@ dn: @INDEXLIST
@IDXATTR: objectSid
@IDXATTR: objectClass
@IDXATTR: member
-@IDXATTR: unixID
+@IDXATTR: uidNumber
+@IDXATTR: gidNumber
@IDXATTR: unixName
@IDXATTR: privilege
@IDXATTR: lDAPDisplayName
diff --git a/source4/setup/provision_init.ldif b/source4/setup/provision_init.ldif
index 91405b2d4c..7414368d44 100644
--- a/source4/setup/provision_init.ldif
+++ b/source4/setup/provision_init.ldif
@@ -5,7 +5,8 @@ dn: @INDEXLIST
@IDXATTR: objectClass
@IDXATTR: objectCategory
@IDXATTR: member
-@IDXATTR: unixID
+@IDXATTR: uidNumber
+@IDXATTR: gidNumber
@IDXATTR: unixName
@IDXATTR: privilege
@IDXATTR: nCName