weekend work. user / group database API.

- split sam_passwd and smb_passwd into separate higher-order function tables

- renamed struct smb_passwd's "smb_user" to "unix_user".  added "nt_user"
plus user_rid, and added a "wrap" function in both sam_passwd and smb_passwd
password databases to fill in the blank entries that are not obtained
from whatever password database API instance is being used.

NOTE: whenever a struct smb_passwd or struct sam_passwd is used, it MUST
be initialised with pwdb_sam_init() or pwd_smb_init(), see chgpasswd.c
for the only example outside of the password database APIs i could find.

- added query_useraliases code to rpcclient.

- dealt with some nasty interdependencies involving non-smbd programs
and the password database API.  this is still not satisfactorily
resolved completelely, but it's the best i can do for now.

- #ifdef'd out some password database options so that people don't
mistakenly set them unless they recompile to _use_ those options.

lots of debugging done, it's still not finished.  the unix/NT uid/gid
and user-rid/group-rid issues are better, but not perfect.  the "BUILTIN"
domain is still missing: users cannot be added to "BUILTIN" groups yet,
as we only have an "alias" db API and a "group" db API but not "builtin-alias"
db API...
(This used to be commit 5d5d7e4de7d1514ab87b07ede629de8aa00519a1)

5 files changed, 529 insertions, 204 deletions

diff --git a/source3/include/ntdomain.h b/source3/include/ntdomain.h
index edbe87ab8d..ed74943187 100644
--- a/source3/include/ntdomain.h
+++ b/source3/include/ntdomain.h
@@ -145,7 +145,7 @@ typedef struct
 struct acct_info
 {
     fstring acct_name; /* account name */
-    uint32 smb_userid; /* domain-relative RID */
+    uint32  user_rid; /* domain-relative RID */
 };
 
 #endif /* _NT_DOMAIN_H */
diff --git a/source3/include/proto.h b/source3/include/proto.h
index 685248fa47..4902cf06bf 100644
--- a/source3/include/proto.h
+++ b/source3/include/proto.h
@@ -22,19 +22,19 @@ int tar_parseargs(int argc, char *argv[], char *Optarg, int Optind);
 BOOL initialise_alias_db(void);
 LOCAL_GRP *iterate_getaliasgid(gid_t gid, LOCAL_GRP_MEMBER **mem, int *num_mem);
 LOCAL_GRP *iterate_getaliasrid(uint32 rid, LOCAL_GRP_MEMBER **mem, int *num_mem);
-LOCAL_GRP *iterate_getaliasnam(char *name, LOCAL_GRP_MEMBER **mem, int *num_mem);
+LOCAL_GRP *iterate_getaliasntnam(const char *name, LOCAL_GRP_MEMBER **mem, int *num_mem);
 BOOL add_domain_alias(LOCAL_GRP **alss, int *num_alss, LOCAL_GRP *als);
-BOOL iterate_getuseraliasnam(char *user_name, LOCAL_GRP **alss, int *num_alss);
+BOOL iterate_getuseraliasntnam(const char *user_name, LOCAL_GRP **alss, int *num_alss);
 BOOL enumdomaliases(LOCAL_GRP **alss, int *num_alss);
 void *startaliasent(BOOL update);
 void endaliasent(void *vp);
 LOCAL_GRP *getaliasent(void *vp, LOCAL_GRP_MEMBER **mem, int *num_mem);
 BOOL add_alias_entry(LOCAL_GRP *newals);
 BOOL mod_alias_entry(LOCAL_GRP* als);
-LOCAL_GRP *getaliasnam(char *name, LOCAL_GRP_MEMBER **mem, int *num_mem);
+LOCAL_GRP *getaliasntnam(const char *name, LOCAL_GRP_MEMBER **mem, int *num_mem);
 LOCAL_GRP *getaliasrid(uint32 alias_rid, LOCAL_GRP_MEMBER **mem, int *num_mem);
 LOCAL_GRP *getaliasgid(gid_t gid, LOCAL_GRP_MEMBER **mem, int *num_mem);
-BOOL getuseraliasnam(char *user_name, LOCAL_GRP **als, int *num_alss);
+BOOL getuseraliasntnam(const char *user_name, LOCAL_GRP **als, int *num_alss);
 void aldb_init_als(LOCAL_GRP *als);
 BOOL make_alias_line(char *p, int max_len,
 				LOCAL_GRP *als,
@@ -46,7 +46,7 @@ struct aliasdb_ops *file_initialise_alias_db(void);
 
 /*The following definitions come from  groupdb/aliasunix.c  */
 
-BOOL get_unixalias_members(struct group *als,
+BOOL get_unixalias_members(struct group *grp,
 				int *num_mem, LOCAL_GRP_MEMBER **members);
 struct aliasdb_ops *unix_initialise_alias_db(void);
 
@@ -55,19 +55,19 @@ struct aliasdb_ops *unix_initialise_alias_db(void);
 BOOL initialise_group_db(void);
 DOMAIN_GRP *iterate_getgroupgid(gid_t gid, DOMAIN_GRP_MEMBER **mem, int *num_mem);
 DOMAIN_GRP *iterate_getgrouprid(uint32 rid, DOMAIN_GRP_MEMBER **mem, int *num_mem);
-DOMAIN_GRP *iterate_getgroupnam(char *name, DOMAIN_GRP_MEMBER **mem, int *num_mem);
+DOMAIN_GRP *iterate_getgroupntnam(const char *name, DOMAIN_GRP_MEMBER **mem, int *num_mem);
 BOOL add_domain_group(DOMAIN_GRP **grps, int *num_grps, DOMAIN_GRP *grp);
-BOOL iterate_getusergroupsnam(char *user_name, DOMAIN_GRP **grps, int *num_grps);
+BOOL iterate_getusergroupsnam(const char *user_name, DOMAIN_GRP **grps, int *num_grps);
 BOOL enumdomgroups(DOMAIN_GRP **grps, int *num_grps);
 void *startgroupent(BOOL update);
 void endgroupent(void *vp);
 DOMAIN_GRP *getgroupent(void *vp, DOMAIN_GRP_MEMBER **mem, int *num_mem);
 BOOL add_group_entry(DOMAIN_GRP *newgrp);
 BOOL mod_group_entry(DOMAIN_GRP* grp);
-DOMAIN_GRP *getgroupnam(char *name, DOMAIN_GRP_MEMBER **mem, int *num_mem);
+DOMAIN_GRP *getgroupntnam(const char *name, DOMAIN_GRP_MEMBER **mem, int *num_mem);
 DOMAIN_GRP *getgrouprid(uint32 group_rid, DOMAIN_GRP_MEMBER **mem, int *num_mem);
 DOMAIN_GRP *getgroupgid(gid_t gid, DOMAIN_GRP_MEMBER **mem, int *num_mem);
-BOOL getusergroupsnam(char *user_name, DOMAIN_GRP **grp, int *num_grps);
+BOOL getusergroupsntnam(const char *user_name, DOMAIN_GRP **grp, int *num_grps);
 void gpdb_init_grp(DOMAIN_GRP *grp);
 BOOL make_group_line(char *p, int max_len,
 				DOMAIN_GRP *grp,
@@ -124,6 +124,23 @@ void force_check_log_size( void );
 void dbgflush( void );
 BOOL dbghdr( int level, char *file, char *func, int line );
 
+/*The following definitions come from  lib/domain_namemap.c  */
+
+BOOL pwdb_rid_is_user(uint32 rid);
+BOOL map_unix_group_name(char *group_name, DOM_NAME_MAP *grp_info);
+BOOL map_unix_alias_name(char *alias_name, DOM_NAME_MAP *grp_info);
+BOOL map_nt_alias_name(char *ntalias_name, char *nt_domain, DOM_NAME_MAP *grp_info);
+BOOL map_nt_group_name(char *ntgroup_name, char *nt_domain, DOM_NAME_MAP *grp_info);
+BOOL map_alias_sid(DOM_SID *psid, DOM_NAME_MAP *grp_info);
+BOOL map_group_sid(DOM_SID *psid, DOM_NAME_MAP *grp_info);
+BOOL lookupsmbpwnam(const char *unix_usr_name, DOM_NAME_MAP *grp);
+BOOL lookupsmbpwuid(uid_t uid, DOM_NAME_MAP *gmep);
+BOOL lookupsmbpwntnam(char *fullntname, DOM_NAME_MAP *gmep);
+BOOL lookupsmbpwsid(DOM_SID *sid, DOM_NAME_MAP *gmep);
+BOOL lookupsmbgrpnam(const char *unix_grp_name, DOM_NAME_MAP *grp);
+BOOL lookupsmbgrpsid(DOM_SID *sid, DOM_NAME_MAP *gmep);
+BOOL lookupsmbgrpgid(gid_t gid, DOM_NAME_MAP *gmep);
+
 /*The following definitions come from  lib/doscalls.c  */
 
 int dos_unlink(char *fname);
@@ -210,6 +227,16 @@ void pidfile_create(char *name);
 
 char *rep_inet_ntoa(struct in_addr ip);
 
+/*The following definitions come from  lib/sids.c  */
+
+void get_sam_domain_name(void);
+BOOL get_member_domain_sid(void);
+void generate_wellknown_sids(void);
+BOOL generate_sam_sid(void);
+BOOL map_domain_name_to_sid(DOM_SID *sid, char **nt_domain);
+BOOL map_domain_sid_to_name(DOM_SID *sid, char *nt_domain);
+BOOL split_domain_name(char *fullname, char *domain, char *name);
+
 /*The following definitions come from  lib/signal.c  */
 
 void BlockSignals(BOOL block,int signum);
@@ -289,7 +316,7 @@ BOOL user_in_list(char *user,char *list);
 
 char *tmpdir(void);
 BOOL in_group(gid_t group, gid_t current_gid, int ngroups, gid_t *groups);
-int get_number(char *tmp);
+int get_number(const char *tmp);
 char *Atoic(char *p, int *n, char *c);
 uint32 *add_num_to_list(uint32 **num, int *count, int val);
 char *get_numlist(char *p, uint32 **num, int *count);
@@ -343,7 +370,8 @@ struct hostent *Get_Hostbyname(const char *name);
 BOOL process_exists(int pid);
 char *uidtoname(uid_t uid);
 char *gidtoname(gid_t gid);
-uid_t nametouid(const char *name);
+BOOL nametogid(const char *name, gid_t *gid);
+BOOL nametouid(const char *name, uid_t *uid);
 void smb_panic(char *why);
 char *readdirname(DIR *p);
 BOOL is_in_path(char *name, name_compare_entry *namelist);
@@ -379,15 +407,37 @@ BOOL setfilepwpos(void *vp, SMB_BIG_UINT tok);
 int getfileline(void *vp, char *linebuf, int linebuf_size);
 char *fgets_slash(char *s2,int maxlen,FILE *f);
 
+/*The following definitions come from  lib/util_pwdb.c  */
+
+uint32 lookup_wk_group_name(const char *group_name, const char *domain,
+				DOM_SID *sid, uint8 *type);
+uint32 lookup_wk_user_name(const char *user_name, const char *domain,
+				DOM_SID *sid, uint8 *type);
+uint32 lookup_builtin_alias_name(const char *alias_name, const char *domain,
+				DOM_SID *sid, uint8 *type);
+char *pwdb_encode_acct_ctrl(uint16 acct_ctrl, size_t length);
+uint16 pwdb_decode_acct_ctrl(const char *p);
+time_t pwdb_get_last_set_time(const char *p);
+void pwdb_set_logon_time(char *p, int max_len, time_t t);
+void pwdb_set_logoff_time(char *p, int max_len, time_t t);
+void pwdb_set_kickoff_time(char *p, int max_len, time_t t);
+void pwdb_set_can_change_time(char *p, int max_len, time_t t);
+void pwdb_set_must_change_time(char *p, int max_len, time_t t);
+void pwdb_set_last_set_time(char *p, int max_len, time_t t);
+void pwdb_sethexpwd(char *p, const char *pwd, uint16 acct_ctrl);
+BOOL pwdb_gethexpwd(const char *p, char *pwd);
+BOOL pwdb_initialise(void);
+
 /*The following definitions come from  lib/util_sid.c  */
 
-char *sid_to_string(pstring sidstr_out, DOM_SID *sid);
-BOOL string_to_sid(DOM_SID *sidout, char *sidstr);
+char *sid_to_string(pstring sidstr_out, const DOM_SID *sid);
+BOOL string_to_sid(DOM_SID *sidout, const char *sidstr);
 BOOL sid_append_rid(DOM_SID *sid, uint32 rid);
 BOOL sid_split_rid(DOM_SID *sid, uint32 *rid);
-void sid_copy(DOM_SID *sid1, DOM_SID *sid2);
-BOOL sid_equal(DOM_SID *sid1, DOM_SID *sid2);
-int sid_size(DOM_SID *sid);
+void sid_copy(DOM_SID *sid1, const DOM_SID *sid2);
+BOOL sid_front_equal(const DOM_SID *sid1, const DOM_SID *sid2);
+BOOL sid_equal(const DOM_SID *sid1, const DOM_SID *sid2);
+int sid_size(const DOM_SID *sid);
 
 /*The following definitions come from  lib/util_sock.c  */
 
@@ -1058,6 +1108,8 @@ char *lp_workgroup(void);
 char *lp_username_map(void);
 char *lp_aliasname_map(void);
 char *lp_groupname_map(void);
+char *lp_builtinname_map(void);
+char *lp_ntusrname_map(void);
 char *lp_logon_script(void);
 char *lp_logon_path(void);
 char *lp_logon_drive(void);
@@ -1275,47 +1327,19 @@ BOOL pass_check(char *user,char *password, int pwlen, struct passwd *pwd,
 /*The following definitions come from  passdb/passdb.c  */
 
 BOOL initialise_password_db(void);
-struct smb_passwd *iterate_getsmbpwrid(uint32 user_rid);
-struct smb_passwd *iterate_getsmbpwuid(uid_t smb_userid);
+struct smb_passwd *iterate_getsmbpwuid(uid_t unix_uid);
 struct smb_passwd *iterate_getsmbpwnam(const char *name);
 void *startsmbpwent(BOOL update);
 void endsmbpwent(void *vp);
+SMB_BIG_UINT getsmbpwpos(void *vp);
+BOOL setsmbpwpos(void *vp, SMB_BIG_UINT tok);
 struct smb_passwd *getsmbpwent(void *vp);
 BOOL add_smbpwd_entry(struct smb_passwd *newpwd);
 BOOL mod_smbpwd_entry(struct smb_passwd* pwd, BOOL override);
 struct smb_passwd *getsmbpwnam(const char *name);
-struct smb_passwd *getsmbpwrid(uint32 user_rid);
-struct smb_passwd *getsmbpwuid(uid_t smb_userid);
-struct sam_passwd *iterate_getsam21pwnam(const char *name);
-struct sam_passwd *iterate_getsam21pwrid(uint32 rid);
-struct sam_passwd *iterate_getsam21pwuid(uid_t uid);
-struct sam_disp_info *getsamdisprid(uint32 rid);
-struct sam_passwd *getsam21pwent(void *vp);
-struct sam_passwd *getsam21pwnam(const char *name);
-struct sam_passwd *getsam21pwrid(uint32 rid);
+struct smb_passwd *getsmbpwuid(uid_t unix_uid);
 void pwdb_init_smb(struct smb_passwd *user);
-void pwdb_init_sam(struct sam_passwd *user);
-struct sam_disp_info *pwdb_sam_to_dispinfo(struct sam_passwd *user);
-struct smb_passwd *pwdb_sam_to_smb(struct sam_passwd *user);
-struct sam_passwd *pwdb_smb_to_sam(struct smb_passwd *user);
-char *pwdb_encode_acct_ctrl(uint16 acct_ctrl, size_t length);
-uint16 pwdb_decode_acct_ctrl(const char *p);
-time_t pwdb_get_last_set_time(const char *p);
-void pwdb_set_logon_time(char *p, int max_len, time_t t);
-void pwdb_set_logoff_time(char *p, int max_len, time_t t);
-void pwdb_set_kickoff_time(char *p, int max_len, time_t t);
-void pwdb_set_can_change_time(char *p, int max_len, time_t t);
-void pwdb_set_must_change_time(char *p, int max_len, time_t t);
-void pwdb_set_last_set_time(char *p, int max_len, time_t t);
-void pwdb_sethexpwd(char *p, const char *pwd, uint16 acct_ctrl);
-BOOL pwdb_gethexpwd(const char *p, char *pwd);
-uid_t pwdb_user_rid_to_uid(uint32 user_rid);
-uint32 pwdb_uid_to_user_rid(uid_t uid);
-uint32 pwdb_gid_to_group_rid(gid_t gid);
-gid_t pwdb_group_rid_to_gid(uint32 group_rid);
-uint32 pwdb_gid_to_alias_rid(gid_t gid);
-gid_t pwdb_alias_rid_to_gid(uint32 alias_rid);
-BOOL pwdb_rid_is_user(uint32 rid);
+struct smb_passwd *pwdb_smb_map_names(struct smb_passwd *smb);
 
 /*The following definitions come from  passdb/passgrp.c  */
 
@@ -1323,10 +1347,10 @@ BOOL initialise_passgrp_db(void);
 struct smb_passwd *iterate_getsmbgrprid(uint32 user_rid,
 		uint32 **grps, int *num_grps,
 		uint32 **alss, int *num_alss);
-struct smb_passwd *iterate_getsmbgrpuid(uid_t smb_userid,
+struct smb_passwd *iterate_getsmbgrpuid(uid_t unix_uid,
 		uint32 **grps, int *num_grps,
 		uint32 **alss, int *num_alss);
-struct smb_passwd *iterate_getsmbgrpnam(char *name,
+struct smb_passwd *iterate_getsmbgrpntnam(const char *nt_name,
 		uint32 **grps, int *num_grps,
 		uint32 **alss, int *num_alss);
 void *startsmbgrpent(BOOL update);
@@ -1334,24 +1358,45 @@ void endsmbgrpent(void *vp);
 struct smb_passwd *getsmbgrpent(void *vp,
 		uint32 **grps, int *num_grps,
 		uint32 **alss, int *num_alss);
-struct smb_passwd *getsmbgrpnam(char *name,
+struct smb_passwd *getsmbgrpntnam(char *name,
 		uint32 **grps, int *num_grps,
 		uint32 **alss, int *num_alss);
 struct smb_passwd *getsmbgrprid(uint32 user_rid,
 		uint32 **grps, int *num_grps,
 		uint32 **alss, int *num_alss);
-struct smb_passwd *getsmbgrpuid(uid_t smb_userid,
+struct smb_passwd *getsmbgrpuid(uid_t unix_uid,
 		uint32 **grps, int *num_grps,
 		uint32 **alss, int *num_alss);
 
+/*The following definitions come from  passdb/sampass.c  */
+
+void *startsamfilepwent(BOOL update);
+void endsamfilepwent(void *vp);
+SMB_BIG_UINT getsamfilepwpos(void *vp);
+BOOL setsamfilepwpos(void *vp, SMB_BIG_UINT tok);
+struct sam_passdb_ops *file_initialise_sam_password_db(void);
+
+/*The following definitions come from  passdb/sampassdb.c  */
+
+BOOL initialise_sam_password_db(void);
+void *startsam21pwent(BOOL update);
+void endsam21pwent(void *vp);
+struct sam_passwd *getsam21pwent(void *vp);
+struct sam_passwd *iterate_getsam21pwntnam(const char *name);
+struct sam_passwd *iterate_getsam21pwrid(uint32 rid);
+struct sam_passwd *iterate_getsam21pwuid(uid_t uid);
+struct sam_disp_info *getsamdisprid(uint32 rid);
+struct sam_passwd *getsam21pwntnam(const char *name);
+struct sam_passwd *getsam21pwrid(uint32 rid);
+void pwdb_init_sam(struct sam_passwd *user);
+struct sam_disp_info *pwdb_sam_to_dispinfo(struct sam_passwd *user);
+struct smb_passwd *pwdb_sam_to_smb(struct sam_passwd *user);
+struct sam_passwd *pwdb_smb_to_sam(struct smb_passwd *user);
+struct sam_passwd *pwdb_sam_map_names(struct sam_passwd *sam);
+
 /*The following definitions come from  passdb/smbpass.c  */
 
-void *startsmbfilepwent(BOOL update);
-void endsmbfilepwent(void *vp);
-SMB_BIG_UINT getsmbfilepwpos(void *vp);
-BOOL setsmbfilepwpos(void *vp, SMB_BIG_UINT tok);
-struct smb_passwd *getsmbfilepwent(void *vp);
-struct passdb_ops *file_initialise_password_db(void);
+struct smb_passdb_ops *file_initialise_password_db(void);
 
 /*The following definitions come from  passdb/smbpasschange.c  */
 
@@ -1407,10 +1452,10 @@ void load_printers(void);
 BOOL cli_nt_setup_creds(struct cli_state *cli, unsigned char mach_pwd[16]);
 BOOL cli_nt_srv_pwset(struct cli_state *cli, unsigned char *new_hashof_mach_pwd);
 BOOL cli_nt_login_interactive(struct cli_state *cli, char *domain, char *username, 
-                              uint32 smb_userid_low, char *password,
+                              uint32 luid_low, char *password,
                               NET_ID_INFO_CTR *ctr, NET_USER_INFO_3 *user_info3);
 BOOL cli_nt_login_network(struct cli_state *cli, char *domain, char *username, 
-                          uint32 smb_userid_low, char lm_chal[8], char lm_chal_resp[24],
+                          uint32 luid_low, char lm_chal[8], char lm_chal_resp[24],
                           char nt_chal_resp[24],
                           NET_ID_INFO_CTR *ctr, NET_USER_INFO_3 *user_info3);
 BOOL cli_nt_logoff(struct cli_state *cli, NET_ID_INFO_CTR *ctr);
@@ -1535,6 +1580,9 @@ BOOL do_samr_query_unknown_12(struct cli_state *cli,
 				uint32 *num_aliases,
 				fstring als_names    [MAX_LOOKUP_SIDS],
 				uint32  num_als_users[MAX_LOOKUP_SIDS]);
+BOOL do_samr_query_useraliases(struct cli_state *cli, 
+				POLICY_HND *pol, DOM_SID *sid,
+				uint32 *num_aliases, uint32 *rid);
 BOOL do_samr_query_usergroups(struct cli_state *cli, 
 				POLICY_HND *pol, uint32 *num_groups, DOM_GID *gid);
 BOOL do_samr_query_userinfo(struct cli_state *cli, 
@@ -1621,7 +1669,6 @@ uint32 get_enum_hnd(ENUM_HND *enh);
 void make_enum_hnd(ENUM_HND *enh, uint32 hnd);
 void smb_io_enum_hnd(char *desc,  ENUM_HND *hnd, prs_struct *ps, int depth);
 void smb_io_dom_sid(char *desc,  DOM_SID *sid, prs_struct *ps, int depth);
-void make_dom_sid(DOM_SID *sid, char *str_sid);
 void make_dom_sid2(DOM_SID2 *sid2, DOM_SID *sid);
 void smb_io_dom_sid2(char *desc,  DOM_SID2 *sid, prs_struct *ps, int depth);
 void make_str_hdr(STRHDR *hdr, int max_len, int len, uint32 buffer);
@@ -1986,6 +2033,9 @@ void make_samr_r_query_aliasinfo(SAMR_R_QUERY_ALIASINFO *r_u,
 		uint16 switch_value, char *acct_desc,
 		uint32 status);
 void samr_io_r_query_aliasinfo(char *desc,  SAMR_R_QUERY_ALIASINFO *r_u, prs_struct *ps, int depth);
+void make_samr_q_query_useraliases(SAMR_Q_QUERY_USERALIASES *q_u,
+				POLICY_HND *hnd,
+				DOM_SID *sid);
 void samr_io_q_query_useraliases(char *desc,  SAMR_Q_QUERY_USERALIASES *q_u, prs_struct *ps, int depth);
 void make_samr_r_query_useraliases(SAMR_R_QUERY_USERALIASES *r_u,
 		uint32 num_rids, uint32 *rid, uint32 status);
@@ -2211,20 +2261,13 @@ uint32 lookup_wk_alias_sid(DOM_SID *sid, char *alias_name, uint8 *type);
 uint32 lookup_alias_sid(DOM_SID *sid, char *alias_name, uint8 *type);
 uint32 lookup_wk_user_sid(DOM_SID *sid, char *user_name, uint8 *type);
 uint32 lookup_user_sid(DOM_SID *sid, char *user_name, uint8 *type);
-uint32 lookup_group_name(char *grp_name, DOM_SID *sid, uint8 *type);
-uint32 lookup_wk_group_name(char *group_name, DOM_SID *sid, uint8 *type);
-uint32 lookup_alias_name(char *als_name, DOM_SID *sid, uint8 *type);
-uint32 lookup_wk_alias_name(char *alias_name, DOM_SID *sid, uint8 *type);
-uint32 lookup_added_user_rids(char *user_name,
+uint32 lookup_added_group_name(const char *grp_name, const char *domain,
+				DOM_SID *sid, uint8 *type);
+uint32 lookup_added_alias_name(const char *als_name, const char *domain,
+				DOM_SID *sid, uint8 *type);
+uint32 lookup_added_user_rids(char *nt_name,
 		uint32 *usr_rid, uint32 *grp_rid);
-uint32 lookup_added_user_name(char *user_name, DOM_SID *sid, uint8 *type);
-uint32 lookup_wk_user_name(char *user_name, DOM_SID *sid, uint8 *type);
-uint32 lookup_added_grp_name(char *name, DOM_SID *sid, uint8 *type);
-uint32 lookup_builtin_grp_name(char *name, DOM_SID *sid, uint8 *type);
-uint32 lookup_grp_name(char *name, DOM_SID *sid, uint8 *type);
-uint32 lookup_user_name(char *name, DOM_SID *sid, uint8 *type);
 uint32 lookup_name(char *name, DOM_SID *sid, uint8 *type);
-uint32 lookup_user_rids(char *name, uint32 *usr_rid, uint32 *grp_rid);
 
 /*The following definitions come from  rpc_server/srv_lsa.c  */
 
@@ -2278,16 +2321,6 @@ BOOL api_reg_rpc(pipes_struct *p, prs_struct *data);
 
 BOOL api_samr_rpc(pipes_struct *p, prs_struct *data);
 
-/*The following definitions come from  rpc_server/srv_sid.c  */
-
-void get_sam_domain_name(void);
-BOOL get_member_domain_sid(void);
-void generate_wellknown_sids(void);
-BOOL generate_sam_sid(void);
-BOOL map_domain_name_to_sid(DOM_SID *sid, char **nt_domain);
-BOOL map_domain_sid_to_name(DOM_SID *sid, char *nt_domain);
-BOOL split_domain_name(char *fullname, char *domain, char *name);
-
 /*The following definitions come from  rpc_server/srv_srvsvc.c  */
 
 BOOL api_srvsvc_rpc(pipes_struct *p, prs_struct *data);
@@ -2384,6 +2417,9 @@ void display_share2(FILE *out_hnd, enum action_type action,
 				char *path, char *passwd);
 void display_name(FILE *out_hnd, enum action_type action,
 				char *sname);
+void display_alias_rid_info(FILE *out_hnd, enum action_type action,
+				DOM_SID *sid,
+				uint32 num_rids, uint32 *rid);
 void display_group_rid_info(FILE *out_hnd, enum action_type action,
 				uint32 num_gids, DOM_GID *gid);
 void display_alias_name_info(FILE *out_hnd, enum action_type action,
@@ -2530,17 +2566,6 @@ void file_chain_reset(void);
 void file_chain_save(void);
 void file_chain_restore(void);
 
-/*The following definitions come from  smbd/groupname.c  */
-
-BOOL map_group_sid(DOM_SID *psid, gid_t *gid, char *group_name, char *nt_domain);
-BOOL map_alias_sid(DOM_SID *psid, gid_t *gid, char *alias_name, char *nt_domain);
-BOOL map_unix_group_name(char *group_name, DOM_SID *psid, char *ntgroup_name, char *nt_domain);
-BOOL map_unix_alias_name(char *alias_name, DOM_SID *psid, char *ntalias_name, char *nt_domain);
-BOOL map_nt_group_name(char *ntgroup_name, char *nt_domain, DOM_SID *psid, char *group_name, gid_t *gid);
-BOOL map_nt_alias_name(char *ntalias_name, char *nt_domain, DOM_SID *psid, char *alias_name, gid_t *gid);
-BOOL map_alias_gid(gid_t gid, DOM_SID *psid, char *nt_als_name, char *nt_domain);
-BOOL map_group_gid( gid_t gid, DOM_SID *psid, char *nt_grp_name, char *nt_domain);
-
 /*The following definitions come from  smbd/ipc.c  */
 
 int reply_trans(connection_struct *conn, char *inbuf,char *outbuf, int size, int bufsize);
diff --git a/source3/include/rpc_misc.h b/source3/include/rpc_misc.h
index 786aad32d2..e41c61f882 100644
--- a/source3/include/rpc_misc.h
+++ b/source3/include/rpc_misc.h
@@ -43,12 +43,10 @@
 #define BUILTIN_ALIAS_RID_USERS         (0x00000221L)
 #define BUILTIN_ALIAS_RID_GUESTS        (0x00000222L)
 #define BUILTIN_ALIAS_RID_POWER_USERS   (0x00000223L)
-
 #define BUILTIN_ALIAS_RID_ACCOUNT_OPS   (0x00000224L)
 #define BUILTIN_ALIAS_RID_SYSTEM_OPS    (0x00000225L)
 #define BUILTIN_ALIAS_RID_PRINT_OPS     (0x00000226L)
 #define BUILTIN_ALIAS_RID_BACKUP_OPS    (0x00000227L)
-
 #define BUILTIN_ALIAS_RID_REPLICATOR    (0x00000228L)
 
 /*
@@ -61,9 +59,9 @@
 #define RID_MULTIPLIER 4
 
 /* The three common types. */
-#define RID_TYPE_USER 0
-#define RID_TYPE_GROUP 1
-#define RID_TYPE_ALIAS 2
+#define RID_TYPE_USER    0
+#define RID_TYPE_GROUP   1
+#define RID_TYPE_ALIAS   2
 
 /* ENUM_HND */
 typedef struct enum_hnd_info
@@ -213,6 +211,17 @@ typedef struct domrid4_info
 
 } DOM_RID4;
 
+/* DOM_RID5 - rid, type & attributes */
+typedef struct domrid5_info
+{
+	uint32 ptr_unk;   /* pointer to unk */
+	uint32 unk;      /* value is 0x1 */
+	uint32 rid;  /* RID */
+	uint8  type; /* SID_NAME_USE_ENUM */
+	uint16 attr;
+
+} DOM_RID5;
+
 /* DOM_CLNT_SRV - client / server names */
 typedef struct clnt_srv_info
 {
diff --git a/source3/include/rpc_samr.h b/source3/include/rpc_samr.h
index d373cff8c7..83be3b83f0 100644
--- a/source3/include/rpc_samr.h
+++ b/source3/include/rpc_samr.h
@@ -32,16 +32,16 @@
  the following information comes from a QuickView on samsrv.dll,
  and gives an idea of exactly what is needed:
  
-SamrAddMemberToAlias
-SamrAddMemberToGroup
+x SamrAddMemberToAlias
+x SamrAddMemberToGroup
 SamrAddMultipleMembersToAlias
-SamrChangePasswordUser
+x SamrChangePasswordUser
 x SamrCloseHandle
 x SamrConnect
-SamrCreateAliasInDomain
-SamrCreateGroupInDomain
+x SamrCreateAliasInDomain
+x SamrCreateGroupInDomain
 SamrCreateUserInDomain
-SamrDeleteAlias
+? SamrDeleteAlias
 SamrDeleteGroup
 SamrDeleteUser
 x SamrEnumerateAliasesInDomain
@@ -54,7 +54,7 @@ SamrLookupDomainInSamServer
 x SamrLookupNamesInDomain
 x SamrOpenAlias
 x SamrOpenDomain
-SamrOpenGroup
+x SamrOpenGroup
 x SamrOpenUser
 x SamrQueryDisplayInformation
 x SamrQueryInformationAlias
@@ -65,9 +65,9 @@ SamrRemoveMemberFromAlias
 SamrRemoveMemberFromForiegnDomain
 SamrRemoveMemberFromGroup
 SamrRemoveMultipleMembersFromAlias
-SamrSetInformationAlias
+x SamrSetInformationAlias
 SamrSetInformationDomain
-SamrSetInformationGroup
+x SamrSetInformationGroup
 SamrSetInformationUser
 SamrSetMemberAttributesOfGroup
 SamrSetSecurityObject
@@ -77,30 +77,53 @@ SamrTestPrivateFunctionsUser
 
 ********************************************************************/
 
+#define SAMR_CONNECT_ANON      0x00
 #define SAMR_CLOSE_HND         0x01
+
+#define SAMR_UNKNOWN_3         0x03
 #define SAMR_OPEN_DOMAIN       0x07
+
 #define SAMR_QUERY_DOMAIN_INFO 0x08
-#define SAMR_QUERY_USERALIASES        0x10
+
+#define SAMR_CREATE_DOM_GROUP  0x0a
+#define SAMR_ENUM_DOM_USERS    0x0d
+#define SAMR_CREATE_DOM_ALIAS  0x0e
+#define SAMR_ENUM_DOM_ALIASES  0x0f
+#define SAMR_QUERY_USERALIASES 0x10
+
 #define SAMR_LOOKUP_NAMES      0x11
-#define SAMR_UNKNOWN_3         0x03
-#define SAMR_QUERY_DISPINFO    0x28
+#define SAMR_UNKNOWN_12        0x12
+
+#define SAMR_OPEN_GROUP        0x13
+#define SAMR_QUERY_GROUPINFO   0x14
+#define SAMR_SET_GROUPINFO     0x15
+#define SAMR_ADD_GROUPMEM      0x16
+#define SAMR_QUERY_GROUPMEM    0x19
+
+#define SAMR_OPEN_ALIAS        0x1b
+#define SAMR_QUERY_ALIASINFO   0x1c
+#define SAMR_SET_ALIASINFO     0x1d
+#define SAMR_DELETE_DOM_ALIAS  0x1e
+#define SAMR_UNK_ALIAS         0x1f
+#define SAMR_ADD_ALIASMEM      0x20
+#define SAMR_QUERY_ALIASMEM    0x21
+
+#define SAMR_UNKNOWN_21        0x21
 #define SAMR_OPEN_USER         0x22
+
 #define SAMR_QUERY_USERINFO    0x24
 #define SAMR_QUERY_USERGROUPS  0x27
-#define SAMR_UNKNOWN_12        0x12
-#define SAMR_UNKNOWN_21        0x21
+#define SAMR_QUERY_DISPINFO    0x28
+
 #define SAMR_UNKNOWN_2C        0x2c
+#define SAMR_ENUM_DOM_GROUPS   0x30
 #define SAMR_UNKNOWN_32        0x32
 #define SAMR_UNKNOWN_34        0x34
+
 #define SAMR_CHGPASSWD_USER    0x37
 #define SAMR_UNKNOWN_38        0x38
+
 #define SAMR_CONNECT           0x39
-#define SAMR_CONNECT_ANON      0x00
-#define SAMR_OPEN_ALIAS        0x1b
-#define SAMR_QUERY_ALIASINFO   0x1c
-#define SAMR_ENUM_DOM_USERS    0x0d
-#define SAMR_ENUM_DOM_ALIASES  0x0f
-#define SAMR_ENUM_DOM_GROUPS   0x30
 
 
 typedef struct logon_hours_info
@@ -228,7 +251,7 @@ typedef struct q_samr_close_hnd_info
 /* SAMR_R_CLOSE_HND - probably a policy handle close */
 typedef struct r_samr_close_hnd_info
 {
-    POLICY_HND pol;       /* policy handle */
+	POLICY_HND pol;       /* policy handle */
 	uint32 status;         /* return status */
 
 } SAMR_R_CLOSE_HND;
@@ -673,9 +696,143 @@ typedef struct r_samr_query_dispinfo_info
 } SAMR_R_QUERY_DISPINFO;
 
 
+#define SAMR_CREATE_DOM_GROUP  0x0a
+
+/* SAMR_Q_CREATE_DOM_GROUP - SAM create group */
+typedef struct q_samr_create_dom_group_info
+{
+	POLICY_HND pol;        /* policy handle */
+
+	UNIHDR hdr_acct_desc;
+	UNISTR2 uni_acct_desc;
+
+	uint16 unknown_1;    /* 0x0002 */
+	uint16 unknown_2;    /* 0x0001 */
+
+} SAMR_Q_CREATE_DOM_GROUP;
+
+/* SAMR_R_CREATE_DOM_GROUP - SAM create group */
+typedef struct r_samr_create_dom_group_info
+{
+	POLICY_HND pol;        /* policy handle */
+
+	uint32 rid;    
+	uint32 status;    
+
+} SAMR_R_CREATE_DOM_GROUP;
+
+/* SAMR_Q_QUERY_GROUPINFO - SAM Group Info */
+typedef struct q_samr_query_group_info
+{
+	POLICY_HND pol;        /* policy handle */
+
+	uint16 switch_level;    /* 0x0001 seen */
+
+} SAMR_Q_QUERY_GROUPINFO;
+
+typedef struct samr_group_info1
+{
+	UNIHDR hdr_acct_name;
+	UNIHDR hdr_acct_desc;
+
+	uint32 unknown_1; /* 0x0000 0003 - number of group members? */
+	uint32 unknown_2; /* 0x0000 0001 - number of group members? */
+
+	UNISTR2 uni_acct_name;
+	UNISTR2 uni_acct_desc;
+
+} GROUP_INFO1;
+
+typedef struct samr_group_info4
+{
+	UNIHDR hdr_acct_desc;
+	UNISTR2 uni_acct_desc;
+
+} GROUP_INFO4;
+
+/* SAMR_R_QUERY_GROUPINFO - SAM Group Info */
+typedef struct r_samr_query_groupinfo_info
+{
+	uint32 ptr;        
+	uint16 switch_value;     /* 0x0001 seen */
+	/* uint8[2] padding */
+
+	union
+ 	{
+		GROUP_INFO1 info1;
+
+	} group;
+
+	uint32 status;
+
+} SAMR_R_QUERY_GROUPINFO;
+
+
+/* SAMR_Q_SET_GROUPINFO - SAM Group Info */
+typedef struct q_samr_set_group_info
+{
+	POLICY_HND pol;        /* policy handle */
+	uint16 switch_value1;     /* 0x0004 seen */
+	uint16 switch_value2;     /* 0x0004 seen */
+
+	union
+ 	{
+		GROUP_INFO4 info4;
+
+	} group;
+
+} SAMR_Q_SET_GROUPINFO;
+
+/* SAMR_R_SET_GROUPINFO - SAM Group Info */
+typedef struct r_samr_set_group_info
+{
+	uint32 status;
+
+} SAMR_R_SET_GROUPINFO;
+
+
+/* SAMR_Q_DELETE_DOM_ALIAS - delete domain alias */
+typedef struct q_samr_delete_dom_alias_info
+{
+    POLICY_HND pol;          /* policy handle */
+
+} SAMR_Q_DELETE_DOM_ALIAS;
+
+
+/* SAMR_R_DELETE_DOM_ALIAS - delete domain alias */
+typedef struct r_samr_delete_dom_alias_info
+{
+	POLICY_HND pol;       /* policy handle */
+	uint32 status;        /* return status */
+
+} SAMR_R_DELETE_DOM_ALIAS;
+
+
+/* SAMR_Q_CREATE_DOM_ALIAS - SAM create alias */
+typedef struct q_samr_create_dom_alias_info
+{
+	POLICY_HND pol;        /* policy handle */
+
+	UNIHDR hdr_acct_desc;
+	UNISTR2 uni_acct_desc;
+
+	uint16 unknown_1;    /* 0x001f */
+	uint16 unknown_2;    /* 0x000f */
+
+} SAMR_Q_CREATE_DOM_ALIAS;
+
+/* SAMR_R_CREATE_DOM_ALIAS - SAM create alias */
+typedef struct r_samr_create_dom_alias_info
+{
+	POLICY_HND pol;        /* policy handle */
+
+	uint32 rid;    
+	uint32 status;    
+
+} SAMR_R_CREATE_DOM_ALIAS;
 
 /* SAMR_Q_QUERY_ALIASINFO - SAM Alias Info */
-typedef struct q_samr_enum_alias_info
+typedef struct q_samr_query_alias_info
 {
 	POLICY_HND pol;        /* policy handle */
 
@@ -690,7 +847,7 @@ typedef struct samr_alias_info3
 
 } ALIAS_INFO3;
 
-/* SAMR_R_QUERY_ALIASINFO - SAM rids, names and descriptions */
+/* SAMR_R_QUERY_ALIASINFO - SAM alias info */
 typedef struct r_samr_query_aliasinfo_info
 {
 	uint32 ptr;        
@@ -708,6 +865,30 @@ typedef struct r_samr_query_aliasinfo_info
 } SAMR_R_QUERY_ALIASINFO;
 
 
+/* SAMR_Q_SET_ALIASINFO - SAM Alias Info */
+typedef struct q_samr_set_alias_info
+{
+	POLICY_HND pol;        /* policy handle */
+
+	uint16 switch_value1;     /* 0x0003 */
+	uint16 switch_value2;     /* 0x0003 */
+
+	union
+ 	{
+		ALIAS_INFO3 info3;
+
+	} alias;
+
+} SAMR_Q_SET_ALIASINFO;
+
+/* SAMR_R_SET_ALIASINFO - SAM alias info */
+typedef struct r_samr_set_aliasinfo_info
+{
+	uint32 status;
+
+} SAMR_R_SET_ALIASINFO;
+
+
 /* SAMR_Q_QUERY_USERGROUPS - */
 typedef struct q_samr_query_usergroup_info
 {
@@ -788,7 +969,7 @@ typedef struct r_samr_query_useraliases_info
 	uint32 ptr; /* undocumented buffer pointer */
 
 	uint32 num_entries2; 
-	uint32 rid[MAX_LOOKUP_SIDS]; /* domain RIDs being looked up */
+	uint32 *rid; /* domain RIDs being looked up */
 
 	uint32 status; /* return code */
 
@@ -911,17 +1092,6 @@ typedef struct q_samr_unknown_13_info
 } SAMR_Q_UNKNOWN_13;
 
 
-/* SAMR_Q_UNKNOWN_21 - probably an open group in domain */
-typedef struct q_samr_unknown_21_info
-{
-    POLICY_HND group_pol;        /* policy handle */
-
-	uint16 unknown_1;            /* 16 bit unknown - 0x0477 */
-	uint16 unknown_2;            /* 16 bit unknown - 0x0000 */
-
-} SAMR_Q_UNKNOWN_21;
-
-
 /* SAMR_Q_UNKNOWN_32 - probably a "create SAM entry" */
 typedef struct q_samr_unknown_32_info
 {
@@ -950,6 +1120,91 @@ typedef struct r_samr_unknown_32_info
 } SAMR_R_UNKNOWN_32;
 
 
+/* SAMR_Q_ADD_GROUPMEM - probably an add group member */
+typedef struct q_samr_add_group_mem_info
+{
+	POLICY_HND pol;       /* policy handle */
+
+	uint32 rid;         /* rid */
+	uint32 unknown;     /* 0x0000 0005 */
+
+} SAMR_Q_ADD_GROUPMEM;
+
+
+/* SAMR_R_ADD_GROUPMEM - probably an add group member */
+typedef struct r_samr_add_group_mem_info
+{
+	uint32 status;         /* return status */
+
+} SAMR_R_ADD_GROUPMEM;
+
+
+/* SAMR_Q_OPEN_GROUP - probably an open */
+typedef struct q_samr_open_group_info
+{
+	uint32 unknown_0;         /* 0x0000 0001, 0x0000 0003, 0x0000 001f */
+	uint32 rid_group;        /* rid */
+
+} SAMR_Q_OPEN_GROUP;
+
+
+/* SAMR_R_OPEN_GROUP - probably an open */
+typedef struct r_samr_open_group_info
+{
+	POLICY_HND pol;       /* policy handle */
+	uint32 status;         /* return status */
+
+} SAMR_R_OPEN_GROUP;
+
+
+/* SAMR_Q_UNKNOWN_21 - probably an open group in domain */
+typedef struct q_samr_unknown_21_info
+{
+    POLICY_HND group_pol;        /* policy handle */
+
+	uint16 unknown_1;            /* 16 bit unknown - 0x0477 */
+	uint16 unknown_2;            /* 16 bit unknown - 0x0000 */
+
+} SAMR_Q_UNKNOWN_21;
+
+
+/* SAMR_Q_UNK_ALIASMEM - don't know! */
+typedef struct q_samr_unk_alias_mem_info
+{
+	POLICY_HND pol;       /* policy handle */
+
+	DOM_SID sid; /* member sid to be "something"ed to do with the alias */
+
+} SAMR_Q_UNK_ALIASMEM;
+
+
+/* SAMR_R_UNK_ALIASMEM - probably an open */
+typedef struct r_samr_unk_alias_mem_info
+{
+	uint32 status;         /* return status */
+
+} SAMR_R_UNK_ALIASMEM;
+
+
+/* SAMR_Q_ADD_ALIASMEM - probably an add member */
+typedef struct q_samr_add_alias_mem_info
+{
+	POLICY_HND pol;       /* policy handle */
+
+	DOM_SID sid; /* member sid to be added to alias */
+
+} SAMR_Q_ADD_ALIASMEM;
+
+
+/* SAMR_R_ADD_ALIASMEM - probably an open */
+typedef struct r_samr_add_alias_mem_info
+{
+	uint32 status;         /* return status */
+
+} SAMR_R_ADD_ALIASMEM;
+
+
+
 /* SAMR_Q_OPEN_ALIAS - probably an open */
 typedef struct q_samr_open_alias_info
 {
diff --git a/source3/include/smb.h b/source3/include/smb.h
index 50d8c080a3..3d8dd14a1b 100644
--- a/source3/include/smb.h
+++ b/source3/include/smb.h
@@ -357,14 +357,15 @@ typedef struct nttime_info
 
 struct sam_passwd
 {
-	time_t logon_time;            /* logon time */
-	time_t logoff_time;           /* logoff time */
-	time_t kickoff_time;          /* kickoff time */
-	time_t pass_last_set_time;    /* password last set time */
-	time_t pass_can_change_time;  /* password can change time */
-	time_t pass_must_change_time; /* password must change time */
-
-	char *smb_name;     /* username string */
+	NTTIME logon_time;            /* logon time */
+	NTTIME logoff_time;           /* logoff time */
+	NTTIME kickoff_time;          /* kickoff time */
+	NTTIME pass_last_set_time;    /* password last set time */
+	NTTIME pass_can_change_time;  /* password can change time */
+	NTTIME pass_must_change_time; /* password must change time */
+
+	char *unix_name;    /* unix username string */
+	char *nt_name;      /* nt username string */
 	char *full_name;    /* user's full name string */
 	char *home_dir;     /* home directory string */
 	char *dir_drive;    /* home directory drive string */
@@ -375,8 +376,8 @@ struct sam_passwd
 	char *unknown_str ; /* don't know what this is, yet. */
 	char *munged_dial ; /* munged path name and dial-back tel number */
 
-	uid_t smb_userid;       /* this is actually the unix uid_t */
-	gid_t smb_grpid;        /* this is actually the unix gid_t */
+	uid_t unix_uid;       /* this is actually the unix uid_t */
+	gid_t unix_gid;        /* this is actually the unix gid_t */
 	uint32 user_rid;      /* Primary User ID */
 	uint32 group_rid;     /* Primary Group ID */
 
@@ -396,8 +397,11 @@ struct sam_passwd
 
 struct smb_passwd
 {
-	uid_t smb_userid;     /* this is actually the unix uid_t */
-	char *smb_name;     /* username string */
+	uid_t unix_uid;     /* unix userid */
+	char *unix_name;     /* unix username string */
+
+	uint32 user_rid;     /* Primary User ID */
+	char *nt_name;     /* unix username string */
 
 	unsigned char *smb_passwd; /* Null if no password */
 	unsigned char *smb_nt_passwd; /* Null if no password */
@@ -410,8 +414,8 @@ struct smb_passwd
 struct sam_disp_info
 {
 	uint32 user_rid;      /* Primary User ID */
-	char *smb_name;     /* username string */
-	char *full_name;    /* user's full name string */
+	char *nt_name;        /* username string */
+	char *full_name;      /* user's full name string */
 };
 
 #define MAXSUBAUTHS 15 /* max sub authorities in a SID */
@@ -431,6 +435,28 @@ typedef struct sid_info
 } DOM_SID;
 
 
+typedef struct group_name_info
+{
+	char *nt_name;
+	char *nt_domain;
+	char *unix_name;
+
+	DOM_SID sid;
+	uint8 type;
+	uint32 unix_id;
+
+} DOM_NAME_MAP;
+
+/* map either local aliases, domain groups or builtin aliases */
+typedef enum 
+{
+	DOM_MAP_LOCAL,
+	DOM_MAP_DOMAIN,
+	DOM_MAP_USER,
+
+} DOM_MAP_TYPE;
+
+
 /*** query a local group, get a list of these: shows who is in that group ***/
 
 /* local group member info */
@@ -744,40 +770,60 @@ struct shmem_ops {
  * to support the following operations.
  */
 
-struct passdb_ops {
-  /*
-   * Password database ops.
-   */
-  void *(*startsmbpwent)(BOOL);
-  void (*endsmbpwent)(void *);
-  SMB_BIG_UINT (*getsmbpwpos)(void *);
-  BOOL (*setsmbpwpos)(void *, SMB_BIG_UINT);
+struct smb_passdb_ops
+{
+	/*
+	 * Password database operations.
+	 */
+	void *(*startsmbpwent)(BOOL);
+	void (*endsmbpwent)(void *);
+	SMB_BIG_UINT (*getsmbpwpos)(void *);
+	BOOL (*setsmbpwpos)(void *, SMB_BIG_UINT);
 
-  /*
-   * smb password database query functions.
-   */
-  struct smb_passwd *(*getsmbpwnam)(const char *);
-  struct smb_passwd *(*getsmbpwuid)(uid_t);
-  struct smb_passwd *(*getsmbpwrid)(uint32);
-  struct smb_passwd *(*getsmbpwent)(void *);
+	/*
+	 * smb password database query functions.
+	 */
+	struct smb_passwd *(*getsmbpwnam)(const char *);
+	struct smb_passwd *(*getsmbpwuid)(uid_t);
+	struct smb_passwd *(*getsmbpwent)(void *);
 
+	/*
+	 * smb password database modification functions.
+	 */
+	BOOL (*add_smbpwd_entry)(struct smb_passwd *);
+	BOOL (*mod_smbpwd_entry)(struct smb_passwd *, BOOL);
+
+#if 0
   /*
-   * smb password database modification functions.
+   * password checking functions
    */
-  BOOL (*add_smbpwd_entry)(struct smb_passwd *);
-  BOOL (*mod_smbpwd_entry)(struct smb_passwd *, BOOL);
+  struct smb_passwd *(*smb_password_chal  )(const char *username, const char lm_pass[24], const char nt_pass[24], char chal[8]);
+  struct smb_passwd *(*smb_password_check )(const char *username, const char lm_hash[16], const char nt_hash[16]);
+  struct passwd     *(*unix_password_check)(const char *username, const char *pass, int pass_len);
+#endif
+};
+
+/*
+ * Each implementation of the password database code needs
+ * to support the following operations.
+ */
 
+struct sam_passdb_ops {
   /*
-   * Functions that manupulate a struct sam_passwd.
+   * Password database operations.
    */
-  struct sam_passwd *(*getsam21pwent)(void *);
+  void *(*startsam21pwent)(BOOL);
+  void (*endsam21pwent)(void *);
+  SMB_BIG_UINT (*getsam21pwpos)(void *);
+  BOOL (*setsam21pwpos)(void *, SMB_BIG_UINT);
 
   /*
    * sam password database query functions.
    */
-  struct sam_passwd *(*getsam21pwnam)(const char *);
+  struct sam_passwd *(*getsam21pwntnam)(const char *);
   struct sam_passwd *(*getsam21pwuid)(uid_t);
   struct sam_passwd *(*getsam21pwrid)(uint32);
+  struct sam_passwd *(*getsam21pwent)(void *);
 
   /*
    * sam password database modification functions.
@@ -788,18 +834,10 @@ struct passdb_ops {
   /*
    * sam query display info functions.
    */
-  struct sam_disp_info *(*getsamdispnam)(const char *);
+  struct sam_disp_info *(*getsamdispntnam)(const char *);
   struct sam_disp_info *(*getsamdisprid)(uint32);
   struct sam_disp_info *(*getsamdispent)(void *);
 
-#if 0
-  /*
-   * password checking functions
-   */
-  struct smb_passwd *(*smb_password_chal  )(const char *username, const char lm_pass[24], const char nt_pass[24], char chal[8]);
-  struct smb_passwd *(*smb_password_check )(const char *username, const char lm_hash[16], const char nt_hash[16]);
-  struct passwd     *(*unix_password_check)(const char *username, const char *pass, int pass_len);
-#endif
 };
 
 /*
@@ -807,23 +845,23 @@ struct passdb_ops {
  * to support the following operations.
  */
 
-struct passgrp_ops {
-  /*
-   * Password database ops.
-   */
-  void *(*startsmbgrpent)(BOOL);
-  void (*endsmbgrpent)(void *);
-  SMB_BIG_UINT (*getsmbgrppos)(void *);
-  BOOL (*setsmbgrppos)(void *, SMB_BIG_UINT);
-
-  /*
-   * smb passgrp database query functions.
-   */
-  struct smb_passwd *(*getsmbgrpnam)(char *, uint32**, int*, uint32**, int*);
-  struct smb_passwd *(*getsmbgrpuid)(uid_t , uint32**, int*, uint32**, int*);
-  struct smb_passwd *(*getsmbgrprid)(uint32, uint32**, int*, uint32**, int*);
-  struct smb_passwd *(*getsmbgrpent)(void *, uint32**, int*, uint32**, int*);
+struct passgrp_ops
+{
+	/*
+	 * Password group database ops.
+	 */
+	void *(*startsmbgrpent)(BOOL);
+	void (*endsmbgrpent)(void *);
+	SMB_BIG_UINT (*getsmbgrppos)(void *);
+	BOOL (*setsmbgrppos)(void *, SMB_BIG_UINT);
 
+	/*
+	 * smb passgrp database query functions, by user attributes.
+	 */
+	struct smb_passwd *(*getsmbgrpntnam)(const char *, uint32**, int*, uint32**, int*);
+	struct smb_passwd *(*getsmbgrpuid)(uid_t , uint32**, int*, uint32**, int*);
+	struct smb_passwd *(*getsmbgrprid)(uint32, uint32**, int*, uint32**, int*);
+	struct smb_passwd *(*getsmbgrpent)(void *, uint32**, int*, uint32**, int*);
 };
 
 /*
@@ -846,10 +884,9 @@ struct groupdb_ops
 	BOOL (*setgrouppos)(void *, SMB_BIG_UINT);
 
 	/*
-	 * group database query functions. set the BOOL to Tru
-	 * if you want the members in the group as well.
+	 * group database query functions. 
 	 */
-	DOMAIN_GRP *(*getgroupnam)(char *, DOMAIN_GRP_MEMBER **, int *);
+	DOMAIN_GRP *(*getgroupntnam)(const char *, DOMAIN_GRP_MEMBER **, int *);
 	DOMAIN_GRP *(*getgroupgid)(gid_t , DOMAIN_GRP_MEMBER **, int *);
 	DOMAIN_GRP *(*getgrouprid)(uint32, DOMAIN_GRP_MEMBER **, int *);
 	DOMAIN_GRP *(*getgroupent)(void *, DOMAIN_GRP_MEMBER **, int *);
@@ -863,7 +900,7 @@ struct groupdb_ops
 	/*
 	 * user group functions
 	 */
-	BOOL (*getusergroupsnam)(char *, DOMAIN_GRP **, int *);
+	BOOL (*getusergroupsntnam)(const char *, DOMAIN_GRP **, int *);
 };
 
 /*
@@ -886,10 +923,9 @@ struct aliasdb_ops
 	BOOL (*setaliaspos)(void *, SMB_BIG_UINT);
 
 	/*
-	 * alias database query functions. set the BOOL to Tru
-	 * if you want the members in the alias as well.
+	 * alias database query functions. 
 	 */
-	LOCAL_GRP *(*getaliasnam)(char *, LOCAL_GRP_MEMBER **, int *);
+	LOCAL_GRP *(*getaliasntnam)(const char *, LOCAL_GRP_MEMBER **, int *);
 	LOCAL_GRP *(*getaliasgid)(gid_t , LOCAL_GRP_MEMBER **, int *);
 	LOCAL_GRP *(*getaliasrid)(uint32, LOCAL_GRP_MEMBER **, int *);
 	LOCAL_GRP *(*getaliasent)(void *, LOCAL_GRP_MEMBER **, int *);
@@ -903,7 +939,7 @@ struct aliasdb_ops
 	/*
 	 * user alias functions
 	 */
-	BOOL (*getuseraliasnam)(char *, LOCAL_GRP **, int *);
+	BOOL (*getuseraliasntnam)(const char *, LOCAL_GRP **, int *);
 };
 
 /* this is used for smbstatus */