diff options
| author | Gerald Carter <jerry@samba.org> | 2003-07-31 05:43:47 +0000 |
|---|---|---|
| committer | Gerald Carter <jerry@samba.org> | 2003-07-31 05:43:47 +0000 |
| commit | 0d087e3ba28a9061529c95799624ccc4686eb1e9 (patch) | |
| tree | 6284d9b57fc77694b6967fc76ce90eadadb5a40b /source3/libads | |
| parent | 48c01deb300b51c97865ec0d738c64c7722da0d7 (diff) | |
| download | samba-0d087e3ba28a9061529c95799624ccc4686eb1e9.tar.gz samba-0d087e3ba28a9061529c95799624ccc4686eb1e9.tar.bz2 samba-0d087e3ba28a9061529c95799624ccc4686eb1e9.zip | |
working on transtive trusts issue:
* use DsEnumerateDomainTrusts() instead of LDAP search.
wbinfo -m now lists all trusted downlevel domains and
all domains in the forest.
Thnigs to do:
o Look at Krb5 connection trusted domains
o make sure to initial the trusted domain cache as soon
as possible
(This used to be commit 0ab00ccaedf204b39c86a9e1c2fcac5f15d0e033)
Diffstat (limited to 'source3/libads')
| -rw-r--r-- | source3/libads/ldap.c | 71 |
1 files changed, 0 insertions, 71 deletions
diff --git a/source3/libads/ldap.c b/source3/libads/ldap.c index 62520d5001..dd93502056 100644 --- a/source3/libads/ldap.c +++ b/source3/libads/ldap.c @@ -1888,77 +1888,6 @@ ADS_STATUS ads_server_info(ADS_STRUCT *ads) return ADS_SUCCESS; } - -/** - * find the list of trusted domains - * @param ads connection to ads server - * @param mem_ctx TALLOC_CTX for allocating results - * @param num_trusts pointer to number of trusts - * @param names pointer to trusted domain name list - * @param sids pointer to list of sids of trusted domains - * @return the count of SIDs pulled - **/ -ADS_STATUS ads_trusted_domains(ADS_STRUCT *ads, TALLOC_CTX *mem_ctx, - int *num_trusts, - char ***names, - char ***alt_names, - DOM_SID **sids) -{ - const char *attrs[] = {"name", "flatname", "securityIdentifier", - "trustDirection", NULL}; - ADS_STATUS status; - void *res, *msg; - int count, i; - - *num_trusts = 0; - - status = ads_search(ads, &res, "(objectcategory=trustedDomain)", attrs); - if (!ADS_ERR_OK(status)) return status; - - count = ads_count_replies(ads, res); - if (count == 0) { - ads_msgfree(ads, res); - return ADS_ERROR(LDAP_NO_RESULTS_RETURNED); - } - - (*names) = talloc(mem_ctx, sizeof(char *) * count); - (*alt_names) = talloc(mem_ctx, sizeof(char *) * count); - (*sids) = talloc(mem_ctx, sizeof(DOM_SID) * count); - if (! *names || ! *sids) return ADS_ERROR(LDAP_NO_MEMORY); - - for (i=0, msg = ads_first_entry(ads, res); msg; msg = ads_next_entry(ads, msg)) { - uint32 direction; - - /* direction is a 2 bit bitfield, 1 means they trust us - but we don't trust them, so we should not list them - as users from that domain can't login */ - if (ads_pull_uint32(ads, msg, "trustDirection", &direction) && - direction == 1) { - continue; - } - - (*names)[i] = ads_pull_string(ads, mem_ctx, msg, "name"); - (*alt_names)[i] = ads_pull_string(ads, mem_ctx, msg, "flatname"); - - if ((*alt_names)[i] && (*alt_names)[i][0]) { - /* we prefer the flatname as the primary name - for consistency with RPC */ - char *name = (*alt_names)[i]; - (*alt_names)[i] = (*names)[i]; - (*names)[i] = name; - } - if (ads_pull_sid(ads, msg, "securityIdentifier", &(*sids)[i])) { - i++; - } - } - - ads_msgfree(ads, res); - - *num_trusts = i; - - return ADS_SUCCESS; -} - /** * find the domain sid for our domain * @param ads connection to ads server |