diff options
author | Gerald Carter <jerry@samba.org> | 2003-07-07 05:11:10 +0000 |
---|---|---|
committer | Gerald Carter <jerry@samba.org> | 2003-07-07 05:11:10 +0000 |
commit | 0b18acb841f6a372b3aa285d4734875e5e35fe3b (patch) | |
tree | add4afee2b70d87bfd96b7702d9d6a2476ac7e74 /source3/nsswitch/wb_client.c | |
parent | b5cd4a8643169b276a3af8a9272d212d76a54dd3 (diff) | |
download | samba-0b18acb841f6a372b3aa285d4734875e5e35fe3b.tar.gz samba-0b18acb841f6a372b3aa285d4734875e5e35fe3b.tar.bz2 samba-0b18acb841f6a372b3aa285d4734875e5e35fe3b.zip |
and so it begins....
* remove idmap_XX_to_XX calls from smbd. Move back to the
the winbind_XXX and local_XXX calls used in 2.2
* all uid/gid allocation must involve winbindd now
* move flags field around in winbindd_request struct
* add WBFLAG_QUERY_ONLY option to winbindd_sid_to_[ug]id()
to prevent automatic allocation for unknown SIDs
* add 'winbind trusted domains only' parameter to force a domain member
server to use matching users names from /etc/passwd for its domain
(needed for domain member of a Samba domain)
* rename 'idmap only' to 'enable rid algorithm' for better clarity
(defaults to "yes")
code has been tested on
* domain member of native mode 2k domain
* ads domain member of native mode 2k domain
* domain member of NT4 domain
* domain member of Samba domain
* Samba PDC running winbindd with trusts
Logons tested using 2k clients and smbclient as domain users
and trusted users. Tested both 'winbind trusted domains only = [yes|no]'
This will be a long week of changes. The next item on the list is
winbindd_passdb.c & machine trust accounts not in /etc/passwd (done
via winbindd_passdb)
(This used to be commit 8266dffab4aedba12a33289ff32880037ce950a8)
Diffstat (limited to 'source3/nsswitch/wb_client.c')
-rw-r--r-- | source3/nsswitch/wb_client.c | 70 |
1 files changed, 70 insertions, 0 deletions
diff --git a/source3/nsswitch/wb_client.c b/source3/nsswitch/wb_client.c index 196e44020c..67548592b2 100644 --- a/source3/nsswitch/wb_client.c +++ b/source3/nsswitch/wb_client.c @@ -168,6 +168,41 @@ BOOL winbind_uid_to_sid(DOM_SID *sid, uid_t uid) return (result == NSS_STATUS_SUCCESS); } +/* Call winbindd to convert SID to uid. Do not allocate */ + +BOOL winbind_sid_to_uid_query(uid_t *puid, const DOM_SID *sid) +{ + struct winbindd_request request; + struct winbindd_response response; + int result; + fstring sid_str; + + if (!puid) + return False; + + /* Initialise request */ + + ZERO_STRUCT(request); + ZERO_STRUCT(response); + + sid_to_string(sid_str, sid); + fstrcpy(request.data.sid, sid_str); + + request.flags = WBFLAG_QUERY_ONLY; + + /* Make request */ + + result = winbindd_request(WINBINDD_SID_TO_UID, &request, &response); + + /* Copy out result */ + + if (result == NSS_STATUS_SUCCESS) { + *puid = response.data.uid; + } + + return (result == NSS_STATUS_SUCCESS); +} + /* Call winbindd to convert SID to gid */ BOOL winbind_sid_to_gid(gid_t *pgid, const DOM_SID *sid) @@ -201,6 +236,41 @@ BOOL winbind_sid_to_gid(gid_t *pgid, const DOM_SID *sid) return (result == NSS_STATUS_SUCCESS); } +/* Call winbindd to convert SID to gid. Do not allocate */ + +BOOL winbind_sid_to_gid_query(gid_t *pgid, const DOM_SID *sid) +{ + struct winbindd_request request; + struct winbindd_response response; + int result; + fstring sid_str; + + if (!pgid) + return False; + + /* Initialise request */ + + ZERO_STRUCT(request); + ZERO_STRUCT(response); + + sid_to_string(sid_str, sid); + fstrcpy(request.data.sid, sid_str); + + request.flags = WBFLAG_QUERY_ONLY; + + /* Make request */ + + result = winbindd_request(WINBINDD_SID_TO_GID, &request, &response); + + /* Copy out result */ + + if (result == NSS_STATUS_SUCCESS) { + *pgid = response.data.gid; + } + + return (result == NSS_STATUS_SUCCESS); +} + /* Call winbindd to convert gid to sid */ BOOL winbind_gid_to_sid(DOM_SID *sid, gid_t gid) |