diff options
| author | Andrew Bartlett <abartlet@samba.org> | 2003-04-28 10:20:55 +0000 |
|---|---|---|
| committer | Andrew Bartlett <abartlet@samba.org> | 2003-04-28 10:20:55 +0000 |
| commit | 49530d0db5a509951c66b73aaf2aa101caf6117b (patch) | |
| tree | d5994c69acc6e3d4210d237f10bd3628bf3888fd /source3/param | |
| parent | 4121d1611da65e13e0285a8714f21d6d6be2d4d7 (diff) | |
| download | samba-49530d0db5a509951c66b73aaf2aa101caf6117b.tar.gz samba-49530d0db5a509951c66b73aaf2aa101caf6117b.tar.bz2 samba-49530d0db5a509951c66b73aaf2aa101caf6117b.zip | |
A new pdb_ldap!
This patch removes 'non unix account range' (same as idra's change in HEAD),
and uses the winbind uid range instead.
More importanly, this patch changes the LDAP schema to use 'ntSid' instead
of 'rid' as the primary attribute. This makes it in common with the group
mapping code, and should allow it to be used closely with a future idmap_ldap.
Existing installations can use the existing functionality by using the
ldapsam_compat backend, and users who compile with --with-ldapsam will get
this by default.
More importantly, this patch adds a 'sambaDomain' object to our schema -
which contains 2 'next rid' attributes, the domain name and the domain sid.
Yes, there are *2* next rid attributes. The problem is that we don't 'own'
the entire RID space - we can only allocate RIDs that could be 'algorithmic'
RIDs. Therefore, we use the fact that UIDs in 'winbind uid' range will be
mapped by IDMAP, not the algorithm.
Andrew Bartlett
(This used to be commit 3e07406ade81e136f67439d4f8fd7fe1dbb6db14)
Diffstat (limited to 'source3/param')
| -rw-r--r-- | source3/param/loadparm.c | 42 |
1 files changed, 2 insertions, 40 deletions
diff --git a/source3/param/loadparm.c b/source3/param/loadparm.c index c96e750a54..b0da868729 100644 --- a/source3/param/loadparm.c +++ b/source3/param/loadparm.c @@ -554,7 +554,6 @@ static BOOL handle_source_env(const char *pszParmValue, char **ptr); static BOOL handle_netbios_name(const char *pszParmValue, char **ptr); static BOOL handle_winbind_uid(const char *pszParmValue, char **ptr); static BOOL handle_winbind_gid(const char *pszParmValue, char **ptr); -static BOOL handle_non_unix_account_range(const char *pszParmValue, char **ptr); static BOOL handle_debug_list( const char *pszParmValue, char **ptr ); static BOOL handle_workgroup( const char *pszParmValue, char **ptr ); static BOOL handle_netbios_aliases( const char *pszParmValue, char **ptr ); @@ -763,7 +762,6 @@ static struct parm_struct parm_table[] = { {"smb passwd file", P_STRING, P_GLOBAL, &Globals.szSMBPasswdFile, NULL, NULL, FLAG_ADVANCED | FLAG_DEVELOPER}, {"private dir", P_STRING, P_GLOBAL, &Globals.szPrivateDir, NULL, NULL, FLAG_ADVANCED | FLAG_DEVELOPER}, {"passdb backend", P_LIST, P_GLOBAL, &Globals.szPassdbBackend, NULL, NULL, FLAG_ADVANCED | FLAG_WIZARD | FLAG_DEVELOPER}, - {"non unix account range", P_STRING, P_GLOBAL, &Globals.szNonUnixAccountRange, handle_non_unix_account_range, NULL, FLAG_ADVANCED | FLAG_DEVELOPER}, {"algorithmic rid base", P_INTEGER, P_GLOBAL, &Globals.bAlgorithmicRidBase, NULL, NULL, FLAG_ADVANCED | FLAG_DEVELOPER}, {"root directory", P_STRING, P_GLOBAL, &Globals.szRootdir, NULL, NULL, FLAG_ADVANCED | FLAG_DEVELOPER}, {"root dir", P_STRING, P_GLOBAL, &Globals.szRootdir, NULL, NULL, FLAG_ADVANCED | FLAG_DEVELOPER}, @@ -1420,7 +1418,7 @@ static void init_globals(void) #ifdef WITH_LDAP_SAMCONFIG string_set(&Globals.szLdapServer, "localhost"); Globals.ldap_port = 636; - Globals.szPassdbBackend = str_list_make("ldapsam guest", NULL); + Globals.szPassdbBackend = str_list_make("ldapsam_compat guest", NULL); #else Globals.szPassdbBackend = str_list_make("smbpasswd guest", NULL); #endif /* WITH_LDAP_SAMCONFIG */ @@ -2856,7 +2854,7 @@ static BOOL handle_copy(const char *pszParmValue, char **ptr) } /*************************************************************************** - Handle winbind/non unix account uid and gid allocation parameters. The format of these + Handle winbind uid and gid allocation parameters. The format of these parameters is: [global] @@ -2873,7 +2871,6 @@ static BOOL handle_copy(const char *pszParmValue, char **ptr) static uid_t winbind_uid_low, winbind_uid_high; static gid_t winbind_gid_low, winbind_gid_high; -static uint32 non_unix_account_low, non_unix_account_high; BOOL lp_winbind_uid(uid_t *low, uid_t *high) { @@ -2903,20 +2900,6 @@ BOOL lp_winbind_gid(gid_t *low, gid_t *high) return True; } -BOOL lp_non_unix_account_range(uint32 *low, uint32 *high) -{ - if (non_unix_account_low == 0 || non_unix_account_high == 0) - return False; - - if (low) - *low = non_unix_account_low; - - if (high) - *high = non_unix_account_high; - - return True; -} - /* Do some simple checks on "winbind [ug]id" parameter values */ static BOOL handle_winbind_uid(const char *pszParmValue, char **ptr) @@ -2954,27 +2937,6 @@ static BOOL handle_winbind_gid(const char *pszParmValue, char **ptr) } /*************************************************************************** - Do some simple checks on "non unix account range" parameter values. -***************************************************************************/ - -static BOOL handle_non_unix_account_range(const char *pszParmValue, char **ptr) -{ - uint32 low, high; - - if (sscanf(pszParmValue, "%u-%u", &low, &high) != 2 || high < low) - return False; - - /* Parse OK */ - - string_set(ptr, pszParmValue); - - non_unix_account_low = low; - non_unix_account_high = high; - - return True; -} - -/*************************************************************************** Handle the DEBUG level list. ***************************************************************************/ |