A few things in this commit:

cleanup some of the code in net_rpc_join re const warnings and
fstrings.

Passdb:

Make the %u and %U substituions in passdb work.
This is done by declaring these paramters to be 'const' and doing
the substitution manually.  I'm told this is us going full circle,
but I can't really see a better way.

Finally these things actually seem to work properly...

Make the lanman code use the pdb's recorded values for homedir etc
rather than the values from lp_*()

Add code to set the plaintext password in the passdb, where it can
decide how to store/set it.  For use with a future 'ldap password
change' option, or somthing like that...

Add pdb_unix, so as to remove the 'not in passdb' special cases from the
local_lookup_*() code.  Quite small, as it uses the new 'struct passwd ->
SAM_ACCOUNT' code that is now in just one place.  (also used by pdb_smbpasswd)

Other:
Fix up the adding of [homes] at session setup time to actually pass
the right string, that is the unix homedir, not the UNC path.

Fix up [homes] so that for winbind users is picks the correct name.
(bad interactions with the default domain code previously)

Change the rpc_server/srv_lsa_nt.c code to match NT when for the
SATUS_NONE_MAPPED reply:  This was only being triggered on
no queries, now it is on the 'no mappings' (ie all mappings failed).
Checked against Win2k.

Policy Question:  Should SID -> unix_user.234/unix_group.364 be
considered a mapping or not?  Currently it isn't.

Andrew Bartlett
(This used to be commit c28668068b5a3b3cf3c4317e5fb32ec9957f3e34)

1 files changed, 72 insertions, 4 deletions

diff --git a/source3/passdb/pdb_get_set.c b/source3/passdb/pdb_get_set.c
index cf77efd38f..372b332a45 100644
--- a/source3/passdb/pdb_get_set.c
+++ b/source3/passdb/pdb_get_set.c
@@ -138,6 +138,21 @@ const uint8* pdb_get_lanman_passwd (const SAM_ACCOUNT *sampass)
 		return (NULL);
 }
 
+/* Return the plaintext password if known.  Most of the time
+   it isn't, so don't assume anything magic about this function.
+   
+   Used to pass the plaintext to passdb backends that might 
+   want to store more than just the NTLM hashes.
+*/
+const char* pdb_get_plaintext_passwd (const SAM_ACCOUNT *sampass)
+{
+	if (sampass) {
+		return ((char*)sampass->private.plaintext_pw.data);
+	}
+	else
+		return (NULL);
+}
+
 uint32 pdb_get_user_rid (const SAM_ACCOUNT *sampass)
 {
 	if (sampass)
@@ -224,6 +239,14 @@ const char* pdb_get_homedir (const SAM_ACCOUNT *sampass)
 		return (NULL);
 }
 
+const char* pdb_get_unix_homedir (const SAM_ACCOUNT *sampass)
+{
+	if (sampass)
+		return (sampass->private.unix_home_dir);
+	else
+		return (NULL);
+}
+
 const char* pdb_get_dirdrive (const SAM_ACCOUNT *sampass)
 {
 	if (sampass)
@@ -618,7 +641,7 @@ BOOL pdb_set_logon_script(SAM_ACCOUNT *sampass, const char *logon_script, BOOL s
 	}
 	
 	if (store) {
-		DEBUG(10, ("pdb_set_logon_script: setting logon script sam flag!"));
+		DEBUG(10, ("pdb_set_logon_script: setting logon script sam flag!\n"));
 		pdb_set_init_flag(sampass, FLAG_SAM_LOGONSCRIPT);
 	}
 
@@ -650,7 +673,7 @@ BOOL pdb_set_profile_path (SAM_ACCOUNT *sampass, const char *profile_path, BOOL
 	}
 
 	if (store) {
-		DEBUG(10, ("pdb_set_profile_path: setting profile path sam flag!"));
+		DEBUG(10, ("pdb_set_profile_path: setting profile path sam flag!\n"));
 		pdb_set_init_flag(sampass, FLAG_SAM_PROFILE);
 	}
 
@@ -682,7 +705,7 @@ BOOL pdb_set_dir_drive (SAM_ACCOUNT *sampass, const char *dir_drive, BOOL store)
 	}
 	
 	if (store) {
-		DEBUG(10, ("pdb_set_dir_drive: setting dir drive sam flag!"));
+		DEBUG(10, ("pdb_set_dir_drive: setting dir drive sam flag!\n"));
 		pdb_set_init_flag(sampass, FLAG_SAM_DRIVE);
 	}
 
@@ -722,6 +745,34 @@ BOOL pdb_set_homedir (SAM_ACCOUNT *sampass, const char *home_dir, BOOL store)
 }
 
 /*********************************************************************
+ Set the user's unix home directory.
+ ********************************************************************/
+
+BOOL pdb_set_unix_homedir (SAM_ACCOUNT *sampass, const char *unix_home_dir)
+{
+	if (!sampass)
+		return False;
+
+	if (unix_home_dir) { 
+		DEBUG(10, ("pdb_set_homedir: setting home dir %s, was %s\n", unix_home_dir,
+			(sampass->private.unix_home_dir)?(sampass->private.unix_home_dir):"NULL"));
+ 
+		sampass->private.unix_home_dir = talloc_strdup(sampass->mem_ctx, 
+							  unix_home_dir);
+		
+		if (!sampass->private.unix_home_dir) {
+			DEBUG(0, ("pdb_set_unix_home_dir: talloc_strdup() failed!\n"));
+			return False;
+		}
+
+	} else {
+		sampass->private.unix_home_dir = PDB_NOT_QUITE_NULL;
+	}
+
+	return True;
+}
+
+/*********************************************************************
  Set the user's account description.
  ********************************************************************/
 
@@ -840,7 +891,7 @@ BOOL pdb_set_nt_passwd (SAM_ACCOUNT *sampass, const uint8 *pwd)
  Set the user's LM hash.
  ********************************************************************/
 
-BOOL pdb_set_lanman_passwd (SAM_ACCOUNT *sampass, const uint8 *pwd)
+BOOL pdb_set_lanman_passwd (SAM_ACCOUNT *sampass, const uint8 pwd[16])
 {
 	if (!sampass)
 		return False;
@@ -852,6 +903,23 @@ BOOL pdb_set_lanman_passwd (SAM_ACCOUNT *sampass, const uint8 *pwd)
 	return True;
 }
 
+/*********************************************************************
+ Set the user's plaintext password only (base procedure, see helper
+ below)
+ ********************************************************************/
+
+BOOL pdb_set_plaintext_pw_only (SAM_ACCOUNT *sampass, const uint8 *password, size_t len)
+{
+	if (!sampass)
+		return False;
+
+	data_blob_clear_free(&sampass->private.plaintext_pw);
+	
+	sampass->private.plaintext_pw = data_blob(password, len);
+
+	return True;
+}
+
 BOOL pdb_set_unknown_3 (SAM_ACCOUNT *sampass, uint32 unkn)
 {
 	if (!sampass)