ldap back-end database development

Makefile:

	created PASSBD_OBJ group

includes.h:

	added #ifdef USE_LDAP to #include <ldap> headers

ldap.c:

	- renamed "_machine" to "_trust" everywhere.
	- added sam_passwd support routines
	- removed get_ldappwd_entry function: replaced with get_sampwd_entry
	- removed getldappwnam/uid: replaced with getsampwnam/uid
	- other messing about bits which are probably going to annoy the
	  hell out of jean-francois (sorry!)

mkproto.awk:

	- added stuff to wrap ldap.c protos with #ifdef USE_LDAP
	- added uid_t and gid_t return results to the prototype generation

passdb.c:

	- created getsam21pwent, add_sam21pwd_entry, mod_sam21pwd_entry.
	- modified getsampwnam/uid and created getsam21pwnam/rid functions
	  to replace the local get_smbpwd_entry() and get_ldappwd_entry()
	  functions, which jeremy didn't like anyway because they were
	  dual-purpose.
	- added utility routines which are or may be useful to all the
	  password database routines.

password.c:

	- renamed "machine_" to "trust_" everywhere.

smbpass.c:

	- removed get_smbpwd_entry function: replaced it with get_sampwd_entry
	  functions in passdb.c
	- moved code that decoded acct_ctrl into passdb.c
	- moved encode_acct_ctrl into passdb.c
	- removed getsmbpwnam/uid: replaced with getsampwnam/uid
	- renamed "machine_" to "trust_" everywhere.

smbpasswd.c:

	- renamed "machine_" to "trust_" everywhere.

util.c:

	- moved gethexpwd function into passdb.c

lib/rpc/server/srv_util.c:

	- moved user_rid_to_uid, group_rid_to_rid etc etc into passdb.c
(This used to be commit 673ab50c4c2c25db355d90efde3a6bfbb4d8369e)

1 files changed, 38 insertions, 126 deletions

diff --git a/source3/rpc_server/srv_util.c b/source3/rpc_server/srv_util.c
index a84dbb43ef..210a3f55e2 100644
--- a/source3/rpc_server/srv_util.c
+++ b/source3/rpc_server/srv_util.c
@@ -79,7 +79,6 @@ rid_name domain_group_rids[] =
 };
 
 
-
 int make_dom_gids(char *gids_str, DOM_GID *gids)
 {
 	char *ptr;
@@ -134,44 +133,6 @@ int make_dom_gids(char *gids_str, DOM_GID *gids)
 }
 
 /*******************************************************************
- gets a domain user's groups
- ********************************************************************/
-void get_domain_user_groups(char *domain_groups, char *user)
-{
-	pstring tmp;
-
-	if (domain_groups == NULL || user == NULL) return;
-
-	/* any additional groups this user is in.  e.g power users */
-	pstrcpy(domain_groups, lp_domain_groups());
-
-	/* can only be a user or a guest.  cannot be guest _and_ admin */
-	if (user_in_list(user, lp_domain_guest_users()))
-	{
-		sprintf(tmp, " %ld/7 ", DOMAIN_GROUP_RID_GUESTS);
-		strcat(domain_groups, tmp);
-
-		DEBUG(3,("domain guest access %s granted\n", tmp));
-	}
-	else
-	{
-		sprintf(tmp, " %ld/7 ", DOMAIN_GROUP_RID_USERS);
-		strcat(domain_groups, tmp);
-
-		DEBUG(3,("domain user access %s granted\n", tmp));
-
-		if (user_in_list(user, lp_domain_admin_users()))
-		{
-			sprintf(tmp, " %ld/7 ", DOMAIN_GROUP_RID_ADMINS);
-			strcat(domain_groups, tmp);
-
-			DEBUG(3,("domain admin access %s granted\n", tmp));
-		}
-	}
-}
-
-
-/*******************************************************************
  turns a DCE/RPC request into a DCE/RPC reply
 
  this is where the data really should be split up into an array of
@@ -320,7 +281,44 @@ BOOL api_rpcTNP(pipes_struct *p, char *rpc_name, struct api_struct *api_rpc_cmds
 	return True;
 }
 
-extern rid_name domain_group_rids[];
+
+/*******************************************************************
+ gets a domain user's groups
+ ********************************************************************/
+void get_domain_user_groups(char *domain_groups, char *user)
+{
+	pstring tmp;
+
+	if (domain_groups == NULL || user == NULL) return;
+
+	/* any additional groups this user is in.  e.g power users */
+	pstrcpy(domain_groups, lp_domain_groups());
+
+	/* can only be a user or a guest.  cannot be guest _and_ admin */
+	if (user_in_list(user, lp_domain_guest_users()))
+	{
+		sprintf(tmp, " %ld/7 ", DOMAIN_GROUP_RID_GUESTS);
+		strcat(domain_groups, tmp);
+
+		DEBUG(3,("domain guest access %s granted\n", tmp));
+	}
+	else
+	{
+		sprintf(tmp, " %ld/7 ", DOMAIN_GROUP_RID_USERS);
+		strcat(domain_groups, tmp);
+
+		DEBUG(3,("domain user access %s granted\n", tmp));
+
+		if (user_in_list(user, lp_domain_admin_users()))
+		{
+			sprintf(tmp, " %ld/7 ", DOMAIN_GROUP_RID_ADMINS);
+			strcat(domain_groups, tmp);
+
+			DEBUG(3,("domain admin access %s granted\n", tmp));
+		}
+	}
+}
+
 
 /*******************************************************************
  lookup_group_name
@@ -348,8 +346,6 @@ uint32 lookup_group_name(uint32 rid, char *group_name, uint32 *type)
 	return 0xC0000000 | NT_STATUS_NONE_MAPPED;
 }
 
-extern rid_name domain_alias_rids[];
-
 /*******************************************************************
  lookup_alias_name
  ********************************************************************/
@@ -480,87 +476,3 @@ uint32 lookup_user_rid(char *user_name, uint32 *rid)
 
 	return 0xC0000000 | NT_STATUS_NONE_MAPPED;
 }
-
-/*******************************************************************
- Group and User RID username mapping function
- ********************************************************************/
-BOOL name_to_rid(char *user_name, uint32 *u_rid, uint32 *g_rid)
-{
-    struct passwd *pw = Get_Pwnam(user_name, False);
-
-	if (u_rid == NULL || g_rid == NULL || user_name == NULL)
-	{
-		return False;
-	}
-
-    if (!pw)
-	{
-      DEBUG(1,("Username %s is invalid on this system\n", user_name));
-      return False;
-    }
-
-	if (user_in_list(user_name, lp_domain_guest_users()))
-	{
-		*u_rid = DOMAIN_USER_RID_GUEST;
-	}
-	else if (user_in_list(user_name, lp_domain_admin_users()))
-	{
-		*u_rid = DOMAIN_USER_RID_ADMIN;
-	}
-	else
-	{
-		/* turn the unix UID into a Domain RID.  this is what the posix
-		   sub-system does (adds 1000 to the uid) */
-		*u_rid = uid_to_user_rid(pw->pw_uid);
-	}
-
-	/* absolutely no idea what to do about the unix GID to Domain RID mapping */
-	*g_rid = gid_to_group_rid(pw->pw_gid);
-
-	return True;
-}
-
-/*******************************************************************
- XXXX THIS FUNCTION SHOULD NOT BE HERE: IT SHOULD BE A STATIC FUNCTION
- INSIDE smbpass.c
-
- converts NT User RID to a UNIX uid.
- ********************************************************************/
-uid_t user_rid_to_uid(uint32 u_rid)
-{
-	return (uid_t)(u_rid - 1000);
-}
-
-/*******************************************************************
- XXXX THIS FUNCTION SHOULD NOT BE HERE: IT SHOULD BE A STATIC FUNCTION
- INSIDE smbpass.c
-
- converts NT Group RID to a UNIX uid.
- ********************************************************************/
-uid_t group_rid_to_uid(uint32 u_gid)
-{
-	return (uid_t)(u_gid - 1000);
-}
-
-/*******************************************************************
- XXXX THIS FUNCTION SHOULD NOT BE HERE: IT SHOULD BE A STATIC FUNCTION
- INSIDE smbpass.c
-
- converts UNIX uid to an NT User RID.
- ********************************************************************/
-uint32 uid_to_user_rid(uint32 uid)
-{
-	return (uint32)(uid + 1000);
-}
-
-/*******************************************************************
- XXXX THIS FUNCTION SHOULD NOT BE HERE: IT SHOULD BE A STATIC FUNCTION
- INSIDE smbpass.c
-
- converts NT Group RID to a UNIX uid.
- ********************************************************************/
-uint32 gid_to_group_rid(uint32 gid)
-{
-	return (uint32)(gid + 1000);
-}
-