summaryrefslogtreecommitdiff
path: root/source3/sam
diff options
context:
space:
mode:
authorJelmer Vernooij <jelmer@samba.org>2003-09-10 19:47:13 +0000
committerJelmer Vernooij <jelmer@samba.org>2003-09-10 19:47:13 +0000
commitff166384c84acb24fad4abe54e2ec43a7f4fdfc3 (patch)
treec3783069055fa4894cce4af9eae004f191b09438 /source3/sam
parent1c138c61818c5641ce5bd556d44245db5d4b45ca (diff)
downloadsamba-ff166384c84acb24fad4abe54e2ec43a7f4fdfc3.tar.gz
samba-ff166384c84acb24fad4abe54e2ec43a7f4fdfc3.tar.bz2
samba-ff166384c84acb24fad4abe54e2ec43a7f4fdfc3.zip
Remove obsolete files.
(This used to be commit 3d71340e5c1bf3397e69897bbc8434bbaa503a75)
Diffstat (limited to 'source3/sam')
-rw-r--r--source3/sam/SAM-interface_handles.txt123
-rw-r--r--source3/sam/get_set_account.c845
-rw-r--r--source3/sam/get_set_domain.c263
-rw-r--r--source3/sam/get_set_group.c106
-rwxr-xr-xsource3/sam/sam_ads.c1378
-rw-r--r--source3/sam/sam_plugin.c79
-rw-r--r--source3/sam/sam_skel.c251
7 files changed, 0 insertions, 3045 deletions
diff --git a/source3/sam/SAM-interface_handles.txt b/source3/sam/SAM-interface_handles.txt
deleted file mode 100644
index 1c164bd198..0000000000
--- a/source3/sam/SAM-interface_handles.txt
+++ /dev/null
@@ -1,123 +0,0 @@
-SAM API
-
-NTSTATUS sam_get_sec_obj(NT_USER_TOKEN *access, DOM_SID *sid, SEC_DESC **sd)
-NTSTATUS sam_set_sec_obj(NT_USER_TOKEN *access, DOM_SID *sid, SEC_DESC *sd)
-
-NTSTATUS sam_lookup_name(NT_USER_TOKEN *access, DOM_SID *domain, char *name, DOM_SID **sid, uint32 *type)
-NTSTATUS sam_lookup_sid(NT_USER_TOKEN *access, DOM_SID *sid, char **name, uint32 *type)
-
-
-Domain API
-
-NTSTATUS sam_update_domain(SAM_DOMAIN_HANDLE *domain)
-
-NTSTATUS sam_enum_domains(NT_USER_TOKEN *access, int32 *domain_count, DOM_SID **domains, char **domain_names)
-NTSTATUS sam_lookup_domain(NT_USER_TOKEN *access, char *domain, DOM_SID **domainsid)
-
-NTSTATUS sam_get_domain_by_sid(NT_USER_TOKEN *access, uint32 access_desired, DOM_SID *domainsid, SAM_DOMAIN_HANDLE **domain)
-
-
-User API
-
-NTSTATUS sam_create_user(NT_USER_TOKEN *access, uint32 access_desired, SAM_USER_HANDLE **user)
-NTSTATUS sam_add_user(SAM_USER_HANDLE *user)
-NTSTATUS sam_update_user(SAM_USER_HANDLE *user)
-NTSTATUS sam_delete_user(SAM_USER_HANDLE * user)
-
-NTSTATUS sam_enum_users(NT_USER_TOKEN *access, DOM_SID *domain, int32 *user_count, SAM_USER_ENUM **users)
-
-NTSTATUS sam_get_user_by_sid(NT_USER_TOKEN *access, uint32 access_desired, DOM_SID *usersid, SAM_USER_HANDLE **user)
-NTSTATUS sam_get_user_by_name(NT_USER_TOKEN *access, uint32 access_desired, char *domain, char *name, SAM_USER_HANDLE **user)
-
-
-Group API
-
-NTSTATUS sam_create_group(NT_USER_TOKEN *access, uint32 access_desired, uint32 typ, SAM_GROUP_HANDLE **group)
-NTSTATUS sam_add_group(SAM_GROUP_HANDLE *samgroup)
-NTSTATUS sam_update_group(SAM_GROUP_HANDLE *samgroup)
-NTSTATUS sam_delete_group(SAM_GROUP_HANDLE *groupsid)
-
-NTSTATUS sam_enum_groups(NT_USER_TOKEN *access, DOM_SID *domainsid, uint32 typ, uint32 *groups_count, SAM_GROUP_ENUM **groups)
-
-NTSTATUS sam_get_group_by_sid(NT_USER_TOKEN *access, uint32 access_desired, DOM_SID *groupsid, SAM_GROUP_HANDLE **group)
-NTSTATUS sam_get_group_by_name(NT_USER_TOKEN *access, uint32 access_desired, char *domain, char *name, SAM_GROUP_HANDLE **group)
-
-NTSTATUS sam_add_member_to_group(SAM_GROUP_HANDLE *group, SAM_GROUP_MEMBER *member)
-NTSTATUS sam_delete_member_from_group(SAM_GROUP_HANDLE *group, SAM_GROUP_MEMBER *member)
-NTSTATUS sam_enum_groupmembers(SAM_GROUP_HANLDE *group, uint32 *members_count, SAM_GROUP_MEMBER **members)
-
-NTSTATUS sam_get_groups_of_user(SAM_USER_HANDLE *user, uint32 typ, uint32 *group_count, SAM_GROUP_ENUM **groups)
-
-
-
-structures
-
-typedef _SAM_GROUP_MEMBER {
- DOM_SID sid;
- BOOL group; /* specifies if it is a group or a user */
-
-} SAM_GROUP_MEMBER
-
-typedef struct sam_user_enum {
- DOM_SID sid;
- char *username;
- char *full_name;
- char *user_desc;
- uint16 acc_ctrl;
-} SAM_USER_ENUM;
-
-typedef struct sam_group_enum {
- DOM_SID sid;
- char *groupname;
- char *comment;
-} SAM_GROUP_ENUM
-
-NTSTATUS sam_get_domain_sid(SAM_DOMAIN_HANDLE *domain, DOM_SID **sid)
-NTSTATUS sam_get_domain_num_users(SAM_DOMAIN_HANDLE *domain, uint32 *num_users)
-NTSTATUS sam_get_domain_num_groups(SAM_DOMAIN_HANDLE *domain, uint32 *num_groups)
-NTSTATUS sam_get_domain_num_aliases(SAM_DOMAIN_HANDLE *domain, uint32 *num_aliases)
-NTSTATUS sam_{get,set}_domain_name(SAM_DOMAIN_HANDLE *domain, char **domain_name)
-NTSTATUS sam_{get,set}_domain_server(SAM_DOMAIN_HANDLE *domain, char **server_name)
-NTSTATUS sam_{get,set}_domain_max_pwdage(SAM_DOMAIN_HANDLE *domain, NTTIME *max_passwordage)
-NTSTATUS sam_{get,set}_domain_min_pwdage(SAM_DOMAIN_HANDLE *domain, NTTIME *min_passwordage)
-NTSTATUS sam_{get,set}_domain_lockout_duration(SAM_DOMAIN_HANDLE *domain, NTTIME *lockout_duration)
-NTSTATUS sam_{get,set}_domain_reset_count(SAM_DOMAIN_HANDLE *domain, NTTIME *reset_lockout_count)
-NTSTATUS sam_{get,set}_domain_min_pwdlength(SAM_DOMAIN_HANDLE *domain, uint16 *min_passwordlength)
-NTSTATUS sam_{get,set}_domain_pwd_history(SAM_DOMAIN_HANDLE *domain, uin16 *password_history)
-NTSTATUS sam_{get,set}_domain_lockout_count(SAM_DOMAIN_HANDLE *domain, uint16 *lockout_count)
-NTSTATUS sam_{get,set}_domain_force_logoff(SAM_DOMAIN_HANDLE *domain, BOOL *force_logoff)
-NTSTATUS sam_{get,set}_domain_login_pwdchange(SAM_DOMAIN_HANDLE *domain, BOOL *login_pwdchange)
-
-NTSTATUS sam_get_user_sid(SAM_USER_HANDLE *user, DOM_SID **sid)
-NTSTATUS sam_{get,set}_user_pgroup(SAM_USER_HANDLE *user, DOM_SID **pgroup)
-NTSTATUS sam_{get,set}_user_name(SAM_USER_HANDLE *user, char **username)
-NTSTATUS sam_{get,set}_user_fullname(SAM_USER_HANDLE *user, char** fullname)
-NTSTATUS sam_{get,set}_user_description(SAM_USER_HANDLE *user, char **description)
-NTSTATUS sam_{get,set}_user_home_dir(SAM_USER_HANDLE *user, char **home_dir)
-NTSTATUS sam_{get,set}_user_dir_drive(SAM_USER_HANDLE *user, char **dir_drive)
-NTSTATUS sam_{get,set}_user_logon_script(SAM_USER_HANDLE *user, char **logon_script)
-NTSTATUS sam_{get,set}_user_profile_path(SAM_USER_HANDLE *user, char **profile_path)
-NTSTATUS sam_{get,set}_user_workstations(SAM_USER_HANDLE *user, char **workstations)
-NTSTATUS sam_{get,set}_user_munged_dial(SAM_USER_HANDLE *user, char **munged_dial)
-NTSTATUS sam_{get,set}_user_lm_pwd(SAM_USER_HANDLE *user, DATA_BLOB *lm_pwd)
-NTSTATUS sam_{get,set}_user_nt_pwd(SAM_USER_HANDLE *user, DATA_BLOB *nt_pwd)
-NTSTATUS sam_{get,set}_user_plain_pwd(SAM_USER_HANDLE *user, DATA_BLOB *plaintext_pwd)
-NTSTATUS sam_{get,set}_user_acct_ctrl(SAM_USER_HANDLE *user, uint16 *acct_ctrl)
-NTSTATUS sam_{get,set}_user_logon_divs(SAM_USER_HANDLE *user, uint16 *logon_divs)
-NTSTATUS sam_{get,set}_user_hours(SAM_USER_HANDLE *user, uint32 *hours_len, uint8 **hours)
-NTSTATUS sam_{get,set}_user_logon_time(SAM_USER_HANDLE *user, NTTIME *logon_time)
-NTSTATUS sam_{get,set}_user_logoff_time(SAM_USER_HANDLE *user, NTTIME *logoff_time)
-NTSTATUS sam_{get,set}_user_kickoff_time(SAM_USER_HANDLE *user, NTTIME kickoff_time)
-NTSTATUS sam_{get,set}_user_pwd_last_set(SAM_USER_HANDLE *user, NTTIME pwd_last_set)
-NTSTATUS sam_{get,set}_user_pwd_can_change(SAM_USER_HANDLE *user, NTTIME pwd_can_change)
-NTSTATUS sam_{get,set}_user_pwd_must_change(SAM_USER_HANDLE *user, NTTIME pwd_must_change)
-NTSTATUS sam_{get,set}_user_unknown_1(SAM_USER_HANDLE *user, char **unknown_1)
-NTSTATUS sam_{get,set}_user_unknown_2(SAM_USER_HANDLE *user, uint32 *unknown_2)
-NTSTATUS sam_{get,set}_user_unknown_3(SAM_USER_HANDLE *user, uint32 *unknown_3)
-NTSTATUS sam_{get,set}_user_unknown_4(SAM_USER_HANDLE *user, uint32 *unknown_4)
-
-NTSTATUS sam_get_group_sid(SAM_GROUP_HANDLE *group, DOM_SID **sid)
-NTSTATUS sam_get_group_typ(SAM_GROUP_HANDLE *group, uint32 *typ)
-NTSTATUS sam_{get,set}_group_name(SAM_GROUP_HANDLE *group, char **group_name)
-NTSTATUS sam_{get,set}_group_comment(SAM_GROUP_HANDLE *group, char **comment)
-NTSTATUS sam_{get,set}_group_priv_set(SAM_GROUP_HANDLE *group, PRIVILEGE_SET *priv_set) \ No newline at end of file
diff --git a/source3/sam/get_set_account.c b/source3/sam/get_set_account.c
deleted file mode 100644
index acac281d21..0000000000
--- a/source3/sam/get_set_account.c
+++ /dev/null
@@ -1,845 +0,0 @@
-/*
- Unix SMB/CIFS implementation.
- SAM_ACCOUNT_HANDLE access routines
- Copyright (C) Andrew Bartlett 2002
- Copyright (C) Stefan (metze) Metzmacher 2002
- Copyright (C) Jelmer Vernooij 2002
-
- This program is free software; you can redistribute it and/or modify
- it under the terms of the GNU General Public License as published by
- the Free Software Foundation; either version 2 of the License, or
- (at your option) any later version.
-
- This program is distributed in the hope that it will be useful,
- but WITHOUT ANY WARRANTY; without even the implied warranty of
- MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
- GNU General Public License for more details.
-
- You should have received a copy of the GNU General Public License
- along with this program; if not, write to the Free Software
- Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
-*/
-
-#include "includes.h"
-
-#undef DBGC_CLASS
-#define DBGC_CLASS DBGC_SAM
-
-NTSTATUS sam_get_account_domain_sid(const SAM_ACCOUNT_HANDLE *sampass, const DOM_SID **sid)
-{
- NTSTATUS status;
- SAM_DOMAIN_HANDLE *domain;
- SAM_ASSERT(!sampass || !sid);
-
- if (!NT_STATUS_IS_OK(status = sam_get_account_domain(sampass, &domain))){
- DEBUG(0, ("sam_get_account_domain_sid: Can't get domain for account\n"));
- return status;
- }
-
- return sam_get_domain_sid(domain, sid);
-}
-
-NTSTATUS sam_get_account_domain_name(const SAM_ACCOUNT_HANDLE *sampass, const char **domain_name)
-{
- NTSTATUS status;
- SAM_DOMAIN_HANDLE *domain;
- SAM_ASSERT(sampass && domain_name);
-
- if (!NT_STATUS_IS_OK(status = sam_get_account_domain(sampass, &domain))){
- DEBUG(0, ("sam_get_account_domain_name: Can't get domain for account\n"));
- return status;
- }
-
- return sam_get_domain_name(domain, domain_name);
-}
-
-NTSTATUS sam_get_account_acct_ctrl(const SAM_ACCOUNT_HANDLE *sampass, uint16 *acct_ctrl)
-{
- SAM_ASSERT(sampass && acct_ctrl);
-
- *acct_ctrl = sampass->private.acct_ctrl;
-
- return NT_STATUS_OK;
-}
-
-NTSTATUS sam_get_account_logon_time(const SAM_ACCOUNT_HANDLE *sampass, NTTIME *logon_time)
-{
- SAM_ASSERT(sampass && logon_time) ;
-
- *logon_time = sampass->private.logon_time;
-
- return NT_STATUS_OK;
-}
-
-NTSTATUS sam_get_account_logoff_time(const SAM_ACCOUNT_HANDLE *sampass, NTTIME *logoff_time)
-{
- SAM_ASSERT(sampass && logoff_time) ;
-
- *logoff_time = sampass->private.logoff_time;
-
- return NT_STATUS_OK;
-}
-
-NTSTATUS sam_get_account_kickoff_time(const SAM_ACCOUNT_HANDLE *sampass, NTTIME *kickoff_time)
-{
- SAM_ASSERT(sampass && kickoff_time);
-
- *kickoff_time = sampass->private.kickoff_time;
-
- return NT_STATUS_OK;
-}
-
-NTSTATUS sam_get_account_pass_last_set_time(const SAM_ACCOUNT_HANDLE *sampass, NTTIME *pass_last_set_time)
-{
- SAM_ASSERT(sampass && pass_last_set_time);
-
- *pass_last_set_time = sampass->private.pass_last_set_time;
-
- return NT_STATUS_OK;
-}
-
-NTSTATUS sam_get_account_pass_can_change_time(const SAM_ACCOUNT_HANDLE *sampass, NTTIME *pass_can_change_time)
-{
- SAM_ASSERT(sampass && pass_can_change_time);
-
- *pass_can_change_time = sampass->private.pass_can_change_time;
-
- return NT_STATUS_OK;
-}
-
-NTSTATUS sam_get_account_pass_must_change_time(const SAM_ACCOUNT_HANDLE *sampass, NTTIME *pass_must_change_time)
-{
- SAM_ASSERT(sampass && pass_must_change_time);
-
- *pass_must_change_time = sampass->private.pass_must_change_time;
-
- return NT_STATUS_OK;
-}
-
-NTSTATUS sam_get_account_logon_divs(const SAM_ACCOUNT_HANDLE *sampass, uint16 *logon_divs)
-{
- SAM_ASSERT(sampass && logon_divs);
-
- *logon_divs = sampass->private.logon_divs;
-
- return NT_STATUS_OK;
-}
-
-NTSTATUS sam_get_account_hours_len(const SAM_ACCOUNT_HANDLE *sampass, uint32 *hours_len)
-{
- SAM_ASSERT(sampass && hours_len);
-
- *hours_len = sampass->private.hours_len;
-
- return NT_STATUS_OK;
-}
-
-NTSTATUS sam_get_account_hours(const SAM_ACCOUNT_HANDLE *sampass, const uint8 **hours)
-{
- SAM_ASSERT(sampass && hours);
-
- *hours = sampass->private.hours;
-
- return NT_STATUS_OK;
-}
-
-NTSTATUS sam_get_account_nt_pwd(const SAM_ACCOUNT_HANDLE *sampass, DATA_BLOB *nt_pwd)
-{
- SAM_ASSERT(sampass);
-
- SMB_ASSERT((!sampass->private.nt_pw.data)
- || sampass->private.nt_pw.length == NT_HASH_LEN);
-
- *nt_pwd = sampass->private.nt_pw;
-
- return NT_STATUS_OK;
-}
-
-NTSTATUS sam_get_account_lm_pwd(const SAM_ACCOUNT_HANDLE *sampass, DATA_BLOB *lm_pwd)
-{
- SAM_ASSERT(sampass);
-
- SMB_ASSERT((!sampass->private.lm_pw.data)
- || sampass->private.lm_pw.length == LM_HASH_LEN);
-
- *lm_pwd = sampass->private.lm_pw;
-
- return NT_STATUS_OK;
-}
-
-/* Return the plaintext password if known. Most of the time
- it isn't, so don't assume anything magic about this function.
-
- Used to pass the plaintext to sam backends that might
- want to store more than just the NTLM hashes.
-*/
-
-NTSTATUS sam_get_account_plaintext_pwd(const SAM_ACCOUNT_HANDLE *sampass, char **plain_pwd)
-{
- SAM_ASSERT(sampass && plain_pwd);
-
- *plain_pwd = sampass->private.plaintext_pw;
-
- return NT_STATUS_OK;
-}
-
-NTSTATUS sam_get_account_sid(const SAM_ACCOUNT_HANDLE *sampass, const DOM_SID **sid)
-{
- SAM_ASSERT(sampass);
-
- *sid = &(sampass->private.account_sid);
-
- return NT_STATUS_OK;
-}
-
-NTSTATUS sam_get_account_pgroup(const SAM_ACCOUNT_HANDLE *sampass, const DOM_SID **sid)
-{
- SAM_ASSERT(sampass);
-
- *sid = &(sampass->private.group_sid);
-
- return NT_STATUS_OK;
-}
-
-/**
- * Get flags showing what is initalised in the SAM_ACCOUNT_HANDLE
- * @param sampass the SAM_ACCOUNT_HANDLE in question
- * @return the flags indicating the members initialised in the struct.
- **/
-
-NTSTATUS sam_get_account_init_flag(const SAM_ACCOUNT_HANDLE *sampass, uint32 *initflag)
-{
- SAM_ASSERT(sampass);
-
- *initflag = sampass->private.init_flag;
-
- return NT_STATUS_OK;
-}
-
-NTSTATUS sam_get_account_name(const SAM_ACCOUNT_HANDLE *sampass, char **account_name)
-{
- SAM_ASSERT(sampass);
-
- *account_name = sampass->private.account_name;
-
- return NT_STATUS_OK;
-}
-
-NTSTATUS sam_get_account_domain(const SAM_ACCOUNT_HANDLE *sampass, SAM_DOMAIN_HANDLE **domain)
-{
- SAM_ASSERT(sampass);
-
- *domain = sampass->private.domain;
-
- return NT_STATUS_OK;
-}
-
-NTSTATUS sam_get_account_fullname(const SAM_ACCOUNT_HANDLE *sampass, char **fullname)
-{
- SAM_ASSERT(sampass);
-
- *fullname = sampass->private.full_name;
-
- return NT_STATUS_OK;
-}
-
-NTSTATUS sam_get_account_homedir(const SAM_ACCOUNT_HANDLE *sampass, char **homedir)
-{
- SAM_ASSERT(sampass);
-
- *homedir = sampass->private.home_dir;
-
- return NT_STATUS_OK;
-}
-
-NTSTATUS sam_get_account_unix_home_dir(const SAM_ACCOUNT_HANDLE *sampass, char **uhomedir)
-{
- SAM_ASSERT(sampass);
-
- *uhomedir = sampass->private.unix_home_dir;
-
- return NT_STATUS_OK;
-}
-
-NTSTATUS sam_get_account_dir_drive(const SAM_ACCOUNT_HANDLE *sampass, char **dirdrive)
-{
- SAM_ASSERT(sampass);
-
- *dirdrive = sampass->private.dir_drive;
-
- return NT_STATUS_OK;
-}
-
-NTSTATUS sam_get_account_logon_script(const SAM_ACCOUNT_HANDLE *sampass, char **logon_script)
-{
- SAM_ASSERT(sampass);
-
- *logon_script = sampass->private.logon_script;
-
- return NT_STATUS_OK;
-}
-
-NTSTATUS sam_get_account_profile_path(const SAM_ACCOUNT_HANDLE *sampass, char **profile_path)
-{
- SAM_ASSERT(sampass);
-
- *profile_path = sampass->private.profile_path;
-
- return NT_STATUS_OK;
-}
-
-NTSTATUS sam_get_account_description(const SAM_ACCOUNT_HANDLE *sampass, char **description)
-{
- SAM_ASSERT(sampass);
-
- *description = sampass->private.acct_desc;
-
- return NT_STATUS_OK;
-}
-
-NTSTATUS sam_get_account_workstations(const SAM_ACCOUNT_HANDLE *sampass, char **workstations)
-{
- SAM_ASSERT(sampass);
-
- *workstations = sampass->private.workstations;
-
- return NT_STATUS_OK;
-}
-
-NTSTATUS sam_get_account_unknown_str(const SAM_ACCOUNT_HANDLE *sampass, char **unknown_str)
-{
- SAM_ASSERT(sampass);
-
- *unknown_str = sampass->private.unknown_str;
-
- return NT_STATUS_OK;
-}
-
-NTSTATUS sam_get_account_munged_dial(const SAM_ACCOUNT_HANDLE *sampass, char **munged_dial)
-{
- SAM_ASSERT(sampass);
-
- *munged_dial = sampass->private.munged_dial;
-
- return NT_STATUS_OK;
-}
-
-NTSTATUS sam_get_account_unknown_1(const SAM_ACCOUNT_HANDLE *sampass, uint32 *unknown1)
-{
- SAM_ASSERT(sampass && unknown1);
-
- *unknown1 = sampass->private.unknown_1;
-
- return NT_STATUS_OK;
-}
-
-NTSTATUS sam_get_account_unknown_2(const SAM_ACCOUNT_HANDLE *sampass, uint32 *unknown2)
-{
- SAM_ASSERT(sampass && unknown2);
-
- *unknown2 = sampass->private.unknown_2;
-
- return NT_STATUS_OK;
-}
-
-NTSTATUS sam_get_account_unknown_3(const SAM_ACCOUNT_HANDLE *sampass, uint32 *unknown3)
-{
- SAM_ASSERT(sampass && unknown3);
-
- *unknown3 = sampass->private.unknown_3;
-
- return NT_STATUS_OK;
-}
-
-/*********************************************************************
- Collection of set...() functions for SAM_ACCOUNT_HANDLE_INFO.
- ********************************************************************/
-
-NTSTATUS sam_set_account_acct_ctrl(SAM_ACCOUNT_HANDLE *sampass, uint16 acct_ctrl)
-{
- SAM_ASSERT(sampass);
-
- sampass->private.acct_ctrl = acct_ctrl;
-
- return NT_STATUS_OK;
-}
-
-NTSTATUS sam_set_account_logon_time(SAM_ACCOUNT_HANDLE *sampass, NTTIME mytime, BOOL store)
-{
- SAM_ASSERT(sampass);
-
- sampass->private.logon_time = mytime;
-
-
- return NT_STATUS_UNSUCCESSFUL;
-}
-
-NTSTATUS sam_set_account_logoff_time(SAM_ACCOUNT_HANDLE *sampass, NTTIME mytime, BOOL store)
-{
- SAM_ASSERT(sampass);
-
- sampass->private.logoff_time = mytime;
-
- return NT_STATUS_OK;
-}
-
-NTSTATUS sam_set_account_kickoff_time(SAM_ACCOUNT_HANDLE *sampass, NTTIME mytime, BOOL store)
-{
- SAM_ASSERT(sampass);
-
- sampass->private.kickoff_time = mytime;
-
-
- return NT_STATUS_OK;
-}
-
-NTSTATUS sam_set_account_pass_can_change_time(SAM_ACCOUNT_HANDLE *sampass, NTTIME mytime, BOOL store)
-{
- SAM_ASSERT(sampass);
-
- sampass->private.pass_can_change_time = mytime;
-
-
- return NT_STATUS_OK;
-}
-
-NTSTATUS sam_set_account_pass_must_change_time(SAM_ACCOUNT_HANDLE *sampass, NTTIME mytime, BOOL store)
-{
- SAM_ASSERT(sampass);
-
- sampass->private.pass_must_change_time = mytime;
-
- return NT_STATUS_OK;
-}
-
-NTSTATUS sam_set_account_pass_last_set_time(SAM_ACCOUNT_HANDLE *sampass, NTTIME mytime)
-{
- SAM_ASSERT(sampass);
-
- sampass->private.pass_last_set_time = mytime;
-
- return NT_STATUS_OK;
-}
-
-NTSTATUS sam_set_account_hours_len(SAM_ACCOUNT_HANDLE *sampass, uint32 len)
-{
- SAM_ASSERT(sampass);
-
- sampass->private.hours_len = len;
- return NT_STATUS_OK;
-}
-
-NTSTATUS sam_set_account_logon_divs(SAM_ACCOUNT_HANDLE *sampass, uint16 hours)
-{
- SAM_ASSERT(sampass);
-
- sampass->private.logon_divs = hours;
- return NT_STATUS_OK;
-}
-
-/**
- * Set flags showing what is initalised in the SAM_ACCOUNT_HANDLE
- * @param sampass the SAM_ACCOUNT_HANDLE in question
- * @param flag The *new* flag to be set. Old flags preserved
- * this flag is only added.
- **/
-
-NTSTATUS sam_set_account_init_flag(SAM_ACCOUNT_HANDLE *sampass, uint32 flag)
-{
- SAM_ASSERT(sampass);
-
- sampass->private.init_flag |= flag;
-
- return NT_STATUS_OK;
-}
-
-NTSTATUS sam_set_account_sid(SAM_ACCOUNT_HANDLE *sampass, const DOM_SID *u_sid)
-{
- SAM_ASSERT(sampass && u_sid);
-
- sid_copy(&sampass->private.account_sid, u_sid);
-
- DEBUG(10, ("sam_set_account_sid: setting account sid %s\n",
- sid_string_static(&sampass->private.account_sid)));
-
- return NT_STATUS_OK;
-}
-
-NTSTATUS sam_set_account_sid_from_string(SAM_ACCOUNT_HANDLE *sampass, const char *u_sid)
-{
- DOM_SID new_sid;
- SAM_ASSERT(sampass && u_sid);
-
- DEBUG(10, ("sam_set_account_sid_from_string: setting account sid %s\n",
- u_sid));
-
- if (!string_to_sid(&new_sid, u_sid)) {
- DEBUG(1, ("sam_set_account_sid_from_string: %s isn't a valid SID!\n", u_sid));
- return NT_STATUS_UNSUCCESSFUL;
- }
-
- if (!NT_STATUS_IS_OK(sam_set_account_sid(sampass, &new_sid))) {
- DEBUG(1, ("sam_set_account_sid_from_string: could not set sid %s on SAM_ACCOUNT_HANDLE!\n", u_sid));
- return NT_STATUS_UNSUCCESSFUL;
- }
-
- return NT_STATUS_OK;
-}
-
-NTSTATUS sam_set_account_pgroup_sid(SAM_ACCOUNT_HANDLE *sampass, const DOM_SID *g_sid)
-{
- SAM_ASSERT(sampass && g_sid);
-
- sid_copy(&sampass->private.group_sid, g_sid);
-
- DEBUG(10, ("sam_set_group_sid: setting group sid %s\n",
- sid_string_static(&sampass->private.group_sid)));
-
- return NT_STATUS_OK;
-}
-
-NTSTATUS sam_set_account_pgroup_string(SAM_ACCOUNT_HANDLE *sampass, const char *g_sid)
-{
- DOM_SID new_sid;
- SAM_ASSERT(sampass && g_sid);
-
- DEBUG(10, ("sam_set_group_sid_from_string: setting group sid %s\n",
- g_sid));
-
- if (!string_to_sid(&new_sid, g_sid)) {
- DEBUG(1, ("sam_set_group_sid_from_string: %s isn't a valid SID!\n", g_sid));
- return NT_STATUS_UNSUCCESSFUL;
- }
-
- if (!NT_STATUS_IS_OK(sam_set_account_pgroup_sid(sampass, &new_sid))) {
- DEBUG(1, ("sam_set_group_sid_from_string: could not set sid %s on SAM_ACCOUNT_HANDLE!\n", g_sid));
- return NT_STATUS_UNSUCCESSFUL;
- }
- return NT_STATUS_OK;
-}
-
-/*********************************************************************
- Set the domain name.
- ********************************************************************/
-
-NTSTATUS sam_set_account_domain(SAM_ACCOUNT_HANDLE *sampass, SAM_DOMAIN_HANDLE *domain)
-{
- SAM_ASSERT(sampass);
-
- sampass->private.domain = domain;
-
- return NT_STATUS_OK;
-}
-
-/*********************************************************************
- Set the account's NT name.
- ********************************************************************/
-
-NTSTATUS sam_set_account_name(SAM_ACCOUNT_HANDLE *sampass, const char *account_name)
-{
- SAM_ASSERT(sampass);
-
- DEBUG(10, ("sam_set_account_name: setting nt account_name %s, was %s\n", account_name, sampass->private.account_name));
-
- sampass->private.account_name = talloc_strdup(sampass->mem_ctx, account_name);
-
- return NT_STATUS_OK;
-}
-
-/*********************************************************************
- Set the account's full name.
- ********************************************************************/
-
-NTSTATUS sam_set_account_fullname(SAM_ACCOUNT_HANDLE *sampass, const char *full_name)
-{
- SAM_ASSERT(sampass);
-
- DEBUG(10, ("sam_set_account_fullname: setting full name %s, was %s\n", full_name, sampass->private.full_name));
-
- sampass->private.full_name = talloc_strdup(sampass->mem_ctx, full_name);
-
- return NT_STATUS_OK;
-}
-
-/*********************************************************************
- Set the account's logon script.
- ********************************************************************/
-
-NTSTATUS sam_set_account_logon_script(SAM_ACCOUNT_HANDLE *sampass, const char *logon_script, BOOL store)
-{
- SAM_ASSERT(sampass);
-
- DEBUG(10, ("sam_set_logon_script: from %s to %s\n", logon_script, sampass->private.logon_script));
-
- sampass->private.logon_script = talloc_strdup(sampass->mem_ctx, logon_script);
-
-
- return NT_STATUS_OK;
-}
-
-/*********************************************************************
- Set the account's profile path.
- ********************************************************************/
-
-NTSTATUS sam_set_account_profile_path(SAM_ACCOUNT_HANDLE *sampass, const char *profile_path, BOOL store)
-{
- SAM_ASSERT(sampass);
-
- DEBUG(10, ("sam_set_profile_path: setting profile path %s, was %s\n", profile_path, sampass->private.profile_path));
-
- sampass->private.profile_path = talloc_strdup(sampass->mem_ctx, profile_path);
-
- return NT_STATUS_OK;
-}
-
-/*********************************************************************
- Set the account's directory drive.
- ********************************************************************/
-
-NTSTATUS sam_set_account_dir_drive(SAM_ACCOUNT_HANDLE *sampass, const char *dir_drive, BOOL store)
-{
- SAM_ASSERT(sampass);
-
- DEBUG(10, ("sam_set_dir_drive: setting dir drive %s, was %s\n", dir_drive,
- sampass->private.dir_drive));
-
- sampass->private.dir_drive = talloc_strdup(sampass->mem_ctx, dir_drive);
-
- return NT_STATUS_OK;
-}
-
-/*********************************************************************
- Set the account's home directory.
- ********************************************************************/
-
-NTSTATUS sam_set_account_homedir(SAM_ACCOUNT_HANDLE *sampass, const char *home_dir, BOOL store)
-{
- SAM_ASSERT(sampass);
-
- DEBUG(10, ("sam_set_homedir: setting home dir %s, was %s\n", home_dir,
- sampass->private.home_dir));
-
- sampass->private.home_dir = talloc_strdup(sampass->mem_ctx, home_dir);
-
- return NT_STATUS_OK;
-}
-
-/*********************************************************************
- Set the account's unix home directory.
- ********************************************************************/
-
-NTSTATUS sam_set_account_unix_homedir(SAM_ACCOUNT_HANDLE *sampass, const char *unix_home_dir)
-{
- SAM_ASSERT(sampass);
-
- DEBUG(10, ("sam_set_unix_homedir: setting home dir %s, was %s\n", unix_home_dir,
- sampass->private.unix_home_dir));
-
- sampass->private.unix_home_dir = talloc_strdup(sampass->mem_ctx, unix_home_dir);
-
- return NT_STATUS_OK;
-}
-
-/*********************************************************************
- Set the account's account description.
- ********************************************************************/
-
-NTSTATUS sam_set_account_acct_desc(SAM_ACCOUNT_HANDLE *sampass, const char *acct_desc)
-{
- SAM_ASSERT(sampass);
-
- sampass->private.acct_desc = talloc_strdup(sampass->mem_ctx, acct_desc);
-
- return NT_STATUS_OK;
-}
-
-/*********************************************************************
- Set the account's workstation allowed list.
- ********************************************************************/
-
-NTSTATUS sam_set_account_workstations(SAM_ACCOUNT_HANDLE *sampass, const char *workstations)
-{
- SAM_ASSERT(sampass);
-
- DEBUG(10, ("sam_set_workstations: setting workstations %s, was %s\n", workstations,
- sampass->private.workstations));
-
- sampass->private.workstations = talloc_strdup(sampass->mem_ctx, workstations);
-
- return NT_STATUS_OK;
-}
-
-/*********************************************************************
- Set the account's 'unknown_str', whatever the heck this actually is...
- ********************************************************************/
-
-NTSTATUS sam_set_account_unknown_str(SAM_ACCOUNT_HANDLE *sampass, const char *unknown_str)
-{
- SAM_ASSERT(sampass);
-
- sampass->private.unknown_str = talloc_strdup(sampass->mem_ctx, unknown_str);
-
- return NT_STATUS_OK;
-}
-
-/*********************************************************************
- Set the account's dial string.
- ********************************************************************/
-
-NTSTATUS sam_set_account_munged_dial(SAM_ACCOUNT_HANDLE *sampass, const char *munged_dial)
-{
- SAM_ASSERT(sampass);
-
- sampass->private.munged_dial = talloc_strdup(sampass->mem_ctx, munged_dial);
-
- return NT_STATUS_OK;
-}
-
-/*********************************************************************
- Set the account's NT hash.
- ********************************************************************/
-
-NTSTATUS sam_set_account_nt_pwd(SAM_ACCOUNT_HANDLE *sampass, const DATA_BLOB data)
-{
- SAM_ASSERT(sampass);
-
- sampass->private.nt_pw = data;
-
- return NT_STATUS_OK;
-}
-
-/*********************************************************************
- Set the account's LM hash.
- ********************************************************************/
-
-NTSTATUS sam_set_account_lm_pwd(SAM_ACCOUNT_HANDLE *sampass, const DATA_BLOB data)
-{
- SAM_ASSERT(sampass);
-
- sampass->private.lm_pw = data;
-
- return NT_STATUS_OK;
-}
-
-/*********************************************************************
- Set the account's plaintext password only (base procedure, see helper
- below)
- ********************************************************************/
-
-NTSTATUS sam_set_account_plaintext_pwd(SAM_ACCOUNT_HANDLE *sampass, const char *plain_pwd)
-{
- SAM_ASSERT(sampass);
-
- sampass->private.plaintext_pw = talloc_strdup(sampass->mem_ctx, plain_pwd);
-
- return NT_STATUS_OK;
-}
-
-NTSTATUS sam_set_account_unknown_1(SAM_ACCOUNT_HANDLE *sampass, uint32 unkn)
-{
- SAM_ASSERT(sampass);
-
- sampass->private.unknown_1 = unkn;
-
- return NT_STATUS_OK;
-}
-
-NTSTATUS sam_set_account_unknown_2(SAM_ACCOUNT_HANDLE *sampass, uint32 unkn)
-{
- SAM_ASSERT(sampass);
-
- sampass->private.unknown_2 = unkn;
-
- return NT_STATUS_OK;
-}
-
-NTSTATUS sam_set_account_unknown_3(SAM_ACCOUNT_HANDLE *sampass, uint32 unkn)
-{
- SAM_ASSERT(sampass);
-
- sampass->private.unknown_3 = unkn;
- return NT_STATUS_OK;
-}
-
-NTSTATUS sam_set_account_hours(SAM_ACCOUNT_HANDLE *sampass, const uint8 *hours)
-{
- SAM_ASSERT(sampass);
-
- if (!hours) {
- memset ((char *)sampass->private.hours, 0, MAX_HOURS_LEN);
- return NT_STATUS_OK;
- }
-
- memcpy(sampass->private.hours, hours, MAX_HOURS_LEN);
-
- return NT_STATUS_OK;
-}
-
-/* Helpful interfaces to the above */
-
-/*********************************************************************
- Sets the last changed times and must change times for a normal
- password change.
- ********************************************************************/
-
-NTSTATUS sam_set_account_pass_changed_now(SAM_ACCOUNT_HANDLE *sampass)
-{
- uint32 expire;
- NTTIME temptime;
-
- SAM_ASSERT(sampass);
-
- unix_to_nt_time(&temptime, time(NULL));
- if (!NT_STATUS_IS_OK(sam_set_account_pass_last_set_time(sampass, temptime)))
- return NT_STATUS_UNSUCCESSFUL;
-
- if (!account_policy_get(AP_MAX_PASSWORD_AGE, &expire)
- || (expire==(uint32)-1)) {
-
- get_nttime_max(&temptime);
- if (!NT_STATUS_IS_OK(sam_set_account_pass_must_change_time(sampass, temptime, False)))
- return NT_STATUS_UNSUCCESSFUL;
-
- } else {
- /* FIXME: Add expire to temptime */
-
- if (!NT_STATUS_IS_OK(sam_get_account_pass_last_set_time(sampass,&temptime)) || !NT_STATUS_IS_OK(sam_set_account_pass_must_change_time(sampass, temptime,True)))
- return NT_STATUS_UNSUCCESSFUL;
- }
-
- return NT_STATUS_OK;
-}
-
-/*********************************************************************
- Set the account's PLAINTEXT password. Used as an interface to the above.
- Also sets the last change time to NOW.
- ********************************************************************/
-
-NTSTATUS sam_set_account_passwd(SAM_ACCOUNT_HANDLE *sampass, const char *plaintext)
-{
- DATA_BLOB data;
- uchar new_lanman_p16[16];
- uchar new_nt_p16[16];
-
- SAM_ASSERT(sampass && plaintext);
-
- nt_lm_owf_gen(plaintext, new_nt_p16, new_lanman_p16);
-
- data = data_blob(new_nt_p16, 16);
- if (!NT_STATUS_IS_OK(sam_set_account_nt_pwd(sampass, data)))
- return NT_STATUS_UNSUCCESSFUL;
-
- data = data_blob(new_lanman_p16, 16);
-
- if (!NT_STATUS_IS_OK(sam_set_account_lm_pwd(sampass, data)))
- return NT_STATUS_UNSUCCESSFUL;
-
- if (!NT_STATUS_IS_OK(sam_set_account_plaintext_pwd(sampass, plaintext)))
- return NT_STATUS_UNSUCCESSFUL;
-
- if (!NT_STATUS_IS_OK(sam_set_account_pass_changed_now(sampass)))
- return NT_STATUS_UNSUCCESSFUL;
-
- return NT_STATUS_OK;
-}
-
diff --git a/source3/sam/get_set_domain.c b/source3/sam/get_set_domain.c
deleted file mode 100644
index c70a4a3f09..0000000000
--- a/source3/sam/get_set_domain.c
+++ /dev/null
@@ -1,263 +0,0 @@
-/*
- Unix SMB/CIFS implementation.
- SAM_DOMAIN access routines
- Copyright (C) Andrew Bartlett 2002
- Copyright (C) Stefan (metze) Metzmacher 2002
- Copyright (C) Jelmer Vernooij 2002
-
- This program is free software; you can redistribute it and/or modify
- it under the terms of the GNU General Public License as published by
- the Free Software Foundation; either version 2 of the License, or
- (at your option) any later version.
-
- This program is distributed in the hope that it will be useful,
- but WITHOUT ANY WARRANTY; without even the implied warranty of
- MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
- GNU General Public License for more details.
-
- You should have received a copy of the GNU General Public License
- along with this program; if not, write to the Free Software
- Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
-*/
-
-#include "includes.h"
-
-#undef DBGC_CLASS
-#define DBGC_CLASS DBGC_SAM
-
-NTSTATUS sam_get_domain_sid(SAM_DOMAIN_HANDLE *domain, const DOM_SID **sid)
-{
- SAM_ASSERT(domain &&sid);
-
- *sid = &(domain->private.sid);
-
- return NT_STATUS_OK;
-}
-
-NTSTATUS sam_get_domain_num_accounts(SAM_DOMAIN_HANDLE *domain, uint32 *num_accounts)
-{
- SAM_ASSERT(domain &&num_accounts);
-
- *num_accounts = domain->private.num_accounts;
-
- return NT_STATUS_OK;
-}
-
-NTSTATUS sam_get_domain_num_groups(SAM_DOMAIN_HANDLE *domain, uint32 *num_groups)
-{
- SAM_ASSERT(domain &&num_groups);
-
- *num_groups = domain->private.num_groups;
-
- return NT_STATUS_OK;
-}
-
-NTSTATUS sam_get_domain_num_aliases(SAM_DOMAIN_HANDLE *domain, uint32 *num_aliases)
-{
- SAM_ASSERT(domain &&num_aliases);
-
- *num_aliases = domain->private.num_aliases;
-
- return NT_STATUS_OK;
-}
-
-NTSTATUS sam_get_domain_name(SAM_DOMAIN_HANDLE *domain, const char **domain_name)
-{
- SAM_ASSERT(domain &&domain_name);
-
- *domain_name = domain->private.name;
-
- return NT_STATUS_OK;
-}
-
-NTSTATUS sam_get_domain_server(SAM_DOMAIN_HANDLE *domain, const char **server_name)
-{
- SAM_ASSERT(domain &&server_name);
-
- *server_name = domain->private.servername;
-
- return NT_STATUS_OK;
-}
-
-NTSTATUS sam_get_domain_max_pwdage(SAM_DOMAIN_HANDLE *domain, NTTIME *max_passwordage)
-{
- SAM_ASSERT(domain &&max_passwordage);
-
- *max_passwordage = domain->private.max_passwordage;
-
- return NT_STATUS_OK;
-}
-
-NTSTATUS sam_get_domain_min_pwdage(SAM_DOMAIN_HANDLE *domain, NTTIME *min_passwordage)
-{
- SAM_ASSERT(domain &&min_passwordage);
-
- *min_passwordage = domain->private.min_passwordage;
-
- return NT_STATUS_OK;
-}
-
-NTSTATUS sam_get_domain_lockout_duration(SAM_DOMAIN_HANDLE *domain, NTTIME *lockout_duration)
-{
- SAM_ASSERT(domain &&lockout_duration);
-
- *lockout_duration = domain->private.lockout_duration;
-
- return NT_STATUS_OK;
-}
-
-NTSTATUS sam_get_domain_reset_count(SAM_DOMAIN_HANDLE *domain, NTTIME *reset_lockout_count)
-{
- SAM_ASSERT(domain &&reset_lockout_count);
-
- *reset_lockout_count = domain->private.reset_count;
-
- return NT_STATUS_OK;
-}
-
-NTSTATUS sam_get_domain_min_pwdlength(SAM_DOMAIN_HANDLE *domain, uint16 *min_passwordlength)
-{
- SAM_ASSERT(domain &&min_passwordlength);
-
- *min_passwordlength = domain->private.min_passwordlength;
-
- return NT_STATUS_OK;
-}
-
-NTSTATUS sam_get_domain_pwd_history(SAM_DOMAIN_HANDLE *domain, uint16 *password_history)
-{
- SAM_ASSERT(domain &&password_history);
-
- *password_history = domain->private.password_history;
-
- return NT_STATUS_OK;
-}
-
-NTSTATUS sam_get_domain_lockout_count(SAM_DOMAIN_HANDLE *domain, uint16 *lockout_count)
-{
- SAM_ASSERT(domain &&lockout_count);
-
- *lockout_count = domain->private.lockout_count;
-
- return NT_STATUS_OK;
-}
-
-NTSTATUS sam_get_domain_force_logoff(SAM_DOMAIN_HANDLE *domain, BOOL *force_logoff)
-{
- SAM_ASSERT(domain &&force_logoff);
-
- *force_logoff = domain->private.force_logoff;
-
- return NT_STATUS_OK;
-}
-
-
-NTSTATUS sam_get_domain_login_pwdchange(SAM_DOMAIN_HANDLE *domain, BOOL *login_pwdchange)
-{
- SAM_ASSERT(domain && login_pwdchange);
-
- *login_pwdchange = domain->private.login_pwdchange;
-
- return NT_STATUS_OK;
-}
-
-/* Set */
-
-NTSTATUS sam_set_domain_name(SAM_DOMAIN_HANDLE *domain, const char *domain_name)
-{
- SAM_ASSERT(domain);
-
- domain->private.name = talloc_strdup(domain->mem_ctx, domain_name);
-
- return NT_STATUS_OK;
-}
-
-
-NTSTATUS sam_set_domain_max_pwdage(SAM_DOMAIN_HANDLE *domain, NTTIME max_passwordage)
-{
- SAM_ASSERT(domain);
-
- domain->private.max_passwordage = max_passwordage;
-
- return NT_STATUS_OK;
-}
-
-NTSTATUS sam_set_domain_min_pwdage(SAM_DOMAIN_HANDLE *domain, NTTIME min_passwordage)
-{
- SAM_ASSERT(domain);
-
- domain->private.min_passwordage = min_passwordage;
-
- return NT_STATUS_OK;
-}
-
-NTSTATUS sam_set_domain_lockout_duration(SAM_DOMAIN_HANDLE *domain, NTTIME lockout_duration)
-{
- SAM_ASSERT(domain);
-
- domain->private.lockout_duration = lockout_duration;
-
- return NT_STATUS_OK;
-}
-NTSTATUS sam_set_domain_reset_count(SAM_DOMAIN_HANDLE *domain, NTTIME reset_lockout_count)
-{
- SAM_ASSERT(domain);
-
- domain->private.reset_count = reset_lockout_count;
-
- return NT_STATUS_OK;
-}
-
-NTSTATUS sam_set_domain_min_pwdlength(SAM_DOMAIN_HANDLE *domain, uint16 min_passwordlength)
-{
- SAM_ASSERT(domain);
-
- domain->private.min_passwordlength = min_passwordlength;
-
- return NT_STATUS_OK;
-}
-
-NTSTATUS sam_set_domain_pwd_history(SAM_DOMAIN_HANDLE *domain, uint16 password_history)
-{
- SAM_ASSERT(domain);
-
- domain->private.password_history = password_history;
-
- return NT_STATUS_OK;
-}
-
-NTSTATUS sam_set_domain_lockout_count(SAM_DOMAIN_HANDLE *domain, uint16 lockout_count)
-{
- SAM_ASSERT(domain);
-
- domain->private.lockout_count = lockout_count;
-
- return NT_STATUS_OK;
-}
-
-NTSTATUS sam_set_domain_force_logoff(SAM_DOMAIN_HANDLE *domain, BOOL force_logoff)
-{
- SAM_ASSERT(domain);
-
- domain->private.force_logoff = force_logoff;
-
- return NT_STATUS_OK;
-}
-
-NTSTATUS sam_set_domain_login_pwdchange(SAM_DOMAIN_HANDLE *domain, BOOL login_pwdchange)
-{
- SAM_ASSERT(domain);
-
- domain->private.login_pwdchange = login_pwdchange;
-
- return NT_STATUS_OK;
-}
-
-NTSTATUS sam_set_domain_server(SAM_DOMAIN_HANDLE *domain, const char *server_name)
-{
- SAM_ASSERT(domain);
-
- domain->private.servername = talloc_strdup(domain->mem_ctx, server_name);
-
- return NT_STATUS_OK;
-}
diff --git a/source3/sam/get_set_group.c b/source3/sam/get_set_group.c
deleted file mode 100644
index 11ea9258a7..0000000000
--- a/source3/sam/get_set_group.c
+++ /dev/null
@@ -1,106 +0,0 @@
-/*
- Unix SMB/CIFS implementation.
- SAM_USER_HANDLE access routines
- Copyright (C) Andrew Bartlett 2002
- Copyright (C) Stefan (metze) Metzmacher 2002
- Copyright (C) Jelmer Vernooij 2002
-
- This program is free software; you can redistribute it and/or modify
- it under the terms of the GNU General Public License as published by
- the Free Software Foundation; either version 2 of the License, or
- (at your option) any later version.
-
- This program is distributed in the hope that it will be useful,
- but WITHOUT ANY WARRANTY; without even the implied warranty of
- MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
- GNU General Public License for more details.
-
- You should have received a copy of the GNU General Public License
- along with this program; if not, write to the Free Software
- Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
-*/
-
-#include "includes.h"
-
-#undef DBGC_CLASS
-#define DBGC_CLASS DBGC_SAM
-
-/* sam group get functions */
-
-NTSTATUS sam_get_group_sid(const SAM_GROUP_HANDLE *group, const DOM_SID **sid)
-{
- SAM_ASSERT(group && sid);
-
- *sid = &(group->private.sid);
-
- return NT_STATUS_OK;
-}
-
-NTSTATUS sam_get_group_ctrl(const SAM_GROUP_HANDLE *group, uint32 *group_ctrl)
-{
- SAM_ASSERT(group && group_ctrl);
-
- *group_ctrl = group->private.group_ctrl;
-
- return NT_STATUS_OK;
-}
-
-NTSTATUS sam_get_group_name(const SAM_GROUP_HANDLE *group, const char **group_name)
-{
- SAM_ASSERT(group);
-
- *group_name = group->private.group_name;
-
- return NT_STATUS_OK;
-
-}
-NTSTATUS sam_get_group_comment(const SAM_GROUP_HANDLE *group, const char **group_desc)
-{
- SAM_ASSERT(group);
-
- *group_desc = group->private.group_desc;
-
- return NT_STATUS_OK;
-}
-
-/* sam group set functions */
-
-NTSTATUS sam_set_group_sid(SAM_GROUP_HANDLE *group, const DOM_SID *sid)
-{
- SAM_ASSERT(group);
-
- if (!sid)
- ZERO_STRUCT(group->private.sid);
- else
- sid_copy(&(group->private.sid), sid);
-
- return NT_STATUS_OK;
-}
-
-NTSTATUS sam_set_group_group_ctrl(SAM_GROUP_HANDLE *group, uint32 group_ctrl)
-{
- SAM_ASSERT(group);
-
- group->private.group_ctrl = group_ctrl;
-
- return NT_STATUS_OK;
-}
-
-NTSTATUS sam_set_group_name(SAM_GROUP_HANDLE *group, const char *group_name)
-{
- SAM_ASSERT(group);
-
- group->private.group_name = talloc_strdup(group->mem_ctx, group_name);
-
- return NT_STATUS_OK;
-}
-
-NTSTATUS sam_set_group_description(SAM_GROUP_HANDLE *group, const char *group_desc)
-{
- SAM_ASSERT(group);
-
- group->private.group_desc = talloc_strdup(group->mem_ctx, group_desc);
-
- return NT_STATUS_OK;
-
-}
diff --git a/source3/sam/sam_ads.c b/source3/sam/sam_ads.c
deleted file mode 100755
index 79b107e417..0000000000
--- a/source3/sam/sam_ads.c
+++ /dev/null
@@ -1,1378 +0,0 @@
-/*
- Unix SMB/CIFS implementation.
- Active Directory SAM backend, for simulate a W2K DC in mixed mode.
-
- Copyright (C) Stefan (metze) Metzmacher 2002
- Copyright (C) Andrew Bartlett 2002
-
- This program is free software; you can redistribute it and/or modify
- it under the terms of the GNU General Public License as published by
- the Free Software Foundation; either version 2 of the License, or
- (at your option) any later version.
-
- This program is distributed in the hope that it will be useful,
- but WITHOUT ANY WARRANTY; without even the implied warranty of
- MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
- GNU General Public License for more details.
-
- You should have received a copy of the GNU General Public License
- along with this program; if not, write to the Free Software
- Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
-*/
-
-#include "includes.h"
-
-
-#ifdef HAVE_LDAP
-
-static int sam_ads_debug_level = DBGC_SAM;
-
-#undef DBGC_CLASS
-#define DBGC_CLASS sam_ads_debug_level
-
-#ifndef FIXME
-#define FIXME( body ) { DEBUG(0,("FIXME: "));\
- DEBUGADD(0,(body));}
-#endif
-
-#define ADS_STATUS_OK ADS_ERROR(0)
-#define ADS_STATUS_UNSUCCESSFUL ADS_ERROR_NT(NT_STATUS_UNSUCCESSFUL)
-#define ADS_STATUS_NOT_IMPLEMENTED ADS_ERROR_NT(NT_STATUS_NOT_IMPLEMENTED)
-
-
-#define ADS_SUBTREE_BUILTIN "CN=Builtin,"
-#define ADS_SUBTREE_COMPUTERS "CN=Computers,"
-#define ADS_SUBTREE_DC "CN=Domain Controllers,"
-#define ADS_SUBTREE_USERS "CN=Users,"
-#define ADS_ROOT_TREE ""
-/* Here are private module structs and functions */
-
-typedef struct sam_ads_privates {
- ADS_STRUCT *ads_struct;
- TALLOC_CTX *mem_ctx;
- BOOL bind_plaintext;
- char *ads_bind_dn;
- char *ads_bind_pw;
- char *ldap_uri;
- /* did we need something more? */
-}SAM_ADS_PRIVATES;
-
-
-/* get only these LDAP attributes, witch we really need for an account */
-const char *account_attrs[] = { "objectSid",
- "objectGUID",
- "sAMAccountType",
- "sAMAcountName",
- "userPrincipalName",
- "accountExpires",
- "badPasswordTime",
- "badPwdCount",
- "lastLogoff",
- "lastLogon",
- "userWorkstations",
- "dBCSPwd",
- "unicodePwd",
- "pwdLastSet",
- "userAccountControl",
- "profilePath",
- "homeDrive",
- "scriptPath",
- "homeDirectory",
- "cn",
- "primaryGroupID",/* 513 */
- "nsNPAllowDialIn",/* TRUE */
- "userParameters",/* Dial Back number ...*/
- "codePage",/* 0 */
- "countryCode",/* 0 */
- "adminCount",/* 1 or 0 */
- "logonCount",/* 0 */
- "managedObjects",
- "memberOf",/* dn */
- "instanceType",/* 4 */
- "name", /* sync with cn */
- "description",
- /* "nTSecurityDescriptor", */
- NULL};
-
-/* get only these LDAP attributes, witch we really need for a group */
-const char *group_attrs[] = {"objectSid",
- /* "objectGUID", */
- "sAMAccountType",
- "sAMAcountName",
- "groupType",
- /* "member", */
- "description",
- "name", /* sync with cn */
- /* "nTSecurityDescriptor", */
- NULL};
-
-
-/***************************************************
- return our ads connection. We keep the connection
- open to make things faster
-****************************************************/
-static ADS_STATUS sam_ads_cached_connection(SAM_ADS_PRIVATES *privates)
-{
- ADS_STRUCT *ads_struct;
- ADS_STATUS ads_status;
-
- if (!privates->ads_struct) {
- privates->ads_struct = ads_init_simple();
- ads_struct = privates->ads_struct;
- ads_struct->server.ldap_uri = smb_xstrdup(privates->ldap_uri);
- if ((!privates->ads_bind_dn) || (!*privates->ads_bind_dn)) {
- ads_struct->auth.flags |= ADS_AUTH_ANON_BIND;
- } else {
- ads_struct->auth.user_name
- = smb_xstrdup(privates->ads_bind_dn);
- if (privates->ads_bind_pw) {
- ads_struct->auth.password
- = smb_xstrdup(privates->ads_bind_pw);
- }
- }
- if (privates->bind_plaintext) {
- ads_struct->auth.flags |= ADS_AUTH_SIMPLE_BIND;
- }
- } else {
- ads_struct = privates->ads_struct;
- }
-
- if (ads_struct->ld != NULL) {
- /* connection has been opened. ping server. */
- struct sockaddr_un addr;
- socklen_t len;
- int sd;
- if (ldap_get_option(ads_struct->ld, LDAP_OPT_DESC, &sd) == 0 &&
- getpeername(sd, (struct sockaddr *) &addr, &len) < 0) {
- /* the other end has died. reopen. */
- ldap_unbind_ext(ads_struct->ld, NULL, NULL);
- ads_struct->ld = NULL;
- }
- }
-
- if (ads_struct->ld != NULL) {
- DEBUG(5,("sam_ads_cached_connection: allready connected to the LDAP server\n"));
- return ADS_SUCCESS;
- }
-
- ads_status = ads_connect(ads_struct);
-
- ads_status = ads_server_info(ads_struct);
- if (!ADS_ERR_OK(ads_status)) {
- DEBUG(0,("Can't set server info: %s\n",ads_errstr(ads_status)));
- /* return ads_status; */ FIXME("for now we only warn!\n");
- }
-
- DEBUG(2, ("sam_ads_cached_connection: succesful connection to the LDAP server\n"));
- return ADS_SUCCESS;
-}
-
-static ADS_STATUS sam_ads_do_search(SAM_ADS_PRIVATES *privates, const char *bind_path, int scope, const char *exp, const char **attrs, void **res)
-{
- ADS_STATUS ads_status = ADS_ERROR_NT(NT_STATUS_UNSUCCESSFUL);
-
- ads_status = sam_ads_cached_connection(privates);
- if (!ADS_ERR_OK(ads_status))
- return ads_status;
-
- return ads_do_search_retry(privates->ads_struct, bind_path, scope, exp, attrs, res);
-}
-
-
-/*********************************************
-here we have to check the update serial number
- - this is the core of the ldap cache
-*********************************************/
-static ADS_STATUS sam_ads_usn_is_valid(SAM_ADS_PRIVATES *privates, uint32 usn_in, uint32 *usn_out)
-{
- ADS_STATUS ads_status = ADS_ERROR_NT(NT_STATUS_UNSUCCESSFUL);
-
- SAM_ASSERT(privates && privates->ads_struct && usn_out);
-
- ads_status = ads_USN(privates->ads_struct, usn_out);
- if (!ADS_ERR_OK(ads_status))
- return ads_status;
-
- if (*usn_out == usn_in)
- return ADS_SUCCESS;
-
- return ads_status;
-}
-
-/***********************************************
-Initialize SAM_ACCOUNT_HANDLE from an ADS query
-************************************************/
-/* not ready :-( */
-static ADS_STATUS ads_entry2sam_account_handle(SAM_ADS_PRIVATES *privates, SAM_ACCOUNT_HANDLE *account ,void *msg)
-{
- ADS_STATUS ads_status = ADS_ERROR_NT(NT_STATUS_NO_SUCH_USER);
- NTSTATUS nt_status = NT_STATUS_NO_SUCH_USER;
- ADS_STRUCT *ads_struct = privates->ads_struct;
- TALLOC_CTX *mem_ctx = account->mem_ctx;
- char *tmp_str = NULL;
-
- SAM_ASSERT(privates && ads_struct && account && mem_ctx && msg);
-
- FIXME("should we really use ads_pull_username()(or ads_pull_string())?\n");
- if ((account->private.account_name = ads_pull_username(ads_struct, mem_ctx, msg))==NULL) {
- DEBUG(0,("ads_pull_username failed\n"));
- return ADS_ERROR_NT(NT_STATUS_NO_SUCH_USER);
- }
-
- if ((account->private.full_name = ads_pull_string(ads_struct, mem_ctx, msg,"name"))==NULL) {
- DEBUG(3,("ads_pull_string for 'name' failed - skip\n"));
- }
-
- if ((account->private.acct_desc = ads_pull_string(ads_struct, mem_ctx, msg,"description"))!=NULL) {
- DEBUG(3,("ads_pull_string for 'acct_desc' failed - skip\n"));
- }
-
- if ((account->private.home_dir = ads_pull_string(ads_struct, mem_ctx, msg,"homeDirectory"))!=NULL) {
- DEBUG(3,("ads_pull_string for 'homeDirectory' failed - skip\n"));
- }
-
- if ((account->private.dir_drive = ads_pull_string(ads_struct, mem_ctx, msg,"homeDrive"))!=NULL) {
- DEBUG(3,("ads_pull_string for 'homeDrive' failed - skip\n"));
- }
-
- if ((account->private.profile_path = ads_pull_string(ads_struct, mem_ctx, msg,"profilePath"))!=NULL) {
- DEBUG(3,("ads_pull_string for 'profilePath' failed - skip\n"));
- }
-
- if ((account->private.logon_script = ads_pull_string(ads_struct, mem_ctx, msg,"scriptPath"))!=NULL) {
- DEBUG(3,("ads_pull_string for 'scriptPath' failed - skip\n"));
- }
-
- FIXME("check 'nsNPAllowDialIn' for munged_dial!\n");
- if ((account->private.munged_dial = ads_pull_string(ads_struct, mem_ctx, msg,"userParameters"))!=NULL) {
- DEBUG(3,("ads_pull_string for 'userParameters' failed - skip\n"));
- }
-
- if ((account->private.unix_home_dir = ads_pull_string(ads_struct, mem_ctx, msg,"msSFUHomeDrirectory"))!=NULL) {
- DEBUG(3,("ads_pull_string for 'msSFUHomeDrirectory' failed - skip\n"));
- }
-
-#if 0
- FIXME("use function intern mem_ctx for pwdLastSet\n");
- if ((tmp_str = ads_pull_string(ads_struct, mem_ctx, msg,"pwdLastSet"))!=NULL) {
- DEBUG(3,("ads_pull_string for 'pwdLastSet' failed - skip\n"));
- } else {
- account->private.pass_last_set_time = ads_parse_nttime(tmp_str);
- tmp_str = NULL;
-
- }
-#endif
-
-#if 0
-typedef struct sam_account_handle {
- TALLOC_CTX *mem_ctx;
- uint32 access_granted;
- const struct sam_methods *current_sam_methods; /* sam_methods creating this handle */
- void (*free_fn)(struct sam_account_handle **);
- struct sam_account_data {
- uint32 init_flag;
- NTTIME logon_time; /* logon time */
- NTTIME logoff_time; /* logoff time */
- NTTIME kickoff_time; /* kickoff time */
- NTTIME pass_last_set_time; /* password last set time */
- NTTIME pass_can_change_time; /* password can change time */
- NTTIME pass_must_change_time; /* password must change time */
- char * account_name; /* account_name string */
- SAM_DOMAIN_HANDLE * domain; /* domain of account */
- char *full_name; /* account's full name string */
- char *unix_home_dir; /* UNIX home directory string */
- char *home_dir; /* home directory string */
- char *dir_drive; /* home directory drive string */
- char *logon_script; /* logon script string */
- char *profile_path; /* profile path string */
- char *acct_desc; /* account description string */
- char *workstations; /* login from workstations string */
- char *unknown_str; /* don't know what this is, yet. */
- char *munged_dial; /* munged path name and dial-back tel number */
- DOM_SID account_sid; /* Primary Account SID */
- DOM_SID group_sid; /* Primary Group SID */
- DATA_BLOB lm_pw; /* .data is Null if no password */
- DATA_BLOB nt_pw; /* .data is Null if no password */
- char *plaintext_pw; /* if Null not available */
- uint16 acct_ctrl; /* account info (ACB_xxxx bit-mask) */
- uint32 unknown_1; /* 0x00ff ffff */
- uint16 logon_divs; /* 168 - number of hours in a week */
- uint32 hours_len; /* normally 21 bytes */
- uint8 hours[MAX_HOURS_LEN];
- uint32 unknown_2; /* 0x0002 0000 */
- uint32 unknown_3; /* 0x0000 04ec */
- } private;
-} SAM_ACCOUNT_HANDLE;
-#endif
-
- return ads_status;
-}
-
-
-/***********************************************
-Initialize SAM_GROUP_ENUM from an ads entry
-************************************************/
-/* not ready :-( */
-static ADS_STATUS ads_entry2sam_group_enum(SAM_ADS_PRIVATES *privates, TALLOC_CTX *mem_ctx, SAM_GROUP_ENUM **group_enum,const void *entry)
-{
- ADS_STATUS ads_status = ADS_STATUS_UNSUCCESSFUL;
- ADS_STRUCT *ads_struct = privates->ads_struct;
- SAM_GROUP_ENUM __group_enum;
- SAM_GROUP_ENUM *_group_enum = &__group_enum;
-
- SAM_ASSERT(privates && ads_struct && mem_ctx && group_enum && entry);
-
- *group_enum = _group_enum;
-
- DEBUG(3,("sam_ads: ads_entry2sam_account_handle\n"));
-
- if (!ads_pull_sid(ads_struct, &entry, "objectSid", &(_group_enum->sid))) {
- DEBUG(0,("No sid for!?\n"));
- return ADS_STATUS_UNSUCCESSFUL;
- }
-
- if (!(_group_enum->group_name = ads_pull_string(ads_struct, mem_ctx, &entry, "sAMAccountName"))) {
- DEBUG(0,("No groupname found"));
- return ADS_STATUS_UNSUCCESSFUL;
- }
-
- if (!(_group_enum->group_desc = ads_pull_string(ads_struct, mem_ctx, &entry, "desciption"))) {
- DEBUG(0,("No description found"));
- return ADS_STATUS_UNSUCCESSFUL;
- }
-
- DEBUG(0,("sAMAccountName: %s\ndescription: %s\nobjectSid: %s\n",
- _group_enum->group_name,
- _group_enum->group_desc,
- sid_string_static(&(_group_enum->sid))
- ));
-
- return ads_status;
-}
-
-static ADS_STATUS sam_ads_access_check(SAM_ADS_PRIVATES *privates, const SEC_DESC *sd, const NT_USER_TOKEN *access_token, uint32 access_desired, uint32 *acc_granted)
-{
- ADS_STATUS ads_status = ADS_ERROR_NT(NT_STATUS_ACCESS_DENIED);
- NTSTATUS nt_status;
- uint32 my_acc_granted;
-
- SAM_ASSERT(privates && sd && access_token);
- /* acc_granted can be set to NULL */
-
- /* the steps you need are:
- 1. get_sec_desc for sid
- 2. se_map_generic(accessdesired, generic_mapping)
- 3. se_access_check() */
-
- if (!se_access_check(sd, access_token, access_desired, (acc_granted)?acc_granted:&my_acc_granted, &nt_status)) {
- DEBUG(3,("sam_ads_access_check: ACCESS DENIED\n"));
- ads_status = ADS_ERROR_NT(nt_status);
- return ads_status;
- }
- ads_status = ADS_ERROR_NT(nt_status);
- return ads_status;
-}
-
-static ADS_STATUS sam_ads_get_tree_sec_desc(SAM_ADS_PRIVATES *privates, const char *subtree, SEC_DESC **sd)
-{
- ADS_STATUS ads_status = ADS_ERROR_NT(NT_STATUS_INVALID_PARAMETER);
- ADS_STRUCT *ads_struct = privates->ads_struct;
- TALLOC_CTX *mem_ctx = privates->mem_ctx;
- char *search_path;
- void *sec_desc_res;
- void *sec_desc_msg;
- const char *sec_desc_attrs[] = {"nTSecurityDescriptor",NULL};
-
- SAM_ASSERT(privates && ads_struct && mem_ctx && sd);
- *sd = NULL;
-
- if (subtree) {
- asprintf(&search_path, "%s%s",subtree,ads_struct->config.bind_path);
- } else {
- asprintf(&search_path, "%s","");
- }
- ads_status = sam_ads_do_search(privates, search_path, LDAP_SCOPE_BASE, "(objectClass=*)", sec_desc_attrs, &sec_desc_res);
- SAFE_FREE(search_path);
- if (!ADS_ERR_OK(ads_status))
- return ads_status;
-
- if ((sec_desc_msg = ads_first_entry(ads_struct, sec_desc_res))==NULL) {
- ads_status = ADS_ERROR_NT(NT_STATUS_INVALID_PARAMETER);
- return ads_status;
- }
-
- if (!ads_pull_sd(ads_struct, mem_ctx, sec_desc_msg, sec_desc_attrs[0], sd)) {
- *sd = NULL;
- ads_status = ADS_ERROR_NT(NT_STATUS_INVALID_PARAMETER);
- return ads_status;
- }
-
- return ads_status;
-}
-
-static ADS_STATUS sam_ads_account_policy_get(SAM_ADS_PRIVATES *privates, int field, uint32 *value)
-{
- ADS_STATUS ads_status = ADS_ERROR_NT(NT_STATUS_INVALID_PARAMETER);
- ADS_STRUCT *ads_struct = privates->ads_struct;
- void *ap_res;
- void *ap_msg;
- const char *ap_attrs[] = {"minPwdLength",/* AP_MIN_PASSWORD_LEN */
- "pwdHistoryLength",/* AP_PASSWORD_HISTORY */
- "AP_USER_MUST_LOGON_TO_CHG_PASS",/* AP_USER_MUST_LOGON_TO_CHG_PASS */
- "maxPwdAge",/* AP_MAX_PASSWORD_AGE */
- "minPwdAge",/* AP_MIN_PASSWORD_AGE */
- "lockoutDuration",/* AP_LOCK_ACCOUNT_DURATION */
- "AP_RESET_COUNT_TIME",/* AP_RESET_COUNT_TIME */
- "AP_BAD_ATTEMPT_LOCKOUT",/* AP_BAD_ATTEMPT_LOCKOUT */
- "AP_TIME_TO_LOGOUT",/* AP_TIME_TO_LOGOUT */
- NULL};
- /*lockOutObservationWindow
- lockoutThreshold $ pwdProperties*/
- static uint32 ap[9];
- static uint32 ap_usn = 0;
- uint32 tmp_usn = 0;
-
- SAM_ASSERT(privates && ads_struct && value);
-
- FIXME("We need to decode all account_policy attributes!\n");
-
- ads_status = sam_ads_usn_is_valid(privates,ap_usn,&tmp_usn);
- if (!ADS_ERR_OK(ads_status)) {
- ads_status = sam_ads_do_search(privates, ads_struct->config.bind_path, LDAP_SCOPE_BASE, "(objectClass=*)", ap_attrs, &ap_res);
- if (!ADS_ERR_OK(ads_status))
- return ads_status;
-
- if (ads_count_replies(ads_struct, ap_res) != 1) {
- ads_msgfree(ads_struct, ap_res);
- return ADS_ERROR(LDAP_NO_RESULTS_RETURNED);
- }
-
- if (!(ap_msg = ads_first_entry(ads_struct, ap_res))) {
- ads_msgfree(ads_struct, ap_res);
- return ADS_ERROR(LDAP_NO_RESULTS_RETURNED);
- }
-
- if (!ads_pull_uint32(ads_struct, ap_msg, ap_attrs[0], &ap[0])) {
- /* AP_MIN_PASSWORD_LEN */
- ap[0] = MINPASSWDLENGTH;/* 5 chars minimum */
- }
- if (!ads_pull_uint32(ads_struct, ap_msg, ap_attrs[1], &ap[1])) {
- /* AP_PASSWORD_HISTORY */
- ap[1] = 0;/* don't keep any old password */
- }
- if (!ads_pull_uint32(ads_struct, ap_msg, ap_attrs[2], &ap[2])) {
- /* AP_USER_MUST_LOGON_TO_CHG_PASS */
- ap[2] = 0;/* don't force user to logon */
- }
- if (!ads_pull_uint32(ads_struct, ap_msg, ap_attrs[3], &ap[3])) {
- /* AP_MAX_PASSWORD_AGE */
- ap[3] = MAX_PASSWORD_AGE;/* 21 days */
- }
- if (!ads_pull_uint32(ads_struct, ap_msg, ap_attrs[4], &ap[4])) {
- /* AP_MIN_PASSWORD_AGE */
- ap[4] = 0;/* 0 days */
- }
- if (!ads_pull_uint32(ads_struct, ap_msg, ap_attrs[5], &ap[5])) {
- /* AP_LOCK_ACCOUNT_DURATION */
- ap[5] = 0;/* lockout for 0 minutes */
- }
- if (!ads_pull_uint32(ads_struct, ap_msg, ap_attrs[6], &ap[6])) {
- /* AP_RESET_COUNT_TIME */
- ap[6] = 0;/* reset immediatly */
- }
- if (!ads_pull_uint32(ads_struct, ap_msg, ap_attrs[7], &ap[7])) {
- /* AP_BAD_ATTEMPT_LOCKOUT */
- ap[7] = 0;/* don't lockout */
- }
- if (!ads_pull_uint32(ads_struct, ap_msg, ap_attrs[8], &ap[8])) {
- /* AP_TIME_TO_LOGOUT */
- ap[8] = -1;/* don't force logout */
- }
-
- ads_msgfree(ads_struct, ap_res);
- ap_usn = tmp_usn;
- }
-
- switch(field) {
- case AP_MIN_PASSWORD_LEN:
- *value = ap[0];
- ads_status = ADS_ERROR_NT(NT_STATUS_OK);
- break;
- case AP_PASSWORD_HISTORY:
- *value = ap[1];
- ads_status = ADS_ERROR_NT(NT_STATUS_OK);
- break;
- case AP_USER_MUST_LOGON_TO_CHG_PASS:
- *value = ap[2];
- ads_status = ADS_ERROR_NT(NT_STATUS_OK);
- break;
- case AP_MAX_PASSWORD_AGE:
- *value = ap[3];
- ads_status = ADS_ERROR_NT(NT_STATUS_OK);
- break;
- case AP_MIN_PASSWORD_AGE:
- *value = ap[4];
- ads_status = ADS_ERROR_NT(NT_STATUS_OK);
- break;
- case AP_LOCK_ACCOUNT_DURATION:
- *value = ap[5];
- ads_status = ADS_ERROR_NT(NT_STATUS_OK);
- break;
- case AP_RESET_COUNT_TIME:
- *value = ap[6];
- ads_status = ADS_ERROR_NT(NT_STATUS_OK);
- break;
- case AP_BAD_ATTEMPT_LOCKOUT:
- *value = ap[7];
- ads_status = ADS_ERROR_NT(NT_STATUS_OK);
- break;
- case AP_TIME_TO_LOGOUT:
- *value = ap[8];
- ads_status = ADS_ERROR_NT(NT_STATUS_OK);
- break;
- default: *value = 0; break;
- }
-
- return ads_status;
-}
-
-
-/**********************************
-Now the functions off the SAM API
-***********************************/
-
-/* General API */
-static NTSTATUS sam_ads_get_sec_desc(const SAM_METHODS *sam_method, const NT_USER_TOKEN *access_token,
- const DOM_SID *sid, SEC_DESC **sd)
-{
- ADS_STATUS ads_status = ADS_ERROR_NT(NT_STATUS_UNSUCCESSFUL);
- SAM_ADS_PRIVATES *privates = (struct sam_ads_privates *)sam_method->private_data;
- ADS_STRUCT *ads_struct = privates->ads_struct;
- TALLOC_CTX *mem_ctx;
- char *sidstr,*filter;
- void *sec_desc_res;
- void *sec_desc_msg;
- const char *sec_desc_attrs[] = {"nTSecurityDescriptor",NULL};
- fstring sid_str;
- SEC_DESC *my_sd;
-
- SAM_ASSERT(sam_method && access_token && sid && sd);
-
- ads_status = sam_ads_get_tree_sec_desc(privates, ADS_ROOT_TREE, &my_sd);
- if (!ADS_ERR_OK(ads_status))
- return ads_ntstatus(ads_status);
-
- ads_status = sam_ads_access_check(privates, my_sd, access_token, GENERIC_RIGHTS_DOMAIN_READ, NULL);
-
- if (!ADS_ERR_OK(ads_status))
- return ads_ntstatus(ads_status);
-
- sidstr = sid_binstring(sid);
- if (asprintf(&filter, "(objectSid=%s)", sidstr) == -1) {
- SAFE_FREE(sidstr);
- return NT_STATUS_NO_MEMORY;
- }
-
- SAFE_FREE(sidstr);
-
- ads_status = sam_ads_do_search(privates,ads_struct->config.bind_path,
- LDAP_SCOPE_SUBTREE, filter, sec_desc_attrs,
- &sec_desc_res);
- SAFE_FREE(filter);
-
- if (!ADS_ERR_OK(ads_status)) {
- return ads_ntstatus(ads_status);
- }
-
- if (!(mem_ctx = talloc_init("sec_desc parse in sam_ads"))) {
- DEBUG(1, ("talloc_init() failed for sec_desc parse context in sam_ads"));
- ads_msgfree(ads_struct, sec_desc_res);
- return NT_STATUS_NO_MEMORY;
- }
-
- if (ads_count_replies(ads_struct, sec_desc_res) != 1) {
- DEBUG(1,("sam_ads_get_sec_desc: duplicate or 0 results for sid %s\n",
- sid_to_string(sid_str, sid)));
- talloc_destroy(mem_ctx);
- ads_msgfree(ads_struct, sec_desc_res);
- return NT_STATUS_UNSUCCESSFUL;
- }
-
- if (!(sec_desc_msg = ads_first_entry(ads_struct, sec_desc_res))) {
- talloc_destroy(mem_ctx);
- ads_msgfree(ads_struct, sec_desc_res);
- return NT_STATUS_INVALID_PARAMETER;
- }
-
- if (!ads_pull_sd(ads_struct, mem_ctx, sec_desc_msg, sec_desc_attrs[0], sd)) {
- ads_status = ADS_ERROR_NT(NT_STATUS_INVALID_PARAMETER);
- talloc_destroy(mem_ctx);
- ads_msgfree(ads_struct, sec_desc_res);
- return ads_ntstatus(ads_status);
- }
-
- /* now, were we allowed to see the SD we just got? */
-
- ads_msgfree(ads_struct, sec_desc_res);
- talloc_destroy(mem_ctx);
- return ads_ntstatus(ads_status);
-}
-
-static NTSTATUS sam_ads_set_sec_desc(const SAM_METHODS *sam_method, const NT_USER_TOKEN *access_token,
- const DOM_SID *sid, const SEC_DESC *sd)
-{
- ADS_STATUS ads_status = ADS_STATUS_NOT_IMPLEMENTED;
- DEBUG(0,("sam_ads: %s was called!\n",FUNCTION_MACRO));
- SAM_ASSERT(sam_method);
- return ads_ntstatus(ads_status);
-}
-
-
-static NTSTATUS sam_ads_lookup_sid(const SAM_METHODS *sam_method, const NT_USER_TOKEN *access_token,
- TALLOC_CTX *mem_ctx, const DOM_SID *sid, char **name,
- enum SID_NAME_USE *type)
-{
- ADS_STATUS ads_status = ADS_ERROR_NT(NT_STATUS_UNSUCCESSFUL);
- SAM_ADS_PRIVATES *privates = (struct sam_ads_privates *)sam_method->private_data;
- ADS_STRUCT *ads_struct = privates->ads_struct;
- SEC_DESC *my_sd;
-
- SAM_ASSERT(sam_method && access_token && mem_ctx && sid && name && type);
-
- ads_status = sam_ads_get_tree_sec_desc(privates, ADS_ROOT_TREE, &my_sd);
- if (!ADS_ERR_OK(ads_status))
- return ads_ntstatus(ads_status);
-
- ads_status = sam_ads_access_check(privates, my_sd, access_token, GENERIC_RIGHTS_DOMAIN_READ, NULL);
- if (!ADS_ERR_OK(ads_status))
- return ads_ntstatus(ads_status);
-
- return ads_sid_to_name(ads_struct, mem_ctx, sid, name, type);
-}
-
-static NTSTATUS sam_ads_lookup_name(const SAM_METHODS *sam_method, const NT_USER_TOKEN *access_token,
- const char *name, DOM_SID *sid, enum SID_NAME_USE *type)
-{
- ADS_STATUS ads_status = ADS_ERROR_NT(NT_STATUS_UNSUCCESSFUL);
- SAM_ADS_PRIVATES *privates = (struct sam_ads_privates *)sam_method->private_data;
- ADS_STRUCT *ads_struct = privates->ads_struct;
- SEC_DESC *my_sd;
-
- SAM_ASSERT(sam_method && access_token && name && sid && type);
-
- ads_status = sam_ads_get_tree_sec_desc(privates, ADS_ROOT_TREE, &my_sd);
- if (!ADS_ERR_OK(ads_status))
- return ads_ntstatus(ads_status);
-
- ads_status = sam_ads_access_check(privates, my_sd, access_token, GENERIC_RIGHTS_DOMAIN_READ, NULL);
- if (!ADS_ERR_OK(ads_status))
- return ads_ntstatus(ads_status);
-
- return ads_name_to_sid(ads_struct, name, sid, type);
-}
-
-
-/* Domain API */
-
-static NTSTATUS sam_ads_update_domain(const SAM_METHODS *sam_method, const SAM_DOMAIN_HANDLE *domain)
-{
- ADS_STATUS ads_status = ADS_STATUS_NOT_IMPLEMENTED;
- DEBUG(0,("sam_ads: %s was called!\n",FUNCTION_MACRO));
- SAM_ASSERT(sam_method);
- return ads_ntstatus(ads_status);
-}
-
-static NTSTATUS sam_ads_get_domain_handle(const SAM_METHODS *sam_method, const NT_USER_TOKEN *access_token,
- const uint32 access_desired, SAM_DOMAIN_HANDLE **domain)
-{
- ADS_STATUS ads_status = ADS_STATUS_NOT_IMPLEMENTED;
- SAM_ADS_PRIVATES *privates = (struct sam_ads_privates *)sam_method->private_data;
- TALLOC_CTX *mem_ctx = privates->mem_ctx; /*Fix me is this right??? */
- SAM_DOMAIN_HANDLE *dom_handle = NULL;
- SEC_DESC *sd;
- uint32 acc_granted;
- uint32 tmp_value;
-
- DEBUG(5,("sam_ads_get_domain_handle: %d\n",__LINE__));
-
- SAM_ASSERT(sam_method && access_token && domain);
-
- (*domain) = NULL;
-
- if ((dom_handle = talloc(mem_ctx, sizeof(SAM_DOMAIN_HANDLE))) == NULL) {
- DEBUG(0,("failed to talloc dom_handle\n"));
- ads_status = ADS_ERROR_NT(NT_STATUS_NO_MEMORY);
- return ads_ntstatus(ads_status);
- }
-
- ZERO_STRUCTP(dom_handle);
-
- dom_handle->mem_ctx = mem_ctx; /*Fix me is this right??? */
- dom_handle->free_fn = NULL;
- dom_handle->current_sam_methods = sam_method;
-
- /* check if access can be granted as requested */
-
- ads_status = sam_ads_get_tree_sec_desc(privates, ADS_ROOT_TREE, &sd);
- if (!ADS_ERR_OK(ads_status))
- return ads_ntstatus(ads_status);
-
- ads_status = sam_ads_access_check(privates, sd, access_token, access_desired, &acc_granted);
- if (!ADS_ERR_OK(ads_status))
- return ads_ntstatus(ads_status);
-
- dom_handle->access_granted = acc_granted;
-
- /* fill all the values of dom_handle */
- sid_copy(&dom_handle->private.sid, &sam_method->domain_sid);
- dom_handle->private.name = smb_xstrdup(sam_method->domain_name);
- dom_handle->private.servername = "WHOKNOWS"; /* what is the servername */
-
- /*Fix me: sam_ads_account_policy_get() return ADS_STATUS! */
- ads_status = sam_ads_account_policy_get(privates, AP_MAX_PASSWORD_AGE, &tmp_value);
- if (!ADS_ERR_OK(ads_status)) {
- DEBUG(4,("sam_ads_account_policy_get failed for max password age. Useing default\n"));
- tmp_value = MAX_PASSWORD_AGE;
- }
- unix_to_nt_time_abs(&dom_handle->private.max_passwordage,tmp_value);
-
- ads_status = sam_ads_account_policy_get(privates, AP_MIN_PASSWORD_AGE, &tmp_value);
- if (!ADS_ERR_OK(ads_status)) {
- DEBUG(4,("sam_ads_account_policy_get failed for min password age. Useing default\n"));
- tmp_value = 0;
- }
- unix_to_nt_time_abs(&dom_handle->private.min_passwordage, tmp_value);
-
- ads_status = sam_ads_account_policy_get(privates, AP_LOCK_ACCOUNT_DURATION, &tmp_value);
- if (!ADS_ERR_OK(ads_status)) {
- DEBUG(4,("sam_ads_account_policy_get failed for lockout duration. Useing default\n"));
- tmp_value = 0;
- }
- unix_to_nt_time_abs(&dom_handle->private.lockout_duration, tmp_value);
-
- ads_status = sam_ads_account_policy_get(privates, AP_RESET_COUNT_TIME, &tmp_value);
- if (!ADS_ERR_OK(ads_status)) {
- DEBUG(4,("sam_ads_account_policy_get failed for time till locout count is reset. Useing default\n"));
- tmp_value = 0;
- }
- unix_to_nt_time_abs(&dom_handle->private.reset_count, tmp_value);
-
- ads_status = sam_ads_account_policy_get(privates, AP_MIN_PASSWORD_LEN, &tmp_value);
- if (!ADS_ERR_OK(ads_status)) {
- DEBUG(4,("sam_ads_account_policy_get failed for min password length. Useing default\n"));
- tmp_value = 0;
- }
- dom_handle->private.min_passwordlength = (uint16)tmp_value;
-
- ads_status = sam_ads_account_policy_get(privates, AP_PASSWORD_HISTORY, &tmp_value);
- if (!ADS_ERR_OK(ads_status)) {
- DEBUG(4,("sam_ads_account_policy_get failed password history. Useing default\n"));
- tmp_value = 0;
- }
- dom_handle->private.password_history = (uint16)tmp_value;
-
- ads_status = sam_ads_account_policy_get(privates, AP_BAD_ATTEMPT_LOCKOUT, &tmp_value);
- if (!ADS_ERR_OK(ads_status)) {
- DEBUG(4,("sam_ads_account_policy_get failed for bad attempts till lockout. Useing default\n"));
- tmp_value = 0;
- }
- dom_handle->private.lockout_count = (uint16)tmp_value;
-
- ads_status = sam_ads_account_policy_get(privates, AP_TIME_TO_LOGOUT, &tmp_value);
- if (!ADS_ERR_OK(ads_status)) {
- DEBUG(4,("sam_ads_account_policy_get failed for force logout. Useing default\n"));
- tmp_value = -1;
- }
-
- ads_status = sam_ads_account_policy_get(privates, AP_USER_MUST_LOGON_TO_CHG_PASS, &tmp_value);
- if (!ADS_ERR_OK(ads_status)) {
- DEBUG(4,("sam_ads_account_policy_get failed for user must login to change password. Useing default\n"));
- tmp_value = 0;
- }
-
- /* should the real values of num_accounts, num_groups and num_aliases be retreved?
- * I think it is to expensive to bother
- */
- dom_handle->private.num_accounts = 3;
- dom_handle->private.num_groups = 4;
- dom_handle->private.num_aliases = 5;
-
- *domain = dom_handle;
-
- ads_status = ADS_ERROR_NT(NT_STATUS_OK);
- return ads_ntstatus(ads_status);
-}
-
-/* Account API */
-static NTSTATUS sam_ads_create_account(const SAM_METHODS *sam_method,
- const NT_USER_TOKEN *access_token, uint32 access_desired,
- const char *account_name, uint16 acct_ctrl, SAM_ACCOUNT_HANDLE **account)
-{
- ADS_STATUS ads_status = ADS_STATUS_NOT_IMPLEMENTED;
- SAM_ADS_PRIVATES *privates = (struct sam_ads_privates *)sam_method->private_data;
- SEC_DESC *sd = NULL;
- uint32 acc_granted;
-
- SAM_ASSERT(sam_method && privates && access_token && account_name && account);
-
- ads_status = sam_ads_get_tree_sec_desc(privates, ADS_SUBTREE_USERS, &sd);
- if (!ADS_ERR_OK(ads_status))
- return ads_ntstatus(ads_status);
-
- ads_status = sam_ads_access_check(privates, sd, access_token, access_desired, &acc_granted);
- if (!ADS_ERR_OK(ads_status))
- return ads_ntstatus(ads_status);
-
- ads_status = ADS_ERROR_NT(sam_init_account(account));
- if (!ADS_ERR_OK(ads_status))
- return ads_ntstatus(ads_status);
-
- (*account)->access_granted = acc_granted;
-
- return ads_ntstatus(ads_status);
-}
-
-static NTSTATUS sam_ads_add_account(const SAM_METHODS *sam_method, const SAM_ACCOUNT_HANDLE *account)
-{
- ADS_STATUS ads_status = ADS_ERROR(LDAP_NO_MEMORY);
- SAM_ADS_PRIVATES *privates = (struct sam_ads_privates *)sam_method->private_data;
- ADS_STRUCT *ads_struct = privates->ads_struct;
- TALLOC_CTX *mem_ctx = privates->mem_ctx;
- ADS_MODLIST mods;
- uint16 acct_ctrl;
- char *new_dn;
- SEC_DESC *sd;
- uint32 acc_granted;
-
- SAM_ASSERT(sam_method && account);
-
- ads_status = ADS_ERROR_NT(sam_get_account_acct_ctrl(account,&acct_ctrl));
- if (!ADS_ERR_OK(ads_status))
- goto done;
-
- if ((acct_ctrl & ACB_WSTRUST)||(acct_ctrl & ACB_SVRTRUST)) {
- /* Computer account */
- char *name,*controlstr;
- char *hostname,*host_upn,*host_spn;
- const char *objectClass[] = {"top", "person", "organizationalPerson",
- "user", "computer", NULL};
-
- ads_status = ADS_ERROR_NT(sam_get_account_name(account,&name));
- if (!ADS_ERR_OK(ads_status))
- goto done;
-
- if (!(host_upn = talloc_asprintf(mem_ctx, "%s@%s", name, ads_struct->config.realm))) {
- ads_status = ADS_ERROR_NT(NT_STATUS_NO_MEMORY);
- goto done;
- }
-
- if (!(new_dn = talloc_asprintf(mem_ctx, "CN=%s,CN=Computers,%s", hostname,
- ads_struct->config.bind_path))) {
- ads_status = ADS_ERROR_NT(NT_STATUS_NO_MEMORY);
- goto done;
- }
-
- if (!(controlstr = talloc_asprintf(mem_ctx, "%u", ads_acb2uf(acct_ctrl)))) {
- ads_status = ADS_ERROR_NT(NT_STATUS_NO_MEMORY);
- goto done;
- }
-
- if (!(mods = ads_init_mods(mem_ctx))) {
- ads_status = ADS_ERROR_NT(NT_STATUS_NO_MEMORY);
- goto done;
- }
-
- ads_status = ads_mod_str(mem_ctx, &mods, "cn", hostname);
- if (!ADS_ERR_OK(ads_status))
- goto done;
- ads_status = ads_mod_strlist(mem_ctx, &mods, "objectClass", objectClass);
- if (!ADS_ERR_OK(ads_status))
- goto done;
- ads_status = ads_mod_str(mem_ctx, &mods, "userPrincipalName", host_upn);
- if (!ADS_ERR_OK(ads_status))
- goto done;
- ads_status = ads_mod_str(mem_ctx, &mods, "displayName", hostname);
- if (!ADS_ERR_OK(ads_status))
- goto done;
- ads_status = ads_mod_str(mem_ctx, &mods, "sAMAccountName", name);
- if (!ADS_ERR_OK(ads_status))
- goto done;
- ads_status = ads_mod_str(mem_ctx, &mods, "userAccountControl", controlstr);
- if (!ADS_ERR_OK(ads_status))
- goto done;
-
- ads_status = ads_mod_str(mem_ctx, &mods, "servicePrincipalName", host_spn);
- if (!ADS_ERR_OK(ads_status))
- goto done;
- ads_status = ads_mod_str(mem_ctx, &mods, "dNSHostName", hostname);
- if (!ADS_ERR_OK(ads_status))
- goto done;
- ads_status = ads_mod_str(mem_ctx, &mods, "userAccountControl", controlstr);
- if (!ADS_ERR_OK(ads_status))
- goto done;
- /* ads_status = ads_mod_str(mem_ctx, &mods, "operatingSystem", "Samba");
- if (!ADS_ERR_OK(ads_status))
- goto done;
- *//* ads_status = ads_mod_str(mem_ctx, &mods, "operatingSystemVersion", VERSION);
- if (!ADS_ERR_OK(ads_status))
- goto done;
- */
- /* End Computer account */
- } else {
- /* User account*/
- char *upn, *controlstr;
- char *name, *fullname;
- const char *objectClass[] = {"top", "person", "organizationalPerson",
- "user", NULL};
-
- ads_status = ADS_ERROR_NT(sam_get_account_name(account,&name));
- if (!ADS_ERR_OK(ads_status))
- goto done;
-
- ads_status = ADS_ERROR_NT(sam_get_account_fullname(account,&fullname));
- if (!ADS_ERR_OK(ads_status))
- goto done;
-
- if (!(upn = talloc_asprintf(mem_ctx, "%s@%s", name, ads_struct->config.realm))) {
- ads_status = ADS_ERROR_NT(NT_STATUS_NO_MEMORY);
- goto done;
- }
-
- if (!(new_dn = talloc_asprintf(mem_ctx, "CN=%s,CN=Users,%s", fullname,
- ads_struct->config.bind_path))) {
- ads_status = ADS_ERROR_NT(NT_STATUS_NO_MEMORY);
- goto done;
- }
-
- if (!(controlstr = talloc_asprintf(mem_ctx, "%u", ads_acb2uf(acct_ctrl)))) {
- ads_status = ADS_ERROR_NT(NT_STATUS_NO_MEMORY);
- goto done;
- }
-
- if (!(mods = ads_init_mods(mem_ctx))) {
- ads_status = ADS_ERROR_NT(NT_STATUS_NO_MEMORY);
- goto done;
- }
-
- ads_status = ads_mod_str(mem_ctx, &mods, "cn", fullname);
- if (!ADS_ERR_OK(ads_status))
- goto done;
- ads_status = ads_mod_strlist(mem_ctx, &mods, "objectClass", objectClass);
- if (!ADS_ERR_OK(ads_status))
- goto done;
- ads_status = ads_mod_str(mem_ctx, &mods, "userPrincipalName", upn);
- if (!ADS_ERR_OK(ads_status))
- goto done;
- ads_status = ads_mod_str(mem_ctx, &mods, "displayName", fullname);
- if (!ADS_ERR_OK(ads_status))
- goto done;
- ads_status = ads_mod_str(mem_ctx, &mods, "sAMAccountName", name);
- if (!ADS_ERR_OK(ads_status))
- goto done;
- ads_status = ads_mod_str(mem_ctx, &mods, "userAccountControl", controlstr);
- if (!ADS_ERR_OK(ads_status))
- goto done;
- }/* End User account */
-
- /* Finally at the account */
- ads_status = ads_gen_add(ads_struct, new_dn, mods);
-
-done:
- return ads_ntstatus(ads_status);
-}
-
-static NTSTATUS sam_ads_update_account(const SAM_METHODS *sam_method, const SAM_ACCOUNT_HANDLE *account)
-{
- ADS_STATUS ads_status = ADS_STATUS_NOT_IMPLEMENTED;
- DEBUG(0,("sam_ads: %s was called!\n",FUNCTION_MACRO));
- SAM_ASSERT(sam_method);
- return ads_ntstatus(ads_status);
-}
-
-static NTSTATUS sam_ads_delete_account(const SAM_METHODS *sam_method, const SAM_ACCOUNT_HANDLE *account)
-{
- ADS_STATUS ads_status = ADS_STATUS_NOT_IMPLEMENTED;
- DEBUG(0,("sam_ads: %s was called!\n",FUNCTION_MACRO));
- SAM_ASSERT(sam_method);
-
-
-
- return ads_ntstatus(ads_status);
-}
-
-static NTSTATUS sam_ads_enum_accounts(const SAM_METHODS *sam_method, const NT_USER_TOKEN *access_token, uint16 acct_ctrl, uint32 *account_count, SAM_ACCOUNT_ENUM **accounts)
-{
- ADS_STATUS ads_status = ADS_STATUS_NOT_IMPLEMENTED;
- DEBUG(0,("sam_ads: %s was called!\n",FUNCTION_MACRO));
- SAM_ASSERT(sam_method);
- return ads_ntstatus(ads_status);
-}
-
-#if 0
-static NTSTATUS sam_ads_get_account_by_sid(const SAM_METHODS *sam_method, const NT_USER_TOKEN *access_token, const uint32 access_desired, const DOM_SID *account_sid, SAM_ACCOUNT_HANDLE **account)
-{
- ADS_STATUS ads_status = ADS_ERROR_NT(NT_STATUS_UNSUCCESSFUL);
- SAM_ADS_PRIVATES *privates = (struct sam_ads_privates *)sam_method->private_data;
- ADS_STRUCT *ads_struct = privates->ads_struct;
- TALLOC_CTX *mem_ctx = privates->mem_ctx;
- SEC_DESC *sd = NULL;
- uint32 acc_granted;
-
- SAM_ASSERT(sam_method && privates && ads_struct && access_token && account_sid && account);
-
- ads_status = ADS_ERROR_NT(sam_ads_get_sec_desc(sam_method, access_token, account_sid, &my_sd));
- if (!ADS_ERR_OK(ads_status))
- return ads_ntstatus(ads_status);
-
- ads_status = sam_ads_access_check(privates, sd, access_token, access_desired, &acc_granted);
- if (!ADS_ERR_OK(ads_status))
- return ads_ntstatus(ads_status);
-
- ads_status = ADS_ERROR_NT(sam_init_account(account));
- if (!ADS_ERR_OK(ads_status))
- return ads_ntstatus(ads_status);
-
- (*account)->access_granted = acc_granted;
-
- return ads_ntstatus(ads_status);
-}
-#else
-static NTSTATUS sam_ads_get_account_by_sid(const SAM_METHODS *sam_method, const NT_USER_TOKEN *access_token, const uint32 access_desired, const DOM_SID *account_sid, SAM_ACCOUNT_HANDLE **account)
-{
- ADS_STATUS ads_status = ADS_STATUS_NOT_IMPLEMENTED;
- DEBUG(0,("sam_ads: %s was called!\n",FUNCTION_MACRO));
- SAM_ASSERT(sam_method);
- return ads_ntstatus(ads_status);
-}
-#endif
-
-#if 0
-static NTSTATUS sam_ads_get_account_by_name(const SAM_METHODS *sam_method, const NT_USER_TOKEN *access_token, const uint32 access_desired, const char *account_name, SAM_ACCOUNT_HANDLE **account)
-{
- ADS_STATUS ads_status = ADS_ERROR_NT(NT_STATUS_UNSUCCESSFUL);
- SAM_ADS_PRIVATES *privates = (struct sam_ads_privates *)sam_method->private_data;
- ADS_STRUCT *ads_struct = privates->ads_struct;
- TALLOC_CTX *mem_ctx = privates->mem_ctx;
- SEC_DESC *sd = NULL;
- uint32 acc_granted;
-
- SAM_ASSERT(sam_method && privates && ads_struct && access_token && account_name && account);
-
- ads_status = sam_ads_get_tree_sec_desc(privates, ADS_ROOT_TREE, &sd);
- if (!ADS_ERR_OK(ads_status))
- return ads_ntstatus(ads_status);
-
- ads_status = sam_ads_access_check(privates, sd, access_token, access_desired, &acc_granted);
- if (!ADS_ERR_OK(ads_status))
- return ads_ntstatus(ads_status);
-
- ads_status = ADS_ERROR_NT(sam_init_account(account));
- if (!ADS_ERR_OK(ads_status))
- return ads_ntstatus(ads_status);
-
- (*account)->access_granted = acc_granted;
-
- return ads_ntstatus(ads_status);
-}
-#else
-static NTSTATUS sam_ads_get_account_by_name(const SAM_METHODS *sam_method, const NT_USER_TOKEN *access_token, const uint32 access_desired, const char *account_name, SAM_ACCOUNT_HANDLE **account)
-{
- ADS_STATUS ads_status = ADS_STATUS_NOT_IMPLEMENTED;
- DEBUG(0,("sam_ads: %s was called!\n",FUNCTION_MACRO));
- SAM_ASSERT(sam_method);
- return ads_ntstatus(ads_status);
-}
-#endif
-
-/* Group API */
-static NTSTATUS sam_ads_create_group(const SAM_METHODS *sam_method, const NT_USER_TOKEN *access_token, uint32 access_desired, const char *group_name, uint16 group_ctrl, SAM_GROUP_HANDLE **group)
-{
- ADS_STATUS ads_status = ADS_STATUS_NOT_IMPLEMENTED;
- DEBUG(0,("sam_ads: %s was called!\n",FUNCTION_MACRO));
- SAM_ASSERT(sam_method);
- return ads_ntstatus(ads_status);
-}
-
-static NTSTATUS sam_ads_add_group(const SAM_METHODS *sam_method, const SAM_GROUP_HANDLE *group)
-{
- ADS_STATUS ads_status = ADS_STATUS_NOT_IMPLEMENTED;
- DEBUG(0,("sam_ads: %s was called!\n",FUNCTION_MACRO));
- SAM_ASSERT(sam_method);
- return ads_ntstatus(ads_status);
-}
-
-static NTSTATUS sam_ads_update_group(const SAM_METHODS *sam_method, const SAM_GROUP_HANDLE *group)
-{
- ADS_STATUS ads_status = ADS_STATUS_NOT_IMPLEMENTED;
- DEBUG(0,("sam_ads: %s was called!\n",FUNCTION_MACRO));
- SAM_ASSERT(sam_method);
- return ads_ntstatus(ads_status);
-}
-
-static NTSTATUS sam_ads_delete_group(const SAM_METHODS *sam_method, const SAM_GROUP_HANDLE *group)
-{
- ADS_STATUS ads_status = ADS_STATUS_NOT_IMPLEMENTED;
- DEBUG(0,("sam_ads: %s was called!\n",FUNCTION_MACRO));
- SAM_ASSERT(sam_method);
- return ads_ntstatus(ads_status);
-}
-
-static NTSTATUS sam_ads_enum_groups(const SAM_METHODS *sam_method, const NT_USER_TOKEN *access_token, const uint16 group_ctrl, uint32 *groups_count, SAM_GROUP_ENUM **groups)
-{
- ADS_STATUS ads_status = ADS_STATUS_NOT_IMPLEMENTED;
- SAM_ADS_PRIVATES *privates = (struct sam_ads_privates *)sam_method->private_data;
- ADS_STRUCT *ads_struct = privates->ads_struct;
- TALLOC_CTX *mem_ctx = privates->mem_ctx;
- void *res = NULL;
- void *msg = NULL;
- char *filter = NULL;
- int i = 0;
-
- /* get only these LDAP attributes, witch we really need for a group */
- const char *group_enum_attrs[] = {"objectSid",
- "description",
- "sAMAcountName",
- NULL};
-
- SAM_ASSERT(sam_method && access_token && groups_count && groups);
-
- *groups_count = 0;
-
- DEBUG(3,("ads: enum_dom_groups\n"));
-
- FIXME("get only group from the wanted Type!\n");
- asprintf(&filter, "(&(objectClass=group)(groupType=%s))", "*");
- ads_status = sam_ads_do_search(privates, ads_struct->config.bind_path, LDAP_SCOPE_SUBTREE, filter, group_enum_attrs, &res);
- if (!ADS_ERR_OK(ads_status)) {
- DEBUG(1,("enum_groups ads_search: %s\n", ads_errstr(ads_status)));
- }
-
- *groups_count = ads_count_replies(ads_struct, res);
- if (*groups_count == 0) {
- DEBUG(1,("enum_groups: No groups found\n"));
- }
-
- (*groups) = talloc_zero(mem_ctx, (*groups_count) * sizeof(**groups));
- if (!*groups) {
- ads_status = ADS_ERROR_NT(NT_STATUS_NO_MEMORY);
- }
-
- for (msg = ads_first_entry(ads_struct, res); msg; msg = ads_next_entry(ads_struct, msg)) {
- uint32 grouptype;
-
- if (!ads_pull_uint32(ads_struct, msg, "groupType", &grouptype)) {
- ;
- } else {
- (*groups)->group_ctrl = ads_gtype2gcb(grouptype);
- }
-
- if (!((*groups)->group_name = ads_pull_string(ads_struct, mem_ctx, msg, "sAMAccountName"))) {
- ;
- }
-
- if (!((*groups)->group_desc = ads_pull_string(ads_struct, mem_ctx, msg, "description"))) {
- ;
- }
-
- if (!ads_pull_sid(ads_struct, msg, "objectSid", &((*groups)->sid))) {
- DEBUG(1,("No sid for group %s !?\n", (*groups)->group_name));
- continue;
- }
-
- i++;
- }
-
- (*groups_count) = i;
-
- ads_status = ADS_ERROR_NT(NT_STATUS_OK);
-
- DEBUG(3,("ads enum_dom_groups gave %d entries\n", (*groups_count)));
-
- if (res) ads_msgfree(ads_struct, res);
-
- return ads_ntstatus(ads_status);
-}
-
-static NTSTATUS sam_ads_get_group_by_sid(const SAM_METHODS *sam_method, const NT_USER_TOKEN *access_token, const uint32 access_desired, const DOM_SID *groupsid, SAM_GROUP_HANDLE **group)
-{
- ADS_STATUS ads_status = ADS_STATUS_NOT_IMPLEMENTED;
- DEBUG(0,("sam_ads: %s was called!\n",FUNCTION_MACRO));
- SAM_ASSERT(sam_method);
- return ads_ntstatus(ads_status);
-}
-
-static NTSTATUS sam_ads_get_group_by_name(const SAM_METHODS *sam_method, const NT_USER_TOKEN *access_token, const uint32 access_desired, const char *name, SAM_GROUP_HANDLE **group)
-{
- ADS_STATUS ads_status = ADS_STATUS_NOT_IMPLEMENTED;
- DEBUG(0,("sam_ads: %s was called!\n",FUNCTION_MACRO));
- SAM_ASSERT(sam_method);
- return ads_ntstatus(ads_status);
-}
-
-static NTSTATUS sam_ads_add_member_to_group(const SAM_METHODS *sam_method, const SAM_GROUP_HANDLE *group, const SAM_GROUP_MEMBER *member)
-{
- ADS_STATUS ads_status = ADS_STATUS_NOT_IMPLEMENTED;
- DEBUG(0,("sam_ads: %s was called!\n",FUNCTION_MACRO));
- SAM_ASSERT(sam_method);
- return ads_ntstatus(ads_status);
-}
-
-static NTSTATUS sam_ads_delete_member_from_group(const SAM_METHODS *sam_method, const SAM_GROUP_HANDLE *group, const SAM_GROUP_MEMBER *member)
-{
- ADS_STATUS ads_status = ADS_STATUS_NOT_IMPLEMENTED;
- DEBUG(0,("sam_ads: %s was called!\n",FUNCTION_MACRO));
- SAM_ASSERT(sam_method);
- return ads_ntstatus(ads_status);
-}
-
-static NTSTATUS sam_ads_enum_groupmembers(const SAM_METHODS *sam_method, const SAM_GROUP_HANDLE *group, uint32 *members_count, SAM_GROUP_MEMBER **members)
-{
- ADS_STATUS ads_status = ADS_STATUS_NOT_IMPLEMENTED;
- DEBUG(0,("sam_ads: %s was called!\n",FUNCTION_MACRO));
- SAM_ASSERT(sam_method);
- return ads_ntstatus(ads_status);
-}
-
-static NTSTATUS sam_ads_get_groups_of_sid(const SAM_METHODS *sam_method, const NT_USER_TOKEN *access_token, const DOM_SID **sids, const uint16 group_ctrl, uint32 *group_count, SAM_GROUP_ENUM **groups)
-{
- ADS_STATUS ads_status = ADS_STATUS_NOT_IMPLEMENTED;
- DEBUG(0,("sam_ads: %s was called!\n",FUNCTION_MACRO));
- SAM_ASSERT(sam_method);
- return ads_ntstatus(ads_status);
-}
-
-/**********************************
-Free our private data
-***********************************/
-static void sam_ads_free_private_data(void **vp)
-{
- SAM_ADS_PRIVATES **sam_ads_state = (SAM_ADS_PRIVATES **)vp;
-
- if ((*sam_ads_state)->ads_struct->ld) {
- ldap_unbind((*sam_ads_state)->ads_struct->ld);
- }
-
- ads_destroy(&((*sam_ads_state)->ads_struct));
-
- talloc_destroy((*sam_ads_state)->mem_ctx);
- FIXME("maybe we must free some other stuff here\n");
-
- *sam_ads_state = NULL;
-}
-
-
-
-/*****************************************************
-Init the ADS SAM backend
-******************************************************/
-NTSTATUS sam_init_ads(SAM_METHODS *sam_method, const char *module_params)
-{
- ADS_STATUS ads_status;
- SAM_ADS_PRIVATES *sam_ads_state;
- TALLOC_CTX *mem_ctx;
-
- SAM_ASSERT(sam_method && sam_method->parent);
-
- mem_ctx = sam_method->parent->mem_ctx;
-
- /* Here the SAM API functions of the sam_ads module */
-
- /* General API */
-
- sam_method->sam_get_sec_desc = sam_ads_get_sec_desc;
- sam_method->sam_set_sec_desc = sam_ads_set_sec_desc;
-
- sam_method->sam_lookup_sid = sam_ads_lookup_sid;
- sam_method->sam_lookup_name = sam_ads_lookup_name;
-
- /* Domain API */
-
- sam_method->sam_update_domain = sam_ads_update_domain;
- sam_method->sam_get_domain_handle = sam_ads_get_domain_handle;
-
- /* Account API */
-
- sam_method->sam_create_account = sam_ads_create_account;
- sam_method->sam_add_account = sam_ads_add_account;
- sam_method->sam_update_account = sam_ads_update_account;
- sam_method->sam_delete_account = sam_ads_delete_account;
- sam_method->sam_enum_accounts = sam_ads_enum_accounts;
-
- sam_method->sam_get_account_by_sid = sam_ads_get_account_by_sid;
- sam_method->sam_get_account_by_name = sam_ads_get_account_by_name;
-
- /* Group API */
-
- sam_method->sam_create_group = sam_ads_create_group;
- sam_method->sam_add_group = sam_ads_add_group;
- sam_method->sam_update_group = sam_ads_update_group;
- sam_method->sam_delete_group = sam_ads_delete_group;
- sam_method->sam_enum_groups = sam_ads_enum_groups;
- sam_method->sam_get_group_by_sid = sam_ads_get_group_by_sid;
- sam_method->sam_get_group_by_name = sam_ads_get_group_by_name;
-
- sam_method->sam_add_member_to_group = sam_ads_add_member_to_group;
- sam_method->sam_delete_member_from_group = sam_ads_delete_member_from_group;
- sam_method->sam_enum_groupmembers = sam_ads_enum_groupmembers;
-
- sam_method->sam_get_groups_of_sid = sam_ads_get_groups_of_sid;
-
- sam_ads_state = talloc_zero(mem_ctx, sizeof(SAM_ADS_PRIVATES));
- if (!sam_ads_state) {
- DEBUG(0, ("talloc() failed for sam_ads private_data!\n"));
- return NT_STATUS_NO_MEMORY;
- }
-
- if (!(sam_ads_state->mem_ctx = talloc_init("sam_ads_method"))) {
- DEBUG(0, ("talloc_init() failed for sam_ads_state->mem_ctx\n"));
- return NT_STATUS_NO_MEMORY;
- }
-
- sam_ads_state->ads_bind_dn = talloc_strdup(sam_ads_state->mem_ctx, lp_parm_const_string(GLOBAL_SECTION_SNUM,"sam_ads","bind as", ""));
- sam_ads_state->ads_bind_pw = talloc_strdup(sam_ads_state->mem_ctx, lp_parm_const_string(GLOBAL_SECTION_SNUM,"sam_ads","bind pw", ""));
-
- sam_ads_state->bind_plaintext = lp_parm_bool(GLOBAL_SECTION_SNUM, "sam_ads", "plaintext bind" , True);
-
- if (!sam_ads_state->ads_bind_dn || !sam_ads_state->ads_bind_pw) {
- DEBUG(0, ("talloc_strdup() failed for bind dn or password\n"));
- return NT_STATUS_NO_MEMORY;
- }
-
- /* Maybe we should not check the result here? Server down on startup? */
-
- if (module_params && *module_params) {
- sam_ads_state->ldap_uri = talloc_strdup(sam_ads_state->mem_ctx, module_params);
- if (!sam_ads_state->ldap_uri) {
- DEBUG(0, ("talloc_strdup() failed for bind dn or password\n"));
- return NT_STATUS_NO_MEMORY;
- }
- } else {
- sam_ads_state->ldap_uri = "ldapi://";
- }
-
- ads_status = sam_ads_cached_connection(sam_ads_state);
- if (!ADS_ERR_OK(ads_status)) {
- return ads_ntstatus(ads_status);
- }
-
- sam_method->private_data = sam_ads_state;
- sam_method->free_private_data = sam_ads_free_private_data;
-
- sam_ads_debug_level = debug_add_class("sam_ads");
- if (sam_ads_debug_level == -1) {
- sam_ads_debug_level = DBGC_ALL;
- DEBUG(0, ("sam_ads: Couldn't register custom debugging class!\n"));
- } else DEBUG(2, ("sam_ads: Debug class number of 'sam_ads': %d\n", sam_ads_debug_level));
-
- DEBUG(5, ("Initializing sam_ads\n"));
- if (module_params)
- DEBUG(10, ("Module Parameters for Domain %s[%s]: %s\n", sam_method->domain_name, sam_method->domain_name, module_params));
- return NT_STATUS_OK;
-}
-
-#else /* HAVE_LDAP */
-void sam_ads_dummy(void)
-{
- DEBUG(0,("sam_ads: not supported!\n"));
-}
-#endif /* HAVE_LDAP */
diff --git a/source3/sam/sam_plugin.c b/source3/sam/sam_plugin.c
deleted file mode 100644
index fd26c4b8d3..0000000000
--- a/source3/sam/sam_plugin.c
+++ /dev/null
@@ -1,79 +0,0 @@
-/*
- Unix SMB/CIFS implementation.
- Loadable san module interface.
- Copyright (C) Jelmer Vernooij 2002
- Copyright (C) Andrew Bartlett 2002
- Copyright (C) Stefan (metze) Metzmacher 2002
-
- This program is free software; you can redistribute it and/or modify
- it under the terms of the GNU General Public License as published by
- the Free Software Foundation; either version 2 of the License, or
- (at your option) any later version.
-
- This program is distributed in the hope that it will be useful,
- but WITHOUT ANY WARRANTY; without even the implied warranty of
- MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
- GNU General Public License for more details.
-
- You should have received a copy of the GNU General Public License
- along with this program; if not, write to the Free Software
- Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
-*/
-
-#include "includes.h"
-
-#undef DBGC_CLASS
-#define DBGC_CLASS DBGC_SAM
-
-NTSTATUS sam_init_plugin(SAM_METHODS *sam_methods, const char *module_params)
-{
- void *dl_handle;
- char *plugin_params, *plugin_name, *p;
- sam_init_function plugin_init;
- int (*plugin_version)(void);
-
- if (module_params == NULL) {
- DEBUG(0, ("The plugin module needs an argument!\n"));
- return NT_STATUS_UNSUCCESSFUL;
- }
-
- plugin_name = smb_xstrdup(module_params);
- p = strchr(plugin_name, ':');
- if (p) {
- *p = 0;
- plugin_params = p+1;
- trim_string(plugin_params, " ", " ");
- } else plugin_params = NULL;
- trim_string(plugin_name, " ", " ");
-
- DEBUG(5, ("Trying to load sam plugin %s\n", plugin_name));
- dl_handle = sys_dlopen(plugin_name, RTLD_NOW);
- if (!dl_handle) {
- DEBUG(0, ("Failed to load sam plugin %s using sys_dlopen (%s)\n", plugin_name, sys_dlerror()));
- return NT_STATUS_UNSUCCESSFUL;
- }
-
- plugin_version = sys_dlsym(dl_handle, "sam_version");
- if (!plugin_version) {
- sys_dlclose(dl_handle);
- DEBUG(0, ("Failed to find function 'sam_version' using sys_dlsym in sam plugin %s (%s)\n", plugin_name, sys_dlerror()));
- return NT_STATUS_UNSUCCESSFUL;
- }
-
- if (plugin_version()!=SAM_INTERFACE_VERSION) {
- sys_dlclose(dl_handle);
- DEBUG(0, ("Wrong SAM_INTERFACE_VERSION! sam plugin has version %d and version %d is needed! Please update!\n",
- plugin_version(),SAM_INTERFACE_VERSION));
- return NT_STATUS_UNSUCCESSFUL;
- }
-
- plugin_init = sys_dlsym(dl_handle, "sam_init");
- if (!plugin_init) {
- sys_dlclose(dl_handle);
- DEBUG(0, ("Failed to find function 'sam_init' using sys_dlsym in sam plugin %s (%s)\n", plugin_name, sys_dlerror()));
- return NT_STATUS_UNSUCCESSFUL;
- }
-
- DEBUG(5, ("Starting sam plugin %s with parameters %s for domain %s\n", plugin_name, plugin_params, sam_methods->domain_name));
- return plugin_init(sam_methods, plugin_params);
-}
diff --git a/source3/sam/sam_skel.c b/source3/sam/sam_skel.c
deleted file mode 100644
index b4d64bb6da..0000000000
--- a/source3/sam/sam_skel.c
+++ /dev/null
@@ -1,251 +0,0 @@
-/*
- Unix SMB/CIFS implementation.
- this is a skeleton for SAM backend modules.
-
- Copyright (C) Stefan (metze) Metzmacher 2002
- Copyright (C) Jelmer Vernooij 2002
- Copyright (C) Andrew Bartlett 2002
-
- This program is free software; you can redistribute it and/or modify
- it under the terms of the GNU General Public License as published by
- the Free Software Foundation; either version 2 of the License, or
- (at your option) any later version.
-
- This program is distributed in the hope that it will be useful,
- but WITHOUT ANY WARRANTY; without even the implied warranty of
- MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
- GNU General Public License for more details.
-
- You should have received a copy of the GNU General Public License
- along with this program; if not, write to the Free Software
- Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
-*/
-
-#include "includes.h"
-
-static int sam_skel_debug_level = DBGC_SAM;
-
-#undef DBGC_CLASS
-#define DBGC_CLASS sam_skel_debug_level
-
-/* define the version of the SAM interface */
-SAM_MODULE_VERSIONING_MAGIC
-
-/* General API */
-
-static NTSTATUS sam_skel_get_sec_desc(const SAM_METHODS *sam_methods, const NT_USER_TOKEN *access_token, const DOM_SID *sid, SEC_DESC **sd)
-{
- DEBUG(0,("sam_skel: %s was called!\n",FUNCTION_MACRO));
- return NT_STATUS_NOT_IMPLEMENTED;
-}
-
-static NTSTATUS sam_skel_set_sec_desc(const SAM_METHODS *sam_methods, const NT_USER_TOKEN *access_token, const DOM_SID *sid, const SEC_DESC *sd)
-{
- DEBUG(0,("sam_skel: %s was called!\n",FUNCTION_MACRO));
- return NT_STATUS_NOT_IMPLEMENTED;
-}
-
-
-static NTSTATUS sam_skel_lookup_sid(const SAM_METHODS *sam_methods, const NT_USER_TOKEN *access_token, TALLOC_CTX *mem_ctx, const DOM_SID *sid, char **name, uint32 *type)
-{
- DEBUG(0,("sam_skel: %s was called!\n",FUNCTION_MACRO));
- return NT_STATUS_NOT_IMPLEMENTED;
-}
-
-static NTSTATUS sam_skel_lookup_name(const SAM_METHODS *sam_methods, const NT_USER_TOKEN *access_token, const char *name, DOM_SID *sid, uint32 *type)
-{
- DEBUG(0,("sam_skel: %s was called!\n",FUNCTION_MACRO));
- return NT_STATUS_NOT_IMPLEMENTED;
-}
-
-
-/* Domain API */
-
-static NTSTATUS sam_skel_update_domain(const SAM_METHODS *sam_methods, const SAM_DOMAIN_HANDLE *domain)
-{
- DEBUG(0,("sam_skel: %s was called!\n",FUNCTION_MACRO));
- return NT_STATUS_NOT_IMPLEMENTED;
-}
-
-static NTSTATUS sam_skel_get_domain_handle(const SAM_METHODS *sam_methods, const NT_USER_TOKEN *access_token, uint32 access_desired, SAM_DOMAIN_HANDLE **domain)
-{
- DEBUG(0,("sam_skel: %s was called!\n",FUNCTION_MACRO));
- return NT_STATUS_NOT_IMPLEMENTED;
-}
-
-
-/* Account API */
-
-static NTSTATUS sam_skel_create_account(const SAM_METHODS *sam_methods, const NT_USER_TOKEN *access_token, uint32 access_desired, const char *account_name, uint16 acct_ctrl, SAM_ACCOUNT_HANDLE **account)
-{
- DEBUG(0,("sam_skel: %s was called!\n",FUNCTION_MACRO));
- return NT_STATUS_NOT_IMPLEMENTED;
-}
-
-static NTSTATUS sam_skel_add_account(const SAM_METHODS *sam_methods, const SAM_ACCOUNT_HANDLE *account)
-{
- DEBUG(0,("sam_skel: %s was called!\n",FUNCTION_MACRO));
- return NT_STATUS_NOT_IMPLEMENTED;
-}
-
-static NTSTATUS sam_skel_update_account(const SAM_METHODS *sam_methods, const SAM_ACCOUNT_HANDLE *account)
-{
- DEBUG(0,("sam_skel: %s was called!\n",FUNCTION_MACRO));
- return NT_STATUS_NOT_IMPLEMENTED;
-}
-
-static NTSTATUS sam_skel_delete_account(const SAM_METHODS *sam_methods, const SAM_ACCOUNT_HANDLE *account)
-{
- DEBUG(0,("sam_skel: %s was called!\n",FUNCTION_MACRO));
- return NT_STATUS_NOT_IMPLEMENTED;
-}
-
-static NTSTATUS sam_skel_enum_accounts(const SAM_METHODS *sam_methods, const NT_USER_TOKEN *access_token, uint16 acct_ctrl, uint32 *account_count, SAM_ACCOUNT_ENUM **accounts)
-{
- DEBUG(0,("sam_skel: %s was called!\n",FUNCTION_MACRO));
- return NT_STATUS_NOT_IMPLEMENTED;
-}
-
-
-static NTSTATUS sam_skel_get_account_by_sid(const SAM_METHODS *sam_methods, const NT_USER_TOKEN *access_token, uint32 access_desired, const DOM_SID *accountsid, SAM_ACCOUNT_HANDLE **account)
-{
- DEBUG(0,("sam_skel: %s was called!\n",FUNCTION_MACRO));
- return NT_STATUS_NOT_IMPLEMENTED;
-}
-
-static NTSTATUS sam_skel_get_account_by_name(const SAM_METHODS *sam_methods, const NT_USER_TOKEN *access_token, uint32 access_desired, const char *name, SAM_ACCOUNT_HANDLE **account)
-{
- DEBUG(0,("sam_skel: %s was called!\n",FUNCTION_MACRO));
- return NT_STATUS_NOT_IMPLEMENTED;
-}
-
-
-/* Group API */
-
-static NTSTATUS sam_skel_create_group(const SAM_METHODS *sam_methods, const NT_USER_TOKEN *access_token, uint32 access_desired, const char *account_name, uint16 group_ctrl, SAM_GROUP_HANDLE **group)
-{
- DEBUG(0,("sam_skel: %s was called!\n",FUNCTION_MACRO));
- return NT_STATUS_NOT_IMPLEMENTED;
-}
-
-static NTSTATUS sam_skel_add_group(const SAM_METHODS *sam_methods, const SAM_GROUP_HANDLE *group)
-{
- DEBUG(0,("sam_skel: %s was called!\n",FUNCTION_MACRO));
- return NT_STATUS_NOT_IMPLEMENTED;
-}
-
-static NTSTATUS sam_skel_update_group(const SAM_METHODS *sam_methods, const SAM_GROUP_HANDLE *group)
-{
- DEBUG(0,("sam_skel: %s was called!\n",FUNCTION_MACRO));
- return NT_STATUS_NOT_IMPLEMENTED;
-}
-
-static NTSTATUS sam_skel_delete_group(const SAM_METHODS *sam_methods, const SAM_GROUP_HANDLE *group)
-{
- DEBUG(0,("sam_skel: %s was called!\n",FUNCTION_MACRO));
- return NT_STATUS_NOT_IMPLEMENTED;
-}
-
-static NTSTATUS sam_skel_enum_groups(const SAM_METHODS *sam_methods, const NT_USER_TOKEN *access_token, uint16 group_ctrl, uint32 *groups_count, SAM_GROUP_ENUM **groups)
-{
- DEBUG(0,("sam_skel: %s was called!\n",FUNCTION_MACRO));
- return NT_STATUS_NOT_IMPLEMENTED;
-}
-
-static NTSTATUS sam_skel_get_group_by_sid(const SAM_METHODS *sam_methods, const NT_USER_TOKEN *access_token, uint32 access_desired, const DOM_SID *groupsid, SAM_GROUP_HANDLE **group)
-{
- DEBUG(0,("sam_skel: %s was called!\n",FUNCTION_MACRO));
- return NT_STATUS_NOT_IMPLEMENTED;
-}
-
-static NTSTATUS sam_skel_get_group_by_name(const SAM_METHODS *sam_methods, const NT_USER_TOKEN *access_token, uint32 access_desired, const char *name, SAM_GROUP_HANDLE **group)
-{
- DEBUG(0,("sam_skel: %s was called!\n",FUNCTION_MACRO));
- return NT_STATUS_NOT_IMPLEMENTED;
-}
-
-
-static NTSTATUS sam_skel_add_member_to_group(const SAM_METHODS *sam_methods, const SAM_GROUP_HANDLE *group, const SAM_GROUP_MEMBER *member)
-{
- DEBUG(0,("sam_skel: %s was called!\n",FUNCTION_MACRO));
- return NT_STATUS_NOT_IMPLEMENTED;
-}
-
-static NTSTATUS sam_skel_delete_member_from_group(const SAM_METHODS *sam_methods, const SAM_GROUP_HANDLE *group, const SAM_GROUP_MEMBER *member)
-{
- DEBUG(0,("sam_skel: %s was called!\n",FUNCTION_MACRO));
- return NT_STATUS_NOT_IMPLEMENTED;
-}
-
-static NTSTATUS sam_skel_enum_groupmembers(const SAM_METHODS *sam_methods, const SAM_GROUP_HANDLE *group, uint32 *members_count, SAM_GROUP_MEMBER **members)
-{
- DEBUG(0,("sam_skel: %s was called!\n",FUNCTION_MACRO));
- return NT_STATUS_NOT_IMPLEMENTED;
-}
-
-
-static NTSTATUS sam_skel_get_groups_of_sid(const SAM_METHODS *sam_methods, const NT_USER_TOKEN *access_token, const DOM_SID **sids, uint16 group_ctrl, uint32 *group_count, SAM_GROUP_ENUM **groups)
-{
- DEBUG(0,("sam_skel: %s was called!\n",FUNCTION_MACRO));
- return NT_STATUS_NOT_IMPLEMENTED;
-}
-
-NTSTATUS sam_init_skel(SAM_METHODS *sam_methods, const char *module_params)
-{
- /* Functions your SAM module doesn't provide should be set
- * to NULL */
-
- sam_methods->sam_get_sec_desc = sam_skel_get_sec_desc;
- sam_methods->sam_set_sec_desc = sam_skel_set_sec_desc;
-
- sam_methods->sam_lookup_sid = sam_skel_lookup_sid;
- sam_methods->sam_lookup_name = sam_skel_lookup_name;
-
- /* Domain API */
-
- sam_methods->sam_update_domain = sam_skel_update_domain;
- sam_methods->sam_get_domain_handle = sam_skel_get_domain_handle;
-
- /* Account API */
-
- sam_methods->sam_create_account = sam_skel_create_account;
- sam_methods->sam_add_account = sam_skel_add_account;
- sam_methods->sam_update_account = sam_skel_update_account;
- sam_methods->sam_delete_account = sam_skel_delete_account;
- sam_methods->sam_enum_accounts = sam_skel_enum_accounts;
-
- sam_methods->sam_get_account_by_sid = sam_skel_get_account_by_sid;
- sam_methods->sam_get_account_by_name = sam_skel_get_account_by_name;
-
- /* Group API */
-
- sam_methods->sam_create_group = sam_skel_create_group;
- sam_methods->sam_add_group = sam_skel_add_group;
- sam_methods->sam_update_group = sam_skel_update_group;
- sam_methods->sam_delete_group = sam_skel_delete_group;
- sam_methods->sam_enum_groups = sam_skel_enum_groups;
- sam_methods->sam_get_group_by_sid = sam_skel_get_group_by_sid;
- sam_methods->sam_get_group_by_name = sam_skel_get_group_by_name;
-
- sam_methods->sam_add_member_to_group = sam_skel_add_member_to_group;
- sam_methods->sam_delete_member_from_group = sam_skel_delete_member_from_group;
- sam_methods->sam_enum_groupmembers = sam_skel_enum_groupmembers;
-
- sam_methods->sam_get_groups_of_sid = sam_skel_get_groups_of_sid;
-
- sam_methods->free_private_data = NULL;
-
-
- sam_skel_debug_level = debug_add_class("sam_skel");
- if (sam_skel_debug_level == -1) {
- sam_skel_debug_level = DBGC_SAM;
- DEBUG(0, ("sam_skel: Couldn't register custom debugging class!\n"));
- } else DEBUG(2, ("sam_skel: Debug class number of 'sam_skel': %d\n", sam_skel_debug_level));
-
- if(module_params)
- DEBUG(0, ("Starting 'sam_skel' with parameters '%s' for domain %s\n", module_params, sam_methods->domain_name));
- else
- DEBUG(0, ("Starting 'sam_skel' for domain %s without paramters\n", sam_methods->domain_name));
-
- return NT_STATUS_OK;
-}