weekend work. user / group database API.

- split sam_passwd and smb_passwd into separate higher-order function tables

- renamed struct smb_passwd's "smb_user" to "unix_user".  added "nt_user"
plus user_rid, and added a "wrap" function in both sam_passwd and smb_passwd
password databases to fill in the blank entries that are not obtained
from whatever password database API instance is being used.

NOTE: whenever a struct smb_passwd or struct sam_passwd is used, it MUST
be initialised with pwdb_sam_init() or pwd_smb_init(), see chgpasswd.c
for the only example outside of the password database APIs i could find.

- added query_useraliases code to rpcclient.

- dealt with some nasty interdependencies involving non-smbd programs
and the password database API.  this is still not satisfactorily
resolved completelely, but it's the best i can do for now.

- #ifdef'd out some password database options so that people don't
mistakenly set them unless they recompile to _use_ those options.

lots of debugging done, it's still not finished.  the unix/NT uid/gid
and user-rid/group-rid issues are better, but not perfect.  the "BUILTIN"
domain is still missing: users cannot be added to "BUILTIN" groups yet,
as we only have an "alias" db API and a "group" db API but not "builtin-alias"
db API...
(This used to be commit 5d5d7e4de7d1514ab87b07ede629de8aa00519a1)

3 files changed, 26 insertions, 25 deletions

diff --git a/source3/smbd/chgpasswd.c b/source3/smbd/chgpasswd.c
index 30b9b3fed6..9791d3a38e 100644
--- a/source3/smbd/chgpasswd.c
+++ b/source3/smbd/chgpasswd.c
@@ -529,7 +529,7 @@ BOOL change_lanman_password(struct smb_passwd *smbpw, uchar *pass1, uchar *pass2
 
   if (smbpw->acct_ctrl & ACB_DISABLED)
   {
-    DEBUG(0,("change_lanman_password: account %s disabled.\n", smbpw->smb_name));
+    DEBUG(0,("change_lanman_password: account %s disabled.\n", smbpw->unix_name));
     return False;
   }
 
diff --git a/source3/smbd/password.c b/source3/smbd/password.c
index 8b73ff4518..ed47e6d3e5 100644
--- a/source3/smbd/password.c
+++ b/source3/smbd/password.c
@@ -391,11 +391,11 @@ BOOL smb_password_ok(struct smb_passwd *smb_pass, uchar chal[8],
 	if (!lm_pass || !smb_pass) return(False);
 
 	DEBUG(4,("Checking SMB password for user %s\n", 
-		 smb_pass->smb_name));
+		 smb_pass->unix_name));
 
 	if(smb_pass->acct_ctrl & ACB_DISABLED) {
 		DEBUG(3,("account for user %s was disabled.\n", 
-			 smb_pass->smb_name));
+			 smb_pass->unix_name));
 		return(False);
 	}
 
@@ -436,7 +436,7 @@ BOOL smb_password_ok(struct smb_passwd *smb_pass, uchar chal[8],
 	if((smb_pass->smb_passwd == NULL) && 
 	   (smb_pass->acct_ctrl & ACB_PWNOTREQ)) {
 		DEBUG(4,("no password required for user %s\n",
-			 smb_pass->smb_name));
+			 smb_pass->unix_name));
 		return True;
 	}
 
@@ -502,7 +502,7 @@ BOOL pass_check_smb(char *user, char *domain,
         }
 
 	/* Ensure the uid's match */
-	if (smb_pass->smb_userid != pass->pw_uid)
+	if (smb_pass->unix_uid != pass->pw_uid)
 	{
 		DEBUG(3,("Error : UNIX and SMB uids in password files do not match !\n"));
 		return(False);
@@ -510,7 +510,7 @@ BOOL pass_check_smb(char *user, char *domain,
 
 	if (lm_pwd[0] == '\0' && IS_BITS_SET_ALL(smb_pass->acct_ctrl, ACB_PWNOTREQ) && lp_null_passwords())
 	{
-		DEBUG(3,("account for user %s has no password and null passwords are allowed.\n", smb_pass->smb_name));
+		DEBUG(3,("account for user %s has no password and null passwords are allowed.\n", smb_pass->unix_name));
 		return(True);
 	}
 
@@ -587,7 +587,7 @@ validate a group username entry. Return the username or NULL
 ****************************************************************************/
 static char *validate_group(char *group,char *password,int pwlen,int snum)
 {
-#ifdef HAVE_NETGROUP
+#if defined(HAVE_NETGROUP) && defined(HAVE_GETNETGRENT) && defined(HAVE_SETNETGRENT) && defined(HAVE_ENDNETGRENT)
   {
     char *host, *user, *domain;
     setnetgrent(group);
diff --git a/source3/smbd/server.c b/source3/smbd/server.c
index d0178508d9..3a32e1871f 100644
--- a/source3/smbd/server.c
+++ b/source3/smbd/server.c
@@ -651,15 +651,28 @@ static void usage(char *pname)
 
 	codepage_initialise(lp_client_code_page());
 
-	fstrcpy(global_myworkgroup, lp_workgroup());
+	if (!pwdb_initialise())
+	{
+		exit(1);
+	}
 
-	get_sam_domain_name();
+	if(!initialise_sam_password_db())
+	{
+		exit(1);
+	}
 
-	generate_wellknown_sids();
+	if(!initialise_passgrp_db())
+	{
+		exit(1);
+	}
 
-	if (!generate_sam_sid())
+	if(!initialise_group_db())
+	{
+		exit(1);
+	}
+
+	if(!initialise_alias_db())
 	{
-		DEBUG(0,("ERROR: Samba cannot create a SAM SID.\n"));
 		exit(1);
 	}
 
@@ -700,7 +713,7 @@ static void usage(char *pname)
 		become_daemon();
 	}
 
-    check_kernel_oplocks();
+	check_kernel_oplocks();
 
 	if (!directory_exist(lp_lockdir(), NULL)) {
 		mkdir(lp_lockdir(), 0755);
@@ -716,18 +729,6 @@ static void usage(char *pname)
 	if (!locking_init(0))
 		exit(1);
 
-	if(!initialise_passgrp_db())
-		exit(1);
-
-	if(!initialise_password_db())
-		exit(1);
-
-	if(!initialise_group_db())
-		exit(1);
-
-	if(!initialise_alias_db())
-		exit(1);
-
 	/* possibly reload the services file. */
 	reload_services(True);