Actually enforce the passdb API.

Thou shalt not reference SAM_ACCOUNT members directly - always use
pdb_get/pdb_set.

This is achived by making the whole of SAM_ACCOUNT have a .private member,
where the real members live.  This caught a pile of examples, and these have
beeen fixed.

The pdb_get..() functions are 'const' (have been for some time) and this
required a few small changes to constify other functions.

I've also added some debugs to the pdb get and set, they can be removed if
requested.

I've rewritten the copy_id2x_to_sam_pass() functions to use the new passdb
interface, but I need the flags info to do it properly.

The pdb_free_sam() funciton now blanks out the LM and NT hashes, and as such
I have removed many extra 'samr_clear_sam_passwd(smbpass)' calls as a result.

Finally, any and all testing is always appriciated - but the basics seem to
work.

Andrew Bartlett
(This used to be commit d3dd28f6c443187b8d820d5a39c7c5b3be2fa95c)

1 files changed, 1 insertions, 1 deletions

diff --git a/source3/smbd/password.c b/source3/smbd/password.c
index 538225e245..a9d80d36fd 100644
--- a/source3/smbd/password.c
+++ b/source3/smbd/password.c
@@ -228,7 +228,7 @@ int register_vuid(auth_serversupplied_info *server_info, char *smb_name)
 	ZERO_STRUCTP(vuser);
 
 	if (!IS_SAM_UNIX_USER(server_info->sam_account)) {
-		DEBUG(0,("Attempted session setup with invalid user.  No uid/gid in SAM_ACCOUNT\n"));
+		DEBUG(0,("Attempted session setup with invalid user.  No uid/gid in SAM_ACCOUNT (flags:%x)\n", pdb_get_init_flag(server_info->sam_account)));
 		free(vuser);
 		return UID_FIELD_INVALID;
 	}