diff options
author | Andrew Bartlett <abartlet@samba.org> | 2002-11-02 03:47:48 +0000 |
---|---|---|
committer | Andrew Bartlett <abartlet@samba.org> | 2002-11-02 03:47:48 +0000 |
commit | 6d7195d1d79c43f5ccc8dc4a9215c02177d5fa89 (patch) | |
tree | bd5e6a9c83f8fa55c98750ce555c66f0c109f569 /source3/utils | |
parent | aea57af3e38873e808afc3c742ba46527f686f6f (diff) | |
download | samba-6d7195d1d79c43f5ccc8dc4a9215c02177d5fa89.tar.gz samba-6d7195d1d79c43f5ccc8dc4a9215c02177d5fa89.tar.bz2 samba-6d7195d1d79c43f5ccc8dc4a9215c02177d5fa89.zip |
Merge passdb from HEAD -> 3.0
The work here includes:
- metze' set/changed patch, which avoids making changes to ldap on unmodified
attributes.
- volker's group mapping in passdb patch
- volker's samsync stuff
- volkers SAMR changes.
- mezte's connection caching patch
- my recent changes (fix magic root check, ldap ssl)
Andrew Bartlett
(This used to be commit 2044d60bbe0043cdbb9aba931115672bde975d2f)
Diffstat (limited to 'source3/utils')
-rw-r--r-- | source3/utils/net_rpc_samsync.c | 82 | ||||
-rw-r--r-- | source3/utils/pdbedit.c | 30 | ||||
-rw-r--r-- | source3/utils/smbgroupedit.c | 12 |
3 files changed, 64 insertions, 60 deletions
diff --git a/source3/utils/net_rpc_samsync.c b/source3/utils/net_rpc_samsync.c index 00e5dee0ce..10fba52be8 100644 --- a/source3/utils/net_rpc_samsync.c +++ b/source3/utils/net_rpc_samsync.c @@ -111,7 +111,7 @@ static void display_sam_entry(SAM_DELTA_HDR *hdr_delta, SAM_DELTA_CTR *delta) static void dump_database(struct cli_state *cli, unsigned db_type, DOM_CRED *ret_creds) { - unsigned last_rid = -1; + unsigned sync_context = 0; NTSTATUS result; int i; TALLOC_CTX *mem_ctx; @@ -126,15 +126,15 @@ static void dump_database(struct cli_state *cli, unsigned db_type, DOM_CRED *ret d_printf("Dumping database %u\n", db_type); do { - result = cli_netlogon_sam_sync(cli, mem_ctx, ret_creds, db_type, last_rid+1, + result = cli_netlogon_sam_sync(cli, mem_ctx, ret_creds, db_type, + sync_context, &num_deltas, &hdr_deltas, &deltas); clnt_deal_with_creds(cli->sess_key, &(cli->clnt_cred), ret_creds); - last_rid = 0; for (i = 0; i < num_deltas; i++) { display_sam_entry(&hdr_deltas[i], &deltas[i]); - last_rid = hdr_deltas[i].target_rid; } - } while (last_rid && NT_STATUS_EQUAL(result, STATUS_MORE_ENTRIES)); + sync_context += 1; + } while (NT_STATUS_EQUAL(result, STATUS_MORE_ENTRIES)); talloc_destroy(mem_ctx); } @@ -199,62 +199,62 @@ sam_account_from_delta(SAM_ACCOUNT *account, SAM_ACCOUNT_INFO *delta) desc, workstations, profile. */ unistr2_to_ascii(s, &delta->uni_acct_name, sizeof(s) - 1); - pdb_set_nt_username(account, s); + pdb_set_nt_username(account, s, PDB_CHANGED); /* Unix username is the same - for sainity */ - pdb_set_username(account, s); + pdb_set_username(account, s, PDB_CHANGED); unistr2_to_ascii(s, &delta->uni_full_name, sizeof(s) - 1); - pdb_set_fullname(account, s); + pdb_set_fullname(account, s, PDB_CHANGED); unistr2_to_ascii(s, &delta->uni_home_dir, sizeof(s) - 1); - pdb_set_homedir(account, s, True); + pdb_set_homedir(account, s, PDB_CHANGED); unistr2_to_ascii(s, &delta->uni_dir_drive, sizeof(s) - 1); - pdb_set_dir_drive(account, s, True); + pdb_set_dir_drive(account, s, PDB_CHANGED); unistr2_to_ascii(s, &delta->uni_logon_script, sizeof(s) - 1); - pdb_set_logon_script(account, s, True); + pdb_set_logon_script(account, s, PDB_CHANGED); unistr2_to_ascii(s, &delta->uni_acct_desc, sizeof(s) - 1); - pdb_set_acct_desc(account, s); + pdb_set_acct_desc(account, s, PDB_CHANGED); unistr2_to_ascii(s, &delta->uni_workstations, sizeof(s) - 1); - pdb_set_workstations(account, s); + pdb_set_workstations(account, s, PDB_CHANGED); unistr2_to_ascii(s, &delta->uni_profile, sizeof(s) - 1); - pdb_set_profile_path(account, s, True); + pdb_set_profile_path(account, s, PDB_CHANGED); /* User and group sid */ - pdb_set_user_sid_from_rid(account, delta->user_rid); - pdb_set_group_sid_from_rid(account, delta->group_rid); + pdb_set_user_sid_from_rid(account, delta->user_rid, PDB_CHANGED); + pdb_set_group_sid_from_rid(account, delta->group_rid, PDB_CHANGED); /* Logon and password information */ - pdb_set_logon_time(account, nt_time_to_unix(&delta->logon_time), True); + pdb_set_logon_time(account, nt_time_to_unix(&delta->logon_time), PDB_CHANGED); pdb_set_logoff_time(account, nt_time_to_unix(&delta->logoff_time), - True); - pdb_set_logon_divs(account, delta->logon_divs); + PDB_CHANGED); + pdb_set_logon_divs(account, delta->logon_divs, PDB_CHANGED); /* TODO: logon hours */ /* TODO: bad password count */ /* TODO: logon count */ pdb_set_pass_last_set_time( - account, nt_time_to_unix(&delta->pwd_last_set_time)); + account, nt_time_to_unix(&delta->pwd_last_set_time), PDB_CHANGED); - pdb_set_kickoff_time(account, get_time_t_max(), True); + pdb_set_kickoff_time(account, get_time_t_max(), PDB_CHANGED); /* Decode hashes from password hash */ sam_pwd_hash(delta->user_rid, delta->pass.buf_lm_pwd, lm_passwd, 0); sam_pwd_hash(delta->user_rid, delta->pass.buf_nt_pwd, nt_passwd, 0); - pdb_set_nt_passwd(account, nt_passwd); - pdb_set_lanman_passwd(account, lm_passwd); + pdb_set_nt_passwd(account, nt_passwd, PDB_CHANGED); + pdb_set_lanman_passwd(account, lm_passwd, PDB_CHANGED); /* TODO: account expiry time */ - pdb_set_acct_ctrl(account, delta->acb_info); + pdb_set_acct_ctrl(account, delta->acb_info, PDB_CHANGED); return NT_STATUS_OK; } @@ -324,8 +324,7 @@ fetch_account_info(uint32 rid, SAM_ACCOUNT_INFO *delta) pdb_update_sam_account(sam_account); } - if (!get_group_map_from_sid(*pdb_get_group_sid(sam_account), - &map, False)) { + if (!pdb_getgrsid(&map, *pdb_get_group_sid(sam_account), False)) { DEBUG(0, ("Primary group of %s has no mapping!\n", pdb_get_username(sam_account))); pdb_free_sam(&sam_account); @@ -353,7 +352,7 @@ fetch_group_info(uint32 rid, SAM_GROUP_INFO *delta) DOM_SID group_sid; fstring sid_string; GROUP_MAP map; - int flag = TDB_INSERT; + BOOL insert = True; unistr2_to_ascii(name, &delta->uni_grp_name, sizeof(name)-1); unistr2_to_ascii(comment, &delta->uni_grp_desc, sizeof(comment)-1); @@ -363,9 +362,9 @@ fetch_group_info(uint32 rid, SAM_GROUP_INFO *delta) sid_append_rid(&group_sid, rid); sid_to_string(sid_string, &group_sid); - if (get_group_map_from_sid(group_sid, &map, False)) { + if (pdb_getgrsid(&map, group_sid, False)) { grp = getgrgid(map.gid); - flag = 0; /* Don't TDB_INSERT, mapping exists */ + insert = False; } if (grp == NULL) @@ -392,7 +391,10 @@ fetch_group_info(uint32 rid, SAM_GROUP_INFO *delta) map.priv_set.count = 0; map.priv_set.set = NULL; - add_mapping_entry(&map, flag); + if (insert) + pdb_add_group_mapping_entry(&map); + else + pdb_update_group_mapping_entry(&map); return NT_STATUS_OK; } @@ -530,7 +532,7 @@ static NTSTATUS fetch_alias_info(uint32 rid, SAM_ALIAS_INFO *delta, DOM_SID alias_sid; fstring sid_string; GROUP_MAP map; - int insert_flag = TDB_INSERT; + BOOL insert = True; unistr2_to_ascii(name, &delta->uni_als_name, sizeof(name)-1); unistr2_to_ascii(comment, &delta->uni_als_desc, sizeof(comment)-1); @@ -540,9 +542,9 @@ static NTSTATUS fetch_alias_info(uint32 rid, SAM_ALIAS_INFO *delta, sid_append_rid(&alias_sid, rid); sid_to_string(sid_string, &alias_sid); - if (get_group_map_from_sid(alias_sid, &map, False)) { + if (pdb_getgrsid(&map, alias_sid, False)) { grp = getgrgid(map.gid); - insert_flag = 0; /* Don't TDB_INSERT, mapping exists */ + insert = False; } if (grp == NULL) { @@ -573,7 +575,10 @@ static NTSTATUS fetch_alias_info(uint32 rid, SAM_ALIAS_INFO *delta, map.priv_set.count = 0; map.priv_set.set = NULL; - add_mapping_entry(&map, insert_flag); + if (insert) + pdb_add_group_mapping_entry(&map); + else + pdb_update_group_mapping_entry(&map); return NT_STATUS_OK; } @@ -620,7 +625,7 @@ static void fetch_database(struct cli_state *cli, unsigned db_type, DOM_CRED *ret_creds, DOM_SID dom_sid) { - unsigned last_rid = -1; + unsigned sync_context = 0; NTSTATUS result; int i; TALLOC_CTX *mem_ctx; @@ -636,17 +641,16 @@ fetch_database(struct cli_state *cli, unsigned db_type, DOM_CRED *ret_creds, do { result = cli_netlogon_sam_sync(cli, mem_ctx, ret_creds, - db_type, last_rid+1, + db_type, sync_context, &num_deltas, &hdr_deltas, &deltas); clnt_deal_with_creds(cli->sess_key, &(cli->clnt_cred), ret_creds); - last_rid = 0; for (i = 0; i < num_deltas; i++) { fetch_sam_entry(&hdr_deltas[i], &deltas[i], dom_sid); - last_rid = hdr_deltas[i].target_rid; } - } while (last_rid && NT_STATUS_EQUAL(result, STATUS_MORE_ENTRIES)); + sync_context += 1; + } while (NT_STATUS_EQUAL(result, STATUS_MORE_ENTRIES)); talloc_destroy(mem_ctx); } diff --git a/source3/utils/pdbedit.c b/source3/utils/pdbedit.c index 7f8348c65a..1199dec7fb 100644 --- a/source3/utils/pdbedit.c +++ b/source3/utils/pdbedit.c @@ -247,15 +247,15 @@ static int set_user_info (struct pdb_context *in, char *username, char *fullname } if (fullname) - pdb_set_fullname(sam_pwent, fullname); + pdb_set_fullname(sam_pwent, fullname, PDB_CHANGED); if (homedir) - pdb_set_homedir(sam_pwent, homedir, True); + pdb_set_homedir(sam_pwent, homedir, PDB_CHANGED); if (drive) - pdb_set_dir_drive(sam_pwent,drive, True); + pdb_set_dir_drive(sam_pwent,drive, PDB_CHANGED); if (script) - pdb_set_logon_script(sam_pwent, script, True); + pdb_set_logon_script(sam_pwent, script, PDB_CHANGED); if (profile) - pdb_set_profile_path (sam_pwent, profile, True); + pdb_set_profile_path (sam_pwent, profile, PDB_CHANGED); if (NT_STATUS_IS_OK(in->pdb_update_sam_account (in, sam_pwent))) print_user_info (in, username, True, False); @@ -285,7 +285,7 @@ static int new_user (struct pdb_context *in, char *username, char *fullname, cha } else { fprintf (stderr, "WARNING: user %s does not exist in system passwd\n", username); pdb_init_sam(&sam_pwent); - if (!pdb_set_username(sam_pwent, username)) { + if (!pdb_set_username(sam_pwent, username, PDB_CHANGED)) { return False; } } @@ -313,17 +313,17 @@ static int new_user (struct pdb_context *in, char *username, char *fullname, cha SAFE_FREE(password2); if (fullname) - pdb_set_fullname(sam_pwent, fullname); + pdb_set_fullname(sam_pwent, fullname, PDB_CHANGED); if (homedir) - pdb_set_homedir (sam_pwent, homedir, True); + pdb_set_homedir (sam_pwent, homedir, PDB_CHANGED); if (drive) - pdb_set_dir_drive (sam_pwent, drive, True); + pdb_set_dir_drive (sam_pwent, drive, PDB_CHANGED); if (script) - pdb_set_logon_script(sam_pwent, script, True); + pdb_set_logon_script(sam_pwent, script, PDB_CHANGED); if (profile) - pdb_set_profile_path (sam_pwent, profile, True); + pdb_set_profile_path (sam_pwent, profile, PDB_CHANGED); - pdb_set_acct_ctrl (sam_pwent, ACB_NORMAL); + pdb_set_acct_ctrl (sam_pwent, ACB_NORMAL, PDB_CHANGED); if (NT_STATUS_IS_OK(in->pdb_add_sam_account (in, sam_pwent))) { print_user_info (in, username, True, False); @@ -361,11 +361,11 @@ static int new_machine (struct pdb_context *in, char *machinename) pdb_set_plaintext_passwd (sam_pwent, password); - pdb_set_username (sam_pwent, name); + pdb_set_username (sam_pwent, name, PDB_CHANGED); - pdb_set_acct_ctrl (sam_pwent, ACB_WSTRUST); + pdb_set_acct_ctrl (sam_pwent, ACB_WSTRUST, PDB_CHANGED); - pdb_set_group_sid_from_rid(sam_pwent, DOMAIN_GROUP_RID_COMPUTERS); + pdb_set_group_sid_from_rid(sam_pwent, DOMAIN_GROUP_RID_COMPUTERS, PDB_CHANGED); if (NT_STATUS_IS_OK(in->pdb_add_sam_account (in, sam_pwent))) { print_user_info (in, name, True, False); diff --git a/source3/utils/smbgroupedit.c b/source3/utils/smbgroupedit.c index 589dafc231..b5033e0384 100644 --- a/source3/utils/smbgroupedit.c +++ b/source3/utils/smbgroupedit.c @@ -69,7 +69,7 @@ static BOOL get_sid_from_input(DOM_SID *sid, char *input) if (StrnCaseCmp( input, "S-", 2)) { /* Perhaps its the NT group name? */ - if (!get_group_map_from_ntname(input, &map, MAPPING_WITHOUT_PRIV)) { + if (!pdb_getgrnam(&map, input, MAPPING_WITHOUT_PRIV)) { printf("NT Group %s doesn't exist in mapping DB\n", input); return False; } else { @@ -133,7 +133,7 @@ static int changegroup(char *sid_string, char *group, enum SID_NAME_USE sid_type } /* Get the current mapping from the database */ - if(!get_group_map_from_sid(sid, &map, MAPPING_WITH_PRIV)) { + if(!pdb_getgrsid(&map, sid, MAPPING_WITH_PRIV)) { printf("This SID does not exist in the database\n"); return -1; } @@ -177,8 +177,8 @@ static int changegroup(char *sid_string, char *group, enum SID_NAME_USE sid_type if (privilege!=NULL) convert_priv_from_text(&map.priv_set, privilege); - if (!add_mapping_entry(&map, TDB_REPLACE)) { - printf("Count not update group database\n"); + if (!pdb_update_group_mapping_entry(&map)) { + printf("Could not update group database\n"); free_privilege(&map.priv_set); return -1; } @@ -198,7 +198,7 @@ static int deletegroup(char *group) return -1; } - if(!group_map_remove(sid)) { + if(!pdb_delete_group_mapping_entry(sid)) { printf("removing group %s from the mapping db failed!\n", group); return -1; } @@ -220,7 +220,7 @@ static int listgroup(enum SID_NAME_USE sid_type, BOOL long_list) if (!long_list) printf("NT group (SID) -> Unix group\n"); - if (!enum_group_mapping(sid_type, &map, &entries, ENUM_ALL_MAPPED, MAPPING_WITH_PRIV)) + if (!pdb_enum_group_mapping(sid_type, &map, &entries, ENUM_ALL_MAPPED, MAPPING_WITH_PRIV)) return -1; for (i=0; i<entries; i++) { |