And finally IDMAP in 3_0

We really need idmap_ldap to have a good solution with ldapsam, porting
it from the prvious code is beeing made, the code is really simple to do
so I am confident it is not a problem to commit this code in.

Not committing it would have been worst.
I really would have been able to finish also the group code, maybe we can
put it into a followin release after 3.0.0 even if it may be an upgrade
problem.

The code has been tested and seem to work right, more testing is needed for
corner cases.

Currently winbind pdc (working only for users and not for groups) is
disabled as I was not able to make a complete group code replacement that
works somewhat in a week (I have a complete patch, but there are bugs)

Simo.
(This used to be commit 0e58085978f984436815114a2ec347cf7899a89d)

2 files changed, 27 insertions, 37 deletions

diff --git a/source3/utils/pdbedit.c b/source3/utils/pdbedit.c
index e5df6ab038..13f35e8880 100644
--- a/source3/utils/pdbedit.c
+++ b/source3/utils/pdbedit.c
@@ -122,12 +122,6 @@ static int print_sam_info (SAM_ACCOUNT *sam_pwent, BOOL verbosity, BOOL smbpwdst
 		printf ("Unix username:        %s\n", pdb_get_username(sam_pwent));
 		printf ("NT username:          %s\n", pdb_get_nt_username(sam_pwent));
 		printf ("Account Flags:        %s\n", pdb_encode_acct_ctrl(pdb_get_acct_ctrl(sam_pwent), NEW_PW_FORMAT_SPACE_PADDED_LEN));
-		
-		if (IS_SAM_UNIX_USER(sam_pwent)) {
-			uid = pdb_get_uid(sam_pwent);
-			gid = pdb_get_gid(sam_pwent);
-			printf ("User ID/Group ID:     %d/%d\n", uid, gid);
-		}
 		printf ("User SID:             %s\n",
 			sid_string_static(pdb_get_user_sid(sam_pwent)));
 		printf ("Primary Group SID:    %s\n",
@@ -161,35 +155,25 @@ static int print_sam_info (SAM_ACCOUNT *sam_pwent, BOOL verbosity, BOOL smbpwdst
 		printf ("Password must change: %s\n", tmp ? http_timestring(tmp) : "0");
 		
 	} else if (smbpwdstyle) {
-		if (IS_SAM_UNIX_USER(sam_pwent)) {
-			char lm_passwd[33];
-			char nt_passwd[33];
-
-			uid = pdb_get_uid(sam_pwent);
-			pdb_sethexpwd(lm_passwd, 
-				      pdb_get_lanman_passwd(sam_pwent), 
-				      pdb_get_acct_ctrl(sam_pwent));
-			pdb_sethexpwd(nt_passwd, 
-				      pdb_get_nt_passwd(sam_pwent), 
-				      pdb_get_acct_ctrl(sam_pwent));
+		char lm_passwd[33];
+		char nt_passwd[33];
+
+		uid = -1;
+		sid_to_uid(pdb_get_user_sid(sam_pwent), &uid);
+		pdb_sethexpwd(lm_passwd, pdb_get_lanman_passwd(sam_pwent), pdb_get_acct_ctrl(sam_pwent));
+		pdb_sethexpwd(nt_passwd, pdb_get_nt_passwd(sam_pwent), pdb_get_acct_ctrl(sam_pwent));
 			
-			printf("%s:%d:%s:%s:%s:LCT-%08X:\n",
-			       pdb_get_username(sam_pwent),
-			       uid,
-			       lm_passwd,
-			       nt_passwd,
-			       pdb_encode_acct_ctrl(pdb_get_acct_ctrl(sam_pwent),NEW_PW_FORMAT_SPACE_PADDED_LEN),
-			       (uint32)pdb_get_pass_last_set_time(sam_pwent));
-		} else {
-			fprintf(stderr, "Can't output in smbpasswd format, no uid on this record.\n");
-		}
+		printf("%s:%d:%s:%s:%s:LCT-%08X:\n",
+		       pdb_get_username(sam_pwent),
+		       uid,
+		       lm_passwd,
+		       nt_passwd,
+		       pdb_encode_acct_ctrl(pdb_get_acct_ctrl(sam_pwent),NEW_PW_FORMAT_SPACE_PADDED_LEN),
+		       (uint32)pdb_get_pass_last_set_time(sam_pwent));
 	} else {
-		if (IS_SAM_UNIX_USER(sam_pwent)) {
-			printf ("%s:%d:%s\n", pdb_get_username(sam_pwent), pdb_get_uid(sam_pwent), 
-				pdb_get_fullname(sam_pwent));
-		} else {	
-			printf ("%s:(null):%s\n", pdb_get_username(sam_pwent), pdb_get_fullname(sam_pwent));
-		}
+		uid = -1;
+		sid_to_uid(pdb_get_user_sid(sam_pwent), &uid);
+		printf ("%s:%d:%s\n", pdb_get_username(sam_pwent), uid,	pdb_get_fullname(sam_pwent));
 	}
 
 	return 0;	
@@ -583,8 +567,8 @@ int main (int argc, char **argv)
 		{"drive",	'D', POPT_ARG_STRING, &home_drive, 0, "set home drive", NULL},
 		{"script",	'S', POPT_ARG_STRING, &logon_script, 0, "set logon script", NULL},
 		{"profile",	'p', POPT_ARG_STRING, &profile_path, 0, "set profile path", NULL},
-		{"user-SID",	'U', POPT_ARG_STRING, &user_sid, 0, "set user SID or RID", NULL},
-		{"group-SID",	'G', POPT_ARG_STRING, &group_sid, 0, "set group SID or RID", NULL},
+		{"user SID",	'U', POPT_ARG_STRING, &user_sid, 0, "set user SID or RID", NULL},
+		{"group SID",	'G', POPT_ARG_STRING, &group_sid, 0, "set group SID or RID", NULL},
 		{"create",	'a', POPT_ARG_NONE, &add_user, 0, "create user", NULL},
 		{"modify",	'r', POPT_ARG_NONE, &modify_user, 0, "modify user", NULL},
 		{"machine",	'm', POPT_ARG_NONE, &machine, 0, "account is a machine account", NULL},
@@ -626,6 +610,12 @@ int main (int argc, char **argv)
 	if (!init_names())
 		exit(1);
 
+	if (!idmap_init())
+		exit(1);
+
+	if (!idmap_init_wellknown_sids())
+		exit(1);
+
 	setparms =	(backend ? BIT_BACKEND : 0) +
 			(verbose ? BIT_VERBOSE : 0) +
 			(spstyle ? BIT_SPSTYLE : 0) +
diff --git a/source3/utils/profiles.c b/source3/utils/profiles.c
index 7c2d820c81..afaa83f638 100644
--- a/source3/utils/profiles.c
+++ b/source3/utils/profiles.c
@@ -418,10 +418,10 @@ static int my_sid_equal(DOM_SID *s1, DOM_SID *s2)
  * Quick and dirty to read a SID in S-1-5-21-x-y-z-rid format and 
  * construct a DOM_SID
  */
-static int get_sid(DOM_SID *sid, char *sid_str)
+static int get_sid(DOM_SID *sid, const unsigned char *sid_str)
 {
   int i = 0, auth;
-  char *lstr; 
+  const unsigned char *lstr; 
 
   if (strncmp(sid_str, "S-1-5", 5)) {
     fprintf(stderr, "Does not conform to S-1-5...: %s\n", sid_str);