7 files changed, 60 insertions, 46 deletions

diff --git a/source3/auth/auth_sam.c b/source3/auth/auth_sam.c
index bc98f46dc2..7252193c9a 100644
--- a/source3/auth/auth_sam.c
+++ b/source3/auth/auth_sam.c
@@ -162,12 +162,9 @@ static NTSTATUS sam_password_ok(const struct auth_context *auth_context,
 		}		
 	}
 
-	nt_pw = pdb_get_nt_passwd(sampass);
-	lm_pw = pdb_get_lanman_passwd(sampass);
-	
 	auth_flags = user_info->auth_flags;
 
-	if (nt_pw == NULL) {
+	if (IS_SAM_DEFAULT(sampass, PDB_NTPASSWD)) {
 		DEBUG(3,("sam_password_ok: NO NT password stored for user %s.\n", 
 			 pdb_get_username(sampass)));
 		/* No return, we want to check the LM hash below in this case */
@@ -175,6 +172,7 @@ static NTSTATUS sam_password_ok(const struct auth_context *auth_context,
 	}
 	
 	if (auth_flags & AUTH_FLAG_NTLMv2_RESP) {
+		nt_pw = pdb_get_nt_passwd(sampass);
 		/* We have the NT MD4 hash challenge available - see if we can
 		   use it (ie. does it exist in the smbpasswd file).
 		*/
@@ -191,7 +189,8 @@ static NTSTATUS sam_password_ok(const struct auth_context *auth_context,
 			return NT_STATUS_WRONG_PASSWORD;
 		}
 	} else if (auth_flags & AUTH_FLAG_NTLM_RESP) {
-		if (lp_ntlm_auth()) {				
+		if (lp_ntlm_auth()) {		
+			nt_pw = pdb_get_nt_passwd(sampass);
 			/* We have the NT MD4 hash challenge available - see if we can
 			   use it (ie. does it exist in the smbpasswd file).
 			*/
@@ -211,13 +210,14 @@ static NTSTATUS sam_password_ok(const struct auth_context *auth_context,
 		}
 	}
 	
-	if (lm_pw == NULL) {
+	if (IS_SAM_DEFAULT(sampass, PDB_LMPASSWD)) {
 		DEBUG(3,("sam_password_ok: NO LanMan password set for user %s (and no NT password supplied)\n",pdb_get_username(sampass)));
 		auth_flags &= (~AUTH_FLAG_LM_RESP);		
 	}
 	
 	if (auth_flags & AUTH_FLAG_LM_RESP) {
-		
+		lm_pw = pdb_get_lanman_passwd(sampass);
+			
 		if (user_info->lm_resp.length != 24) {
 			DEBUG(2,("sam_password_ok: invalid LanMan password length (%d) for user %s\n", 
 				 user_info->nt_resp.length, pdb_get_username(sampass)));		
@@ -235,7 +235,8 @@ static NTSTATUS sam_password_ok(const struct auth_context *auth_context,
 		{
 			return NT_STATUS_OK;
 		} else {
-			if (lp_ntlm_auth()) {				
+			if (lp_ntlm_auth() && (!IS_SAM_DEFAULT(sampass, PDB_NTPASSWD))) {				
+				nt_pw = pdb_get_nt_passwd(sampass);
 				/* Apparently NT accepts NT responses in the LM field
 				   - I think this is related to Win9X pass-though authentication
 				*/
diff --git a/source3/libsmb/cliconnect.c b/source3/libsmb/cliconnect.c
index 890dc4dc25..ee311932a7 100644
--- a/source3/libsmb/cliconnect.c
+++ b/source3/libsmb/cliconnect.c
@@ -1280,7 +1280,7 @@ again:
  Attempt a NetBIOS session request, falling back to *SMBSERVER if needed.
 ****************************************************************************/
 
-BOOL attempt_netbios_session_request(struct cli_state *cli, char *srchost, char *desthost,
+BOOL attempt_netbios_session_request(struct cli_state *cli, const char *srchost, const char *desthost,
                                      struct in_addr *pdest_ip)
 {
 	struct nmb_name calling, called;
diff --git a/source3/passdb/pdb_ldap.c b/source3/passdb/pdb_ldap.c
index 22358cb47d..e35775a6da 100644
--- a/source3/passdb/pdb_ldap.c
+++ b/source3/passdb/pdb_ldap.c
@@ -1907,49 +1907,49 @@ static NTSTATUS ldapsam_add_sam_account(struct pdb_methods *my_methods, SAM_ACCO
 	return NT_STATUS_OK;
 }
 
-static NTSTATUS lsapsam_getgrsid(struct pdb_methods *methods, GROUP_MAP *map,
+static NTSTATUS ldapsam_getgrsid(struct pdb_methods *methods, GROUP_MAP *map,
 				 DOM_SID sid, BOOL with_priv)
 {
 	return get_group_map_from_sid(sid, map, with_priv) ?
 		NT_STATUS_OK : NT_STATUS_UNSUCCESSFUL;
 }
 
-static NTSTATUS lsapsam_getgrgid(struct pdb_methods *methods, GROUP_MAP *map,
+static NTSTATUS ldapsam_getgrgid(struct pdb_methods *methods, GROUP_MAP *map,
 				 gid_t gid, BOOL with_priv)
 {
 	return get_group_map_from_gid(gid, map, with_priv) ?
 		NT_STATUS_OK : NT_STATUS_UNSUCCESSFUL;
 }
 
-static NTSTATUS lsapsam_getgrnam(struct pdb_methods *methods, GROUP_MAP *map,
+static NTSTATUS ldapsam_getgrnam(struct pdb_methods *methods, GROUP_MAP *map,
 				 char *name, BOOL with_priv)
 {
 	return get_group_map_from_ntname(name, map, with_priv) ?
 		NT_STATUS_OK : NT_STATUS_UNSUCCESSFUL;
 }
 
-static NTSTATUS lsapsam_add_group_mapping_entry(struct pdb_methods *methods,
+static NTSTATUS ldapsam_add_group_mapping_entry(struct pdb_methods *methods,
 						GROUP_MAP *map)
 {
 	return add_mapping_entry(map, TDB_INSERT) ?
 		NT_STATUS_OK : NT_STATUS_UNSUCCESSFUL;
 }
 
-static NTSTATUS lsapsam_update_group_mapping_entry(struct pdb_methods *methods,
+static NTSTATUS ldapsam_update_group_mapping_entry(struct pdb_methods *methods,
 						   GROUP_MAP *map)
 {
 	return add_mapping_entry(map, TDB_REPLACE) ?
 		NT_STATUS_OK : NT_STATUS_UNSUCCESSFUL;
 }
 
-static NTSTATUS lsapsam_delete_group_mapping_entry(struct pdb_methods *methods,
+static NTSTATUS ldapsam_delete_group_mapping_entry(struct pdb_methods *methods,
 						   DOM_SID sid)
 {
 	return group_map_remove(sid) ?
 		NT_STATUS_OK : NT_STATUS_UNSUCCESSFUL;
 }
 
-static NTSTATUS lsapsam_enum_group_mapping(struct pdb_methods *methods,
+static NTSTATUS ldapsam_enum_group_mapping(struct pdb_methods *methods,
 					   enum SID_NAME_USE sid_name_use,
 					   GROUP_MAP **rmap, int *num_entries,
 					   BOOL unix_only, BOOL with_priv)
@@ -1998,13 +1998,13 @@ NTSTATUS pdb_init_ldapsam(PDB_CONTEXT *pdb_context, PDB_METHODS **pdb_method, co
 	(*pdb_method)->add_sam_account = ldapsam_add_sam_account;
 	(*pdb_method)->update_sam_account = ldapsam_update_sam_account;
 	(*pdb_method)->delete_sam_account = ldapsam_delete_sam_account;
-	(*pdb_method)->getgrsid = lsapsam_getgrsid;
-	(*pdb_method)->getgrgid = lsapsam_getgrgid;
-	(*pdb_method)->getgrnam = lsapsam_getgrnam;
-	(*pdb_method)->add_group_mapping_entry = lsapsam_add_group_mapping_entry;
-	(*pdb_method)->update_group_mapping_entry = lsapsam_update_group_mapping_entry;
-	(*pdb_method)->delete_group_mapping_entry = lsapsam_delete_group_mapping_entry;
-	(*pdb_method)->enum_group_mapping = lsapsam_enum_group_mapping;
+	(*pdb_method)->getgrsid = ldapsam_getgrsid;
+	(*pdb_method)->getgrgid = ldapsam_getgrgid;
+	(*pdb_method)->getgrnam = ldapsam_getgrnam;
+	(*pdb_method)->add_group_mapping_entry = ldapsam_add_group_mapping_entry;
+	(*pdb_method)->update_group_mapping_entry = ldapsam_update_group_mapping_entry;
+	(*pdb_method)->delete_group_mapping_entry = ldapsam_delete_group_mapping_entry;
+	(*pdb_method)->enum_group_mapping = ldapsam_enum_group_mapping;
 
 	/* TODO: Setup private data and free */
 
diff --git a/source3/passdb/pdb_smbpasswd.c b/source3/passdb/pdb_smbpasswd.c
index abfe016e8a..5fd6a828bf 100644
--- a/source3/passdb/pdb_smbpasswd.c
+++ b/source3/passdb/pdb_smbpasswd.c
@@ -1494,47 +1494,55 @@ static NTSTATUS smbpasswd_delete_sam_account (struct pdb_methods *my_methods, SA
 }
 
 static NTSTATUS smbpasswd_getgrsid(struct pdb_methods *methods, GROUP_MAP *map,
-				   DOM_SID sid, BOOL with_priv)
+				 DOM_SID sid, BOOL with_priv)
 {
-	return NT_STATUS_NOT_IMPLEMENTED;
+	return get_group_map_from_sid(sid, map, with_priv) ?
+		NT_STATUS_OK : NT_STATUS_UNSUCCESSFUL;
 }
 
 static NTSTATUS smbpasswd_getgrgid(struct pdb_methods *methods, GROUP_MAP *map,
-				   gid_t gid, BOOL with_priv)
+				 gid_t gid, BOOL with_priv)
 {
-	return NT_STATUS_NOT_IMPLEMENTED;
+	return get_group_map_from_gid(gid, map, with_priv) ?
+		NT_STATUS_OK : NT_STATUS_UNSUCCESSFUL;
 }
 
 static NTSTATUS smbpasswd_getgrnam(struct pdb_methods *methods, GROUP_MAP *map,
-				   char *name, BOOL with_priv)
+				 char *name, BOOL with_priv)
 {
-	return NT_STATUS_NOT_IMPLEMENTED;
+	return get_group_map_from_ntname(name, map, with_priv) ?
+		NT_STATUS_OK : NT_STATUS_UNSUCCESSFUL;
 }
 
 static NTSTATUS smbpasswd_add_group_mapping_entry(struct pdb_methods *methods,
-						  GROUP_MAP *map)
+						GROUP_MAP *map)
 {
-	return NT_STATUS_NOT_IMPLEMENTED;
+	return add_mapping_entry(map, TDB_INSERT) ?
+		NT_STATUS_OK : NT_STATUS_UNSUCCESSFUL;
 }
 
 static NTSTATUS smbpasswd_update_group_mapping_entry(struct pdb_methods *methods,
-						     GROUP_MAP *map)
+						   GROUP_MAP *map)
 {
-	return NT_STATUS_NOT_IMPLEMENTED;
+	return add_mapping_entry(map, TDB_REPLACE) ?
+		NT_STATUS_OK : NT_STATUS_UNSUCCESSFUL;
 }
 
 static NTSTATUS smbpasswd_delete_group_mapping_entry(struct pdb_methods *methods,
-						     DOM_SID sid)
+						   DOM_SID sid)
 {
-	return NT_STATUS_NOT_IMPLEMENTED;
+	return group_map_remove(sid) ?
+		NT_STATUS_OK : NT_STATUS_UNSUCCESSFUL;
 }
 
 static NTSTATUS smbpasswd_enum_group_mapping(struct pdb_methods *methods,
-					     enum SID_NAME_USE sid_name_use,
-					     GROUP_MAP **rmap, int *num_entries,
-					     BOOL unix_only, BOOL with_priv)
+					   enum SID_NAME_USE sid_name_use,
+					   GROUP_MAP **rmap, int *num_entries,
+					   BOOL unix_only, BOOL with_priv)
 {
-	return NT_STATUS_NOT_IMPLEMENTED;
+	return enum_group_mapping(sid_name_use, rmap, num_entries, unix_only,
+				  with_priv) ?
+		NT_STATUS_OK : NT_STATUS_UNSUCCESSFUL;
 }
 
 static void free_private_data(void **vp) 
diff --git a/source3/passdb/secrets.c b/source3/passdb/secrets.c
index ad56fcedd1..29afaddea3 100644
--- a/source3/passdb/secrets.c
+++ b/source3/passdb/secrets.c
@@ -209,7 +209,7 @@ char *trustdom_keystr(const char *domain)
  Lock the trust password entry.
 ************************************************************************/
 
-BOOL secrets_lock_trust_account_password(char *domain, BOOL dolock)
+BOOL secrets_lock_trust_account_password(const char *domain, BOOL dolock)
 {
 	if (!tdb)
 		return False;
@@ -263,7 +263,7 @@ BOOL secrets_fetch_trust_account_password(const char *domain, uint8 ret_pwd[16],
  Routine to get account password to trusted domain
 ************************************************************************/
 
-BOOL secrets_fetch_trusted_domain_password(char *domain, char** pwd,
+BOOL secrets_fetch_trusted_domain_password(const char *domain, char** pwd,
 					   DOM_SID *sid, time_t *pass_last_set_time)
 {
 	struct trusted_dom_pass *pass;
@@ -302,7 +302,8 @@ BOOL secrets_fetch_trusted_domain_password(char *domain, char** pwd,
 /************************************************************************
  Routine to set the trust account password for a domain.
 ************************************************************************/
-BOOL secrets_store_trust_account_password(char *domain, uint8 new_pwd[16])
+
+BOOL secrets_store_trust_account_password(const char *domain, uint8 new_pwd[16])
 {
 	struct machine_acct_pass pass;
 
@@ -322,7 +323,7 @@ BOOL secrets_store_trust_account_password(char *domain, uint8 new_pwd[16])
  * @return true if succeeded
  **/
 
-BOOL secrets_store_trusted_domain_password(char* domain, smb_ucs2_t *uni_dom_name,
+BOOL secrets_store_trusted_domain_password(const char* domain, smb_ucs2_t *uni_dom_name,
 					   size_t uni_name_len, char* pwd,
 					   DOM_SID sid)
 {
@@ -353,7 +354,8 @@ BOOL secrets_store_trusted_domain_password(char* domain, smb_ucs2_t *uni_dom_nam
  Routine to set the plaintext machine account password for a realm
 the password is assumed to be a null terminated ascii string
 ************************************************************************/
-BOOL secrets_store_machine_password(char *pass)
+
+BOOL secrets_store_machine_password(const char *pass)
 {
 	char *key;
 	BOOL ret;
@@ -394,6 +396,7 @@ BOOL trust_password_delete(const char *domain)
 /************************************************************************
  Routine to delete the password for trusted domain
 ************************************************************************/
+
 BOOL trusted_domain_password_delete(const char *domain)
 {
 	return secrets_delete(trustdom_keystr(domain));
@@ -602,7 +605,7 @@ BOOL secrets_named_mutex(const char *name, unsigned int timeout)
  Unlock a named mutex.
 *******************************************************************************/
 
-void secrets_named_mutex_release(char *name)
+void secrets_named_mutex_release(const char *name)
 {
 	tdb_unlock_bystring(tdb, name);
 	DEBUG(10,("secrets_named_mutex: released mutex for %s\n", name ));
diff --git a/source3/rpc_server/srv_samr_nt.c b/source3/rpc_server/srv_samr_nt.c
index 7b611922f6..0b5870b16c 100644
--- a/source3/rpc_server/srv_samr_nt.c
+++ b/source3/rpc_server/srv_samr_nt.c
@@ -303,6 +303,7 @@ static NTSTATUS load_group_domain_entries(struct samr_info *info, DOM_SID *sid)
 	}
 
 	if (!pdb_enum_group_mapping(SID_NAME_DOM_GRP, &map, (int *)&group_entries, ENUM_ONLY_MAPPED, MAPPING_WITHOUT_PRIV)) {
+		DEBUG(1, ("load_group_domain_entries: pdb_enum_group_mapping() failed!\n"));
 		return NT_STATUS_NO_MEMORY;
 	}
 
@@ -311,6 +312,7 @@ static NTSTATUS load_group_domain_entries(struct samr_info *info, DOM_SID *sid)
 	grp_array=(DISP_GROUP_INFO *)talloc(mem_ctx, info->disp_info.num_group_account*sizeof(DISP_GROUP_INFO));
 
 	if (group_entries!=0 && grp_array==NULL) {
+		DEBUG(1, ("load_group_domain_entries: talloc() failed for grp_array!\n"));
 		SAFE_FREE(map);
 		return NT_STATUS_NO_MEMORY;
 	}
diff --git a/source3/utils/smbpasswd.c b/source3/utils/smbpasswd.c
index 75a4319cb9..0e822ee7ad 100644
--- a/source3/utils/smbpasswd.c
+++ b/source3/utils/smbpasswd.c
@@ -122,7 +122,7 @@ static int process_options(int argc, char **argv, int local_flags)
 			local_flags |= LOCAL_INTERDOM_ACCOUNT;
 			break;
 		case 'j':
-			d_printf("See 'net rpc join' for this functionality\n");
+			d_printf("See 'net join' for this functionality\n");
 			exit(1);
 			break;
 		case 'n':