diff options
-rw-r--r-- | source3/libads/ldap.c | 2 | ||||
-rw-r--r-- | source3/nsswitch/winbindd.h | 3 | ||||
-rw-r--r-- | source3/nsswitch/winbindd_ads.c | 17 | ||||
-rw-r--r-- | source3/nsswitch/winbindd_cache.c | 57 | ||||
-rw-r--r-- | source3/nsswitch/winbindd_proto.h | 1 | ||||
-rw-r--r-- | source3/nsswitch/winbindd_rpc.c | 57 | ||||
-rw-r--r-- | source3/nsswitch/winbindd_util.c | 22 |
7 files changed, 78 insertions, 81 deletions
diff --git a/source3/libads/ldap.c b/source3/libads/ldap.c index 5b391f1282..b18e7927ae 100644 --- a/source3/libads/ldap.c +++ b/source3/libads/ldap.c @@ -536,7 +536,7 @@ BOOL ads_USN(ADS_STRUCT *ads, uint32 *usn) int rc; void *res; - rc = ldap_search_s(ads->ld, ads->bind_path, + rc = ldap_search_s(ads->ld, "", LDAP_SCOPE_BASE, "(objectclass=*)", attrs, 0, (LDAPMessage **)&res); if (rc || ads_count_replies(ads, res) != 1) return False; return ads_pull_uint32(ads, res, "highestCommittedUSN", usn); diff --git a/source3/nsswitch/winbindd.h b/source3/nsswitch/winbindd.h index cfe3e8c29f..21dca93af5 100644 --- a/source3/nsswitch/winbindd.h +++ b/source3/nsswitch/winbindd.h @@ -134,6 +134,9 @@ struct winbindd_methods { uint32 group_rid, uint32 *num_names, uint32 **rid_mem, char ***names, uint32 **name_types); + + /* return the current global sequence number */ + uint32 (*sequence_number)(struct winbindd_domain *domain); }; /* Structures to hold per domain information */ diff --git a/source3/nsswitch/winbindd_ads.c b/source3/nsswitch/winbindd_ads.c index c5aebad11b..145f2b68d1 100644 --- a/source3/nsswitch/winbindd_ads.c +++ b/source3/nsswitch/winbindd_ads.c @@ -562,6 +562,20 @@ done: return status; } +/* find the sequence number for a domain */ +static uint32 sequence_number(struct winbindd_domain *domain) +{ + uint32 usn; + ADS_STRUCT *ads = NULL; + + ads = ads_cached_connection(domain); + if (!ads) return DOM_SEQUENCE_NONE; + + if (!ads_USN(ads, &usn)) return DOM_SEQUENCE_NONE; + + return usn; +} + /* the ADS backend methods are exposed via this structure */ struct winbindd_methods ads_methods = { query_user_list, @@ -570,7 +584,8 @@ struct winbindd_methods ads_methods = { sid_to_name, query_user, lookup_usergroups, - lookup_groupmem + lookup_groupmem, + sequence_number }; #endif diff --git a/source3/nsswitch/winbindd_cache.c b/source3/nsswitch/winbindd_cache.c index 24a2118fb1..32ef3526fa 100644 --- a/source3/nsswitch/winbindd_cache.c +++ b/source3/nsswitch/winbindd_cache.c @@ -47,61 +47,6 @@ void winbindd_cache_init(void) DEBUG(0, ("Unable to open tdb cache - user and group caching disabled\n")); } -/* find the sequence number for a domain */ - -static uint32 domain_sequence_number(struct winbindd_domain *domain) -{ - TALLOC_CTX *mem_ctx; - CLI_POLICY_HND *hnd; - SAM_UNK_CTR ctr; - uint16 switch_value = 2; - NTSTATUS result; - uint32 seqnum = DOM_SEQUENCE_NONE; - POLICY_HND dom_pol; - BOOL got_dom_pol = False; - uint32 des_access = SEC_RIGHTS_MAXIMUM_ALLOWED; - - if (!(mem_ctx = talloc_init())) - return DOM_SEQUENCE_NONE; - - /* Get sam handle */ - - if (!(hnd = cm_get_sam_handle(domain->name))) - goto done; - - /* Get domain handle */ - - result = cli_samr_open_domain(hnd->cli, mem_ctx, &hnd->pol, - des_access, &domain->sid, &dom_pol); - - if (!NT_STATUS_IS_OK(result)) - goto done; - - got_dom_pol = True; - - /* Query domain info */ - - result = cli_samr_query_dom_info(hnd->cli, mem_ctx, &dom_pol, - switch_value, &ctr); - - if (NT_STATUS_IS_OK(result)) { - seqnum = ctr.info.inf2.seq_num; - DEBUG(10,("domain_sequence_number: for domain %s is %u\n", domain->name, (unsigned)seqnum )); - } else { - DEBUG(10,("domain_sequence_number: failed to get sequence number (%u) for domain %s\n", - (unsigned)seqnum, domain->name )); - } - - done: - - if (got_dom_pol) - cli_samr_close(hnd->cli, mem_ctx, &dom_pol); - - talloc_destroy(mem_ctx); - - return seqnum; -} - /* get the domain sequence number, possibly re-fetching */ static uint32 cached_sequence_number(struct winbindd_domain *domain) @@ -127,7 +72,7 @@ static uint32 cached_sequence_number(struct winbindd_domain *domain) } refetch: - rec.seq_num = domain_sequence_number(domain); + rec.seq_num = domain->methods->sequence_number(domain); rec.mod_time = t; tdb_store_by_string(cache_tdb, keystr, &rec, sizeof(rec)); diff --git a/source3/nsswitch/winbindd_proto.h b/source3/nsswitch/winbindd_proto.h index 893064b801..8f2010accb 100644 --- a/source3/nsswitch/winbindd_proto.h +++ b/source3/nsswitch/winbindd_proto.h @@ -133,7 +133,6 @@ enum winbindd_result winbindd_list_users(struct winbindd_cli_state *state); struct winbindd_domain *find_domain_from_name(char *domain_name); struct winbindd_domain *find_domain_from_sid(DOM_SID *sid); BOOL get_domain_info(void); -void free_domain_info(void); BOOL lookup_domain_sid(char *domain_name, struct winbindd_domain *domain); BOOL winbindd_lookup_sid_by_name(struct winbindd_domain *domain, const char *name, DOM_SID *sid, enum SID_NAME_USE *type); diff --git a/source3/nsswitch/winbindd_rpc.c b/source3/nsswitch/winbindd_rpc.c index c04bcdc954..9f1d46b40f 100644 --- a/source3/nsswitch/winbindd_rpc.c +++ b/source3/nsswitch/winbindd_rpc.c @@ -402,6 +402,60 @@ static NTSTATUS lookup_groupmem(struct winbindd_domain *domain, return result; } +/* find the sequence number for a domain */ +static uint32 sequence_number(struct winbindd_domain *domain) +{ + TALLOC_CTX *mem_ctx; + CLI_POLICY_HND *hnd; + SAM_UNK_CTR ctr; + uint16 switch_value = 2; + NTSTATUS result; + uint32 seqnum = DOM_SEQUENCE_NONE; + POLICY_HND dom_pol; + BOOL got_dom_pol = False; + uint32 des_access = SEC_RIGHTS_MAXIMUM_ALLOWED; + + if (!(mem_ctx = talloc_init())) + return DOM_SEQUENCE_NONE; + + /* Get sam handle */ + + if (!(hnd = cm_get_sam_handle(domain->name))) + goto done; + + /* Get domain handle */ + + result = cli_samr_open_domain(hnd->cli, mem_ctx, &hnd->pol, + des_access, &domain->sid, &dom_pol); + + if (!NT_STATUS_IS_OK(result)) + goto done; + + got_dom_pol = True; + + /* Query domain info */ + + result = cli_samr_query_dom_info(hnd->cli, mem_ctx, &dom_pol, + switch_value, &ctr); + + if (NT_STATUS_IS_OK(result)) { + seqnum = ctr.info.inf2.seq_num; + DEBUG(10,("domain_sequence_number: for domain %s is %u\n", domain->name, (unsigned)seqnum )); + } else { + DEBUG(10,("domain_sequence_number: failed to get sequence number (%u) for domain %s\n", + (unsigned)seqnum, domain->name )); + } + + done: + + if (got_dom_pol) + cli_samr_close(hnd->cli, mem_ctx, &dom_pol); + + talloc_destroy(mem_ctx); + + return seqnum; +} + /* the rpc backend methods are exposed via this structure */ struct winbindd_methods msrpc_methods = { @@ -411,6 +465,7 @@ struct winbindd_methods msrpc_methods = { sid_to_name, query_user, lookup_usergroups, - lookup_groupmem + lookup_groupmem, + sequence_number }; diff --git a/source3/nsswitch/winbindd_util.c b/source3/nsswitch/winbindd_util.c index 2ac090f8e5..fb041cc3ea 100644 --- a/source3/nsswitch/winbindd_util.c +++ b/source3/nsswitch/winbindd_util.c @@ -55,7 +55,7 @@ struct winbindd_domain *find_domain_from_name(char *domain_name) /* Search through list */ for (tmp = domain_list; tmp != NULL; tmp = tmp->next) { - if (strcmp(domain_name, tmp->name) == 0) + if (strcasecmp(domain_name, tmp->name) == 0) return tmp; } @@ -192,26 +192,6 @@ BOOL get_domain_info(void) return rv; } -/* Free global domain info */ - -void free_domain_info(void) -{ - struct winbindd_domain *domain; - - /* Free list of domains */ - - if (domain_list) { - struct winbindd_domain *next_domain; - - domain = domain_list; - - while(domain) { - next_domain = domain->next; - SAFE_FREE(domain); - domain = next_domain; - } - } -} /* Connect to a domain controller using get_any_dc_name() to discover the domain name and sid */ |