summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--source3/libads/ldap.c2
-rw-r--r--source3/nsswitch/winbindd.h3
-rw-r--r--source3/nsswitch/winbindd_ads.c17
-rw-r--r--source3/nsswitch/winbindd_cache.c57
-rw-r--r--source3/nsswitch/winbindd_proto.h1
-rw-r--r--source3/nsswitch/winbindd_rpc.c57
-rw-r--r--source3/nsswitch/winbindd_util.c22
7 files changed, 78 insertions, 81 deletions
diff --git a/source3/libads/ldap.c b/source3/libads/ldap.c
index 5b391f1282..b18e7927ae 100644
--- a/source3/libads/ldap.c
+++ b/source3/libads/ldap.c
@@ -536,7 +536,7 @@ BOOL ads_USN(ADS_STRUCT *ads, uint32 *usn)
int rc;
void *res;
- rc = ldap_search_s(ads->ld, ads->bind_path,
+ rc = ldap_search_s(ads->ld, "",
LDAP_SCOPE_BASE, "(objectclass=*)", attrs, 0, (LDAPMessage **)&res);
if (rc || ads_count_replies(ads, res) != 1) return False;
return ads_pull_uint32(ads, res, "highestCommittedUSN", usn);
diff --git a/source3/nsswitch/winbindd.h b/source3/nsswitch/winbindd.h
index cfe3e8c29f..21dca93af5 100644
--- a/source3/nsswitch/winbindd.h
+++ b/source3/nsswitch/winbindd.h
@@ -134,6 +134,9 @@ struct winbindd_methods {
uint32 group_rid, uint32 *num_names,
uint32 **rid_mem, char ***names,
uint32 **name_types);
+
+ /* return the current global sequence number */
+ uint32 (*sequence_number)(struct winbindd_domain *domain);
};
/* Structures to hold per domain information */
diff --git a/source3/nsswitch/winbindd_ads.c b/source3/nsswitch/winbindd_ads.c
index c5aebad11b..145f2b68d1 100644
--- a/source3/nsswitch/winbindd_ads.c
+++ b/source3/nsswitch/winbindd_ads.c
@@ -562,6 +562,20 @@ done:
return status;
}
+/* find the sequence number for a domain */
+static uint32 sequence_number(struct winbindd_domain *domain)
+{
+ uint32 usn;
+ ADS_STRUCT *ads = NULL;
+
+ ads = ads_cached_connection(domain);
+ if (!ads) return DOM_SEQUENCE_NONE;
+
+ if (!ads_USN(ads, &usn)) return DOM_SEQUENCE_NONE;
+
+ return usn;
+}
+
/* the ADS backend methods are exposed via this structure */
struct winbindd_methods ads_methods = {
query_user_list,
@@ -570,7 +584,8 @@ struct winbindd_methods ads_methods = {
sid_to_name,
query_user,
lookup_usergroups,
- lookup_groupmem
+ lookup_groupmem,
+ sequence_number
};
#endif
diff --git a/source3/nsswitch/winbindd_cache.c b/source3/nsswitch/winbindd_cache.c
index 24a2118fb1..32ef3526fa 100644
--- a/source3/nsswitch/winbindd_cache.c
+++ b/source3/nsswitch/winbindd_cache.c
@@ -47,61 +47,6 @@ void winbindd_cache_init(void)
DEBUG(0, ("Unable to open tdb cache - user and group caching disabled\n"));
}
-/* find the sequence number for a domain */
-
-static uint32 domain_sequence_number(struct winbindd_domain *domain)
-{
- TALLOC_CTX *mem_ctx;
- CLI_POLICY_HND *hnd;
- SAM_UNK_CTR ctr;
- uint16 switch_value = 2;
- NTSTATUS result;
- uint32 seqnum = DOM_SEQUENCE_NONE;
- POLICY_HND dom_pol;
- BOOL got_dom_pol = False;
- uint32 des_access = SEC_RIGHTS_MAXIMUM_ALLOWED;
-
- if (!(mem_ctx = talloc_init()))
- return DOM_SEQUENCE_NONE;
-
- /* Get sam handle */
-
- if (!(hnd = cm_get_sam_handle(domain->name)))
- goto done;
-
- /* Get domain handle */
-
- result = cli_samr_open_domain(hnd->cli, mem_ctx, &hnd->pol,
- des_access, &domain->sid, &dom_pol);
-
- if (!NT_STATUS_IS_OK(result))
- goto done;
-
- got_dom_pol = True;
-
- /* Query domain info */
-
- result = cli_samr_query_dom_info(hnd->cli, mem_ctx, &dom_pol,
- switch_value, &ctr);
-
- if (NT_STATUS_IS_OK(result)) {
- seqnum = ctr.info.inf2.seq_num;
- DEBUG(10,("domain_sequence_number: for domain %s is %u\n", domain->name, (unsigned)seqnum ));
- } else {
- DEBUG(10,("domain_sequence_number: failed to get sequence number (%u) for domain %s\n",
- (unsigned)seqnum, domain->name ));
- }
-
- done:
-
- if (got_dom_pol)
- cli_samr_close(hnd->cli, mem_ctx, &dom_pol);
-
- talloc_destroy(mem_ctx);
-
- return seqnum;
-}
-
/* get the domain sequence number, possibly re-fetching */
static uint32 cached_sequence_number(struct winbindd_domain *domain)
@@ -127,7 +72,7 @@ static uint32 cached_sequence_number(struct winbindd_domain *domain)
}
refetch:
- rec.seq_num = domain_sequence_number(domain);
+ rec.seq_num = domain->methods->sequence_number(domain);
rec.mod_time = t;
tdb_store_by_string(cache_tdb, keystr, &rec, sizeof(rec));
diff --git a/source3/nsswitch/winbindd_proto.h b/source3/nsswitch/winbindd_proto.h
index 893064b801..8f2010accb 100644
--- a/source3/nsswitch/winbindd_proto.h
+++ b/source3/nsswitch/winbindd_proto.h
@@ -133,7 +133,6 @@ enum winbindd_result winbindd_list_users(struct winbindd_cli_state *state);
struct winbindd_domain *find_domain_from_name(char *domain_name);
struct winbindd_domain *find_domain_from_sid(DOM_SID *sid);
BOOL get_domain_info(void);
-void free_domain_info(void);
BOOL lookup_domain_sid(char *domain_name, struct winbindd_domain *domain);
BOOL winbindd_lookup_sid_by_name(struct winbindd_domain *domain,
const char *name, DOM_SID *sid, enum SID_NAME_USE *type);
diff --git a/source3/nsswitch/winbindd_rpc.c b/source3/nsswitch/winbindd_rpc.c
index c04bcdc954..9f1d46b40f 100644
--- a/source3/nsswitch/winbindd_rpc.c
+++ b/source3/nsswitch/winbindd_rpc.c
@@ -402,6 +402,60 @@ static NTSTATUS lookup_groupmem(struct winbindd_domain *domain,
return result;
}
+/* find the sequence number for a domain */
+static uint32 sequence_number(struct winbindd_domain *domain)
+{
+ TALLOC_CTX *mem_ctx;
+ CLI_POLICY_HND *hnd;
+ SAM_UNK_CTR ctr;
+ uint16 switch_value = 2;
+ NTSTATUS result;
+ uint32 seqnum = DOM_SEQUENCE_NONE;
+ POLICY_HND dom_pol;
+ BOOL got_dom_pol = False;
+ uint32 des_access = SEC_RIGHTS_MAXIMUM_ALLOWED;
+
+ if (!(mem_ctx = talloc_init()))
+ return DOM_SEQUENCE_NONE;
+
+ /* Get sam handle */
+
+ if (!(hnd = cm_get_sam_handle(domain->name)))
+ goto done;
+
+ /* Get domain handle */
+
+ result = cli_samr_open_domain(hnd->cli, mem_ctx, &hnd->pol,
+ des_access, &domain->sid, &dom_pol);
+
+ if (!NT_STATUS_IS_OK(result))
+ goto done;
+
+ got_dom_pol = True;
+
+ /* Query domain info */
+
+ result = cli_samr_query_dom_info(hnd->cli, mem_ctx, &dom_pol,
+ switch_value, &ctr);
+
+ if (NT_STATUS_IS_OK(result)) {
+ seqnum = ctr.info.inf2.seq_num;
+ DEBUG(10,("domain_sequence_number: for domain %s is %u\n", domain->name, (unsigned)seqnum ));
+ } else {
+ DEBUG(10,("domain_sequence_number: failed to get sequence number (%u) for domain %s\n",
+ (unsigned)seqnum, domain->name ));
+ }
+
+ done:
+
+ if (got_dom_pol)
+ cli_samr_close(hnd->cli, mem_ctx, &dom_pol);
+
+ talloc_destroy(mem_ctx);
+
+ return seqnum;
+}
+
/* the rpc backend methods are exposed via this structure */
struct winbindd_methods msrpc_methods = {
@@ -411,6 +465,7 @@ struct winbindd_methods msrpc_methods = {
sid_to_name,
query_user,
lookup_usergroups,
- lookup_groupmem
+ lookup_groupmem,
+ sequence_number
};
diff --git a/source3/nsswitch/winbindd_util.c b/source3/nsswitch/winbindd_util.c
index 2ac090f8e5..fb041cc3ea 100644
--- a/source3/nsswitch/winbindd_util.c
+++ b/source3/nsswitch/winbindd_util.c
@@ -55,7 +55,7 @@ struct winbindd_domain *find_domain_from_name(char *domain_name)
/* Search through list */
for (tmp = domain_list; tmp != NULL; tmp = tmp->next) {
- if (strcmp(domain_name, tmp->name) == 0)
+ if (strcasecmp(domain_name, tmp->name) == 0)
return tmp;
}
@@ -192,26 +192,6 @@ BOOL get_domain_info(void)
return rv;
}
-/* Free global domain info */
-
-void free_domain_info(void)
-{
- struct winbindd_domain *domain;
-
- /* Free list of domains */
-
- if (domain_list) {
- struct winbindd_domain *next_domain;
-
- domain = domain_list;
-
- while(domain) {
- next_domain = domain->next;
- SAFE_FREE(domain);
- domain = next_domain;
- }
- }
-}
/* Connect to a domain controller using get_any_dc_name() to discover
the domain name and sid */