summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
Diffstat
-rw-r--r--source3/Makefile.in5
-rw-r--r--source3/nsswitch/winbindd.c5
-rw-r--r--source3/nsswitch/winbindd_group.c31
-rw-r--r--source3/nsswitch/winbindd_idmap.c195
-rw-r--r--source3/nsswitch/winbindd_idmap_ldap.c395
-rw-r--r--source3/nsswitch/winbindd_idmap_tdb.c459
-rw-r--r--source3/nsswitch/winbindd_sid.c20
-rw-r--r--source3/nsswitch/winbindd_user.c28
-rw-r--r--source3/sam/idmap.c7
-rw-r--r--source3/sam/idmap_winbind.c155
-rw-r--r--source3/smbd/server.c2
11 files changed, 59 insertions, 1243 deletions
diff --git a/source3/Makefile.in b/source3/Makefile.in
index 7291b4b3c5..a73f8c9682 100644
--- a/source3/Makefile.in
+++ b/source3/Makefile.in
@@ -288,7 +288,7 @@ DEVEL_HELP_OBJ = modules/developer.o
SAM_STATIC_MODULES = sam/sam_plugin.o sam/sam_skel.o sam/sam_ads.o
-IDMAP_OBJ = sam/idmap.o sam/idmap_tdb.o sam/idmap_winbind.o
+IDMAP_OBJ = sam/idmap.o sam/idmap_tdb.o
SAM_OBJ = sam/account.o sam/get_set_account.o sam/get_set_group.o \
sam/get_set_domain.o sam/interface.o $(SAM_STATIC_MODULES)
@@ -590,9 +590,6 @@ WINBINDD_OBJ1 = \
nsswitch/winbindd.o \
nsswitch/winbindd_user.o \
nsswitch/winbindd_group.o \
- nsswitch/winbindd_idmap.o \
- nsswitch/winbindd_idmap_tdb.o \
- nsswitch/winbindd_idmap_ldap.o \
nsswitch/winbindd_util.o \
nsswitch/winbindd_cache.o \
nsswitch/winbindd_pam.o \
diff --git a/source3/nsswitch/winbindd.c b/source3/nsswitch/winbindd.c
index ff21a4644f..1be5a18c7c 100644
--- a/source3/nsswitch/winbindd.c
+++ b/source3/nsswitch/winbindd.c
@@ -128,7 +128,6 @@ static void winbindd_status(void)
static void print_winbindd_status(void)
{
winbindd_status();
- winbindd_idmap_status();
winbindd_cm_status();
}
@@ -146,7 +145,7 @@ static void terminate(void)
{
pstring path;
- winbindd_idmap_close();
+ idmap_close();
/* Remove socket file */
snprintf(path, sizeof(path), "%s/%s",
@@ -755,7 +754,7 @@ BOOL winbind_setup_common(void)
/* Winbind daemon initialisation */
- if (!winbindd_idmap_init())
+ if (!idmap_init())
return False;
/* Unblock all signals we are interested in as they may have been
diff --git a/source3/nsswitch/winbindd_group.c b/source3/nsswitch/winbindd_group.c
index d06db5943c..02114a3891 100644
--- a/source3/nsswitch/winbindd_group.c
+++ b/source3/nsswitch/winbindd_group.c
@@ -193,8 +193,9 @@ enum winbindd_result winbindd_getgrnam(struct winbindd_cli_state *state)
enum SID_NAME_USE name_type;
fstring name_domain, name_group;
char *tmp, *gr_mem;
- gid_t gid;
int gr_mem_len;
+ unid_t id;
+ int id_type;
/* Ensure null termination */
state->request.data.groupname[sizeof(state->request.data.groupname)-1]='\0';
@@ -233,13 +234,14 @@ enum winbindd_result winbindd_getgrnam(struct winbindd_cli_state *state)
return WINBINDD_ERROR;
}
- if (!winbindd_idmap_get_gid_from_sid(&group_sid, &gid)) {
+ id_type = ID_GROUPID;
+ if (NT_STATUS_IS_ERR(idmap_get_id_from_sid(&id, &id_type, &group_sid))) {
DEBUG(1, ("error converting unix gid to sid\n"));
return WINBINDD_ERROR;
}
if (!fill_grent(&state->response.data.gr, name_domain,
- name_group, gid) ||
+ name_group, id.gid) ||
!fill_grent_mem(domain, &group_sid, name_type,
&state->response.data.gr.num_gr_mem,
&gr_mem, &gr_mem_len)) {
@@ -267,6 +269,7 @@ enum winbindd_result winbindd_getgrgid(struct winbindd_cli_state *state)
fstring group_name;
int gr_mem_len;
char *gr_mem;
+ unid_t id;
DEBUG(3, ("[%5d]: getgrgid %d\n", state->pid,
state->request.data.gid));
@@ -278,8 +281,8 @@ enum winbindd_result winbindd_getgrgid(struct winbindd_cli_state *state)
return WINBINDD_ERROR;
/* Get rid from gid */
-
- if (!winbindd_idmap_get_sid_from_gid(state->request.data.gid, &group_sid)) {
+ id.gid = state->request.data.gid;
+ if (NT_STATUS_IS_ERR(idmap_get_sid_from_id(&group_sid, id, ID_GROUPID))) {
DEBUG(1, ("could not convert gid %d to rid\n",
state->request.data.gid));
return WINBINDD_ERROR;
@@ -544,6 +547,8 @@ enum winbindd_result winbindd_getgrent(struct winbindd_cli_state *state)
char *gr_mem, *new_gr_mem_list;
DOM_SID group_sid;
struct winbindd_domain *domain;
+ unid_t id;
+ int id_type;
/* Do we need to fetch another chunk of groups? */
@@ -590,9 +595,8 @@ enum winbindd_result winbindd_getgrent(struct winbindd_cli_state *state)
sid_copy(&group_sid, &domain->sid);
sid_append_rid(&group_sid, name_list[ent->sam_entry_index].rid);
- if (!winbindd_idmap_get_gid_from_sid(
- &group_sid,
- &group_gid)) {
+ id_type = ID_GROUPID;
+ if (NT_STATUS_IS_ERR(idmap_get_id_from_sid(&id, &id_type, &group_sid))) {
DEBUG(1, ("could not look up gid for group %s\n",
name_list[ent->sam_entry_index].acct_name));
@@ -600,6 +604,7 @@ enum winbindd_result winbindd_getgrent(struct winbindd_cli_state *state)
ent->sam_entry_index++;
goto tryagain;
}
+ group_gid = id.gid;
DEBUG(10, ("got gid %d for group %x\n", group_gid,
name_list[ent->sam_entry_index].rid));
@@ -869,16 +874,18 @@ enum winbindd_result winbindd_getgroups(struct winbindd_cli_state *state)
goto done;
for (i = 0; i < num_groups; i++) {
- if (!winbindd_idmap_get_gid_from_sid(
- user_gids[i],
- &gid_list[num_gids])) {
+ unid_t id;
+ int id_type;
+
+ id_type = ID_GROUPID;
+ if (NT_STATUS_IS_ERR(idmap_get_id_from_sid(&id, &id_type, user_gids[i]))) {
fstring sid_string;
DEBUG(1, ("unable to convert group sid %s to gid\n",
sid_to_string(sid_string, user_gids[i])));
continue;
}
-
+ gid_list[num_gids] = id.gid;
num_gids++;
}
diff --git a/source3/nsswitch/winbindd_idmap.c b/source3/nsswitch/winbindd_idmap.c
deleted file mode 100644
index 23f4b4d081..0000000000
--- a/source3/nsswitch/winbindd_idmap.c
+++ /dev/null
@@ -1,195 +0,0 @@
-/*
- Unix SMB/CIFS implementation.
- Winbind ID Mapping
- Copyright (C) Tim Potter 2000
- Copyright (C) Anthony Liguori <aliguor@us.ibm.com> 2003
-
- This program is free software; you can redistribute it and/or modify
- it under the terms of the GNU General Public License as published by
- the Free Software Foundation; either version 2 of the License, or
- (at your option) any later version.
-
- This program is distributed in the hope that it will be useful,
- but WITHOUT ANY WARRANTY; without even the implied warranty of
- MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
- GNU General Public License for more details.
-
- You should have received a copy of the GNU General Public License
- along with this program; if not, write to the Free Software
- Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
-*/
-
-#include "winbindd.h"
-
-static struct {
- const char *name;
- /* Function to create a member of the idmap_methods list */
- BOOL (*reg_meth)(struct winbindd_idmap_methods **methods);
- struct winbindd_idmap_methods *methods;
-} builtin_winbindd_idmap_functions[] = {
- { "tdb", winbind_idmap_reg_tdb, NULL },
- { "ldap", winbind_idmap_reg_ldap, NULL },
- { NULL, NULL, NULL }
-};
-
-/* singleton pattern: uberlazy evaluation */
-static struct winbindd_idmap_methods *impl;
-
-static struct winbindd_idmap_methods *get_impl(const char *name)
-{
- int i = 0;
- struct winbindd_idmap_methods *ret = NULL;
-
- while (builtin_winbindd_idmap_functions[i].name &&
- strcmp(builtin_winbindd_idmap_functions[i].name, name)) {
- i++;
- }
-
- if (builtin_winbindd_idmap_functions[i].name) {
- if (!builtin_winbindd_idmap_functions[i].methods) {
- builtin_winbindd_idmap_functions[i].reg_meth(&builtin_winbindd_idmap_functions[i].methods);
- }
-
- ret = builtin_winbindd_idmap_functions[i].methods;
- }
-
- return ret;
-}
-
-/* Initialize backend */
-BOOL winbindd_idmap_init(void)
-{
- BOOL ret = False;
-
- DEBUG(3, ("winbindd_idmap_init: using '%s' as backend\n",
- lp_winbind_backend()));
-
- if (!impl) {
- impl = get_impl(lp_winbind_backend());
- if (!impl) {
- DEBUG(0, ("winbindd_idmap_init: could not load backend '%s'\n",
- lp_winbind_backend()));
- }
- }
-
- if (impl) {
- ret = impl->init();
- }
-
- DEBUG(3, ("winbind_idmap_init: returning %s\n", ret ? "true" : "false"));
-
- return ret;
-}
-
-/* Get UID from SID */
-BOOL winbindd_idmap_get_uid_from_sid(DOM_SID *sid, uid_t *uid)
-{
- BOOL ret = False;
-
- if (!impl) {
- impl = get_impl(lp_winbind_backend());
- if (!impl) {
- DEBUG(0, ("winbindd_idmap_init: could not load backend '%s'\n",
- lp_winbind_backend()));
- }
- }
-
- if (impl) {
- ret = impl->get_uid_from_sid(sid, uid);
- }
-
- return ret;
-}
-
-/* Get GID from SID */
-BOOL winbindd_idmap_get_gid_from_sid(DOM_SID *sid, gid_t *gid)
-{
- BOOL ret = False;
-
- if (!impl) {
- impl = get_impl(lp_winbind_backend());
- if (!impl) {
- DEBUG(0, ("winbindd_idmap_init: could not load backend '%s'\n",
- lp_winbind_backend()));
- }
- }
-
- if (impl) {
- ret = impl->get_gid_from_sid(sid, gid);
- }
-
- return ret;
-}
-
-/* Get SID from UID */
-BOOL winbindd_idmap_get_sid_from_uid(uid_t uid, DOM_SID *sid)
-{
- BOOL ret = False;
-
- if (!impl) {
- impl = get_impl(lp_winbind_backend());
- if (!impl) {
- DEBUG(0, ("winbindd_idmap_init: could not load backend '%s'\n",
- lp_winbind_backend()));
- }
- }
-
- if (impl) {
- ret = impl->get_sid_from_uid(uid, sid);
- }
-
- return ret;
-}
-
-/* Get SID from GID */
-BOOL winbindd_idmap_get_sid_from_gid(gid_t gid, DOM_SID *sid)
-{
- BOOL ret = False;
-
- if (!impl) {
- impl = get_impl(lp_winbind_backend());
- }
-
- if (impl) {
- ret = impl->get_sid_from_gid(gid, sid);
- } else {
- DEBUG(0, ("winbindd_idmap_init: could not load backend '%s'\n",
- lp_winbind_backend()));
- }
-
- return ret;
-}
-
-/* Close backend */
-BOOL winbindd_idmap_close(void)
-{
- BOOL ret = False;
-
- if (!impl) {
- impl = get_impl(lp_winbind_backend());
- }
-
- if (impl) {
- ret = impl->close();
- } else {
- DEBUG(0, ("winbindd_idmap_init: could not load backend '%s'\n",
- lp_winbind_backend()));
- }
-
- return ret;
-}
-
-/* Dump backend status */
-void winbindd_idmap_status(void)
-{
- if (!impl) {
- impl = get_impl(lp_winbind_backend());
- }
-
- if (impl) {
- impl->status();
- } else {
- DEBUG(0, ("winbindd_idmap_init: could not load backend '%s'\n",
- lp_winbind_backend()));
- }
-}
diff --git a/source3/nsswitch/winbindd_idmap_ldap.c b/source3/nsswitch/winbindd_idmap_ldap.c
deleted file mode 100644
index 55efb7f45c..0000000000
--- a/source3/nsswitch/winbindd_idmap_ldap.c
+++ /dev/null
@@ -1,395 +0,0 @@
-/*
- Unix SMB/CIFS implementation.
-
- Winbind daemon - user related function
-
- Copyright (C) Jim McDonough <jmcd@us.ibm.com> 2003
-
- This program is free software; you can redistribute it and/or modify
- it under the terms of the GNU General Public License as published by
- the Free Software Foundation; either version 2 of the License, or
- (at your option) any later version.
-
- This program is distributed in the hope that it will be useful,
- but WITHOUT ANY WARRANTY; without even the implied warranty of
- MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
- GNU General Public License for more details.
-
- You should have received a copy of the GNU General Public License
- along with this program; if not, write to the Free Software
- Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
-*/
-
-#include "winbindd.h"
-
-#undef DBGC_CLASS
-#define DBGC_CLASS DBGC_WINBIND
-
-#ifdef HAVE_LDAP
-
-#include <lber.h>
-#include <ldap.h>
-
-#include "smb_ldap.h"
-
-/* Globals */
-static struct smb_ldap_privates *ldap_state;
-
-static const char *attr[] = { "uid", "rid", "domain", "uidNumber",
- "gidNumber", NULL };
-
-static const char *pool_attr[] = {"uidNumber", "gidNumber", "cn", NULL};
-
-static long ldap_allocate_id(BOOL is_user)
-{
- int rc, count;
- LDAPMessage *result;
- int scope = LDAP_SCOPE_SUBTREE;
- long ret = 0;
- int sanity = 0;
-
- do {
- rc = smb_ldap_search(ldap_state, lp_ldap_suffix(), scope, is_user?"cn=UID Pool":"cn=GID Pool", pool_attr, 0, &result);
-
- if (LDAP_SUCCESS != rc) {
- DEBUG(0,("ldap_allocate_id: No ID pool found in directory\n"));
- return 0;
- }
-
- count = ldap_count_entries(ldap_state->ldap_struct, result);
-
- if (1 < count) {
- DEBUG(0,("ldap_allocate_id: Multiple UID pools found in directory?\n"));
- break;
- } else if (1 == count) {
- LDAPMessage *entry =
- ldap_first_entry(ldap_state->ldap_struct,
- result);
- LDAPMod **mods = NULL;
- pstring temp;
-
- if (!smb_ldap_get_single_attribute(ldap_state->ldap_struct, entry, is_user?"uidNumber":"gidNumber", temp)) {
- return False;
- }
- ret = atol(temp);
- smb_ldap_make_a_mod(&mods, LDAP_MOD_DELETE,
- is_user?"uidNumber":"gidNumber",
- temp);
- slprintf(temp, sizeof(temp) - 1, "%ld", ret + 1);
- smb_ldap_make_a_mod(&mods, LDAP_MOD_ADD, is_user?"uidNumber":"gidNumber", temp);
- slprintf(temp, sizeof(temp) - 1, "cn=%cID Pool,%s", is_user?'U':'G', lp_ldap_user_suffix());
- rc = smb_ldap_modify(ldap_state, temp, mods);
- ldap_mods_free(mods, 1);
- } else {
- DEBUG(0,("ldap_allocate_id: unexpected number of entries returned\n"));
- break;
- }
- } while (LDAP_NO_SUCH_ATTRIBUTE == rc && ++sanity < 100);
-
- return ret;
-}
-
-/*****************************************************************************
- Initialise idmap database.
-*****************************************************************************/
-static BOOL ldap_idmap_init(void)
-{
- static struct smb_ldap_privates state;
- ldap_state = &state;
-
-#ifdef WITH_LDAP_SAMCONFIG
- {
- int ldap_port = lp_ldap_port();
- char *uri;
- /* remap default port if not using SSL */
- if (lp_ldap_ssl() != LDAP_SSL_ON && ldap_port == 636) {
- ldap_port = 389;
- }
-
- uri = NULL;
-
- asprintf(&uri, "%s://%s:%d",
- lp_ldap_ssl() == LDAP_SSL_ON ? "ldaps" : "ldap",
- lp_ldap_server(), ldap_port);
- ldap_state->uri = uri;
- if (!ldap_state->uri) {
- DEBUG(0,("Out of memory\n"));
- return False;
- }
- }
-#else
- ldap_state->uri = "ldap://localhost";
-#endif
- return True;
-}
-
-static BOOL ldap_get_sid_from_uid(uid_t uid, DOM_SID * sid)
-{
- pstring filter;
- int scope = LDAP_SCOPE_SUBTREE;
- int rc, count;
- LDAPMessage *result;
-
- slprintf(filter, sizeof(filter) - 1, "uidNumber=%i", uid);
-
- DEBUG(2, ("ldap_get_sid_from_uid: searching for:[%s]\n", filter));
-
- rc = smb_ldap_search(ldap_state, lp_ldap_suffix(), scope, filter, attr, 0, &result);
- if (LDAP_SUCCESS != rc) {
- DEBUG(0,("ldap_get_sid_from_uid: user search failed\n"));
- return False;
- }
-
- count = ldap_count_entries(ldap_state->ldap_struct, result);
- if (1 < count) {
- DEBUG(0,("More than one user exists where: %s\n", filter));
- ldap_msgfree(result);
- return False;
- } else if (1 == count) {
- /* we found the user, get the users RID */
- LDAPMessage *entry = ldap_first_entry(ldap_state->ldap_struct,
- result);
- pstring temp, domain;
- uint32 rid;
- struct winbindd_domain *wb_dom;
-
- if (!smb_ldap_get_single_attribute(ldap_state->ldap_struct, entry, "domain", domain)) {
- return False;
- }
- if (!smb_ldap_get_single_attribute(ldap_state->ldap_struct, entry, "rid", temp)) {
- return False;
- }
- rid = (uint32)atol(temp);
- wb_dom = find_domain_from_name(domain);
-
- if (!wb_dom) {
- DEBUG(0,("ldap_get_sid_from_uid: could not find domain %s\n", domain));
- return False;
- }
-
- sid_copy(sid, &wb_dom->sid);
- sid_append_rid(sid, rid);
- } else {
- /* 0 entries? that ain't right */
- DEBUG(0,("ldap_get_sid_from_uid: not user entry found for %s\n", filter));
- }
-
- return True;
-}
-
-static BOOL ldap_get_uid_from_sid(DOM_SID *sid, uid_t *uid)
-{
- pstring filter;
- int scope = LDAP_SCOPE_SUBTREE;
- int rc, count;
- LDAPMessage *result;
- uint32 rid = 0;
- struct winbindd_domain *wb_dom;
- DOM_SID dom_sid;
-
- sid_copy(&dom_sid, sid);
-
- if (!sid_split_rid(&dom_sid, &rid)) {
- DEBUG(0,("ldap_get_uid_from_sid: sid does not contain an rid\n"));
- return False;
- }
-
- if (!(wb_dom = find_domain_from_sid(&dom_sid))) {
- DEBUG(0,("ldap_get_uid_from_sid: cannot lookup domain from sid\n"));
- return False;
- }
-
- slprintf(filter, sizeof(filter) - 1, "rid=%d,domain=%s,objectClass=sambaAccount", rid, wb_dom->name);
-
- DEBUG(2, ("ldap_get_uid_from_sid: searching for:[%s]\n", filter));
-
- rc = smb_ldap_search(ldap_state, lp_ldap_suffix(), scope, filter, attr, 0, &result);
- if (LDAP_NO_SUCH_OBJECT == rc) {
- LDAPMod **mods = NULL;
- pstring temp;
- fstring dom, name;
- int sid_type;
-
- winbindd_lookup_name_by_sid(sid, dom, name,
- (enum SID_USE_TYPE *)&sid_type);
- slprintf(temp, sizeof(temp) - 1, "%i", rid);
- smb_ldap_make_a_mod(&mods, LDAP_MOD_ADD, "rid", temp);
-
- *uid = ldap_allocate_id(True);
- slprintf(temp, sizeof(temp) - 1, "%i", *uid);
- smb_ldap_make_a_mod(&mods, LDAP_MOD_ADD, "uidNumber", temp);
-
- smb_ldap_make_a_mod(&mods, LDAP_MOD_ADD, "uid", name);
- smb_ldap_make_a_mod(&mods, LDAP_MOD_ADD, "objectClass", "sambaAccount");
- smb_ldap_make_a_mod(&mods, LDAP_MOD_ADD, "objectClass", "account");
- slprintf(temp, sizeof(temp) - 1, "uid=%s,%s", name, lp_ldap_user_suffix());
- rc = smb_ldap_modify(ldap_state, temp, mods);
-
- ldap_mods_free(mods, 1);
- if (LDAP_SUCCESS != rc) {
- return False;
- }
- } else if (LDAP_SUCCESS == rc) {
- count = ldap_count_entries(ldap_state->ldap_struct, result);
- if (1 < count) {
- DEBUG(0,("More than one user exists where: %s\n", filter));
- ldap_msgfree(result);
- return False;
- } else if (1 == count) {
- /* we found the user, get the idNumber */
- LDAPMessage *entry = ldap_first_entry(ldap_state->ldap_struct, result);
- pstring temp;
-
- if (!smb_ldap_get_single_attribute(ldap_state->ldap_struct, entry, "uidNumber", temp)) {
- return False;
- }
- *uid = atol(temp);
- } else {
- DEBUG(0,("ldap_get_uid_from_sid: zero entries returned?\n"));
- return False;
- }
- } else {
- DEBUG(0,("ldap_get_uid_from_sid: unknown error querying user info\n"));
- return False;
- }
-
- return True;
-}
-
-static BOOL ldap_get_sid_from_gid(gid_t gid, DOM_SID * sid)
-{
- pstring filter;
- int scope = LDAP_SCOPE_SUBTREE;
- int rc, count;
- LDAPMessage *result;
-
- slprintf(filter, sizeof(filter) - 1, "gidNumber=%i,objectClass=sambaGroupMapping", gid);
-
- DEBUG(2, ("ldap_get_sid_from_gid: searching for:[%s]\n", filter));
-
- rc = smb_ldap_search(ldap_state, lp_ldap_suffix(), scope, filter, attr, 0, &result);
- if (LDAP_SUCCESS != rc) {
- DEBUG(0,("ldap_get_sid_from_gid: user search failed\n"));
- return False;
- }
-
- count = ldap_count_entries(ldap_state->ldap_struct, result);
- if (1 < count) {
- DEBUG(0,("More than one group exists where: %s\n", filter));
- ldap_msgfree(result);
- return False;
- } else if (1 == count) {
- LDAPMessage *entry = ldap_first_entry(ldap_state->ldap_struct,
- result);
- pstring str_sid;
-
- if (!smb_ldap_get_single_attribute(ldap_state->ldap_struct, entry, "ntSid", str_sid)) {
- return False;
- }
-
- string_to_sid(sid, str_sid);
- } else {
- /* 0 entries? that ain't right */
- DEBUG(0,("ldap_get_sid_from_gid: not group entry found for %s\n", filter));
- }
-
- return True;
-}
-
-static BOOL ldap_get_gid_from_sid(DOM_SID *sid, gid_t *gid)
-{
- pstring filter;
- int scope = LDAP_SCOPE_SUBTREE;
- int rc, count;
- LDAPMessage *result;
- fstring str_sid;
-
- sid_to_string(str_sid, sid);
-
- slprintf(filter, sizeof(filter) - 1, "ntSid=%s,objectClass=sambaGroupMapping", str_sid);
-
- DEBUG(2, ("ldap_get_gid_from_sid: searching for:[%s]\n", filter));
-
- rc = smb_ldap_search(ldap_state, lp_ldap_suffix(), scope, filter, attr, 0, &result);
- if (LDAP_NO_SUCH_OBJECT == rc) {
- LDAPMod **mods = NULL;
- pstring temp;
-
- *gid = ldap_allocate_id(False);
- slprintf(temp, sizeof(temp) - 1, "%i", *gid);
- smb_ldap_make_a_mod(&mods, LDAP_MOD_ADD, "gidNumber", temp);
- smb_ldap_make_a_mod(&mods, LDAP_MOD_ADD, "objectClass", "sambaGroupMapping");
- smb_ldap_make_a_mod(&mods, LDAP_MOD_ADD, "objectClass", "account");
- slprintf(temp, sizeof(temp) - 1, "gidNumber=%i,%s", *gid, lp_ldap_user_suffix());
- rc = smb_ldap_modify(ldap_state, temp, mods);
-
- ldap_mods_free(mods, 1);
- if (LDAP_SUCCESS != rc) {
- return False;
- }
- } else if (LDAP_SUCCESS == rc) {
- count = ldap_count_entries(ldap_state->ldap_struct, result);
- if (1 < count) {
- DEBUG(0,("More than one group exists where: %s\n", filter));
- ldap_msgfree(result);
- return False;
- } else if (1 == count) {
- LDAPMessage *entry = ldap_first_entry(ldap_state->ldap_struct, result);
- pstring temp;
-
- if (!smb_ldap_get_single_attribute(ldap_state->ldap_struct, entry, "gidNumber", temp)) {
- return False;
- }
- *gid = atol(temp);
- } else {
- DEBUG(0,("ldap_get_gid_from_sid: zero entries returned?\n"));
- return False;
- }
- } else {
- DEBUG(0,("ldap_get_gid_from_sid: unknown error querying user info\n"));
- return False;
- }
-
- return True;
-}
-
-static BOOL ldap_idmap_close(void)
-{
- smb_ldap_close(ldap_state);
- ldap_state = 0;
- return True;
-}
-
-static void ldap_idmap_status(void)
-{
- DEBUG(0, ("winbindd idmap status:\n"));
- DEBUG(0, ("Using LDAP\n"));
-}
-
-struct winbindd_idmap_methods ldap_idmap_methods = {
- ldap_idmap_init,
-
- ldap_get_sid_from_uid,
- ldap_get_sid_from_gid,
-
- ldap_get_uid_from_sid,
- ldap_get_gid_from_sid,
-
- ldap_idmap_close,
-
- ldap_idmap_status
-};
-
-#endif
-
-BOOL winbind_idmap_reg_ldap(struct winbindd_idmap_methods **meth)
-{
-#ifdef HAVE_LDAP
- *meth = &ldap_idmap_methods;
-
- return True;
-#else
- DEBUG(0,("winbind_idmap_reg_ldap: LDAP support not compiled\n"));
- return False;
-#endif
-}
diff --git a/source3/nsswitch/winbindd_idmap_tdb.c b/source3/nsswitch/winbindd_idmap_tdb.c
deleted file mode 100644
index 12d6972bae..0000000000
--- a/source3/nsswitch/winbindd_idmap_tdb.c
+++ /dev/null
@@ -1,459 +0,0 @@
-/*
- Unix SMB/CIFS implementation.
-
- Winbind daemon - user related function
-
- Copyright (C) Tim Potter 2000
- Copyright (C) Anthony Liguori 2003
-
- This program is free software; you can redistribute it and/or modify
- it under the terms of the GNU General Public License as published by
- the Free Software Foundation; either version 2 of the License, or
- (at your option) any later version.
-
- This program is distributed in the hope that it will be useful,
- but WITHOUT ANY WARRANTY; without even the implied warranty of
- MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
- GNU General Public License for more details.
-
- You should have received a copy of the GNU General Public License
- along with this program; if not, write to the Free Software
- Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
-*/
-
-#include "winbindd.h"
-
-#undef DBGC_CLASS
-#define DBGC_CLASS DBGC_WINBIND
-
-/* High water mark keys */
-#define HWM_GROUP "GROUP HWM"
-#define HWM_USER "USER HWM"
-
-/* idmap version determines auto-conversion */
-#define IDMAP_VERSION 2
-
-/* Globals */
-static TDB_CONTEXT *idmap_tdb;
-
-/* convert one record to the new format */
-static int tdb_convert_fn(TDB_CONTEXT * tdb, TDB_DATA key, TDB_DATA data,
- void *ignored)
-{
- struct winbindd_domain *domain;
- char *p;
- DOM_SID sid;
- uint32 rid;
- fstring keystr;
- fstring dom_name;
- TDB_DATA key2;
-
- p = strchr(key.dptr, '/');
- if (!p)
- return 0;
-
- *p = 0;
- fstrcpy(dom_name, key.dptr);
- *p++ = '/';
-
- domain = find_domain_from_name(dom_name);
- if (!domain) {
- /* We must delete the old record. */
- DEBUG(0,
- ("winbindd: tdb_convert_fn : Unable to find domain %s\n",
- dom_name));
- DEBUG(0,
- ("winbindd: tdb_convert_fn : deleting record %s\n",
- key.dptr));
- tdb_delete(idmap_tdb, key);
- return 0;
- }
-
- rid = atoi(p);
-
- sid_copy(&sid, &domain->sid);
- sid_append_rid(&sid, rid);
-
- sid_to_string(keystr, &sid);
- key2.dptr = keystr;
- key2.dsize = strlen(keystr) + 1;
-
- if (tdb_store(idmap_tdb, key2, data, TDB_INSERT) != 0) {
- /* not good! */
- DEBUG(0,
- ("winbindd: tdb_convert_fn : Unable to update record %s\n",
- key2.dptr));
- DEBUG(0,
- ("winbindd: tdb_convert_fn : conversion failed - idmap corrupt ?\n"));
- return -1;
- }
-
- if (tdb_store(idmap_tdb, data, key2, TDB_REPLACE) != 0) {
- /* not good! */
- DEBUG(0,
- ("winbindd: tdb_convert_fn : Unable to update record %s\n",
- data.dptr));
- DEBUG(0,
- ("winbindd: tdb_convert_fn : conversion failed - idmap corrupt ?\n"));
- return -1;
- }
-
- tdb_delete(idmap_tdb, key);
-
- return 0;
-}
-
-/*****************************************************************************
- Convert the idmap database from an older version.
-*****************************************************************************/
-static BOOL tdb_idmap_convert(void)
-{
- int32 vers = tdb_fetch_int32(idmap_tdb, "IDMAP_VERSION");
- BOOL bigendianheader =
- (idmap_tdb->flags & TDB_BIGENDIAN) ? True : False;
-
- if (vers == IDMAP_VERSION)
- return True;
-
- if (((vers == -1) && bigendianheader)
- || (IREV(vers) == IDMAP_VERSION)) {
- /* Arrggghh ! Bytereversed or old big-endian - make order independent ! */
- /*
- * high and low records were created on a
- * big endian machine and will need byte-reversing.
- */
-
- int32 wm;
-
- wm = tdb_fetch_int32(idmap_tdb, HWM_USER);
-
- if (wm != -1) {
- wm = IREV(wm);
- } else
- wm = server_state.uid_low;
-
- if (tdb_store_int32(idmap_tdb, HWM_USER, wm) == -1) {
- DEBUG(0,
- ("tdb_idmap_convert: Unable to byteswap user hwm in idmap database\n"));
- return False;
- }
-
- wm = tdb_fetch_int32(idmap_tdb, HWM_GROUP);
- if (wm != -1) {
- wm = IREV(wm);
- } else
- wm = server_state.gid_low;
-
- if (tdb_store_int32(idmap_tdb, HWM_GROUP, wm) == -1) {
- DEBUG(0,
- ("tdb_idmap_convert: Unable to byteswap group hwm in idmap database\n"));
- return False;
- }
- }
-
- /* the old format stored as DOMAIN/rid - now we store the SID direct */
- tdb_traverse(idmap_tdb, tdb_convert_fn, NULL);
-
- if (tdb_store_int32(idmap_tdb, "IDMAP_VERSION", IDMAP_VERSION) ==
- -1) {
- DEBUG(0,
- ("tdb_idmap_convert: Unable to byteswap group hwm in idmap database\n"));
- return False;
- }
-
- return True;
-}
-
-/* Allocate either a user or group id from the pool */
-static BOOL tdb_allocate_id(uid_t * id, BOOL isgroup)
-{
- int hwm;
-
- /* Get current high water mark */
- if ((hwm = tdb_fetch_int32(idmap_tdb,
- isgroup ? HWM_GROUP : HWM_USER)) ==
- -1) {
- return False;
- }
-
- /* Return next available uid in list */
- if ((isgroup && (hwm > server_state.gid_high)) ||
- (!isgroup && (hwm > server_state.uid_high))) {
- DEBUG(0,
- ("winbind %sid range full!\n", isgroup ? "g" : "u"));
- return False;
- }
-
- if (id) {
- *id = hwm;
- }
-
- hwm++;
-
- /* Store new high water mark */
- tdb_store_int32(idmap_tdb, isgroup ? HWM_GROUP : HWM_USER, hwm);
-
- return True;
-}
-
-/* Get a sid from an id */
-static BOOL tdb_get_sid_from_id(int id, DOM_SID * sid, BOOL isgroup)
-{
- TDB_DATA key, data;
- fstring keystr;
- BOOL result = False;
-
- slprintf(keystr, sizeof(keystr), "%s %d", isgroup ? "GID" : "UID",
- id);
-
- key.dptr = keystr;
- key.dsize = strlen(keystr) + 1;
-
- data = tdb_fetch(idmap_tdb, key);
-
- if (data.dptr) {
- result = string_to_sid(sid, data.dptr);
- SAFE_FREE(data.dptr);
- }
-
- return result;
-}
-
-/* Get an id from a sid */
-static BOOL tdb_get_id_from_sid(DOM_SID * sid, uid_t * id, BOOL isgroup)
-{
- TDB_DATA data, key;
- fstring keystr;
- BOOL result = False;
-
- /* Check if sid is present in database */
- sid_to_string(keystr, sid);
-
- key.dptr = keystr;
- key.dsize = strlen(keystr) + 1;
-
- data = tdb_fetch(idmap_tdb, key);
-
- if (data.dptr) {
- fstring scanstr;
- int the_id;
-
- /* Parse and return existing uid */
- fstrcpy(scanstr, isgroup ? "GID" : "UID");
- fstrcat(scanstr, " %d");
-
- if (sscanf(data.dptr, scanstr, &the_id) == 1) {
- /* Store uid */
- if (id) {
- *id = the_id;
- }
-
- result = True;
- }
-
- SAFE_FREE(data.dptr);
- } else {
-
- /* Allocate a new id for this sid */
- if (id && tdb_allocate_id(id, isgroup)) {
- fstring keystr2;
-
- /* Store new id */
- slprintf(keystr2, sizeof(keystr2), "%s %d",
- isgroup ? "GID" : "UID", *id);
-
- data.dptr = keystr2;
- data.dsize = strlen(keystr2) + 1;
-
- tdb_store(idmap_tdb, key, data, TDB_REPLACE);
- tdb_store(idmap_tdb, data, key, TDB_REPLACE);
-
- result = True;
- }
- }
-
- return result;
-}
-
-/*****************************************************************************
- Initialise idmap database.
-*****************************************************************************/
-static BOOL tdb_idmap_init(void)
-{
- SMB_STRUCT_STAT stbuf;
-
- /* move to the new database on first startup */
- if (!file_exist(lock_path("idmap.tdb"), &stbuf)) {
- if (file_exist(lock_path("winbindd_idmap.tdb"), &stbuf)) {
- char *cmd = NULL;
-
- /* lazy file copy */
- if (asprintf(&cmd, "cp -p %s/winbindd_idmap.tdb %s/idmap.tdb", lp_lockdir(), lp_lockdir()) != -1) {
- system(cmd);
- free(cmd);
- }
- if (!file_exist(lock_path("idmap.tdb"), &stbuf)) {
- DEBUG(0, ("idmap_init: Unable to make a new database copy\n"));
- return False;
- }
- }
- }
-
- /* Open tdb cache */
- if (!(idmap_tdb = tdb_open_log(lock_path("idmap.tdb"), 0,
- TDB_DEFAULT, O_RDWR | O_CREAT,
- 0600))) {
- DEBUG(0,
- ("winbindd_idmap_init: Unable to open idmap database\n"));
- return False;
- }
-
- /* possibly convert from an earlier version */
- if (!tdb_idmap_convert()) {
- DEBUG(0, ("winbindd_idmap_init: Unable to open idmap database\n"));
- return False;
- }
-
- /* Create high water marks for group and user id */
- if (tdb_fetch_int32(idmap_tdb, HWM_USER) == -1) {
- if (tdb_store_int32
- (idmap_tdb, HWM_USER, server_state.uid_low) == -1) {
- DEBUG(0,
- ("winbindd_idmap_init: Unable to initialise user hwm in idmap database\n"));
- return False;
- }
- }
-
- if (tdb_fetch_int32(idmap_tdb, HWM_GROUP) == -1) {
- if (tdb_store_int32
- (idmap_tdb, HWM_GROUP, server_state.gid_low) == -1) {
- DEBUG(0,
- ("winbindd_idmap_init: Unable to initialise group hwm in idmap database\n"));
- return False;
- }
- }
-
- return True;
-}
-
-/* Get a sid from a uid */
-static BOOL tdb_get_sid_from_uid(uid_t uid, DOM_SID * sid)
-{
- return tdb_get_sid_from_id((int) uid, sid, False);
-}
-
-/* Get a sid from a gid */
-static BOOL tdb_get_sid_from_gid(gid_t gid, DOM_SID * sid)
-{
- return tdb_get_sid_from_id((int) gid, sid, True);
-}
-
-/* Get a uid from a sid */
-static BOOL tdb_get_uid_from_sid(DOM_SID * sid, uid_t * uid)
-{
- return tdb_get_id_from_sid(sid, uid, False);
-}
-
-/* Get a gid from a group sid */
-static BOOL tdb_get_gid_from_sid(DOM_SID * sid, gid_t * gid)
-{
- return tdb_get_id_from_sid(sid, gid, True);
-}
-
-/* Close the tdb */
-static BOOL tdb_idmap_close(void)
-{
- if (idmap_tdb)
- return (tdb_close(idmap_tdb) == 0);
- return True;
-}
-
-
-/* Dump status information to log file. Display different stuff based on
- the debug level:
-
- Debug Level Information Displayed
- =================================================================
- 0 Percentage of [ug]id range allocated
- 0 High water marks (next allocated ids)
-*/
-
-#define DUMP_INFO 0
-
-static void tdb_idmap_status(void)
-{
- int user_hwm, group_hwm;
-
- DEBUG(0, ("winbindd idmap status:\n"));
-
- /* Get current high water marks */
-
- if ((user_hwm = tdb_fetch_int32(idmap_tdb, HWM_USER)) == -1) {
- DEBUG(DUMP_INFO,
- ("\tCould not get userid high water mark!\n"));
- }
-
- if ((group_hwm = tdb_fetch_int32(idmap_tdb, HWM_GROUP)) == -1) {
- DEBUG(DUMP_INFO,
- ("\tCould not get groupid high water mark!\n"));
- }
-
- /* Display next ids to allocate */
-
- if (user_hwm != -1) {
- DEBUG(DUMP_INFO,
- ("\tNext userid to allocate is %d\n", user_hwm));
- }
-
- if (group_hwm != -1) {
- DEBUG(DUMP_INFO,
- ("\tNext groupid to allocate is %d\n", group_hwm));
- }
-
- /* Display percentage of id range already allocated. */
-
- if (user_hwm != -1) {
- int num_users = user_hwm - server_state.uid_low;
- int total_users =
- server_state.uid_high - server_state.uid_low;
-
- DEBUG(DUMP_INFO,
- ("\tUser id range is %d%% full (%d of %d)\n",
- num_users * 100 / total_users, num_users,
- total_users));
- }
-
- if (group_hwm != -1) {
- int num_groups = group_hwm - server_state.gid_low;
- int total_groups =
- server_state.gid_high - server_state.gid_low;
-
- DEBUG(DUMP_INFO,
- ("\tGroup id range is %d%% full (%d of %d)\n",
- num_groups * 100 / total_groups, num_groups,
- total_groups));
- }
-
- /* Display complete mapping of users and groups to rids */
-}
-
-struct winbindd_idmap_methods tdb_idmap_methods = {
- tdb_idmap_init,
-
- tdb_get_sid_from_uid,
- tdb_get_sid_from_gid,
-
- tdb_get_uid_from_sid,
- tdb_get_gid_from_sid,
-
- tdb_idmap_close,
-
- tdb_idmap_status
-};
-
-BOOL winbind_idmap_reg_tdb(struct winbindd_idmap_methods **meth)
-{
- *meth = &tdb_idmap_methods;
-
- return True;
-}
diff --git a/source3/nsswitch/winbindd_sid.c b/source3/nsswitch/winbindd_sid.c
index 6ab2eaa646..f01f20bb34 100644
--- a/source3/nsswitch/winbindd_sid.c
+++ b/source3/nsswitch/winbindd_sid.c
@@ -122,6 +122,8 @@ enum winbindd_result winbindd_lookupname(struct winbindd_cli_state *state)
enum winbindd_result winbindd_sid_to_uid(struct winbindd_cli_state *state)
{
DOM_SID sid;
+ unid_t id;
+ int id_type;
/* Ensure null termination */
state->request.data.sid[sizeof(state->request.data.sid)-1]='\0';
@@ -137,11 +139,13 @@ enum winbindd_result winbindd_sid_to_uid(struct winbindd_cli_state *state)
}
/* Find uid for this sid and return it */
- if (!winbindd_idmap_get_uid_from_sid(&sid, &state->response.data.uid)) {
+ id_type = ID_USERID;
+ if (NT_STATUS_IS_ERR(idmap_get_id_from_sid(&id, &id_type, &sid))) {
DEBUG(1, ("Could not get uid for sid %s\n",
state->request.data.sid));
return WINBINDD_ERROR;
}
+ state->response.data.uid = id.uid;
return WINBINDD_OK;
}
@@ -152,6 +156,8 @@ enum winbindd_result winbindd_sid_to_uid(struct winbindd_cli_state *state)
enum winbindd_result winbindd_sid_to_gid(struct winbindd_cli_state *state)
{
DOM_SID sid;
+ unid_t id;
+ int id_type;
/* Ensure null termination */
state->request.data.sid[sizeof(state->request.data.sid)-1]='\0';
@@ -166,11 +172,13 @@ enum winbindd_result winbindd_sid_to_gid(struct winbindd_cli_state *state)
}
/* Find gid for this sid and return it */
- if (!winbindd_idmap_get_gid_from_sid(&sid, &state->response.data.gid)) {
+ id_type = ID_GROUPID;
+ if (NT_STATUS_IS_ERR(idmap_get_id_from_sid(&id, &id_type, &sid))) {
DEBUG(1, ("Could not get gid for sid %s\n",
state->request.data.sid));
return WINBINDD_ERROR;
}
+ state->response.data.gid = id.gid;
return WINBINDD_OK;
}
@@ -180,6 +188,7 @@ enum winbindd_result winbindd_sid_to_gid(struct winbindd_cli_state *state)
enum winbindd_result winbindd_uid_to_sid(struct winbindd_cli_state *state)
{
DOM_SID sid;
+ unid_t id;
/* Bug out if the uid isn't in the winbind range */
@@ -192,7 +201,8 @@ enum winbindd_result winbindd_uid_to_sid(struct winbindd_cli_state *state)
state->request.data.uid));
/* Lookup rid for this uid */
- if (!winbindd_idmap_get_sid_from_uid(state->request.data.uid, &sid)) {
+ id.uid = state->request.data.uid;
+ if (NT_STATUS_IS_ERR(idmap_get_sid_from_id(&sid, id, ID_USERID))) {
DEBUG(1, ("Could not convert uid %d to rid\n",
state->request.data.uid));
return WINBINDD_ERROR;
@@ -209,6 +219,7 @@ enum winbindd_result winbindd_uid_to_sid(struct winbindd_cli_state *state)
enum winbindd_result winbindd_gid_to_sid(struct winbindd_cli_state *state)
{
DOM_SID sid;
+ unid_t id;
/* Bug out if the gid isn't in the winbind range */
@@ -221,7 +232,8 @@ enum winbindd_result winbindd_gid_to_sid(struct winbindd_cli_state *state)
state->request.data.gid));
/* Lookup sid for this uid */
- if (!winbindd_idmap_get_sid_from_gid(state->request.data.gid, &sid)) {
+ id.gid = state->request.data.gid;
+ if (NT_STATUS_IS_ERR(idmap_get_sid_from_id(&sid, id, ID_GROUPID))) {
DEBUG(1, ("Could not convert gid %d to sid\n",
state->request.data.gid));
return WINBINDD_ERROR;
diff --git a/source3/nsswitch/winbindd_user.c b/source3/nsswitch/winbindd_user.c
index d2bd231918..dd66275390 100644
--- a/source3/nsswitch/winbindd_user.c
+++ b/source3/nsswitch/winbindd_user.c
@@ -36,25 +36,29 @@ static BOOL winbindd_fill_pwent(char *dom_name, char *user_name,
fstring output_username;
pstring homedir;
fstring sid_string;
+ unid_t id;
+ int id_type;
if (!pw || !dom_name || !user_name)
return False;
/* Resolve the uid number */
-
- if (!winbindd_idmap_get_uid_from_sid(user_sid,
- &pw->pw_uid)) {
+
+ id_type = ID_USERID;
+ if (NT_STATUS_IS_ERR(idmap_get_id_from_sid(&id, &id_type, user_sid))) {
DEBUG(1, ("error getting user id for sid %s\n", sid_to_string(sid_string, user_sid)));
return False;
}
+ pw->pw_uid = id.uid;
/* Resolve the gid number */
-
- if (!winbindd_idmap_get_gid_from_sid(group_sid,
- &pw->pw_gid)) {
+
+ id_type = ID_GROUPID;
+ if (NT_STATUS_IS_ERR(idmap_get_id_from_sid(&id, &id_type, group_sid))) {
DEBUG(1, ("error getting group id for sid %s\n", sid_to_string(sid_string, group_sid)));
return False;
}
+ pw->pw_gid = id.gid;
/* Username */
@@ -178,9 +182,10 @@ enum winbindd_result winbindd_getpwuid(struct winbindd_cli_state *state)
fstring user_name;
enum SID_NAME_USE name_type;
WINBIND_USERINFO user_info;
- gid_t gid;
TALLOC_CTX *mem_ctx;
NTSTATUS status;
+ unid_t id;
+ int id_type;
/* Bug out if the uid isn't in the winbind range */
@@ -193,8 +198,8 @@ enum winbindd_result winbindd_getpwuid(struct winbindd_cli_state *state)
/* Get rid from uid */
- if (!winbindd_idmap_get_sid_from_uid(state->request.data.uid,
- &user_sid)) {
+ id.uid = state->request.data.uid;
+ if (NT_STATUS_IS_ERR(idmap_get_sid_from_id(&user_sid, id, ID_USERID))) {
DEBUG(1, ("could not convert uid %d to SID\n",
state->request.data.uid));
return WINBINDD_ERROR;
@@ -236,9 +241,10 @@ enum winbindd_result winbindd_getpwuid(struct winbindd_cli_state *state)
return WINBINDD_ERROR;
}
- /* Resolve gid number */
+ /* Check group has a gid number */
- if (!winbindd_idmap_get_gid_from_sid(user_info.group_sid, &gid)) {
+ id_type = ID_GROUPID;
+ if (NT_STATUS_IS_ERR(idmap_get_id_from_sid(&id, &id_type, user_info.group_sid))) {
DEBUG(1, ("error getting group id for user %s\n", user_name));
talloc_destroy(mem_ctx);
return WINBINDD_ERROR;
diff --git a/source3/sam/idmap.c b/source3/sam/idmap.c
index c2b966cfbe..45a1d324b1 100644
--- a/source3/sam/idmap.c
+++ b/source3/sam/idmap.c
@@ -32,10 +32,7 @@ static struct {
struct idmap_methods *methods;
} remote_idmap_functions[] = {
-
- { "winbind", idmap_reg_winbind, NULL },
{ NULL, NULL, NULL }
-
};
static struct idmap_methods *local_map;
@@ -63,8 +60,10 @@ static struct idmap_methods *get_methods(const char *name)
}
/* Initialize backend */
-BOOL idmap_init(const char *remote_backend)
+BOOL idmap_init(void)
{
+ const char *remote_backend = lp_idmap_backend();
+
if (!local_map) {
idmap_reg_tdb(&local_map);
if (NT_STATUS_IS_ERR(local_map->init())) {
diff --git a/source3/sam/idmap_winbind.c b/source3/sam/idmap_winbind.c
deleted file mode 100644
index d89c9e7bac..0000000000
--- a/source3/sam/idmap_winbind.c
+++ /dev/null
@@ -1,155 +0,0 @@
-/*
- Unix SMB/CIFS implementation.
-
- idmap Winbind backend
-
- Copyright (C) Simo Sorce 2003
-
- This program is free software; you can redistribute it and/or modify
- it under the terms of the GNU General Public License as published by
- the Free Software Foundation; either version 2 of the License, or
- (at your option) any later version.
-
- This program is distributed in the hope that it will be useful,
- but WITHOUT ANY WARRANTY; without even the implied warranty of
- MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
- GNU General Public License for more details.
-
- You should have received a copy of the GNU General Public License
- along with this program; if not, write to the Free Software
- Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
-*/
-
-#include "includes.h"
-#include "nsswitch/winbind_nss.h"
-
-#undef DBGC_CLASS
-#define DBGC_CLASS DBGC_IDMAP
-
-extern DOM_SID global_sid_NULL; /* NULL sid */
-
-NSS_STATUS winbindd_request(int req_type,
- struct winbindd_request *request,
- struct winbindd_response *response);
-
-/* Get a sid from an id */
-static NTSTATUS db_get_sid_from_id(DOM_SID *sid, unid_t id, int id_type)
-{
- struct winbindd_request request;
- struct winbindd_response response;
- int result, operation;
-
- ZERO_STRUCT(request);
- ZERO_STRUCT(response);
-
- switch (id_type & ID_TYPEMASK) {
- case ID_USERID:
- request.data.uid = id.uid;
- operation = WINBINDD_UID_TO_SID;
- break;
- case ID_GROUPID:
- request.data.gid = id.gid;
- operation = WINBINDD_GID_TO_SID;
- break;
- default:
- return NT_STATUS_INVALID_PARAMETER;
- }
-
- /* Make The Request */
- result = winbindd_request(operation, &request, &response);
- if (result == NSS_STATUS_SUCCESS) {
- if (!string_to_sid(sid, response.data.sid.sid)) {
- return NT_STATUS_INVALID_SID;
- }
- return NT_STATUS_OK;
- } else {
- sid_copy(sid, &global_sid_NULL);
- }
-
- return NT_STATUS_UNSUCCESSFUL;
-}
-
-/* Get an id from a sid */
-static NTSTATUS db_get_id_from_sid(unid_t *id, int *id_type, const DOM_SID *sid)
-{
- struct winbindd_request request;
- struct winbindd_response response;
- int result, operation;
- fstring sid_str;
-
- if (!id || !id_type) {
- return NT_STATUS_INVALID_PARAMETER;
- }
-
- /* setup request */
-
- ZERO_STRUCT(request);
- ZERO_STRUCT(response);
-
- switch (*id_type & ID_TYPEMASK) {
- case ID_USERID:
- operation = WINBINDD_SID_TO_UID;
- break;
- case ID_GROUPID:
- operation = WINBINDD_SID_TO_GID;
- break;
- default:
- return NT_STATUS_INVALID_PARAMETER;
- }
-
- sid_to_string(sid_str, sid);
- fstrcpy(request.data.sid, sid_str);
-
- /* Make The Request */
- result = winbindd_request(operation, &request, &response);
-
- if (result == NSS_STATUS_SUCCESS) {
- if (operation == WINBINDD_SID_TO_UID) {
- (*id).uid = response.data.uid;
- } else {
- (*id).gid = response.data.gid;
- }
- return NT_STATUS_OK;
- }
-
- return NT_STATUS_UNSUCCESSFUL;
-}
-
-static NTSTATUS db_set_mapping(DOM_SID *sid, unid_t id, int id_type) {
- return NT_STATUS_UNSUCCESSFUL;
-}
-
-/*****************************************************************************
- Initialise idmap database.
-*****************************************************************************/
-static NTSTATUS db_init(void) {
- return NT_STATUS_OK;
-}
-
-/* Close the tdb */
-static NTSTATUS db_close(void) {
- return NT_STATUS_OK;
-}
-
-static void db_status(void) {
- return;
-}
-
-struct idmap_methods winbind_methods = {
-
- db_init,
- db_get_sid_from_id,
- db_get_id_from_sid,
- db_set_mapping,
- db_close,
- db_status
-
-};
-
-NTSTATUS idmap_reg_winbind(struct idmap_methods **meth)
-{
- *meth = &winbind_methods;
-
- return NT_STATUS_OK;
-}
-
diff --git a/source3/smbd/server.c b/source3/smbd/server.c
index 8ce20c87a4..b1b9192c09 100644
--- a/source3/smbd/server.c
+++ b/source3/smbd/server.c
@@ -833,7 +833,7 @@ static BOOL init_structs(void )
if (!init_registry())
exit(1);
- if (!idmap_init(lp_idmap_backend()))
+ if (!idmap_init())
exit(1);
if(!initialize_password_db(False))
generated by cgit (git 2.34.1) at 2024-07-28 03:27:39 +0000