1 files changed, 306 insertions, 17 deletions
diff --git a/source3/nsswitch/wb_client.c b/source3/nsswitch/wb_client.c
index 996d15180d..7c5a8dd054 100644
--- a/source3/nsswitch/wb_client.c
+++ b/source3/nsswitch/wb_client.c
@@ -269,11 +269,8 @@ static int wb_getgroups(const char *user, gid_t **groups)
    time consuming.  If size is zero, list is not modified and the total
    number of groups for the user is returned. */
 
-int winbind_getgroups(const char *user, int size, gid_t *list)
+int winbind_getgroups(const char *user, gid_t **list)
 {
-	gid_t *groups = NULL;
-	int result, i;
-
 	/*
 	 * Don't do the lookup if the name has no separator _and_ we are not in
 	 * 'winbind use default domain' mode.
@@ -284,24 +281,316 @@ int winbind_getgroups(const char *user, int size, gid_t *list)
 
 	/* Fetch list of groups */
 
-	result = wb_getgroups(user, &groups);
+	return wb_getgroups(user, list);
+}
+
+/**********************************************************************
+ simple wrapper function to see if winbindd is alive
+**********************************************************************/
+
+BOOL winbind_ping( void )
+{
+	NSS_STATUS result;
+
+	result = winbindd_request(WINBINDD_PING, NULL, NULL);
+
+	return result == NSS_STATUS_SUCCESS;
+}
+
+/**********************************************************************
+ Ask winbindd to create a local user
+**********************************************************************/
+
+BOOL winbind_create_user( const char *name, uint32 *rid )
+{
+	struct winbindd_request request;
+	struct winbindd_response response;
+	NSS_STATUS result;
+	
+	if ( !lp_winbind_enable_local_accounts() )
+		return False;
+	
+	if ( !name )
+		return False;
+		
+	DEBUG(10,("winbind_create_user: %s\n", name));
+	
+	ZERO_STRUCT(request);
+	ZERO_STRUCT(response);
+	
+	/* see if the caller wants a new RID returned */
+	
+	if ( rid ) 
+		request.flags = WBFLAG_ALLOCATE_RID;
+
+	fstrcpy( request.data.acct_mgt.username, name );
+	fstrcpy( request.data.acct_mgt.groupname, "" );
+	
+	result = winbindd_request( WINBINDD_CREATE_USER, &request, &response);
+	
+	if ( rid )
+		*rid = response.data.rid;
+	
+	return result == NSS_STATUS_SUCCESS;
+}
+
+/**********************************************************************
+ Ask winbindd to create a local group
+**********************************************************************/
+
+BOOL winbind_create_group( const char *name, uint32 *rid )
+{
+	struct winbindd_request request;
+	struct winbindd_response response;
+	NSS_STATUS result;
+	
+	if ( !lp_winbind_enable_local_accounts() )
+		return False;
+		
+	if ( !name )
+		return False;
+		
+	DEBUG(10,("winbind_create_group: %s\n", name));
+
+	ZERO_STRUCT(request);
+	ZERO_STRUCT(response);
+	
+	/* see if the caller wants a new RID returned */
+	
+	if ( rid ) 
+		request.flags = WBFLAG_ALLOCATE_RID;
+		
+	fstrcpy( request.data.acct_mgt.groupname, name );
+	
+	
+	result = winbindd_request( WINBINDD_CREATE_GROUP, &request, &response);
+	
+	if ( rid )
+		*rid = response.data.rid;
+	
+	return result == NSS_STATUS_SUCCESS;
+}
+
+/**********************************************************************
+ Ask winbindd to add a user to a local group
+**********************************************************************/
+
+BOOL winbind_add_user_to_group( const char *user, const char *group )
+{
+	struct winbindd_request request;
+	struct winbindd_response response;
+	NSS_STATUS result;
+	
+	if ( !lp_winbind_enable_local_accounts() )
+		return False;
+		
+	if ( !user || !group )
+		return False;
+		
+	ZERO_STRUCT(request);
+	ZERO_STRUCT(response);
+	
+	DEBUG(10,("winbind_add_user_to_group: user(%s), group(%s) \n", 
+		user, group));
+		
+	fstrcpy( request.data.acct_mgt.username, user );
+	fstrcpy( request.data.acct_mgt.groupname, group );
+	
+	result = winbindd_request( WINBINDD_ADD_USER_TO_GROUP, &request, &response);
+	
+	return result == NSS_STATUS_SUCCESS;
+}
+
+/**********************************************************************
+ Ask winbindd to remove a user to a local group
+**********************************************************************/
+
+BOOL winbind_remove_user_from_group( const char *user, const char *group )
+{
+	struct winbindd_request request;
+	struct winbindd_response response;
+	NSS_STATUS result;
+	
+	if ( !lp_winbind_enable_local_accounts() )
+		return False;
+		
+	if ( !user || !group )
+		return False;
+		
+	ZERO_STRUCT(request);
+	ZERO_STRUCT(response);
+	
+	DEBUG(10,("winbind_remove_user_from_group: user(%s), group(%s) \n", 
+		user, group));
+		
+	ZERO_STRUCT(response);
+	
+	result = winbindd_request( WINBINDD_REMOVE_USER_FROM_GROUP, &request, &response);
+	
+	return result == NSS_STATUS_SUCCESS;
+}
+
+/**********************************************************************
+ Ask winbindd to set the primary group for a user local user
+**********************************************************************/
+
+BOOL winbind_set_user_primary_group( const char *user, const char *group )
+{
+	struct winbindd_request request;
+	struct winbindd_response response;
+	NSS_STATUS result;
+	
+	if ( !lp_winbind_enable_local_accounts() )
+		return False;
+		
+	if ( !user || !group )
+		return False;
+		
+	ZERO_STRUCT(request);
+	ZERO_STRUCT(response);
+	
+	DEBUG(10,("winbind_set_user_primary_group: user(%s), group(%s) \n", 
+		user, group));
+
+	fstrcpy( request.data.acct_mgt.username, user );
+	fstrcpy( request.data.acct_mgt.groupname, group );
+	
+	result = winbindd_request( WINBINDD_SET_USER_PRIMARY_GROUP, &request, &response);
+	
+	return result == NSS_STATUS_SUCCESS;
+}
+
+
+/**********************************************************************
+ Ask winbindd to remove a user from its lists of accounts
+**********************************************************************/
+
+BOOL winbind_delete_user( const char *user )
+{
+	struct winbindd_request request;
+	struct winbindd_response response;
+	NSS_STATUS result;
+	
+	if ( !lp_winbind_enable_local_accounts() )
+		return False;
+		
+	if ( !user )
+		return False;
+		
+	ZERO_STRUCT(request);
+	ZERO_STRUCT(response);
+	
+	DEBUG(10,("winbind_delete_user: user (%s)\n", user));
+
+	fstrcpy( request.data.acct_mgt.username, user );
+	
+	result = winbindd_request( WINBINDD_DELETE_USER, &request, &response);
+	
+	return result == NSS_STATUS_SUCCESS;
+}
+
+/**********************************************************************
+ Ask winbindd to remove a group from its lists of accounts
+**********************************************************************/
+
+BOOL winbind_delete_group( const char *group )
+{
+	struct winbindd_request request;
+	struct winbindd_response response;
+	NSS_STATUS result;
+	
+	if ( !lp_winbind_enable_local_accounts() )
+		return False;
+		
+	if ( !group )
+		return False;
+		
+	ZERO_STRUCT(request);
+	ZERO_STRUCT(response);
+	
+	DEBUG(10,("winbind_delete_group: group (%s)\n", group));
+
+	fstrcpy( request.data.acct_mgt.groupname, group );
+	
+	result = winbindd_request( WINBINDD_DELETE_GROUP, &request, &response);
+	
+	return result == NSS_STATUS_SUCCESS;
+}
+
+/***********************************************************************/
+#if 0	/* not needed currently since winbindd_acct was added -- jerry */
+
+/* Call winbindd to convert SID to uid. Do not allocate */
+
+BOOL winbind_sid_to_uid_query(uid_t *puid, const DOM_SID *sid)
+{
+	struct winbindd_request request;
+	struct winbindd_response response;
+	int result;
+	fstring sid_str;
+
+	if (!puid)
+		return False;
+
+	/* Initialise request */
+
+	ZERO_STRUCT(request);
+	ZERO_STRUCT(response);
 
-	if (size == 0)
-		goto done;
+	sid_to_string(sid_str, sid);
+	fstrcpy(request.data.sid, sid_str);
+
+	request.flags = WBFLAG_QUERY_ONLY;
+	
+	/* Make request */
 
-	if (result > size) {
-		result = -1;
-		errno = EINVAL; /* This is what getgroups() does */
-		goto done;
+	result = winbindd_request(WINBINDD_SID_TO_UID, &request, &response);
+
+	/* Copy out result */
+
+	if (result == NSS_STATUS_SUCCESS) {
+		*puid = response.data.uid;
 	}
 
-	/* Copy list of groups across */
+	return (result == NSS_STATUS_SUCCESS);
+}
+
+/* Call winbindd to convert SID to gid.  Do not allocate */
 
-	for (i = 0; i < result; i++) {
-		list[i] = groups[i];
+BOOL winbind_sid_to_gid_query(gid_t *pgid, const DOM_SID *sid)
+{
+	struct winbindd_request request;
+	struct winbindd_response response;
+	int result;
+	fstring sid_str;
+
+	if (!pgid)
+		return False;
+
+	/* Initialise request */
+
+	ZERO_STRUCT(request);
+	ZERO_STRUCT(response);
+
+	sid_to_string(sid_str, sid);
+	fstrcpy(request.data.sid, sid_str);
+	
+	request.flags = WBFLAG_QUERY_ONLY;
+
+	/* Make request */
+
+	result = winbindd_request(WINBINDD_SID_TO_GID, &request, &response);
+
+	/* Copy out result */
+
+	if (result == NSS_STATUS_SUCCESS) {
+		*pgid = response.data.gid;
 	}
 
- done:
-	SAFE_FREE(groups);
-	return result;
+	return (result == NSS_STATUS_SUCCESS);
 }
+
+#endif 	/* JERRY */
+
+/***********************************************************************/
+