diff options
Diffstat (limited to 'source3')
-rw-r--r-- | source3/Makefile.in | 2 | ||||
-rw-r--r-- | source3/lib/smbldap.c | 6 | ||||
-rw-r--r-- | source3/passdb/pdb_ldap.c | 99 | ||||
-rw-r--r-- | source3/passdb/pdb_ldap.h | 1 | ||||
-rw-r--r-- | source3/passdb/pdb_ldap_schema.c | 55 | ||||
-rw-r--r-- | source3/passdb/pdb_ldap_schema.h | 10 | ||||
-rw-r--r-- | source3/passdb/pdb_nds.c | 20 |
7 files changed, 6 insertions, 187 deletions
diff --git a/source3/Makefile.in b/source3/Makefile.in index fb3fcfcad5..3b59a28343 100644 --- a/source3/Makefile.in +++ b/source3/Makefile.in @@ -3098,8 +3098,6 @@ installmodules:: modules installdirs @$(SHELL) $(srcdir)/script/installmodules.sh $(INSTALLPERMS_BIN) $(DESTDIR) $(prefix) $(GPEXTLIBDIR) $(GPEXT_MODULES) @$(SHELL) $(srcdir)/script/installmodules.sh $(INSTALLPERMS_BIN) $(DESTDIR) $(prefix) $(PERFCOUNTLIBDIR) $(PERFCOUNT_MODULES) @$(SHELL) $(srcdir)/script/linkmodules.sh $(DESTDIR)$(PDBLIBDIR) ldapsam.@SHLIBEXT@ NDS_ldapsam.@SHLIBEXT@ - @$(SHELL) $(srcdir)/script/linkmodules.sh $(DESTDIR)$(PDBLIBDIR) ldapsam.@SHLIBEXT@ NDS_ldapsam_compat.@SHLIBEXT@ - @$(SHELL) $(srcdir)/script/linkmodules.sh $(DESTDIR)$(PDBLIBDIR) ldapsam.@SHLIBEXT@ ldapsam_compat.@SHLIBEXT@ @$(SHELL) $(srcdir)/script/linkmodules.sh $(DESTDIR)$(AUTHLIBDIR) rhosts.@SHLIBEXT@ hostsequiv.@SHLIBEXT@ @$(SHELL) $(srcdir)/script/linkmodules.sh $(DESTDIR)$(AUTHLIBDIR) sam.@SHLIBEXT@ sam_ignoredomain.@SHLIBEXT@ @$(SHELL) $(srcdir)/script/linkmodules.sh $(DESTDIR)$(AUTHLIBDIR) domain.@SHLIBEXT@ trustdomain.@SHLIBEXT@ ntdomain.@SHLIBEXT@ diff --git a/source3/lib/smbldap.c b/source3/lib/smbldap.c index 43ddaff53a..81276936e6 100644 --- a/source3/lib/smbldap.c +++ b/source3/lib/smbldap.c @@ -411,12 +411,6 @@ static void smbldap_make_mod_internal(LDAP *ldap_struct, LDAPMessage *existing, bool existed; DATA_BLOB oldblob = data_blob_null; - if (attribute == NULL) { - /* This can actually happen for ldapsam_compat where we for - * example don't have a password history */ - return; - } - if (existing != NULL) { if (op & LDAP_MOD_BVALUES) { existed = smbldap_talloc_single_blob(talloc_tos(), ldap_struct, existing, attribute, &oldblob); diff --git a/source3/passdb/pdb_ldap.c b/source3/passdb/pdb_ldap.c index 1ebfa15029..8c29612be3 100644 --- a/source3/passdb/pdb_ldap.c +++ b/source3/passdb/pdb_ldap.c @@ -83,9 +83,6 @@ LDAP *priv2ld(struct ldapsam_privates *priv) static const char* get_userattr_key2string( int schema_ver, int key ) { switch ( schema_ver ) { - case SCHEMAVER_SAMBAACCOUNT: - return get_attr_key2string( attrib_map_v22, key ); - case SCHEMAVER_SAMBASAMACCOUNT: return get_attr_key2string( attrib_map_v30, key ); @@ -103,9 +100,6 @@ static const char* get_userattr_key2string( int schema_ver, int key ) const char** get_userattr_list( TALLOC_CTX *mem_ctx, int schema_ver ) { switch ( schema_ver ) { - case SCHEMAVER_SAMBAACCOUNT: - return get_attr_list( mem_ctx, attrib_map_v22 ); - case SCHEMAVER_SAMBASAMACCOUNT: return get_attr_list( mem_ctx, attrib_map_v30 ); default: @@ -124,10 +118,6 @@ static const char** get_userattr_delete_list( TALLOC_CTX *mem_ctx, int schema_ver ) { switch ( schema_ver ) { - case SCHEMAVER_SAMBAACCOUNT: - return get_attr_list( mem_ctx, - attrib_map_to_delete_v22 ); - case SCHEMAVER_SAMBASAMACCOUNT: return get_attr_list( mem_ctx, attrib_map_to_delete_v30 ); @@ -151,9 +141,6 @@ static const char* get_objclass_filter( int schema_ver ) char *result; switch( schema_ver ) { - case SCHEMAVER_SAMBAACCOUNT: - fstr_sprintf( objclass_filter, "(objectclass=%s)", LDAP_OBJ_SAMBAACCOUNT ); - break; case SCHEMAVER_SAMBASAMACCOUNT: fstr_sprintf( objclass_filter, "(objectclass=%s)", LDAP_OBJ_SAMBASAMACCOUNT ); break; @@ -1179,23 +1166,6 @@ static bool init_ldap_from_sam (struct ldapsam_privates *ldap_state, const struct dom_sid *user_sid = pdb_get_user_sid(sampass); switch ( ldap_state->schema_ver ) { - case SCHEMAVER_SAMBAACCOUNT: - if (!sid_peek_check_rid(&ldap_state->domain_sid, user_sid, &rid)) { - DEBUG(1, ("init_ldap_from_sam: User's SID (%s) is not for this domain (%s), cannot add to LDAP!\n", - sid_string_dbg(user_sid), - sid_string_dbg( - &ldap_state->domain_sid))); - return False; - } - if (asprintf(&temp, "%i", rid) < 0) { - return false; - } - smbldap_make_mod(ldap_state->smbldap_state->ldap_struct, existing, mods, - get_userattr_key2string(ldap_state->schema_ver, LDAP_ATTR_USER_RID), - temp); - SAFE_FREE(temp); - break; - case SCHEMAVER_SAMBASAMACCOUNT: smbldap_make_mod(ldap_state->smbldap_state->ldap_struct, existing, mods, get_userattr_key2string(ldap_state->schema_ver, LDAP_ATTR_USER_SID), @@ -1216,24 +1186,6 @@ static bool init_ldap_from_sam (struct ldapsam_privates *ldap_state, const struct dom_sid *group_sid = pdb_get_group_sid(sampass); switch ( ldap_state->schema_ver ) { - case SCHEMAVER_SAMBAACCOUNT: - if (!sid_peek_check_rid(&ldap_state->domain_sid, group_sid, &rid)) { - DEBUG(1, ("init_ldap_from_sam: User's Primary Group SID (%s) is not for this domain (%s), cannot add to LDAP!\n", - sid_string_dbg(group_sid), - sid_string_dbg( - &ldap_state->domain_sid))); - return False; - } - - if (asprintf(&temp, "%i", rid) < 0) { - return false; - } - smbldap_make_mod(ldap_state->smbldap_state->ldap_struct, existing, mods, - get_userattr_key2string(ldap_state->schema_ver, - LDAP_ATTR_PRIMARY_GROUP_RID), temp); - SAFE_FREE(temp); - break; - case SCHEMAVER_SAMBASAMACCOUNT: smbldap_make_mod(ldap_state->smbldap_state->ldap_struct, existing, mods, get_userattr_key2string(ldap_state->schema_ver, @@ -1620,18 +1572,8 @@ static int ldapsam_get_ldap_user_by_sid(struct ldapsam_privates *ldap_state, break; } - case SCHEMAVER_SAMBAACCOUNT: - if (!sid_peek_check_rid(&ldap_state->domain_sid, sid, &rid)) { - return rc; - } - - attr_list = get_userattr_list(NULL, - ldap_state->schema_ver); - rc = ldapsam_search_suffix_by_rid(ldap_state, rid, result, attr_list ); - TALLOC_FREE( attr_list ); - - if ( rc != LDAP_SUCCESS ) - return rc; + default: + DEBUG(0,("Invalid schema version specified\n")); break; } return rc; @@ -1916,7 +1858,7 @@ static NTSTATUS ldapsam_delete_sam_account(struct pdb_methods *my_methods, rc = ldapsam_delete_entry( priv, mem_ctx, entry, priv->schema_ver == SCHEMAVER_SAMBASAMACCOUNT ? - LDAP_OBJ_SAMBASAMACCOUNT : LDAP_OBJ_SAMBAACCOUNT, + LDAP_OBJ_SAMBASAMACCOUNT : 0, attr_list); result = (rc == LDAP_SUCCESS) ? @@ -2306,9 +2248,6 @@ static NTSTATUS ldapsam_add_sam_account(struct pdb_methods *my_methods, struct s goto fn_exit; } switch ( ldap_state->schema_ver ) { - case SCHEMAVER_SAMBAACCOUNT: - smbldap_set_mod(&mods, LDAP_MOD_ADD, "objectclass", LDAP_OBJ_SAMBAACCOUNT); - break; case SCHEMAVER_SAMBASAMACCOUNT: smbldap_set_mod(&mods, LDAP_MOD_ADD, "objectclass", LDAP_OBJ_SAMBASAMACCOUNT); break; @@ -6506,35 +6445,6 @@ static NTSTATUS pdb_init_ldapsam_common(struct pdb_methods **pdb_method, const c } /********************************************************************** - Initialise the 'compat' mode for pdb_ldap - *********************************************************************/ - -NTSTATUS pdb_init_ldapsam_compat(struct pdb_methods **pdb_method, const char *location) -{ - NTSTATUS nt_status; - struct ldapsam_privates *ldap_state; - char *uri = talloc_strdup( NULL, location ); - - trim_char( uri, '\"', '\"' ); - nt_status = pdb_init_ldapsam_common( pdb_method, uri ); - if ( uri ) - TALLOC_FREE( uri ); - - if ( !NT_STATUS_IS_OK(nt_status) ) { - return nt_status; - } - - (*pdb_method)->name = "ldapsam_compat"; - - ldap_state = (struct ldapsam_privates *)((*pdb_method)->private_data); - ldap_state->schema_ver = SCHEMAVER_SAMBAACCOUNT; - - sid_copy(&ldap_state->domain_sid, get_global_sam_sid()); - - return NT_STATUS_OK; -} - -/********************************************************************** Initialise the normal mode for pdb_ldap *********************************************************************/ @@ -6693,9 +6603,6 @@ NTSTATUS pdb_ldap_init(void) if (!NT_STATUS_IS_OK(nt_status = smb_register_passdb(PASSDB_INTERFACE_VERSION, "ldapsam", pdb_init_ldapsam))) return nt_status; - if (!NT_STATUS_IS_OK(nt_status = smb_register_passdb(PASSDB_INTERFACE_VERSION, "ldapsam_compat", pdb_init_ldapsam_compat))) - return nt_status; - /* Let pdb_nds register backends */ pdb_nds_init(); diff --git a/source3/passdb/pdb_ldap.h b/source3/passdb/pdb_ldap.h index 244945d933..1372f33ce2 100644 --- a/source3/passdb/pdb_ldap.h +++ b/source3/passdb/pdb_ldap.h @@ -29,7 +29,6 @@ /* The following definitions come from passdb/pdb_ldap.c */ const char** get_userattr_list( TALLOC_CTX *mem_ctx, int schema_ver ); -NTSTATUS pdb_init_ldapsam_compat(struct pdb_methods **pdb_method, const char *location); NTSTATUS pdb_init_ldapsam(struct pdb_methods **pdb_method, const char *location); NTSTATUS pdb_ldap_init(void); int ldapsam_search_suffix_by_name(struct ldapsam_privates *ldap_state, diff --git a/source3/passdb/pdb_ldap_schema.c b/source3/passdb/pdb_ldap_schema.c index 1cf960d90c..da738d5d25 100644 --- a/source3/passdb/pdb_ldap_schema.c +++ b/source3/passdb/pdb_ldap_schema.c @@ -25,61 +25,6 @@ #include "includes.h" #include "passdb/pdb_ldap_schema.h" -/* attributes used by Samba 2.2 */ - -ATTRIB_MAP_ENTRY attrib_map_v22[] = { - { LDAP_ATTR_UID, "uid" }, - { LDAP_ATTR_UIDNUMBER, LDAP_ATTRIBUTE_UIDNUMBER}, - { LDAP_ATTR_GIDNUMBER, LDAP_ATTRIBUTE_GIDNUMBER}, - { LDAP_ATTR_UNIX_HOME, "homeDirectory" }, - { LDAP_ATTR_PWD_LAST_SET, "pwdLastSet" }, - { LDAP_ATTR_PWD_CAN_CHANGE, "pwdCanChange" }, - { LDAP_ATTR_PWD_MUST_CHANGE, "pwdMustChange" }, - { LDAP_ATTR_LOGON_TIME, "logonTime" }, - { LDAP_ATTR_LOGOFF_TIME, "logoffTime" }, - { LDAP_ATTR_KICKOFF_TIME, "kickoffTime" }, - { LDAP_ATTR_CN, "cn" }, - { LDAP_ATTR_SN, "sn" }, - { LDAP_ATTR_DISPLAY_NAME, "displayName" }, - { LDAP_ATTR_HOME_PATH, "smbHome" }, - { LDAP_ATTR_HOME_DRIVE, "homeDrive" }, - { LDAP_ATTR_LOGON_SCRIPT, "scriptPath" }, - { LDAP_ATTR_PROFILE_PATH, "profilePath" }, - { LDAP_ATTR_DESC, "description" }, - { LDAP_ATTR_USER_WKS, "userWorkstations"}, - { LDAP_ATTR_USER_RID, "rid" }, - { LDAP_ATTR_PRIMARY_GROUP_RID, "primaryGroupID"}, - { LDAP_ATTR_LMPW, "lmPassword" }, - { LDAP_ATTR_NTPW, "ntPassword" }, - { LDAP_ATTR_DOMAIN, "domain" }, - { LDAP_ATTR_OBJCLASS, "objectClass" }, - { LDAP_ATTR_ACB_INFO, "acctFlags" }, - { LDAP_ATTR_MOD_TIMESTAMP, "modifyTimestamp" }, - { LDAP_ATTR_LIST_END, NULL } -}; - -ATTRIB_MAP_ENTRY attrib_map_to_delete_v22[] = { - { LDAP_ATTR_PWD_LAST_SET, "pwdLastSet" }, - { LDAP_ATTR_PWD_CAN_CHANGE, "pwdCanChange" }, - { LDAP_ATTR_PWD_MUST_CHANGE, "pwdMustChange" }, - { LDAP_ATTR_LOGON_TIME, "logonTime" }, - { LDAP_ATTR_LOGOFF_TIME, "logoffTime" }, - { LDAP_ATTR_KICKOFF_TIME, "kickoffTime" }, - { LDAP_ATTR_DISPLAY_NAME, "displayName" }, - { LDAP_ATTR_HOME_PATH, "smbHome" }, - { LDAP_ATTR_HOME_DRIVE, "homeDrives" }, - { LDAP_ATTR_LOGON_SCRIPT, "scriptPath" }, - { LDAP_ATTR_PROFILE_PATH, "profilePath" }, - { LDAP_ATTR_USER_WKS, "userWorkstations"}, - { LDAP_ATTR_USER_RID, "rid" }, - { LDAP_ATTR_PRIMARY_GROUP_RID, "primaryGroupID"}, - { LDAP_ATTR_LMPW, "lmPassword" }, - { LDAP_ATTR_NTPW, "ntPassword" }, - { LDAP_ATTR_DOMAIN, "domain" }, - { LDAP_ATTR_ACB_INFO, "acctFlags" }, - { LDAP_ATTR_LIST_END, NULL } -}; - /* attributes used by Samba 3.0's sambaSamAccount */ ATTRIB_MAP_ENTRY attrib_map_v30[] = { diff --git a/source3/passdb/pdb_ldap_schema.h b/source3/passdb/pdb_ldap_schema.h index 07f357006b..947af183b1 100644 --- a/source3/passdb/pdb_ldap_schema.h +++ b/source3/passdb/pdb_ldap_schema.h @@ -21,15 +21,13 @@ #ifndef _PASSDB_PDB_LDAP_SCHEMA_H_ #define _PASSDB_PDB_LDAP_SCHEMA_H_ -/* specify schema versions between 2.2. and 3.0 */ - -#define SCHEMAVER_SAMBAACCOUNT 1 -#define SCHEMAVER_SAMBASAMACCOUNT 2 +/* Schema versions */ +#define SCHEMAVER_SAMBAACCOUNT 1 /* Samba 2.2 */ +#define SCHEMAVER_SAMBASAMACCOUNT 2 /* Samba 3.0 */ /* objectclass names */ #define LDAP_OBJ_SAMBASAMACCOUNT "sambaSamAccount" -#define LDAP_OBJ_SAMBAACCOUNT "sambaAccount" #define LDAP_OBJ_GROUPMAP "sambaGroupMapping" #define LDAP_OBJ_DOMINFO "sambaDomain" #define LDAP_OBJ_IDPOOL "sambaUnixIdPool" @@ -109,8 +107,6 @@ typedef struct _attrib_map_entry { /* structures */ -extern ATTRIB_MAP_ENTRY attrib_map_v22[]; -extern ATTRIB_MAP_ENTRY attrib_map_to_delete_v22[]; extern ATTRIB_MAP_ENTRY attrib_map_v30[]; extern ATTRIB_MAP_ENTRY attrib_map_to_delete_v30[]; extern ATTRIB_MAP_ENTRY dominfo_attr_list[]; diff --git a/source3/passdb/pdb_nds.c b/source3/passdb/pdb_nds.c index 72d6a3d2a6..71eca831f3 100644 --- a/source3/passdb/pdb_nds.c +++ b/source3/passdb/pdb_nds.c @@ -873,23 +873,6 @@ static NTSTATUS pdb_init_NDS_ldapsam_common(struct pdb_methods **pdb_method, con return NT_STATUS_OK; } - -/********************************************************************** - Initialise the 'nds compat' mode for pdb_ldap - *********************************************************************/ - -static NTSTATUS pdb_init_NDS_ldapsam_compat(struct pdb_methods **pdb_method, const char *location) -{ - NTSTATUS nt_status = pdb_init_ldapsam_compat(pdb_method, location); - - (*pdb_method)->name = "NDS_ldapsam_compat"; - - pdb_init_NDS_ldapsam_common(pdb_method, location); - - return nt_status; -} - - /********************************************************************** Initialise the 'nds' normal mode for pdb_ldap *********************************************************************/ @@ -911,8 +894,5 @@ NTSTATUS pdb_nds_init(void) if (!NT_STATUS_IS_OK(nt_status = smb_register_passdb(PASSDB_INTERFACE_VERSION, "NDS_ldapsam", pdb_init_NDS_ldapsam))) return nt_status; - if (!NT_STATUS_IS_OK(nt_status = smb_register_passdb(PASSDB_INTERFACE_VERSION, "NDS_ldapsam_compat", pdb_init_NDS_ldapsam_compat))) - return nt_status; - return NT_STATUS_OK; } |