summaryrefslogtreecommitdiff
path: root/source3
diff options
context:
space:
mode:
Diffstat (limited to 'source3')
-rw-r--r--source3/include/proto.h15
-rw-r--r--source3/include/smb.h28
-rw-r--r--source3/passdb/ldap.c34
-rw-r--r--source3/passdb/nispass.c80
-rw-r--r--source3/passdb/passdb.c259
-rw-r--r--source3/passdb/smbpass.c1
-rw-r--r--source3/rpc_server/srv_samr.c38
-rw-r--r--source3/rpc_server/srv_util.c12
8 files changed, 335 insertions, 132 deletions
diff --git a/source3/include/proto.h b/source3/include/proto.h
index 8207aa8adc..177a45c9c0 100644
--- a/source3/include/proto.h
+++ b/source3/include/proto.h
@@ -1568,13 +1568,16 @@ BOOL mod_smbpwd_entry(struct smb_passwd* pwd, BOOL override);
struct smb_passwd *getsmbpwnam(char *name);
struct smb_passwd *getsmbpwuid(uid_t smb_userid);
struct sam_passwd *iterate_getsam21pwnam(char *name);
-struct sam_passwd *iterate_getsam21pwuid(uint32 uid);
+struct sam_passwd *iterate_getsam21pwrid(uint32 rid);
+struct sam_passwd *iterate_getsam21pwuid(uid_t uid);
+struct sam_disp_info *getsamdisprid(uint32 rid);
struct sam_disp_info *getsamdispent(void *vp);
struct sam_passwd *getsam21pwent(void *vp);
BOOL add_sam21pwd_entry(struct sam_passwd *newpwd);
BOOL mod_sam21pwd_entry(struct sam_passwd* pwd, BOOL override);
struct sam_passwd *getsam21pwnam(char *name);
-struct sam_passwd *getsam21pwuid(uint32 uid);
+struct sam_passwd *getsam21pwrid(uint32 rid);
+struct sam_passwd *getsam21pwuid(uid_t uid);
void pdb_init_dispinfo(struct sam_disp_info *user);
void pdb_init_smb(struct smb_passwd *user);
void pdb_init_sam(struct sam_passwd *user);
@@ -1588,10 +1591,10 @@ uint16 pdb_decode_acct_ctrl(char *p);
int pdb_gethexpwd(char *p, char *pwd);
BOOL pdb_name_to_rid(char *user_name, uint32 *u_rid, uint32 *g_rid);
BOOL pdb_generate_machine_sid(void);
-uint32 pdb_user_rid_to_uid(uint32 u_rid);
-uint32 pdb_group_rid_to_gid(uint32 u_gid);
-uint32 pdb_uid_to_user_rid(uint32 uid);
-uint32 pdb_gid_to_group_rid(uint32 gid);
+uid_t pdb_user_rid_to_uid(uint32 u_rid);
+gid_t pdb_group_rid_to_gid(uint32 g_rid);
+uint32 pdb_uid_to_user_rid(uid_t uid);
+uint32 pdb_gid_to_group_rid(gid_t gid);
BOOL pdb_rid_is_user(uint32 rid);
/*The following definitions come from password.c */
diff --git a/source3/include/smb.h b/source3/include/smb.h
index fff44f179d..8687f618e4 100644
--- a/source3/include/smb.h
+++ b/source3/include/smb.h
@@ -637,6 +637,17 @@ struct shmem_ops {
/*
* Each implementation of the password database code needs
* to support the following operations.
+ *
+ * either the get/mod/add-smbXXX or the get/mod/add-sam21XXX functions
+ * are optional, but not both. conversion routines will be called
+ * if only one of each is supported. the preference is to provide
+ * full getsam21pwXXX functionality.
+ *
+ * e.g: provide a getsam21pwnam() function but set getsmbpwnam() to NULL:
+ * passdb.c will automatically call getsam21pwnam() and then call the
+ * sam21-to-smb conversion routine if the passdb.c::getsmbpwnam() function
+ * is called.
+ *
*/
struct passdb_ops {
@@ -647,12 +658,14 @@ struct passdb_ops {
void (*endsmbpwent)(void *);
unsigned long (*getsmbpwpos)(void *);
BOOL (*setsmbpwpos)(void *, unsigned long);
+
/*
* smb password database query functions.
*/
struct smb_passwd *(*getsmbpwnam)(char *);
struct smb_passwd *(*getsmbpwuid)(uid_t);
struct smb_passwd *(*getsmbpwent)(void *);
+
/*
* smb password database modification functions.
*/
@@ -664,11 +677,24 @@ struct passdb_ops {
*/
struct sam_passwd *(*getsam21pwent)(void *);
+ /*
+ * sam password database query functions.
+ */
struct sam_passwd *(*getsam21pwnam)(char *);
- struct sam_passwd *(*getsam21pwuid)(uint32);
+ struct sam_passwd *(*getsam21pwuid)(uid_t);
+ struct sam_passwd *(*getsam21pwrid)(uint32);
+ /*
+ * sam password database modification functions.
+ */
BOOL (*add_sam21pwd_entry)(struct sam_passwd *);
BOOL (*mod_sam21pwd_entry)(struct sam_passwd *, BOOL);
+
+ /*
+ * sam query display info functions.
+ */
+ struct sam_disp_info *(*getsamdisprid)(uint32);
+ struct sam_disp_info *(*getsamdispent)(void *);
};
/* this is used for smbstatus */
diff --git a/source3/passdb/ldap.c b/source3/passdb/ldap.c
index de1e3cc9ab..4ee53edbef 100644
--- a/source3/passdb/ldap.c
+++ b/source3/passdb/ldap.c
@@ -945,21 +945,25 @@ static BOOL mod_ldappwd_entry(struct smb_passwd* pwd, BOOL override)
return mod_ldap21pwd_entry(pdb_smb_to_sam(pwd), override);
}
-static struct passdb_ops ldap_ops = {
- startldappwent,
- endldappwent,
- getldappwpos,
- setldappwpos,
- getldappwnam,
- getldappwuid,
- getldappwent,
- add_ldappwd_entry,
- mod_ldappwd_entry,
- getldap21pwent,
- iterate_getsam21pwnam, /* From passdb.c */
- iterate_getsam21pwuid, /* From passdb.c */
- add_ldap21pwd_entry,
- mod_ldap21pwd_entry
+static struct passdb_ops ldap_ops =
+{
+ startldappwent,
+ endldappwent,
+ getldappwpos,
+ setldappwpos,
+ getldappwnam,
+ NULL, /* getldappwuid, */
+ NULL, /* getldappwent, */
+ NULL, /* add_ldappwd_entry, */
+ NULL, /* mod_ldappwd_entry, */
+ getldap21pwent,
+ iterate_getsam21pwnam, /* From passdb.c */
+ iterate_getsam21pwuid, /* From passdb.c */
+ iterate_getsam21pwrid, /* From passdb.c */
+ add_ldap21pwd_entry,
+ mod_ldap21pwd_entry,
+ NULL, /* getsamdisprid, */
+ NULL /* getsamdispent */
};
struct passdb_ops *ldap_initialize_password_db(void)
diff --git a/source3/passdb/nispass.c b/source3/passdb/nispass.c
index 436fbc0e91..cb49f15059 100644
--- a/source3/passdb/nispass.c
+++ b/source3/passdb/nispass.c
@@ -94,13 +94,14 @@ static void gotalarm_sig(void)
/***************************************************************
make_nisname_from_user_rid
****************************************************************/
-static char *make_nisname_from_user_rid(uint32 rid)
+static char *make_nisname_from_user_rid(uint32 rid, char *pfile)
{
static pstring nisname;
safe_strcpy(nisname, "[user_rid=", sizeof(nisname)-1);
slprintf(nisname, sizeof(nisname)-1, "%s%d", nisname, rid);
- safe_strcat(nisname, "], passwd.org_dir", sizeof(nisname)-strlen(nisname)-1);
+ safe_strcat(nisname, "],", sizeof(nisname)-strlen(nisname)-1);
+ safe_strcat(nisname, pfile, sizeof(nisname)-strlen(nisname)-1);
return nisname;
}
@@ -108,13 +109,14 @@ static char *make_nisname_from_user_rid(uint32 rid)
/***************************************************************
make_nisname_from_uid
****************************************************************/
-static char *make_nisname_from_uid(int uid)
+static char *make_nisname_from_uid(int uid, char *pfile)
{
static pstring nisname;
safe_strcpy(nisname, "[uid=", sizeof(nisname)-1);
slprintf(nisname, sizeof(nisname)-1, "%s%d", nisname, uid);
- safe_strcat(nisname, "], passwd.org_dir", sizeof(nisname)-strlen(nisname)-1);
+ safe_strcat(nisname, "],", sizeof(nisname)-strlen(nisname)-1);
+ safe_strcat(nisname, pfile, sizeof(nisname)-strlen(nisname)-1);
return nisname;
}
@@ -122,13 +124,14 @@ static char *make_nisname_from_uid(int uid)
/***************************************************************
make_nisname_from_name
****************************************************************/
-static char *make_nisname_from_name(char *user_name)
+static char *make_nisname_from_name(char *user_name, char *pfile)
{
static pstring nisname;
safe_strcpy(nisname, "[name=", sizeof(nisname)-1);
safe_strcat(nisname, user_name, sizeof(nisname) - strlen(nisname) - 1);
- safe_strcat(nisname, "], passwd.org_dir", sizeof(nisname) - strlen(nisname) - 1);
+ safe_strcat(nisname, "],", sizeof(nisname)-strlen(nisname)-1);
+ safe_strcat(nisname, pfile, sizeof(nisname)-strlen(nisname)-1);
return nisname;
}
@@ -214,9 +217,7 @@ static BOOL add_nisp21pwd_entry(struct sam_passwd *newpwd)
pfile = lp_smb_passwd_file();
- safe_strcpy(user_name, newpwd->smb_name, sizeof(user_name)-1);
-
- nisname = make_nisname_from_name(user_name);
+ nisname = make_nisname_from_name(user_name, "passwd.org_dir");
nis_user = nis_list(nisname, FOLLOW_PATH | EXPAND_NAME | HARD_LOOKUP, NULL, NULL);
@@ -229,10 +230,7 @@ static BOOL add_nisp21pwd_entry(struct sam_passwd *newpwd)
user_obj = NIS_RES_OBJECT(nis_user);
- safe_strcpy(nisname, "[name=", sizeof(nisname)-1);
- safe_strcat(nisname, ENTRY_VAL(user_obj,0),sizeof(nisname)-strlen(nisname)-1);
- safe_strcat(nisname, "],", sizeof(nisname)-strlen(nisname)-1);
- safe_strcat(nisname, pfile, sizeof(nisname)-strlen(nisname)-1);
+ make_nisname_from_name(ENTRY_VAL(user_obj,0), pfile);
result = nis_list(nisname, FOLLOW_PATH|EXPAND_NAME|HARD_LOOKUP,NULL,NULL);
if (result->status != NIS_SUCCESS && result->status != NIS_NOTFOUND)
@@ -465,12 +463,12 @@ static struct sam_passwd *getnisp21pwnam(char *name)
/*************************************************************************
Routine to search the nisplus passwd file for an entry matching the username
*************************************************************************/
-static struct sam_passwd *getnisp21pwuid(int smb_userid)
+static struct sam_passwd *getnisp21pwrid(uint32 rid)
{
/* Static buffers we will return. */
static struct sam_passwd pw_buf;
nis_result *result;
- pstring nisname;
+ char *nisname;
BOOL ret;
if (!*lp_smb_passwd_file())
@@ -479,10 +477,10 @@ static struct sam_passwd *getnisp21pwuid(int smb_userid)
return NULL;
}
- DEBUG(10, ("getnisppwuid: search by uid: %d\n", smb_userid));
- DEBUG(10, ("getnisppwuid: using NIS+ table %s\n", lp_smb_passwd_file()));
+ DEBUG(10, ("getnisp21pwrid: search by rid: %x\n", rid));
+ DEBUG(10, ("getnisp21pwrid: using NIS+ table %s\n", lp_smb_passwd_file()));
- slprintf(nisname, sizeof(nisname)-1, "[uid=%d],%s", smb_userid, lp_smb_passwd_file());
+ nisname = make_nisname_from_user_rid(rid, lp_smb_passwd_file());
/* Search the table. */
gotalarm = 0;
@@ -496,7 +494,7 @@ static struct sam_passwd *getnisp21pwuid(int smb_userid)
if (gotalarm)
{
- DEBUG(0,("getnisppwuid: NIS+ lookup time out\n"));
+ DEBUG(0,("getnisp21pwrid: NIS+ lookup time out\n"));
nis_freeresult(result);
return NULL;
}
@@ -511,46 +509,24 @@ static struct sam_passwd *getnisp21pwuid(int smb_userid)
* Derived functions for NIS+.
*/
-static struct smb_passwd *getnispwnam(char *name)
-{
- return pdb_sam_to_smb(iterate_getsam21pwnam(name));
-}
-
-static struct smb_passwd *getnispwuid(uid_t smb_userid)
-{
- return pdb_sam_to_smb(iterate_getsam21pwuid(smb_userid));
-}
-
-static struct smb_passwd *getnispwent(void *vp)
-{
- return pdb_sam_to_smb(getnisp21pwent(vp));
-}
-
-static BOOL add_nispwd_entry(struct smb_passwd *newpwd)
-{
- return add_nisp21pwd_entry(pdb_smb_to_sam(newpwd));
-}
-
-static BOOL mod_nispwd_entry(struct smb_passwd* pwd, BOOL override)
-{
- return mod_nisp21pwd_entry(pdb_smb_to_sam(pwd), override);
-}
-
static struct passdb_ops nispasswd_ops = {
startnisppwent,
endnisppwent,
getnisppwpos,
setnisppwpos,
- getnispwnam,
- getsmbpwuid,
- getnispwent,
- add_nispwd_entry,
- mod_nispwd_entry,
+ NULL, /* getnispwnam, */
+ NULL, /* getnispwuid, */
+ NULL, /* getnispwent, */
+ NULL, /* add_nispwd_entry, */
+ NULL, /* mod_nispwd_entry, */
getnisp21pwent,
- iterate_getsam21pwnam, /* Found in passdb.c */
- iterate_getsam21pwuid, /* Found in passdb.c */
+ getnisp21pwnam,
+ NULL, /* getsam21pwuid */
+ getnisp21pwrid,
add_nisp21pwd_entry,
- mod_nisp21pwd_entry
+ mod_nisp21pwd_entry,
+ NULL, /* getsamdisprid */
+ NULL /* getsamdispent */
};
struct passdb_ops *nisplus_initialize_password_db(void)
diff --git a/source3/passdb/passdb.c b/source3/passdb/passdb.c
index acc8d1c609..d7ba8479bf 100644
--- a/source3/passdb/passdb.c
+++ b/source3/passdb/passdb.c
@@ -35,6 +35,19 @@ DOM_SID global_machine_sid;
/*
* NOTE. All these functions are abstracted into a structure
* that points to the correct function for the selected database. JRA.
+ *
+ * NOTE. for the get/mod/add functions, there are two sets of functions.
+ * one supports struct sam_passwd, the other supports struct smb_passwd.
+ * for speed optimisation it is best to support both these sets.
+ *
+ * it is, however, optional to support one set but not the other: there
+ * is conversion-capability built in to passdb.c, and run-time error
+ * detection for when neither are supported.
+ *
+ * password database writers are recommended to implement the sam_passwd
+ * functions in a first pass, as struct sam_passwd contains more
+ * information, needed by the NT Domain support. lkcl.
+ *
*/
static struct passdb_ops *pdb_ops;
@@ -115,8 +128,10 @@ struct smb_passwd *iterate_getsmbpwnam(char *name)
BOOL initialize_password_db(void)
{
- if(pdb_ops)
+ if (pdb_ops)
+ {
return True;
+ }
#ifdef USE_NISPLUS_DB
pdb_ops = nisplus_initialize_password_db();
@@ -141,6 +156,7 @@ BOOL initialize_password_db(void)
from this function may be used to enumerate struct sam_passwd
entries as well as struct smb_passwd entries. This may need
to change. JRA.
+
****************************************************************/
void *startsmbpwent(BOOL update)
@@ -169,7 +185,19 @@ void endsmbpwent(void *vp)
struct smb_passwd *getsmbpwent(void *vp)
{
- return pdb_ops->getsmbpwent(vp);
+ if (pdb_ops->getsmbpwent == NULL && pdb_ops->getsam21pwent == NULL)
+ {
+ /* must have one or the other: this is an error by the password
+ database implementor for the back-end you are using.
+ */
+ DEBUG(0,("getsmbpwent: getsmbpwent() and getsam21pwent() not supported!\n"));
+ return NULL;
+ }
+ if (pdb_ops->getsmbpwent != NULL)
+ {
+ return pdb_ops->getsmbpwent(vp);
+ }
+ return pdb_sam_to_smb(pdb_ops->getsam21pwent(vp));
}
/*************************************************************************
@@ -210,7 +238,19 @@ BOOL setsmbpwpos(void *vp, unsigned long tok)
BOOL add_smbpwd_entry(struct smb_passwd *newpwd)
{
- return pdb_ops->add_smbpwd_entry(newpwd);
+ if (pdb_ops->add_smbpwd_entry == NULL && pdb_ops->add_sam21pwd_entry == NULL)
+ {
+ /* must have one or the other: this is an error by the password
+ database implementor for the back-end you are using.
+ */
+ DEBUG(0,("add_smbpwd_entry: add_smbpwd_entry() and add_sam21pwd_entry() not supported!\n"));
+ return False;
+ }
+ if (pdb_ops->add_smbpwd_entry != NULL)
+ {
+ return pdb_ops->add_smbpwd_entry(newpwd);
+ }
+ return pdb_ops->add_sam21pwd_entry(pdb_smb_to_sam(newpwd));
}
/************************************************************************
@@ -224,7 +264,19 @@ BOOL add_smbpwd_entry(struct smb_passwd *newpwd)
BOOL mod_smbpwd_entry(struct smb_passwd* pwd, BOOL override)
{
- return pdb_ops->mod_smbpwd_entry(pwd, override);
+ if (pdb_ops->mod_smbpwd_entry == NULL && pdb_ops->mod_sam21pwd_entry == NULL)
+ {
+ /* must have one or the other: this is an error by the password
+ database implementor for the back-end you are using.
+ */
+ DEBUG(0,("mod_smbpwd_entry: mod_smbpwd_entry() and mod_sam21pwd_entry() not supported!\n"));
+ return False;
+ }
+ if (pdb_ops->mod_smbpwd_entry != NULL)
+ {
+ return pdb_ops->mod_smbpwd_entry(pwd, override);
+ }
+ return pdb_ops->mod_sam21pwd_entry(pdb_smb_to_sam(pwd), override);
}
/************************************************************************
@@ -233,7 +285,19 @@ BOOL mod_smbpwd_entry(struct smb_passwd* pwd, BOOL override)
struct smb_passwd *getsmbpwnam(char *name)
{
- return pdb_ops->getsmbpwnam(name);
+ if (pdb_ops->getsmbpwnam == NULL && pdb_ops->getsam21pwnam == NULL)
+ {
+ /* must have one or the other: this is an error by the password
+ database implementor for the back-end you are using.
+ */
+ DEBUG(0,("getsmbpwnam: getsmbpwnam() and getsam21pwnam() not supported!\n"));
+ return NULL;
+ }
+ if (pdb_ops->getsam21pwnam != NULL)
+ {
+ return pdb_ops->getsmbpwnam(name);
+ }
+ return pdb_sam_to_smb(getsam21pwnam(name));
}
/************************************************************************
@@ -242,7 +306,19 @@ struct smb_passwd *getsmbpwnam(char *name)
struct smb_passwd *getsmbpwuid(uid_t smb_userid)
{
- return pdb_ops->getsmbpwuid(smb_userid);
+ if (pdb_ops->getsmbpwuid == NULL && pdb_ops->getsam21pwrid == NULL)
+ {
+ /* must have one or the other: this is an error by the password
+ database implementor for the back-end you are using.
+ */
+ DEBUG(0,("getsmbpwuid: getsmbpwuid() and getsam21pwrid() not supported!\n"));
+ return NULL;
+ }
+ if (pdb_ops->getsmbpwuid != NULL)
+ {
+ return pdb_ops->getsmbpwuid(smb_userid);
+ }
+ return pdb_sam_to_smb(pdb_ops->getsam21pwuid(pdb_uid_to_user_rid(smb_userid)));
}
/*
@@ -285,9 +361,50 @@ struct sam_passwd *iterate_getsam21pwnam(char *name)
/************************************************************************
Utility function to search sam passwd by uid. use this if your database
does not have search facilities.
+
+ search capability by both rid and uid are needed as the rid <-> uid
+ mapping may be non-monotonic.
+
*************************************************************************/
-struct sam_passwd *iterate_getsam21pwuid(uint32 uid)
+struct sam_passwd *iterate_getsam21pwrid(uint32 rid)
+{
+ struct sam_passwd *pwd = NULL;
+ void *fp = NULL;
+
+ DEBUG(10, ("iterate_getsam21pwrid: search by rid: %x\n", rid));
+
+ /* Open the smb password file - not for update. */
+ fp = startsmbpwent(False);
+
+ if (fp == NULL)
+ {
+ DEBUG(0, ("iterate_getsam21pwrid: unable to open sam password database.\n"));
+ return NULL;
+ }
+
+ while ((pwd = getsam21pwent(fp)) != NULL && pwd->user_rid != rid)
+ ;
+
+ if (pwd != NULL)
+ {
+ DEBUG(10, ("iterate_getsam21pwrid: found by user_rid: %x\n", rid));
+ }
+
+ endsmbpwent(fp);
+ return pwd;
+}
+
+/************************************************************************
+ Utility function to search sam passwd by uid. use this if your database
+ does not have search facilities.
+
+ search capability by both rid and uid are needed as the rid <-> uid
+ mapping may be non-monotonic.
+
+*************************************************************************/
+
+struct sam_passwd *iterate_getsam21pwuid(uid_t uid)
{
struct sam_passwd *pwd = NULL;
void *fp = NULL;
@@ -316,12 +433,27 @@ struct sam_passwd *iterate_getsam21pwuid(uint32 uid)
}
/*************************************************************************
- Routine to return the next entry in the sam passwd list.
+ Routine to return a display info structure, by rid
*************************************************************************/
+struct sam_disp_info *getsamdisprid(uint32 rid)
+{
+ if (pdb_ops->getsamdisprid != NULL)
+ {
+ return pdb_ops->getsamdisprid(rid);
+ }
+ return pdb_sam_to_dispinfo(pdb_ops->getsam21pwrid(rid));
+}
+/*************************************************************************
+ Routine to return the next entry in the sam passwd list.
+ *************************************************************************/
struct sam_disp_info *getsamdispent(void *vp)
{
- return pdb_sam_to_dispinfo(pdb_ops->getsam21pwent(vp));
+ if (pdb_ops->getsamdispent != NULL)
+ {
+ return pdb_ops->getsamdispent(vp);
+ }
+ return pdb_sam_to_dispinfo(pdb_ops->getsam21pwent(vp));
}
/*************************************************************************
@@ -330,7 +462,19 @@ struct sam_disp_info *getsamdispent(void *vp)
struct sam_passwd *getsam21pwent(void *vp)
{
- return pdb_ops->getsam21pwent(vp);
+ if (pdb_ops->getsmbpwent == NULL && pdb_ops->getsam21pwent == NULL)
+ {
+ /* must have one or the other: this is an error by the password
+ database implementor for the back-end you are using.
+ */
+ DEBUG(0,("getsmbpwent: getsmbpwent() and getsam21pwent() not supported!\n"));
+ return NULL;
+ }
+ if (pdb_ops->getsam21pwent != NULL)
+ {
+ return pdb_ops->getsam21pwent(vp);
+ }
+ return pdb_smb_to_sam(pdb_ops->getsmbpwent(vp));
}
/************************************************************************
@@ -339,7 +483,19 @@ struct sam_passwd *getsam21pwent(void *vp)
BOOL add_sam21pwd_entry(struct sam_passwd *newpwd)
{
- return pdb_ops->add_sam21pwd_entry(newpwd);
+ if (pdb_ops->add_smbpwd_entry == NULL && pdb_ops->add_sam21pwd_entry == NULL)
+ {
+ /* must have one or the other: this is an error by the password
+ database implementor for the back-end you are using.
+ */
+ DEBUG(0,("add_smbpwd_entry: add_smbpwd_entry() and add_sam21pwd_entry() not supported!\n"));
+ return False;
+ }
+ if (pdb_ops->add_sam21pwd_entry != NULL)
+ {
+ return pdb_ops->add_sam21pwd_entry(newpwd);
+ }
+ return pdb_ops->add_smbpwd_entry(pdb_sam_to_smb(newpwd));
}
/************************************************************************
@@ -353,7 +509,19 @@ BOOL add_sam21pwd_entry(struct sam_passwd *newpwd)
BOOL mod_sam21pwd_entry(struct sam_passwd* pwd, BOOL override)
{
- return pdb_ops->mod_sam21pwd_entry(pwd, override);
+ if (pdb_ops->mod_smbpwd_entry == NULL && pdb_ops->mod_sam21pwd_entry == NULL)
+ {
+ /* must have one or the other: this is an error by the password
+ database implementor for the back-end you are using.
+ */
+ DEBUG(0,("mod_smbpwd_entry: mod_smbpwd_entry() and mod_sam21pwd_entry() not supported!\n"));
+ return False;
+ }
+ if (pdb_ops->mod_sam21pwd_entry != NULL)
+ {
+ return pdb_ops->mod_sam21pwd_entry(pwd, override);
+ }
+ return pdb_ops->mod_smbpwd_entry(pdb_sam_to_smb(pwd), override);
}
@@ -363,16 +531,61 @@ BOOL mod_sam21pwd_entry(struct sam_passwd* pwd, BOOL override)
struct sam_passwd *getsam21pwnam(char *name)
{
- return pdb_ops->getsam21pwnam(name);
+ if (pdb_ops->getsmbpwnam == NULL && pdb_ops->getsam21pwnam == NULL)
+ {
+ /* must have one or the other: this is an error by the password
+ database implementor for the back-end you are using.
+ */
+ DEBUG(0,("getsam21pwnam: getsmbpwnam() and getsam21pwnam() not supported!\n"));
+ return NULL;
+ }
+ if (pdb_ops->getsam21pwnam != NULL)
+ {
+ return pdb_ops->getsam21pwnam(name);
+ }
+ return pdb_smb_to_sam(getsmbpwnam(name));
+}
+
+/************************************************************************
+ Routine to search sam passwd by rid.
+*************************************************************************/
+
+struct sam_passwd *getsam21pwrid(uint32 rid)
+{
+ if (pdb_ops->getsmbpwuid == NULL && pdb_ops->getsam21pwrid == NULL)
+ {
+ /* must have one or the other: this is an error by the password
+ database implementor for the back-end you are using.
+ */
+ DEBUG(0,("getsam21pwrid: getsmbpwuid() and getsam21pwrid() not supported!\n"));
+ return NULL;
+ }
+ if (pdb_ops->getsam21pwrid != NULL)
+ {
+ return pdb_ops->getsam21pwrid(rid);
+ }
+ return pdb_smb_to_sam(pdb_ops->getsmbpwuid(pdb_user_rid_to_uid(rid)));
}
/************************************************************************
Routine to search sam passwd by uid.
*************************************************************************/
-struct sam_passwd *getsam21pwuid(uint32 uid)
+struct sam_passwd *getsam21pwuid(uid_t uid)
{
- return pdb_ops->getsam21pwuid(uid);
+ if (pdb_ops->getsmbpwuid == NULL && pdb_ops->getsam21pwrid == NULL)
+ {
+ /* must have one or the other: this is an error by the password
+ database implementor for the back-end you are using.
+ */
+ DEBUG(0,("getsam21pwuid: getsmbpwuid() and getsam21pwrid() not supported!\n"));
+ return NULL;
+ }
+ if (pdb_ops->getsam21pwuid != NULL)
+ {
+ return pdb_ops->getsam21pwuid(uid);
+ }
+ return pdb_smb_to_sam(pdb_ops->getsmbpwuid(uid));
}
@@ -885,25 +1098,25 @@ Error was %s\n", sid_file, strerror(errno) ));
converts NT User RID to a UNIX uid.
********************************************************************/
-uint32 pdb_user_rid_to_uid(uint32 u_rid)
+uid_t pdb_user_rid_to_uid(uint32 u_rid)
{
- return (u_rid - 1000);
+ return (uid_t)(u_rid - 1000);
}
/*******************************************************************
converts NT Group RID to a UNIX uid.
********************************************************************/
-uint32 pdb_group_rid_to_gid(uint32 u_gid)
+gid_t pdb_group_rid_to_gid(uint32 g_rid)
{
- return (u_gid - 1000);
+ return (gid_t)(g_rid - 1000);
}
/*******************************************************************
converts UNIX uid to an NT User RID.
********************************************************************/
-uint32 pdb_uid_to_user_rid(uint32 uid)
+uint32 pdb_uid_to_user_rid(uid_t uid)
{
return (uint32)(uid + 1000);
}
@@ -912,7 +1125,7 @@ uint32 pdb_uid_to_user_rid(uint32 uid)
converts NT Group RID to a UNIX uid.
********************************************************************/
-uint32 pdb_gid_to_group_rid(uint32 gid)
+uint32 pdb_gid_to_group_rid(gid_t gid)
{
return (uint32)(gid + 1000);
}
@@ -924,5 +1137,9 @@ uint32 pdb_gid_to_group_rid(uint32 gid)
BOOL pdb_rid_is_user(uint32 rid)
{
/* Punt for now - we need to look at the encoding here. JRA. */
+ /* lkcl i understand that NT attaches an enumeration to a RID
+ * such that it can be identified as either a user, group etc
+ * type. there are 5 such categories, and they are documented.
+ */
return True;
}
diff --git a/source3/passdb/smbpass.c b/source3/passdb/smbpass.c
index 8e0ace9986..ff06905927 100644
--- a/source3/passdb/smbpass.c
+++ b/source3/passdb/smbpass.c
@@ -933,6 +933,7 @@ static struct passdb_ops file_ops = {
getsmbfile21pwent,
iterate_getsam21pwnam, /* In passdb.c */
iterate_getsam21pwuid, /* In passdb.c */
+ iterate_getsam21pwrid, /* In passdb.c */
add_smbfile21pwd_entry,
mod_smbfile21pwd_entry
};
diff --git a/source3/rpc_server/srv_samr.c b/source3/rpc_server/srv_samr.c
index adc16fa5c8..d1503a762e 100644
--- a/source3/rpc_server/srv_samr.c
+++ b/source3/rpc_server/srv_samr.c
@@ -860,41 +860,21 @@ static void api_samr_open_user( int uid, prs_struct *data, prs_struct *rdata)
/*************************************************************************
get_user_info_21
*************************************************************************/
-static BOOL get_user_info_21(SAM_USER_INFO_21 *id21, uint32 rid)
+static BOOL get_user_info_21(SAM_USER_INFO_21 *id21, uint32 user_rid)
{
NTTIME dummy_time;
struct sam_passwd *sam_pass;
LOGON_HRS hrs;
int i;
- /*
- * Convert from rid to either a uid or gid as soon as
- * possible. JRA.
- */
-
- if(pdb_rid_is_user(rid))
- {
- uint32 uid = pdb_user_rid_to_uid(rid);
- become_root(True);
- sam_pass = getsam21pwuid(uid);
- unbecome_root(True);
- }
- else
- {
- struct group *grent;
- uint32 gid;
- gid = pdb_group_rid_to_gid(rid);
- if((grent = getgrgid(gid)) == NULL)
- {
- DEBUG(0,("get_user_info_21: Unable to get group info.\n"));
- return False;
- }
- /* TODO - at this point we need to convert from
- a UNIX struct group into a user info 21 structure.
- Punt for now. JRA.
- */
- return False;
- }
+ if (!pdb_rid_is_user(user_rid))
+ {
+ return False;
+ }
+
+ become_root(True);
+ sam_pass = getsam21pwrid(user_rid);
+ unbecome_root(True);
if (sam_pass == NULL)
{
diff --git a/source3/rpc_server/srv_util.c b/source3/rpc_server/srv_util.c
index 15c06d18bd..fca37db717 100644
--- a/source3/rpc_server/srv_util.c
+++ b/source3/rpc_server/srv_util.c
@@ -394,8 +394,7 @@ uint32 lookup_alias_name(uint32 rid, char *alias_name, uint32 *type)
********************************************************************/
uint32 lookup_user_name(uint32 rid, char *user_name, uint32 *type)
{
- struct smb_passwd *smb_pass;
- uint32 unix_uid;
+ struct sam_disp_info *disp_info;
int i = 0;
(*type) = SID_NAME_USER;
@@ -414,17 +413,14 @@ uint32 lookup_user_name(uint32 rid, char *user_name, uint32 *type)
return 0x0;
}
- unix_uid = pdb_uid_to_user_rid(rid);
- DEBUG(5,(" uid: %d", unix_uid));
-
/* ok, it's a user. find the user account */
become_root(True);
- smb_pass = getsmbpwuid(rid); /* lkclXXXX SHOULD use rid mapping here! */
+ disp_info = getsamdisprid(rid);
unbecome_root(True);
- if (smb_pass != NULL)
+ if (disp_info != NULL)
{
- fstrcpy(user_name, smb_pass->smb_name);
+ fstrcpy(user_name, disp_info->smb_name);
DEBUG(5,(" = %s\n", user_name));
return 0x0;
}