summaryrefslogtreecommitdiff
path: root/source4/dsdb/common
diff options
context:
space:
mode:
Diffstat (limited to 'source4/dsdb/common')
-rw-r--r--source4/dsdb/common/flags.h5
-rw-r--r--source4/dsdb/common/sidmap.c35
2 files changed, 24 insertions, 16 deletions
diff --git a/source4/dsdb/common/flags.h b/source4/dsdb/common/flags.h
index 8de3f6dc19..36111418e2 100644
--- a/source4/dsdb/common/flags.h
+++ b/source4/dsdb/common/flags.h
@@ -91,6 +91,11 @@
GROUP_TYPE_ACCOUNT_GROUP| \
GROUP_TYPE_SECURITY_ENABLED \
)
+#define GTYPE_SECURITY_UNIVERSAL_GROUP ( \
+ /* 0x80000008 -2147483656 */ \
+ GROUP_TYPE_UNIVERSAL_GROUP| \
+ GROUP_TYPE_SECURITY_ENABLED \
+ )
#define GTYPE_DISTRIBUTION_GLOBAL_GROUP 0x00000002 /* 2 */
#define GTYPE_DISTRIBUTION_DOMAIN_LOCAL_GROUP 0x00000004 /* 4 */
#define GTYPE_DISTRIBUTION_UNIVERSAL_GROUP 0x00000008 /* 8 */
diff --git a/source4/dsdb/common/sidmap.c b/source4/dsdb/common/sidmap.c
index 8a594f3fc7..de1f3f3c7a 100644
--- a/source4/dsdb/common/sidmap.c
+++ b/source4/dsdb/common/sidmap.c
@@ -68,26 +68,26 @@ _PUBLIC_ struct sidmap_context *sidmap_open(TALLOC_CTX *mem_ctx)
check the sAMAccountType field of a search result to see if
the account is a user account
*/
-static BOOL is_user_account(struct ldb_message *res)
+static bool is_user_account(struct ldb_message *res)
{
uint_t atype = samdb_result_uint(res, "sAMAccountType", 0);
if (atype && (!(atype & ATYPE_ACCOUNT))) {
- return False;
+ return false;
}
- return True;
+ return true;
}
/*
check the sAMAccountType field of a search result to see if
the account is a group account
*/
-static BOOL is_group_account(struct ldb_message *res)
+static bool is_group_account(struct ldb_message *res)
{
uint_t atype = samdb_result_uint(res, "sAMAccountType", 0);
if (atype && atype == ATYPE_NORMAL_ACCOUNT) {
- return False;
+ return false;
}
- return True;
+ return true;
}
@@ -217,7 +217,7 @@ allocated_sid:
/*
see if a sid is a group - very inefficient!
*/
-_PUBLIC_ BOOL sidmap_sid_is_group(struct sidmap_context *sidmap, struct dom_sid *sid)
+_PUBLIC_ bool sidmap_sid_is_group(struct sidmap_context *sidmap, struct dom_sid *sid)
{
const char *attrs[] = { "sAMAccountType", NULL };
int ret;
@@ -225,7 +225,7 @@ _PUBLIC_ BOOL sidmap_sid_is_group(struct sidmap_context *sidmap, struct dom_sid
struct ldb_message **res;
NTSTATUS status;
struct dom_sid *domain_sid;
- BOOL is_group;
+ bool is_group;
tmp_ctx = talloc_new(sidmap);
@@ -240,19 +240,19 @@ _PUBLIC_ BOOL sidmap_sid_is_group(struct sidmap_context *sidmap, struct dom_sid
status = sidmap_primary_domain_sid(sidmap, tmp_ctx, &domain_sid);
if (!NT_STATUS_IS_OK(status)) {
talloc_free(tmp_ctx);
- return False;
+ return false;
}
if (dom_sid_in_domain(domain_sid, sid)) {
uint32_t rid = sid->sub_auths[sid->num_auths-1];
if (rid >= SIDMAP_LOCAL_GROUP_BASE) {
talloc_free(tmp_ctx);
- return True;
+ return true;
}
}
talloc_free(tmp_ctx);
- return False;
+ return false;
}
/*
@@ -550,13 +550,13 @@ _PUBLIC_ NTSTATUS sidmap_allocated_sid_lookup(struct sidmap_context *sidmap,
TALLOC_CTX *mem_ctx,
const struct dom_sid *sid,
const char **name,
- uint32_t *atype)
+ enum lsa_SidType *rtype)
{
NTSTATUS status;
struct dom_sid *domain_sid;
TALLOC_CTX *tmp_ctx = talloc_new(mem_ctx);
- uint32_t rid;
-
+ uint32_t rid, atype;
+
status = sidmap_primary_domain_sid(sidmap, tmp_ctx, &domain_sid);
if (!NT_STATUS_IS_OK(status)) {
return NT_STATUS_NO_SUCH_DOMAIN;
@@ -577,7 +577,9 @@ _PUBLIC_ NTSTATUS sidmap_allocated_sid_lookup(struct sidmap_context *sidmap,
if (rid < SIDMAP_LOCAL_GROUP_BASE) {
struct passwd *pwd;
uid_t uid = rid - SIDMAP_LOCAL_USER_BASE;
- *atype = ATYPE_NORMAL_ACCOUNT;
+ atype = ATYPE_NORMAL_ACCOUNT;
+ *rtype = samdb_atype_map(atype);
+
pwd = getpwuid(uid);
if (pwd == NULL) {
*name = talloc_asprintf(mem_ctx, "uid%u", uid);
@@ -587,7 +589,8 @@ _PUBLIC_ NTSTATUS sidmap_allocated_sid_lookup(struct sidmap_context *sidmap,
} else {
struct group *grp;
gid_t gid = rid - SIDMAP_LOCAL_GROUP_BASE;
- *atype = ATYPE_LOCAL_GROUP;
+ atype = ATYPE_LOCAL_GROUP;
+ *rtype = samdb_atype_map(atype);
grp = getgrgid(gid);
if (grp == NULL) {
*name = talloc_asprintf(mem_ctx, "gid%u", gid);