diff options
Diffstat (limited to 'source4/nsswitch/winbindd_ads.c')
| -rw-r--r-- | source4/nsswitch/winbindd_ads.c | 837 |
1 files changed, 0 insertions, 837 deletions
diff --git a/source4/nsswitch/winbindd_ads.c b/source4/nsswitch/winbindd_ads.c deleted file mode 100644 index de3757aa44..0000000000 --- a/source4/nsswitch/winbindd_ads.c +++ /dev/null @@ -1,837 +0,0 @@ -/* - Unix SMB/CIFS implementation. - - Winbind ADS backend functions - - Copyright (C) Andrew Tridgell 2001 - Copyright (C) Andrew Bartlett <abartlet@samba.org> 2003 - - This program is free software; you can redistribute it and/or modify - it under the terms of the GNU General Public License as published by - the Free Software Foundation; either version 2 of the License, or - (at your option) any later version. - - This program is distributed in the hope that it will be useful, - but WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - GNU General Public License for more details. - - You should have received a copy of the GNU General Public License - along with this program; if not, write to the Free Software - Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. -*/ - -#include "winbindd.h" - -#ifdef HAVE_ADS - -#undef DBGC_CLASS -#define DBGC_CLASS DBGC_WINBIND - -/* the realm of our primary LDAP server */ -static char *primary_realm; - - -/* - return our ads connections structure for a domain. We keep the connection - open to make things faster -*/ -static ADS_STRUCT *ads_cached_connection(struct winbindd_domain *domain) -{ - ADS_STRUCT *ads; - ADS_STATUS status; - - if (domain->private) { - return (ADS_STRUCT *)domain->private; - } - - /* we don't want this to affect the users ccache */ - setenv("KRB5CCNAME", "MEMORY:winbind_ccache", 1); - - ads = ads_init(domain->alt_name, domain->name, NULL); - if (!ads) { - DEBUG(1,("ads_init for domain %s failed\n", domain->name)); - return NULL; - } - - /* the machine acct password might have change - fetch it every time */ - SAFE_FREE(ads->auth.password); - ads->auth.password = secrets_fetch_machine_password(); - - if (primary_realm) { - SAFE_FREE(ads->auth.realm); - ads->auth.realm = strdup(primary_realm); - } - - status = ads_connect(ads); - if (!ADS_ERR_OK(status) || !ads->config.realm) { - extern struct winbindd_methods msrpc_methods; - DEBUG(1,("ads_connect for domain %s failed: %s\n", - domain->name, ads_errstr(status))); - ads_destroy(&ads); - - /* if we get ECONNREFUSED then it might be a NT4 - server, fall back to MSRPC */ - if (status.error_type == ADS_ERROR_SYSTEM && - status.err.rc == ECONNREFUSED) { - DEBUG(1,("Trying MSRPC methods\n")); - domain->methods = &msrpc_methods; - } - return NULL; - } - - /* remember our primary realm for trusted domain support */ - if (!primary_realm) { - primary_realm = strdup(ads->config.realm); - } - - domain->private = (void *)ads; - return ads; -} - - -/* Query display info for a realm. This is the basic user list fn */ -static NTSTATUS query_user_list(struct winbindd_domain *domain, - TALLOC_CTX *mem_ctx, - uint32 *num_entries, - WINBIND_USERINFO **info) -{ - ADS_STRUCT *ads = NULL; - const char *attrs[] = {"userPrincipalName", - "sAMAccountName", - "name", "objectSid", "primaryGroupID", - "sAMAccountType", NULL}; - int i, count; - ADS_STATUS rc; - void *res = NULL; - void *msg = NULL; - NTSTATUS status = NT_STATUS_UNSUCCESSFUL; - - *num_entries = 0; - - DEBUG(3,("ads: query_user_list\n")); - - ads = ads_cached_connection(domain); - if (!ads) goto done; - - rc = ads_search_retry(ads, &res, "(objectCategory=user)", attrs); - if (!ADS_ERR_OK(rc)) { - DEBUG(1,("query_user_list ads_search: %s\n", ads_errstr(rc))); - goto done; - } - - count = ads_count_replies(ads, res); - if (count == 0) { - DEBUG(1,("query_user_list: No users found\n")); - goto done; - } - - (*info) = talloc_zero(mem_ctx, count * sizeof(**info)); - if (!*info) { - status = NT_STATUS_NO_MEMORY; - goto done; - } - - i = 0; - - for (msg = ads_first_entry(ads, res); msg; msg = ads_next_entry(ads, msg)) { - char *name, *gecos; - DOM_SID sid; - DOM_SID *sid2; - DOM_SID *group_sid; - uint32 group; - uint32 atype; - - if (!ads_pull_uint32(ads, msg, "sAMAccountType", &atype) || - ads_atype_map(atype) != SID_NAME_USER) { - DEBUG(1,("Not a user account? atype=0x%x\n", atype)); - continue; - } - - name = ads_pull_username(ads, mem_ctx, msg); - gecos = ads_pull_string(ads, mem_ctx, msg, "name"); - if (!ads_pull_sid(ads, msg, "objectSid", &sid)) { - DEBUG(1,("No sid for %s !?\n", name)); - continue; - } - if (!ads_pull_uint32(ads, msg, "primaryGroupID", &group)) { - DEBUG(1,("No primary group for %s !?\n", name)); - continue; - } - - sid2 = talloc(mem_ctx, sizeof(*sid2)); - if (!sid2) { - status = NT_STATUS_NO_MEMORY; - goto done; - } - - sid_copy(sid2, &sid); - - group_sid = rid_to_talloced_sid(domain, mem_ctx, group); - - (*info)[i].acct_name = name; - (*info)[i].full_name = gecos; - (*info)[i].user_sid = sid2; - (*info)[i].group_sid = group_sid; - i++; - } - - (*num_entries) = i; - status = NT_STATUS_OK; - - DEBUG(3,("ads query_user_list gave %d entries\n", (*num_entries))); - -done: - if (res) ads_msgfree(ads, res); - - return status; -} - -/* list all domain groups */ -static NTSTATUS enum_dom_groups(struct winbindd_domain *domain, - TALLOC_CTX *mem_ctx, - uint32 *num_entries, - struct acct_info **info) -{ - ADS_STRUCT *ads = NULL; - const char *attrs[] = {"userPrincipalName", "sAMAccountName", - "name", "objectSid", - "sAMAccountType", NULL}; - int i, count; - ADS_STATUS rc; - void *res = NULL; - void *msg = NULL; - NTSTATUS status = NT_STATUS_UNSUCCESSFUL; - uint32 group_flags; - - *num_entries = 0; - - DEBUG(3,("ads: enum_dom_groups\n")); - - ads = ads_cached_connection(domain); - if (!ads) goto done; - - rc = ads_search_retry(ads, &res, "(objectCategory=group)", attrs); - if (!ADS_ERR_OK(rc)) { - DEBUG(1,("enum_dom_groups ads_search: %s\n", ads_errstr(rc))); - goto done; - } - - count = ads_count_replies(ads, res); - if (count == 0) { - DEBUG(1,("enum_dom_groups: No groups found\n")); - goto done; - } - - (*info) = talloc_zero(mem_ctx, count * sizeof(**info)); - if (!*info) { - status = NT_STATUS_NO_MEMORY; - goto done; - } - - i = 0; - - group_flags = ATYPE_GLOBAL_GROUP; - if ( domain->native_mode ) - group_flags |= ATYPE_LOCAL_GROUP; - - for (msg = ads_first_entry(ads, res); msg; msg = ads_next_entry(ads, msg)) { - char *name, *gecos; - DOM_SID sid; - uint32 rid; - uint32 account_type; - - if (!ads_pull_uint32(ads, msg, "sAMAccountType", &account_type) || !(account_type & group_flags) ) - continue; - - name = ads_pull_username(ads, mem_ctx, msg); - gecos = ads_pull_string(ads, mem_ctx, msg, "name"); - if (!ads_pull_sid(ads, msg, "objectSid", &sid)) { - DEBUG(1,("No sid for %s !?\n", name)); - continue; - } - - if (!sid_peek_check_rid(&domain->sid, &sid, &rid)) { - DEBUG(1,("No rid for %s !?\n", name)); - continue; - } - - fstrcpy((*info)[i].acct_name, name); - fstrcpy((*info)[i].acct_desc, gecos); - (*info)[i].rid = rid; - i++; - } - - (*num_entries) = i; - - status = NT_STATUS_OK; - - DEBUG(3,("ads enum_dom_groups gave %d entries\n", (*num_entries))); - -done: - if (res) ads_msgfree(ads, res); - - return status; -} - -/* list all domain local groups */ -static NTSTATUS enum_local_groups(struct winbindd_domain *domain, - TALLOC_CTX *mem_ctx, - uint32 *num_entries, - struct acct_info **info) -{ - /* - * This is a stub function only as we returned the domain - * ocal groups in enum_dom_groups() if the domain->native field - * was true. This is a simple performance optimization when - * using LDAP. - * - * if we ever need to enumerate domain local groups separately, - * then this the optimization in enum_dom_groups() will need - * to be split out - */ - *num_entries = 0; - - return NT_STATUS_OK; -} - -/* convert a single name to a sid in a domain */ -static NTSTATUS name_to_sid(struct winbindd_domain *domain, - TALLOC_CTX *mem_ctx, - const char *name, - DOM_SID *sid, - enum SID_NAME_USE *type) -{ - ADS_STRUCT *ads; - - DEBUG(3,("ads: name_to_sid\n")); - - ads = ads_cached_connection(domain); - if (!ads) - return NT_STATUS_UNSUCCESSFUL; - - return ads_name_to_sid(ads, name, sid, type); -} - -/* convert a sid to a user or group name */ -static NTSTATUS sid_to_name(struct winbindd_domain *domain, - TALLOC_CTX *mem_ctx, - DOM_SID *sid, - char **name, - enum SID_NAME_USE *type) -{ - ADS_STRUCT *ads = NULL; - DEBUG(3,("ads: sid_to_name\n")); - ads = ads_cached_connection(domain); - if (!ads) - return NT_STATUS_UNSUCCESSFUL; - - return ads_sid_to_name(ads, mem_ctx, sid, name, type); -} - - -/* convert a DN to a name, SID and name type - this might become a major speed bottleneck if groups have - lots of users, in which case we could cache the results -*/ -static BOOL dn_lookup(ADS_STRUCT *ads, TALLOC_CTX *mem_ctx, - const char *dn, - char **name, uint32 *name_type, DOM_SID *sid) -{ - char *exp; - void *res = NULL; - const char *attrs[] = {"userPrincipalName", "sAMAccountName", - "objectSid", "sAMAccountType", NULL}; - ADS_STATUS rc; - uint32 atype; - char *escaped_dn = escape_ldap_string_alloc(dn); - - if (!escaped_dn) { - return False; - } - - asprintf(&exp, "(distinguishedName=%s)", dn); - rc = ads_search_retry(ads, &res, exp, attrs); - SAFE_FREE(exp); - SAFE_FREE(escaped_dn); - - if (!ADS_ERR_OK(rc)) { - goto failed; - } - - (*name) = ads_pull_username(ads, mem_ctx, res); - - if (!ads_pull_uint32(ads, res, "sAMAccountType", &atype)) { - goto failed; - } - (*name_type) = ads_atype_map(atype); - - if (!ads_pull_sid(ads, res, "objectSid", sid)) { - goto failed; - } - - if (res) ads_msgfree(ads, res); - return True; - -failed: - if (res) ads_msgfree(ads, res); - return False; -} - -/* Lookup user information from a rid */ -static NTSTATUS query_user(struct winbindd_domain *domain, - TALLOC_CTX *mem_ctx, - DOM_SID *sid, - WINBIND_USERINFO *info) -{ - ADS_STRUCT *ads = NULL; - const char *attrs[] = {"userPrincipalName", - "sAMAccountName", - "name", - "primaryGroupID", NULL}; - ADS_STATUS rc; - int count; - void *msg = NULL; - char *exp; - char *sidstr; - uint32 group_rid; - NTSTATUS status = NT_STATUS_UNSUCCESSFUL; - DOM_SID *sid2; - fstring sid_string; - - DEBUG(3,("ads: query_user\n")); - - ads = ads_cached_connection(domain); - if (!ads) goto done; - - sidstr = sid_binstring(sid); - asprintf(&exp, "(objectSid=%s)", sidstr); - rc = ads_search_retry(ads, &msg, exp, attrs); - free(exp); - free(sidstr); - if (!ADS_ERR_OK(rc)) { - DEBUG(1,("query_user(sid=%s) ads_search: %s\n", sid_to_string(sid_string, sid), ads_errstr(rc))); - goto done; - } - - count = ads_count_replies(ads, msg); - if (count != 1) { - DEBUG(1,("query_user(sid=%s): Not found\n", sid_to_string(sid_string, sid))); - goto done; - } - - info->acct_name = ads_pull_username(ads, mem_ctx, msg); - info->full_name = ads_pull_string(ads, mem_ctx, msg, "name"); - - if (!ads_pull_uint32(ads, msg, "primaryGroupID", &group_rid)) { - DEBUG(1,("No primary group for %s !?\n", sid_to_string(sid_string, sid))); - goto done; - } - - sid2 = talloc(mem_ctx, sizeof(*sid2)); - if (!sid2) { - status = NT_STATUS_NO_MEMORY; - goto done; - } - sid_copy(sid2, sid); - - info->user_sid = sid2; - - info->group_sid = rid_to_talloced_sid(domain, mem_ctx, group_rid); - - status = NT_STATUS_OK; - - DEBUG(3,("ads query_user gave %s\n", info->acct_name)); -done: - if (msg) ads_msgfree(ads, msg); - - return status; -} - -/* Lookup groups a user is a member of - alternate method, for when - tokenGroups are not available. */ -static NTSTATUS lookup_usergroups_alt(struct winbindd_domain *domain, - TALLOC_CTX *mem_ctx, - const char *user_dn, - DOM_SID *primary_group, - uint32 *num_groups, DOM_SID ***user_gids) -{ - ADS_STATUS rc; - NTSTATUS status = NT_STATUS_UNSUCCESSFUL; - int count; - void *res = NULL; - void *msg = NULL; - char *exp; - ADS_STRUCT *ads; - const char *group_attrs[] = {"objectSid", NULL}; - - ads = ads_cached_connection(domain); - if (!ads) goto done; - - /* buggy server, no tokenGroups. Instead lookup what groups this user - is a member of by DN search on member*/ - if (asprintf(&exp, "(&(member=%s)(objectClass=group))", user_dn) == -1) { - DEBUG(1,("lookup_usergroups(dn=%s) asprintf failed!\n", user_dn)); - return NT_STATUS_NO_MEMORY; - } - - rc = ads_search_retry(ads, &res, exp, group_attrs); - free(exp); - - if (!ADS_ERR_OK(rc)) { - DEBUG(1,("lookup_usergroups ads_search member=%s: %s\n", user_dn, ads_errstr(rc))); - return ads_ntstatus(rc); - } - - count = ads_count_replies(ads, res); - if (count == 0) { - DEBUG(5,("lookup_usergroups: No supp groups found\n")); - - status = ads_ntstatus(rc); - goto done; - } - - (*user_gids) = talloc_zero(mem_ctx, sizeof(**user_gids) * (count + 1)); - (*user_gids)[0] = primary_group; - - *num_groups = 1; - - for (msg = ads_first_entry(ads, res); msg; msg = ads_next_entry(ads, msg)) { - DOM_SID group_sid; - - if (!ads_pull_sid(ads, msg, "objectSid", &group_sid)) { - DEBUG(1,("No sid for this group ?!?\n")); - continue; - } - - if (sid_equal(&group_sid, primary_group)) continue; - - (*user_gids)[*num_groups] = talloc(mem_ctx, sizeof(***user_gids)); - if (!(*user_gids)[*num_groups]) { - status = NT_STATUS_NO_MEMORY; - goto done; - } - - sid_copy((*user_gids)[*num_groups], &group_sid); - - (*num_groups)++; - - } - - status = NT_STATUS_OK; - - DEBUG(3,("ads lookup_usergroups (alt) for dn=%s\n", user_dn)); -done: - if (res) ads_msgfree(ads, res); - if (msg) ads_msgfree(ads, msg); - - return status; -} - -/* Lookup groups a user is a member of. */ -static NTSTATUS lookup_usergroups(struct winbindd_domain *domain, - TALLOC_CTX *mem_ctx, - DOM_SID *sid, - uint32 *num_groups, DOM_SID ***user_gids) -{ - ADS_STRUCT *ads = NULL; - const char *attrs[] = {"distinguishedName", NULL}; - const char *attrs2[] = {"tokenGroups", "primaryGroupID", NULL}; - ADS_STATUS rc; - int count; - void *msg = NULL; - char *exp; - char *user_dn; - DOM_SID *sids; - int i; - DOM_SID *primary_group; - uint32 primary_group_rid; - char *sidstr; - fstring sid_string; - NTSTATUS status = NT_STATUS_UNSUCCESSFUL; - - DEBUG(3,("ads: lookup_usergroups\n")); - *num_groups = 0; - - ads = ads_cached_connection(domain); - if (!ads) goto done; - - if (!(sidstr = sid_binstring(sid))) { - DEBUG(1,("lookup_usergroups(sid=%s) sid_binstring returned NULL\n", sid_to_string(sid_string, sid))); - status = NT_STATUS_NO_MEMORY; - goto done; - } - if (asprintf(&exp, "(objectSid=%s)", sidstr) == -1) { - free(sidstr); - DEBUG(1,("lookup_usergroups(sid=%s) asprintf failed!\n", sid_to_string(sid_string, sid))); - status = NT_STATUS_NO_MEMORY; - goto done; - } - - rc = ads_search_retry(ads, &msg, exp, attrs); - free(exp); - free(sidstr); - - if (!ADS_ERR_OK(rc)) { - DEBUG(1,("lookup_usergroups(sid=%s) ads_search: %s\n", sid_to_string(sid_string, sid), ads_errstr(rc))); - goto done; - } - - user_dn = ads_pull_string(ads, mem_ctx, msg, "distinguishedName"); - if (!user_dn) { - DEBUG(1,("lookup_usergroups(sid=%s) ads_search did not return a a distinguishedName!\n", sid_to_string(sid_string, sid))); - if (msg) ads_msgfree(ads, msg); - goto done; - } - - if (msg) ads_msgfree(ads, msg); - - rc = ads_search_retry_dn(ads, &msg, user_dn, attrs2); - if (!ADS_ERR_OK(rc)) { - DEBUG(1,("lookup_usergroups(sid=%s) ads_search tokenGroups: %s\n", sid_to_string(sid_string, sid), ads_errstr(rc))); - goto done; - } - - if (!ads_pull_uint32(ads, msg, "primaryGroupID", &primary_group_rid)) { - DEBUG(1,("%s: No primary group for sid=%s !?\n", domain->name, sid_to_string(sid_string, sid))); - goto done; - } - - primary_group = rid_to_talloced_sid(domain, mem_ctx, primary_group_rid); - - count = ads_pull_sids(ads, mem_ctx, msg, "tokenGroups", &sids); - - if (msg) ads_msgfree(ads, msg); - - /* there must always be at least one group in the token, - unless we are talking to a buggy Win2k server */ - if (count == 0) { - return lookup_usergroups_alt(domain, mem_ctx, user_dn, - primary_group, - num_groups, user_gids); - } - - (*user_gids) = talloc_zero(mem_ctx, sizeof(**user_gids) * (count + 1)); - (*user_gids)[0] = primary_group; - - *num_groups = 1; - - for (i=0;i<count;i++) { - if (sid_equal(&sids[i], primary_group)) continue; - - (*user_gids)[*num_groups] = talloc(mem_ctx, sizeof(***user_gids)); - if (!(*user_gids)[*num_groups]) { - status = NT_STATUS_NO_MEMORY; - goto done; - } - - sid_copy((*user_gids)[*num_groups], &sids[i]); - (*num_groups)++; - } - - status = NT_STATUS_OK; - DEBUG(3,("ads lookup_usergroups for sid=%s\n", sid_to_string(sid_string, sid))); -done: - return status; -} - -/* - find the members of a group, given a group rid and domain - */ -static NTSTATUS lookup_groupmem(struct winbindd_domain *domain, - TALLOC_CTX *mem_ctx, - DOM_SID *group_sid, uint32 *num_names, - DOM_SID ***sid_mem, char ***names, - uint32 **name_types) -{ - ADS_STATUS rc; - int count; - void *res=NULL; - ADS_STRUCT *ads = NULL; - char *exp; - NTSTATUS status = NT_STATUS_UNSUCCESSFUL; - char *sidstr; - const char *attrs[] = {"member", NULL}; - char **members; - int i, num_members; - fstring sid_string; - - *num_names = 0; - - ads = ads_cached_connection(domain); - if (!ads) goto done; - - sidstr = sid_binstring(group_sid); - - /* search for all members of the group */ - asprintf(&exp, "(objectSid=%s)",sidstr); - rc = ads_search_retry(ads, &res, exp, attrs); - free(exp); - free(sidstr); - - if (!ADS_ERR_OK(rc)) { - DEBUG(1,("query_user_list ads_search: %s\n", ads_errstr(rc))); - goto done; - } - - count = ads_count_replies(ads, res); - if (count == 0) { - status = NT_STATUS_OK; - goto done; - } - - members = ads_pull_strings(ads, mem_ctx, res, "member"); - if (!members) { - /* no members? ok ... */ - status = NT_STATUS_OK; - goto done; - } - - /* now we need to turn a list of members into rids, names and name types - the problem is that the members are in the form of distinguised names - */ - for (i=0;members[i];i++) /* noop */ ; - num_members = i; - - (*sid_mem) = talloc_zero(mem_ctx, sizeof(**sid_mem) * num_members); - (*name_types) = talloc_zero(mem_ctx, sizeof(**name_types) * num_members); - (*names) = talloc_zero(mem_ctx, sizeof(**names) * num_members); - - for (i=0;i<num_members;i++) { - uint32 name_type; - char *name; - DOM_SID sid; - - if (dn_lookup(ads, mem_ctx, members[i], &name, &name_type, &sid)) { - (*names)[*num_names] = name; - (*name_types)[*num_names] = name_type; - (*sid_mem)[*num_names] = talloc(mem_ctx, sizeof(***sid_mem)); - if (!(*sid_mem)[*num_names]) { - status = NT_STATUS_NO_MEMORY; - goto done; - } - sid_copy((*sid_mem)[*num_names], &sid); - (*num_names)++; - } - } - - status = NT_STATUS_OK; - DEBUG(3,("ads lookup_groupmem for sid=%s\n", sid_to_string(sid_string, group_sid))); -done: - if (res) ads_msgfree(ads, res); - - return status; -} - - -/* find the sequence number for a domain */ -static NTSTATUS sequence_number(struct winbindd_domain *domain, uint32 *seq) -{ - ADS_STRUCT *ads = NULL; - ADS_STATUS rc; - - *seq = DOM_SEQUENCE_NONE; - - ads = ads_cached_connection(domain); - if (!ads) return NT_STATUS_UNSUCCESSFUL; - - rc = ads_USN(ads, seq); - if (!ADS_ERR_OK(rc)) { - /* its a dead connection */ - ads_destroy(&ads); - domain->private = NULL; - } - return ads_ntstatus(rc); -} - -/* get a list of trusted domains */ -static NTSTATUS trusted_domains(struct winbindd_domain *domain, - TALLOC_CTX *mem_ctx, - uint32 *num_domains, - char ***names, - char ***alt_names, - DOM_SID **dom_sids) -{ - ADS_STRUCT *ads; - ADS_STATUS rc; - - *num_domains = 0; - *names = NULL; - - ads = ads_cached_connection(domain); - if (!ads) return NT_STATUS_UNSUCCESSFUL; - - rc = ads_trusted_domains(ads, mem_ctx, num_domains, names, alt_names, dom_sids); - - return ads_ntstatus(rc); -} - -/* find the domain sid for a domain */ -static NTSTATUS domain_sid(struct winbindd_domain *domain, DOM_SID *sid) -{ - ADS_STRUCT *ads; - ADS_STATUS rc; - - ads = ads_cached_connection(domain); - if (!ads) return NT_STATUS_UNSUCCESSFUL; - - rc = ads_domain_sid(ads, sid); - - if (!ADS_ERR_OK(rc)) { - /* its a dead connection */ - ads_destroy(&ads); - domain->private = NULL; - } - - return ads_ntstatus(rc); -} - - -/* find alternate names list for the domain - for ADS this is the - netbios name */ -static NTSTATUS alternate_name(struct winbindd_domain *domain) -{ - ADS_STRUCT *ads; - ADS_STATUS rc; - TALLOC_CTX *ctx; - char *workgroup; - - ads = ads_cached_connection(domain); - if (!ads) return NT_STATUS_UNSUCCESSFUL; - - if (!(ctx = talloc_init("alternate_name"))) { - return NT_STATUS_NO_MEMORY; - } - - rc = ads_workgroup_name(ads, ctx, &workgroup); - - if (ADS_ERR_OK(rc)) { - fstrcpy(domain->name, workgroup); - fstrcpy(domain->alt_name, ads->config.realm); - strupper(domain->alt_name); - strupper(domain->name); - } - - talloc_destroy(ctx); - - return ads_ntstatus(rc); -} - -/* the ADS backend methods are exposed via this structure */ -struct winbindd_methods ads_methods = { - True, - query_user_list, - enum_dom_groups, - enum_local_groups, - name_to_sid, - sid_to_name, - query_user, - lookup_usergroups, - lookup_groupmem, - sequence_number, - trusted_domains, - domain_sid, - alternate_name -}; - -#endif |