summaryrefslogtreecommitdiff
path: root/source4
diff options
context:
space:
mode:
Diffstat (limited to 'source4')
-rw-r--r--source4/lib/ldb/common/ldb_modules.c11
-rw-r--r--source4/lib/ldb/config.mk3
-rw-r--r--source4/lib/ldb/ldb_map/ldb_map.c11
-rw-r--r--source4/lib/ldb/samba/samba3sam.c (renamed from source4/lib/samba3/ldb_samba3.c)6
-rw-r--r--source4/lib/ldb/tests/samba3.ldif203
-rwxr-xr-xsource4/lib/ldb/tests/test-samba3sam.sh8
-rw-r--r--source4/lib/ldb/tools/cmdline.c5
-rw-r--r--source4/lib/samba3/config.mk1
-rw-r--r--source4/param/loadparm.c140
9 files changed, 242 insertions, 146 deletions
diff --git a/source4/lib/ldb/common/ldb_modules.c b/source4/lib/ldb/common/ldb_modules.c
index ab743d1b49..20e8ad061e 100644
--- a/source4/lib/ldb/common/ldb_modules.c
+++ b/source4/lib/ldb/common/ldb_modules.c
@@ -226,6 +226,17 @@ int ldb_load_modules(struct ldb_context *ldb, const char *options[])
DLIST_ADD(ldb->modules, current);
continue;
}
+
+ if (strcmp(modules[i], "samba3sam") == 0) {
+ current = ldb_samba3sam_module_init(ldb, options);
+ if (!current) {
+ ldb_debug(ldb, LDB_DEBUG_FATAL, "function 'init_module' in %s fails\n", modules[i]);
+ return -1;
+ }
+ DLIST_ADD(ldb->modules, current);
+ continue;
+ }
+
#endif
ldb_debug(ldb, LDB_DEBUG_WARNING, "WARNING: Module [%s] not found\n", modules[i]);
diff --git a/source4/lib/ldb/config.mk b/source4/lib/ldb/config.mk
index 76059b3b60..23a99e367b 100644
--- a/source4/lib/ldb/config.mk
+++ b/source4/lib/ldb/config.mk
@@ -115,7 +115,8 @@ REQUIRED_SUBSYSTEMS = \
# Start SUBSYSTEM LDBSAMBA
[SUBSYSTEM::LDBSAMBA]
OBJ_FILES = \
- lib/ldb/samba/ldif_handlers.o
+ lib/ldb/samba/ldif_handlers.o \
+ lib/ldb/samba/samba3sam.o
# End SUBSYSTEM LDBSAMBA
################################################
diff --git a/source4/lib/ldb/ldb_map/ldb_map.c b/source4/lib/ldb/ldb_map/ldb_map.c
index dea3c24e37..2082abe79a 100644
--- a/source4/lib/ldb/ldb_map/ldb_map.c
+++ b/source4/lib/ldb/ldb_map/ldb_map.c
@@ -126,6 +126,9 @@ static struct ldb_dn *map_remote_dn(struct ldb_module *module, const struct ldb_
struct ldb_dn *newdn;
int i;
+ if (dn == NULL)
+ return NULL;
+
newdn = talloc_memdup(module, dn, sizeof(*dn));
if (!newdn)
return NULL;
@@ -183,6 +186,9 @@ static struct ldb_dn *map_local_dn(struct ldb_module *module, const struct ldb_d
int i;
struct ldb_parse_tree eqtree, *new_eqtree;
+ if (dn == NULL)
+ return NULL;
+
newdn = talloc_memdup(module, dn, sizeof(*dn));
if (!newdn)
return NULL;
@@ -252,8 +258,6 @@ static struct ldb_dn *map_local_dn(struct ldb_module *module, const struct ldb_d
return newdn;
}
-
-
/* Loop over ldb_map_attribute array and add remote_names */
static const char **ldb_map_attrs(struct ldb_module *module, const char *const attrs[])
{
@@ -261,6 +265,9 @@ static const char **ldb_map_attrs(struct ldb_module *module, const char *const a
const char **ret;
int ar_size = 0, last_element = 0;
+ if (attrs == NULL)
+ return NULL;
+
/* Start with good guess of number of elements */
for (i = 0; attrs[i]; i++);
diff --git a/source4/lib/samba3/ldb_samba3.c b/source4/lib/ldb/samba/samba3sam.c
index 68f5412c90..6c98ffc5c1 100644
--- a/source4/lib/samba3/ldb_samba3.c
+++ b/source4/lib/ldb/samba/samba3sam.c
@@ -1,5 +1,5 @@
/*
- ldb database library - Samba3 compatibility backend
+ ldb database library - Samba3 SAM compatibility backend
Copyright (C) Jelmer Vernooij 2005
@@ -189,9 +189,9 @@ const struct ldb_map_attribute samba3_attributes[] =
/* the init function */
#ifdef HAVE_DLOPEN_DISABLED
- struct ldb_module *init_module(struct ldb_context *ldb, const char *options[])
+struct ldb_module *init_module(struct ldb_context *ldb, const char *options[])
#else
- struct ldb_module *ldb_samba3_module_init(struct ldb_context *ldb, const char *options[])
+struct ldb_module *ldb_samba3sam_module_init(struct ldb_context *ldb, const char *options[])
#endif
{
return ldb_map_init(ldb, &samba3_attributes, &samba3_objectclasses, options);
diff --git a/source4/lib/ldb/tests/samba3.ldif b/source4/lib/ldb/tests/samba3.ldif
new file mode 100644
index 0000000000..fb0a1386d4
--- /dev/null
+++ b/source4/lib/ldb/tests/samba3.ldif
@@ -0,0 +1,203 @@
+dn: dc=idealx,dc=org
+objectClass: dcObject
+objectclass: organization
+o: idealx
+dc: idealx
+
+dn: ou=Users,dc=idealx,dc=org
+objectClass: organizationalUnit
+ou: Users
+
+dn: ou=Groups,dc=idealx,dc=org
+objectClass: organizationalUnit
+ou: Groups
+
+dn: ou=Computers,dc=idealx,dc=org
+objectClass: organizationalUnit
+ou: Computers
+dn: uid=Administrator,ou=Users,dc=idealx,dc=org
+cn: Administrator
+sn: Administrator
+objectClass: inetOrgPerson
+objectClass: sambaSAMAccount
+objectClass: posixAccount
+objectClass: shadowAccount
+gidNumber: 512
+uid: Administrator
+uidNumber: 0
+homeDirectory: /home/%U
+sambaPwdLastSet: 0
+sambaLogonTime: 0
+sambaLogoffTime: 2147483647
+sambaKickoffTime: 2147483647
+sambaPwdCanChange: 0
+sambaPwdMustChange: 2147483647
+sambaHomePath: \\PDC-SMB3\home\%U
+sambaHomeDrive: H:
+sambaProfilePath: \\PDC-SMB3\profiles\%U\Administrator
+sambaPrimaryGroupSID: S-1-5-21-4231626423-2410014848-2360679739-512
+sambaLMPassword: XXX
+sambaNTPassword: XXX
+sambaAcctFlags: [U ]
+sambaSID: S-1-5-21-4231626423-2410014848-2360679739-2996
+loginShell: /bin/false
+gecos: Netbios Domain Administrator
+
+dn: uid=nobody,ou=Users,dc=idealx,dc=org
+cn: nobody
+sn: nobody
+objectClass: inetOrgPerson
+objectClass: sambaSAMAccount
+objectClass: posixAccount
+objectClass: shadowAccount
+gidNumber: 514
+uid: nobody
+uidNumber: 999
+homeDirectory: /dev/null
+sambaPwdLastSet: 0
+sambaLogonTime: 0
+sambaLogoffTime: 2147483647
+sambaKickoffTime: 2147483647
+sambaPwdCanChange: 0
+sambaPwdMustChange: 2147483647
+sambaHomePath: \\PDC-SMB3\home\%U
+sambaHomeDrive: H:
+sambaProfilePath: \\PDC-SMB3\profiles\%U\nobody
+sambaPrimaryGroupSID: S-1-5-21-4231626423-2410014848-2360679739-514
+sambaLMPassword: NO PASSWORDXXXXXXXXXXXXXXXXXXXXX
+sambaNTPassword: NO PASSWORDXXXXXXXXXXXXXXXXXXXXX
+sambaAcctFlags: [NU ]
+sambaSID: S-1-5-21-4231626423-2410014848-2360679739-2998
+loginShell: /bin/false
+
+dn: cn=Domain Admins,ou=Groups,dc=idealx,dc=org
+objectClass: posixGroup
+objectClass: sambaGroupMapping
+gidNumber: 512
+cn: Domain Admins
+memberUid: Administrator
+description: Netbios Domain Administrators
+sambaSID: S-1-5-21-4231626423-2410014848-2360679739-512
+sambaGroupType: 2
+displayName: Domain Admins
+
+dn: cn=Domain Users,ou=Groups,dc=idealx,dc=org
+objectClass: posixGroup
+objectClass: sambaGroupMapping
+gidNumber: 513
+cn: Domain Users
+description: Netbios Domain Users
+sambaSID: S-1-5-21-4231626423-2410014848-2360679739-513
+sambaGroupType: 2
+displayName: Domain Users
+
+dn: cn=Domain Guests,ou=Groups,dc=idealx,dc=org
+objectClass: posixGroup
+objectClass: sambaGroupMapping
+gidNumber: 514
+cn: Domain Guests
+description: Netbios Domain Guests Users
+sambaSID: S-1-5-21-4231626423-2410014848-2360679739-514
+sambaGroupType: 2
+displayName: Domain Guests
+
+dn: cn=Print Operators,ou=Groups,dc=idealx,dc=org
+objectClass: posixGroup
+objectClass: sambaGroupMapping
+gidNumber: 550
+cn: Print Operators
+description: Netbios Domain Print Operators
+sambaSID: S-1-5-21-4231626423-2410014848-2360679739-550
+sambaGroupType: 2
+displayName: Print Operators
+
+dn: cn=Backup Operators,ou=Groups,dc=idealx,dc=org
+objectClass: posixGroup
+objectClass: sambaGroupMapping
+gidNumber: 551
+cn: Backup Operators
+description: Netbios Domain Members can bypass file security to back up files
+sambaSID: S-1-5-21-4231626423-2410014848-2360679739-551
+sambaGroupType: 2
+displayName: Backup Operators
+
+dn: cn=Replicator,ou=Groups,dc=idealx,dc=org
+objectClass: posixGroup
+objectClass: sambaGroupMapping
+gidNumber: 552
+cn: Replicator
+description: Netbios Domain Supports file replication in a sambaDomainName
+sambaSID: S-1-5-21-4231626423-2410014848-2360679739-552
+sambaGroupType: 2
+displayName: Replicator
+
+dn: cn=Domain Computers,ou=Groups,dc=idealx,dc=org
+objectClass: posixGroup
+objectClass: sambaGroupMapping
+gidNumber: 553
+cn: Domain Computers
+description: Netbios Domain Computers accounts
+sambaSID: S-1-5-21-4231626423-2410014848-2360679739-553
+sambaGroupType: 2
+displayName: Domain Computers
+
+dn: cn=Administrators,ou=Groups,dc=idealx,dc=org
+objectClass: posixGroup
+objectClass: sambaGroupMapping
+gidNumber: 544
+cn: Administrators
+description: Netbios Domain Members can fully administer the computer/sambaDomainName
+sambaSID: S-1-5-21-4231626423-2410014848-2360679739-544
+sambaGroupType: 2
+displayName: Administrators
+
+dn: cn=Users,ou=Groups,dc=idealx,dc=org
+objectClass: posixGroup
+objectClass: sambaGroupMapping
+gidNumber: 545
+cn: Users
+description: Netbios Domain Ordinary users
+sambaSID: S-1-5-21-4231626423-2410014848-2360679739-545
+sambaGroupType: 2
+displayName: users
+
+dn: cn=Guests,ou=Groups,dc=idealx,dc=org
+objectClass: posixGroup
+objectClass: sambaGroupMapping
+gidNumber: 546
+cn: Guests
+memberUid: nobody
+description: Netbios Domain Users granted guest access to the computer/sambaDomainName
+sambaSID: S-1-5-21-4231626423-2410014848-2360679739-546
+sambaGroupType: 2
+displayName: Guests
+
+dn: cn=Power Users,ou=Groups,dc=idealx,dc=org
+objectClass: posixGroup
+objectClass: sambaGroupMapping
+gidNumber: 547
+cn: Power Users
+description: Netbios Domain Members can share directories and printers
+sambaSID: S-1-5-21-4231626423-2410014848-2360679739-547
+sambaGroupType: 2
+displayName: Power Users
+
+dn: cn=Account Operators,ou=Groups,dc=idealx,dc=org
+objectClass: posixGroup
+objectClass: sambaGroupMapping
+gidNumber: 548
+cn: Account Operators
+description: Netbios Domain Users to manipulate users accounts
+sambaSID: S-1-5-21-4231626423-2410014848-2360679739-548
+sambaGroupType: 2
+displayName: Account Operators
+
+dn: cn=Server Operators,ou=Groups,dc=idealx,dc=org
+objectClass: posixGroup
+objectClass: sambaGroupMapping
+gidNumber: 549
+cn: Server Operators
+description: Netbios Domain Server Operators
+sambaSID: S-1-5-21-4231626423-2410014848-2360679739-549
+sambaGroupType: 2
+displayName: Server Operators
diff --git a/source4/lib/ldb/tests/test-samba3sam.sh b/source4/lib/ldb/tests/test-samba3sam.sh
new file mode 100755
index 0000000000..60d429e3b1
--- /dev/null
+++ b/source4/lib/ldb/tests/test-samba3sam.sh
@@ -0,0 +1,8 @@
+#!/bin/sh
+
+rm -f samba3.ldb
+
+$VALGRIND ldbadd -H tdb://samba3.ldb < samba3.ldif
+
+OPT="-o modules:samba3sam -H tdb://samba3.ldb "
+$VALGRIND ldbsearch $OPT "(cn=Administrator)"
diff --git a/source4/lib/ldb/tools/cmdline.c b/source4/lib/ldb/tools/cmdline.c
index cde357a088..fb0292b7d9 100644
--- a/source4/lib/ldb/tools/cmdline.c
+++ b/source4/lib/ldb/tools/cmdline.c
@@ -124,13 +124,14 @@ struct ldb_cmdline *ldb_cmdline_process(struct ldb_context *ldb, int argc, const
case 'o':
options.options = talloc_realloc(ret, options.options,
- const char *, num_options+2);
+ const char *, num_options+3);
if (options.options == NULL) {
ldb_oom(ldb);
goto failed;
}
- options.options[num_options++] = poptGetOptArg(pc);
+ options.options[num_options] = poptGetOptArg(pc);
options.options[num_options+1] = NULL;
+ num_options++;
break;
default:
diff --git a/source4/lib/samba3/config.mk b/source4/lib/samba3/config.mk
index eba694c2af..06b7e5e256 100644
--- a/source4/lib/samba3/config.mk
+++ b/source4/lib/samba3/config.mk
@@ -11,7 +11,6 @@ ADD_OBJ_FILES = \
lib/samba3/group.o \
lib/samba3/registry.o \
lib/samba3/secrets.o \
- lib/samba3/ldb_samba3.o \
lib/samba3/share_info.o \
lib/samba3/upgrade.o
# End SUBSYSTEM LIBSAMBA3
diff --git a/source4/param/loadparm.c b/source4/param/loadparm.c
index 3728881e33..3f6a22d404 100644
--- a/source4/param/loadparm.c
+++ b/source4/param/loadparm.c
@@ -137,9 +137,6 @@ typedef struct
char **dcerpc_ep_servers;
char **server_services;
char *ntptr_providor;
- char *szWinbindUID;
- char *szWinbindGID;
- char *szNonUnixAccountRange;
char *szWinbindSeparator;
char *swat_directory;
BOOL tls_enabled;
@@ -284,9 +281,6 @@ static int default_server_announce;
/* prototypes for the special type handlers */
static BOOL handle_include(const char *pszParmValue, char **ptr);
static BOOL handle_copy(const char *pszParmValue, char **ptr);
-static BOOL handle_winbind_uid(const char *pszParmValue, char **ptr);
-static BOOL handle_winbind_gid(const char *pszParmValue, char **ptr);
-static BOOL handle_non_unix_account_range(const char *pszParmValue, char **ptr);
static void set_server_role(void);
static void set_default_server_announce_type(void);
@@ -420,7 +414,6 @@ static struct parm_struct parm_table[] = {
{"spoolss database", P_STRING, P_GLOBAL, &Globals.szSPOOLSS_URL, NULL, NULL, FLAG_ADVANCED | FLAG_DEVELOPER},
{"wins database", P_STRING, P_GLOBAL, &Globals.szWINS_URL, NULL, NULL, FLAG_ADVANCED | FLAG_DEVELOPER},
{"private dir", P_STRING, P_GLOBAL, &Globals.szPrivateDir, NULL, NULL, FLAG_ADVANCED | FLAG_DEVELOPER},
- {"non unix account range", P_STRING, P_GLOBAL, &Globals.szNonUnixAccountRange, handle_non_unix_account_range, NULL, FLAG_ADVANCED | FLAG_DEVELOPER},
{"passwd chat", P_STRING, P_GLOBAL, &Globals.szPasswdChat, NULL, NULL, FLAG_ADVANCED | FLAG_DEVELOPER},
{"password level", P_INTEGER, P_GLOBAL, &Globals.pwordlevel, NULL, NULL, FLAG_ADVANCED | FLAG_DEVELOPER},
@@ -555,12 +548,7 @@ static struct parm_struct parm_table[] = {
{"msdfs root", P_BOOL, P_LOCAL, &sDefault.bMSDfsRoot, NULL, NULL, FLAG_SHARE},
{"host msdfs", P_BOOL, P_GLOBAL, &Globals.bHostMSDfs, NULL, NULL, FLAG_ADVANCED | FLAG_DEVELOPER},
-
- {"Winbind options", P_SEP, P_SEPARATOR},
-
- {"winbind uid", P_STRING, P_GLOBAL, &Globals.szWinbindUID, handle_winbind_uid, NULL, FLAG_ADVANCED | FLAG_DEVELOPER},
- {"winbind gid", P_STRING, P_GLOBAL, &Globals.szWinbindGID, handle_winbind_gid, NULL, FLAG_ADVANCED | FLAG_DEVELOPER},
- {"winbind separator", P_STRING, P_GLOBAL, &Globals.szWinbindSeparator, NULL, NULL, FLAG_ADVANCED | FLAG_DEVELOPER},
+ {"winbind separator", P_STRING, P_GLOBAL, &Globals.szWinbindSeparator, NULL, NULL, FLAG_ADVANCED | FLAG_DEVELOPER },
{NULL, P_BOOL, P_NONE, NULL, NULL, NULL, 0}
};
@@ -680,7 +668,7 @@ static void init_globals(void)
do_parameter("DomainLogons", "False", NULL);
do_parameter("WINSsupport", "False", NULL);
- do_parameter("WinbindSeparator", "\\", NULL);
+ do_parameter("winbind separator", "\\", NULL);
do_parameter("client signing", "Yes", NULL);
do_parameter("server signing", "auto", NULL);
@@ -821,6 +809,7 @@ FN_GLOBAL_STRING(lp_smb_passwd_file, &Globals.szSMBPasswdFile)
FN_GLOBAL_STRING(lp_sam_url, &Globals.szSAM_URL)
FN_GLOBAL_STRING(lp_spoolss_url, &Globals.szSPOOLSS_URL)
FN_GLOBAL_STRING(lp_wins_url, &Globals.szWINS_URL)
+FN_GLOBAL_CONST_STRING(lp_winbind_separator, &Globals.szWinbindSeparator)
FN_GLOBAL_STRING(lp_private_dir, &Globals.szPrivateDir)
FN_GLOBAL_STRING(lp_serverstring, &Globals.szServerString)
FN_GLOBAL_STRING(lp_lockdir, &Globals.szLockDir)
@@ -845,9 +834,6 @@ FN_GLOBAL_STRING(lp_socket_address, &Globals.szSocketAddress)
FN_GLOBAL_LIST(lp_netbios_aliases, &Globals.szNetbiosAliases)
FN_GLOBAL_STRING(lp_panic_action, &Globals.szPanicAction)
-
-FN_GLOBAL_CONST_STRING(lp_winbind_separator, &Globals.szWinbindSeparator)
-
FN_GLOBAL_BOOL(lp_disable_netbios, &Globals.bDisableNetbios)
FN_GLOBAL_BOOL(lp_wins_support, &Globals.bWINSsupport)
FN_GLOBAL_BOOL(lp_local_master, &Globals.bLocalMaster)
@@ -1685,126 +1671,6 @@ static BOOL handle_copy(const char *pszParmValue, char **ptr)
}
/***************************************************************************
- Handle winbind/non unix account uid and gid allocation parameters. The format of these
- parameters is:
-
- [global]
-
- winbind uid = 1000-1999
- winbind gid = 700-899
-
- We only do simple parsing checks here. The strings are parsed into useful
- structures in the winbind daemon code.
-
-***************************************************************************/
-
-/* Some lp_ routines to return winbind [ug]id information */
-
-static uid_t winbind_uid_low, winbind_uid_high;
-static gid_t winbind_gid_low, winbind_gid_high;
-static uint32_t non_unix_account_low, non_unix_account_high;
-
-BOOL lp_winbind_uid(uid_t *low, uid_t *high)
-{
- if (winbind_uid_low == 0 || winbind_uid_high == 0)
- return False;
-
- if (low)
- *low = winbind_uid_low;
-
- if (high)
- *high = winbind_uid_high;
-
- return True;
-}
-
-BOOL lp_winbind_gid(gid_t *low, gid_t *high)
-{
- if (winbind_gid_low == 0 || winbind_gid_high == 0)
- return False;
-
- if (low)
- *low = winbind_gid_low;
-
- if (high)
- *high = winbind_gid_high;
-
- return True;
-}
-
-BOOL lp_non_unix_account_range(uint32_t *low, uint32_t *high)
-{
- if (non_unix_account_low == 0 || non_unix_account_high == 0)
- return False;
-
- if (low)
- *low = non_unix_account_low;
-
- if (high)
- *high = non_unix_account_high;
-
- return True;
-}
-
-/* Do some simple checks on "winbind [ug]id" parameter values */
-
-static BOOL handle_winbind_uid(const char *pszParmValue, char **ptr)
-{
- uint32_t low, high;
-
- if (sscanf(pszParmValue, "%u-%u", &low, &high) != 2 || high < low)
- return False;
-
- /* Parse OK */
-
- string_set(ptr, pszParmValue);
-
- winbind_uid_low = low;
- winbind_uid_high = high;
-
- return True;
-}
-
-static BOOL handle_winbind_gid(const char *pszParmValue, char **ptr)
-{
- uint32_t low, high;
-
- if (sscanf(pszParmValue, "%u-%u", &low, &high) != 2 || high < low)
- return False;
-
- /* Parse OK */
-
- string_set(ptr, pszParmValue);
-
- winbind_gid_low = low;
- winbind_gid_high = high;
-
- return True;
-}
-
-/***************************************************************************
- Do some simple checks on "non unix account range" parameter values.
-***************************************************************************/
-
-static BOOL handle_non_unix_account_range(const char *pszParmValue, char **ptr)
-{
- uint32_t low, high;
-
- if (sscanf(pszParmValue, "%u-%u", &low, &high) != 2 || high < low)
- return False;
-
- /* Parse OK */
-
- string_set(ptr, pszParmValue);
-
- non_unix_account_low = low;
- non_unix_account_high = high;
-
- return True;
-}
-
-
-/***************************************************************************
Initialise a copymap.
***************************************************************************/