From d6de32db2f8d080cb746b3032c128f210154b75e Mon Sep 17 00:00:00 2001 From: "Gerald (Jerry) Carter" Date: Mon, 15 Sep 2008 15:41:37 -0500 Subject: winbindd: Add support for name aliasing. * Add support user and group name aliasing by expanding the ws_name_replace() and ws_name_return() functions. The lookup path is aliases -> qualified name -> SID SID -> fully qualified name -> alias In other words, the name aliasing support is a thin layer built on top of SID/NAME translation. * Rename the ws_name_XX() functions to normalize_name_map() and normalize_name_unmap(). Chaneg interface to return NTSTATUS rather than char *. * Add associated cache validation functions. --- source3/include/nss_info.h | 10 ++++++++++ 1 file changed, 10 insertions(+) (limited to 'source3/include') diff --git a/source3/include/nss_info.h b/source3/include/nss_info.h index 1ff9ebcd55..e756136b76 100644 --- a/source3/include/nss_info.h +++ b/source3/include/nss_info.h @@ -66,6 +66,10 @@ struct nss_info_methods { TALLOC_CTX *ctx, ADS_STRUCT *ads, LDAPMessage *msg, char **homedir, char **shell, char **gecos, gid_t *p_gid); + NTSTATUS (*map_to_alias)( TALLOC_CTX *mem_ctx, const char *domain, + const char *name, char **alias ); + NTSTATUS (*map_from_alias)( TALLOC_CTX *mem_ctx, const char *domain, + const char *alias, char **name ); NTSTATUS (*close_fn)( void ); }; @@ -84,6 +88,12 @@ NTSTATUS nss_get_info( const char *domain, const DOM_SID *user_sid, char **homedir, char **shell, char **gecos, gid_t *p_gid); +NTSTATUS nss_map_to_alias( TALLOC_CTX *mem_ctx, const char *domain, + const char *name, char **alias ); + +NTSTATUS nss_map_from_alias( TALLOC_CTX *mem_ctx, const char *domain, + const char *alias, char **name ); + NTSTATUS nss_close( const char *parameters ); #endif /* _IDMAP_NSS_H_ */ -- cgit From 28d2683903677d396c77c437fabd7ea807ff0de6 Mon Sep 17 00:00:00 2001 From: "Gerald (Jerry) Carter" Date: Tue, 16 Sep 2008 10:35:21 -0700 Subject: * Allow an admin to define the "uid" attribute for a RFC2307 user object in AD to be the username alias. For example: $ net ads search "(uid=coffeedude)" distinguishedName: CN=Gerald W. Carter,CN=Users,DC=pink,DC=plainjoe,DC=org sAMAccountName: gcarter memberOf: CN=UnixUsers,CN=Users,DC=pink,DC=plainjoe,DC=org memberOf: CN=Domain Admins,CN=Users,DC=pink,DC=plainjoe,DC=org memberOf: CN=Enterprise Admins,CN=Users,DC=pink,DC=plainjoe,DC=org memberOf: CN=Schema Admins,CN=Users,DC=pink,DC=plainjoe,DC=org uid: coffeedude uidNumber: 10000 gidNumber: 10000 unixHomeDirectory: /home/gcarter loginShell: /bin/bash $ ssh coffeedude@192.168.56.91 Password: coffeedude@orville:~$ id uid=10000(coffeedude) gid=10000(PINK\unixusers) groups=10000(PINK\unixusers) $ getent passwd PINK\\gcarter coffeedude:*:10000:10000::/home/gcarter:/bin/bash $ getent passwd coffeedude coffeedude:*:10000:10000::/home/gcarter:/bin/bash $ getent group PINK\\Unixusers PINK\unixusers:x:10000:coffeedude --- source3/include/ads.h | 5 +++++ 1 file changed, 5 insertions(+) (limited to 'source3/include') diff --git a/source3/include/ads.h b/source3/include/ads.h index 97faf0b6eb..b72d250940 100644 --- a/source3/include/ads.h +++ b/source3/include/ads.h @@ -133,6 +133,7 @@ struct posix_schema { char *posix_uidnumber_attr; char *posix_gidnumber_attr; char *posix_gecos_attr; + char *posix_uid_attr; }; @@ -179,6 +180,7 @@ typedef void **ADS_MODLIST; #define ADS_ATTR_SFU_HOMEDIR_OID "1.2.840.113556.1.6.18.1.344" #define ADS_ATTR_SFU_SHELL_OID "1.2.840.113556.1.6.18.1.312" #define ADS_ATTR_SFU_GECOS_OID "1.2.840.113556.1.6.18.1.337" +#define ADS_ATTR_SFU_UID_OID "1.2.840.113556.1.6.18.1.309" /* ldap attribute oids (Services for Unix 2.0) */ #define ADS_ATTR_SFU20_UIDNUMBER_OID "1.2.840.113556.1.4.7000.187.70" @@ -186,6 +188,8 @@ typedef void **ADS_MODLIST; #define ADS_ATTR_SFU20_HOMEDIR_OID "1.2.840.113556.1.4.7000.187.106" #define ADS_ATTR_SFU20_SHELL_OID "1.2.840.113556.1.4.7000.187.72" #define ADS_ATTR_SFU20_GECOS_OID "1.2.840.113556.1.4.7000.187.97" +#define ADS_ATTR_SFU20_UID_OID "1.2.840.113556.1.4.7000.187.102" + /* ldap attribute oids (RFC2307) */ #define ADS_ATTR_RFC2307_UIDNUMBER_OID "1.3.6.1.1.1.1.0" @@ -193,6 +197,7 @@ typedef void **ADS_MODLIST; #define ADS_ATTR_RFC2307_HOMEDIR_OID "1.3.6.1.1.1.1.3" #define ADS_ATTR_RFC2307_SHELL_OID "1.3.6.1.1.1.1.4" #define ADS_ATTR_RFC2307_GECOS_OID "1.3.6.1.1.1.1.2" +#define ADS_ATTR_RFC2307_UID_OID "0.9.2342.19200300.100.1.1" /* ldap bitwise searches */ #define ADS_LDAP_MATCHING_RULE_BIT_AND "1.2.840.113556.1.4.803" -- cgit