From b9b26be1744b792a54f0a77af140237b4dc5a870 Mon Sep 17 00:00:00 2001 From: Gerald Carter Date: Wed, 24 Jan 2007 01:48:08 +0000 Subject: r20986: Commit the prototype of the nss_info plugin interface. This allows a provider to supply the homedirectory, etc... attributes for a user without requiring support in core winbindd code. The idmap_ad.c module has been modified to provide the idmap 'ad' library as well as the rfc2307 and sfu "winbind nss info" support. The SID/id mapping is working in idmap_ad but the nss_info still has a few quirks that I'm in the process of resolving. (This used to be commit aaec0115e2c96935499052d9a637a20c6445986e) --- source3/nsswitch/winbindd_ads.c | 74 +++++++++-------------------------------- 1 file changed, 15 insertions(+), 59 deletions(-) (limited to 'source3/nsswitch/winbindd_ads.c') diff --git a/source3/nsswitch/winbindd_ads.c b/source3/nsswitch/winbindd_ads.c index 8cb60806f8..fc6308deed 100644 --- a/source3/nsswitch/winbindd_ads.c +++ b/source3/nsswitch/winbindd_ads.c @@ -40,7 +40,6 @@ static ADS_STRUCT *ads_cached_connection(struct winbindd_domain *domain) { ADS_STRUCT *ads; ADS_STATUS status; - enum wb_posix_mapping map_type; DEBUG(10,("ads_cached_connection\n")); @@ -126,17 +125,9 @@ static ADS_STRUCT *ads_cached_connection(struct winbindd_domain *domain) return NULL; } - map_type = get_nss_info(domain->name); + /* initialize the nss backend for this domain */ - if ((map_type == WB_POSIX_MAP_RFC2307)|| - (map_type == WB_POSIX_MAP_SFU)) { - - status = ads_check_posix_schema_mapping(ads, map_type); - if (!ADS_ERR_OK(status)) { - DEBUG(10,("ads_check_posix_schema_mapping failed " - "with: %s\n", ads_errstr(status))); - } - } + idmap_nss_init_domain( domain->name ); /* set the flag that says we don't own the memory even though we do so that ads_destroy() won't destroy the @@ -156,17 +147,7 @@ static NTSTATUS query_user_list(struct winbindd_domain *domain, WINBIND_USERINFO **info) { ADS_STRUCT *ads = NULL; - const char *attrs[] = {"userPrincipalName", - "sAMAccountName", - "name", "objectSid", "primaryGroupID", - "sAMAccountType", - ADS_ATTR_SFU_HOMEDIR_OID, - ADS_ATTR_SFU_SHELL_OID, - ADS_ATTR_SFU_GECOS_OID, - ADS_ATTR_RFC2307_HOMEDIR_OID, - ADS_ATTR_RFC2307_SHELL_OID, - ADS_ATTR_RFC2307_GECOS_OID, - NULL}; + const char *attrs[] = { "*", NULL }; int i, count; ADS_STATUS rc; LDAPMessage *res = NULL; @@ -210,6 +191,8 @@ static NTSTATUS query_user_list(struct winbindd_domain *domain, char *shell = NULL; uint32 group; uint32 atype; + DOM_SID user_sid; + gid_t primary_gid = (gid_t)-1; if (!ads_pull_uint32(ads, msg, "sAMAccountType", &atype) || ads_atype_map(atype) != SID_NAME_USER) { @@ -219,17 +202,10 @@ static NTSTATUS query_user_list(struct winbindd_domain *domain, name = ads_pull_username(ads, mem_ctx, msg); - if (get_nss_info(domain->name) && ads->schema.map_type) { - - DEBUG(10,("pulling posix attributes (%s schema)\n", - wb_posix_map_str(ads->schema.map_type))); - - homedir = ads_pull_string(ads, mem_ctx, msg, - ads->schema.posix_homedir_attr); - shell = ads_pull_string(ads, mem_ctx, msg, - ads->schema.posix_shell_attr); - gecos = ads_pull_string(ads, mem_ctx, msg, - ads->schema.posix_gecos_attr); + if ( ads_pull_sid( ads, msg, "objectSid", &user_sid ) ) { + status = nss_get_info( domain->name, &user_sid, mem_ctx, + ads, msg, &homedir, &shell, &gecos, + &primary_gid ); } if (gecos == NULL) { @@ -250,6 +226,7 @@ static NTSTATUS query_user_list(struct winbindd_domain *domain, (*info)[i].full_name = gecos; (*info)[i].homedir = homedir; (*info)[i].shell = shell; + (*info)[i].primary_gid = primary_gid; sid_compose(&(*info)[i].group_sid, &domain->sid, group); i++; } @@ -454,17 +431,7 @@ static NTSTATUS query_user(struct winbindd_domain *domain, WINBIND_USERINFO *info) { ADS_STRUCT *ads = NULL; - const char *attrs[] = {"userPrincipalName", - "sAMAccountName", - "name", - "primaryGroupID", - ADS_ATTR_SFU_HOMEDIR_OID, - ADS_ATTR_SFU_SHELL_OID, - ADS_ATTR_SFU_GECOS_OID, - ADS_ATTR_RFC2307_HOMEDIR_OID, - ADS_ATTR_RFC2307_SHELL_OID, - ADS_ATTR_RFC2307_GECOS_OID, - NULL}; + const char *attrs[] = { "*", NULL }; ADS_STATUS rc; int count; LDAPMessage *msg = NULL; @@ -475,9 +442,7 @@ static NTSTATUS query_user(struct winbindd_domain *domain, DEBUG(3,("ads: query_user\n")); - ads = ads_cached_connection(domain); - - if (!ads) { + if ( (ads = ads_cached_connection(domain)) == NULL ) { domain->last_status = NT_STATUS_SERVER_DISABLED; goto done; } @@ -502,18 +467,9 @@ static NTSTATUS query_user(struct winbindd_domain *domain, info->acct_name = ads_pull_username(ads, mem_ctx, msg); - if (get_nss_info(domain->name) && ads->schema.map_type) { - - DEBUG(10,("pulling posix attributes (%s schema)\n", - wb_posix_map_str(ads->schema.map_type))); - - info->homedir = ads_pull_string(ads, mem_ctx, msg, - ads->schema.posix_homedir_attr); - info->shell = ads_pull_string(ads, mem_ctx, msg, - ads->schema.posix_shell_attr); - info->full_name = ads_pull_string(ads, mem_ctx, msg, - ads->schema.posix_gecos_attr); - } + info->primary_gid = (gid_t)-1; + nss_get_info( domain->name, sid, mem_ctx, ads, msg, + &info->homedir, &info->shell, &info->full_name, &info->primary_gid ); if (info->full_name == NULL) { info->full_name = ads_pull_string(ads, mem_ctx, msg, "name"); -- cgit