From fd35232584d34c3250094572393b3a64fc87cef9 Mon Sep 17 00:00:00 2001 From: Volker Lendecke Date: Sun, 4 Jan 2004 11:51:31 +0000 Subject: Commit the translation of the realm to the netbios domain name in the kerberos session setup. After talking to jht and abartlet I made this unconditional, no additional parameter. Jerry: This is a change in behaviour, but I think it is necessary. Volker (This used to be commit 3ce6c9f27368cfb278007fe660a0e44a84d67f8f) --- source3/nsswitch/wbinfo.c | 44 ++++++++++++++++++++++++++++++++++++++++ source3/nsswitch/winbindd.c | 1 + source3/nsswitch/winbindd_misc.c | 29 ++++++++++++++++++++++++++ source3/nsswitch/winbindd_nss.h | 11 ++++++++++ 4 files changed, 85 insertions(+) (limited to 'source3/nsswitch') diff --git a/source3/nsswitch/wbinfo.c b/source3/nsswitch/wbinfo.c index 059ea10da6..f779d6afb4 100644 --- a/source3/nsswitch/wbinfo.c +++ b/source3/nsswitch/wbinfo.c @@ -278,6 +278,42 @@ static BOOL wbinfo_show_sequence(const char *domain) return True; } +/* Show domain info */ + +static BOOL wbinfo_domain_info(const char *domain_name) +{ + struct winbindd_request request; + struct winbindd_response response; + + ZERO_STRUCT(request); + ZERO_STRUCT(response); + + fstrcpy(request.domain_name, domain_name); + + /* Send request */ + + if (winbindd_request(WINBINDD_DOMAIN_INFO, &request, &response) != + NSS_STATUS_SUCCESS) + return False; + + /* Display response */ + + d_printf("Name : %s\n", response.data.domain_info.name); + d_printf("Alt_Name: %s\n", response.data.domain_info.alt_name); + + d_printf("SID : %s\n", response.data.domain_info.sid); + + d_printf("Native : %s\n", + response.data.domain_info.native_mode ? "Yes" : "No"); + + d_printf("Primary : %s\n", + response.data.domain_info.primary ? "Yes" : "No"); + + d_printf("Sequence: %d\n", response.data.domain_info.sequence_number); + + return True; +} + /* Check trust account password */ static BOOL wbinfo_check_secret(void) @@ -954,6 +990,8 @@ int main(int argc, char **argv) { "check-secret", 't', POPT_ARG_NONE, 0, 't', "Check shared secret" }, { "trusted-domains", 'm', POPT_ARG_NONE, 0, 'm', "List trusted domains" }, { "sequence", 0, POPT_ARG_NONE, 0, OPT_SEQUENCE, "Show sequence numbers of all domains" }, + { "domain-info", 'D', POPT_ARG_STRING, &string_arg, 'D', + "Show all most info we have about the domain" }, { "user-groups", 'r', POPT_ARG_STRING, &string_arg, 'r', "Get user groups", "USER" }, { "user-sids", 0, POPT_ARG_STRING, &string_arg, OPT_USERSIDS, "Get user group sids for user SID", "SID" }, { "authenticate", 'a', POPT_ARG_STRING, &string_arg, 'a', "authenticate user", "user%password" }, @@ -1081,6 +1119,12 @@ int main(int argc, char **argv) goto done; } break; + case 'D': + if (!wbinfo_domain_info(string_arg)) { + d_printf("Could not get domain info\n"); + goto done; + } + break; case 'r': if (!wbinfo_get_usergroups(string_arg)) { d_printf("Could not get groups for user %s\n", diff --git a/source3/nsswitch/winbindd.c b/source3/nsswitch/winbindd.c index 74df934ca2..8ce528d2b0 100644 --- a/source3/nsswitch/winbindd.c +++ b/source3/nsswitch/winbindd.c @@ -264,6 +264,7 @@ static struct dispatch_table dispatch_table[] = { { WINBINDD_INFO, winbindd_info, "INFO" }, { WINBINDD_INTERFACE_VERSION, winbindd_interface_version, "INTERFACE_VERSION" }, { WINBINDD_DOMAIN_NAME, winbindd_domain_name, "DOMAIN_NAME" }, + { WINBINDD_DOMAIN_INFO, winbindd_domain_info, "DOMAIN_INFO" }, { WINBINDD_NETBIOS_NAME, winbindd_netbios_name, "NETBIOS_NAME" }, { WINBINDD_PRIV_PIPE_DIR, winbindd_priv_pipe_dir, "WINBINDD_PRIV_PIPE_DIR" }, diff --git a/source3/nsswitch/winbindd_misc.c b/source3/nsswitch/winbindd_misc.c index 3352ed447c..63bda0d1df 100644 --- a/source3/nsswitch/winbindd_misc.c +++ b/source3/nsswitch/winbindd_misc.c @@ -203,6 +203,35 @@ enum winbindd_result winbindd_show_sequence(struct winbindd_cli_state *state) return WINBINDD_OK; } +enum winbindd_result winbindd_domain_info(struct winbindd_cli_state *state) +{ + struct winbindd_domain *domain; + + DEBUG(3, ("[%5lu]: domain_info [%s]\n", (unsigned long)state->pid, + state->request.domain_name)); + + domain = find_domain_from_name(state->request.domain_name); + + if (domain == NULL) { + DEBUG(3, ("Did not find domain [%s]\n", + state->request.domain_name)); + return WINBINDD_ERROR; + } + + fstrcpy(state->response.data.domain_info.name, domain->name); + fstrcpy(state->response.data.domain_info.alt_name, domain->alt_name); + fstrcpy(state->response.data.domain_info.sid, + sid_string_static(&domain->sid)); + + state->response.data.domain_info.native_mode = domain->native_mode; + state->response.data.domain_info.primary = domain->primary; + + state->response.data.domain_info.sequence_number = + domain->sequence_number; + + return WINBINDD_OK; +} + enum winbindd_result winbindd_ping(struct winbindd_cli_state *state) { diff --git a/source3/nsswitch/winbindd_nss.h b/source3/nsswitch/winbindd_nss.h index 77384a7748..0dd00e9b39 100644 --- a/source3/nsswitch/winbindd_nss.h +++ b/source3/nsswitch/winbindd_nss.h @@ -92,6 +92,9 @@ enum winbindd_cmd { WINBINDD_INFO, /* Various bit of info. Currently just tidbits */ WINBINDD_DOMAIN_NAME, /* The domain this winbind server is a member of (lp_workgroup()) */ + WINBINDD_DOMAIN_INFO, /* Most of what we know from + struct winbindd_domain */ + WINBINDD_SHOW_SEQUENCE, /* display sequence numbers of domains */ /* WINS commands */ @@ -264,6 +267,14 @@ struct winbindd_response { char first_8_lm_hash[8]; } auth; uint32 rid; /* create user or group */ + struct { + fstring name; + fstring alt_name; + fstring sid; + BOOL native_mode; + BOOL primary; + uint32 sequence_number; + } domain_info; } data; /* Variable length return data */ -- cgit