From 6d7195d1d79c43f5ccc8dc4a9215c02177d5fa89 Mon Sep 17 00:00:00 2001 From: Andrew Bartlett Date: Sat, 2 Nov 2002 03:47:48 +0000 Subject: Merge passdb from HEAD -> 3.0 The work here includes: - metze' set/changed patch, which avoids making changes to ldap on unmodified attributes. - volker's group mapping in passdb patch - volker's samsync stuff - volkers SAMR changes. - mezte's connection caching patch - my recent changes (fix magic root check, ldap ssl) Andrew Bartlett (This used to be commit 2044d60bbe0043cdbb9aba931115672bde975d2f) --- source3/utils/net_rpc_samsync.c | 82 +++++++++++++++++++++-------------------- 1 file changed, 43 insertions(+), 39 deletions(-) (limited to 'source3/utils/net_rpc_samsync.c') diff --git a/source3/utils/net_rpc_samsync.c b/source3/utils/net_rpc_samsync.c index 00e5dee0ce..10fba52be8 100644 --- a/source3/utils/net_rpc_samsync.c +++ b/source3/utils/net_rpc_samsync.c @@ -111,7 +111,7 @@ static void display_sam_entry(SAM_DELTA_HDR *hdr_delta, SAM_DELTA_CTR *delta) static void dump_database(struct cli_state *cli, unsigned db_type, DOM_CRED *ret_creds) { - unsigned last_rid = -1; + unsigned sync_context = 0; NTSTATUS result; int i; TALLOC_CTX *mem_ctx; @@ -126,15 +126,15 @@ static void dump_database(struct cli_state *cli, unsigned db_type, DOM_CRED *ret d_printf("Dumping database %u\n", db_type); do { - result = cli_netlogon_sam_sync(cli, mem_ctx, ret_creds, db_type, last_rid+1, + result = cli_netlogon_sam_sync(cli, mem_ctx, ret_creds, db_type, + sync_context, &num_deltas, &hdr_deltas, &deltas); clnt_deal_with_creds(cli->sess_key, &(cli->clnt_cred), ret_creds); - last_rid = 0; for (i = 0; i < num_deltas; i++) { display_sam_entry(&hdr_deltas[i], &deltas[i]); - last_rid = hdr_deltas[i].target_rid; } - } while (last_rid && NT_STATUS_EQUAL(result, STATUS_MORE_ENTRIES)); + sync_context += 1; + } while (NT_STATUS_EQUAL(result, STATUS_MORE_ENTRIES)); talloc_destroy(mem_ctx); } @@ -199,62 +199,62 @@ sam_account_from_delta(SAM_ACCOUNT *account, SAM_ACCOUNT_INFO *delta) desc, workstations, profile. */ unistr2_to_ascii(s, &delta->uni_acct_name, sizeof(s) - 1); - pdb_set_nt_username(account, s); + pdb_set_nt_username(account, s, PDB_CHANGED); /* Unix username is the same - for sainity */ - pdb_set_username(account, s); + pdb_set_username(account, s, PDB_CHANGED); unistr2_to_ascii(s, &delta->uni_full_name, sizeof(s) - 1); - pdb_set_fullname(account, s); + pdb_set_fullname(account, s, PDB_CHANGED); unistr2_to_ascii(s, &delta->uni_home_dir, sizeof(s) - 1); - pdb_set_homedir(account, s, True); + pdb_set_homedir(account, s, PDB_CHANGED); unistr2_to_ascii(s, &delta->uni_dir_drive, sizeof(s) - 1); - pdb_set_dir_drive(account, s, True); + pdb_set_dir_drive(account, s, PDB_CHANGED); unistr2_to_ascii(s, &delta->uni_logon_script, sizeof(s) - 1); - pdb_set_logon_script(account, s, True); + pdb_set_logon_script(account, s, PDB_CHANGED); unistr2_to_ascii(s, &delta->uni_acct_desc, sizeof(s) - 1); - pdb_set_acct_desc(account, s); + pdb_set_acct_desc(account, s, PDB_CHANGED); unistr2_to_ascii(s, &delta->uni_workstations, sizeof(s) - 1); - pdb_set_workstations(account, s); + pdb_set_workstations(account, s, PDB_CHANGED); unistr2_to_ascii(s, &delta->uni_profile, sizeof(s) - 1); - pdb_set_profile_path(account, s, True); + pdb_set_profile_path(account, s, PDB_CHANGED); /* User and group sid */ - pdb_set_user_sid_from_rid(account, delta->user_rid); - pdb_set_group_sid_from_rid(account, delta->group_rid); + pdb_set_user_sid_from_rid(account, delta->user_rid, PDB_CHANGED); + pdb_set_group_sid_from_rid(account, delta->group_rid, PDB_CHANGED); /* Logon and password information */ - pdb_set_logon_time(account, nt_time_to_unix(&delta->logon_time), True); + pdb_set_logon_time(account, nt_time_to_unix(&delta->logon_time), PDB_CHANGED); pdb_set_logoff_time(account, nt_time_to_unix(&delta->logoff_time), - True); - pdb_set_logon_divs(account, delta->logon_divs); + PDB_CHANGED); + pdb_set_logon_divs(account, delta->logon_divs, PDB_CHANGED); /* TODO: logon hours */ /* TODO: bad password count */ /* TODO: logon count */ pdb_set_pass_last_set_time( - account, nt_time_to_unix(&delta->pwd_last_set_time)); + account, nt_time_to_unix(&delta->pwd_last_set_time), PDB_CHANGED); - pdb_set_kickoff_time(account, get_time_t_max(), True); + pdb_set_kickoff_time(account, get_time_t_max(), PDB_CHANGED); /* Decode hashes from password hash */ sam_pwd_hash(delta->user_rid, delta->pass.buf_lm_pwd, lm_passwd, 0); sam_pwd_hash(delta->user_rid, delta->pass.buf_nt_pwd, nt_passwd, 0); - pdb_set_nt_passwd(account, nt_passwd); - pdb_set_lanman_passwd(account, lm_passwd); + pdb_set_nt_passwd(account, nt_passwd, PDB_CHANGED); + pdb_set_lanman_passwd(account, lm_passwd, PDB_CHANGED); /* TODO: account expiry time */ - pdb_set_acct_ctrl(account, delta->acb_info); + pdb_set_acct_ctrl(account, delta->acb_info, PDB_CHANGED); return NT_STATUS_OK; } @@ -324,8 +324,7 @@ fetch_account_info(uint32 rid, SAM_ACCOUNT_INFO *delta) pdb_update_sam_account(sam_account); } - if (!get_group_map_from_sid(*pdb_get_group_sid(sam_account), - &map, False)) { + if (!pdb_getgrsid(&map, *pdb_get_group_sid(sam_account), False)) { DEBUG(0, ("Primary group of %s has no mapping!\n", pdb_get_username(sam_account))); pdb_free_sam(&sam_account); @@ -353,7 +352,7 @@ fetch_group_info(uint32 rid, SAM_GROUP_INFO *delta) DOM_SID group_sid; fstring sid_string; GROUP_MAP map; - int flag = TDB_INSERT; + BOOL insert = True; unistr2_to_ascii(name, &delta->uni_grp_name, sizeof(name)-1); unistr2_to_ascii(comment, &delta->uni_grp_desc, sizeof(comment)-1); @@ -363,9 +362,9 @@ fetch_group_info(uint32 rid, SAM_GROUP_INFO *delta) sid_append_rid(&group_sid, rid); sid_to_string(sid_string, &group_sid); - if (get_group_map_from_sid(group_sid, &map, False)) { + if (pdb_getgrsid(&map, group_sid, False)) { grp = getgrgid(map.gid); - flag = 0; /* Don't TDB_INSERT, mapping exists */ + insert = False; } if (grp == NULL) @@ -392,7 +391,10 @@ fetch_group_info(uint32 rid, SAM_GROUP_INFO *delta) map.priv_set.count = 0; map.priv_set.set = NULL; - add_mapping_entry(&map, flag); + if (insert) + pdb_add_group_mapping_entry(&map); + else + pdb_update_group_mapping_entry(&map); return NT_STATUS_OK; } @@ -530,7 +532,7 @@ static NTSTATUS fetch_alias_info(uint32 rid, SAM_ALIAS_INFO *delta, DOM_SID alias_sid; fstring sid_string; GROUP_MAP map; - int insert_flag = TDB_INSERT; + BOOL insert = True; unistr2_to_ascii(name, &delta->uni_als_name, sizeof(name)-1); unistr2_to_ascii(comment, &delta->uni_als_desc, sizeof(comment)-1); @@ -540,9 +542,9 @@ static NTSTATUS fetch_alias_info(uint32 rid, SAM_ALIAS_INFO *delta, sid_append_rid(&alias_sid, rid); sid_to_string(sid_string, &alias_sid); - if (get_group_map_from_sid(alias_sid, &map, False)) { + if (pdb_getgrsid(&map, alias_sid, False)) { grp = getgrgid(map.gid); - insert_flag = 0; /* Don't TDB_INSERT, mapping exists */ + insert = False; } if (grp == NULL) { @@ -573,7 +575,10 @@ static NTSTATUS fetch_alias_info(uint32 rid, SAM_ALIAS_INFO *delta, map.priv_set.count = 0; map.priv_set.set = NULL; - add_mapping_entry(&map, insert_flag); + if (insert) + pdb_add_group_mapping_entry(&map); + else + pdb_update_group_mapping_entry(&map); return NT_STATUS_OK; } @@ -620,7 +625,7 @@ static void fetch_database(struct cli_state *cli, unsigned db_type, DOM_CRED *ret_creds, DOM_SID dom_sid) { - unsigned last_rid = -1; + unsigned sync_context = 0; NTSTATUS result; int i; TALLOC_CTX *mem_ctx; @@ -636,17 +641,16 @@ fetch_database(struct cli_state *cli, unsigned db_type, DOM_CRED *ret_creds, do { result = cli_netlogon_sam_sync(cli, mem_ctx, ret_creds, - db_type, last_rid+1, + db_type, sync_context, &num_deltas, &hdr_deltas, &deltas); clnt_deal_with_creds(cli->sess_key, &(cli->clnt_cred), ret_creds); - last_rid = 0; for (i = 0; i < num_deltas; i++) { fetch_sam_entry(&hdr_deltas[i], &deltas[i], dom_sid); - last_rid = hdr_deltas[i].target_rid; } - } while (last_rid && NT_STATUS_EQUAL(result, STATUS_MORE_ENTRIES)); + sync_context += 1; + } while (NT_STATUS_EQUAL(result, STATUS_MORE_ENTRIES)); talloc_destroy(mem_ctx); } -- cgit