From 71041a5007abb9afc04df0d91e7c2598ba9b2d20 Mon Sep 17 00:00:00 2001
From: Simo Sorce <idra@samba.org>
Date: Sat, 12 Aug 2006 15:22:03 +0000
Subject: r17504: Do not use the invented unixID but use the rfc2307 uidNumber
 and gidNumber attributes instead Do not change unixName right now, we don't
 have an attribute to use in the posixGroup class, and I think we should
 remove its usage altogether and look up users and groups by their uid/gid
 only.

Simo.
(This used to be commit d57b521aadf24a277152ec1ff1dac3210bd14316)
---
 source4/dsdb/common/sidmap.c                   | 26 +++++++++++++-------------
 source4/lib/ldb/tests/schema-tests/schema.ldif |  3 ++-
 source4/setup/provision_init.ldif              |  3 ++-
 3 files changed, 17 insertions(+), 15 deletions(-)

(limited to 'source4')

diff --git a/source4/dsdb/common/sidmap.c b/source4/dsdb/common/sidmap.c
index 38c4ba49a9..353d5c14f1 100644
--- a/source4/dsdb/common/sidmap.c
+++ b/source4/dsdb/common/sidmap.c
@@ -126,8 +126,8 @@ static NTSTATUS sidmap_primary_domain_sid(struct sidmap_context *sidmap,
 _PUBLIC_ NTSTATUS sidmap_sid_to_unixuid(struct sidmap_context *sidmap, 
 					struct dom_sid *sid, uid_t *uid)
 {
-	const char *attrs[] = { "sAMAccountName", "unixID", 
-				"unixName", "sAMAccountType", NULL };
+	const char *attrs[] = { "sAMAccountName", "uidNumber", 
+				"sAMAccountType", NULL };
 	int ret;
 	const char *s;
 	TALLOC_CTX *tmp_ctx;
@@ -152,7 +152,7 @@ _PUBLIC_ NTSTATUS sidmap_sid_to_unixuid(struct sidmap_context *sidmap,
 	}
 
 	/* first try to get the uid directly */
-	s = samdb_result_string(res[0], "unixID", NULL);
+	s = samdb_result_string(res[0], "uidNumber", NULL);
 	if (s != NULL) {
 		*uid = strtoul(s, NULL, 0);
 		talloc_free(tmp_ctx);
@@ -208,7 +208,7 @@ allocated_sid:
 	}
 	
 
-	DEBUG(0,("sid_to_unixuid: no unixID, unixName or sAMAccountName for sid %s\n", 
+	DEBUG(0,("sid_to_unixuid: no uidNumber, unixName or sAMAccountName for sid %s\n", 
 		 dom_sid_string(tmp_ctx, sid)));
 
 	talloc_free(tmp_ctx);
@@ -222,7 +222,7 @@ allocated_sid:
 _PUBLIC_ NTSTATUS sidmap_sid_to_unixgid(struct sidmap_context *sidmap,
 					struct dom_sid *sid, gid_t *gid)
 {
-	const char *attrs[] = { "sAMAccountName", "unixID", 
+	const char *attrs[] = { "sAMAccountName", "gidNumber", 
 				"unixName", "sAMAccountType", NULL };
 	int ret;
 	const char *s;
@@ -248,7 +248,7 @@ _PUBLIC_ NTSTATUS sidmap_sid_to_unixgid(struct sidmap_context *sidmap,
 	}
 
 	/* first try to get the gid directly */
-	s = samdb_result_string(res[0], "unixID", NULL);
+	s = samdb_result_string(res[0], "gidNumber", NULL);
 	if (s != NULL) {
 		*gid = strtoul(s, NULL, 0);
 		talloc_free(tmp_ctx);
@@ -300,7 +300,7 @@ allocated_sid:
 		}
 	}
 
-	DEBUG(0,("sid_to_unixgid: no unixID, unixName or sAMAccountName for sid %s\n", 
+	DEBUG(0,("sid_to_unixgid: no gidNumber, unixName or sAMAccountName for sid %s\n", 
 		 dom_sid_string(tmp_ctx, sid)));
 
 	talloc_free(tmp_ctx);
@@ -330,7 +330,7 @@ _PUBLIC_ NTSTATUS sidmap_uid_to_sid(struct sidmap_context *sidmap,
 	    - check if the uid is in the dynamic uid range assigned for winbindd
 	      use. If it is, then look in winbindd sid mapping
 	      database (not implemented yet)
-	    - look for a user account in samdb that has unixID set to the
+	    - look for a user account in samdb that has uidNumber set to the
 	      given uid
 	    - look for a user account in samdb that has unixName or
 	      sAMAccountName set to the name given by getpwuid()
@@ -343,12 +343,12 @@ _PUBLIC_ NTSTATUS sidmap_uid_to_sid(struct sidmap_context *sidmap,
 
 
 	/*
-	  step 2: look for a user account in samdb that has unixID set to the
+	  step 2: look for a user account in samdb that has uidNumber set to the
                   given uid
 	*/
 
 	ret = gendb_search(sidmap->samctx, tmp_ctx, samdb_base_dn(tmp_ctx), &res, attrs, 
-			   "unixID=%u", (unsigned int)uid);
+			   "uidNumber=%u", (unsigned int)uid);
 	for (i=0;i<ret;i++) {
 		if (!is_user_account(res[i])) continue;
 
@@ -428,7 +428,7 @@ _PUBLIC_ NTSTATUS sidmap_gid_to_sid(struct sidmap_context *sidmap,
 	    - check if the gid is in the dynamic gid range assigned for winbindd
 	      use. If it is, then look in winbindd sid mapping
 	      database (not implemented yet)
-	    - look for a group account in samdb that has unixID set to the
+	    - look for a group account in samdb that has gidNumber set to the
 	      given gid
 	    - look for a group account in samdb that has unixName or
 	      sAMAccountName set to the name given by getgrgid()
@@ -441,12 +441,12 @@ _PUBLIC_ NTSTATUS sidmap_gid_to_sid(struct sidmap_context *sidmap,
 
 
 	/*
-	  step 2: look for a group account in samdb that has unixID set to the
+	  step 2: look for a group account in samdb that has gidNumber set to the
                   given gid
 	*/
 
 	ret = gendb_search(sidmap->samctx, tmp_ctx, samdb_base_dn(tmp_ctx), &res, attrs, 
-			   "unixID=%u", (unsigned int)gid);
+			   "gidNumber=%u", (unsigned int)gid);
 	for (i=0;i<ret;i++) {
 		if (!is_group_account(res[i])) continue;
 
diff --git a/source4/lib/ldb/tests/schema-tests/schema.ldif b/source4/lib/ldb/tests/schema-tests/schema.ldif
index 3be31282fa..515408144a 100644
--- a/source4/lib/ldb/tests/schema-tests/schema.ldif
+++ b/source4/lib/ldb/tests/schema-tests/schema.ldif
@@ -4,7 +4,8 @@ dn: @INDEXLIST
 @IDXATTR: objectSid
 @IDXATTR: objectClass
 @IDXATTR: member
-@IDXATTR: unixID
+@IDXATTR: uidNumber
+@IDXATTR: gidNumber
 @IDXATTR: unixName
 @IDXATTR: privilege
 @IDXATTR: lDAPDisplayName
diff --git a/source4/setup/provision_init.ldif b/source4/setup/provision_init.ldif
index 91405b2d4c..7414368d44 100644
--- a/source4/setup/provision_init.ldif
+++ b/source4/setup/provision_init.ldif
@@ -5,7 +5,8 @@ dn: @INDEXLIST
 @IDXATTR: objectClass
 @IDXATTR: objectCategory
 @IDXATTR: member
-@IDXATTR: unixID
+@IDXATTR: uidNumber
+@IDXATTR: gidNumber
 @IDXATTR: unixName
 @IDXATTR: privilege
 @IDXATTR: nCName
-- 
cgit