[SCM] Samba Shared Repository - branch v3-3-test updated -
release-3-2-0pre2-4552-g479537f
Michael Adam
obnox at samba.org
Mon Dec 1 04:35:21 GMT 2008
The branch, v3-3-test has been updated
via 479537fa1d0ffff8d7489c7e96cb416d7c1554aa (commit)
via 606e28f35538ff42e6c0845a7e9d2415a75ccaf5 (commit)
via 348983fd92fa6ab448d490c70c0abb4f7b604b1d (commit)
via 715335caca2bbdc31c4a65ecf7c3bf602cd73781 (commit)
via 31531c906c336dd07b5ff217f9c1c6bedfeae40c (commit)
via 60a469ef3fff16a8585a6c62785777563f4ec587 (commit)
via 9c1d9c31849585dbd33367db3e0708fda7b0b9f0 (commit)
via 8d00acb552f8f67f0b28ce7eeb8bccb0e6dcd850 (commit)
via 9423214217558036c4c88d48efead41df48d2492 (commit)
via 1ffceacbc1696bcee6a5f0dc414487b305ba2b4c (commit)
via 9c23d62f07867f4d94d822f0190c6479ffb7df24 (commit)
via ac878b8bdf15ad10eedb342cc5e71962b96f0b4b (commit)
via 18a6ad74922b9d7619c895156bc729c959ce3c84 (commit)
via f33f2536acaef7444e5c1df7b69088535804d68d (commit)
via 458d0abd07daeda2456ddf6131f04f738df4e520 (commit)
via d586facf3c501bcf5d67abde28febe9299518c37 (commit)
from b22d3462b9baa3eab2224b9776bc10a0a0bf8512 (commit)
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=v3-3-test
- Log -----------------------------------------------------------------
commit 479537fa1d0ffff8d7489c7e96cb416d7c1554aa
Author: Michael Adam <obnox at samba.org>
Date: Mon Dec 1 04:22:33 2008 +0100
winbindd/nss_info: remove unused variable from nss_init()
Michael
commit 606e28f35538ff42e6c0845a7e9d2415a75ccaf5
Author: Michael Adam <obnox at samba.org>
Date: Mon Dec 1 04:22:02 2008 +0100
winbindd/nss_info: make nss_domain_list_add_domain() static
Michael
commit 348983fd92fa6ab448d490c70c0abb4f7b604b1d
Author: Michael Adam <obnox at samba.org>
Date: Mon Dec 1 02:01:44 2008 +0100
winbindd/nss_info: fix default backend handling for ad backends.
This fixes "winbind nss info = rfc2307" (or sfu or sfu20).
Originally, only explicitly configured domains (like "rfc2307:domain")
worked with the ad module, since the domain name was not passed
backe to the module. This is fixed by recording the first backend
listed without domain in the "winbind nss info" parameter as the
default backend, and creating new nss_domain entries (using this default
backend) on the fly as requests for domains which are not explicitly
configured are encountered.
Michael
commit 715335caca2bbdc31c4a65ecf7c3bf602cd73781
Author: Michael Adam <obnox at samba.org>
Date: Mon Dec 1 00:56:50 2008 +0100
winbindd/nss_info: whitespace cleanup.
Remove trailing spaces and fix tab / space mixup.
Michael
commit 31531c906c336dd07b5ff217f9c1c6bedfeae40c
Author: Michael Adam <obnox at samba.org>
Date: Sun Nov 30 23:00:19 2008 +0100
winbindd_cache: add debugging to get_nss_info_cached()
Michael
commit 60a469ef3fff16a8585a6c62785777563f4ec587
Author: Michael Adam <obnox at samba.org>
Date: Sun Nov 30 22:57:41 2008 +0100
winbindd/nss_info: add entry debug message to nss_get_info()
Michael
commit 9c1d9c31849585dbd33367db3e0708fda7b0b9f0
Author: Michael Adam <obnox at samba.org>
Date: Sun Nov 30 22:54:42 2008 +0100
winbindd/nss_info: add debugging to nss_init()
Michael
commit 8d00acb552f8f67f0b28ce7eeb8bccb0e6dcd850
Author: Michael Adam <obnox at samba.org>
Date: Sun Nov 30 22:50:26 2008 +0100
winbindd/idmap_ad: add entry debug message to nss_ad_get_info()
Michael
commit 9423214217558036c4c88d48efead41df48d2492
Author: Michael Adam <obnox at samba.org>
Date: Wed Nov 26 23:09:49 2008 +0100
winbindd/idmap_ad: add support for trusted domains to idmap_ad (bug #3661)
This initial fix does at least work for explicitly configured domains.
The patch has a few disadvantages:
1. It does work only for explicitly configured domains, not with
the default backend (idmap backend = ad), since it relies on the
domain name being passed in via the idmap_domain. One workaround
for this would be to create clones of the default idmap_domain
for domains not explicitly configured.
2. It calls find_domain_from_name_noinit() from idmap_ad_cached_connection.
The problem here is that only the NetBIOS domain name (workgroup
name) is passed in via the idmap_domain struct, and the module
has to establish a connection to the domain based on that information.
find_domain_from_name_noinit() has the disadvantage that it uses the state
of the domain list at fork time (unless used from the main winbindd).
But this should be ok as long as the primary domain was reachable at
start time.
For nss_info, the situation is similar - This will only work for domains
explicitly configured in smb.conf as follows:
"winbind nss info = rfc2307:dom1 sfu:dom2 rfc2307:dom3 template:dom4"
Setting the default nss info to one of the ad backends (rfc2307, sfu, sfu20)
will fail since the domain name is not passed in with the nss_domain_entry.
Michael
commit 1ffceacbc1696bcee6a5f0dc414487b305ba2b4c
Author: Michael Adam <obnox at samba.org>
Date: Wed Nov 26 22:23:34 2008 +0100
winbindd/idmap_ad: refactor core of nss_{sfu|sfu20|rfc2307}_init to common function.
Michael
commit 9c23d62f07867f4d94d822f0190c6479ffb7df24
Author: Michael Adam <obnox at samba.org>
Date: Wed Nov 26 15:16:22 2008 +0100
winbindd/idmap_ad: rename ctx to mem_ctx in nss_ad_get_info()
in preparation to using the idmap_ad_context there
Michael
commit ac878b8bdf15ad10eedb342cc5e71962b96f0b4b
Author: Michael Adam <obnox at samba.org>
Date: Fri Nov 28 10:40:42 2008 +0100
winbindd/idmap: add diagnostic entry debug msg to idmap_backends_sid_to_unixid
Michael
commit 18a6ad74922b9d7619c895156bc729c959ce3c84
Author: Michael Adam <obnox at samba.org>
Date: Fri Nov 28 10:40:01 2008 +0100
winbindd/idmap: add diagnostic entry debug msg to idmap_backends_unixid_to_sid
Michael
commit f33f2536acaef7444e5c1df7b69088535804d68d
Author: Michael Adam <obnox at samba.org>
Date: Fri Nov 28 10:08:46 2008 +0100
winbindd/idmap: add diagnostic entry debug msg to idmap_find_domain().
Michael
commit 458d0abd07daeda2456ddf6131f04f738df4e520
Author: Michael Adam <obnox at samba.org>
Date: Fri Nov 28 10:05:19 2008 +0100
winbindd/idmap_util: unify entering debug messages and add ouput of domain
Michael
commit d586facf3c501bcf5d67abde28febe9299518c37
Author: Michael Adam <obnox at samba.org>
Date: Mon Dec 1 04:17:55 2008 +0100
winbindd/nss_info: change nss_map_{to|from}_alias to take nss_domain_entry
instead of just the domain name
Michael
-----------------------------------------------------------------------
Summary of changes:
source/include/nss_info.h | 10 +-
source/winbindd/idmap.c | 10 +
source/winbindd/idmap_ad.c | 414 ++++++++++++++++++++-----------
source/winbindd/idmap_adex/idmap_adex.c | 16 +-
source/winbindd/idmap_hash/idmap_hash.c | 6 +-
source/winbindd/idmap_util.c | 12 +-
source/winbindd/nss_info.c | 151 ++++++++----
source/winbindd/nss_info_template.c | 4 +-
source/winbindd/winbindd_cache.c | 7 +
9 files changed, 405 insertions(+), 225 deletions(-)
Changeset truncated at 500 lines:
diff --git a/source/include/nss_info.h b/source/include/nss_info.h
index e756136..0224be0 100644
--- a/source/include/nss_info.h
+++ b/source/include/nss_info.h
@@ -66,10 +66,12 @@ struct nss_info_methods {
TALLOC_CTX *ctx,
ADS_STRUCT *ads, LDAPMessage *msg,
char **homedir, char **shell, char **gecos, gid_t *p_gid);
- NTSTATUS (*map_to_alias)( TALLOC_CTX *mem_ctx, const char *domain,
- const char *name, char **alias );
- NTSTATUS (*map_from_alias)( TALLOC_CTX *mem_ctx, const char *domain,
- const char *alias, char **name );
+ NTSTATUS (*map_to_alias)(TALLOC_CTX *mem_ctx,
+ struct nss_domain_entry *e,
+ const char *name, char **alias);
+ NTSTATUS (*map_from_alias)(TALLOC_CTX *mem_ctx,
+ struct nss_domain_entry *e,
+ const char *alias, char **name);
NTSTATUS (*close_fn)( void );
};
diff --git a/source/winbindd/idmap.c b/source/winbindd/idmap.c
index 054df9b..aaba7e5 100644
--- a/source/winbindd/idmap.c
+++ b/source/winbindd/idmap.c
@@ -461,6 +461,9 @@ static struct idmap_domain *idmap_find_domain(const char *domname)
struct idmap_domain *result;
int i;
+ DEBUG(10, ("idmap_find_domain called for domain '%s'\n",
+ domname?domname:"NULL"));
+
/*
* Always init the default domain, we can't go without one
*/
@@ -725,6 +728,10 @@ NTSTATUS idmap_backends_unixid_to_sid(const char *domname, struct id_map *id)
struct idmap_domain *dom;
struct id_map *maps[2];
+ DEBUG(10, ("idmap_backend_unixid_to_sid: domain = '%s', xid = %d "
+ "(type %d)\n",
+ domname?domname:"NULL", id->xid.id, id->xid.type));
+
maps[0] = id;
maps[1] = NULL;
@@ -751,6 +758,9 @@ NTSTATUS idmap_backends_sid_to_unixid(const char *domain, struct id_map *id)
struct idmap_domain *dom;
struct id_map *maps[2];
+ DEBUG(10, ("idmap_backend_sid_to_unixid: domain = '%s', sid = [%s]\n",
+ domain?domain:"NULL", sid_string_dbg(id->sid)));
+
maps[0] = id;
maps[1] = NULL;
diff --git a/source/winbindd/idmap_ad.c b/source/winbindd/idmap_ad.c
index 60a2d86..05d7d98 100644
--- a/source/winbindd/idmap_ad.c
+++ b/source/winbindd/idmap_ad.c
@@ -9,6 +9,7 @@
* Copyright (C) Andrew Bartlett <abartlet at samba.org> 2003
* Copyright (C) Gerald (Jerry) Carter 2004-2007
* Copyright (C) Luke Howard 2001-2004
+ * Copyright (C) Michael Adam 2008
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
@@ -25,6 +26,7 @@
*/
#include "includes.h"
+#include "winbindd.h"
#undef DBGC_CLASS
#define DBGC_CLASS DBGC_IDMAP
@@ -43,31 +45,39 @@
struct idmap_ad_context {
uint32_t filter_low_id;
uint32_t filter_high_id;
+ ADS_STRUCT *ads;
+ struct posix_schema *ad_schema;
+ enum wb_posix_mapping ad_map_type; /* WB_POSIX_MAP_UNKNOWN */
};
NTSTATUS init_module(void);
-static ADS_STRUCT *ad_idmap_ads = NULL;
-static struct posix_schema *ad_schema = NULL;
-static enum wb_posix_mapping ad_map_type = WB_POSIX_MAP_UNKNOWN;
-
/************************************************************************
***********************************************************************/
-static ADS_STRUCT *ad_idmap_cached_connection_internal(void)
+static ADS_STATUS ad_idmap_cached_connection_internal(struct idmap_domain *dom)
{
ADS_STRUCT *ads;
ADS_STATUS status;
bool local = False;
fstring dc_name;
struct sockaddr_storage dc_ip;
+ struct idmap_ad_context *ctx;
+ char *ldap_server = NULL;
+ char *realm = NULL;
+ struct winbindd_domain *wb_dom;
+
+ DEBUG(10, ("ad_idmap_cached_connection: called for domain '%s'\n",
+ dom->name));
+
+ ctx = talloc_get_type(dom->private_data, struct idmap_ad_context);
- if (ad_idmap_ads != NULL) {
+ if (ctx->ads != NULL) {
time_t expire;
time_t now = time(NULL);
- ads = ad_idmap_ads;
+ ads = ctx->ads;
expire = MIN(ads->auth.tgt_expire, ads->auth.tgs_expire);
@@ -76,15 +86,15 @@ static ADS_STRUCT *ad_idmap_cached_connection_internal(void)
(uint32)expire-(uint32)now, (uint32) expire, (uint32) now));
if ( ads->config.realm && (expire > time(NULL))) {
- return ads;
+ return ADS_SUCCESS;
} else {
/* we own this ADS_STRUCT so make sure it goes away */
DEBUG(7,("Deleting expired krb5 credential cache\n"));
ads->is_mine = True;
ads_destroy( &ads );
ads_kdestroy(WINBIND_CCACHE_NAME);
- ad_idmap_ads = NULL;
- TALLOC_FREE( ad_schema );
+ ctx->ads = NULL;
+ TALLOC_FREE( ctx->ad_schema );
}
}
@@ -93,9 +103,28 @@ static ADS_STRUCT *ad_idmap_cached_connection_internal(void)
setenv("KRB5CCNAME", WINBIND_CCACHE_NAME, 1);
}
- if ( (ads = ads_init(lp_realm(), lp_workgroup(), NULL)) == NULL ) {
+ /*
+ * At this point we only have the NetBIOS domain name.
+ * Check if we can get server nam and realm from SAF cache
+ * and the domain list.
+ */
+ ldap_server = saf_fetch(dom->name);
+ DEBUG(10, ("ldap_server from saf cache: '%s'\n", ldap_server?ldap_server:""));
+
+ wb_dom = find_domain_from_name_noinit(dom->name);
+ if (wb_dom == NULL) {
+ DEBUG(10, ("find_domain_from_name_noinit did not find domain '%s'\n",
+ dom->name));
+ realm = NULL;
+ } else {
+ DEBUG(10, ("find_domain_from_name_noinit found realm '%s' for "
+ " domain '%s'\n", wb_dom->alt_name, dom->name));
+ realm = wb_dom->alt_name;
+ }
+
+ if ( (ads = ads_init(realm, dom->name, ldap_server)) == NULL ) {
DEBUG(1,("ads_init failed\n"));
- return NULL;
+ return ADS_ERROR_NT(NT_STATUS_NO_MEMORY);
}
/* the machine acct password might have change - fetch it every time */
@@ -107,54 +136,57 @@ static ADS_STRUCT *ad_idmap_cached_connection_internal(void)
/* setup server affinity */
- get_dc_name( NULL, ads->auth.realm, dc_name, &dc_ip );
+ get_dc_name(dom->name, realm, dc_name, &dc_ip );
status = ads_connect(ads);
if (!ADS_ERR_OK(status)) {
DEBUG(1, ("ad_idmap_init: failed to connect to AD\n"));
ads_destroy(&ads);
- return NULL;
+ return status;
}
ads->is_mine = False;
- ad_idmap_ads = ads;
+ ctx->ads = ads;
- return ads;
+ return ADS_SUCCESS;
}
/************************************************************************
***********************************************************************/
-static ADS_STRUCT *ad_idmap_cached_connection(void)
+static ADS_STATUS ad_idmap_cached_connection(struct idmap_domain *dom)
{
- ADS_STRUCT *ads = ad_idmap_cached_connection_internal();
-
- if ( !ads )
- return NULL;
+ ADS_STATUS status;
+ struct idmap_ad_context * ctx;
+
+ status = ad_idmap_cached_connection_internal(dom);
+ if (!ADS_ERR_OK(status)) {
+ return status;
+ }
+
+ ctx = talloc_get_type(dom->private_data, struct idmap_ad_context);
/* if we have a valid ADS_STRUCT and the schema model is
defined, then we can return here. */
- if ( ad_schema )
- return ads;
+ if ( ctx->ad_schema ) {
+ return ADS_SUCCESS;
+ }
/* Otherwise, set the schema model */
- if ( (ad_map_type == WB_POSIX_MAP_SFU) ||
- (ad_map_type == WB_POSIX_MAP_SFU20) ||
- (ad_map_type == WB_POSIX_MAP_RFC2307) )
+ if ( (ctx->ad_map_type == WB_POSIX_MAP_SFU) ||
+ (ctx->ad_map_type == WB_POSIX_MAP_SFU20) ||
+ (ctx->ad_map_type == WB_POSIX_MAP_RFC2307) )
{
- ADS_STATUS schema_status;
-
- schema_status = ads_check_posix_schema_mapping( NULL, ads, ad_map_type, &ad_schema);
- if ( !ADS_ERR_OK(schema_status) ) {
+ status = ads_check_posix_schema_mapping(NULL, ctx->ads, ctx->ad_map_type, &ctx->ad_schema);
+ if ( !ADS_ERR_OK(status) ) {
DEBUG(2,("ad_idmap_cached_connection: Failed to obtain schema details!\n"));
- return NULL;
}
}
- return ads;
+ return status;
}
/************************************************************************
@@ -190,17 +222,18 @@ static NTSTATUS idmap_ad_initialize(struct idmap_domain *dom,
}
}
+ /* default map type */
+ ctx->ad_map_type = WB_POSIX_MAP_RFC2307;
+
/* schema mode */
- if ( ad_map_type == WB_POSIX_MAP_UNKNOWN )
- ad_map_type = WB_POSIX_MAP_RFC2307;
schema_mode = lp_parm_const_string(-1, config_option, "schema_mode", NULL);
if ( schema_mode && schema_mode[0] ) {
if ( strequal(schema_mode, "sfu") )
- ad_map_type = WB_POSIX_MAP_SFU;
+ ctx->ad_map_type = WB_POSIX_MAP_SFU;
else if ( strequal(schema_mode, "sfu20" ) )
- ad_map_type = WB_POSIX_MAP_SFU20;
+ ctx->ad_map_type = WB_POSIX_MAP_SFU20;
else if ( strequal(schema_mode, "rfc2307" ) )
- ad_map_type = WB_POSIX_MAP_RFC2307;
+ ctx->ad_map_type = WB_POSIX_MAP_RFC2307;
else
DEBUG(0,("idmap_ad_initialize: Unknown schema_mode (%s)\n",
schema_mode));
@@ -256,7 +289,6 @@ static NTSTATUS idmap_ad_unixids_to_sids(struct idmap_domain *dom, struct id_map
TALLOC_CTX *memctx;
struct idmap_ad_context *ctx;
ADS_STATUS rc;
- ADS_STRUCT *ads;
const char *attrs[] = { "sAMAccountType",
"objectSid",
NULL, /* uidnumber */
@@ -284,14 +316,16 @@ static NTSTATUS idmap_ad_unixids_to_sids(struct idmap_domain *dom, struct id_map
return NT_STATUS_NO_MEMORY;
}
- if ( (ads = ad_idmap_cached_connection()) == NULL ) {
- DEBUG(1, ("ADS uninitialized\n"));
+ rc = ad_idmap_cached_connection(dom);
+ if (!ADS_ERR_OK(rc)) {
+ DEBUG(1, ("ADS uninitialized: %s\n", ads_errstr(rc)));
ret = NT_STATUS_UNSUCCESSFUL;
+ /* ret = ads_ntstatus(rc); */
goto done;
}
- attrs[2] = ad_schema->posix_uidnumber_attr;
- attrs[3] = ad_schema->posix_gidnumber_attr;
+ attrs[2] = ctx->ad_schema->posix_uidnumber_attr;
+ attrs[3] = ctx->ad_schema->posix_gidnumber_attr;
again:
bidx = idx;
@@ -308,7 +342,7 @@ again:
ATYPE_INTERDOMAIN_TRUST);
}
u_filter = talloc_asprintf_append_buffer(u_filter, "(%s=%lu)",
- ad_schema->posix_uidnumber_attr,
+ ctx->ad_schema->posix_uidnumber_attr,
(unsigned long)ids[idx]->xid.id);
CHECK_ALLOC_DONE(u_filter);
break;
@@ -322,7 +356,7 @@ again:
ATYPE_SECURITY_LOCAL_GROUP);
}
g_filter = talloc_asprintf_append_buffer(g_filter, "(%s=%lu)",
- ad_schema->posix_gidnumber_attr,
+ ctx->ad_schema->posix_gidnumber_attr,
(unsigned long)ids[idx]->xid.id);
CHECK_ALLOC_DONE(g_filter);
break;
@@ -348,14 +382,14 @@ again:
filter = talloc_asprintf_append_buffer(filter, ")");
CHECK_ALLOC_DONE(filter);
- rc = ads_search_retry(ads, &res, filter, attrs);
+ rc = ads_search_retry(ctx->ads, &res, filter, attrs);
if (!ADS_ERR_OK(rc)) {
DEBUG(1, ("ERROR: ads search returned: %s\n", ads_errstr(rc)));
ret = NT_STATUS_UNSUCCESSFUL;
goto done;
}
- if ( (count = ads_count_replies(ads, res)) == 0 ) {
+ if ( (count = ads_count_replies(ctx->ads, res)) == 0 ) {
DEBUG(10, ("No IDs found\n"));
}
@@ -368,9 +402,9 @@ again:
uint32_t atype;
if (i == 0) { /* first entry */
- entry = ads_first_entry(ads, entry);
+ entry = ads_first_entry(ctx->ads, entry);
} else { /* following ones */
- entry = ads_next_entry(ads, entry);
+ entry = ads_next_entry(ctx->ads, entry);
}
if ( !entry ) {
@@ -379,13 +413,13 @@ again:
}
/* first check if the SID is present */
- if (!ads_pull_sid(ads, entry, "objectSid", &sid)) {
+ if (!ads_pull_sid(ctx->ads, entry, "objectSid", &sid)) {
DEBUG(2, ("Could not retrieve SID from entry\n"));
continue;
}
/* get type */
- if (!ads_pull_uint32(ads, entry, "sAMAccountType", &atype)) {
+ if (!ads_pull_uint32(ctx->ads, entry, "sAMAccountType", &atype)) {
DEBUG(1, ("could not get SAM account type\n"));
continue;
}
@@ -405,9 +439,9 @@ again:
continue;
}
- if (!ads_pull_uint32(ads, entry, (type==ID_TYPE_UID) ?
- ad_schema->posix_uidnumber_attr :
- ad_schema->posix_gidnumber_attr,
+ if (!ads_pull_uint32(ctx->ads, entry, (type==ID_TYPE_UID) ?
+ ctx->ad_schema->posix_uidnumber_attr :
+ ctx->ad_schema->posix_gidnumber_attr,
&id))
{
DEBUG(1, ("Could not get unix ID\n"));
@@ -439,7 +473,7 @@ again:
}
if (res) {
- ads_msgfree(ads, res);
+ ads_msgfree(ctx->ads, res);
}
if (ids[idx]) { /* still some values to map */
@@ -468,7 +502,6 @@ static NTSTATUS idmap_ad_sids_to_unixids(struct idmap_domain *dom, struct id_map
TALLOC_CTX *memctx;
struct idmap_ad_context *ctx;
ADS_STATUS rc;
- ADS_STRUCT *ads;
const char *attrs[] = { "sAMAccountType",
"objectSid",
NULL, /* attr_uidnumber */
@@ -495,14 +528,22 @@ static NTSTATUS idmap_ad_sids_to_unixids(struct idmap_domain *dom, struct id_map
return NT_STATUS_NO_MEMORY;
}
- if ( (ads = ad_idmap_cached_connection()) == NULL ) {
- DEBUG(1, ("ADS uninitialized\n"));
+ rc = ad_idmap_cached_connection(dom);
+ if (!ADS_ERR_OK(rc)) {
+ DEBUG(1, ("ADS uninitialized: %s\n", ads_errstr(rc)));
+ ret = NT_STATUS_UNSUCCESSFUL;
+ /* ret = ads_ntstatus(rc); */
+ goto done;
+ }
+
+ if (ctx->ad_schema == NULL) {
+ DEBUG(0, ("haven't got ctx->ad_schema ! \n"));
ret = NT_STATUS_UNSUCCESSFUL;
goto done;
}
- attrs[2] = ad_schema->posix_uidnumber_attr;
- attrs[3] = ad_schema->posix_gidnumber_attr;
+ attrs[2] = ctx->ad_schema->posix_uidnumber_attr;
+ attrs[3] = ctx->ad_schema->posix_gidnumber_attr;
again:
filter = talloc_asprintf(memctx, "(&(|"
@@ -529,14 +570,14 @@ again:
CHECK_ALLOC_DONE(filter);
DEBUG(10, ("Filter: [%s]\n", filter));
- rc = ads_search_retry(ads, &res, filter, attrs);
+ rc = ads_search_retry(ctx->ads, &res, filter, attrs);
if (!ADS_ERR_OK(rc)) {
DEBUG(1, ("ERROR: ads search returned: %s\n", ads_errstr(rc)));
ret = NT_STATUS_UNSUCCESSFUL;
goto done;
}
- if ( (count = ads_count_replies(ads, res)) == 0 ) {
+ if ( (count = ads_count_replies(ctx->ads, res)) == 0 ) {
DEBUG(10, ("No IDs found\n"));
}
@@ -549,9 +590,9 @@ again:
uint32_t atype;
if (i == 0) { /* first entry */
- entry = ads_first_entry(ads, entry);
+ entry = ads_first_entry(ctx->ads, entry);
} else { /* following ones */
- entry = ads_next_entry(ads, entry);
+ entry = ads_next_entry(ctx->ads, entry);
}
if ( !entry ) {
@@ -560,7 +601,7 @@ again:
}
/* first check if the SID is present */
- if (!ads_pull_sid(ads, entry, "objectSid", &sid)) {
+ if (!ads_pull_sid(ctx->ads, entry, "objectSid", &sid)) {
DEBUG(2, ("Could not retrieve SID from entry\n"));
continue;
}
@@ -572,7 +613,7 @@ again:
}
/* get type */
- if (!ads_pull_uint32(ads, entry, "sAMAccountType", &atype)) {
+ if (!ads_pull_uint32(ctx->ads, entry, "sAMAccountType", &atype)) {
DEBUG(1, ("could not get SAM account type\n"));
continue;
}
@@ -592,9 +633,9 @@ again:
continue;
}
- if (!ads_pull_uint32(ads, entry, (type==ID_TYPE_UID) ?
- ad_schema->posix_uidnumber_attr :
- ad_schema->posix_gidnumber_attr,
+ if (!ads_pull_uint32(ctx->ads, entry, (type==ID_TYPE_UID) ?
+ ctx->ad_schema->posix_uidnumber_attr :
+ ctx->ad_schema->posix_gidnumber_attr,
&id))
{
DEBUG(1, ("Could not get unix ID\n"));
@@ -619,7 +660,7 @@ again:
}
if (res) {
- ads_msgfree(ads, res);
+ ads_msgfree(ctx->ads, res);
}
if (ids[idx]) { /* still some values to map */
@@ -644,16 +685,18 @@ done:
static NTSTATUS idmap_ad_close(struct idmap_domain *dom)
{
- ADS_STRUCT *ads = ad_idmap_ads;
+ struct idmap_ad_context * ctx;
--
Samba Shared Repository
More information about the samba-cvs
mailing list