[SCM] Samba Shared Repository - branch master updated -
release-4-0-0alpha7-2114-g4de4c03
Volker Lendecke
vlendec at samba.org
Sun Jun 7 21:14:15 GMT 2009
The branch, master has been updated
via 4de4c0318d0730fb1c3434fe0ab282cf8fb67f65 (commit)
via e2611e2b12d201bfbdcb0aa1b9d8d5e865c82ec1 (commit)
via bee9fda243f43b63ad460081b72316c172303541 (commit)
from 27fcab98e7095ea48d35c421f221cb8ac33f6ad2 (commit)
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master
- Log -----------------------------------------------------------------
commit 4de4c0318d0730fb1c3434fe0ab282cf8fb67f65
Author: Volker Lendecke <vl at samba.org>
Date: Sun Jun 7 23:11:12 2009 +0200
Add "net sam createdomaingroup"
commit e2611e2b12d201bfbdcb0aa1b9d8d5e865c82ec1
Author: Volker Lendecke <vl at samba.org>
Date: Sun Jun 7 19:09:41 2009 +0200
More pdb_ads stuff
commit bee9fda243f43b63ad460081b72316c172303541
Author: Volker Lendecke <vl at samba.org>
Date: Sun Jun 7 19:08:52 2009 +0200
Add tldap_pull_uint32
-----------------------------------------------------------------------
Summary of changes:
source3/include/tldap_util.h | 2 +
source3/lib/tldap_util.c | 12 ++++
source3/passdb/pdb_ads.c | 114 +++++++++++++++++++++++++++++++++++++++--
source3/utils/net_sam.c | 36 +++++++++++++
4 files changed, 158 insertions(+), 6 deletions(-)
Changeset truncated at 500 lines:
diff --git a/source3/include/tldap_util.h b/source3/include/tldap_util.h
index 2d5cf57..1c99376 100644
--- a/source3/include/tldap_util.h
+++ b/source3/include/tldap_util.h
@@ -49,5 +49,7 @@ int tldap_search_fmt(struct tldap_context *ld, const char *base, int scope,
const char *fmt, ...);
bool tldap_pull_uint64(struct tldap_message *msg, const char *attr,
uint64_t *presult);
+bool tldap_pull_uint32(struct tldap_message *msg, const char *attr,
+ uint32_t *presult);
#endif
diff --git a/source3/lib/tldap_util.c b/source3/lib/tldap_util.c
index 1f2cc1d..1b0c344 100644
--- a/source3/lib/tldap_util.c
+++ b/source3/lib/tldap_util.c
@@ -349,3 +349,15 @@ bool tldap_pull_uint64(struct tldap_message *msg, const char *attr,
*presult = result;
return true;
}
+
+bool tldap_pull_uint32(struct tldap_message *msg, const char *attr,
+ uint32_t *presult)
+{
+ uint64_t result;
+
+ if (!tldap_pull_uint64(msg, attr, &result)) {
+ return false;
+ }
+ *presult = (uint32_t)result;
+ return true;
+}
diff --git a/source3/passdb/pdb_ads.c b/source3/passdb/pdb_ads.c
index 3c5cd44..d4f381c 100644
--- a/source3/passdb/pdb_ads.c
+++ b/source3/passdb/pdb_ads.c
@@ -22,6 +22,9 @@
static NTSTATUS pdb_ads_getsampwsid(struct pdb_methods *m,
struct samu *sam_acct,
const DOM_SID *sid);
+static bool pdb_ads_gid_to_sid(struct pdb_methods *m, gid_t gid,
+ DOM_SID *sid);
+
struct pdb_ads_state {
struct tldap_context *ld;
@@ -294,7 +297,7 @@ static NTSTATUS pdb_ads_getsampwfilter(struct pdb_methods *m,
rc = tldap_search_fmt(state->ld, state->domaindn, TLDAP_SCOPE_SUB,
attrs, ARRAY_SIZE(attrs), 0, talloc_tos(),
- &users, filter);
+ &users, "%s", filter);
if (rc != TLDAP_SUCCESS) {
DEBUG(10, ("ldap_search failed %s\n",
tldap_errstr(debug_ctx(), state->ld, rc)));
@@ -487,22 +490,115 @@ static NTSTATUS pdb_ads_update_login_attempts(struct pdb_methods *m,
return NT_STATUS_NOT_IMPLEMENTED;
}
+static NTSTATUS pdb_ads_getgrfilter(struct pdb_methods *m, GROUP_MAP *map,
+ const char *filter)
+{
+ struct pdb_ads_state *state = talloc_get_type_abort(
+ m->private_data, struct pdb_ads_state);
+ const char *attrs[4] = { "objectSid", "description", "samAccountName",
+ "groupType" };
+ char *str;
+ struct tldap_message **group;
+ uint32_t grouptype;
+ int rc;
+
+ rc = tldap_search_fmt(state->ld, state->domaindn, TLDAP_SCOPE_SUB,
+ attrs, ARRAY_SIZE(attrs), 0, talloc_tos(),
+ &group, "%s", filter);
+ if (rc != TLDAP_SUCCESS) {
+ DEBUG(10, ("ldap_search failed %s\n",
+ tldap_errstr(debug_ctx(), state->ld, rc)));
+ return NT_STATUS_LDAP(rc);
+ }
+ if (talloc_array_length(group) != 1) {
+ DEBUG(10, ("Expected 1 user, got %d\n",
+ talloc_array_length(group)));
+ return NT_STATUS_INTERNAL_DB_CORRUPTION;
+ }
+
+ if (!tldap_pull_binsid(group[0], "objectSid", &map->sid)) {
+ return NT_STATUS_INTERNAL_DB_CORRUPTION;
+ }
+ map->gid = pdb_ads_sid2gid(&map->sid);
+
+ if (!tldap_pull_uint32(group[0], "groupType", &grouptype)) {
+ return NT_STATUS_INTERNAL_DB_CORRUPTION;
+ }
+ switch (grouptype) {
+ case GTYPE_SECURITY_BUILTIN_LOCAL_GROUP:
+ case GTYPE_SECURITY_DOMAIN_LOCAL_GROUP:
+ map->sid_name_use = SID_NAME_ALIAS;
+ break;
+ case GTYPE_SECURITY_GLOBAL_GROUP:
+ map->sid_name_use = SID_NAME_DOM_GRP;
+ break;
+ default:
+ return NT_STATUS_INTERNAL_DB_CORRUPTION;
+ }
+
+ str = tldap_talloc_single_attribute(group[0], "samAccountName",
+ talloc_tos());
+ if (str == NULL) {
+ return NT_STATUS_INTERNAL_DB_CORRUPTION;
+ }
+ fstrcpy(map->nt_name, str);
+ TALLOC_FREE(str);
+
+ str = tldap_talloc_single_attribute(group[0], "description",
+ talloc_tos());
+ if (str != NULL) {
+ fstrcpy(map->comment, str);
+ TALLOC_FREE(str);
+ } else {
+ map->comment[0] = '\0';
+ }
+
+ TALLOC_FREE(group);
+ return NT_STATUS_OK;
+}
+
static NTSTATUS pdb_ads_getgrsid(struct pdb_methods *m, GROUP_MAP *map,
DOM_SID sid)
{
- return NT_STATUS_NOT_IMPLEMENTED;
+ char *filter;
+ NTSTATUS status;
+
+ filter = talloc_asprintf(talloc_tos(),
+ "(&(objectsid=%s)(objectclass=group))",
+ sid_string_talloc(talloc_tos(), &sid));
+ if (filter == NULL) {
+ return NT_STATUS_NO_MEMORY;
+ }
+
+ status = pdb_ads_getgrfilter(m, map, filter);
+ TALLOC_FREE(filter);
+ return status;
}
static NTSTATUS pdb_ads_getgrgid(struct pdb_methods *m, GROUP_MAP *map,
gid_t gid)
{
- return NT_STATUS_NOT_IMPLEMENTED;
+ struct dom_sid sid;
+ pdb_ads_gid_to_sid(m, gid, &sid);
+ return pdb_ads_getgrsid(m, map, sid);
}
static NTSTATUS pdb_ads_getgrnam(struct pdb_methods *m, GROUP_MAP *map,
const char *name)
{
- return NT_STATUS_NOT_IMPLEMENTED;
+ char *filter;
+ NTSTATUS status;
+
+ filter = talloc_asprintf(talloc_tos(),
+ "(&(samaccountname=%s)(objectclass=group))",
+ name);
+ if (filter == NULL) {
+ return NT_STATUS_NO_MEMORY;
+ }
+
+ status = pdb_ads_getgrfilter(m, map, filter);
+ TALLOC_FREE(filter);
+ return status;
}
static NTSTATUS pdb_ads_create_dom_group(struct pdb_methods *m,
@@ -1002,13 +1098,19 @@ static bool pdb_ads_uid_to_rid(struct pdb_methods *m, uid_t uid,
static bool pdb_ads_uid_to_sid(struct pdb_methods *m, uid_t uid,
DOM_SID *sid)
{
- return false;
+ struct pdb_ads_state *state = talloc_get_type_abort(
+ m->private_data, struct pdb_ads_state);
+ sid_compose(sid, &state->domainsid, uid);
+ return true;
}
static bool pdb_ads_gid_to_sid(struct pdb_methods *m, gid_t gid,
DOM_SID *sid)
{
- return false;
+ struct pdb_ads_state *state = talloc_get_type_abort(
+ m->private_data, struct pdb_ads_state);
+ sid_compose(sid, &state->domainsid, gid);
+ return true;
}
static bool pdb_ads_sid_to_id(struct pdb_methods *m, const DOM_SID *sid,
diff --git a/source3/utils/net_sam.c b/source3/utils/net_sam.c
index 6b3f5e5..45dfb61 100644
--- a/source3/utils/net_sam.c
+++ b/source3/utils/net_sam.c
@@ -922,6 +922,34 @@ static int net_sam_unmapunixgroup(struct net_context *c, int argc, const char **
}
/*
+ * Create a domain group
+ */
+
+static int net_sam_createdomaingroup(struct net_context *c, int argc,
+ const char **argv)
+{
+ NTSTATUS status;
+ uint32 rid;
+
+ if (argc != 1 || c->display_usage) {
+ d_fprintf(stderr, "usage: net sam createdomaingroup <name>\n");
+ return -1;
+ }
+
+ status = pdb_create_dom_group(talloc_tos(), argv[0], &rid);
+
+ if (!NT_STATUS_IS_OK(status)) {
+ d_fprintf(stderr, "Creating %s failed with %s\n",
+ argv[0], nt_errstr(status));
+ return -1;
+ }
+
+ d_printf("Created domain group %s with RID %d\n", argv[0], rid);
+
+ return 0;
+}
+
+/*
* Create a local group
*/
@@ -1830,6 +1858,14 @@ int net_sam(struct net_context *c, int argc, const char **argv)
" Create a new local group"
},
{
+ "createdomaingroup",
+ net_sam_createdomaingroup,
+ NET_TRANSPORT_LOCAL,
+ "Create a new group",
+ "net sam createdomaingroup\n"
+ " Create a new group"
+ },
+ {
"deletelocalgroup",
net_sam_deletelocalgroup,
NET_TRANSPORT_LOCAL,
--
Samba Shared Repository
More information about the samba-cvs
mailing list