[SCM] Samba Shared Repository - branch master updated -
release-4-0-0alpha7-2151-g094f47e
Volker Lendecke
vlendec at samba.org
Mon Jun 8 19:15:05 GMT 2009
The branch, master has been updated
via 094f47e7cf88b411eb4f1cbce0e52665c4a7cec6 (commit)
via 275ca400db7a287a08288e2235b1deb929cea2a3 (commit)
via 9b42c5ca79b925fa01f9bd9e89de2c1061cf72ba (commit)
via af82489b41c8fa621dc4c8abe5bfdf107b6bec43 (commit)
via 7ab4d3fa4305fdfbd33f9f643051123effba56f4 (commit)
via a51e6ce43cbc576a1352b0eccdab2f5c7f1bc2c2 (commit)
via 5ea88420da78589b3d52addcd8cce119968f0f73 (commit)
via 66c3cd1e9237fa605d725c1020a37fe61143bf4a (commit)
from 963efb5542a18b545824ec2349fe9d2c590329b0 (commit)
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master
- Log -----------------------------------------------------------------
commit 094f47e7cf88b411eb4f1cbce0e52665c4a7cec6
Author: Volker Lendecke <vl at samba.org>
Date: Mon Jun 8 21:13:24 2009 +0200
Fix two 64-bit warnings
commit 275ca400db7a287a08288e2235b1deb929cea2a3
Author: Volker Lendecke <vl at samba.org>
Date: Mon Jun 8 20:37:50 2009 +0200
Implement pdb_[add|del]aliasmem
commit 9b42c5ca79b925fa01f9bd9e89de2c1061cf72ba
Author: Volker Lendecke <vl at samba.org>
Date: Mon Jun 8 20:36:49 2009 +0200
Add tlda_add_mod_str
commit af82489b41c8fa621dc4c8abe5bfdf107b6bec43
Author: Volker Lendecke <vl at samba.org>
Date: Mon Jun 8 20:15:56 2009 +0200
Do not use a variable format string
commit 7ab4d3fa4305fdfbd33f9f643051123effba56f4
Author: Volker Lendecke <vl at samba.org>
Date: Mon Jun 8 20:04:49 2009 +0200
Implement pdb_ads_enum_aliasmem
commit a51e6ce43cbc576a1352b0eccdab2f5c7f1bc2c2
Author: Volker Lendecke <vl at samba.org>
Date: Mon Jun 8 19:43:01 2009 +0200
Pass a talloc_ctx to pdb_enum_aliasmem
commit 5ea88420da78589b3d52addcd8cce119968f0f73
Author: Volker Lendecke <vl at samba.org>
Date: Sun Jun 7 23:32:36 2009 +0200
Implement pdb_ads_delete_alias
commit 66c3cd1e9237fa605d725c1020a37fe61143bf4a
Author: Volker Lendecke <vl at samba.org>
Date: Sun Jun 7 23:29:58 2009 +0200
Implement pdb_ads_create_dom_group()
-----------------------------------------------------------------------
Summary of changes:
source3/groupdb/mapping.c | 7 +-
source3/groupdb/mapping.h | 3 +-
source3/groupdb/mapping_ldb.c | 5 +-
source3/groupdb/mapping_tdb.c | 7 +-
source3/include/passdb.h | 4 +-
source3/include/proto.h | 5 +-
source3/include/tldap_util.h | 2 +
source3/lib/tldap_util.c | 17 ++
source3/passdb/pdb_ads.c | 309 +++++++++++++++++++++++++++++++++++-
source3/passdb/pdb_interface.c | 5 +-
source3/passdb/pdb_ldap.c | 3 +-
source3/passdb/pdb_wbc_sam.c | 6 +-
source3/rpc_server/srv_samr_nt.c | 3 +-
source3/utils/net_groupmap.c | 3 +-
source3/utils/net_sam.c | 3 +-
source3/winbindd/winbindd_group.c | 4 +-
16 files changed, 355 insertions(+), 31 deletions(-)
Changeset truncated at 500 lines:
diff --git a/source3/groupdb/mapping.c b/source3/groupdb/mapping.c
index 4f05d73..12d0bd3 100644
--- a/source3/groupdb/mapping.c
+++ b/source3/groupdb/mapping.c
@@ -606,14 +606,15 @@ NTSTATUS pdb_default_del_aliasmem(struct pdb_methods *methods,
}
NTSTATUS pdb_default_enum_aliasmem(struct pdb_methods *methods,
- const DOM_SID *alias, DOM_SID **pp_members,
- size_t *p_num_members)
+ const DOM_SID *alias, TALLOC_CTX *mem_ctx,
+ DOM_SID **pp_members, size_t *p_num_members)
{
if (!init_group_mapping()) {
DEBUG(0,("failed to initialize group mapping\n"));
return NT_STATUS_UNSUCCESSFUL;
}
- return backend->enum_aliasmem(alias, pp_members, p_num_members);
+ return backend->enum_aliasmem(alias, mem_ctx, pp_members,
+ p_num_members);
}
NTSTATUS pdb_default_alias_memberships(struct pdb_methods *methods,
diff --git a/source3/groupdb/mapping.h b/source3/groupdb/mapping.h
index c37ae84..519b0ae 100644
--- a/source3/groupdb/mapping.h
+++ b/source3/groupdb/mapping.h
@@ -29,5 +29,6 @@ struct mapping_backend {
DOM_SID **sids, size_t *num);
NTSTATUS (*add_aliasmem)(const DOM_SID *alias, const DOM_SID *member);
NTSTATUS (*del_aliasmem)(const DOM_SID *alias, const DOM_SID *member);
- NTSTATUS (*enum_aliasmem)(const DOM_SID *alias, DOM_SID **sids, size_t *num);
+ NTSTATUS (*enum_aliasmem)(const DOM_SID *alias, TALLOC_CTX *mem_ctx,
+ DOM_SID **sids, size_t *num);
};
diff --git a/source3/groupdb/mapping_ldb.c b/source3/groupdb/mapping_ldb.c
index cc06282..89966e1 100644
--- a/source3/groupdb/mapping_ldb.c
+++ b/source3/groupdb/mapping_ldb.c
@@ -488,7 +488,8 @@ static NTSTATUS del_aliasmem(const DOM_SID *alias, const DOM_SID *member)
/*
enumerate sids that have the given alias set in member
*/
-static NTSTATUS enum_aliasmem(const DOM_SID *alias, DOM_SID **sids, size_t *num)
+static NTSTATUS enum_aliasmem(const DOM_SID *alias, TALLOC_CTX *mem_ctx,
+ DOM_SID **sids, size_t *num)
{
const char *attrs[] = {
"member",
@@ -529,7 +530,7 @@ static NTSTATUS enum_aliasmem(const DOM_SID *alias, DOM_SID **sids, size_t *num)
for (i=0;i<el->num_values;i++) {
DOM_SID sid;
string_to_sid(&sid, (const char *)el->values[i].data);
- status = add_sid_to_array_unique(NULL, &sid, sids, num);
+ status = add_sid_to_array_unique(mem_ctx, &sid, sids, num);
if (!NT_STATUS_IS_OK(status)) {
goto done;
}
diff --git a/source3/groupdb/mapping_tdb.c b/source3/groupdb/mapping_tdb.c
index 29927eb..8498f0c 100644
--- a/source3/groupdb/mapping_tdb.c
+++ b/source3/groupdb/mapping_tdb.c
@@ -535,6 +535,7 @@ static NTSTATUS add_aliasmem(const DOM_SID *alias, const DOM_SID *member)
}
struct aliasmem_state {
+ TALLOC_CTX *mem_ctx;
const DOM_SID *alias;
DOM_SID **sids;
size_t *num;
@@ -580,7 +581,7 @@ static int collect_aliasmem(struct db_record *rec, void *priv)
if (!string_to_sid(&member, member_string))
continue;
- if (!NT_STATUS_IS_OK(add_sid_to_array(NULL, &member,
+ if (!NT_STATUS_IS_OK(add_sid_to_array(state->mem_ctx, &member,
state->sids,
state->num)))
{
@@ -593,7 +594,8 @@ static int collect_aliasmem(struct db_record *rec, void *priv)
return 0;
}
-static NTSTATUS enum_aliasmem(const DOM_SID *alias, DOM_SID **sids, size_t *num)
+static NTSTATUS enum_aliasmem(const DOM_SID *alias, TALLOC_CTX *mem_ctx,
+ DOM_SID **sids, size_t *num)
{
GROUP_MAP map;
struct aliasmem_state state;
@@ -611,6 +613,7 @@ static NTSTATUS enum_aliasmem(const DOM_SID *alias, DOM_SID **sids, size_t *num)
state.alias = alias;
state.sids = sids;
state.num = num;
+ state.mem_ctx = mem_ctx;
db->traverse_read(db, collect_aliasmem, &state);
return NT_STATUS_OK;
diff --git a/source3/include/passdb.h b/source3/include/passdb.h
index 03d9f56..d67c284 100644
--- a/source3/include/passdb.h
+++ b/source3/include/passdb.h
@@ -311,8 +311,8 @@ struct pdb_methods
NTSTATUS (*del_aliasmem)(struct pdb_methods *methods,
const DOM_SID *alias, const DOM_SID *member);
NTSTATUS (*enum_aliasmem)(struct pdb_methods *methods,
- const DOM_SID *alias, DOM_SID **members,
- size_t *p_num_members);
+ const DOM_SID *alias, TALLOC_CTX *mem_ctx,
+ DOM_SID **members, size_t *p_num_members);
NTSTATUS (*enum_alias_memberships)(struct pdb_methods *methods,
TALLOC_CTX *mem_ctx,
const DOM_SID *domain_sid,
diff --git a/source3/include/proto.h b/source3/include/proto.h
index 19314e0..40855a0 100644
--- a/source3/include/proto.h
+++ b/source3/include/proto.h
@@ -231,7 +231,8 @@ NTSTATUS pdb_default_add_aliasmem(struct pdb_methods *methods,
NTSTATUS pdb_default_del_aliasmem(struct pdb_methods *methods,
const DOM_SID *alias, const DOM_SID *member);
NTSTATUS pdb_default_enum_aliasmem(struct pdb_methods *methods,
- const DOM_SID *alias, DOM_SID **pp_members,
+ const DOM_SID *alias, TALLOC_CTX *mem_ctx,
+ DOM_SID **pp_members,
size_t *p_num_members);
NTSTATUS pdb_default_alias_memberships(struct pdb_methods *methods,
TALLOC_CTX *mem_ctx,
@@ -4547,7 +4548,7 @@ NTSTATUS pdb_get_aliasinfo(const DOM_SID *sid, struct acct_info *info);
NTSTATUS pdb_set_aliasinfo(const DOM_SID *sid, struct acct_info *info);
NTSTATUS pdb_add_aliasmem(const DOM_SID *alias, const DOM_SID *member);
NTSTATUS pdb_del_aliasmem(const DOM_SID *alias, const DOM_SID *member);
-NTSTATUS pdb_enum_aliasmem(const DOM_SID *alias,
+NTSTATUS pdb_enum_aliasmem(const DOM_SID *alias, TALLOC_CTX *mem_ctx,
DOM_SID **pp_members, size_t *p_num_members);
NTSTATUS pdb_enum_alias_memberships(TALLOC_CTX *mem_ctx,
const DOM_SID *domain_sid,
diff --git a/source3/include/tldap_util.h b/source3/include/tldap_util.h
index 1c99376..06b1036 100644
--- a/source3/include/tldap_util.h
+++ b/source3/include/tldap_util.h
@@ -34,6 +34,8 @@ bool tldap_pull_binsid(struct tldap_message *msg, const char *attribute,
bool tldap_add_mod_blobs(TALLOC_CTX *mem_ctx, struct tldap_mod **pmods,
int mod_op, const char *attrib,
int num_values, DATA_BLOB *values);
+bool tldap_add_mod_str(TALLOC_CTX *mem_ctx, struct tldap_mod **pmods,
+ int mod_op, const char *attrib, const char *str);
bool tldap_make_mod_blob(struct tldap_message *existing, TALLOC_CTX *mem_ctx,
int *pnum_mods, struct tldap_mod **pmods,
const char *attrib, DATA_BLOB newval);
diff --git a/source3/lib/tldap_util.c b/source3/lib/tldap_util.c
index 1b0c344..7c57916 100644
--- a/source3/lib/tldap_util.c
+++ b/source3/lib/tldap_util.c
@@ -172,6 +172,23 @@ bool tldap_add_mod_blobs(TALLOC_CTX *mem_ctx, struct tldap_mod **pmods,
return true;
}
+bool tldap_add_mod_str(TALLOC_CTX *mem_ctx, struct tldap_mod **pmods,
+ int mod_op, const char *attrib, const char *str)
+{
+ DATA_BLOB utf8;
+ bool ret;
+
+ if (!convert_string_talloc(talloc_tos(), CH_UNIX, CH_UTF8, str,
+ strlen(str), &utf8.data, &utf8.length,
+ false)) {
+ return false;
+ }
+
+ ret = tldap_add_mod_blobs(mem_ctx, pmods, mod_op, attrib, 1, &utf8);
+ TALLOC_FREE(utf8.data);
+ return ret;
+}
+
static bool tldap_make_mod_blob_int(struct tldap_message *existing,
TALLOC_CTX *mem_ctx,
int *pnum_mods, struct tldap_mod **pmods,
diff --git a/source3/passdb/pdb_ads.c b/source3/passdb/pdb_ads.c
index d4f381c..abd9f75 100644
--- a/source3/passdb/pdb_ads.c
+++ b/source3/passdb/pdb_ads.c
@@ -266,7 +266,7 @@ static bool pdb_ads_init_ads_from_sam(struct pdb_ads_state *state,
ret &= tldap_make_mod_fmt(
existing, mem_ctx, pnum_mods, pmods, "displayName",
- pdb_get_fullname(sam));
+ "%s", pdb_get_fullname(sam));
ret &= tldap_make_mod_blob(
existing, mem_ctx, pnum_mods, pmods, "unicodePwd",
@@ -512,7 +512,7 @@ static NTSTATUS pdb_ads_getgrfilter(struct pdb_methods *m, GROUP_MAP *map,
}
if (talloc_array_length(group) != 1) {
DEBUG(10, ("Expected 1 user, got %d\n",
- talloc_array_length(group)));
+ (int)talloc_array_length(group)));
return NT_STATUS_INTERNAL_DB_CORRUPTION;
}
@@ -605,7 +605,75 @@ static NTSTATUS pdb_ads_create_dom_group(struct pdb_methods *m,
TALLOC_CTX *mem_ctx, const char *name,
uint32 *rid)
{
- return NT_STATUS_NOT_IMPLEMENTED;
+ TALLOC_CTX *frame = talloc_stackframe();
+ struct pdb_ads_state *state = talloc_get_type_abort(
+ m->private_data, struct pdb_ads_state);
+ const char *attrs[1] = { "objectSid" };
+ int num_mods = 0;
+ struct tldap_mod *mods = NULL;
+ struct tldap_message **alias;
+ struct dom_sid sid;
+ char *dn;
+ int rc;
+ bool ok = true;
+
+ dn = talloc_asprintf(talloc_tos(), "cn=%s,cn=users,%s", name,
+ state->domaindn);
+ if (dn == NULL) {
+ TALLOC_FREE(frame);
+ return NT_STATUS_NO_MEMORY;
+ }
+
+ ok &= tldap_make_mod_fmt(
+ NULL, talloc_tos(), &num_mods, &mods, "samAccountName", "%s",
+ name);
+ ok &= tldap_make_mod_fmt(
+ NULL, talloc_tos(), &num_mods, &mods, "objectClass", "group");
+ ok &= tldap_make_mod_fmt(
+ NULL, talloc_tos(), &num_mods, &mods, "groupType",
+ "%d", (int)GTYPE_SECURITY_GLOBAL_GROUP);
+
+ if (!ok) {
+ TALLOC_FREE(frame);
+ return NT_STATUS_NO_MEMORY;
+ }
+
+ rc = tldap_add(state->ld, dn, num_mods, mods, NULL, NULL);
+ if (rc != TLDAP_SUCCESS) {
+ DEBUG(10, ("ldap_add failed %s\n",
+ tldap_errstr(debug_ctx(), state->ld, rc)));
+ TALLOC_FREE(frame);
+ return NT_STATUS_LDAP(rc);
+ }
+
+ rc = tldap_search_fmt(
+ state->ld, state->domaindn, TLDAP_SCOPE_SUB,
+ attrs, ARRAY_SIZE(attrs), 0, talloc_tos(), &alias,
+ "(&(objectclass=group)(samaccountname=%s))", name);
+ if (rc != TLDAP_SUCCESS) {
+ DEBUG(10, ("Could not find just created alias %s: %s\n",
+ name, tldap_errstr(debug_ctx(), state->ld, rc)));
+ TALLOC_FREE(frame);
+ return NT_STATUS_LDAP(rc);
+ }
+
+ if (talloc_array_length(alias) != 1) {
+ DEBUG(10, ("Got %d alias, expected one\n",
+ (int)talloc_array_length(alias)));
+ TALLOC_FREE(frame);
+ return NT_STATUS_LDAP(rc);
+ }
+
+ if (!tldap_pull_binsid(alias[0], "objectSid", &sid)) {
+ DEBUG(10, ("Could not fetch objectSid from alias %s\n",
+ name));
+ TALLOC_FREE(frame);
+ return NT_STATUS_INTERNAL_DB_CORRUPTION;
+ }
+
+ sid_peek_rid(&sid, rid);
+ TALLOC_FREE(frame);
+ return NT_STATUS_OK;
}
static NTSTATUS pdb_ads_delete_dom_group(struct pdb_methods *m,
@@ -810,7 +878,50 @@ static NTSTATUS pdb_ads_create_alias(struct pdb_methods *m,
static NTSTATUS pdb_ads_delete_alias(struct pdb_methods *m,
const DOM_SID *sid)
{
- return NT_STATUS_NOT_IMPLEMENTED;
+ struct pdb_ads_state *state = talloc_get_type_abort(
+ m->private_data, struct pdb_ads_state);
+ struct tldap_message **alias;
+ char *sidstr, *dn;
+ int rc;
+
+ sidstr = sid_binstring(talloc_tos(), sid);
+ if (sidstr == NULL) {
+ return NT_STATUS_NO_MEMORY;
+ }
+
+ rc = tldap_search_fmt(state->ld, state->domaindn, TLDAP_SCOPE_SUB,
+ NULL, 0, 0, talloc_tos(), &alias,
+ "(&(objectSid=%s)(objectclass=group)"
+ "(|(grouptype=%d)(grouptype=%d)))",
+ sidstr, GTYPE_SECURITY_BUILTIN_LOCAL_GROUP,
+ GTYPE_SECURITY_DOMAIN_LOCAL_GROUP);
+ TALLOC_FREE(sidstr);
+ if (rc != TLDAP_SUCCESS) {
+ DEBUG(10, ("ldap_search failed: %s\n",
+ tldap_errstr(debug_ctx(), state->ld, rc)));
+ TALLOC_FREE(dn);
+ return NT_STATUS_LDAP(rc);
+ }
+ if (talloc_array_length(alias) != 1) {
+ DEBUG(10, ("Expected 1 alias, got %d\n",
+ (int)talloc_array_length(alias)));
+ return NT_STATUS_INTERNAL_DB_CORRUPTION;
+ }
+ if (!tldap_entry_dn(alias[0], &dn)) {
+ DEBUG(10, ("Could not get DN for alias %s\n",
+ sid_string_dbg(sid)));
+ return NT_STATUS_INTERNAL_ERROR;
+ }
+
+ rc = tldap_delete(state->ld, dn, NULL, NULL);
+ if (rc != TLDAP_SUCCESS) {
+ DEBUG(10, ("ldap_delete failed: %s\n",
+ tldap_errstr(debug_ctx(), state->ld, rc)));
+ TALLOC_FREE(dn);
+ return NT_STATUS_LDAP(rc);
+ }
+
+ return NT_STATUS_OK;
}
static NTSTATUS pdb_ads_get_aliasinfo(struct pdb_methods *m,
@@ -827,25 +938,205 @@ static NTSTATUS pdb_ads_set_aliasinfo(struct pdb_methods *m,
return NT_STATUS_NOT_IMPLEMENTED;
}
+static NTSTATUS pdb_ads_sid2dn(struct pdb_ads_state *state,
+ const struct dom_sid *sid,
+ TALLOC_CTX *mem_ctx, char **pdn)
+{
+ struct tldap_message **msg;
+ char *sidstr, *dn;
+ int rc;
+
+ sidstr = sid_binstring(talloc_tos(), sid);
+ NT_STATUS_HAVE_NO_MEMORY(sidstr);
+
+ rc = tldap_search_fmt(state->ld, state->domaindn, TLDAP_SCOPE_SUB,
+ NULL, 0, 0, talloc_tos(), &msg,
+ "(objectsid=%s)", sidstr);
+ TALLOC_FREE(sidstr);
+ if (rc != TLDAP_SUCCESS) {
+ DEBUG(10, ("ldap_search failed %s\n",
+ tldap_errstr(debug_ctx(), state->ld, rc)));
+ return NT_STATUS_LDAP(rc);
+ }
+
+ switch talloc_array_length(msg) {
+ case 0:
+ return NT_STATUS_NOT_FOUND;
+ case 1:
+ break;
+ default:
+ return NT_STATUS_INTERNAL_DB_CORRUPTION;
+ }
+
+ if (!tldap_entry_dn(msg[0], &dn)) {
+ return NT_STATUS_INTERNAL_DB_CORRUPTION;
+ }
+
+ dn = talloc_strdup(mem_ctx, dn);
+ if (dn == NULL) {
+ return NT_STATUS_NO_MEMORY;
+ }
+ TALLOC_FREE(msg);
+
+ *pdn = dn;
+ return NT_STATUS_OK;
+}
+
+static NTSTATUS pdb_ads_mod_aliasmem(struct pdb_methods *m,
+ const DOM_SID *alias,
+ const DOM_SID *member,
+ int mod_op)
+{
+ struct pdb_ads_state *state = talloc_get_type_abort(
+ m->private_data, struct pdb_ads_state);
+ TALLOC_CTX *frame = talloc_stackframe();
+ struct tldap_mod *mods;
+ int rc;
+ char *aliasdn, *memberdn;
+ NTSTATUS status;
+
+ status = pdb_ads_sid2dn(state, alias, talloc_tos(), &aliasdn);
+ if (!NT_STATUS_IS_OK(status)) {
+ DEBUG(10, ("pdb_ads_sid2dn (%s) failed: %s\n",
+ sid_string_dbg(alias), nt_errstr(status)));
+ TALLOC_FREE(frame);
+ return NT_STATUS_NO_SUCH_ALIAS;
+ }
+ status = pdb_ads_sid2dn(state, member, talloc_tos(), &memberdn);
+ if (!NT_STATUS_IS_OK(status)) {
+ DEBUG(10, ("pdb_ads_sid2dn (%s) failed: %s\n",
+ sid_string_dbg(member), nt_errstr(status)));
+ TALLOC_FREE(frame);
+ return status;
+ }
+
+ mods = NULL;
+
+ if (!tldap_add_mod_str(talloc_tos(), &mods, mod_op,
+ "member", memberdn)) {
+ TALLOC_FREE(frame);
+ return NT_STATUS_NO_MEMORY;
+ }
+
+ rc = tldap_modify(state->ld, aliasdn, 1, mods, NULL, NULL);
+ TALLOC_FREE(frame);
+ if (rc != TLDAP_SUCCESS) {
+ DEBUG(10, ("ldap_modify failed: %s\n",
+ tldap_errstr(debug_ctx(), state->ld, rc)));
+ if (rc == TLDAP_TYPE_OR_VALUE_EXISTS) {
+ return NT_STATUS_MEMBER_IN_ALIAS;
+ }
+ if (rc == TLDAP_NO_SUCH_ATTRIBUTE) {
+ return NT_STATUS_MEMBER_NOT_IN_ALIAS;
+ }
+ return NT_STATUS_LDAP(rc);
+ }
+
+ return NT_STATUS_OK;
+}
+
static NTSTATUS pdb_ads_add_aliasmem(struct pdb_methods *m,
const DOM_SID *alias,
const DOM_SID *member)
{
- return NT_STATUS_NOT_IMPLEMENTED;
+ return pdb_ads_mod_aliasmem(m, alias, member, TLDAP_MOD_ADD);
}
static NTSTATUS pdb_ads_del_aliasmem(struct pdb_methods *m,
const DOM_SID *alias,
const DOM_SID *member)
{
- return NT_STATUS_NOT_IMPLEMENTED;
+ return pdb_ads_mod_aliasmem(m, alias, member, TLDAP_MOD_DELETE);
+}
+
+static bool pdb_ads_dnblob2sid(struct tldap_context *ld, DATA_BLOB *dnblob,
+ struct dom_sid *psid)
+{
+ const char *attrs[1] = { "objectSid" };
+ struct tldap_message **msg;
+ char *dn;
+ size_t len;
+ int rc;
+ bool ret;
+
+ if (!convert_string_talloc(talloc_tos(), CH_UTF8, CH_UNIX,
+ dnblob->data, dnblob->length, &dn, &len,
+ false)) {
+ return false;
+ }
+ rc = tldap_search_fmt(ld, dn, TLDAP_SCOPE_BASE,
+ attrs, ARRAY_SIZE(attrs), 0, talloc_tos(),
+ &msg, "(objectclass=*)");
+ TALLOC_FREE(dn);
+ if (talloc_array_length(msg) != 1) {
+ DEBUG(10, ("Got %d objects, expected one\n",
+ (int)talloc_array_length(msg)));
+ TALLOC_FREE(msg);
+ return false;
+ }
+
+ ret = tldap_pull_binsid(msg[0], "objectSid", psid);
+ TALLOC_FREE(msg);
+ return ret;
}
static NTSTATUS pdb_ads_enum_aliasmem(struct pdb_methods *m,
- const DOM_SID *alias, DOM_SID **members,
- size_t *p_num_members)
+ const DOM_SID *alias,
+ TALLOC_CTX *mem_ctx,
+ DOM_SID **pmembers,
+ size_t *pnum_members)
{
- return NT_STATUS_NOT_IMPLEMENTED;
+ struct pdb_ads_state *state = talloc_get_type_abort(
+ m->private_data, struct pdb_ads_state);
+ const char *attrs[1] = { "member" };
+ char *sidstr;
+ struct tldap_message **msg;
+ int i, rc, num_members;
+ DATA_BLOB *blobs;
+ struct dom_sid *members;
+
+ sidstr = sid_binstring(talloc_tos(), alias);
+ NT_STATUS_HAVE_NO_MEMORY(sidstr);
+
+ rc = tldap_search_fmt(state->ld, state->domaindn, TLDAP_SCOPE_SUB,
+ attrs, ARRAY_SIZE(attrs), 0, talloc_tos(), &msg,
+ "(objectsid=%s)", sidstr);
+ TALLOC_FREE(sidstr);
--
Samba Shared Repository
More information about the samba-cvs
mailing list