[SCM] Samba Shared Repository - branch master updated -
release-4-0-0alpha7-2165-g89bd09e
Volker Lendecke
vlendec at samba.org
Mon Jun 8 22:00:15 GMT 2009
The branch, master has been updated
via 89bd09e7f3247b02223bd06a68be43b8954f5b97 (commit)
via 890fbf2e30c2a8c8d4b64b2044961bd49afc4dce (commit)
from 4c39297d1df1a8143fb95353cd0af8b3d91c1380 (commit)
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master
- Log -----------------------------------------------------------------
commit 89bd09e7f3247b02223bd06a68be43b8954f5b97
Author: Volker Lendecke <vl at samba.org>
Date: Mon Jun 8 23:57:54 2009 +0200
Implement pdb_ads_enum_group_members
commit 890fbf2e30c2a8c8d4b64b2044961bd49afc4dce
Author: Volker Lendecke <vl at samba.org>
Date: Mon Jun 8 23:57:11 2009 +0200
Make "net ads listmem" also work for domain groups
-----------------------------------------------------------------------
Summary of changes:
source3/passdb/pdb_ads.c | 60 +++++++++++++++++++++++++++++++++++++++++++--
source3/utils/net_sam.c | 48 ++++++++++++++++++++++++++----------
2 files changed, 91 insertions(+), 17 deletions(-)
Changeset truncated at 500 lines:
diff --git a/source3/passdb/pdb_ads.c b/source3/passdb/pdb_ads.c
index abd9f75..b87d432 100644
--- a/source3/passdb/pdb_ads.c
+++ b/source3/passdb/pdb_ads.c
@@ -24,6 +24,8 @@ static NTSTATUS pdb_ads_getsampwsid(struct pdb_methods *m,
const DOM_SID *sid);
static bool pdb_ads_gid_to_sid(struct pdb_methods *m, gid_t gid,
DOM_SID *sid);
+static bool pdb_ads_dnblob2sid(struct tldap_context *ld, DATA_BLOB *dnblob,
+ struct dom_sid *psid);
struct pdb_ads_state {
@@ -713,10 +715,62 @@ static NTSTATUS pdb_ads_enum_group_mapping(struct pdb_methods *m,
static NTSTATUS pdb_ads_enum_group_members(struct pdb_methods *m,
TALLOC_CTX *mem_ctx,
const DOM_SID *group,
- uint32 **pp_member_rids,
- size_t *p_num_members)
+ uint32 **pmembers,
+ size_t *pnum_members)
{
- return NT_STATUS_NOT_IMPLEMENTED;
+ struct pdb_ads_state *state = talloc_get_type_abort(
+ m->private_data, struct pdb_ads_state);
+ const char *attrs[1] = { "member" };
+ char *sidstr;
+ struct tldap_message **msg;
+ int i, rc, num_members;
+ DATA_BLOB *blobs;
+ uint32_t *members;
+
+ sidstr = sid_binstring(talloc_tos(), group);
+ NT_STATUS_HAVE_NO_MEMORY(sidstr);
+
+ rc = tldap_search_fmt(state->ld, state->domaindn, TLDAP_SCOPE_SUB,
+ attrs, ARRAY_SIZE(attrs), 0, talloc_tos(), &msg,
+ "(objectsid=%s)", sidstr);
+ TALLOC_FREE(sidstr);
+ if (rc != TLDAP_SUCCESS) {
+ DEBUG(10, ("ldap_search failed %s\n",
+ tldap_errstr(debug_ctx(), state->ld, rc)));
+ return NT_STATUS_LDAP(rc);
+ }
+ switch talloc_array_length(msg) {
+ case 0:
+ return NT_STATUS_OBJECT_NAME_NOT_FOUND;
+ break;
+ case 1:
+ break;
+ default:
+ return NT_STATUS_INTERNAL_DB_CORRUPTION;
+ break;
+ }
+
+ if (!tldap_entry_values(msg[0], "member", &num_members, &blobs)) {
+ return NT_STATUS_INTERNAL_DB_CORRUPTION;
+ }
+
+ members = talloc_array(mem_ctx, uint32_t, num_members);
+ if (members == NULL) {
+ return NT_STATUS_NO_MEMORY;
+ }
+
+ for (i=0; i<num_members; i++) {
+ struct dom_sid sid;
+ if (!pdb_ads_dnblob2sid(state->ld, &blobs[i], &sid)
+ || !sid_peek_rid(&sid, &members[i])) {
+ TALLOC_FREE(members);
+ return NT_STATUS_INTERNAL_DB_CORRUPTION;
+ }
+ }
+
+ *pmembers = members;
+ *pnum_members = num_members;
+ return NT_STATUS_OK;
}
static NTSTATUS pdb_ads_enum_group_memberships(struct pdb_methods *m,
diff --git a/source3/utils/net_sam.c b/source3/utils/net_sam.c
index 5f41f21..ddf4d4e 100644
--- a/source3/utils/net_sam.c
+++ b/source3/utils/net_sam.c
@@ -1214,6 +1214,8 @@ static int net_sam_listmem(struct net_context *c, int argc, const char **argv)
{
const char *groupdomain, *groupname;
DOM_SID group;
+ DOM_SID *members = NULL;
+ size_t i, num_members = 0;
enum lsa_SidType grouptype;
NTSTATUS status;
@@ -1230,37 +1232,55 @@ static int net_sam_listmem(struct net_context *c, int argc, const char **argv)
if ((grouptype == SID_NAME_ALIAS) ||
(grouptype == SID_NAME_WKN_GRP)) {
- DOM_SID *members = NULL;
- size_t i, num_members = 0;
-
status = pdb_enum_aliasmem(&group, talloc_tos(), &members,
&num_members);
+ if (!NT_STATUS_IS_OK(status)) {
+ d_fprintf(stderr, "Listing group members failed with "
+ "%s\n", nt_errstr(status));
+ return -1;
+ }
+ } else if (grouptype == SID_NAME_DOM_GRP) {
+ uint32_t *rids;
+ status = pdb_enum_group_members(talloc_tos(), &group,
+ &rids, &num_members);
if (!NT_STATUS_IS_OK(status)) {
d_fprintf(stderr, "Listing group members failed with "
"%s\n", nt_errstr(status));
return -1;
}
- d_printf("%s\\%s has %u members\n", groupdomain, groupname,
- (unsigned int)num_members);
- for (i=0; i<num_members; i++) {
- const char *dom, *name;
- if (lookup_sid(talloc_tos(), &members[i],
- &dom, &name, NULL)) {
- d_printf(" %s\\%s\n", dom, name);
- } else {
- d_printf(" %s\n", sid_string_tos(&members[i]));
- }
+ members = talloc_array(talloc_tos(), struct dom_sid,
+ num_members);
+ if (members == NULL) {
+ TALLOC_FREE(rids);
+ return -1;
}
- TALLOC_FREE(members);
+ for (i=0; i<num_members; i++) {
+ sid_compose(&members[i], get_global_sam_sid(),
+ rids[i]);
+ }
+ TALLOC_FREE(rids);
} else {
d_fprintf(stderr, "Can only list local group members so far.\n"
"%s is a %s\n", argv[0], sid_type_lookup(grouptype));
return -1;
}
+ d_printf("%s\\%s has %u members\n", groupdomain, groupname,
+ (unsigned int)num_members);
+ for (i=0; i<num_members; i++) {
+ const char *dom, *name;
+ if (lookup_sid(talloc_tos(), &members[i], &dom, &name, NULL)) {
+ d_printf(" %s\\%s\n", dom, name);
+ } else {
+ d_printf(" %s\n", sid_string_tos(&members[i]));
+ }
+ }
+
+ TALLOC_FREE(members);
+
return 0;
}
--
Samba Shared Repository
More information about the samba-cvs
mailing list