[SCM] Samba Shared Repository - branch master updated
Günther Deschner
gd at samba.org
Wed Feb 16 04:59:02 MST 2011
The branch, master has been updated
via bfa7964 s3-ipasam: Add aliases for trusted domain user
via 7763816 s3-netlogon: Implement NetrServerGetTrustInfo and NetrGetForestTrustInformation
via 9ebbbb7 s3-ldap: Add sambaTrustForestTrustInfo to LDAP schemata
via d638f4a s3-lsa: Implement lsaRSetForestTrustInformation
via 92ea55e s4-smbtorture: Fix for RPC-LSA-FOREST-TRUST.
via cc3b67f s3-ipasam: add IPA specific attributes
via 33655d2 s3-lsa: Add and remove trusted domain account
via 7d53893 s3-lsa: fix return code of _lsa_QueryTrustedDomainInfoByName()
via 8fa440c s3-ipasam: add pdb_ipasam_capabilities() and pdb_ipasam_get_domain_info()
via a357ac0 s4-smbtorture: Two fixes for forest trust test against samba.
via a8ab5d5 s3-lsa: Extract auth info from trustDomainPasswords
via ba28fb0 s3-ldap: Update LDAP schemata to include sambaTrustedDomain.
via 0b27317 s3-lsa: Use pdb_get_trusted_domain_by_sid in _lsa_QueryTrustedDomainInfo()
via fbd846f s3-lsa: fix lsa_QueryTrustedDomainInfo
via 72de982 s3-ipasam: add ipasam_get_trusted_domain_by_sid()
via b4bc1f8 s3-ipasam: add wrapper for ipasam_enum_trusteddoms()
via 4d22986 s3-lsa: implement _lsa_OpenTrustedDomainByName().
via cdd4df7 s3-lsa: implement _lsa_OpenTrustedDomain().
via 13c5211 s3-lsa: Implement _lsa_EnumTrustedDomainsEx()
via 86771d8 s3-lsa: implement _lsa_CloseTrustedDomainEx().
via 06245d1 s3-lsa: implement _lsa_QueryTrustedDomainInfoByName().
via b9eda2a s3-lsa: implement _lsa_QueryTrustedDomainInfoBySid().
via 1ce0d97 s3-lsa: implement _lsa_QueryTrustedDomainInfo().
via bb94708 s3-lsa: make _lsa_DeleteTrustedDomain() use pdb_del_trusted_domain().
via 12d16af s3-lsa: implement _lsa_DeleteTrustedDomain().
via f6004a1 s3-lsa: make lsa_lookup_trusted_domain_by_name() use pdb_get_trusted_domain().
via 387e37e s3-lsa: add lsa_lookup_trusted_domain_by_name and lsa_lookup_trusted_domain_by_sid.
via 39c9f59 s3-lsa: implement _lsa_CreateTrustedDomain().
via 55bc1cf s3-lsa: implement _lsa_CreateTrustedDomainEx().
via 162fd0e s3-lsa: Let _lsa_CreateTrustedDomainEx2() use pdb_set_trusted_domain().
via a6bd93b s3-lsa: implement _lsa_CreateTrustedDomainEx2().
via 424dc1b s3-lsa: add LSA_HANDLE_TRUST_TYPE.
via 5b41211 s3-lsa: add create_lsa_policy_handle().
via 4e60954 s3-ipasam: implement enum_trusted_domains
via 8ddbb48 s3-ipasam: implement {get,set,del}_trusted_domain
via c96fd89 s3-passdb: make priv2ld() public
via b4dd65d s3-passdb: add {get,set,del,enum}_trusted_domain calls
via 2e78022 s3-ipasam: Disable old trustdom_pw calls
via 4fa210d s3-passdb: Add minimal stub for IPA passdb backend
from 1354d3d s3-auth Fix memory leak in security=share and force user =
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master
- Log -----------------------------------------------------------------
commit bfa7964da8e69e35b7a156fc4fdba753d7dee1cc
Author: Sumit Bose <sbose at redhat.com>
Date: Tue Sep 7 14:30:34 2010 +0200
s3-ipasam: Add aliases for trusted domain user
Signed-off-by: Günther Deschner <gd at samba.org>
Autobuild-User: Günther Deschner <gd at samba.org>
Autobuild-Date: Wed Feb 16 12:58:13 CET 2011 on sn-devel-104
commit 77638169681ce5da6a3f7705b16a8f2b5d261671
Author: Sumit Bose <sbose at redhat.com>
Date: Fri Sep 3 11:56:31 2010 +0200
s3-netlogon: Implement NetrServerGetTrustInfo and NetrGetForestTrustInformation
Signed-off-by: Günther Deschner <gd at samba.org>
commit 9ebbbb7456e501c3b43677cd96d880e7320765b8
Author: Sumit Bose <sbose at redhat.com>
Date: Thu Sep 2 18:22:16 2010 +0200
s3-ldap: Add sambaTrustForestTrustInfo to LDAP schemata
Signed-off-by: Günther Deschner <gd at samba.org>
commit d638f4a3b8243317541e10a6014d6de631ddee37
Author: Sumit Bose <sbose at redhat.com>
Date: Thu Sep 2 18:13:38 2010 +0200
s3-lsa: Implement lsaRSetForestTrustInformation
Signed-off-by: Günther Deschner <gd at samba.org>
commit 92ea55e84e3137a331814cc45d7ac9d4e2100904
Author: Sumit Bose <sbose at redhat.com>
Date: Thu Sep 2 18:11:47 2010 +0200
s4-smbtorture: Fix for RPC-LSA-FOREST-TRUST.
Signed-off-by: Günther Deschner <gd at samba.org>
commit cc3b67fa1feba8d8d177a2b3d8a13dadeb1b1990
Author: Sumit Bose <sbose at redhat.com>
Date: Fri Sep 3 09:39:45 2010 +0200
s3-ipasam: add IPA specific attributes
Signed-off-by: Günther Deschner <gd at samba.org>
commit 33655d28b00d8d92a34b5f613ce814828c731599
Author: Sumit Bose <sbose at redhat.com>
Date: Mon Aug 30 18:09:12 2010 +0200
s3-lsa: Add and remove trusted domain account
Signed-off-by: Günther Deschner <gd at samba.org>
commit 7d53893dee24d63914f076f0e352f73aa5046fbd
Author: Sumit Bose <sbose at redhat.com>
Date: Mon Aug 30 15:57:36 2010 +0200
s3-lsa: fix return code of _lsa_QueryTrustedDomainInfoByName()
Signed-off-by: Günther Deschner <gd at samba.org>
commit 8fa440c8207966871ecfee1221a207a46ec02f7d
Author: Sumit Bose <sbose at redhat.com>
Date: Mon Aug 30 15:55:52 2010 +0200
s3-ipasam: add pdb_ipasam_capabilities() and pdb_ipasam_get_domain_info()
Signed-off-by: Günther Deschner <gd at samba.org>
commit a357ac022278a2e4b4970ec747a576ef91ebb75f
Author: Sumit Bose <sbose at redhat.com>
Date: Mon Aug 30 15:21:11 2010 +0200
s4-smbtorture: Two fixes for forest trust test against samba.
Signed-off-by: Günther Deschner <gd at samba.org>
commit a8ab5d582da062b433234764a10873b9941de42e
Author: Sumit Bose <sbose at redhat.com>
Date: Thu Aug 26 14:44:04 2010 +0200
s3-lsa: Extract auth info from trustDomainPasswords
Signed-off-by: Günther Deschner <gd at samba.org>
commit ba28fb025f141a7f3e80ce176f0e98d44acfca6b
Author: Sumit Bose <sbose at redhat.com>
Date: Wed Aug 25 14:37:25 2010 +0200
s3-ldap: Update LDAP schemata to include sambaTrustedDomain.
Signed-off-by: Günther Deschner <gd at samba.org>
commit 0b27317a5c8a22d1e794857b6d287fda37bb943b
Author: Sumit Bose <sbose at redhat.com>
Date: Tue Aug 24 18:18:00 2010 +0200
s3-lsa: Use pdb_get_trusted_domain_by_sid in _lsa_QueryTrustedDomainInfo()
Signed-off-by: Günther Deschner <gd at samba.org>
commit fbd846f4278d8efb08c1f511c5a9ed32b6cda41c
Author: Sumit Bose <sbose at redhat.com>
Date: Tue Aug 24 18:16:06 2010 +0200
s3-lsa: fix lsa_QueryTrustedDomainInfo
Signed-off-by: Günther Deschner <gd at samba.org>
commit 72de98228926627673edb99fb83c84f0b835baf5
Author: Sumit Bose <sbose at redhat.com>
Date: Tue Aug 24 13:48:18 2010 +0200
s3-ipasam: add ipasam_get_trusted_domain_by_sid()
Signed-off-by: Günther Deschner <gd at samba.org>
commit b4bc1f8f5ce534bb564465e8f706f69ea1e28f57
Author: Sumit Bose <sbose at redhat.com>
Date: Mon Aug 23 15:25:11 2010 +0200
s3-ipasam: add wrapper for ipasam_enum_trusteddoms()
Signed-off-by: Günther Deschner <gd at samba.org>
commit 4d22986541efc052ee7f41dceccfa48471b32fe2
Author: Günther Deschner <gd at samba.org>
Date: Mon Oct 19 19:02:24 2009 +0200
s3-lsa: implement _lsa_OpenTrustedDomainByName().
Guenther
Signed-off-by: Günther Deschner <gd at samba.org>
commit cdd4df72d73dce810e23dbf18de2d8d74b02dd22
Author: Günther Deschner <gd at samba.org>
Date: Thu Jul 16 02:26:37 2009 +0200
s3-lsa: implement _lsa_OpenTrustedDomain().
Guenther
Signed-off-by: Günther Deschner <gd at samba.org>
commit 13c5211fa91a0232fb0519ca3b6ef220b3939b5f
Author: Sumit Bose <sbose at redhat.com>
Date: Mon Aug 23 11:20:37 2010 +0200
s3-lsa: Implement _lsa_EnumTrustedDomainsEx()
Signed-off-by: Günther Deschner <gd at samba.org>
commit 86771d8258710fe7a52ece13025c19efc0b179e6
Author: Günther Deschner <gd at samba.org>
Date: Thu Oct 29 16:15:22 2009 +0100
s3-lsa: implement _lsa_CloseTrustedDomainEx().
Guenther
Signed-off-by: Günther Deschner <gd at samba.org>
commit 06245d13356bb2f7e00ec6ff020aff8758c9da32
Author: Günther Deschner <gd at samba.org>
Date: Tue Oct 20 12:50:33 2009 +0200
s3-lsa: implement _lsa_QueryTrustedDomainInfoByName().
Guenther
Signed-off-by: Günther Deschner <gd at samba.org>
commit b9eda2ac987d6e9182a4a10922f3c785c7ba263f
Author: Günther Deschner <gd at samba.org>
Date: Tue Oct 20 12:48:30 2009 +0200
s3-lsa: implement _lsa_QueryTrustedDomainInfoBySid().
Guenther
Signed-off-by: Günther Deschner <gd at samba.org>
commit 1ce0d9791be5265a13af8761f545b6c81dee2966
Author: Günther Deschner <gd at samba.org>
Date: Thu Jul 16 03:00:13 2009 +0200
s3-lsa: implement _lsa_QueryTrustedDomainInfo().
Guenther
Signed-off-by: Günther Deschner <gd at samba.org>
commit bb947089af3f9de7451b765542526924e6e97308
Author: Sumit Bose <sbose at redhat.com>
Date: Fri Aug 20 09:28:29 2010 +0200
s3-lsa: make _lsa_DeleteTrustedDomain() use pdb_del_trusted_domain().
Signed-off-by: Günther Deschner <gd at samba.org>
commit 12d16af9d6a5a790f8d0849c9a3e1d01cbb2266d
Author: Günther Deschner <gd at samba.org>
Date: Thu Jul 16 02:27:51 2009 +0200
s3-lsa: implement _lsa_DeleteTrustedDomain().
Guenther
Signed-off-by: Günther Deschner <gd at samba.org>
commit f6004a1cfd484ecc908bfc77883f03e9fbf3ab88
Author: Sumit Bose <sbose at redhat.com>
Date: Fri Aug 20 11:28:43 2010 +0200
s3-lsa: make lsa_lookup_trusted_domain_by_name() use pdb_get_trusted_domain().
Signed-off-by: Günther Deschner <gd at samba.org>
commit 387e37efcec387a1b13014e8bcf9bd8e7786f632
Author: Günther Deschner <gd at samba.org>
Date: Thu Jul 16 11:55:09 2009 +0200
s3-lsa: add lsa_lookup_trusted_domain_by_name and lsa_lookup_trusted_domain_by_sid.
Guenther
Signed-off-by: Günther Deschner <gd at samba.org>
commit 39c9f59dbab09fb2ce12218dfe798c169e450490
Author: Günther Deschner <gd at samba.org>
Date: Thu Jul 16 14:34:06 2009 +0200
s3-lsa: implement _lsa_CreateTrustedDomain().
Guenther
Signed-off-by: Günther Deschner <gd at samba.org>
commit 55bc1cfae38beec6da00c8f6e1d730519e0b7626
Author: Günther Deschner <gd at samba.org>
Date: Tue Oct 27 00:15:56 2009 +0100
s3-lsa: implement _lsa_CreateTrustedDomainEx().
Guenther
Signed-off-by: Günther Deschner <gd at samba.org>
commit 162fd0e89104d885ef9269e0aba0db88eb1fb4ad
Author: Sumit Bose <sbose at redhat.com>
Date: Tue Aug 17 17:20:57 2010 +0200
s3-lsa: Let _lsa_CreateTrustedDomainEx2() use pdb_set_trusted_domain().
Signed-off-by: Günther Deschner <gd at samba.org>
commit a6bd93b8c359c5ab672a9546e77c3ae581b96cbd
Author: Günther Deschner <gd at samba.org>
Date: Thu Jul 16 02:27:17 2009 +0200
s3-lsa: implement _lsa_CreateTrustedDomainEx2().
Guenther
Signed-off-by: Günther Deschner <gd at samba.org>
commit 424dc1b6a3926f8de805b3a7b63732a48218908b
Author: Günther Deschner <gd at samba.org>
Date: Mon Oct 19 18:48:07 2009 +0200
s3-lsa: add LSA_HANDLE_TRUST_TYPE.
Guenther
Signed-off-by: Günther Deschner <gd at samba.org>
commit 5b412117b2d47fa38b5a21ac421ffb347645aaac
Author: Günther Deschner <gd at samba.org>
Date: Fri Oct 30 11:09:52 2009 +0100
s3-lsa: add create_lsa_policy_handle().
Guenther
Signed-off-by: Günther Deschner <gd at samba.org>
commit 4e60954071cfd48aa019fbfe56e23507dfd058fd
Author: Sumit Bose <sbose at redhat.com>
Date: Fri Aug 20 11:58:23 2010 +0200
s3-ipasam: implement enum_trusted_domains
Signed-off-by: Günther Deschner <gd at samba.org>
commit 8ddbb4886915fe7c0106815bcea3d4030503d75d
Author: Sumit Bose <sbose at redhat.com>
Date: Fri Jul 16 11:01:49 2010 +0200
s3-ipasam: implement {get,set,del}_trusted_domain
Signed-off-by: Günther Deschner <gd at samba.org>
commit c96fd895b9d45005560a7ffdedee567b60e7921e
Author: Sumit Bose <sbose at redhat.com>
Date: Thu Jul 15 16:52:32 2010 +0200
s3-passdb: make priv2ld() public
Signed-off-by: Günther Deschner <gd at samba.org>
commit b4dd65d3f99022bd5fe7e320d7e36da5432592bb
Author: Sumit Bose <sbose at redhat.com>
Date: Thu Jul 15 16:22:42 2010 +0200
s3-passdb: add {get,set,del,enum}_trusted_domain calls
Signed-off-by: Günther Deschner <gd at samba.org>
commit 2e78022066f305143bfbe4cdef757051c8305f1d
Author: Sumit Bose <sbose at redhat.com>
Date: Thu Jul 15 11:21:48 2010 +0200
s3-ipasam: Disable old trustdom_pw calls
Signed-off-by: Günther Deschner <gd at samba.org>
commit 4fa210d76a6fb1a9392653c8313c8ffac1f41bb7
Author: Sumit Bose <sbose at redhat.com>
Date: Wed Jul 14 15:08:02 2010 +0200
s3-passdb: Add minimal stub for IPA passdb backend
Signed-off-by: Günther Deschner <gd at samba.org>
-----------------------------------------------------------------------
Summary of changes:
examples/LDAP/samba-nds.schema | 49 +
examples/LDAP/samba-schema-FDS.ldif | 22 +
examples/LDAP/samba-schema-netscapeds5.x | 10 +
examples/LDAP/samba.ldif | 32 +
examples/LDAP/samba.schema | 55 +
examples/LDAP/samba.schema.at.IBM-DS | 19 +-
examples/LDAP/samba.schema.oc.IBM-DS | 2 +
source3/Makefile.in | 6 +-
source3/configure.in | 3 +-
source3/include/passdb.h | 31 +
source3/include/proto.h | 14 +
source3/include/smbldap.h | 7 +
source3/passdb/pdb_interface.c | 81 ++
source3/passdb/pdb_ipa.c | 972 ++++++++++++++++++
source3/passdb/pdb_ldap.c | 4 +-
source3/passdb/wscript_build | 2 +-
source3/rpc_server/lsa/srv_lsa_nt.c | 1452 +++++++++++++++++++++++++--
source3/rpc_server/netlogon/srv_netlog_nt.c | 261 +++++-
source4/torture/rpc/forest_trust.c | 15 +-
19 files changed, 2922 insertions(+), 115 deletions(-)
create mode 100644 source3/passdb/pdb_ipa.c
Changeset truncated at 500 lines:
diff --git a/examples/LDAP/samba-nds.schema b/examples/LDAP/samba-nds.schema
index 2fc220f..7ba8665 100644
--- a/examples/LDAP/samba-nds.schema
+++ b/examples/LDAP/samba-nds.schema
@@ -284,6 +284,50 @@ changetype: modify
add: attributetypes
attributeTypes: ( 1.3.6.1.4.1.7165.2.1.67 NAME 'sambaRefuseMachinePwdChange' DESC 'Allow Machine Password changes (default: 0 => off)' EQUALITY integerMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE )
+dn: cn=schema
+changetype: modify
+add: attributetypes
+attributeTypes: ( 1.3.6.1.4.1.7165.2.1.70 NAME 'sambaTrustType' DESC 'Type of trust' EQUALITY integerMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE )
+
+dn: cn=schema
+changetype: modify
+add: attributetypes
+attributeTypes: ( 1.3.6.1.4.1.7165.2.1.71 NAME 'sambaTrustAttributes' DESC 'Trust attributes for a trusted domain' EQUALITY integerMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE )
+
+dn: cn=schema
+changetype: modify
+add: attributetypes
+attributeTypes: ( 1.3.6.1.4.1.7165.2.1.72 NAME 'sambaTrustDirection' DESC 'Direction of a trust' EQUALITY integerMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE )
+
+dn: cn=schema
+changetype: modify
+add: attributetypes
+attributeTypes: ( 1.3.6.1.4.1.7165.2.1.73 NAME 'sambaTrustPartner' DESC 'Fully qualified name of the domain with which a trust exists' EQUALITY caseIgnoreMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{128} )
+
+dn: cn=schema
+changetype: modify
+add: attributetypes
+attributeTypes: ( 1.3.6.1.4.1.7165.2.1.74 NAME 'sambaFlatName' DESC 'NetBIOS name of a domain' EQUALITY caseIgnoreMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{128} )
+
+dn: cn=schema
+changetype: modify
+add: attributetypes
+attributeTypes: ( 1.3.6.1.4.1.7165.2.1.75 NAME 'sambaTrustAuthOutgoing' DESC 'Authentication information for the outgoing portion of a trust' EQUALITY caseExactMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{1050} )
+
+dn: cn=schema
+changetype: modify
+add: attributetypes
+attributeTypes: ( 1.3.6.1.4.1.7165.2.1.76 NAME 'sambaTrustAuthIncoming' DESC 'Authentication information for the incoming portion of a trust' EQUALITY caseExactMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{1050} )
+
+dn: cn=schema
+changetype: modify
+add: attributetypes
+attributeTypes: ( 1.3.6.1.4.1.7165.2.1.77 NAME 'sambaSecurityIdentifier' DESC 'SID of a trusted domain' EQUALITY caseIgnoreIA5Match SUBSTR caseExactIA5SubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{64} SINGLE-VALUE )
+
+dn: cn=schema
+changetype: modify
+add: attributetypes
+attributeTypes: ( 1.3.6.1.4.1.7165.2.1.78 NAME 'sambaTrustForestTrustInfo' DESC 'Forest trust information for a trusted domain object' EQUALITY caseExactMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{1050} )
#######################################################################
## objectClasses used by Samba 3.0 schema ##
@@ -359,3 +403,8 @@ dn: cn=schema
changetype: modify
add: objectClasses
objectClasses: ( 1.3.6.1.4.1.7165.2.2.13 NAME 'sambaPrivilege' DESC 'Samba Privilege' SUP top AUXILIARY MUST ( sambaSID ) MAY ( sambaPrivilegeList ))
+
+dn: cn=schema
+changetype: modify
+add: objectClasses
+objectClasses: ( 1.3.6.1.4.1.7165.2.2.16 NAME 'sambaTrustedDomain' SUP top STRUCTURAL DESC 'Samba Trusted Domain Object' MUST ( cn ) MAY ( sambaTrustTyp e $ sambaTrustAttributes $ sambaTrustDirection $ sambaTrustPartner $ sambaFlatName $ sambaTrustAuthOutgoing $ sambaTrustAuthIncoming $ sambaSecurityIdentifier $ sambaTrustForestTrustInfo ) )
diff --git a/examples/LDAP/samba-schema-FDS.ldif b/examples/LDAP/samba-schema-FDS.ldif
index fb16486..981dada 100644
--- a/examples/LDAP/samba-schema-FDS.ldif
+++ b/examples/LDAP/samba-schema-FDS.ldif
@@ -119,6 +119,24 @@ attributeTypes: ( 1.3.6.1.4.1.7165.2.1.67 NAME 'sambaRefuseMachinePwdChange' DES
attributeTypes: ( 1.3.6.1.4.1.7165.2.1.68 NAME 'sambaClearTextPassword' DESC 'Clear text password (used for trusted domain passwords)' EQUALITY octetStringMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.40 )
#
attributeTypes: ( 1.3.6.1.4.1.7165.2.1.69 NAME 'sambaPreviousClearTextPassword' DESC 'Previous clear text password (used for trusted domain passwords)' EQUALITY octetStringMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.40 )
+#
+attributeTypes: ( 1.3.6.1.4.1.7165.2.1.70 NAME 'sambaTrustType' DESC 'Type of trust' EQUALITY integerMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE )
+#
+attributeTypes: ( 1.3.6.1.4.1.7165.2.1.71 NAME 'sambaTrustAttributes' DESC 'Trust attributes for a trusted domain' EQUALITY integerMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE )
+#
+attributeTypes: ( 1.3.6.1.4.1.7165.2.1.72 NAME 'sambaTrustDirection' DESC 'Direction of a trust' EQUALITY integerMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE )
+#
+attributeTypes: ( 1.3.6.1.4.1.7165.2.1.73 NAME 'sambaTrustPartner' DESC 'Fully qualified name of the domain with which a trust exists' EQUALITY caseIgnoreMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{128} )
+#
+attributeTypes: ( 1.3.6.1.4.1.7165.2.1.74 NAME 'sambaFlatName' DESC 'NetBIOS name of a domain' EQUALITY caseIgnoreMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{128} )
+#
+attributeTypes: ( 1.3.6.1.4.1.7165.2.1.75 NAME 'sambaTrustAuthOutgoing' DESC 'Authentication information for the outgoing portion of a trust' EQUALITY caseExactMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{1050} )
+#
+attributeTypes: ( 1.3.6.1.4.1.7165.2.1.76 NAME 'sambaTrustAuthIncoming' DESC 'Authentication information for the incoming portion of a trust' EQUALITY caseExactMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{1050} )
+#
+attributeTypes: ( 1.3.6.1.4.1.7165.2.1.77 NAME 'sambaSecurityIdentifier' DESC 'SID of a trusted domain' EQUALITY caseIgnoreIA5Match SUBSTR caseExactIA5SubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{64} SINGLE-VALUE )
+#
+attributeTypes: ( 1.3.6.1.4.1.7165.2.1.78 NAME 'sambaTrustForestTrustInfo' DESC 'Forest trust information for a trusted domain object' EQUALITY caseExactMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{1050} )
##
#######################################################################
## objectClasses: used by Samba 3.0 schema ##
@@ -162,3 +180,7 @@ objectClasses: ( 1.3.6.1.4.1.7165.2.2.12 NAME 'sambaConfigOption' SUP top STRUCT
## Trusted Domain Relationships
##
objectClasses: ( 1.3.6.1.4.1.7165.2.2.15 NAME 'sambaTrustedDomainPassword' SUP top STRUCTURAL DESC 'Samba Trusted Domain Password' MUST ( sambaDomainName $ sambaSID $ sambaClearTextPassword $ sambaPwdLastSet ) MAY ( sambaPreviousClearTextPassword ) )
+##
+## used for IPA_ldapsam
+##
+objectClasses: ( 1.3.6.1.4.1.7165.2.2.16 NAME 'sambaTrustedDomain' SUP top STRUCTURAL DESC 'Samba Trusted Domain Object' MUST ( cn ) MAY ( sambaTrustTyp e $ sambaTrustAttributes $ sambaTrustDirection $ sambaTrustPartner $ sambaFlatName $ sambaTrustAuthOutgoing $ sambaTrustAuthIncoming $ sambaSecurityIdentifier $ sambaTrustForestTrustInfo ) )
diff --git a/examples/LDAP/samba-schema-netscapeds5.x b/examples/LDAP/samba-schema-netscapeds5.x
index 8125adc..8bf0e93 100644
--- a/examples/LDAP/samba-schema-netscapeds5.x
+++ b/examples/LDAP/samba-schema-netscapeds5.x
@@ -36,6 +36,7 @@ objectClasses: ( 1.3.6.1.4.1.7165.2.2.7 NAME 'sambaUnixIdPool' SUP top AUXILIARY
objectClasses: ( 1.3.6.1.4.1.7165.2.2.8 NAME 'sambaIdmapEntry' SUP top AUXILIARY DESC 'Mapping from a SID to an ID' MUST ( sambaSID ) MAY ( uidNumber $ gidNumber ) X-ORIGIN 'user defined' )
objectClasses: ( 1.3.6.1.4.1.7165.2.2.9 NAME 'sambaSidEntry' SUP top STRUCTURAL DESC 'Structural Class for a SID' MUST ( sambaSID ) X-ORIGIN 'user defined' )
objectClasses: ( 1.3.6.1.4.1.7165.2.2.15 NAME 'sambaTrustedDomainPassword' SUP top STRUCTURAL DESC 'Samba Trusted Domain Password' MUST ( sambaDomainName $ sambaSID $ sambaClearTextPassword $ sambaPwdLastSet ) MAY ( sambaPreviousClearTextPassword ) X-ORIGIN 'user defined')
+objectClasses: ( 1.3.6.1.4.1.7165.2.2.16 NAME 'sambaTrustedDomain' SUP top STRUCTURAL DESC 'Samba Trusted Domain Object' MUST ( cn ) MAY ( sambaTrustTyp e $ sambaTrustAttributes $ sambaTrustDirection $ sambaTrustPartner $ sambaFlatName $ sambaTrustAuthOutgoing $ sambaTrustAuthIncoming $ sambaSecurityIdentifier $ sambaTrustForestTrustInfo ) X-ORIGIN 'user defined' )
attributeTypes: ( 1.3.6.1.4.1.7165.2.1.24 NAME 'sambaLMPassword' DESC 'LanManager Password' EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{32} SINGLE-VALUE X-ORIGIN 'user defined' )
attributeTypes: ( 1.3.6.1.4.1.7165.2.1.25 NAME 'sambaNTPassword' DESC 'MD4 hash of the unicode password' EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{32} SINGLE-VALUE X-ORIGIN 'user defined' )
attributeTypes: ( 1.3.6.1.4.1.7165.2.1.26 NAME 'sambaAcctFlags' DESC 'Account Flags' EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{16} SINGLE-VALUE X-ORIGIN 'user defined' )
@@ -65,3 +66,12 @@ attributeTypes: ( 1.3.6.1.4.1.7165.2.1.39 NAME 'sambaNextRid' DESC 'Next NT rid
attributeTypes: ( 1.3.6.1.4.1.7165.2.1.40 NAME 'sambaAlgorithmicRidBase' DESC 'Base at which the samba RID generation algorithm should operate' EQUALITY integerMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE X-ORIGIN 'user defined' )
attributeTypes: ( 1.3.6.1.4.1.7165.2.1.68 NAME 'sambaClearTextPassword' DESC 'Clear text password (used for trusted domain passwords)' EQUALITY octetStringMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.40 X-ORIGIN 'user defined')
attributeTypes: ( 1.3.6.1.4.1.7165.2.1.69 NAME 'sambaPreviousClearTextPassword' DESC 'Previous clear text password (used for trusted domain passwords)' EQUALITY octetStringMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.40 X-ORIGIN 'user defined')
+attributeTypes: ( 1.3.6.1.4.1.7165.2.1.70 NAME 'sambaTrustType' DESC 'Type of trust' EQUALITY integerMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE X-ORIGIN 'user defined' )
+attributeTypes: ( 1.3.6.1.4.1.7165.2.1.71 NAME 'sambaTrustAttributes' DESC 'Trust attributes for a trusted domain' EQUALITY integerMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE X-ORIGIN 'user defined' )
+attributeTypes: ( 1.3.6.1.4.1.7165.2.1.72 NAME 'sambaTrustDirection' DESC 'Direction of a trust' EQUALITY integerMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE X-ORIGIN 'user defined' )
+attributeTypes: ( 1.3.6.1.4.1.7165.2.1.73 NAME 'sambaTrustPartner' DESC 'Fully qualified name of the domain with which a trust exists' EQUALITY caseIgnoreMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{128} X-ORIGIN 'user defined' )
+attributeTypes: ( 1.3.6.1.4.1.7165.2.1.74 NAME 'sambaFlatName' DESC 'NetBIOS name of a domain' EQUALITY caseIgnoreMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{128} X-ORIGIN 'user defined' )
+attributeTypes: ( 1.3.6.1.4.1.7165.2.1.75 NAME 'sambaTrustAuthOutgoing' DESC 'Authentication information for the outgoing portion of a trust' EQUALITY caseExactMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{1050} X-ORIGIN 'user defined' )
+attributeTypes: ( 1.3.6.1.4.1.7165.2.1.76 NAME 'sambaTrustAuthIncoming' DESC 'Authentication information for the incoming portion of a trust' EQUALITY caseExactMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{1050} X-ORIGIN 'user defined' )
+attributeTypes: ( 1.3.6.1.4.1.7165.2.1.77 NAME 'sambaSecurityIdentifier' DESC 'SID of a trusted domain' EQUALITY caseIgnoreIA5Match SUBSTR caseExactIA5SubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{64} SINGLE-VALUE X-ORIGIN 'user defined' )
+attributeTypes: ( 1.3.6.1.4.1.7165.2.1.78 NAME 'sambaTrustForestTrustInfo' DESC 'Forest trust information for a trusted domain object' EQUALITY caseExactMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{1050} )
diff --git a/examples/LDAP/samba.ldif b/examples/LDAP/samba.ldif
index f6eb320..b820602 100644
--- a/examples/LDAP/samba.ldif
+++ b/examples/LDAP/samba.ldif
@@ -142,6 +142,33 @@ olcAttributeTypes: {45}( 1.3.6.1.4.1.7165.2.1.68 NAME 'sambaClearTextPassword'
olcAttributeTypes: {46}( 1.3.6.1.4.1.7165.2.1.69 NAME 'sambaPreviousClearTextP
assword' DESC 'Previous clear text password (used for trusted domain password
s)' EQUALITY octetStringMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.40 )
+olcAttributeTypes: {47}( 1.3.6.1.4.1.7165.2.1.70 NAME 'sambaTrustType' DESC 'T
+ ype of trust' EQUALITY integerMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SING
+ LE-VALUE )
+olcAttributeTypes: {48}( 1.3.6.1.4.1.7165.2.1.71 NAME 'sambaTrustAttributes' D
+ ESC 'Trust attributes for a trusted domain' EQUALITY integerMatch SYNTAX 1.3.
+ 6.1.4.1.1466.115.121.1.27 SINGLE-VALUE )
+olcAttributeTypes: {49}( 1.3.6.1.4.1.7165.2.1.72 NAME 'sambaTrustDirection' DE
+ SC 'Direction of a trust' EQUALITY integerMatch SYNTAX 1.3.6.1.4.1.1466.115.1
+ 21.1.27 SINGLE-VALUE )
+olcAttributeTypes: {50}( 1.3.6.1.4.1.7165.2.1.73 NAME 'sambaTrustPartner' DESC
+ 'Fully qualified name of the domain with which a trust exists' EQUALITY case
+ IgnoreMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{128} )
+olcAttributeTypes: {51}( 1.3.6.1.4.1.7165.2.1.74 NAME 'sambaFlatName' DESC 'Ne
+ tBIOS name of a domain' EQUALITY caseIgnoreMatch SYNTAX 1.3.6.1.4.1.1466.115.
+ 121.1.15{128} )
+olcAttributeTypes: {52}( 1.3.6.1.4.1.7165.2.1.75 NAME 'sambaTrustAuthOutgoing'
+ DESC 'Authentication information for the outgoing portion of a trust' EQUALIT
+ Y caseExactMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{1050} )
+olcAttributeTypes: {53}( 1.3.6.1.4.1.7165.2.1.76 NAME 'sambaTrustAuthIncoming'
+ DESC 'Authentication information for the incoming portion of a trust' EQUALIT
+ Y caseExactMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{1050} )
+olcAttributeTypes: {54}( 1.3.6.1.4.1.7165.2.1.77 NAME 'sambaSecurityIdentifier
+ ' DESC 'SID of a trusted domain' EQUALITY caseIgnoreIA5Match SUBSTR caseExact
+ IA5SubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{64} SINGLE-VALUE )
+olcAttributeTypes: {55}( 1.3.6.1.4.1.7165.2.1.78 NAME 'sambaTrustForestTrustIn
+ fo' DESC 'Forest trust information for a trusted domain object' EQUALITY case
+ ExactMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{1050} )
olcObjectClasses: {0}( 1.3.6.1.4.1.7165.2.2.6 NAME 'sambaSamAccount' DESC 'Sam
ba 3.0 Auxilary SAM Account' SUP top AUXILIARY MUST ( uid $ sambaSID ) MAY (
cn $ sambaLMPassword $ sambaNTPassword $ sambaPwdLastSet $ sambaLogonTime $ s
@@ -183,3 +210,8 @@ olcObjectClasses: {10}( 1.3.6.1.4.1.7165.2.2.12 NAME 'sambaConfigOption' DESC
'Samba Configuration Option' SUP top STRUCTURAL MUST sambaOptionName MAY ( sa
mbaBoolOption $ sambaIntegerOption $ sambaStringOption $ sambaStringListoptio
n $ description ) )
+olcObjectClasses: {11}( 1.3.6.1.4.1.7165.2.2.16 NAME 'sambaTrustedDomain' DESC
+ 'Samba Trusted Domain Object' SUP top STRUCTURAL MUST cn MAY ( sambaTrustTyp
+ e $ sambaTrustAttributes $ sambaTrustDirection $ sambaTrustPartner $ sambaFla
+ tName $ sambaTrustAuthOutgoing $ sambaTrustAuthIncoming $ sambaSecurityIdenti
+ fier $ sambaTrustForestTrustInfo ) )
diff --git a/examples/LDAP/samba.schema b/examples/LDAP/samba.schema
index 8f82ddd..df5267a 100644
--- a/examples/LDAP/samba.schema
+++ b/examples/LDAP/samba.schema
@@ -469,6 +469,50 @@ attributetype ( 1.3.6.1.4.1.7165.2.1.69 NAME 'sambaPreviousClearTextPassword'
EQUALITY octetStringMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.40 )
+attributetype ( 1.3.6.1.4.1.7165.2.1.70 NAME 'sambaTrustType'
+ DESC 'Type of trust'
+ EQUALITY integerMatch
+ SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE )
+
+attributetype ( 1.3.6.1.4.1.7165.2.1.71 NAME 'sambaTrustAttributes'
+ DESC 'Trust attributes for a trusted domain'
+ EQUALITY integerMatch
+ SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE )
+
+attributetype ( 1.3.6.1.4.1.7165.2.1.72 NAME 'sambaTrustDirection'
+ DESC 'Direction of a trust'
+ EQUALITY integerMatch
+ SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE )
+
+attributetype ( 1.3.6.1.4.1.7165.2.1.73 NAME 'sambaTrustPartner'
+ DESC 'Fully qualified name of the domain with which a trust exists'
+ EQUALITY caseIgnoreMatch
+ SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{128} )
+
+attributetype ( 1.3.6.1.4.1.7165.2.1.74 NAME 'sambaFlatName'
+ DESC 'NetBIOS name of a domain'
+ EQUALITY caseIgnoreMatch
+ SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{128} )
+
+attributetype ( 1.3.6.1.4.1.7165.2.1.75 NAME 'sambaTrustAuthOutgoing'
+ DESC 'Authentication information for the outgoing portion of a trust'
+ EQUALITY caseExactMatch
+ SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{1050} )
+
+attributetype ( 1.3.6.1.4.1.7165.2.1.76 NAME 'sambaTrustAuthIncoming'
+ DESC 'Authentication information for the incoming portion of a trust'
+ EQUALITY caseExactMatch
+ SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{1050} )
+
+attributetype ( 1.3.6.1.4.1.7165.2.1.77 NAME 'sambaSecurityIdentifier'
+ DESC 'SID of a trusted domain'
+ EQUALITY caseIgnoreIA5Match SUBSTR caseExactIA5SubstringsMatch
+ SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{64} SINGLE-VALUE )
+
+attributetype ( 1.3.6.1.4.1.7165.2.1.78 NAME 'sambaTrustForestTrustInfo'
+ DESC 'Forest trust information for a trusted domain object'
+ EQUALITY caseExactMatch
+ SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{1050} )
#######################################################################
@@ -573,3 +617,14 @@ objectclass ( 1.3.6.1.4.1.7165.2.2.12 NAME 'sambaConfigOption' SUP top STRUCTURA
## DESC 'Samba Privilege'
## MUST ( sambaSID )
## MAY ( sambaPrivilegeList ) )
+
+##
+## used for IPA_ldapsam
+##
+objectclasses ( 1.3.6.1.4.1.7165.2.2.16 NAME 'sambaTrustedDomain' SUP top STRUCTURAL
+ DESC 'Samba Trusted Domain Object'
+ MUST ( cn )
+ MAY ( sambaTrustTyp e $ sambaTrustAttributes $ sambaTrustDirection $
+ sambaTrustPartner $ sambaFlatName $ sambaTrustAuthOutgoing $
+ sambaTrustAuthIncoming $ sambaSecurityIdentifier $
+ sambaTrustForestTrustInfo) )
diff --git a/examples/LDAP/samba.schema.at.IBM-DS b/examples/LDAP/samba.schema.at.IBM-DS
index 85860f9..a375284 100644
--- a/examples/LDAP/samba.schema.at.IBM-DS
+++ b/examples/LDAP/samba.schema.at.IBM-DS
@@ -1,4 +1,4 @@
-## Samba 3.0 schema for IBM Directory Server 5.1 - object classes only
+## Samba 3.0 schema for IBM Directory Server 5.1 - attribute Types only
attributetypes=( 1.3.6.1.4.1.7165.2.1.24 NAME 'sambaLMPassword' DESC 'LanManager Password' EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{32} SINGLE-VALUE )
IBMAttributetypes=( 1.3.6.1.4.1.7165.2.1.24 DBNAME( 'sambaLMPassword' 'sambaLMPassword' ) ACCESS-CLASS critical )
@@ -93,3 +93,20 @@ attributetypes=( 1.3.6.1.4.1.7165.2.1.66 NAME 'sambaForceLogoff' DESC 'Disconnec
attributetypes=( 1.3.6.1.4.1.7165.2.1.67 NAME 'sambaRefuseMachinePwdChange' DESC 'Allow Machine Password changes (default: 0 => off)' EQUALITY integerMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE )
+attributetypes=( 1.3.6.1.4.1.7165.2.1.70 NAME 'sambaTrustType' DESC 'Type of trust' EQUALITY integerMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE )
+
+attributetypes=( 1.3.6.1.4.1.7165.2.1.71 NAME 'sambaTrustAttributes' DESC 'Trust attributes for a trusted domain' EQUALITY integerMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE )
+
+attributetypes=( 1.3.6.1.4.1.7165.2.1.72 NAME 'sambaTrustDirection' DESC 'Direction of a trust' EQUALITY integerMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE )
+
+attributetypes=( 1.3.6.1.4.1.7165.2.1.73 NAME 'sambaTrustPartner' DESC 'Fully qualified name of the domain with which a trust exists' EQUALITY caseIgnoreMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{128} )
+
+attributetypes=( 1.3.6.1.4.1.7165.2.1.74 NAME 'sambaFlatName' DESC 'NetBIOS name of a domain' EQUALITY caseIgnoreMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{128} )
+
+attributetypes=( 1.3.6.1.4.1.7165.2.1.75 NAME 'sambaTrustAuthOutgoing' DESC 'Authentication information for the outgoing portion of a trust' EQUALITY caseExactMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{1050} )
+
+attributetypes=( 1.3.6.1.4.1.7165.2.1.76 NAME 'sambaTrustAuthIncoming' DESC 'Authentication information for the incoming portion of a trust' EQUALITY caseExactMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{1050} )
+
+attributetypes=( 1.3.6.1.4.1.7165.2.1.77 NAME 'sambaSecurityIdentifier' DESC 'SID of a trusted domain' EQUALITY caseIgnoreIA5Match SUBSTR caseExactIA5SubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{64} SINGLE-VALUE )
+
+attributetypes=( 1.3.6.1.4.1.7165.2.1.78 NAME 'sambaTrustForestTrustInfo' DESC 'Forest trust information for a trusted domain object' EQUALITY caseExactMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{1050} )
diff --git a/examples/LDAP/samba.schema.oc.IBM-DS b/examples/LDAP/samba.schema.oc.IBM-DS
index 736d586..ba31a31 100644
--- a/examples/LDAP/samba.schema.oc.IBM-DS
+++ b/examples/LDAP/samba.schema.oc.IBM-DS
@@ -19,3 +19,5 @@ objectclasses=( 1.3.6.1.4.1.7165.2.2.11 NAME 'sambaShare' SUP top STRUCTURAL DES
objectclasses=( 1.3.6.1.4.1.7165.2.2.12 NAME 'sambaConfigOption' SUP top STRUCTURAL DESC 'Samba Configuration Option' MUST ( sambaOptionName ) MAY ( sambaBoolOption $ sambaIntegerOption $ sambaStringOption $ sambaStringListoption $ description ) )
objectclasses=( 1.3.6.1.4.1.7165.2.2.14 NAME 'sambaTrustPassword' SUP top STRUCTURAL DESC 'Samba Trust Password' MUST ( sambaDomainName $ sambaNTPassword $ sambaTrustFlags ) MAY ( sambaSID $ sambaPwdLastSet ))
+
+objectclasses=( 1.3.6.1.4.1.7165.2.2.16 NAME 'sambaTrustedDomain' SUP top STRUCTURAL DESC 'Samba Trusted Domain Object' MUST ( cn ) MAY ( sambaTrustTyp e $ sambaTrustAttributes $ sambaTrustDirection $ sambaTrustPartner $ sambaFlatName $ sambaTrustAuthOutgoing $ sambaTrustAuthIncoming $ sambaSecurityIdentifier $ sambaTrustForestTrustInfo ) )
diff --git a/source3/Makefile.in b/source3/Makefile.in
index 7dbb012..eb6d4a7 100644
--- a/source3/Makefile.in
+++ b/source3/Makefile.in
@@ -2756,9 +2756,11 @@ bin/sam. at SHLIBEXT@: $(BINARY_PREREQS) $(AUTH_SAM_OBJ)
@echo "Building plugin $@"
@$(SHLD_MODULE) $(AUTH_SAM_OBJ)
-bin/ldapsam. at SHLIBEXT@: $(BINARY_PREREQS) passdb/pdb_ldap.o passdb/pdb_nds.o
+bin/ldapsam. at SHLIBEXT@: $(BINARY_PREREQS) passdb/pdb_ldap.o passdb/pdb_nds.o \
+ passdb/pdb_ipa.o
@echo "Building plugin $@"
- @$(SHLD_MODULE) passdb/pdb_ldap.o passdb/pdb_nds.o $(LDAP_LIBS)
+ @$(SHLD_MODULE) passdb/pdb_ldap.o passdb/pdb_nds.o passdb/pdb_ipa.o \
+ $(LDAP_LIBS)
bin/ads. at SHLIBEXT@: $(BINARY_PREREQS) passdb/pdb_ads.o
@echo "Building plugin $@"
diff --git a/source3/configure.in b/source3/configure.in
index d102ea5..31ba9f6 100644
--- a/source3/configure.in
+++ b/source3/configure.in
@@ -6759,7 +6759,8 @@ if test x"$MODULE_DEFAULT_vfs_notify_fam" = xSTATIC -o \
AC_SUBST(SMBD_FAM_LIBS)
fi
-SMB_MODULE(pdb_ldap, passdb/pdb_ldap.o passdb/pdb_nds.o, "bin/ldapsam.$SHLIBEXT", PDB,
+SMB_MODULE(pdb_ldap, passdb/pdb_ldap.o passdb/pdb_nds.o passdb/pdb_ipa.o,
+ "bin/ldapsam.$SHLIBEXT", PDB,
[ PASSDB_LIBS="$PASSDB_LIBS $LDAP_LIBS" ] )
SMB_MODULE(pdb_ads, passdb/pdb_ads.o \$(TLDAP_OBJ), "bin/ads.$SHLIBEXT", PDB)
SMB_MODULE(pdb_smbpasswd, passdb/pdb_smbpasswd.o, "bin/smbpasswd.$SHLIBEXT", PDB)
diff --git a/source3/include/passdb.h b/source3/include/passdb.h
index dc50533..77956cb 100644
--- a/source3/include/passdb.h
+++ b/source3/include/passdb.h
@@ -225,6 +225,18 @@ struct pdb_domain_info {
struct GUID guid;
};
+struct pdb_trusted_domain {
+ char *domain_name;
+ char *netbios_name;
+ struct dom_sid security_identifier;
+ DATA_BLOB trust_auth_incoming;
+ DATA_BLOB trust_auth_outgoing;
+ uint32_t trust_direction;
+ uint32_t trust_type;
+ uint32_t trust_attributes;
+ DATA_BLOB trust_forest_trust_info;
+};
+
/*
* trusted domain entry/entries returned by secrets_get_trusted_domains
* (used in _lsa_enum_trust_dom call)
@@ -438,6 +450,25 @@ struct pdb_methods
TALLOC_CTX *mem_ctx, uint32_t *num_domains,
struct trustdom_info ***domains);
+
+ NTSTATUS (*get_trusted_domain)(struct pdb_methods *methods,
+ TALLOC_CTX *mem_ctx,
+ const char *domain,
+ struct pdb_trusted_domain **td);
+ NTSTATUS (*get_trusted_domain_by_sid)(struct pdb_methods *methods,
+ TALLOC_CTX *mem_ctx,
+ struct dom_sid *sid,
+ struct pdb_trusted_domain **td);
+ NTSTATUS (*set_trusted_domain)(struct pdb_methods *methods,
+ const char* domain,
+ const struct pdb_trusted_domain *td);
+ NTSTATUS (*del_trusted_domain)(struct pdb_methods *methods,
+ const char *domain);
+ NTSTATUS (*enum_trusted_domains)(struct pdb_methods *methods,
+ TALLOC_CTX *mem_ctx,
+ uint32_t *num_domains,
+ struct pdb_trusted_domain ***domains);
+
void *private_data; /* Private data of some kind */
void (*free_private_data)(void **);
diff --git a/source3/include/proto.h b/source3/include/proto.h
index 83ac33a..3a964c3 100644
--- a/source3/include/proto.h
+++ b/source3/include/proto.h
@@ -3873,12 +3873,22 @@ bool pdb_set_trusteddom_pw(const char* domain, const char* pwd,
bool pdb_del_trusteddom_pw(const char *domain);
NTSTATUS pdb_enum_trusteddoms(TALLOC_CTX *mem_ctx, uint32_t *num_domains,
struct trustdom_info ***domains);
+NTSTATUS pdb_get_trusted_domain(TALLOC_CTX *mem_ctx, const char *domain,
+ struct pdb_trusted_domain **td);
+NTSTATUS pdb_get_trusted_domain_by_sid(TALLOC_CTX *mem_ctx, struct dom_sid *sid,
+ struct pdb_trusted_domain **td);
+NTSTATUS pdb_set_trusted_domain(const char* domain,
+ const struct pdb_trusted_domain *td);
+NTSTATUS pdb_del_trusted_domain(const char *domain);
+NTSTATUS pdb_enum_trusted_domains(TALLOC_CTX *mem_ctx, uint32_t *num_domains,
+ struct pdb_trusted_domain ***domains);
NTSTATUS make_pdb_method( struct pdb_methods **methods ) ;
/* The following definitions come from passdb/pdb_ldap.c */
struct ldapsam_privates;
+LDAP *priv2ld(struct ldapsam_privates *priv);
const char** get_userattr_list( TALLOC_CTX *mem_ctx, int schema_ver );
NTSTATUS pdb_init_ldapsam_compat(struct pdb_methods **pdb_method, const char *location);
NTSTATUS pdb_init_ldapsam(struct pdb_methods **pdb_method, const char *location);
@@ -3899,6 +3909,10 @@ int pdb_nds_set_password(
const char *pwd );
NTSTATUS pdb_nds_init(void);
+/* The following definitions come from passdb/pdb_nds.c */
+
+NTSTATUS pdb_ipa_init(void);
+
/* The following definitions come from passdb/pdb_smbpasswd.c */
NTSTATUS pdb_smbpasswd_init(void) ;
diff --git a/source3/include/smbldap.h b/source3/include/smbldap.h
index ffe618d..14fe76f 100644
--- a/source3/include/smbldap.h
+++ b/source3/include/smbldap.h
@@ -41,6 +41,7 @@ struct smbldap_state;
#define LDAP_OBJ_SID_ENTRY "sambaSidEntry"
#define LDAP_OBJ_TRUST_PASSWORD "sambaTrustPassword"
#define LDAP_OBJ_TRUSTDOM_PASSWORD "sambaTrustedDomainPassword"
+#define LDAP_OBJ_TRUSTED_DOMAIN "sambaTrustedDomain"
#define LDAP_OBJ_ACCOUNT "account"
#define LDAP_OBJ_POSIXACCOUNT "posixAccount"
@@ -175,6 +176,8 @@ struct smbldap_state {
/* struct used by both pdb_ldap.c and pdb_nds.c */
+struct ipasam_privates;
+
struct ldapsam_privates {
struct smbldap_state *smbldap_state;
@@ -194,6 +197,10 @@ struct ldapsam_privates {
/* Is this NDS ldap? */
int is_nds_ldap;
+ /* Is this IPA ldap? */
+ int is_ipa_ldap;
+ struct ipasam_privates *ipasam_privates;
+
/* ldap server location parameter */
char *location;
diff --git a/source3/passdb/pdb_interface.c b/source3/passdb/pdb_interface.c
index b48f409..c286cc1 100644
--- a/source3/passdb/pdb_interface.c
+++ b/source3/passdb/pdb_interface.c
@@ -2098,6 +2098,81 @@ static NTSTATUS pdb_default_enum_trusteddoms(struct pdb_methods *methods,
return secrets_trusted_domains(mem_ctx, num_domains, domains);
}
+/*******************************************************************
+ trusted_domain methods
+ *******************************************************************/
+
+NTSTATUS pdb_get_trusted_domain(TALLOC_CTX *mem_ctx, const char *domain,
+ struct pdb_trusted_domain **td)
+{
+ struct pdb_methods *pdb = pdb_get_methods();
+ return pdb->get_trusted_domain(pdb, mem_ctx, domain, td);
+}
+
+NTSTATUS pdb_get_trusted_domain_by_sid(TALLOC_CTX *mem_ctx, struct dom_sid *sid,
+ struct pdb_trusted_domain **td)
+{
+ struct pdb_methods *pdb = pdb_get_methods();
+ return pdb->get_trusted_domain_by_sid(pdb, mem_ctx, sid, td);
+}
+
+NTSTATUS pdb_set_trusted_domain(const char* domain,
+ const struct pdb_trusted_domain *td)
+{
+ struct pdb_methods *pdb = pdb_get_methods();
+ return pdb->set_trusted_domain(pdb, domain, td);
+}
+
+NTSTATUS pdb_del_trusted_domain(const char *domain)
+{
+ struct pdb_methods *pdb = pdb_get_methods();
+ return pdb->del_trusted_domain(pdb, domain);
+}
+
+NTSTATUS pdb_enum_trusted_domains(TALLOC_CTX *mem_ctx, uint32_t *num_domains,
+ struct pdb_trusted_domain ***domains)
+{
+ struct pdb_methods *pdb = pdb_get_methods();
+ return pdb->enum_trusted_domains(pdb, mem_ctx, num_domains, domains);
+}
+
+static NTSTATUS pdb_default_get_trusted_domain(struct pdb_methods *methods,
+ TALLOC_CTX *mem_ctx,
+ const char *domain,
+ struct pdb_trusted_domain **td)
+{
+ return NT_STATUS_NOT_IMPLEMENTED;
+}
+
+static NTSTATUS pdb_default_get_trusted_domain_by_sid(struct pdb_methods *methods,
+ TALLOC_CTX *mem_ctx,
+ struct dom_sid *sid,
+ struct pdb_trusted_domain **td)
+{
+ return NT_STATUS_NOT_IMPLEMENTED;
+}
+
+static NTSTATUS pdb_default_set_trusted_domain(struct pdb_methods *methods,
+ const char* domain,
+ const struct pdb_trusted_domain *td)
--
Samba Shared Repository
More information about the samba-cvs
mailing list