CVS update: samba/source

Luke Kenneth Casson Leighton lkcl at regent.push.net
Tue Apr 14 17:55:02 GMT 1998 

On Tue, 14 Apr 1998, Jeremy Allison wrote:

> Luke Kenneth Casson Leighton wrote:
> > 
> > jeremy,
> > 
> > can we do a getsmbpwnamRID?  this is more important than getsmbpwuid.
> > 
> > luke
> 
> No that's not the right way to do it.
> 
> We never store RIDs in the smbpasswd file,
> therefor a lookup on RIDs is not useful.

you don't intend to store RIDs in the smbpasswd file, that's fine.  i'll
describe two potential implementations below which fit the same API that i
envisage should be used.
 
> We need rid_to_uid_or_gid, and uid_to_rid
> and gid_to_rid functions, but not the one
> you mentioned above.

this function should be hidden behind the API, and only called from
smbpass.c.

> We need to keep the code very clear when
> we are deling with RIDs and when we are
> dealing with uids and gids and never the
> twain shall meet :-).

effectively, yes.  except that unix uids are not important to the NT side
of things; only NT RIDs are.


ok.

implementation 1) - uses smbpasswd files.

SAM_USER_INFO_21 *GetUserByRID(SID *sid, uint32 user_rid)
{
	static SAM_USER_INFO_21 sam_user;
	struct smb_passwd *smb_user;

	if (sid == lp_domain_sid())
	{
		uid_t unix_uid = rid_to_uid(user_rid);
		smb_user = getsmbpwnamuid(unix_uid);

		sam_user->user_name = smb_user->smb_name
		sam_user->acb_info  = smb_user->acct_ctrl

		/* user info is all the %macro substitution stuff */
		/* create all parameters like in NetUserGetInfo */
		store_old_user_info();
		set_user_info();
		reload_services();

		sam_user->home_dir   = lp_logon_path();
		sam_user->home_drive = lp_logon_drive();
		... etc etc...

		/* restore all the %macro substitutions that we */
		/* just had to overwrite in order to get the above */
		/* lp_xxxx() parameters correct */
		set_user_info(old_user_info);
		reload_services();

		return &sam_user;
	}
}

note the lack of returning unix uids.  if you want to obtain the unix uid,
you must do:

SAM_USER_INFO_21 *sam_user = GetUserByRid(lp_domain_sid(), nt_rid);
uid_t unix_uid = rid_to_uid(nt_rid);

or have done this:

uint32 nt_rid = uid_to_rid(unix_uidd);
SAM_USER_INFO_21 *sam_user = GetUserByRid(lp_domain_sid(), nt_rid);


implementation 2) - uses a unix implementation of a SAM registry, or uses
a modified version of PWDUMP which obtains all SAM_USER_INFO_21 structures
from the SAM database on an NT server, or at the very least has access to
SAM_USER_INFO_21 structures identical to those in an NT server SAM
database.


SAM_USER_INFO_21 *GetUserByRID(SID *sid, uint32 user_rid)
{
	static SAM_USER_INFO_21 sam_user;

	if (sid == lp_domain_sid())
	{
		/* obtain data from local UNIX SAM registry */
		SAM_USER_INFO_21 *user = get_sam_reg_entry(user_rid);
		memcpy(&sam_user, user, sizeof(sam_user));
		return sam_user;
	}

	return NULL;
}

implementation 1) therefore is to "get round" the fact that most of the
information needed for the NetrLogonSamLogon response is actually missing.
i view implementation 1) as a "legacy" implementation, almost, for
backwards-compatibility with existing systems (smbpasswd files).


note the lack of references to lp_xxxx() functions in implementation 2.
this is because all the fields already exist.  i would recommend that the
smbpasswd -add command, if it is to be used to add entries into a "unix
SAM registry" be extended to either do some fancy work with lp_xxxx() just
like in implementation 1), or to request, like "User Manager for Domains",
the missing fields.

luke

More information about the samba-technical mailing list