CVS update: samba/source
Luke Kenneth Casson Leighton
lkcl at regent.push.net
Tue Apr 14 17:55:02 GMT 1998
On Tue, 14 Apr 1998, Jeremy Allison wrote:
> Luke Kenneth Casson Leighton wrote:
> >
> > jeremy,
> >
> > can we do a getsmbpwnamRID? this is more important than getsmbpwuid.
> >
> > luke
>
> No that's not the right way to do it.
>
> We never store RIDs in the smbpasswd file,
> therefor a lookup on RIDs is not useful.
you don't intend to store RIDs in the smbpasswd file, that's fine. i'll
describe two potential implementations below which fit the same API that i
envisage should be used.
> We need rid_to_uid_or_gid, and uid_to_rid
> and gid_to_rid functions, but not the one
> you mentioned above.
this function should be hidden behind the API, and only called from
smbpass.c.
> We need to keep the code very clear when
> we are deling with RIDs and when we are
> dealing with uids and gids and never the
> twain shall meet :-).
effectively, yes. except that unix uids are not important to the NT side
of things; only NT RIDs are.
ok.
implementation 1) - uses smbpasswd files.
SAM_USER_INFO_21 *GetUserByRID(SID *sid, uint32 user_rid)
{
static SAM_USER_INFO_21 sam_user;
struct smb_passwd *smb_user;
if (sid == lp_domain_sid())
{
uid_t unix_uid = rid_to_uid(user_rid);
smb_user = getsmbpwnamuid(unix_uid);
sam_user->user_name = smb_user->smb_name
sam_user->acb_info = smb_user->acct_ctrl
/* user info is all the %macro substitution stuff */
/* create all parameters like in NetUserGetInfo */
store_old_user_info();
set_user_info();
reload_services();
sam_user->home_dir = lp_logon_path();
sam_user->home_drive = lp_logon_drive();
... etc etc...
/* restore all the %macro substitutions that we */
/* just had to overwrite in order to get the above */
/* lp_xxxx() parameters correct */
set_user_info(old_user_info);
reload_services();
return &sam_user;
}
}
note the lack of returning unix uids. if you want to obtain the unix uid,
you must do:
SAM_USER_INFO_21 *sam_user = GetUserByRid(lp_domain_sid(), nt_rid);
uid_t unix_uid = rid_to_uid(nt_rid);
or have done this:
uint32 nt_rid = uid_to_rid(unix_uidd);
SAM_USER_INFO_21 *sam_user = GetUserByRid(lp_domain_sid(), nt_rid);
implementation 2) - uses a unix implementation of a SAM registry, or uses
a modified version of PWDUMP which obtains all SAM_USER_INFO_21 structures
from the SAM database on an NT server, or at the very least has access to
SAM_USER_INFO_21 structures identical to those in an NT server SAM
database.
SAM_USER_INFO_21 *GetUserByRID(SID *sid, uint32 user_rid)
{
static SAM_USER_INFO_21 sam_user;
if (sid == lp_domain_sid())
{
/* obtain data from local UNIX SAM registry */
SAM_USER_INFO_21 *user = get_sam_reg_entry(user_rid);
memcpy(&sam_user, user, sizeof(sam_user));
return sam_user;
}
return NULL;
}
implementation 1) therefore is to "get round" the fact that most of the
information needed for the NetrLogonSamLogon response is actually missing.
i view implementation 1) as a "legacy" implementation, almost, for
backwards-compatibility with existing systems (smbpasswd files).
note the lack of references to lp_xxxx() functions in implementation 2.
this is because all the fields already exist. i would recommend that the
smbpasswd -add command, if it is to be used to add entries into a "unix
SAM registry" be extended to either do some fancy work with lp_xxxx() just
like in implementation 1), or to request, like "User Manager for Domains",
the missing fields.
luke
More information about the samba-technical
mailing list