[PATCH] Default domain support for winbind [HEAD]
Alexander Bokovoy
a.bokovoy at sam-solutions.net
Wed Jan 16 04:52:05 GMT 2002
Greetings!
Attached you'll find latest revision of default domain support for
winbindd (CVS HEAD). This is quite stable for me and works as expected
with all applications I've tested it including those like finger.
Everybody who is interested in adding this functionality to Samba 3.0,
please test it on your systems and report results.
Patch includes also appropriate changes to documentation (smb.conf(5) and
winbindd(8)).
--
/ Alexander Bokovoy
$ cat /proc/identity >~/.signature
`Senior software developer and analyst for SaM-Solutions Ltd.`
---
Nov 21 20:58:58 alconost kernel: VFS: Busy inodes after unmount.
Self-destruct in 5 seconds. Have a nice day...
-------------- next part --------------
diff -urk.default_domain ./docs/docbook/manpages/smb.conf.5.sgml.default_domain ./docs/docbook/manpages/smb.conf.5.sgml
--- ./docs/docbook/manpages/smb.conf.5.sgml.default_domain Sat Jan 5 12:00:54 2002
+++ ./docs/docbook/manpages/smb.conf.5.sgml Wed Jan 16 14:37:50 2002
@@ -762,6 +762,7 @@
<listitem><para><link linkend="WINBINDGID"><parameter>winbind gid</parameter></link></para></listitem>
<listitem><para><link linkend="WINBINDSEPARATOR"><parameter>winbind separator</parameter></link></para></listitem>
<listitem><para><link linkend="WINBINDUID"><parameter>winbind uid</parameter></link></para></listitem>
+ <listitem><para><link linkend="WINBINDUSEDEFAULTDOMAIN"><parameter>winbind use default domain</parameter></link></para></listitem>
<listitem><para><link linkend="WINSHOOK"><parameter>wins hook</parameter></link></para></listitem>
<listitem><para><link linkend="WINSPROXY"><parameter>wins proxy</parameter></link></para></listitem>
<listitem><para><link linkend="WINSSERVER"><parameter>wins server</parameter></link></para></listitem>
@@ -8195,7 +8196,17 @@
</varlistentry>
-
+ <varlistentry>
+ <term><anchor id="WINBINDUSEDEFAULTDOMAIN">winbind use default domain</term>
+ <listitem><para>This parameter specifies whether <ulink url="winbindd.8.html">
+ winbindd(8)</ulink> daemon should treat users without domain part in a name
+ as members of default domain or not.</para>
+
+ <para>Default: <command>winbind use default domain = <falseg>
+ </command></para>
+ <para>Example: <command>winbind use default domain = true</command></para>
+ </listitem>
+ </varlistentry>
<varlistentry>
diff -urk.default_domain ./docs/docbook/manpages/winbindd.8.sgml.default_domain ./docs/docbook/manpages/winbindd.8.sgml
--- ./docs/docbook/manpages/winbindd.8.sgml.default_domain Thu Dec 6 13:44:41 2001
+++ ./docs/docbook/manpages/winbindd.8.sgml Wed Jan 16 14:33:45 2002
@@ -276,6 +276,18 @@
<para>Default: <command>template shell = /bin/false </command>
</para></listitem>
</varlistentry>
+
+ <varlistentry>
+ <term>winbind use default domain</term>
+ <listitem><para>This parameter specifies whether <command>winbindd</command>
+ daemon should treat users without domain part in a name
+ as members of default domain or not.</para>
+
+ <para>Default: <command>winbind use default domain = <falseg>
+ </command></para>
+ <para>Example: <command>winbind use default domain = true</command></para>
+ </listitem>
+ </varlistentry>
</variablelist>
</refsect1>
diff -urk.default_domain ./source/nsswitch/wb_client.c.default_domain ./source/nsswitch/wb_client.c
--- ./source/nsswitch/wb_client.c.default_domain Mon Dec 17 12:44:16 2001
+++ ./source/nsswitch/wb_client.c Wed Jan 16 13:14:30 2002
@@ -32,17 +32,23 @@
/* Copy of parse_domain_user from winbindd_util.c. Parse a string of the
form DOMAIN/user into a domain and a user */
+extern fstring global_myworkgroup;
static BOOL parse_domain_user(const char *domuser, fstring domain, fstring user)
{
char *p = strchr(domuser,*lp_winbind_separator());
- if (!p)
+ if (!(p || lp_winbind_use_default_domain()))
return False;
-
- fstrcpy(user, p+1);
- fstrcpy(domain, domuser);
- domain[PTR_DIFF(p, domuser)] = 0;
+
+ if(!p && lp_winbind_use_default_domain()) {
+ fstrcpy(user, domuser);
+ fstrcpy(domain, global_myworkgroup);
+ } else {
+ fstrcpy(user, p+1);
+ fstrcpy(domain, domuser);
+ domain[PTR_DIFF(p, domuser)] = 0;
+ }
strupper(domain);
return True;
}
diff -urk.default_domain ./source/nsswitch/winbindd_group.c.default_domain ./source/nsswitch/winbindd_group.c
--- ./source/nsswitch/winbindd_group.c.default_domain Fri Jan 11 14:59:04 2002
+++ ./source/nsswitch/winbindd_group.c Wed Jan 16 13:56:02 2002
@@ -24,6 +24,7 @@
#include "winbindd.h"
+extern fstring global_myworkgroup;
/***************************************************************
Empty static struct for negative caching.
****************************************************************/
@@ -45,6 +46,28 @@
return True;
}
+/*
+ Strip domain name if it is same as default domain name and
+ winbind use default domain = true
+
+ it assumes that name is actually fstring so that memory management
+ isn't needed.
+*/
+static void strip_domain_name_if_needed(fstring *name)
+{
+ if(lp_winbind_use_default_domain()) {
+ char *sep = lp_winbind_separator();
+ char *new_name = strchr(*name, *sep);
+ if(new_name) {
+ *new_name = 0;
+ if (!strcmp(global_myworkgroup, *name)) {
+ new_name++;
+ safe_strcpy(*name, new_name, sizeof(fstring));
+ } else *new_name = *sep;
+ }
+ }
+}
+
/* Fill in the group membership field of a NT group given by group_rid */
static BOOL fill_grent_mem(struct winbindd_domain *domain,
@@ -130,6 +153,7 @@
snprintf(name, sizeof(name), "%s%s%s", domain->name,
lp_winbind_separator(), the_name);
+ strip_domain_name_if_needed(&name);
len = strlen(name);
@@ -299,6 +323,7 @@
if (strcmp(lp_winbind_separator(),"\\"))
string_sub(group_name, "\\", lp_winbind_separator(),
sizeof(fstring));
+ strip_domain_name_if_needed(&group_name);
if (!((name_type == SID_NAME_ALIAS) ||
(name_type == SID_NAME_DOM_GRP))) {
@@ -562,6 +587,8 @@
"%s%s%s", ent->domain_name, lp_winbind_separator(),
name_list[ent->sam_entry_index].acct_name);
+ strip_domain_name_if_needed(&domain_group_name);
+
result = fill_grent(&group_list[group_list_ndx],
domain_group_name, group_gid);
@@ -734,6 +761,7 @@
snprintf(name, sizeof(name), "%s%s%s", domain->name,
lp_winbind_separator(), group_name);
+ strip_domain_name_if_needed(&name);
/* Append to extra data */
memcpy(&extra_data[extra_data_len], name,
diff -urk.default_domain ./source/nsswitch/winbindd_user.c.default_domain ./source/nsswitch/winbindd_user.c
--- ./source/nsswitch/winbindd_user.c.default_domain Fri Jan 11 14:59:04 2002
+++ ./source/nsswitch/winbindd_user.c Wed Jan 16 13:57:07 2002
@@ -24,6 +24,8 @@
#include "winbindd.h"
+extern fstring global_myworkgroup;
+
/* Fill a pwent structure with information we have obtained */
static BOOL winbindd_fill_pwent(char *domain_name, char *name,
@@ -91,6 +93,28 @@
return True;
}
+/*
+ Strip domain name if it is same as default domain name and
+ winbind use default domain = true
+
+ it assumes that name is actually fstring so that memory management
+ isn't needed.
+*/
+static void strip_domain_name_if_needed(fstring *name)
+{
+ if(lp_winbind_use_default_domain()) {
+ char *sep = lp_winbind_separator();
+ char *new_name = strchr(*name, *sep);
+ if(new_name) {
+ *new_name = 0;
+ if (!strcmp(global_myworkgroup, *name)) {
+ new_name++;
+ safe_strcpy(*name, new_name, sizeof(fstring));
+ } else *new_name = *sep;
+ }
+ }
+}
+
/* Return a password structure from a username. */
enum winbindd_result winbindd_getpwnam(struct winbindd_cli_state *state)
@@ -169,6 +193,7 @@
return WINBINDD_OK;
}
+
/* Return a password structure given a uid number */
enum winbindd_result winbindd_getpwuid(struct winbindd_cli_state *state)
@@ -217,6 +242,7 @@
if (strcmp("\\", lp_winbind_separator()))
string_sub(user_name, "\\", lp_winbind_separator(),
sizeof(fstring));
+ strip_domain_name_if_needed(&user_name);
/* Get some user info */
@@ -503,6 +529,8 @@
slprintf(domain_user_name, sizeof(domain_user_name) - 1,
"%s%s%s", ent->domain_name, sep,
name_list[ent->sam_entry_index].name);
+
+ strip_domain_name_if_needed(&domain_user_name);
result = winbindd_fill_pwent(
ent->domain_name,
@@ -599,6 +627,7 @@
slprintf(name, sizeof(name) - 1, "%s%s%s",
domain->name, lp_winbind_separator(),
acct_name);
+ strip_domain_name_if_needed(&name);
/* Append to extra data */
memcpy(&extra_data[extra_data_len], name,
diff -urk.default_domain ./source/nsswitch/winbindd_util.c.default_domain ./source/nsswitch/winbindd_util.c
--- ./source/nsswitch/winbindd_util.c.default_domain Fri Jan 11 14:59:04 2002
+++ ./source/nsswitch/winbindd_util.c Wed Jan 16 13:14:30 2002
@@ -348,17 +348,23 @@
}
/* Parse a string of the form DOMAIN/user into a domain and a user */
+extern fstring global_myworkgroup;
BOOL parse_domain_user(const char *domuser, fstring domain, fstring user)
{
char *p = strchr(domuser,*lp_winbind_separator());
- if (!p)
+ if (!(p || lp_winbind_use_default_domain()))
return False;
- fstrcpy(user, p+1);
- fstrcpy(domain, domuser);
- domain[PTR_DIFF(p, domuser)] = 0;
+ if(!p && lp_winbind_use_default_domain()) {
+ fstrcpy(user, domuser);
+ fstrcpy(domain, global_myworkgroup);
+ } else {
+ fstrcpy(user, p+1);
+ fstrcpy(domain, domuser);
+ domain[PTR_DIFF(p, domuser)] = 0;
+ }
strupper(domain);
return True;
}
diff -urk.default_domain ./source/param/loadparm.c.default_domain ./source/param/loadparm.c
--- ./source/param/loadparm.c.default_domain Wed Jan 16 12:28:29 2002
+++ ./source/param/loadparm.c Wed Jan 16 13:15:30 2002
@@ -155,6 +155,7 @@
char *szWinbindSeparator;
BOOL bWinbindEnumUsers;
BOOL bWinbindEnumGroups;
+ BOOL bWinbindUseDefaultDomain;
char *szAddShareCommand;
char *szChangeShareCommand;
char *szDeleteShareCommand;
@@ -1043,6 +1044,7 @@
{"winbind cache time", P_INTEGER, P_GLOBAL, &Globals.winbind_cache_time, NULL, NULL, 0},
{"winbind enum users", P_BOOL, P_GLOBAL, &Globals.bWinbindEnumUsers, NULL, NULL, 0},
{"winbind enum groups", P_BOOL, P_GLOBAL, &Globals.bWinbindEnumGroups, NULL, NULL, 0},
+ {"winbind use default domain", P_BOOL, P_GLOBAL, &Globals.bWinbindUseDefaultDomain, NULL, NULL, 0},
{NULL, P_BOOL, P_NONE, NULL, NULL, NULL, 0}
};
@@ -1368,6 +1370,7 @@
Globals.winbind_cache_time = 15;
Globals.bWinbindEnumUsers = True;
Globals.bWinbindEnumGroups = True;
+ Globals.bWinbindUseDefaultDomain = False;
Globals.bUseSpnego = True;
@@ -1511,6 +1514,7 @@
FN_GLOBAL_STRING(lp_winbind_separator, &Globals.szWinbindSeparator)
FN_GLOBAL_BOOL(lp_winbind_enum_users, &Globals.bWinbindEnumUsers)
FN_GLOBAL_BOOL(lp_winbind_enum_groups, &Globals.bWinbindEnumGroups)
+FN_GLOBAL_BOOL(lp_winbind_use_default_domain, &Globals.bWinbindUseDefaultDomain)
#ifdef WITH_LDAP_SAM
FN_GLOBAL_STRING(lp_ldap_server, &Globals.szLdapServer)
FN_GLOBAL_STRING(lp_ldap_suffix, &Globals.szLdapSuffix)
More information about the samba-technical
mailing list