2 Unix SMB/CIFS implementation.
4 Winbind rpc backend functions
6 Copyright (C) Tim Potter 2000-2001,2003
7 Copyright (C) Simo Sorce 2003
9 This program is free software; you can redistribute it and/or modify
10 it under the terms of the GNU General Public License as published by
11 the Free Software Foundation; either version 2 of the License, or
12 (at your option) any later version.
14 This program is distributed in the hope that it will be useful,
15 but WITHOUT ANY WARRANTY; without even the implied warranty of
16 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
17 GNU General Public License for more details.
19 You should have received a copy of the GNU General Public License
20 along with this program; if not, write to the Free Software
21 Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
27 #define DBGC_CLASS DBGC_WINBIND
30 /* Query display info for a domain. This returns enough information plus a
31 bit extra to give an overview of domain users for the User Manager
33 static NTSTATUS query_user_list(struct winbindd_domain *domain,
36 WINBIND_USERINFO **info)
38 SAM_ACCOUNT *sam_account = NULL;
42 DEBUG(3,("pdb: query_user_list\n"));
44 if (NT_STATUS_IS_ERR(result = pdb_init_sam(&sam_account))) {
51 if (pdb_setsampwent(False)) {
53 while (pdb_getsampwent(sam_account)) {
55 /* we return only nua accounts, or we will have duplicates */
56 if (!idmap_check_sid_is_in_free_range(pdb_get_user_sid(sam_account))) {
60 *info = talloc_realloc(mem_ctx, *info, (i + 1) * sizeof(WINBIND_USERINFO));
62 DEBUG(0,("query_user_list: out of memory!\n"));
63 result = NT_STATUS_NO_MEMORY;
67 (*info)[i].user_sid = talloc(mem_ctx, sizeof(DOM_SID));
68 (*info)[i].group_sid = talloc(mem_ctx, sizeof(DOM_SID));
69 if (!((*info)[i].user_sid) || !((*info)[i].group_sid)) {
70 DEBUG(0,("query_user_list: out of memory!\n"));
71 result = NT_STATUS_NO_MEMORY;
74 sid_copy((*info)[i].user_sid, pdb_get_user_sid(sam_account));
75 sid_copy((*info)[i].group_sid, pdb_get_group_sid(sam_account));
77 (*info)[i].acct_name = talloc_strdup(mem_ctx, pdb_get_username(sam_account));
78 (*info)[i].full_name = talloc_strdup(mem_ctx, pdb_get_fullname(sam_account));
79 if (!((*info)[i].acct_name) || !((*info)[i].full_name)) {
80 DEBUG(0,("query_user_list: out of memory!\n"));
81 result = NT_STATUS_NO_MEMORY;
87 if (NT_STATUS_IS_ERR(pdb_reset_sam(sam_account))) {
88 result = NT_STATUS_UNSUCCESSFUL;
94 result = NT_STATUS_OK;
97 result = NT_STATUS_UNSUCCESSFUL;
100 pdb_free_sam(&sam_account);
104 /* list all domain groups */
105 static NTSTATUS enum_dom_groups(struct winbindd_domain *domain,
108 struct acct_info **info)
110 NTSTATUS result = NT_STATUS_OK;
112 DEBUG(3,("pdb: enum_dom_groups (group support not implemented)\n"));
120 /* List all domain groups */
122 static NTSTATUS enum_local_groups(struct winbindd_domain *domain,
125 struct acct_info **info)
127 NTSTATUS result = NT_STATUS_OK;
129 DEBUG(3,("pdb: enum_local_groups (group support not implemented)\n"));
137 /* convert a single name to a sid in a domain */
138 static NTSTATUS name_to_sid(struct winbindd_domain *domain,
142 enum SID_NAME_USE *type)
144 SAM_ACCOUNT *sam_account = NULL;
145 NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
147 DEBUG(3,("pdb: name_to_sid name=%s (group support not implemented)\n", name));
149 if (NT_STATUS_IS_OK(pdb_init_sam(&sam_account))) {
150 if (!pdb_getsampwnam(sam_account, name)) {
151 result = NT_STATUS_UNSUCCESSFUL;
152 } else { /* it is a sam user */
153 sid_copy(sid, pdb_get_user_sid(sam_account));
154 *type = SID_NAME_USER;
155 result = NT_STATUS_OK;
159 pdb_free_sam(&sam_account);
164 convert a domain SID to a user or group name
166 static NTSTATUS sid_to_name(struct winbindd_domain *domain,
170 enum SID_NAME_USE *type)
172 SAM_ACCOUNT *sam_account = NULL;
173 NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
176 DEBUG(3,("pdb: sid_to_name sid=%s\n", sid_string_static(sid)));
178 if (NT_STATUS_IS_OK(sid_to_uid(sid, &id))) { /* this is a user */
180 if (NT_STATUS_IS_ERR(result = pdb_init_sam(&sam_account))) {
184 if (!pdb_getsampwsid(sam_account, sid)) {
185 pdb_free_sam(&sam_account);
186 return NT_STATUS_UNSUCCESSFUL;
189 *name = talloc_strdup(mem_ctx, pdb_get_username(sam_account));
191 DEBUG(0,("query_user: out of memory!\n"));
192 pdb_free_sam(&sam_account);
193 return NT_STATUS_NO_MEMORY;
196 pdb_free_sam(&sam_account);
197 *type = SID_NAME_USER;
198 result = NT_STATUS_OK;
200 } else if (NT_STATUS_IS_OK(sid_to_gid(sid, &id))) { /* this is a group */
202 DEBUG(3,("pdb: sid_to_name: group support not implemented\n"));
203 result = NT_STATUS_UNSUCCESSFUL;
209 /* Lookup user information from a rid or username. */
210 static NTSTATUS query_user(struct winbindd_domain *domain,
213 WINBIND_USERINFO *user_info)
215 SAM_ACCOUNT *sam_account = NULL;
218 DEBUG(3,("pdb: query_user sid=%s\n", sid_string_static(user_sid)));
220 if (NT_STATUS_IS_ERR(result = pdb_init_sam(&sam_account))) {
224 if (!pdb_getsampwsid(sam_account, user_sid)) {
225 pdb_free_sam(&sam_account);
226 return NT_STATUS_UNSUCCESSFUL;
229 /* we return only nua accounts, or we will have duplicates */
230 if (!idmap_check_sid_is_in_free_range(user_sid)) {
231 pdb_free_sam(&sam_account);
232 return NT_STATUS_UNSUCCESSFUL;
235 user_info->user_sid = talloc(mem_ctx, sizeof(DOM_SID));
236 user_info->group_sid = talloc(mem_ctx, sizeof(DOM_SID));
237 if (!(user_info->user_sid) || !(user_info->group_sid)) {
238 DEBUG(0,("query_user: out of memory!\n"));
239 pdb_free_sam(&sam_account);
240 return NT_STATUS_NO_MEMORY;
242 sid_copy(user_info->user_sid, pdb_get_user_sid(sam_account));
243 sid_copy(user_info->group_sid, pdb_get_group_sid(sam_account));
245 user_info->acct_name = talloc_strdup(mem_ctx, pdb_get_username(sam_account));
246 user_info->full_name = talloc_strdup(mem_ctx, pdb_get_fullname(sam_account));
247 if (!(user_info->acct_name) || !(user_info->full_name)) {
248 DEBUG(0,("query_user: out of memory!\n"));
249 pdb_free_sam(&sam_account);
250 return NT_STATUS_NO_MEMORY;
253 pdb_free_sam(&sam_account);
257 /* Lookup groups a user is a member of. I wish Unix had a call like this! */
258 static NTSTATUS lookup_usergroups(struct winbindd_domain *domain,
261 uint32 *num_groups, DOM_SID ***user_gids)
263 NTSTATUS result = NT_STATUS_OK;
265 DEBUG(3,("pdb: lookup_usergroups (group support not implemented)\n"));
274 /* Lookup group membership given a rid. */
275 static NTSTATUS lookup_groupmem(struct winbindd_domain *domain,
277 DOM_SID *group_sid, uint32 *num_names,
278 DOM_SID ***sid_mem, char ***names,
281 NTSTATUS result = NT_STATUS_NOT_IMPLEMENTED;
283 DEBUG(3,("pdb: lookup_groupmem (group support not implemented)\n"));
293 /* find the sequence number for a domain */
294 static NTSTATUS sequence_number(struct winbindd_domain *domain, uint32 *seq)
296 /* FIXME: we fake up the seq_num untill our passdb support it */
297 static uint32 seq_num;
299 DEBUG(3,("pdb: sequence_number\n"));
306 /* get a list of trusted domains */
307 static NTSTATUS trusted_domains(struct winbindd_domain *domain,
314 NTSTATUS result = NT_STATUS_NOT_IMPLEMENTED;
316 DEBUG(3,("pdb: trusted_domains (todo!)\n"));
321 /* find the domain sid for a domain */
322 static NTSTATUS domain_sid(struct winbindd_domain *domain, DOM_SID *sid)
324 DEBUG(3,("pdb: domain_sid\n"));
326 if (strcmp(domain->name, lp_workgroup())) {
327 return NT_STATUS_INVALID_PARAMETER;
329 sid_copy(sid, get_global_sam_sid());
334 /* find alternate names list for the domain
335 * should we look for netbios aliases??
337 static NTSTATUS alternate_name(struct winbindd_domain *domain)
339 DEBUG(3,("pdb: alternate_name\n"));
345 /* the rpc backend methods are exposed via this structure */
346 struct winbindd_methods passdb_methods = {
git.samba.org / samba.git / blob