After technical consultation, add Steven Danneman's <steven.danneman@isilon.com>...

[samba.git] / source / winbindd / winbindd.h

diff --git a/source/winbindd/winbindd.h b/source/winbindd/winbindd.h
index 6bf6e6c68f91213425d1953e8d6997710e1233fb..42a1100f02b643c935cf69d51d0a113aa8af8462 100644 (file)
--- a/source/winbindd/winbindd.h
+++ b/source/winbindd/winbindd.h
@@ -164,9 +164,9 @@ struct winbindd_domain {
        fstring alt_name;                      /* alt Domain name, if any (FQDN for ADS) */
        fstring forest_name;                   /* Name of the AD forest we're in */
        DOM_SID sid;                           /* SID for this domain */
-       uint32 domain_flags;                   /* Domain flags from rpc_ds.h */
-       uint32 domain_type;                    /* Domain type from rpc_ds.h */
-       uint32 domain_trust_attribs;           /* Trust attribs from rpc_ds.h */
+       uint32 domain_flags;                   /* Domain flags from netlogon.h */
+       uint32 domain_type;                    /* Domain type from netlogon.h */
+       uint32 domain_trust_attribs;           /* Trust attribs from netlogon.h */
        bool initialized;                      /* Did we already ask for the domain mode? */
        bool native_mode;                      /* is this a win2k domain in native mode ? */
        bool active_directory;                 /* is this a win2k active directory ? */
@@ -176,6 +176,14 @@ struct winbindd_domain {
        time_t startup_time;                   /* When we set "startup" true. */
        bool startup;                          /* are we in the first 30 seconds after startup_time ? */
 
+       bool can_do_samlogon_ex; /* Due to the lack of finer control what type
+                                 * of DC we have, let us try to do a
+                                 * credential-chain less samlogon_ex call
+                                 * with AD and schannel. If this fails with
+                                 * DCERPC_FAULT_OP_RNG_ERROR, then set this
+                                 * to False. This variable is around so that
+                                 * we don't have to try _ex every time. */
+
        /* Lookup methods for this domain (LDAP or RPC) */
        struct winbindd_methods *methods;
 
@@ -301,15 +309,15 @@ struct winbindd_methods {
        NTSTATUS (*sequence_number)(struct winbindd_domain *domain, uint32 *seq);
 
        /* return the lockout policy */
-       NTSTATUS (*lockout_policy)(struct winbindd_domain *domain, 
+       NTSTATUS (*lockout_policy)(struct winbindd_domain *domain,
                                   TALLOC_CTX *mem_ctx,
-                                  SAM_UNK_INFO_12 *lockout_policy);
- 
+                                  struct samr_DomInfo12 *lockout_policy);
+
        /* return the lockout policy */
-       NTSTATUS (*password_policy)(struct winbindd_domain *domain, 
+       NTSTATUS (*password_policy)(struct winbindd_domain *domain,
                                    TALLOC_CTX *mem_ctx,
-                                   SAM_UNK_INFO_1 *password_policy);
- 
+                                   struct samr_DomInfo1 *password_policy);
+
        /* enumerate trusted domains */
        NTSTATUS (*trusted_domains)(struct winbindd_domain *domain,
                                    TALLOC_CTX *mem_ctx,
@@ -354,7 +362,12 @@ struct winbindd_tdc_domain {
        uint32 trust_type;
 };
 
-
+/* Switch for listing users or groups */
+enum ent_type {
+       LIST_USERS = 0,
+       LIST_GROUPS,
+};
+ 
 #include "winbindd/winbindd_proto.h"
 
 #define WINBINDD_ESTABLISH_LOOP 30