Samba PDC may manage a forest containing DNS domains in addition to the primary one.
Information about them is advertised via netr_DsRGetForestTrustInformation when
trusted_domain_name is NULL, according to MS-NRPC and MS-LSAD, and
via netr_GetForestTrustInformation.
This changeset only expands PASSDB API; how suffixes are maintained is left
to specific PDB modules. Set function is added so that suffixes could be
managed through 'net' and other Samba utilities, if possible.
One possible implementation is available for ipasam module in FreeIPA:
http://git.fedorahosted.org/cgit/freeipa.git/commit/?id=
cc56723151c9ebf58d891e85617319d861af14a4
Reviewed-by: Andreas Schneider <asn@samba.org>
* Changed to 18, pdb_rid_algorithm -> pdb_capabilities
* Changed to 19, removed uid_to_rid
* Changed to 20, pdb_secret calls
+ * Changed to 21, set/enum_upn_suffixes. AB.
*/
-#define PASSDB_INTERFACE_VERSION 20
+#define PASSDB_INTERFACE_VERSION 21
struct pdb_methods
{
NTSTATUS (*delete_secret)(struct pdb_methods *methods,
const char *secret_name);
+ NTSTATUS (*enum_upn_suffixes)(struct pdb_methods *methods,
+ TALLOC_CTX *mem_ctx,
+ uint32_t *num_suffixes,
+ char ***suffixes);
+
+ NTSTATUS (*set_upn_suffixes)(struct pdb_methods *methods,
+ uint32_t num_suffixes,
+ const char **suffixes);
+
void *private_data; /* Private data of some kind */
void (*free_private_data)(void **);
bool pdb_sid_to_id_unix_users_and_groups(const struct dom_sid *sid,
struct unixid *id);
+NTSTATUS pdb_enum_upn_suffixes(TALLOC_CTX *mem_ctx,
+ uint32_t *num_suffixes,
+ char ***suffixes);
+
+NTSTATUS pdb_set_upn_suffixes(uint32_t num_suffixes,
+ const char **suffixes);
/* The following definitions come from passdb/pdb_util.c */
pdb_enum_group_memberships: NTSTATUS (TALLOC_CTX *, struct samu *, struct dom_sid **, gid_t **, uint32_t *)
pdb_enum_trusted_domains: NTSTATUS (TALLOC_CTX *, uint32_t *, struct pdb_trusted_domain ***)
pdb_enum_trusteddoms: NTSTATUS (TALLOC_CTX *, uint32_t *, struct trustdom_info ***)
+pdb_enum_upn_suffixes: NTSTATUS (TALLOC_CTX *, uint32_t *, char ***)
pdb_find_backend_entry: struct pdb_init_function_entry *(const char *)
pdb_get_account_policy: bool (enum pdb_policy_type, uint32_t *)
pdb_get_acct_ctrl: uint32_t (const struct samu *)
pdb_set_trusteddom_pw: bool (const char *, const char *, const struct dom_sid *)
pdb_set_unix_primary_group: NTSTATUS (TALLOC_CTX *, struct samu *)
pdb_set_unknown_6: bool (struct samu *, uint32_t, enum pdb_value_state)
+pdb_set_upn_suffixes: NTSTATUS (uint32_t, const char **)
pdb_set_user_sid: bool (struct samu *, const struct dom_sid *, enum pdb_value_state)
pdb_set_user_sid_from_rid: bool (struct samu *, uint32_t, enum pdb_value_state)
pdb_set_user_sid_from_string: bool (struct samu *, const char *, enum pdb_value_state)
return NULL;
}
+/*****************************************************************
+ UPN suffixes
+ *****************************************************************/
+static NTSTATUS pdb_default_enum_upn_suffixes(struct pdb_methods *pdb,
+ TALLOC_CTX *mem_ctx,
+ uint32_t *num_suffixes,
+ char ***suffixes)
+{
+ return NT_STATUS_NOT_IMPLEMENTED;
+}
+
+static NTSTATUS pdb_default_set_upn_suffixes(struct pdb_methods *pdb,
+ uint32_t num_suffixes,
+ const char **suffixes)
+{
+ return NT_STATUS_NOT_IMPLEMENTED;
+}
+
+NTSTATUS pdb_enum_upn_suffixes(TALLOC_CTX *mem_ctx,
+ uint32_t *num_suffixes,
+ char ***suffixes)
+{
+ struct pdb_methods *pdb = pdb_get_methods();
+ return pdb->enum_upn_suffixes(pdb, mem_ctx, num_suffixes, suffixes);
+}
+
+NTSTATUS pdb_set_upn_suffixes(uint32_t num_suffixes,
+ const char **suffixes)
+{
+ struct pdb_methods *pdb = pdb_get_methods();
+ return pdb->set_upn_suffixes(pdb, num_suffixes, suffixes);
+}
+
/*******************************************************************
secret methods
*******************************************************************/
(*methods)->set_secret = pdb_default_set_secret;
(*methods)->delete_secret = pdb_default_delete_secret;
+ (*methods)->enum_upn_suffixes = pdb_default_enum_upn_suffixes;
+ (*methods)->set_upn_suffixes = pdb_default_set_upn_suffixes;
+
return NT_STATUS_OK;
}
git.samba.org / samba.git / commitdiff