2007-09-10 20:56:51 +04:00
/*
2006-12-12 17:52:13 +03:00
Unix SMB / CIFS implementation .
ID Mapping
Copyright ( C ) Tim Potter 2000
Copyright ( C ) Jim McDonough < jmcd @ us . ibm . com > 2003
2007-09-10 20:56:51 +04:00
Copyright ( C ) Simo Sorce 2003 - 2007
2006-12-12 17:52:13 +03:00
Copyright ( C ) Jeremy Allison 2006
2011-01-03 00:04:53 +03:00
Copyright ( C ) Michael Adam 2010
2006-12-12 17:52:13 +03:00
This program is free software ; you can redistribute it and / or modify
it under the terms of the GNU General Public License as published by
2007-07-09 23:25:36 +04:00
the Free Software Foundation ; either version 3 of the License , or
2006-12-12 17:52:13 +03:00
( at your option ) any later version .
This program is distributed in the hope that it will be useful ,
but WITHOUT ANY WARRANTY ; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE . See the
GNU General Public License for more details .
You should have received a copy of the GNU General Public License
2007-07-10 04:52:41 +04:00
along with this program . If not , see < http : //www.gnu.org/licenses/>.
2007-01-22 19:54:02 +03:00
*/
2006-12-12 17:52:13 +03:00
# include "includes.h"
# include "winbindd.h"
2010-08-18 20:13:42 +04:00
# include "idmap.h"
2012-11-30 19:27:59 +04:00
# include "lib/util_sid_passdb.h"
2016-03-04 17:03:08 +03:00
# include "libcli/security/dom_sid.h"
2014-03-28 06:37:19 +04:00
# include "passdb.h"
2006-12-12 17:52:13 +03:00
# undef DBGC_CLASS
# define DBGC_CLASS DBGC_IDMAP
static_decl_idmap ;
2008-07-17 15:32:28 +04:00
/**
* Pointer to the backend methods . Modules register themselves here via
* smb_register_idmap .
*/
2006-12-12 17:52:13 +03:00
struct idmap_backend {
const char * name ;
2019-03-21 14:30:37 +03:00
const struct idmap_methods * methods ;
2006-12-12 17:52:13 +03:00
struct idmap_backend * prev , * next ;
} ;
2008-07-17 15:32:28 +04:00
static struct idmap_backend * backends = NULL ;
2006-12-12 17:52:13 +03:00
2008-07-17 15:32:28 +04:00
/**
* Default idmap domain configured via " idmap backend " .
2008-07-13 14:07:40 +04:00
*/
static struct idmap_domain * default_idmap_domain ;
2008-07-17 15:32:28 +04:00
/**
* Passdb idmap domain , not configurable . winbind must always give passdb a
* chance to map ids .
*/
2008-07-13 14:07:40 +04:00
static struct idmap_domain * passdb_idmap_domain ;
2008-07-17 15:32:28 +04:00
/**
* List of specially configured idmap domains . This list is filled on demand
* in the winbind idmap child when the parent winbind figures out via the
* special range parameter or via the domain SID that a special " idmap config
* domain " configuration is present.
*/
2006-12-12 17:52:13 +03:00
static struct idmap_domain * * idmap_domains = NULL ;
static int num_domains = 0 ;
2015-08-19 18:00:46 +03:00
static struct idmap_domain * idmap_init_named_domain ( TALLOC_CTX * mem_ctx ,
const char * domname ) ;
static struct idmap_domain * idmap_init_domain ( TALLOC_CTX * mem_ctx ,
const char * domainname ,
const char * modulename ,
bool check_range ) ;
2016-02-22 19:03:43 +03:00
struct lp_scan_idmap_domains_state {
bool ( * fn ) ( const char * domname , void * private_data ) ;
void * private_data ;
} ;
static bool lp_scan_idmap_found_domain (
2015-08-19 18:00:46 +03:00
const char * string , regmatch_t matches [ ] , void * private_data ) ;
2016-02-22 19:03:43 +03:00
bool lp_scan_idmap_domains ( bool ( * fn ) ( const char * domname ,
void * private_data ) ,
void * private_data )
{
struct lp_scan_idmap_domains_state state = {
. fn = fn , . private_data = private_data } ;
int ret ;
ret = lp_wi_scan_global_parametrics (
" idmapconfig \\ (.* \\ ):backend " , 2 ,
lp_scan_idmap_found_domain , & state ) ;
if ( ret ! = 0 ) {
DBG_WARNING ( " wi_scan_global_parametrics returned %d \n " , ret ) ;
return false ;
}
return true ;
}
static bool lp_scan_idmap_found_domain (
const char * string , regmatch_t matches [ ] , void * private_data )
{
bool ok ;
if ( matches [ 1 ] . rm_so = = - 1 ) {
DBG_WARNING ( " Found match, but no name?? \n " ) ;
return false ;
}
if ( matches [ 1 ] . rm_eo < = matches [ 1 ] . rm_so ) {
DBG_WARNING ( " Invalid match \n " ) ;
return false ;
}
{
struct lp_scan_idmap_domains_state * state = private_data ;
regoff_t len = matches [ 1 ] . rm_eo - matches [ 1 ] . rm_so ;
char domname [ len + 1 ] ;
memcpy ( domname , string + matches [ 1 ] . rm_so , len ) ;
domname [ len ] = ' \0 ' ;
DBG_DEBUG ( " Found idmap domain \" %s \" \n " , domname ) ;
ok = state - > fn ( domname , state - > private_data ) ;
}
return ok ;
}
static bool idmap_found_domain_backend ( const char * domname ,
void * private_data ) ;
2015-08-19 18:00:46 +03:00
static bool idmap_init ( void )
2015-08-18 17:58:02 +03:00
{
static bool initialized ;
2016-02-22 19:03:43 +03:00
bool ok ;
2015-08-18 17:58:02 +03:00
if ( initialized ) {
2015-08-19 18:00:46 +03:00
return true ;
2015-08-18 17:58:02 +03:00
}
DEBUG ( 10 , ( " idmap_init(): calling static_init_idmap \n " ) ) ;
2017-04-20 22:24:43 +03:00
static_init_idmap ( NULL ) ;
2015-08-18 17:58:02 +03:00
initialized = true ;
2015-08-19 18:00:46 +03:00
if ( ! pdb_is_responsible_for_everything_else ( ) ) {
default_idmap_domain = idmap_init_named_domain ( NULL , " * " ) ;
if ( default_idmap_domain = = NULL ) {
return false ;
}
}
passdb_idmap_domain = idmap_init_domain (
NULL , get_global_sam_name ( ) , " passdb " , false ) ;
if ( passdb_idmap_domain = = NULL ) {
TALLOC_FREE ( default_idmap_domain ) ;
return false ;
}
idmap_domains = talloc_array ( NULL , struct idmap_domain * , 0 ) ;
if ( idmap_domains = = NULL ) {
TALLOC_FREE ( passdb_idmap_domain ) ;
TALLOC_FREE ( default_idmap_domain ) ;
return false ;
}
2016-02-22 19:03:43 +03:00
ok = lp_scan_idmap_domains ( idmap_found_domain_backend , NULL ) ;
if ( ! ok ) {
DBG_WARNING ( " lp_scan_idmap_domains failed \n " ) ;
2015-08-19 18:00:46 +03:00
return false ;
}
return true ;
}
2022-11-17 12:40:36 +03:00
static int idmap_config_name ( const char * domname , char * buf , size_t buflen )
{
int len = snprintf ( buf , buflen , " idmap config %s " , domname ) ;
SMB_ASSERT ( len > 0 ) ;
return len + 1 ;
}
2017-01-07 17:53:09 +03:00
const char * idmap_config_const_string ( const char * domname , const char * option ,
const char * def )
{
2022-11-17 12:40:36 +03:00
int len = idmap_config_name ( domname , NULL , 0 ) ;
char config_option [ len ] ;
idmap_config_name ( domname , config_option , sizeof ( config_option ) ) ;
2017-01-07 17:53:09 +03:00
2022-11-17 12:40:36 +03:00
return lp_parm_const_string ( - 1 , config_option , option , def ) ;
2017-01-07 17:53:09 +03:00
}
2017-01-07 18:10:05 +03:00
bool idmap_config_bool ( const char * domname , const char * option , bool def )
{
2022-11-17 12:40:36 +03:00
int len = idmap_config_name ( domname , NULL , 0 ) ;
char config_option [ len ] ;
idmap_config_name ( domname , config_option , sizeof ( config_option ) ) ;
2017-01-07 18:10:05 +03:00
2022-11-17 12:40:36 +03:00
return lp_parm_bool ( - 1 , config_option , option , def ) ;
2017-01-07 18:10:05 +03:00
}
2017-01-08 14:52:56 +03:00
int idmap_config_int ( const char * domname , const char * option , int def )
{
2022-11-17 12:40:36 +03:00
int len = idmap_config_name ( domname , NULL , 0 ) ;
char config_option [ len ] ;
idmap_config_name ( domname , config_option , sizeof ( config_option ) ) ;
2017-01-08 14:52:56 +03:00
2022-11-17 12:40:36 +03:00
return lp_parm_int ( - 1 , config_option , option , def ) ;
2017-01-08 14:52:56 +03:00
}
2022-11-17 12:43:22 +03:00
const char * * idmap_config_string_list ( const char * domname ,
const char * option ,
const char * * def )
{
int len = idmap_config_name ( domname , NULL , 0 ) ;
char config_option [ len ] ;
idmap_config_name ( domname , config_option , sizeof ( config_option ) ) ;
return lp_parm_string_list ( - 1 , config_option , option , def ) ;
}
2016-03-10 12:38:29 +03:00
bool domain_has_idmap_config ( const char * domname )
{
int i ;
2016-03-10 14:21:52 +03:00
const char * range = NULL ;
const char * backend = NULL ;
2016-03-22 13:24:23 +03:00
bool ok ;
2016-03-10 12:38:29 +03:00
2016-03-22 13:24:23 +03:00
ok = idmap_init ( ) ;
if ( ! ok ) {
return false ;
}
2016-03-10 12:38:29 +03:00
for ( i = 0 ; i < num_domains ; i + + ) {
if ( strequal ( idmap_domains [ i ] - > name , domname ) ) {
return true ;
}
}
2016-03-10 14:21:52 +03:00
/* fallback: also check loadparm */
2017-01-07 17:55:41 +03:00
range = idmap_config_const_string ( domname , " range " , NULL ) ;
backend = idmap_config_const_string ( domname , " backend " , NULL ) ;
2016-03-10 14:21:52 +03:00
if ( range ! = NULL & & backend ! = NULL ) {
DEBUG ( 5 , ( " idmap configuration specified for domain '%s' \n " ,
domname ) ) ;
return true ;
}
2016-03-10 12:38:29 +03:00
return false ;
}
2016-02-22 19:03:43 +03:00
static bool idmap_found_domain_backend ( const char * domname ,
void * private_data )
2015-08-19 18:00:46 +03:00
{
2016-02-22 19:03:43 +03:00
struct idmap_domain * dom , * * tmp ;
2015-08-19 18:00:46 +03:00
2016-02-22 19:03:43 +03:00
DBG_DEBUG ( " Found idmap domain \" %s \" \n " , domname ) ;
2015-08-19 18:00:46 +03:00
2016-02-22 19:03:43 +03:00
if ( strcmp ( domname , " * " ) = = 0 ) {
return false ;
}
2015-08-19 18:00:46 +03:00
2016-02-22 19:03:43 +03:00
dom = idmap_init_named_domain ( idmap_domains , domname ) ;
if ( dom = = NULL ) {
DBG_NOTICE ( " Could not init idmap domain %s \n " , domname ) ;
return false ;
}
2015-08-19 18:00:46 +03:00
2016-02-22 19:03:43 +03:00
tmp = talloc_realloc ( idmap_domains , idmap_domains ,
struct idmap_domain * , num_domains + 1 ) ;
if ( tmp = = NULL ) {
DBG_WARNING ( " talloc_realloc failed \n " ) ;
TALLOC_FREE ( dom ) ;
return false ;
2015-08-19 18:00:46 +03:00
}
2016-02-22 19:03:43 +03:00
idmap_domains = tmp ;
idmap_domains [ num_domains ] = dom ;
num_domains + = 1 ;
2015-08-19 18:00:46 +03:00
return false ;
2015-08-18 17:58:02 +03:00
}
2019-03-21 14:30:37 +03:00
static const struct idmap_methods * get_methods ( const char * name )
2006-12-12 17:52:13 +03:00
{
struct idmap_backend * b ;
2008-09-05 01:35:27 +04:00
for ( b = backends ; b ; b = b - > next ) {
2006-12-12 17:52:13 +03:00
if ( strequal ( b - > name , name ) ) {
return b - > methods ;
}
}
return NULL ;
}
2007-10-19 04:40:25 +04:00
bool idmap_is_offline ( void )
2007-04-19 01:10:37 +04:00
{
return ( lp_winbind_offline_logon ( ) & &
get_global_winbindd_state_offline ( ) ) ;
}
2006-12-12 17:52:13 +03:00
/**********************************************************************
Allow a module to register itself as a method .
* * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * */
2007-09-10 20:56:51 +04:00
NTSTATUS smb_register_idmap ( int version , const char * name ,
2019-03-21 14:30:37 +03:00
const struct idmap_methods * methods )
2006-12-12 17:52:13 +03:00
{
struct idmap_backend * entry ;
if ( ( version ! = SMB_IDMAP_INTERFACE_VERSION ) ) {
DEBUG ( 0 , ( " Failed to register idmap module. \n "
2007-09-10 20:56:51 +04:00
" The module was compiled against "
" SMB_IDMAP_INTERFACE_VERSION %d, \n "
2006-12-12 17:52:13 +03:00
" current SMB_IDMAP_INTERFACE_VERSION is %d. \n "
2007-09-10 20:56:51 +04:00
" Please recompile against the current version "
" of samba! \n " ,
2006-12-12 17:52:13 +03:00
version , SMB_IDMAP_INTERFACE_VERSION ) ) ;
return NT_STATUS_OBJECT_TYPE_MISMATCH ;
}
if ( ! name | | ! name [ 0 ] | | ! methods ) {
DEBUG ( 0 , ( " Called with NULL pointer or empty name! \n " ) ) ;
return NT_STATUS_INVALID_PARAMETER ;
}
2008-07-13 14:07:40 +04:00
for ( entry = backends ; entry ! = NULL ; entry = entry - > next ) {
if ( strequal ( entry - > name , name ) ) {
2012-07-23 16:34:11 +04:00
DEBUG ( 5 , ( " Idmap module %s already registered! \n " ,
2008-07-17 15:32:28 +04:00
name ) ) ;
2008-07-13 14:07:40 +04:00
return NT_STATUS_OBJECT_NAME_COLLISION ;
}
2006-12-12 17:52:13 +03:00
}
2008-07-13 14:07:40 +04:00
entry = talloc ( NULL , struct idmap_backend ) ;
2006-12-12 17:52:13 +03:00
if ( ! entry ) {
DEBUG ( 0 , ( " Out of memory! \n " ) ) ;
2008-07-13 05:13:44 +04:00
TALLOC_FREE ( entry ) ;
2006-12-12 17:52:13 +03:00
return NT_STATUS_NO_MEMORY ;
}
2008-07-13 14:07:40 +04:00
entry - > name = talloc_strdup ( entry , name ) ;
2006-12-12 17:52:13 +03:00
if ( ! entry - > name ) {
DEBUG ( 0 , ( " Out of memory! \n " ) ) ;
2008-07-13 05:13:44 +04:00
TALLOC_FREE ( entry ) ;
2006-12-12 17:52:13 +03:00
return NT_STATUS_NO_MEMORY ;
}
entry - > methods = methods ;
DLIST_ADD ( backends , entry ) ;
DEBUG ( 5 , ( " Successfully added idmap backend '%s' \n " , name ) ) ;
return NT_STATUS_OK ;
}
2008-07-17 15:32:28 +04:00
/**
* Initialize a domain structure
* @ param [ in ] mem_ctx memory context for the result
* @ param [ in ] domainname which domain is this for
* @ param [ in ] modulename which backend module
2010-06-22 18:29:13 +04:00
* @ param [ in ] check_range whether range checking should be done
2008-07-17 15:32:28 +04:00
* @ result The initialized structure
*/
2008-07-13 14:07:40 +04:00
static struct idmap_domain * idmap_init_domain ( TALLOC_CTX * mem_ctx ,
const char * domainname ,
const char * modulename ,
2010-06-22 18:29:13 +04:00
bool check_range )
2007-09-10 20:56:51 +04:00
{
2008-07-13 14:07:40 +04:00
struct idmap_domain * result ;
NTSTATUS status ;
2011-03-02 17:41:06 +03:00
const char * range ;
2015-03-04 12:22:48 +03:00
unsigned low_id = 0 ;
2015-03-04 12:28:20 +03:00
unsigned high_id = 0 ;
2006-12-12 17:52:13 +03:00
2008-07-13 14:07:40 +04:00
result = talloc_zero ( mem_ctx , struct idmap_domain ) ;
if ( result = = NULL ) {
DEBUG ( 0 , ( " talloc failed \n " ) ) ;
return NULL ;
2007-05-07 01:04:30 +04:00
}
2007-09-10 20:56:51 +04:00
2008-07-13 14:07:40 +04:00
result - > name = talloc_strdup ( result , domainname ) ;
if ( result - > name = = NULL ) {
DEBUG ( 0 , ( " talloc failed \n " ) ) ;
goto fail ;
2007-05-07 01:04:30 +04:00
}
2006-12-12 17:52:13 +03:00
2014-07-20 13:53:32 +04:00
/*
* Check whether the requested backend module exists and
* load the methods .
*/
result - > methods = get_methods ( modulename ) ;
if ( result - > methods = = NULL ) {
DEBUG ( 3 , ( " idmap backend %s not found \n " , modulename ) ) ;
status = smb_probe_module ( " idmap " , modulename ) ;
if ( ! NT_STATUS_IS_OK ( status ) ) {
DEBUG ( 3 , ( " Could not probe idmap module %s \n " ,
modulename ) ) ;
goto fail ;
}
result - > methods = get_methods ( modulename ) ;
}
if ( result - > methods = = NULL ) {
DEBUG ( 1 , ( " idmap backend %s not found \n " , modulename ) ) ;
goto fail ;
}
2010-06-16 18:07:55 +04:00
/*
* load ranges and read only information from the config
*/
2017-03-18 20:53:58 +03:00
result - > read_only = idmap_config_bool ( result - > name , " read only " , false ) ;
2017-03-18 20:34:07 +03:00
range = idmap_config_const_string ( result - > name , " range " , NULL ) ;
2014-07-20 14:11:16 +04:00
2011-03-02 17:41:06 +03:00
if ( range = = NULL ) {
if ( check_range ) {
2014-07-20 13:49:37 +04:00
DEBUG ( 1 , ( " idmap range not specified for domain %s \n " ,
result - > name ) ) ;
2010-06-16 18:07:55 +04:00
goto fail ;
}
2015-01-22 15:08:52 +03:00
} else if ( sscanf ( range , " %u - %u " , & low_id , & high_id ) ! = 2 )
2011-03-02 17:41:06 +03:00
{
DEBUG ( 1 , ( " invalid range '%s' specified for domain "
" '%s' \n " , range , result - > name ) ) ;
if ( check_range ) {
goto fail ;
2010-06-16 18:07:55 +04:00
}
2015-01-22 15:08:52 +03:00
} else if ( low_id > high_id ) {
DEBUG ( 1 , ( " Error: invalid idmap range detected: %u - %u \n " ,
low_id , high_id ) ) ;
2010-06-22 18:29:13 +04:00
if ( check_range ) {
goto fail ;
}
2010-06-16 18:07:55 +04:00
}
2015-01-22 15:08:52 +03:00
result - > low_id = low_id ;
result - > high_id = high_id ;
2011-03-03 01:00:58 +03:00
status = result - > methods - > init ( result ) ;
2008-07-13 14:07:40 +04:00
if ( ! NT_STATUS_IS_OK ( status ) ) {
DEBUG ( 1 , ( " idmap initialization returned %s \n " ,
nt_errstr ( status ) ) ) ;
goto fail ;
}
2006-12-12 17:52:13 +03:00
2008-07-13 14:07:40 +04:00
return result ;
2006-12-12 17:52:13 +03:00
2008-07-13 14:07:40 +04:00
fail :
TALLOC_FREE ( result ) ;
return NULL ;
}
2006-12-12 17:52:13 +03:00
2008-07-17 15:32:28 +04:00
/**
* Initialize a named domain structure
* @ param [ in ] mem_ctx memory context for the result
* @ param [ in ] domname the domain name
* @ result The default domain structure
*
* This routine looks at the " idmap config <domname> " parameters to figure out
* the configuration .
*/
2008-07-13 14:07:40 +04:00
static struct idmap_domain * idmap_init_named_domain ( TALLOC_CTX * mem_ctx ,
const char * domname )
{
struct idmap_domain * result = NULL ;
const char * backend ;
2015-08-19 18:00:46 +03:00
bool ok ;
2008-04-02 02:25:47 +04:00
2015-08-19 18:00:46 +03:00
ok = idmap_init ( ) ;
if ( ! ok ) {
return NULL ;
}
2011-03-11 01:41:17 +03:00
2017-01-07 17:55:41 +03:00
backend = idmap_config_const_string ( domname , " backend " , NULL ) ;
2008-07-13 14:07:40 +04:00
if ( backend = = NULL ) {
2013-03-04 15:52:26 +04:00
DEBUG ( 10 , ( " no idmap backend configured for domain '%s' \n " ,
domname ) ) ;
2008-07-13 14:07:40 +04:00
goto fail ;
2008-04-02 02:25:47 +04:00
}
2011-03-03 19:40:36 +03:00
result = idmap_init_domain ( mem_ctx , domname , backend , true ) ;
2008-07-13 14:07:40 +04:00
if ( result = = NULL ) {
goto fail ;
}
2006-12-12 17:52:13 +03:00
2008-07-13 14:07:40 +04:00
return result ;
2006-12-12 17:52:13 +03:00
2008-07-13 14:07:40 +04:00
fail :
TALLOC_FREE ( result ) ;
return NULL ;
}
2006-12-12 17:52:13 +03:00
2008-07-17 15:32:28 +04:00
/**
* Find a domain struct according to a domain name
* @ param [ in ] domname Domain name to get the config for
* @ result The default domain structure that fits
*
* This is the central routine in the winbindd - idmap child to pick the correct
* domain for looking up IDs . If domname is NULL or empty , we use the default
* domain . If it contains something , we try to use idmap_init_named_domain ( )
* to fetch the correct backend .
*
* The choice about " domname " is being made by the winbind parent , look at the
* " have_idmap_config " of " struct winbindd_domain " which is set in
* add_trusted_domain .
*/
2016-12-29 12:54:56 +03:00
struct idmap_domain * idmap_find_domain ( const char * domname )
2008-07-13 14:07:40 +04:00
{
2015-08-19 18:00:46 +03:00
bool ok ;
2008-07-13 14:07:40 +04:00
int i ;
2006-12-12 17:52:13 +03:00
2008-11-28 12:08:46 +03:00
DEBUG ( 10 , ( " idmap_find_domain called for domain '%s' \n " ,
domname ? domname : " NULL " ) ) ;
2015-08-19 18:00:46 +03:00
ok = idmap_init ( ) ;
if ( ! ok ) {
2008-07-13 14:07:40 +04:00
return NULL ;
}
2007-04-19 01:10:37 +04:00
2008-07-13 14:07:40 +04:00
if ( ( domname = = NULL ) | | ( domname [ 0 ] = = ' \0 ' ) ) {
return default_idmap_domain ;
}
2006-12-12 17:52:13 +03:00
2008-07-13 14:07:40 +04:00
for ( i = 0 ; i < num_domains ; i + + ) {
if ( strequal ( idmap_domains [ i ] - > name , domname ) ) {
return idmap_domains [ i ] ;
2006-12-12 17:52:13 +03:00
}
2008-07-13 14:07:40 +04:00
}
2006-12-12 17:52:13 +03:00
2015-08-19 18:00:46 +03:00
return default_idmap_domain ;
2008-07-13 14:07:40 +04:00
}
2006-12-12 17:52:13 +03:00
2012-11-22 21:16:31 +04:00
struct idmap_domain * idmap_find_domain_with_sid ( const char * domname ,
const struct dom_sid * sid )
{
2015-08-19 18:00:46 +03:00
bool ok ;
ok = idmap_init ( ) ;
if ( ! ok ) {
return NULL ;
}
2012-11-22 21:16:31 +04:00
2012-11-30 19:27:59 +04:00
if ( sid_check_is_for_passdb ( sid ) ) {
2015-08-19 18:00:46 +03:00
return passdb_idmap_domain ;
2012-11-22 21:16:31 +04:00
}
return idmap_find_domain ( domname ) ;
}
2008-07-13 14:07:40 +04:00
void idmap_close ( void )
{
TALLOC_FREE ( default_idmap_domain ) ;
TALLOC_FREE ( passdb_idmap_domain ) ;
TALLOC_FREE ( idmap_domains ) ;
num_domains = 0 ;
}
2006-12-12 17:52:13 +03:00
/**************************************************************************
idmap allocator interface functions
* * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * */
2010-05-30 23:40:44 +04:00
static NTSTATUS idmap_allocate_unixid ( struct unixid * id )
2006-12-12 17:52:13 +03:00
{
2010-07-30 01:20:21 +04:00
struct idmap_domain * dom ;
2006-12-12 17:52:13 +03:00
NTSTATUS ret ;
2010-07-30 01:20:21 +04:00
dom = idmap_find_domain ( NULL ) ;
if ( dom = = NULL ) {
return NT_STATUS_UNSUCCESSFUL ;
}
if ( dom - > methods - > allocate_id = = NULL ) {
return NT_STATUS_NOT_IMPLEMENTED ;
2006-12-12 17:52:13 +03:00
}
2010-07-30 01:20:21 +04:00
ret = dom - > methods - > allocate_id ( dom , id ) ;
return ret ;
2006-12-12 17:52:13 +03:00
}
2010-05-30 23:40:44 +04:00
NTSTATUS idmap_allocate_uid ( struct unixid * id )
{
id - > type = ID_TYPE_UID ;
return idmap_allocate_unixid ( id ) ;
}
2006-12-12 17:52:13 +03:00
2010-05-30 23:40:44 +04:00
NTSTATUS idmap_allocate_gid ( struct unixid * id )
{
2006-12-12 17:52:13 +03:00
id - > type = ID_TYPE_GID ;
2010-05-30 23:40:44 +04:00
return idmap_allocate_unixid ( id ) ;
2006-12-12 17:52:13 +03:00
}
2016-03-04 17:03:08 +03:00
NTSTATUS idmap_backend_unixids_to_sids ( struct id_map * * maps ,
2017-09-25 16:39:39 +03:00
const char * domain_name ,
struct dom_sid domain_sid )
2016-03-04 17:03:08 +03:00
{
struct idmap_domain * dom = NULL ;
NTSTATUS status ;
bool ok ;
ok = idmap_init ( ) ;
if ( ! ok ) {
return NT_STATUS_NONE_MAPPED ;
}
if ( strequal ( domain_name , get_global_sam_name ( ) ) ) {
dom = passdb_idmap_domain ;
}
if ( dom = = NULL ) {
dom = idmap_find_domain ( domain_name ) ;
}
if ( dom = = NULL ) {
return NT_STATUS_NONE_MAPPED ;
}
2017-09-25 16:39:39 +03:00
dom - > dom_sid = domain_sid ;
2016-03-04 17:03:08 +03:00
status = dom - > methods - > unixids_to_sids ( dom , maps ) ;
DBG_DEBUG ( " unixid_to_sids for domain %s returned %s \n " ,
domain_name , nt_errstr ( status ) ) ;
return status ;
}