2007-09-10 16:56:51 +00:00
/*
2006-12-12 14:52:13 +00:00
Unix SMB / CIFS implementation .
ID Mapping
Copyright ( C ) Tim Potter 2000
Copyright ( C ) Jim McDonough < jmcd @ us . ibm . com > 2003
2007-09-10 16:56:51 +00:00
Copyright ( C ) Simo Sorce 2003 - 2007
2006-12-12 14:52:13 +00:00
Copyright ( C ) Jeremy Allison 2006
2011-01-02 22:04:53 +01:00
Copyright ( C ) Michael Adam 2010
2006-12-12 14:52:13 +00:00
This program is free software ; you can redistribute it and / or modify
it under the terms of the GNU General Public License as published by
2007-07-09 19:25:36 +00:00
the Free Software Foundation ; either version 3 of the License , or
2006-12-12 14:52:13 +00:00
( at your option ) any later version .
This program is distributed in the hope that it will be useful ,
but WITHOUT ANY WARRANTY ; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE . See the
GNU General Public License for more details .
You should have received a copy of the GNU General Public License
2007-07-10 00:52:41 +00:00
along with this program . If not , see < http : //www.gnu.org/licenses/>.
2007-01-22 16:54:02 +00:00
*/
2006-12-12 14:52:13 +00:00
# include "includes.h"
# include "winbindd.h"
2010-08-18 18:13:42 +02:00
# include "idmap.h"
2012-11-30 16:27:59 +01:00
# include "lib/util_sid_passdb.h"
2016-03-04 15:03:08 +01:00
# include "libcli/security/dom_sid.h"
2014-03-28 15:37:19 +13:00
# include "passdb.h"
2006-12-12 14:52:13 +00:00
# undef DBGC_CLASS
# define DBGC_CLASS DBGC_IDMAP
static_decl_idmap ;
2008-07-17 13:32:28 +02:00
/**
* Pointer to the backend methods . Modules register themselves here via
* smb_register_idmap .
*/
2006-12-12 14:52:13 +00:00
struct idmap_backend {
const char * name ;
2019-03-21 12:30:37 +01:00
const struct idmap_methods * methods ;
2006-12-12 14:52:13 +00:00
struct idmap_backend * prev , * next ;
} ;
2008-07-17 13:32:28 +02:00
static struct idmap_backend * backends = NULL ;
2006-12-12 14:52:13 +00:00
2008-07-17 13:32:28 +02:00
/**
* Default idmap domain configured via " idmap backend " .
2008-07-13 12:07:40 +02:00
*/
static struct idmap_domain * default_idmap_domain ;
2008-07-17 13:32:28 +02:00
/**
* Passdb idmap domain , not configurable . winbind must always give passdb a
* chance to map ids .
*/
2008-07-13 12:07:40 +02:00
static struct idmap_domain * passdb_idmap_domain ;
2008-07-17 13:32:28 +02:00
/**
* List of specially configured idmap domains . This list is filled on demand
* in the winbind idmap child when the parent winbind figures out via the
* special range parameter or via the domain SID that a special " idmap config
* domain " configuration is present.
*/
2006-12-12 14:52:13 +00:00
static struct idmap_domain * * idmap_domains = NULL ;
static int num_domains = 0 ;
2015-08-19 17:00:46 +02:00
static struct idmap_domain * idmap_init_named_domain ( TALLOC_CTX * mem_ctx ,
const char * domname ) ;
static struct idmap_domain * idmap_init_domain ( TALLOC_CTX * mem_ctx ,
const char * domainname ,
const char * modulename ,
bool check_range ) ;
2016-02-22 17:03:43 +01:00
struct lp_scan_idmap_domains_state {
bool ( * fn ) ( const char * domname , void * private_data ) ;
void * private_data ;
} ;
static bool lp_scan_idmap_found_domain (
2015-08-19 17:00:46 +02:00
const char * string , regmatch_t matches [ ] , void * private_data ) ;
2016-02-22 17:03:43 +01:00
bool lp_scan_idmap_domains ( bool ( * fn ) ( const char * domname ,
void * private_data ) ,
void * private_data )
{
struct lp_scan_idmap_domains_state state = {
. fn = fn , . private_data = private_data } ;
int ret ;
ret = lp_wi_scan_global_parametrics (
" idmapconfig \\ (.* \\ ):backend " , 2 ,
lp_scan_idmap_found_domain , & state ) ;
if ( ret ! = 0 ) {
DBG_WARNING ( " wi_scan_global_parametrics returned %d \n " , ret ) ;
return false ;
}
return true ;
}
static bool lp_scan_idmap_found_domain (
const char * string , regmatch_t matches [ ] , void * private_data )
{
bool ok ;
if ( matches [ 1 ] . rm_so = = - 1 ) {
DBG_WARNING ( " Found match, but no name?? \n " ) ;
return false ;
}
if ( matches [ 1 ] . rm_eo < = matches [ 1 ] . rm_so ) {
DBG_WARNING ( " Invalid match \n " ) ;
return false ;
}
{
struct lp_scan_idmap_domains_state * state = private_data ;
regoff_t len = matches [ 1 ] . rm_eo - matches [ 1 ] . rm_so ;
char domname [ len + 1 ] ;
memcpy ( domname , string + matches [ 1 ] . rm_so , len ) ;
domname [ len ] = ' \0 ' ;
DBG_DEBUG ( " Found idmap domain \" %s \" \n " , domname ) ;
ok = state - > fn ( domname , state - > private_data ) ;
}
return ok ;
}
static bool idmap_found_domain_backend ( const char * domname ,
void * private_data ) ;
2015-08-19 17:00:46 +02:00
static bool idmap_init ( void )
2015-08-18 16:58:02 +02:00
{
static bool initialized ;
2016-02-22 17:03:43 +01:00
bool ok ;
2015-08-18 16:58:02 +02:00
if ( initialized ) {
2015-08-19 17:00:46 +02:00
return true ;
2015-08-18 16:58:02 +02:00
}
DEBUG ( 10 , ( " idmap_init(): calling static_init_idmap \n " ) ) ;
2017-04-20 12:24:43 -07:00
static_init_idmap ( NULL ) ;
2015-08-18 16:58:02 +02:00
initialized = true ;
2015-08-19 17:00:46 +02:00
if ( ! pdb_is_responsible_for_everything_else ( ) ) {
default_idmap_domain = idmap_init_named_domain ( NULL , " * " ) ;
if ( default_idmap_domain = = NULL ) {
return false ;
}
}
passdb_idmap_domain = idmap_init_domain (
NULL , get_global_sam_name ( ) , " passdb " , false ) ;
if ( passdb_idmap_domain = = NULL ) {
TALLOC_FREE ( default_idmap_domain ) ;
return false ;
}
idmap_domains = talloc_array ( NULL , struct idmap_domain * , 0 ) ;
if ( idmap_domains = = NULL ) {
TALLOC_FREE ( passdb_idmap_domain ) ;
TALLOC_FREE ( default_idmap_domain ) ;
return false ;
}
2016-02-22 17:03:43 +01:00
ok = lp_scan_idmap_domains ( idmap_found_domain_backend , NULL ) ;
if ( ! ok ) {
DBG_WARNING ( " lp_scan_idmap_domains failed \n " ) ;
2015-08-19 17:00:46 +02:00
return false ;
}
return true ;
}
2022-11-17 10:40:36 +01:00
static int idmap_config_name ( const char * domname , char * buf , size_t buflen )
{
int len = snprintf ( buf , buflen , " idmap config %s " , domname ) ;
SMB_ASSERT ( len > 0 ) ;
return len + 1 ;
}
2017-01-07 14:53:09 +00:00
const char * idmap_config_const_string ( const char * domname , const char * option ,
const char * def )
{
2022-11-17 10:40:36 +01:00
int len = idmap_config_name ( domname , NULL , 0 ) ;
char config_option [ len ] ;
idmap_config_name ( domname , config_option , sizeof ( config_option ) ) ;
2017-01-07 14:53:09 +00:00
2022-11-17 10:40:36 +01:00
return lp_parm_const_string ( - 1 , config_option , option , def ) ;
2017-01-07 14:53:09 +00:00
}
2017-01-07 15:10:05 +00:00
bool idmap_config_bool ( const char * domname , const char * option , bool def )
{
2022-11-17 10:40:36 +01:00
int len = idmap_config_name ( domname , NULL , 0 ) ;
char config_option [ len ] ;
idmap_config_name ( domname , config_option , sizeof ( config_option ) ) ;
2017-01-07 15:10:05 +00:00
2022-11-17 10:40:36 +01:00
return lp_parm_bool ( - 1 , config_option , option , def ) ;
2017-01-07 15:10:05 +00:00
}
2017-01-08 11:52:56 +00:00
int idmap_config_int ( const char * domname , const char * option , int def )
{
2022-11-17 10:40:36 +01:00
int len = idmap_config_name ( domname , NULL , 0 ) ;
char config_option [ len ] ;
idmap_config_name ( domname , config_option , sizeof ( config_option ) ) ;
2017-01-08 11:52:56 +00:00
2022-11-17 10:40:36 +01:00
return lp_parm_int ( - 1 , config_option , option , def ) ;
2017-01-08 11:52:56 +00:00
}
2022-11-17 10:43:22 +01:00
const char * * idmap_config_string_list ( const char * domname ,
const char * option ,
const char * * def )
{
int len = idmap_config_name ( domname , NULL , 0 ) ;
char config_option [ len ] ;
idmap_config_name ( domname , config_option , sizeof ( config_option ) ) ;
return lp_parm_string_list ( - 1 , config_option , option , def ) ;
}
2016-03-10 10:38:29 +01:00
bool domain_has_idmap_config ( const char * domname )
{
int i ;
2016-03-10 12:21:52 +01:00
const char * range = NULL ;
const char * backend = NULL ;
2016-03-22 11:24:23 +01:00
bool ok ;
2016-03-10 10:38:29 +01:00
2016-03-22 11:24:23 +01:00
ok = idmap_init ( ) ;
if ( ! ok ) {
return false ;
}
2016-03-10 10:38:29 +01:00
for ( i = 0 ; i < num_domains ; i + + ) {
if ( strequal ( idmap_domains [ i ] - > name , domname ) ) {
return true ;
}
}
2016-03-10 12:21:52 +01:00
/* fallback: also check loadparm */
2017-01-07 14:55:41 +00:00
range = idmap_config_const_string ( domname , " range " , NULL ) ;
backend = idmap_config_const_string ( domname , " backend " , NULL ) ;
2016-03-10 12:21:52 +01:00
if ( range ! = NULL & & backend ! = NULL ) {
DEBUG ( 5 , ( " idmap configuration specified for domain '%s' \n " ,
domname ) ) ;
return true ;
}
2016-03-10 10:38:29 +01:00
return false ;
}
2016-02-22 17:03:43 +01:00
static bool idmap_found_domain_backend ( const char * domname ,
void * private_data )
2015-08-19 17:00:46 +02:00
{
2016-02-22 17:03:43 +01:00
struct idmap_domain * dom , * * tmp ;
2015-08-19 17:00:46 +02:00
2016-02-22 17:03:43 +01:00
DBG_DEBUG ( " Found idmap domain \" %s \" \n " , domname ) ;
2015-08-19 17:00:46 +02:00
2016-02-22 17:03:43 +01:00
if ( strcmp ( domname , " * " ) = = 0 ) {
return false ;
}
2015-08-19 17:00:46 +02:00
2016-02-22 17:03:43 +01:00
dom = idmap_init_named_domain ( idmap_domains , domname ) ;
if ( dom = = NULL ) {
DBG_NOTICE ( " Could not init idmap domain %s \n " , domname ) ;
return false ;
}
2015-08-19 17:00:46 +02:00
2016-02-22 17:03:43 +01:00
tmp = talloc_realloc ( idmap_domains , idmap_domains ,
struct idmap_domain * , num_domains + 1 ) ;
if ( tmp = = NULL ) {
DBG_WARNING ( " talloc_realloc failed \n " ) ;
TALLOC_FREE ( dom ) ;
return false ;
2015-08-19 17:00:46 +02:00
}
2016-02-22 17:03:43 +01:00
idmap_domains = tmp ;
idmap_domains [ num_domains ] = dom ;
num_domains + = 1 ;
2015-08-19 17:00:46 +02:00
return false ;
2015-08-18 16:58:02 +02:00
}
2019-03-21 12:30:37 +01:00
static const struct idmap_methods * get_methods ( const char * name )
2006-12-12 14:52:13 +00:00
{
struct idmap_backend * b ;
2008-09-04 14:35:27 -07:00
for ( b = backends ; b ; b = b - > next ) {
2006-12-12 14:52:13 +00:00
if ( strequal ( b - > name , name ) ) {
return b - > methods ;
}
}
return NULL ;
}
2007-10-18 17:40:25 -07:00
bool idmap_is_offline ( void )
2007-04-18 21:10:37 +00:00
{
return ( lp_winbind_offline_logon ( ) & &
get_global_winbindd_state_offline ( ) ) ;
}
2006-12-12 14:52:13 +00:00
/**********************************************************************
Allow a module to register itself as a method .
* * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * */
2007-09-10 16:56:51 +00:00
NTSTATUS smb_register_idmap ( int version , const char * name ,
2019-03-21 12:30:37 +01:00
const struct idmap_methods * methods )
2006-12-12 14:52:13 +00:00
{
struct idmap_backend * entry ;
if ( ( version ! = SMB_IDMAP_INTERFACE_VERSION ) ) {
DEBUG ( 0 , ( " Failed to register idmap module. \n "
2007-09-10 16:56:51 +00:00
" The module was compiled against "
" SMB_IDMAP_INTERFACE_VERSION %d, \n "
2006-12-12 14:52:13 +00:00
" current SMB_IDMAP_INTERFACE_VERSION is %d. \n "
2007-09-10 16:56:51 +00:00
" Please recompile against the current version "
" of samba! \n " ,
2006-12-12 14:52:13 +00:00
version , SMB_IDMAP_INTERFACE_VERSION ) ) ;
return NT_STATUS_OBJECT_TYPE_MISMATCH ;
}
if ( ! name | | ! name [ 0 ] | | ! methods ) {
DEBUG ( 0 , ( " Called with NULL pointer or empty name! \n " ) ) ;
return NT_STATUS_INVALID_PARAMETER ;
}
2008-07-13 12:07:40 +02:00
for ( entry = backends ; entry ! = NULL ; entry = entry - > next ) {
if ( strequal ( entry - > name , name ) ) {
2012-07-23 14:34:11 +02:00
DEBUG ( 5 , ( " Idmap module %s already registered! \n " ,
2008-07-17 13:32:28 +02:00
name ) ) ;
2008-07-13 12:07:40 +02:00
return NT_STATUS_OBJECT_NAME_COLLISION ;
}
2006-12-12 14:52:13 +00:00
}
2008-07-13 12:07:40 +02:00
entry = talloc ( NULL , struct idmap_backend ) ;
2006-12-12 14:52:13 +00:00
if ( ! entry ) {
DEBUG ( 0 , ( " Out of memory! \n " ) ) ;
2008-07-12 21:13:44 -04:00
TALLOC_FREE ( entry ) ;
2006-12-12 14:52:13 +00:00
return NT_STATUS_NO_MEMORY ;
}
2008-07-13 12:07:40 +02:00
entry - > name = talloc_strdup ( entry , name ) ;
2006-12-12 14:52:13 +00:00
if ( ! entry - > name ) {
DEBUG ( 0 , ( " Out of memory! \n " ) ) ;
2008-07-12 21:13:44 -04:00
TALLOC_FREE ( entry ) ;
2006-12-12 14:52:13 +00:00
return NT_STATUS_NO_MEMORY ;
}
entry - > methods = methods ;
DLIST_ADD ( backends , entry ) ;
DEBUG ( 5 , ( " Successfully added idmap backend '%s' \n " , name ) ) ;
return NT_STATUS_OK ;
}
2008-07-17 13:32:28 +02:00
/**
* Initialize a domain structure
* @ param [ in ] mem_ctx memory context for the result
* @ param [ in ] domainname which domain is this for
* @ param [ in ] modulename which backend module
2010-06-22 16:29:13 +02:00
* @ param [ in ] check_range whether range checking should be done
2008-07-17 13:32:28 +02:00
* @ result The initialized structure
*/
2008-07-13 12:07:40 +02:00
static struct idmap_domain * idmap_init_domain ( TALLOC_CTX * mem_ctx ,
const char * domainname ,
const char * modulename ,
2010-06-22 16:29:13 +02:00
bool check_range )
2007-09-10 16:56:51 +00:00
{
2008-07-13 12:07:40 +02:00
struct idmap_domain * result ;
NTSTATUS status ;
2011-03-02 15:41:06 +01:00
const char * range ;
2015-03-04 10:22:48 +01:00
unsigned low_id = 0 ;
2015-03-04 10:28:20 +01:00
unsigned high_id = 0 ;
2006-12-12 14:52:13 +00:00
2008-07-13 12:07:40 +02:00
result = talloc_zero ( mem_ctx , struct idmap_domain ) ;
if ( result = = NULL ) {
DEBUG ( 0 , ( " talloc failed \n " ) ) ;
return NULL ;
2007-05-06 21:04:30 +00:00
}
2007-09-10 16:56:51 +00:00
2008-07-13 12:07:40 +02:00
result - > name = talloc_strdup ( result , domainname ) ;
if ( result - > name = = NULL ) {
DEBUG ( 0 , ( " talloc failed \n " ) ) ;
goto fail ;
2007-05-06 21:04:30 +00:00
}
2006-12-12 14:52:13 +00:00
2014-07-20 11:53:32 +02:00
/*
* Check whether the requested backend module exists and
* load the methods .
*/
result - > methods = get_methods ( modulename ) ;
if ( result - > methods = = NULL ) {
DEBUG ( 3 , ( " idmap backend %s not found \n " , modulename ) ) ;
status = smb_probe_module ( " idmap " , modulename ) ;
if ( ! NT_STATUS_IS_OK ( status ) ) {
DEBUG ( 3 , ( " Could not probe idmap module %s \n " ,
modulename ) ) ;
goto fail ;
}
result - > methods = get_methods ( modulename ) ;
}
if ( result - > methods = = NULL ) {
DEBUG ( 1 , ( " idmap backend %s not found \n " , modulename ) ) ;
goto fail ;
}
2010-06-16 16:07:55 +02:00
/*
* load ranges and read only information from the config
*/
2017-03-18 18:53:58 +01:00
result - > read_only = idmap_config_bool ( result - > name , " read only " , false ) ;
2017-03-18 18:34:07 +01:00
range = idmap_config_const_string ( result - > name , " range " , NULL ) ;
2014-07-20 12:11:16 +02:00
2011-03-02 15:41:06 +01:00
if ( range = = NULL ) {
if ( check_range ) {
2014-07-20 11:49:37 +02:00
DEBUG ( 1 , ( " idmap range not specified for domain %s \n " ,
result - > name ) ) ;
2010-06-16 16:07:55 +02:00
goto fail ;
}
2015-01-22 12:08:52 +00:00
} else if ( sscanf ( range , " %u - %u " , & low_id , & high_id ) ! = 2 )
2011-03-02 15:41:06 +01:00
{
DEBUG ( 1 , ( " invalid range '%s' specified for domain "
" '%s' \n " , range , result - > name ) ) ;
if ( check_range ) {
goto fail ;
2010-06-16 16:07:55 +02:00
}
2015-01-22 12:08:52 +00:00
} else if ( low_id > high_id ) {
DEBUG ( 1 , ( " Error: invalid idmap range detected: %u - %u \n " ,
low_id , high_id ) ) ;
2010-06-22 16:29:13 +02:00
if ( check_range ) {
goto fail ;
}
2010-06-16 16:07:55 +02:00
}
2015-01-22 12:08:52 +00:00
result - > low_id = low_id ;
result - > high_id = high_id ;
2011-03-02 23:00:58 +01:00
status = result - > methods - > init ( result ) ;
2008-07-13 12:07:40 +02:00
if ( ! NT_STATUS_IS_OK ( status ) ) {
DEBUG ( 1 , ( " idmap initialization returned %s \n " ,
nt_errstr ( status ) ) ) ;
goto fail ;
}
2006-12-12 14:52:13 +00:00
2008-07-13 12:07:40 +02:00
return result ;
2006-12-12 14:52:13 +00:00
2008-07-13 12:07:40 +02:00
fail :
TALLOC_FREE ( result ) ;
return NULL ;
}
2006-12-12 14:52:13 +00:00
2008-07-17 13:32:28 +02:00
/**
* Initialize a named domain structure
* @ param [ in ] mem_ctx memory context for the result
* @ param [ in ] domname the domain name
* @ result The default domain structure
*
* This routine looks at the " idmap config <domname> " parameters to figure out
* the configuration .
*/
2008-07-13 12:07:40 +02:00
static struct idmap_domain * idmap_init_named_domain ( TALLOC_CTX * mem_ctx ,
const char * domname )
{
struct idmap_domain * result = NULL ;
const char * backend ;
2015-08-19 17:00:46 +02:00
bool ok ;
2008-04-01 18:25:47 -04:00
2015-08-19 17:00:46 +02:00
ok = idmap_init ( ) ;
if ( ! ok ) {
return NULL ;
}
2011-03-10 23:41:17 +01:00
2017-01-07 14:55:41 +00:00
backend = idmap_config_const_string ( domname , " backend " , NULL ) ;
2008-07-13 12:07:40 +02:00
if ( backend = = NULL ) {
2013-03-04 12:52:26 +01:00
DEBUG ( 10 , ( " no idmap backend configured for domain '%s' \n " ,
domname ) ) ;
2008-07-13 12:07:40 +02:00
goto fail ;
2008-04-01 18:25:47 -04:00
}
2011-03-03 17:40:36 +01:00
result = idmap_init_domain ( mem_ctx , domname , backend , true ) ;
2008-07-13 12:07:40 +02:00
if ( result = = NULL ) {
goto fail ;
}
2006-12-12 14:52:13 +00:00
2008-07-13 12:07:40 +02:00
return result ;
2006-12-12 14:52:13 +00:00
2008-07-13 12:07:40 +02:00
fail :
TALLOC_FREE ( result ) ;
return NULL ;
}
2006-12-12 14:52:13 +00:00
2008-07-17 13:32:28 +02:00
/**
* Find a domain struct according to a domain name
* @ param [ in ] domname Domain name to get the config for
* @ result The default domain structure that fits
*
* This is the central routine in the winbindd - idmap child to pick the correct
* domain for looking up IDs . If domname is NULL or empty , we use the default
* domain . If it contains something , we try to use idmap_init_named_domain ( )
* to fetch the correct backend .
*
* The choice about " domname " is being made by the winbind parent , look at the
* " have_idmap_config " of " struct winbindd_domain " which is set in
* add_trusted_domain .
*/
2016-12-29 09:54:56 +00:00
struct idmap_domain * idmap_find_domain ( const char * domname )
2008-07-13 12:07:40 +02:00
{
2015-08-19 17:00:46 +02:00
bool ok ;
2008-07-13 12:07:40 +02:00
int i ;
2006-12-12 14:52:13 +00:00
2008-11-28 10:08:46 +01:00
DEBUG ( 10 , ( " idmap_find_domain called for domain '%s' \n " ,
domname ? domname : " NULL " ) ) ;
2015-08-19 17:00:46 +02:00
ok = idmap_init ( ) ;
if ( ! ok ) {
2008-07-13 12:07:40 +02:00
return NULL ;
}
2007-04-18 21:10:37 +00:00
2008-07-13 12:07:40 +02:00
if ( ( domname = = NULL ) | | ( domname [ 0 ] = = ' \0 ' ) ) {
return default_idmap_domain ;
}
2006-12-12 14:52:13 +00:00
2008-07-13 12:07:40 +02:00
for ( i = 0 ; i < num_domains ; i + + ) {
if ( strequal ( idmap_domains [ i ] - > name , domname ) ) {
return idmap_domains [ i ] ;
2006-12-12 14:52:13 +00:00
}
2008-07-13 12:07:40 +02:00
}
2006-12-12 14:52:13 +00:00
2015-08-19 17:00:46 +02:00
return default_idmap_domain ;
2008-07-13 12:07:40 +02:00
}
2006-12-12 14:52:13 +00:00
2012-11-22 18:16:31 +01:00
struct idmap_domain * idmap_find_domain_with_sid ( const char * domname ,
const struct dom_sid * sid )
{
2015-08-19 17:00:46 +02:00
bool ok ;
ok = idmap_init ( ) ;
if ( ! ok ) {
return NULL ;
}
2012-11-22 18:16:31 +01:00
2012-11-30 16:27:59 +01:00
if ( sid_check_is_for_passdb ( sid ) ) {
2015-08-19 17:00:46 +02:00
return passdb_idmap_domain ;
2012-11-22 18:16:31 +01:00
}
return idmap_find_domain ( domname ) ;
}
2008-07-13 12:07:40 +02:00
void idmap_close ( void )
{
TALLOC_FREE ( default_idmap_domain ) ;
TALLOC_FREE ( passdb_idmap_domain ) ;
TALLOC_FREE ( idmap_domains ) ;
num_domains = 0 ;
}
2006-12-12 14:52:13 +00:00
/**************************************************************************
idmap allocator interface functions
* * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * */
2010-05-30 21:40:44 +02:00
static NTSTATUS idmap_allocate_unixid ( struct unixid * id )
2006-12-12 14:52:13 +00:00
{
2010-07-29 23:20:21 +02:00
struct idmap_domain * dom ;
2006-12-12 14:52:13 +00:00
NTSTATUS ret ;
2010-07-29 23:20:21 +02:00
dom = idmap_find_domain ( NULL ) ;
if ( dom = = NULL ) {
return NT_STATUS_UNSUCCESSFUL ;
}
if ( dom - > methods - > allocate_id = = NULL ) {
return NT_STATUS_NOT_IMPLEMENTED ;
2006-12-12 14:52:13 +00:00
}
2010-07-29 23:20:21 +02:00
ret = dom - > methods - > allocate_id ( dom , id ) ;
return ret ;
2006-12-12 14:52:13 +00:00
}
2010-05-30 21:40:44 +02:00
NTSTATUS idmap_allocate_uid ( struct unixid * id )
{
id - > type = ID_TYPE_UID ;
return idmap_allocate_unixid ( id ) ;
}
2006-12-12 14:52:13 +00:00
2010-05-30 21:40:44 +02:00
NTSTATUS idmap_allocate_gid ( struct unixid * id )
{
2006-12-12 14:52:13 +00:00
id - > type = ID_TYPE_GID ;
2010-05-30 21:40:44 +02:00
return idmap_allocate_unixid ( id ) ;
2006-12-12 14:52:13 +00:00
}
2016-03-04 15:03:08 +01:00
NTSTATUS idmap_backend_unixids_to_sids ( struct id_map * * maps ,
2017-09-25 15:39:39 +02:00
const char * domain_name ,
struct dom_sid domain_sid )
2016-03-04 15:03:08 +01:00
{
struct idmap_domain * dom = NULL ;
NTSTATUS status ;
bool ok ;
ok = idmap_init ( ) ;
if ( ! ok ) {
return NT_STATUS_NONE_MAPPED ;
}
if ( strequal ( domain_name , get_global_sam_name ( ) ) ) {
dom = passdb_idmap_domain ;
}
if ( dom = = NULL ) {
dom = idmap_find_domain ( domain_name ) ;
}
if ( dom = = NULL ) {
return NT_STATUS_NONE_MAPPED ;
}
2017-09-25 15:39:39 +02:00
dom - > dom_sid = domain_sid ;
2016-03-04 15:03:08 +01:00
status = dom - > methods - > unixids_to_sids ( dom , maps ) ;
DBG_DEBUG ( " unixid_to_sids for domain %s returned %s \n " ,
domain_name , nt_errstr ( status ) ) ;
return status ;
}